She doesn’t look like one of us, but she definitely is.
We analyze, we don’t assume
We show, we don’t tell
We fix stuff, we don’t break it
We appreciate the reward, we don’t demand it
WebSafety Ninja is a Netherlands-based team of dedicated ethical security researchers. We’re a bunch of geeks who believe in an ethical and transparent approach to cybersecurity. We do continuous unintrusive security research on the internet and notify site owners whenever we find any suspicious stuff or vulnerabilities.
Also, we do security audits, penetration tests, security consulting, and participate in bug bounty
Websafety Ninja helpfully identified an internal configuration infoleak issue with one of Rapid7's web assets, which we were able to quickly confirm and remediate thanks to his report.
Cyber Security Engineer, Rackspace Technology
Websafety Ninja responsibly disclosed a vulnerability to our security team through the Rackspace Security Vulnerability Reporting mechanism. Write up was clear and concise and he was professional throughout the information exchange.
SEO / Digital Marketing Manager, Chopni.com
Websafety Ninja helpfully identified a security issue on our website and we really appreciate them bringing it to our attention in his report and sharing with us the possible solutions. It was a pleasure to communicate with Maksym as he was very helpful and understanding, We are very greatful for his professional and ethical attitude.
Project Manager, Emorphis Technologies
Yes, he is really a Ninja and expert in identifying and resolving the security threats. He helped organizations in managing their products in secured way. He has keen interest in researching things and providing robust secured solution. Good work Maksym, Keep it up! :)
Founder, Lead Project Manager, Software System Designer and Solution Architect, Intelligent Profit Solutions
Websafety Ninja has the best intentions and always looking for the ways to help. They have provided great assistance with the security to one of our project. I’m looking forward to working with Websafety Ninja in the future.
Senior Director Information Technology, MaxSold
We are a fast growing company and focus on our IT Security all the time. Websafety Ninja still found a potential issue and were very professional in their advice. We made the adjustments thanks to Websafety Ninja!
Director Of Engineering, Ceros
Websafety Ninja identified a security issue on a site we host and notified us rather than trying to find a way to exploit it. They provided a very detailed description of the issue along with his recommendations for remediation, which were exactly what I would've recommended doing. I'd recommend Websafety Ninja for anybody looking for a security researcher.
Emailed me out of the blue with a security concern for a site I was working on. You and I are lucky to get a message from Websafety Ninja, because malicious people have access to the same information they're generously sharing.
"TitleTechnology Expert & Internal IT Manager", Savaco
Websafety Ninja spontaneously showed us that the security of our website could be improved. We took their suggestions serious and made the changes. Thanks for being a white hat!
Director, Airinme Limited - Multiprice.com
Websafety Ninja approached me on Linkedin offering help with our portal security. I was very impressed with Tanya and her team's efforts to identify vulnerabilities and critical gaps in our UGC (with customer data) site. In this GDPR era it is vital to be one step ahead - thanks to Tanya we have been able to do so. Much appreciated the transparent approach and guidance from start to end. Would happily work together again.
K B Shiv Kumar
Co-Founder and CTO, IndiQus Technologies
Maksym from Websafety Ninja, helped identify a security issue with our hosting. An ethical hacker with integrity. Worth considering.
Chief Executive Officer, AIRO Ltd
Websafety Ninja identified a medium level security problem in our website infrastructure, and suggested a solution to fix it. Their responsible & timely disclosure was greatly appreciated.
Founder and CEO, HACERA
Thank you Maksym for being such a proactive Security Ninja, literally. HACERA, the Unbounded Network team, and even the MiPasa board are super grateful!
I was impressed about Websafety Ninja's instinct on detecting web application vulnerabilities
Digital Marketing Project Manager, OSD Digital Agency
I'd like to thank Websafety Ninja for their support in fixing some vulnerabilities on one of our projects. A positive and professional attutude.
Carlos Ballester Lafuente
Technical Project Manager, Center for Digital Trust
Maksym from Websafety Ninja approached us in LinkedIn to share certain vulnerabilities he had found in our server due to a wrong Apache configuration. He has been extremely professional on his approach and very helpful, and I would highly recommend him should you have some IT security needs to be taken care of.
Co-Founder, LeafTech GmbH
Websafety Ninja identified certain vulnerabilities in our website, and generously shared them with us, alongside with possible solutions. We are very thankful!
