Project Request: Penetration testing

Looking for medium/expert level Information Security specialist.For High Level Whitebox testing Penetration Test. Using OSWAp Web App Criteria

  • Injection.
  • Broken Authentication.
  • Sensitive Data Exposure.
  • XML External Entities (XXE).
  • Broken Access Control.
  • Security Misconfiguration.
  • Cross-Site Scripting XSS
  • Insecure Deserialization
  • Using Components with Known Vulnerabilities.

OWASP Mobile top 10 risks

  • M1: Improper Platform Usage
  • M2: Insecure Data Storage
  • M3: Insecure Communication
  • M4: Insecure Authentication
  • M5: Insufficient Cryptography
  • M6: Insecure Authorization
  • M7: Client Code Quality
  • M8: Code Tampering
  • M9: Reverse Engineering
  • M10: Extraneous Functionality

Provide an example of what a test report would look like based on some of the criteria, in the description and whether IOS and Android can be reviewed.

At Puffin Security, we enjoy contributing knowledge regarding security projects to complex organizations as our team is composed by Certified Security Engineers who follow codes of conduct (The ISACA, (ISC)2 and ISSA codes of conduct – likewise the OSSTMM “Rules of Engagement”). For more information, contact us here or info@puffinsecurity.com