ThisIsQA.com is a project that was founded and currently led by Nikolay Babiy, security researcher and consultant/trainer. Project mission is to offer best-in-class experience in context of conducting security reviews for web-applications using the most effective approaches of BlackBox and WhiteBox penetration testing techniques, that are able to cover the majority of vulnerabilities stated in OWASP list. The goal we put — do our best to minimize the risk for our customers and their applications to be exploited.
After completion of these steps we will be responsible for the research and investigation of security flaws and holes in your web-application. In particular our team will perform the penetration tests and simulate attacks using both — manual approaches based on our engineer’s experience, and tools to scan the app automatically. However, despite the fact that security scanners are now much better than before, we would never prefer automated tool to manual test made be engineer, so the majority of scenarios would be executed by hands — this approach is most efficient. Our team are professionals with a lot of experience with identification of different types of web-app vulnerabilities including XSS, SQLi, RCE(Remote Command Execution), L/RFI (Local/Remote File Inclusion), session fixation, clickjacking and others.