rahmatnurfauzi (rahmatnurfauzi)



Rahmat Nurfauzi is an Information Security Professional specialized in network infrastructure and
application penetration testing such as android and web application security. He also worked as a security consultant for government and e-commerce in Indonesia.

Security Researcher

EDB / CVE Mitre

Exploit DB :

1. Glassfish Server - Unquoted Service Path Privilege Escalation

2. Joomla! Component 'com_guru' - SQL Injection

3. Getsimple CMS 3.3.10 - Arbitrary File Upload

4. Wolf CMS 0.8.2 - Arbitrary File Upload (Metasploit)

5. IonizeCMS 1.0.8 - Cross-Site Request Forgery (Add Admin)

6. Yona CMS - Cross-Site Request Forgery

7. Joomla! Component 'com_publisher' - SQL Injection

8. Tomabo MP4 Player 3.11.6 - SEH Based Stack Overflow (Metasploit)

More Info : https://www.exploit-db.com/author/?a=8655

CVE Mitre :

CVE-2016-5501 - Oracle VM VirtualBox Local Security Vulnerability

Bug Bounty Reward & Hall of Fame

1. Tokopedia

2. Traveloka

3. Microsoft

4. Intel

5. Oracle

6. Adobe

7. Sony

8. Uber

Web Research Android Web Programming Penetration Testing

  Hire Me
Make a Private Project

  Invite to Bid
Existing Projects

Display Name: rahmatnurfauzi
User Name: rahmatnurfauzi
Account Type: Personal Account
Date Registered: 09/12/2016 14:04:46 WIB
Provinsi: DKI Jakarta
Kabupaten: Kota Jakarta Barat
Website: https://linkedin.com/in/rahmatnurfauzi
Online Hours: 1.41
Projects Completed: 0
Current Projects: 0
Last Seen: 09/12/2016 16:22:29 WIB

Ratings & Rankings

As Worker
0 Point
No Ranking
0 Projects
As Owner
0 Point
No Ranking
0 Projects
As Seller
0 Point
No Ranking
0 Sales
As Affiliate
0 Point
No Ranking
0 Users



Web Application Penetration Testing

Rp 6,000,000     
0.00/10.00 0

Web Application Penetration Testing services are derived from the the Open Web Application Security Project (OWASP) and heavily augmented by Real Time Dynamic Testing. OWASP is the de facto standard for designing and testing secure web applications. Netragard focuses on key areas of OWASP that include but are not limited to the following: A1 Injection Can we send malicious code/scripts to the system? A2 Broken Authentication and Session Management Secure authentication is hard. Can we exploit parts of the app, like: Logout, password management, timeouts, remember me, secret questions, account update, etc...

Total Rows: 1 ‐ Showing Page 1 of 1




No record found.





No record found.





No record found.





No record found.




Anda harus login terlebih dahulu untuk melihat data ini.

You must login first to see this data.