FREE - Automated Vulnerability Scan - Low-hanging fruit by Dragos Moruz

FREE - Automated Vulnerability Scan - Low-hanging fruit

Dragos Moruz

Contact for pricing

About this service

Summary

As part of a free consultation, I offer a lightweight, non-intrusive vulnerability scan focused on identifying low-hanging security issues in your public-facing infrastructure or web applications. This demo helps you quickly understand your exposure and see the value of deeper security assessments before committing to a paid engagement.

Process

✅ Why Offer It for Free?

Security can be overwhelming—especially for small businesses or startups. I offer this free vulnerability scan to:

Build trust by showing real, immediate results

Let clients experience my process and reporting style

Help organizations take the first step toward improving security without budget concerns

Demonstrate how even basic checks can reveal serious risks

It’s not a full assessment—but it's a powerful starting point.

🔍 What’s Included

External vulnerability scan (limited scope) using industry-standard tools

Focus on common misconfigurations, outdated software, open ports, and exposed services

OWASP Top 10 checks for basic web application vulnerabilities (e.g., XSS, outdated libraries)

A brief risk summary report with prioritized findings and quick remediation tips

Optional 15-minute call to walk through the results and next steps

FAQs

Is this the same as a full vulnerability assessment?
No — this is a limited-scope scan designed to find easily discoverable issues and demonstrate how vulnerable systems can be, even with minimal access.
What do you scan exactly?
Only assets you approve (e.g., a domain, IP range, or staging web app). No intrusive or disruptive testing is done. You remain in full control of scope.
Why should I trust a free service?
I treat this like a real engagement—your data stays confidential, and you get a clear picture of your exposure. It’s a demo, not a gimmick.
What happens after the free scan?
You can walk away with your report—no strings attached. If you'd like to explore deeper assessments or ongoing services, we can discuss that separately.

What's included

Quick Risk Summary Report
A concise PDF report highlighting the most critical vulnerabilities detected during the scan, along with clear risk levels (e.g., High, Medium, Low) and descriptions.
Top Findings & Remediation Tips
A short list of the top 3–5 actionable issues—such as open ports, outdated software, or exposed admin panels—with simple, recommended fixes you can implement quickly.
OWASP Top 10 Web Scan Snapshot
If a web app is in scope, a snapshot of key OWASP Top 10 vulnerabilities (e.g., XSS, outdated libraries, missing security headers) identified in the application.
Optional Walkthrough Call (15 Minutes)
A free 1-on-1 call to explain the results, discuss the risks in context, and answer any questions—no sales pressure, just a helpful conversation.

Example projects

SDLC Security Integration and Review

Automated Vulnerability Scanning and Security Assessment

Comprehensive Penetration Testing Services

Recommendations

(5.0)

Stefan Cristescu • Verifone

Client • May 5, 2025

Recommended

Dragos was punctual and efficient from the start. Briefed just hours after our first contact, he was already testing the system. His structured, methodical approach was exactly what I needed under pressure. He spotted a subtle token reuse issue in an API flow that could’ve allowed unintended replays and proposed a clean, practical fix. I implemented it, and we were fully operational in three days. I recommend him to anyone needing top-tier, organized, hassle-free penetration testing.

Andreea Fiterău

Client • May 5, 2025

Recommended

Working with Dragos was an outstanding experience. His expertise in cybersecurity is matched only by his exceptional communication skills. He explained complex concepts in a way that was clear, practical, and easy to follow. I always felt informed and supported throughout the process. I highly recommend him—10/10!

Skills and tools

Cloud Security Engineer

Security Engineer

Security Manager