Cian G
-
Successful Projects0
-
Services Delivered1
-
Completed Services2
-
Services Pending0
Freelancer Information
Reverse engineer. Runtime debugger. Mobile security obsessive.
I’m Cian Gallagher - a mobile application security specialist based in Dublin, Ireland. With over six years of hands-on offensive security experience, I focus exclusively on dissecting and securing mobile applications for iOS and Android platforms. My work goes far beyond surface-level scans or basic pen testing.
Where others rely on automated tools, I dive deep into the mobile app’s internals: decompiling APKs, examining Swift and Objective-C binaries, and testing runtime behavior with advanced tooling. From Frida and Objection to Burp Suite Mobile Assistant and custom scripts, I leverage a full toolkit to mimic real-world attacker tactics; exposing flaws others often miss.
Whether you're a scaling startup about to raise funding or a regulated fintech preparing for audit, I provide testing that’s:
- Manual-first and logic-aware: I identify insecure storage, broken authentication, exposed endpoints, and business logic flaws specific to your app’s flow — not just generic OWASP checks.
- End-to-end: I test your mobile client, backend API, authentication flows, and third-party dependencies to uncover chained vulnerabilities and edge-case issues.
- Compliance-aligned: Reports mapped to MASVS, OWASP Mobile Top 10, and tailored to meet ISO 27001, SOC 2, or investor diligence requirements.
Deliverables include:
- A clear, developer-readable PDF report with annotated findings, PoCs, and screenshots
- Executive summary for stakeholders (plain English, no jargon)
- Optional: live walkthrough call with your dev team
- Optional: post-remediation retest with updated report and validation
Past clients include digital banking platforms, health-tech apps with sensitive patient data, and SaaS products needing high-assurance security before launch. My goal is always the same: to help you find serious vulnerabilities before attackers or auditors do — and guide your team in fixing them fast.
If you’re serious about mobile security and want results that go beyond the obvious, let’s work together.
Note: I never take shortcuts. All work is performed with full confidentiality, ethical rigor, and clear communication. References available on request.
Freelancer Education
Graduated with First Class Honours • Focused thesis: “Reverse Engineering Android Applications for Vulnerability Discovery” • Specialized in mobile platform security, malware analysis, and application hardening techniques • Completed advanced modules in: • Mobile Application Security • Network Penetration Testing • Operating Systems Internals • Secure Software Development
Dissertation: “Bypassing Runtime Protections in iOS Applications: A Dynamic Analysis Approach” • Focus areas: • Advanced malware reverse engineering • iOS and Android kernel security • Threat hunting in mobile ecosystems • Secure DevOps and CI/CD pipeline hardening • Conducted research into zero-day detection techniques using Frida and LLDB • Collaborated with industry partners on real-world case studies (including bug bounty remediation strategies)
Work & Experience
• Conducted targeted application and infrastructure penetration tests for a global logistics platform migrating to multi-region AWS • Discovered critical flaws in: • Lambda function privilege boundaries and improper IAM trust relationships • Route53 takeover scenarios due to stale DNS records and orphaned subdomains • S3 CORS misconfigurations that enabled cross-origin credential exfiltration • Built a custom enumeration toolkit to support rapid recon in segmented environments using Go and Python • Provided executive briefings and threat modelling workshops post-engagement to embed security mindset within dev and ops teams • Received internal recognition for resolving an incident response simulation within 3 hours, mimicking ransomware propagation via lateral movement
Awards
-
TypeFreelancer
-
English LevelNative Or Bilingual
-
