Got Vulnerabilities?
I find the security flaws that automated scanners and big pentest firms miss. Manual testing by a neurodivergent brain that sees patterns others don't.
Get a Free ConsultationEmail subject: pentester.ca <> your company name
I find the security flaws that automated scanners and big pentest firms miss. Manual testing by a neurodivergent brain that sees patterns others don't.
Get a Free ConsultationEmail subject: pentester.ca <> your company name
Not a scanner report. I manually test your APIs, authentication, authorization, and business logic by hand. I find IDORs, auth bypasses, and broken access control that automated tools will never catch.
Every vulnerability documented with reproduction steps, severity ratings, and clear remediation guidance. Written so your developers can fix it and your executives can understand the risk.
I walk your developers through every finding and make sure fixes actually work. Retesting included, because "the agency says it's fixed" doesn't mean it's fixed.
Web applications, REST and GraphQL APIs, mobile apps (iOS and Android), Firebase and Supabase backends, OAuth implementations, and more.
Android kiosks, locked-down tablets, POS systems, smart devices, vending machines. I break out of kiosk modes, find debug ports, extract firmware, and look for hardcoded credentials and backdoors. If it runs Android, I can tear it apart.
Guest Wi-Fi, retail networks, lobby hotspots, public access points. I test whether your guest networks are actually isolated from internal systems, and whether someone on your guest Wi-Fi could send emails that pass your domain's SPF checks. Even Fortune 500 companies get this wrong. All I need is a tunnel to your guest network and I can test remotely.
Pre-buy a set number of hours each month. I test new features before they go live, review code changes, and stay on call for your team. Security isn't a one-time thing, and neither am I.
Every engagement is scoped to your needs. From a focused API review to a full platform audit to an ongoing retainer. Reach out and I'll put together a proposal that fits your budget.
Pricing depends on scope. Email me what you need tested and I'll send you a quote within 24 hours.
My neurodivergent brain doesn't work the way most people's does. I hyperfocus. I see patterns. I test edge cases that neurotypical testers skip because they "don't seem likely." That's exactly where the vulnerabilities are.
I've found critical vulnerabilities in companies that had just passed pentests from big firms. The firms ran their scanners and left. I sat with the application, understood its logic, and found what they missed.
Big pentest firms charge tens of thousands and give you a Nessus scan with a cover page. I find more, because I actually test your application by hand.
"Kaeden provided exceptional insight into our application's security posture. Her testing was thorough, well-documented, and focused on real-world attack vectors rather than theoretical issues. Communication was clear throughout the process, and the final report gave our engineering team actionable steps to immediately improve security. Highly recommended."
"Kaeden was great to work with. She was responsive, detailed and thorough in helping us identify blindspots in web security. I'd recommend Kaeden to anyone looking for a cyber security consultant!"
"Kaeden is an amazing professional she demonstrated great abilities and skills to pen test our application and provided with full disclosure of the issues. She acted very professionally and with great sense of responsibility when disclosing sensitive vulnerabilities with our app."
"I had the pleasure of working with Kaeden, and I can confidently say she did an outstanding job helping our team identify and manage critical security patches. Her attention to detail and proactive approach ensured that vulnerabilities were caught early and addressed efficiently. Kaeden consistently demonstrated strong analytical skills, clear communication, and a solid understanding of security best practices. She didn't just flag issues — she took the time to explain risks, recommend practical solutions, and follow through to make sure patches were implemented correctly."
"Kaeden did great work pentesting our application. Her creative approach and knowledge of vulnerabilities most accurately resembles the threats modern applications actually face. Would highly recommend."
"Kaeden reached out us with suggestions for cybersecurity improvement. It was amazing because we could not reproduce same bug without her detailed explanations. I believe Kaeden has deep understanding for cybersecurity."
"I had the pleasure of working with Kaeden to improve security at our products. She's easy to work with, able to identify potential vulnerabilities, and provide us with helpful recommendations."
I connected to the guest Wi-Fi at the Warner Bros Studio Tour and their London HQ. Both gave me access to internal systems, unreleased titles, and production details.
4 min readI've found this pattern at multiple Fortune 500 companies. A basic employee account can access tools meant for executives. Nobody checks.
4 min readAgencies ship fast and break everything. Open databases, fake authentication, and the retest cycle from hell.
4 min readThree companies that passed security assessments. Three disasters I found in minutes.
5 min readI found and reported vulnerabilities in two apps. Both ignored me. Both got breached by someone else. Their users ended up on 4chan and in the press.
4 min readTell me what you need tested. I'll send you a scope and quote within 24 hours. No sales calls, no fluff, unless you want one 😉
whitehat@pentester.caEmail subject: pentester.ca <> your company name
Or message me on LinkedIn