Cofounder & CEO, Jatri
Maksym from Websafety Ninja has very strong skills which were crucial for efficient progress.He approached us with a potential website related security issue recently and contacted via linkedin and point out on incorrect apache configuration. I would warmly recommend him for any future security research needs.
José Manuel Jiménez Marín
CEO and Founder, Webdox Legal
Websafety Ninja identified and responsibly disclosed a potential security issue on our commercial website. With their report, we were able to remediate it. Communication with Websafety Ninja and the quality of the report was at a high professional level.
"DevOps Architect", Xpanxion
Maksym from Websafety Ninja was professional and thorough. He gave very in-depth and thoughtful report of vulnerabilities found. Maksym was discreet and helpful. I appreciate him bringing the issues to our attention.
"Scrum Master (IT Project Manager)", PCH International
Websafety Ninja came across one of our sites and found a few vulnerabilities. Good work!
QA Automation, Ascensio System SIA
Maksym from Websafety Ninja contacted our team via email and linkedin and point out on incorrect apache configuration, which allow public access to private data. Maksym describe problem in great detail and advise for possible solution (which I used) Discussing this problem with Maksym was great experience.
Maksym from Websafety Ninja approached us with a potential website related security issue recently. He notified us in good faith instead of trying to exploit it. With his help we put in remedial steps and resolved the issue. Communication with Maksym was very easy and professional throughout the process. We would not hesitate to recommend Maksym for anyone with future security research needs.
Pankaj Kumar Sharma
Co-founder and VP Engineering, Staqu Technologies
Maksym from Websafety Ninja is an extremely professional individual in the Ethical Hacking domain and had helped us identify some of the hidden issues and we would be glad to work with him in the future to enhance the security of our systems.
Head Of Engineering, Spriggy
Maksym from Websafety Ninja identified a security vulnerability in our website and approached us about it. He was very professional, ethical and gave good advice to address the issue. I would recommend him to anybody looking for a security researcher.
Technical Specialist, ZSC
Working with Maksym from Websafety Ninja proved to be extermely usefull, not only does he have extensive knowledge of web security, he can also find out the best way to protect our applications on different layers. He is a very critical thinker and shared his understanding of what needs to be done. I would love to work with Maksym in future projects and his service was the most valuable money investment."
"CMO", Bookclub Family Leisure Club
Maksym from Websafety Ninja discovered several significant vulnerabilities in our project, acting in according to ethical principles, demonstrating a deep understanding of the web protocols as well as protection measures. It worth to mention his enthusiasm, problem-solving mindset on the technical side, as well as clarity and concision on the communication side."
Maksym was very helpful in penetration tests our systems. He find some hidden problems and we could force our security. I was very happy to work with him and hope that I will use his help again.
informatyk , Lentex S.A.
Websafety Ninja are professionals. They found security flaws in our company's website posted by an external company and submitted a precise report that could be verified. Top-class specialists.
Head Of Technology, bidolubaski.com
Websafety Ninja detected security issue on our subsite and suggested a fix. At the top of our list. Professional and honest. Thank you!
Co-Founder and CTO, Formaloo
Websafety Ninja helped our business by identifying a potential security issue on one of our servers, and gave us a detailed report on the issue. Thanks to Websafety Ninja, we could solve the issue before it becoming a serious problem for us.
Développeur Full Stack, KPulse
Websafety Ninja discovered a security issue on one of the websites i'm working on and generously shared with me some fixes. Thanks for your help!
Founder & CEO, AMIQ EDA
Websafety Ninja detected security issue on our website and recommended fix. Very professional, transparent and honest. Thank you!
Edward Russell Gutierrez
"Head Of Engineering", PouchNATION
Websafety Ninja detected a security issue in one of our websites. They are very professional and kind. Wouldn't mind working with them in the future.
Frontend developer, MYMENU.PL
Websafety Ninja detected security issue on our website and recommended fix. Profesional, kind and unexpected help. Thank you! :)
Gene Goykhman, President, Indigo Technologies
Websafety Ninja's report was accurate and comprehensive, and she led us in exactly the right direction to resolve the identified issues. I appreciate working with a courteous, responsive professionals like them.
Co-Founder & Director, Shoptimised
Websafety Ninja was very professional, transparent and honest while helping us to detect any issues with our wordpress site. Thanks Websafety Ninja!
