Services

Offensive security auditing specialized in Android applications, web platforms, and manual pentesting. Cybercrime defense, data protection, compliance, and digital rights. Each service is tailored to your needs and executed with proven methodologies.

01

Android Application Audit

Exhaustive analysis of APKs through decompilation, static and dynamic analysis. We identify vulnerabilities in source code, business logic, and backend server communication. We review local storage, permissions, intents, providers, and any attack vector specific to the Android platform.

Tools: jadxJADX-GUIFridaobjectionBurp Suitemitmproxy
Ideal for: Banking apps, fintech, healthcare, any app handling sensitive data
Request a quote
02

Web Application Audit

Comprehensive security testing for REST APIs, SPAs, and web platforms. We evaluate authentication, authorization, input validation, server configuration, security headers, and business logic. Includes injection, XSS, CSRF, SSRF, and API-specific vulnerability testing.

Tools: Burp Suite ProOWASP ZAPnmapsqlmap
Ideal for: E-commerce, SaaS, payment platforms, public APIs
Request a quote
03

Manual Pentesting

Realistic attack simulation executed without automated tools. Every step is controlled, documented, and justified. We look for vectors that automatic scanners miss: flawed business logic, race conditions, authentication bypasses, and design vulnerabilities. The approach is 100% manual and customized to your application context.

Tools: Manual exploitation techniquesSocial engineering
Ideal for: Defense validation, compliance, regulatory audits
Request a quote
04

Reconnaissance / OSINT

Open-source intelligence and complete attack surface mapping. We identify exposed assets, subdomains, technologies, information leaks, and entry vectors before an attacker does. Reconnaissance is the first step of any serious security audit.

Tools: ShodantheHarvesterMaltegorecon-ng
Ideal for: Public exposure assessment, due diligence
Request a quote
05

Digital Litigation and Asset Protection

Comprehensive legal assistance for victims of online scams, phishing, identity theft, social media impersonation, grooming, cyberstalking, sextortion, and non-consensual intimate image distribution. Technical defense for defendants accused of hacking, illegitimate system access, computer damage, or personal data violations, with digital forensic expertise. Trademark registration and copyrights applied to digital products, software, and web content. Action against infringements on social networks and platforms: content removal requests (DMCA takedown), civil actions for intellectual property violations, and protection against unauthorized source code copying.

Tools: Law 26.388 (Cybercrimes)Law 11.723 (Copyright)Law 22.362 (Trademarks)Digital forensic expertiseDMCA Takedown
Ideal for: Victims of digital fraud, breach-affected companies, software developers, content creators
Request a quote
06

Digital Law and Compliance

Drafting privacy policies, legal notices, and terms & conditions for websites, mobile apps, and e-commerce. Full compliance with Personal Data Protection Law No. 25.326: legal risk diagnosis, security documents, database registrations before AAIP, and impact assessments. Drafting technology contracts: software licenses, confidentiality agreements (NDA), IT maintenance contracts, and SLAs. Consulting for online stores on Consumer Defense Law No. 24.240: right of withdrawal, legal warranties, exchange and return policies, and electronic payment methods. Handling non-compliance incidents, breach notifications, and sanction proceedings.

Tools: Law 25.326 (Personal Data)Law 24.240 (Consumer Defense)AAIP RegistrationTechnology contractsDPIA
Ideal for: Startups, e-commerce, SaaS platforms, fintech, healthtech, any data controller
Request a quote

Want to talk about your project?

Tell us what you need — technical, legal, or both — and we'll put together a custom proposal.

Let's talk about your project