opensecurity.ca Open in urlscan Pro
2606:4700:3033::ac43:b652  Public Scan

Form analysis
0 forms found in the DOM

Text Content

 * Home
 * Pentest
 * Training
 * Engineering
 * Support
 * Research
 * Clients
 * Contact


OPENSECURITY.

WE DO QUALITY PENTESTS, SECURITY ENGINEERING,
ONLINE TRAINING AND WE ♥ OPENSOURCE.





PENTEST & CODE REVIEW

Penetration Testing and Security Assessment Services

We find security vulnerabilities in web applications, web services, APIs, AWS,
Azure & GCP infrastructure, serverless applications, mobile applications built
for Android, iOS and software written for Internet of things (IoT). Our
comprehensive security assessments include threat modelling, architectural
reviews, pentesting and source code review.

 * WEB
 * Web service/app
 * Scope: Web Services, APIs & Servers
 * Duration: 2-7 weeks
 * Standards: OWASP Web, SANS 25
 * Report: PDF Report
 * Retest: Included
   Contact

 * MOBILE
 * Android/iOS app
 * Scope: Android, iOS & Web APIs
 * Duration: 3-7 weeks
 * Standards: OWASP Mobile, MSTG
 * Report: PDF Report
 * Retest: Included
   Contact

 * CLOUD
 * Cloud infrastructure
 * Scope: AWS, Google Cloud, & Azure
 * Duration: 3-7 weeks
 * Standards: OWASP, CIS Benchmark
 * Report: PDF Report
 * Retest: Included
   Contact



SERVICES WE OFFER





WEB APPLICATION PENTEST & SECURITY ASSESSMENT AWS, AZURE AND GOOGLE CLOUD
SECURITY ASSESSMENT COMPUTE AND SERVERLESS SECURITY SERVER, DATABASE AND
APPLICATION SECURITY WORDPRESS/DRUPAL/JOOMLA SECURITY AND HARDENING MOBILE
APPLICATION PENTEST & SECURITY ASSESSMENT INFRASTRUCTURE AND APPLICATION STACK
SECURITY ASSESSMENT SECURE CODE REVIEW & THREAT MODELLING SECURITY ALGORITHM
DESIGN AND IMPLEMENTATION EVALUATION OF CUSTOM SECURITY IMPLEMENTATIONS &
PROTOCOLS APPLICATION SECURITY AUTOMATION, SCRIPTING SECURITY ENGINEERING &
SECURITY TOOL DEVELOPMENT APPLICATION SECURITY CONSULTANCY & STARTUP ADVISORY



Get a Quote


SECURITY TRAINING

Deep technical application security trainings.

We provide application security trainings and certification via self paced
online courses as well as hands on live trainings at Security conferences. Our
trainings cover web application security, mobile application security,
pentesting modern technology stack, and windows exploit development. For more
information, visit our security education portal



Online Trainings


SECURITY ENGINEERING

We love security automation and develops security tools that work.

Security Engineering is our speciality. We build open source security tools in
Python, Golang, Lua, Node.js, .NET, JavaScript and Java.

On GitHub


MOBILE SECURITY FRAMEWORK - MOBSF

Starred 16685 Forked 3161

On GitHub


NODEJSSCAN STATIC CODE SCANNER

Starred 2356 Forked 325

On GitHub


OWASP XENOTIX XSS EXPLOIT FRAMEWORK

Starred 518 Forked 182

On GitHub


GARFIELD DISTRIBUTED SYSTEM SCANNER

Starred 78 Forked 29

On GitHub


CMSSCAN, CMS SECURITY MANAGEMENT

Starred 595 Forked 157

On GitHub


NJSSCAN, SAST FOR NODE.JS

Starred 361 Forked 76


We help companies implement fundamental blocks of a successful Application
Security program. Reach out if you would like us to help you integrate appsec
tooling in your CI/CD pipeline or has custom security software and automation
requirements.

OpenSource on GitHub Hire Us


SUPPORT SERVICES

Mobile Security Framework Support Packages.

All rates are in USD inclusive of taxes, but excluding any withholding taxes and
transaction fees.
 * PROFESSIONAL
 * $ 2999.99 / year
 * Live Support & Troubleshooting
 * Priority Support via Email or Slack
 * Access to MobSF e-Learning Course (5 accounts)
 * 1 Minor Feature Request
 * Priority Bug Fixes
   Contact

 * ENTERPRISE
 * $ 6999.99 / year
 * Live Support & Troubleshooting
 * Priority Support via Email or Slack
 * Access to MobSF e-Learning Course (15 accounts)
 * 2 Major Feature Requests
 * Priority Bug Fixes
   Contact

 * TRAINING
 * $ 10999.99 / year
 * Onsite*/Online Live MobSF Training for your Developers
 * CTF challenges
 * Assistance in setting up MobSF in your CI/CD
 * Access to MobSF e-Learning Course (50 accounts)
 * Expert Email Consultation
   Contact


SECURITY RESEARCH

Latest advisories and research from OpenSecurity.

DETECTING ZERO DAYS IN SOFTWARE SUPPLY CHAIN WITH STATIC AND DYNAMIC ANALYSIS
STEALING CARD DETAILS FROM CONTACTLESS CARDS IN SECONDS EXPLOITING INSECURE FILE
EXTRACTION IN PYTHON FOR CODE EXECUTION EXPLOITING DESERIALIZATION BUGS IN
NODE.JS MODULES FOR REMOTE CODE EXECUTION SERVER SIDE TEMPLATE INJECTION IN
TORNADO INSTAMOJO WOOCOMMERCE PLUGIN XSS OS X MAVERICKS 10.9.5 - OUT OF BOUND
READ/WRITE IN MEMMOVE() APPLOCK MITM PASSWORD RESET VULNERABILITY REVERSING
DEXGUARD'S STRING ENCRYPTION BYPASSING CONTENT SECURITY POLICY WITH A JS/GIF
POLYGLOT BYPASSING PIN IN WHISPER ANDROID APPLICATION TIZEN 2.2.1 WEBKIT ADDRESS
SPOOFING MTS MBLAZE ULTRA WI-FI / ZTE AC3633 MULTIPLE VULNERABILITIES

Follow @OpenSecurity_IN


SOME OF OUR CLIENTS.

 * 
 * 
 * 
 * 
 * 
 * 
 * 
 * 
 * 
 * 
 * 
 * 
 * 
 * 


WE'D LIKE TO DO BUSINESS WITH YOU!

HAVE A QUESTION? WANT TO HIRE US?

Mail


INFO@OPENSECURITY.IN (PGP)

BANGALORE, INDIA | VANCOUVER, CANADA




© 2024 OPENSECURITY