About Me
I help companies find and fix real security risks in their web applications and APIs. My work focuses on practical penetration testing, clear reporting and verification of fixes so security improvements actually reduce risk.
Who I Am
I work in application security with a strong focus on how systems are actually attacked in the real world. Instead of relying only on tools or checklists, I test applications the way an attacker would and focus on issues that can genuinely be exploited.
What I Do
I provide web application pentesting, API security testing and re-testing of fixes. The goal is simple: help teams understand what is truly risky, how it can be abused and what needs to be done to fix it properly.
My Core Focus Areas
Web Application Security
Manual testing of real attack paths in modern web applications, not just automated scans.
API Security Testing
Focused testing of authentication, authorization, business logic and abuse scenarios in APIs.
Re-Testing & Verification
Verification that fixes actually work and that the original risks are really closed.
How I Approach Security Testing
Realistic Testing
I focus on real attack paths and abuse cases instead of generic compliance checklists.
Clear, Usable Reports
Every issue is explained in simple terms with proof and clear fix guidance.
Fix Validation
I verify that fixes actually work and that risks are truly reduced.
Business-Relevant Risk
Findings are prioritised based on real impact, not just technical severity.
Want a Clear View of Your Application Security?
If you want practical testing, clear results and real risk reduction, let’s talk about your application.
Get in Touch