Dr. Feliks Kravets
Websafety Ninja provided us with full information on what needs to be be done to improve with portal information security. It was great, unexpected and very beneficial. We appreciate it. Great job. Recommend.
Deliverability & SysAdmin, E-goi
Websafety Ninja reported to us and helped us identify a critical security flaw of utmost importance. Easy to communicate with and we would love to work with them again.
Websafety Ninja provided a detailed breakdown of vulnerabilities for our platform, which were quickly verified and addressed. The advice was much appreciated and I would have no hesitation in recommending WebSafety Ninja to prospective clients.
CEO and founder, ChatbotsBuilder
Extremely knowledgeable and with a great sense of ethic, they are true web and digital security ninjas!
"CEO and Founder", PlagScan
Thanks for your help, Websafety Ninja! They have shown great competence and professionalism. A pleasure doing business with you and keep up the good work!
President & CEO, Cyfrowy Polsat
Websafety Ninja has provided our company with an analytic report outlining and pointing us out to some cyber security risks. Their report was accurate by all accounts and helped our people to address these issues. Thank you again Websafety Ninja
Vice-Président en assurance Qualité, Analyste fonctionnel, Actionnaire, ConstructBuy
Thanks Websafety Ninja for the safety tips Pierre Durand
Senior Backend Developer, Kiwi.com
Thank you Websafety Ninja for reporting us vulnerabilities of our website. The report was detailed and easy to understand, and helped us to quickly fix the vulnerabilities.
Dirigeant cofondateur, Lili smart
Websafety Ninja did a great job providing us a comprehensible and detailed security report. I thanks them and warmly recommend them.
If you're seeking to improve your cyber security Tanya from Websafety Ninja is a great person you'd like to contact. She scanned our sites and offered a detailed report on the vulnerabilities and potential solutions. Hope you can benefit from their work.
, Cu.be Solutions
Websafety Ninja identified issues in one of our setups and reported it immediately, with proper documentation and details on how they discovered it and how it could lead to further issues. I definitely recommend hiring them for pentesting and white hat projects. People like them are hard to find !
Websafety Ninja helped us by scanning potential security issues on our Wordpress site. They did a great job sending us a very detailed report that helped us to strengthen our website. Highly recommended.
Founder and CEO, Robobo Inc
Founder and CEO Websafety Ninja identified and recommended on a potential security issues identified on one of our systems and pointed out great recommendation. Many thanks and highly recommended.
Software Developer, Blue Tomato GmbH
Websafety Ninja sent me a message about a security problem on our website. Thanks to Websafety Ninja's detailed report we were able to fix the problem quickly. Great work from them.
Websafety Ninja contacted us about a security hole in our web architecture. Theyn communicated clearly and quickly and were overall very helpful. I appreciate working with Websafety Ninja.
Senior Systems Architect, Nerim
Websafety Ninja approached me with information about some possible security risks. They produced a very accurate report that was describing the exposure, why, and what to do. Thanks for your transparency and professionalism. It was really a pleasure de work with you.
"Cadre technique et pedagogique", 42
Thanks you Websafety Ninja for helping me to resolved a problem :) You were professional, and described the solution very well.
CTO, KONA Tech
Software Manager, IDEA commerce solutions
I had the opportunity to work with Maksym from Websafety Ninja and he is a professional. I recommend.
Francisco Marasco Quiroga
Maksym from Websafety Ninja did a good super security report to my company as a professional guy. Thanks!
Senior Business Systems Programmer, Grupa Archicom
Very helpful and moral person. Maksym from Websafety Ninja helped our company to identify problems with our site, and as a true white hat he just send us information that helped us prevent security breach. Thank you very much Maksym.
Frontend Developer, HashMicro
Websafety Ninja found potential issue on our website and recommend fix in professional way. Thanks to Websafety Ninja!
Directeur des opérations, Synapse Développement
Tanya nous a gracieusement reporté une faille de sécurité sur l'un de nos serveurs, avec les détails associés et des recommandations précises pour la corriger. Grace à ces conseils, la faille a pu être corrigée rapidement et la sécurité de notre serveur renforcée.
Founder & CEO, SeekStorm
Websafety Ninja were very professional and helpful while detecting a security issue and recommending a solution.
Lead Engineer, Cloud Energy
Websafety Ninja identified gave me a detailed report of our WordPress website security issues. Really appreciate the way they help us by following ethical hacking principles.
