I do mean the goat book. I’ll keep my eyes out for 3e :)

> On 4 Jul 2023, at 18:12, Harry Percival <harry.perci...@gmail.com> wrote:
> 
> aw thanks for the compliment.  3E on the way (if you mean the goat book?)
> 
> On Tue, 4 Jul 2023 at 17:17, William Mayor <m...@williammayor.co.uk 
> <mailto:m...@williammayor.co.uk>> wrote:
>> Thanks Harry, that’s a really good idea! I’ll add that to my list :)
>> 
>> (P.S. Love your book BTW I give it to all of my juniors :) )
>> 
>>> On 3 Jul 2023, at 18:48, Harry Percival <harry.perci...@gmail.com 
>>> <mailto:harry.perci...@gmail.com>> wrote:
>>> 
>>> Have you considered bug bounty programmes? I think we used HackerOne back 
>>> in the day and got a few actionable fixes out of it, without ever spending 
>>> too much money.
>>> 
>>> Iirc we'd pay out like $50 for little things that were arguably not real 
>>> vulns but just missing best practices (rate limiting password reset 
>>> requests was an example iirc? Bit worried someone will jump on me saying 
>>> how insanely important that is lol) - the kinds of things you can find with 
>>> an automated tool and minimal actual effort from the pentester -- and 10x 
>>> that (or more? Cant remember. In anycase i'm guessing H1 have suggested 
>>> payouts) for "real" bugs with PoC.
>>> 
>>> You did have to deal with a bit of spam but overall it was worth it.
>>> 
>>> Hp
>>> 
>>> 
>>> 
>>> On Mon, 3 Jul 2023, 14:22 SW, <walke...@hotmail.co.uk 
>>> <mailto:walke...@hotmail.co.uk>> wrote:
>>>> I can also add https://istormsolutions.co.uk/ - I have a friend who 
>>>> works there, though I've not used their services myself.
>>>> 
>>>> Thanks,
>>>> S
>>>> 
>>>> On 03/07/2023 15:03, Gautier Hayoun wrote:
>>>> > Hi William,
>>>> >
>>>> > I have dealt with Callum at Sencode (https://sencode.co.uk/) recently. 
>>>> > They are a small company based in the UK, and I was perfectly 
>>>> > satisfied when their pen test of a Django web application.
>>>> >
>>>> > Best,
>>>> >
>>>> > Gautier
>>>> >
>>>> > On 03/07/2023 13:55, William Mayor wrote:
>>>> >> Hi!
>>>> >>
>>>> >> This isn’t exactly on topic, but I’m running out of leads on this 
>>>> >> one. Any help is appreciated :)
>>>> >>
>>>> >> I’m looking for a penetration/security testing company that can help 
>>>> >> me with a product that we’re building. It’s an API (written using 
>>>> >> FastAPI, so there is a python link in here :) ), with web and native 
>>>> >> app front ends.
>>>> >>
>>>> >> I’d like to have some kind of certified test conducted, to find all 
>>>> >> the security edge cases that I’ve undoubtably missed.
>>>> >>
>>>> >> We’re a small company (a social enterprise), so our budget isn’t great.
>>>> >>
>>>> >> So my question is, does anyone have any recommendations for a pen 
>>>> >> testing company that could help?
>>>> >>
>>>> >> Thank you!
>>>> >>
>>>> >>
>>>> >> _______________________________________________
>>>> >> python-uk mailing list
>>>> >> python-uk@python.org <mailto:python-uk@python.org>
>>>> >> https://mail.python.org/mailman/listinfo/python-uk
>>>> > _______________________________________________
>>>> > python-uk mailing list
>>>> > python-uk@python.org <mailto:python-uk@python.org>
>>>> > https://mail.python.org/mailman/listinfo/python-uk
>>>> 
>>>> _______________________________________________
>>>> python-uk mailing list
>>>> python-uk@python.org <mailto:python-uk@python.org>
>>>> https://mail.python.org/mailman/listinfo/python-uk
>>> _______________________________________________
>>> python-uk mailing list
>>> python-uk@python.org <mailto:python-uk@python.org>
>>> https://mail.python.org/mailman/listinfo/python-uk
>> 

_______________________________________________
python-uk mailing list
python-uk@python.org
https://mail.python.org/mailman/listinfo/python-uk

Reply via email to