A breach costs more than a pentest.

I find the vulnerabilities in your systems before someone exploits them. Structured methodology, written deliverables, and a report your team can act on.

Daniel Ordonez Arango — Penetration Tester
  • 12 HTB paths completed
  • 720 HTB machines pwned
  • Top 1% HTB ranking

What I do

Web Application Pentest Find exploitable vulnerabilities in your app before a breach does. OWASP-aligned manual testing with a written report your team can act on immediately.
  • OWASP Top 10 manual testing
  • Severity-ranked PDF report
  • Business impact per finding
  • Remediation guidance included
Active Directory Pentest Find identity and privilege gaps in your Active Directory before lateral movement becomes a domain compromise. Identity-focused manual testing with a severity-ranked report your IT team can act on immediately.
  • Kerberos, ACL & delegation testing
  • Severity-ranked PDF report
  • Domain compromise path analysis
  • Remediation guidance included

All services include a free re-test after fixes are applied.

Real engagements, real findings

Automotive Industry · Colombia · 2026

5 Critical 3 High

Active SEO Spam Injection & Full Remediation

Hidden gambling SEO spam and exposed backups on WordPress — full cleanup verified in one session.

Why work with me

I began as a full-stack developer before moving into offensive security. That foundation is practical: I read application logic and architecture, not just scanner output — so every finding ties to a root cause and remediation your team can implement without guesswork.

I specialize in web application and Active Directory assessments for startups and SMBs. Work follows a structured methodology — scope agreed in writing, manual testing, severity-ranked reports with evidence. The case studies on this site are from real engagements: corporate WordPress intranets, active SEO spam compromises, and post-incident remediation.

You work directly with me — not a sales team or junior tester. Based in Colombia, I deliver remotely across Latin America, the US, and Europe in English or Spanish, with fixed scope and pricing agreed before testing begins.

Training & Experience

Completed paths

Web Penetration Tester
CWES
Penetration Tester
CPTS
SOC Analyst
CDSA
Junior Cybersecurity Analyst
CJCA

In progress

Senior Web Penetration Tester
CWEE
Active Directory Pentesting Expert
CAPE
Offensive AI Expert
COAE
Wi-Fi Pentesting Expert
CWPE

Structured engagement process

  1. Scoping & proposal

    Free scoping call to define your environment, targets and rules of engagement. You receive a written proposal with scope, methodology, fixed price and NDA — before any work begins.

  2. Assessment & testing

    Manual offensive testing with progress updates throughout. Critical and high findings are reported immediately — not held for the final report.

  3. Reporting & verification

    Severity-ranked PDF report with evidence and remediation steps.

Get an instant estimate

01

Choose your service

02

Environment parameters

Scope

Complexity

03

Testing type

Black-box No prior knowledge of the target. Simulates a real external attacker. Ideal to test your defences from an adversarial perspective. ✓ Most common
Grey-box Partial credentials or context provided. Simulates a compromised account or insider threat. Best coverage-to-cost ratio. ✓ Recommended
White-box Full access + source code provided. Maximum depth and coverage. Best for thorough audits or when regulations require it. ✓ Most thorough

Selected service

Web App Pentest

Estimated range

$2,000 $5,000 USD
Scope Small · 1–5 targets
Complexity Standard
Testing Black-box
Duration 1–2 weeks
Book a free scoping call

Automated estimate only — not a binding quote.
A signed authorization agreement is required before any engagement begins.

Common questions

Cost, focus, and direct access. As a LATAM-based independent tester, my rates are significantly lower than US/EU firms without sacrificing methodology or quality. You work directly with the person doing the testing — from scoping to final report.

I report it immediately — you don’t wait for the final report. Critical and high findings are communicated as soon as confirmed so your team can begin remediation while the engagement is still active.

Most web app engagements run 1–2 weeks; Active Directory assessments typically 2–3 weeks. Exact timing depends on scope, environment size, and testing type. You get a fixed timeline in the written proposal before work begins.

A short scoping call is enough to start. Before testing begins, you’ll need a signed authorization agreement, a technical point of contact, and access details aligned with the agreed testing type (black-box, grey-box, or white-box). I provide a checklist in the proposal.

Yes. Mutual NDAs are standard and included in the engagement paperwork. Your data, credentials, and findings are handled confidentially — nothing is shared with third parties.

Direct message