Web Pentest
OWASP Top 10Auth & Session TestingInput Validation
[ ethical-access granted ]
Your Name | Pentester & Ethical Hacker
Breaking systems ethically. Fixing security proactively.
Saya membantu tim produk menemukan celah sebelum attacker menemukannya. Fokus saya pada web pentest, validasi misconfiguration, dan security reporting yang actionable.
$run pentest --target production
About
Berpengalaman menjalankan pengujian keamanan aplikasi web dan API dengan pendekatan metodologis.
Terbiasa menyusun laporan temuan yang jelas, terukur, dan mudah ditindaklanjuti oleh tim engineering.
Core Skills
Network Security
Service EnumerationAttack Surface MappingHardening Review
Tooling
Burp SuiteNmapWireshark
Reporting
Risk PrioritizationPoC DocumentationRemediation Tracking
Selected Projects
Web App Security Assessment
Scope: E-commerce platform audit
Approach: Melakukan recon, auth testing, dan validasi business logic pada endpoint kritikal.
Impact: Menemukan high-risk IDOR dan insecure token handling yang kemudian dipatch sebelum production scale-up.
API Penetration Test
Scope: Internal fintech API
Approach: Menguji kontrol akses, rate limit, serta input sanitization di service inti.
Impact: Mengurangi eksposur data sensitif melalui perbaikan authorization model dan request validation.
Security Baseline Review
Scope: Infrastructure hardening check
Approach: Meninjau konfigurasi service publik, TLS setup, dan secret exposure patterns.
Impact: Meningkatkan security posture melalui checklist hardening yang terstandardisasi lintas environment.
Contact
Open for security testing collaborations and freelance projects.