We recon, hack and protect

from a real-world attacks in a hacker's perspective, report it to you in a very detailed and understandable way.

HACK ON!

About Us


Originally formed as a collective, Invalid Web Security has evolved into a prominent security consulting firm since its inception in 2013.

The team consists of adept Filipinos with a profound interest and expertise in enhancing application security. Individually, the members have garnered recognition and accolades from prominent tech giants such as Facebook, Google, Microsoft, Yahoo, Twitter, and various other major corporations.

The core objective of Invalid Web Security is to fortify the operational integrity of their clients' businesses. They achieve this by meticulously identifying vulnerabilities and producing comprehensive, intelligible reports of the highest quality.

Our Services

Explore the exceptional range of services we provide.

Web Application Pentration Testing

Web application penetration testing (pentesting) is a critical process to identify security vulnerabilities in web applications and ensure they are protected against potential cyber threats. Pentesting services offered by security professionals or companies can include a variety of assessments and tests to evaluate the security posture of a web application.

Here are some common web app pentesting services offered:

1. Authentication and Authorization

2. Session Management

3. Input Validation and Injection

4. Security Misconfiguration

Mobile (iOS & Android) Penetration Testing

Mobile application penetration testing, also known as mobile app pentesting, is a process aimed at identifying security vulnerabilities and weaknesses in iOS and Android applications.


Here are some common web app pentesting services offered:

1. Static Analysis and Dynamic Analysis

2. Reverse Engineering

3. Rooting and Jailbreaking Testing

4. Authentication and Authorization

5. Session Management

6. Input Validation and Injection

7. Security Misconfiguration

API Penetration Testing

API (Application Programming Interface) penetration testing is the process of evaluating the security of APIs to identify vulnerabilities and weaknesses that could be exploited by attackers. APIs play a crucial role in connecting different software components and enabling data exchange between applications, which makes them a prime target for cyberattacks.

Network Internal & External Penetration Testing

Network penetration testing, often referred to as network pentesting or network vulnerability assessment, is a process of evaluating the security of a computer network by simulating real-world cyberattacks. The goal is to identify vulnerabilities, weaknesses, and potential points of entry that malicious actors could exploit to compromise the network's confidentiality, integrity, or availability./p>

Testimonials

Client Reviews

Peter Christopher - CEO at CF Security

Jayson is very capable of finding obvious and subtle security holes and reporting them in a way that a programmer will know how to reproduce and patch those holes. You can trust him, and you will benefit from any time he dedicates to your project.

Nick Sweeting - DrChrono, Developer

Out of all the researchers who have been submitting bug reports to drchrono, Clifford is by far the highest quality reporter. He consistently provides clear, concise, hand-written reports, and works with us to get them resolved quickly. When me make changes or suggestions to reports, he's responded quickly and personally to every one of them. He is a true security researcher, he cares about security of the product more than the bounties, which is why we've happily given him so many of them.

Ivan Leichtling - Yelp Security Team

As part of Yelp's private bug bounty, Clifford has been a huge help. He's uncovered serious bugs that scanners, penetration testers, and our own engineering team didn't discover.

Corina Mansueto - Director of Social Media & Customer Service at Lavasoft

Evan assisted in identifying a vulnerability on our website. He was extremely easy to work with to have this issue resolved in a timely and professional manner. Thanks for all your help Evan, we greatly appreciate it.

Team

Our team is always here to help

First sample avatar image

Jayson Z

Founder

Fourth sample avatar image

Clifford Trigo

Co-Founder / Application Security Engineer

Third sample avatar image

Jaymark PestaƱo

Co-Founder / Application Security Engineer

Fourth sample avatar image

Roy Castillo

Application Security Engineer / Security Researcher

Fourth sample avatar image

JD Loquias

Backend Security Specialist / AWS Security

Fourth sample avatar image

Paul Biteng

Bug Bounty Hunter / Back-End Developer

Fourth sample avatar image

Mikko Carreon

Cloud Engineer / System Administrator

Fourth sample avatar image

Joenel de Asis

Sr. Technical Developer / Linux System Administrator

Fourth sample avatar image

Evan Ricafort

Bug Bounty Hunter / Security Researcher

Fourth sample avatar image

Jerold Camacho

Bug Bounty Hunter / Security Researcher

Contact Us

Reach out to us to commence the journey.

Location:

Metro Manila, Philippines