Tested. Advanced. Thorough .
[New!] hLabs Index
Click [ hLabs Index ] to go in!
It's the "Google Search" Engine for misconfigured systems & websites
hLabs Index passively scans the Internet for poorly misconfigured systems/ websites & indexes them here
Goal is to enable system developers/owners to quickly spot & patch bugs in their systems
hLabs Index Engine is fully autonomous so you may encounter a few false positives
There's an active web security scanner which you can use to test your website's security posture in realtime
Website Security Scanner
It's online, so you don't need to download/set anything up; Simply tap [ Here ] & enter the website to scan. The scan will be over in 10-60secs...
For $0 to $10, you'll identify low to critical severity bugs on your website, get easy-to-apply thorough tested fixes & 24/7 tech support - An incredible more than 1000X bargain over traditional pentesting!
Current version (1.1) checks on a diverse range of Website Security Vulnerabilities & suggests quick easy Fixes
These include: Content Security Policy misconfigurations (including web cache deception risk), CRLF injections/ HTTP response splitting (including web cache poisoning risk), Header injections (including web cache poisoning risk), SQL Injections, Security misconfigurations, Bad HTTP methods, Exposed backup files, Exposed application source code, Unsecure communication (HTTP), Path Traversal, Etc
Upcoming version will include more advanced scans, as can be accomodated by an automated online scan (~30 seconds)
[ Run Scan Now ]
Information Security Audits/ Penetration Tests
We conduct web systems audits/ Pentests to help identify & patch weaknesses/ compromises in the systems
Our tests are based on OWASP Top 10+ & any other issues that are identified in the course of the exercises.
Our fees are absolutely affordable: ranging from KES 5,000 upwards, depending on the size & scope of the system(s) in question.
Audit/ Pentest time range can be as short as a Few Hours to about a Month, depending on the systems's size & given scope
Note: For smaller systems, you can just give us a call & we'll do a full quality audit without the need of a physical meeting.
All audits/ pentest have professional accompanying documentation on all issues identified, their severity & how-to-fix recommendations.
Where applicable, we fix the bugs for the client.
We respond to active Intrusion/ Hacking activities on WebSystems
Web Systems Hardening
We also help secure systems via: Servers' hardening, Firewall & WAF installation/ configuration, & advice, etc
Consultancy on Secure Software Development & Best Practices
zDel (Public - Coming Up...)
Browser extensions (Private - For Internal Use)
Python/ Bash/ C Libraries & Scripts (Private - For Internal Use)