Back to portfolio
Payments & API
Stripe Payment Indonesia
Web, infra & API pentest
Nov 2024 - Apr 2025Security engagement
Overview
Full-stack penetration test for a payments integrator covering web app, supporting infrastructure and REST APIs.
Highlights
- Tested API authentication, rate limiting and idempotency controls.
- Reviewed infra exposure, secrets handling and CI/CD posture.
- Provided developer-grade remediation paths for each finding.
