Hack-IT Ethical Hacking & Penetration Testing
Exposing real security risks before they can impact your business.
Expertise
Deep Dive
Hacking
Automated scanners find common issues. I go further, manually testing your systems to uncover logic flaws and complex vulnerabilities.
Code &
Architecture Review
Your systems start with solid foundations. I analyze your code, APIs, and infrastructure to find flaws before attackers do.
Vulnerability
Validation
Scanners create many alerts. I verify each finding manually, giving you a concise list of the vulnerabilities that actually matter.
Trusted By
Process
Discovery
I scope the engagement and map the attack surface. Then I model how the application actually works: who can access what data, and when. That’s where most authorization flaws hide.
Execution
I probe manually, with targeted tooling where it helps. Real attacks chain small weaknesses together, which is what scanners miss because they look at issues in isolation.
Reporting
Each finding includes reproduction steps, a severity score, and a fix recommendation. I verify findings before reporting, so you don’t get false positives or vague advice.
What you receive
Every engagement ends with a full report. Not just a list of bugs.
Executive summary
A short overview for management or auditors. No technical jargon.
Technical findings
For each finding: reproduction steps, affected components, and a CVSS score.
Remediation guidance
A fix recommendation per finding, written for the engineers who’ll implement it.
Optional retest
Once your team has shipped fixes, I verify the issues are resolved and update the report.
Typical engagements
Engagements range from one-week tests on early-stage SaaS products to multi-week assessments for SOC 2 or ISO 27001 prep. Most work is collaborative with your engineering team. Pricing is per project, quoted after a free scoping call.
Achievements & Recognition
Bug Bounty Experience
Active on public bug bounty platforms like HackerOne and Intigriti, responsibly disclosing critical vulnerabilities in major online platforms.
Official Recognition
- 2nd place at Hack The Government 2024, Belgium's official cybersecurity challenge
- NCSC Hall of Fame 2023, Most impactful security report
About
Security isn't a checklist.
It's a mindset.
I founded Hack-IT to do hands-on penetration testing and ethical hacking. I focus on practical findings that help you secure your systems.
Automated scans combined with manual validation help your systems hold up against real-world attacks.