Ethical Hacker Ethical Hacker / Web Application Reverse Engineer

We are looking for a highly skilled ethical hacker with a reverse-engineering mindset to join our team and help strengthen the authentication and session stability of our SaaS platform Spybox.

What is Spybox?
Spybox is a Chromium-based custom browser that provides our subscribers with one-click access to a wide range of paid tools (Ecom, AI, Adspy, etc.) through a group-buy model. Instead of having dozens of individual subscriptions, our users access these tools seamlessly via shared sessions and token injections (cookies, localStorage, IndexedDB, etc.).

Your Mission:
You will be in charge of investigating and stabilizing access to tools that currently have issues — frequent logouts, multi-account detection, unusual activity flags, or unstable sessions.

You will:

- Analyze authentication mechanisms of problematic web apps

- Monitor and inspect network requests, websockets, token lifecycles, and client-side logic

- Identify and extract critical session data (cookies, tokens, credentials, etc.)

- Reverse engineer protections to understand logout triggers

- Adapt authentication flows to work smoothly within our custom browser

- Help ensure that our shared session setup remains stable and stealthy

This is a non-conventional role, ideal for someone passionate about digging into the internals of web apps, bypassing limitations, and making things work even when “it shouldn't.”

Required Skills:

- Strong experience with browser dev tools (network tab, application tab)

- Deep understanding of cookies, localStorage, IndexedDB, and token/session handling

- Familiarity with web protocols (HTTP, websockets, etc.)

- JavaScript debugging and reverse engineering

- Optional but appreciated: experience with browser automation (Puppeteer, Playwright), security testing tools (Burp Suite), or similar

You’ll be working directly with the founder, and your insights will directly impact thousands of users.