Michael Evans Posted March 30, 2012 Share Posted March 30, 2012 (edited) Hello, my name Michael Evans and im offering my services has a pen-tester (Penetration testing). i have had lots of experience with website testing and security. if you would like your website tested for a small fee please post below of pm me any time. what do you get from the pen test, well you get a full report sent to your email or any other way you would like. and also will give you advise of way to solve the issue and even forward to my contacts in web development who will help you for a fee if you are not a coder. A few of the many sites i have been payed to pen tested. jessiejofficial thewantedmusic cimorellimusic.com/ i have also do a pen test on a_bertrand (alian bertrand) game script. and many many more. my skills are not limited also and i work in different types of website testing. for more info post below or pm me and ill try get back to you asap, thank you for reading my post. just a few of the sits i found security issues on, i can provide screen shots if need be: cnet abc YSL tumblr Edited March 30, 2012 by Michael Evans Quote Link to comment Share on other sites More sharing options...
HauntedDawg Posted March 30, 2012 Share Posted March 30, 2012 What method's do you use for your penetration testing? Quote Link to comment Share on other sites More sharing options...
ColdBlooded Posted March 30, 2012 Share Posted March 30, 2012 This guy is talented. Highly recommended. Quote Link to comment Share on other sites More sharing options...
Michael Evans Posted March 30, 2012 Author Share Posted March 30, 2012 (edited) my "method's"/ skills are not limted and i test for a range of issues on a range of code .php .asp you name it. @cb thanks bro<3 Edited March 30, 2012 by Michael Evans Quote Link to comment Share on other sites More sharing options...
Uridium Posted March 30, 2012 Share Posted March 30, 2012 Highly recommended not to be taken likely this guys talents are quite rare on here Quote Link to comment Share on other sites More sharing options...
Michael Evans Posted March 30, 2012 Author Share Posted March 30, 2012 Sweet, so somebody downloaded Acunetix then :D lol no mate i don't use that pile of crap its wrong all the time i use my head do you really think i would work for the sites i have if i used progs? Quote Link to comment Share on other sites More sharing options...
HauntedDawg Posted March 30, 2012 Share Posted March 30, 2012 my "method's"/ skills are not limted and i test for a range of issues on a range of code .php .asp you name it. I was not asking if your limited to certain script's. What method's do you use? As SRB mentioned. There's program's or there's the DIY. Quote Link to comment Share on other sites More sharing options...
Michael Evans Posted March 30, 2012 Author Share Posted March 30, 2012 im all diy i only ever use a program if i need a map of the site to work with and that's it but yeah im diy mate Quote Link to comment Share on other sites More sharing options...
HauntedDawg Posted March 30, 2012 Share Posted March 30, 2012 You still giving such little info. There's load's of method's as to DIY penetration testing and to me seems like you don't do it yourself because you would of supplied more information. How on earth are you going to penetrate a DB if you don't even know the fields and tables via SQL Injection. What method do you take to get their DB structure? Quote Link to comment Share on other sites More sharing options...
Dominion Posted March 30, 2012 Share Posted March 30, 2012 You still giving such little info. There's load's of method's as to DIY penetration testing and to me seems like you don't do it yourself because you would of supplied more information. How on earth are you going to penetrate a DB if you don't even know the fields and tables via SQL Injection. What method do you take to get their DB structure? It's possible he is not discussing methods for the same reasons others do. Talking about how to get a database structure in public will just allow others to try it out. @OP - Can we have reviews from customers? CB & illusions what did he find on your sites? Easy to fix once he described the problem? How in depth was his service (e.g. limited to just the script or tried to attack server as well)? Quote Link to comment Share on other sites More sharing options...
Dominion Posted March 30, 2012 Share Posted March 30, 2012 Good answer. A lot of the stuff in the MC code engines is still unknown today, given that the few who know of the main ones, have yet to make them public. To be honest the problems in mccodes are not really something people spend hours testing unless they have something to gain. Either they are earning money out of fixing the engine, or perhaps starting their own game. In both cases people won't spend hours creating tutorials on how to fix them. You don't really need to post how to exploit the engine to explain the fix (sure it would be better to do so but still). Most people won't be able to reverse engineer it (because most who attack mccodes sites are copy & paste "hackers"), and those that can would probably be able to find the holes themselves. Quote Link to comment Share on other sites More sharing options...
a_bertrand Posted March 30, 2012 Share Posted March 30, 2012 I actually used his skills too and he helped me to discover an issue. So he certainly deserve some attention. When he discover something he will report what he discovered with, at least for me, enough info to fix the issue. He tested a whole site, no need to get access to the script nor the database. Is it a full proof check? No as it's a black box test which means he doesn't know the code, he's just checking while not knowing how it works under. However even with such checks you can discover things you forget or simply didn't thought about. Quote Link to comment Share on other sites More sharing options...
Michael Evans Posted March 30, 2012 Author Share Posted March 30, 2012 (edited) my skills and what i use i will not share i follow rules in this game i know more than just mcc lol. dom sure i can if needed i could even show emails with the makes of the sites' thanks a_bertrand if anyone want a test hit me up.:cool: i would like to also thank you all for your input and comments:) Edited March 30, 2012 by Michael Evans Quote Link to comment Share on other sites More sharing options...
