Budget: 1000 USD Deadline: 10 days
Hello!
I can join your team part-time as a practical pentester, testing the system as an attacker but reporting as a partner so your engineers can quickly fix issues without unnecessary guesswork.
I have experience in external and internal testing, analyzing attack paths in Active Directory, as well as web application and API security. My reports are understandable for management while being detailed enough for developers to reproduce and fix the issue.
For externally internet-accessible systems, I will first check open services, exposure, and misconfigurations, then move on to targeted testing of web applications and APIs with careful confirmation of real impact.
For internal infrastructure, I can analyze privilege escalation paths and lateral movement, check network segmentation, and identify vulnerabilities in Active Directory, such as Kerberoasting, pass-the-hash scenarios, and risky GPO configurations.
I also perform quality retests, confirming that fixes truly resolve the issue rather than just masking the symptoms.
One idea that greatly helps teams is a Fix Ready pack for each critical finding. Along with the usual evidence, I include a short safe script for reproduction and a simple verification step that your team can perform after the fix. This makes retests faster and helps avoid repeating the same issue in future releases.
https://live.chatbullet.com
https://app.cookiecad.com