What I assess
Seven focused penetration testing engagements, each scoped end-to-end by one practitioner. Every path traced from initial foothold to full takeover, with prioritised remediation and a retest included.
Cloud security
One misconfigured permission can give an attacker full control of your AWS or GCP environment. Every escalation path mapped from initial foothold to full takeover.
Linux security
From a standard user account to full server control. Every privilege escalation path traced and documented so you can close it before an attacker finds it.
Kubernetes security
A single misconfigured container permission can expose every service you run. Full attack path assessment from a compromised container to cluster-wide control.
CI/CD & supply chain
Your build pipeline has access to production. One injected command in a pull request or a leaked credential in a build log can compromise everything it deploys.
OAuth & SSO security
One misconfigured redirect in your login flow can let an attacker take over any user account. Deep testing of OAuth 2.0, SAML, and single sign-on implementations.
Web application security
Can someone log in as another user? Access data without a password? Abuse your checkout flow?
API security testing
Your API may expose every user's records by changing one number in the URL. Every endpoint tested for broken access controls, data leakage, and authentication gaps.
* Windows / Active Directory: not offered. Life is too short :)