SilverStar Posted March 30, 2012 Share Posted March 30, 2012 my skills and what i use i will not share i follow rules in this game i know more than just mcc lol. dom sure i can if needed i could even show emails with the makes of the sites' thanks a_bertrand if anyone want a test hit me up.:cool: i would like to also thank you all for your input and comments:) Regardless of who you have worked for in the past, I wouldn't hire you just because of your substandard grammar. It looks very unprofessional for someone who wants to be hired. Just my input... Quote Link to comment Share on other sites More sharing options...
Michael Evans Posted March 30, 2012 Author Share Posted March 30, 2012 (edited) star, that is fine even i know my grammar is not the best in the world but it has nothing to do with the testing of a website, but thanks for your input on this hope you have a lovely day. michael Edited March 30, 2012 by Michael Evans Quote Link to comment Share on other sites More sharing options...
JakeB Posted March 30, 2012 Share Posted March 30, 2012 You don't need the fields and tables to SQLi. You can find all that if you find a vulnerability through the information_schema table. Quote Link to comment Share on other sites More sharing options...
HauntedDawg Posted March 31, 2012 Share Posted March 31, 2012 not all webserver's have a Information Table. Who ever tries to blind hack a site is going to take time. If you want your site secured properly, go find a proper company, hand them your code, let them thrash it, bash it, break it, do what ever. When you get it back, you'll have a lot more surprise than you think. We allowed a company to "Pentest" one of our project's. They did not find anything. Give them the code on their own system and ability to look through it, and there was something. To me, this is merely trying to bloat about pretending you can do all you say. You don't want to post your method's, that's my opinion till then. Good luck with your sale's :D Quote Link to comment Share on other sites More sharing options...
Michael Evans Posted March 31, 2012 Author Share Posted March 31, 2012 lol blind sql injection if you think its hard well that shows your skill in understanding how it works, im a out sourced pen-tester for some very big company's (can't give names) and giving you code to big sites will cost you a bomb and all most of them will do is what im offering right now and that is black box testing. thank you all again for your input and your opinions it means to me Quote Link to comment Share on other sites More sharing options...
Nickson Posted March 31, 2012 Share Posted March 31, 2012 He doesn't need to post his methods on here, in fact I encourage it to not post them here as we have enough people on MWG that will just try it out on other games for their own "fun". It will take time of course to do a full scan of the site. But be honest, if he's good and he can't find something within a day. What makes you think that 99.9% of the people on that website will ever find it? Writing proper code is one thing, managing the system another, and having a good network setup a different one. But that still doesn't make it impenetrable... I doubt that Michael’s prices are in the same line of a real "pen-testing" company, and with the security standard of most people on here. I think it's more than reasonable to offer this service for a small fee and help those game owners out that want to make a difference. Quote Link to comment Share on other sites More sharing options...
HauntedDawg Posted March 31, 2012 Share Posted March 31, 2012 You all think that when i ask for his method's, you think im asking how he does it. His method's.. Does he approach the site and see what is there first? Does he approach the site and attack it full on? Or does he first see what system it is running? Perhaps their PHP Version? Micheal, you merely know me. So don't think my skill's are limited. I used to do other programming before web development. Quote Link to comment Share on other sites More sharing options...
Michael Evans Posted March 31, 2012 Author Share Posted March 31, 2012 haunted dawg your right i don't know you and you don't know me if your skills are good fine but my skills are what i have spent many years learning and im not going to just give them away users on here who have used me are happy with what i have given them, and your question what version of php they are using dose not really matter has i said im not limed to any one thing what i do is "black box testing" if you know what that means then you will stop trying to find out what it is i do. like nick said my prices are cheap yeah but i offer alot for that price and i have and do work for some very big companies, and come recommended. users on here vouch for me. i understand where you kinda come from haunted dawg but i also think the questions you are asking are not needed to be asked. but i have worked in alot of stuff and if you would like a list feel free to pm me i will gladly tell you thank you all again for your input and comments :cool: Quote Link to comment Share on other sites More sharing options...
rulerofzu Posted March 31, 2012 Share Posted March 31, 2012 I used Michael to test two sites of mine. I am happy with the service provided and he pointed out a few issues which I had simply overlooked on one site and couldnt find anything on the other. It was a quick professional service and email submitted report. Whilst I do not know how this compares to other pentesting services I am happy to recommend the service. Quote Link to comment Share on other sites More sharing options...
Danny696 Posted March 31, 2012 Share Posted March 31, 2012 I may have missed something, But what are our prices? Do you charge per domain? Include sub-domains? What if I use addon domains, and set up sub-domains and direct you to them aswell? Quote Link to comment Share on other sites More sharing options...
Michael Evans Posted March 31, 2012 Author Share Posted March 31, 2012 i test per site so say you have http://www.site1.site.com,www.site2.site.com,www.site2.site.com then that would fall in 3 different sites if you wanted them all checked. if you would like pm me and we can talk about the price and you can make your mind up on this danny Quote Link to comment Share on other sites More sharing options...
Michael Evans Posted March 31, 2012 Author Share Posted March 31, 2012 well my test will test all that is known if that makes seance the main what users can get to and if the file is been pulled then yeah it would be tested but yeah the bigger the site the bigger the price p.s love the name thanks for your input. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.