I can remotely provide a thorough security audit for:
- a website or web application;
- a mobile application (Android or iOS);
- desktop application (Windows, macOS, Linux);
- or any system exposed on the Internet (a web server, a database, a remote desktop server, a VPN, etc.).
The audit can be made on three different ways:
- black box: like any hacker, you only provide me the entry point(s) of the assess to be audited;
- grey box: like any legitimate user, you provide me the entry point and some valid user credentials;
- white box: for a complete assessment, you provide me administrator credentials, and eventually for a code review, the source code of the application (I can sign a NDA).
Depending on the complexity of the system, the audit can last from a few hours to a few days.
After the audit, I will provide a complete audit report with findings and recommendations.
