Stella Operations.
We provide expert penetration tests, AI & Web3 Assessment, online training and we ♥ CVE research.
Pentest & Code Review
Penetration Testing and Security Assessment Services
We identify security vulnerabilities in web applications, web services, APIs, mobile applications (Android & iOS), Internet of Things (IoT) software, AI/ML integrations, and Web3 applications. Our comprehensive security assessments include threat modeling, architectural reviews, penetration testing, source code review, and ongoing security research.
- WEB
- Web service/App
- Scope: Web Services, APIs & Servers
- Duration: 2-7 weeks
- Standards: OWASP Web, SANS 25
- Report: PDF Report
- Retest: Included
- MOBILE
- Android/iOS app
- Scope: Android, iOS & Web APIs
- Duration: 3-7 weeks
- Standards: OWASP Mobile, MSTG
- Report: PDF Report
- Retest: Included
- AI/ML
- AI Integrations
- Scope: LLM integrations, AI-powered applications
- Duration: 3-6 weeks
- Standards: NIST AI RMF, OWASP for LLM
- Report: PDF Report
- Retest: Included
Services we offer
- Web Application Pentest & Security Assessment
- Mobile Application Pentest & Security Assessment
- AI / ML Security Assessment
- Standalone Networks and Active Directory Security Assessment
- Secure Code Review & Threat modelling
Pentest-as-a-Service
On-demand penetration testing through a mix of automation and expert validation.
PtaaS provides recurring assessments, and seamless integration into your dev workflows
- START UP
- $ 2999.99 / month
- 1 Web/Mobile Application in Scope
- Vulnerability Scans (Monthly)
- Monthly Manual Pentests (8 hours)
- 1 Free Retest per Month
- Email Support (Work Hours)
- ENTERPRISE
- $ 6999.99 / month
- Up to 3 Web/Mobile/API Applications in scope
- Vulnerability Scans (Weekly)
- Bi-Monthly Manual Pentests (16 hours)
- Vulnerability Dashboard
- Priority Support
- INDUSTRY
- $ 10999.99 / month
- Unlimited* Applications in Scope
- Vulnerability Scans (Daily)
- Monthly Manual Pentests (40+ hours)
- Ticketing Integration
- 24/7 Support
Security Training
Deep technical application security trainings.
We provide specialized 1-on-1 online training in Penetration Testing. Our sessions are fully interactive bundled with several hands-on lab, focused on practical skills in network security, application security, AI security, and Active Directory security. Each training is personalized to the learner’s pace and objectives, visit our security education portal
Security Research
Latest advisories and research from Stella Operations.
- Using DLL reflection with Powershell inMemory execution for Redteam
- Protecting your privacy on Android
- C# -> JScript + HTML Smug RatAttack
- Bypassing User Access Control with Fodhelper
- Rise in Malicious ChatBots - A banks casestudy
- Customizing a Shellcode runner with an AMSI bypass
- C# Shellcode runner + Process hollowing for session migration