Karen Ranero Quintana
Project & Account Manager, Wattio
Thank you Websafety Ninja for the report and your security advice!
Founder, Zaxe 3D Printing Technologies
Many thanks for the security advice, Websafety Ninja.
Our Clients Trust Us
Seriously, Click on logo to see Hall of Fame records
Are you hackers?
Yes, we are. The good ones.
Good hackers like us are called ‘white hats’ or ‘ethical hackers’. Just as the bad guys, we’re looking for the vulnerabilities, but only to report them to the owners of the vulnerable web assets.
We never access files with sensitive information (even when we can), nor do we collect any non-public data. Our job is to identify the vulnerability, report it discreetly and make sure that the company or individual is aware of the issue. We never exploit the issues we find.
Are you gonna hack or blackmail me?
You reported a vulnerability. Do I have to pay you now?
You don’t. Usually, in cases like this, good people reward us with a bounty as a sign of their appreciation of our effort and to support our cause. But whether the reward should be paid or not, is totally up to you. The amount of the reward is also determined by the company or the individual whom we reported the vulnerability to.
Why are you reporting the vulnerabilities?
For a number of reasons.
First of all, we sincerely believe that our work makes the Internet a safer place for everyone. It’s really important for us to realize that we’re doing the right thing every day.
Secondly, this is our way to say hello and get acquainted with you. Unlike most companies, here at WebSafety Ninja we prefer to invest into bringing value to our (potential) customers right from the first encounter, rather than wasting time and money on creating empty marketing slogans or advertising all over the internet.
And yeah, there’s money. A lot of companies and individuals consider our cause a noble one, and reward our effort with a bounty (*tips hat* many thanks to y'all for doing so).
Are you legit?
Pretty much. We have a legal entity in the Netherlands (see footer).
We pay taxes.
We play by the rules.
We hate pizza with pineapples.
Are you real people?
Sure we are. You can check out our LinkedIn profiles.
Feel free to contact any of us via LinkedIn or set up a call with us if you have any questions or just want to say hi (we’ll turn our web cameras on so that you can see us).
Alternatively, you can meet the founder in person, if you’re somewhere near the Netherlands.
Just don’t forget to let him know beforehand.
Where are you from?
Our legal entity is registered in the Netherlands, where the founder of the company resides.
We don’t have a physical office, though — we’re distributed all over Europe and work remotely.
The people on our team are from Ukraine, the Netherlands, Belgium, and Luxembourg.
What other services do you provide?
Apart from researching the vulnerabilities to report and taking part in bug bounty programs we provide a number of cybersecurity services.
Security audit. When someone wants to ensure the security of their assets, they hire us to revise said assets. We discuss the scope, the client grants us access to all necessary parts of the infrastructure, and we do our magic. As a result, the client receives a comprehensive report with all the issues that we find, remediation instructions, general recommendations and business summary.
Penetration testing. Very similar to the security audit, yet a bit different. After discussing the scope, the client grants us permission to simulate an attack on their assets. In this case we try to break in, just like real criminals would. This type of service may include not only looking for exploitable technical issues in order to get into the system (or shut it down), but also social engineering, etc. — everything the bad guys would try. Just like in the previous case, in the end our client receives a comprehensive report with all the issues that we find, remediation instructions, general recommendations and business summary.
Security consulting. Speaks for itself. We’re the superheroes that people call when they need external security expertise.
How can I understand how much time you need for the task that I have for you?
It’s impossible to estimate before learning the details of your infrastructure, the scope of the task, the requirements, etc. Usually we discuss the budget with the client before signing the contract.
Sometimes we finish the work within less time than our customer granted us budget for. In these cases we charge only for the time we actually spent working on the task.
Of course, we can always start with a small budget (e.g. 10 hours), so that you can see our deliverables. If we realize that we need more time, we will include this into our recommendations.
If you want to discuss your project with us, please set up a call using this link. Don’t worry, this is free of charge.
We have an internal security expert (or even an entire department) in our company. Why do we need you?
Any cybersecurity expert knows that it’s impossible to be 100% safe and secure.
Even if you have the best experts working for you, there are vulnerabilities that are a lot easier to discover with a fresh glance from beyond.
As you are reading this, your expert missed one.
And we’re providing you a chance to learn from that.