Cybersecurity professional offering source code security reviews, vulnerability assessments, and penetration testing using industry-standard tools and manual analysis.
What I deliver:
- Deep source code review identifying SQL injection, XSS, SSRF, authentication flaws, and logic vulnerabilities
- Dependency and supply chain auditing (npm, pip, Docker, CI/CD pipelines)
- Detailed PDF report with severity ratings, reproduction steps, and remediation guidance
- Follow-up consultation to walk through findings
Languages & Frameworks: Python, JavaScript/Node.js, Ruby on Rails, PHP, Go, Java, React, Django, Flask, Express
Tools: Semgrep, GitLeaks, pip-audit, Trivy, Grype, Nuclei, TruffleHog, Burp Suite, manual code review
I focus on actionable results — not automated scanner noise. Every finding is manually verified with clear steps to reproduce and fix.