Willow Tree Security · Penetration Testing

Understand your security
before someone else does.

Willow Tree Security helps small businesses, startups, and local teams find and fix the weaknesses in their networks and web apps — with thorough, hands-on testing and reports written in plain English.

What I do

Two focused services, done well.

I keep the offering deliberately narrow so each engagement gets real depth. Both services follow the same simple path: scope it together, test it thoroughly, and hand you a report you can actually act on.

Network Penetration Testing

I probe your servers, devices, and internal or external networks the way a real attacker would — surfacing weak credentials, misconfigurations, and exposed services before they turn into a breach. You get a clear picture of what's reachable, what's at risk, and exactly how to close the gaps.

Web Application Penetration Testing

Your website and web apps are where customers place their trust. I test them against the OWASP Top 10 and beyond — authentication flaws, injection, broken access control, and the logic bugs scanners miss — so the platform you've built stays trustworthy.

Building toward other areas of security over time — if you have a need that's close to this, just ask.

How it works

A clear process, start to finish.

No surprises and no scare tactics. You'll always know what I'm doing, why it matters, and what to do next.

  1. 01

    Scope & agree

    We define what's in scope, set rules of engagement in writing, and agree on timing — so testing never disrupts your business.

  2. 02

    Test hands-on

    I work through a structured methodology (PTES & OWASP), combining trusted tooling with manual testing to find the issues automation alone misses.

  3. 03

    Report clearly

    You get a report with a plain-English summary for decision-makers and the technical detail your developers need — every finding rated by severity with practical remediation steps.

  4. 04

    Retest & confirm

    Once you've made fixes, I verify them at no extra cost — so you know the problem is actually closed, not just documented.

About

Hi, I'm Victor.

I'm the founder and principal consultant at Willow Tree Security. I started this practice to give small and growing businesses the kind of honest, careful security testing that's usually reserved for large companies — without the jargon, the upselling, or the faceless-vendor experience. When you work with Willow Tree, you work directly with me.

I hold a B.S. in Computer Science and I'm completing my Master's in Cybersecurity, both at Tufts University. My focus is network and web application penetration testing, and I'm always sharpening my craft through hands-on labs and continued certification.

  • Cert PJPT — Practical Junior Penetration Tester
  • Cert CompTIA Security+ (in progress)
  • Edu B.S. Computer Science, Tufts University
  • Edu M.S. Cybersecurity, Tufts University (in progress)

Get in touch

Let's talk about your security.

Whether you're standing up your first website or you've outgrown "we'll deal with security later," I'm happy to talk it through — no pressure, no jargon.

vsalc@willowtreesecurity.com