I operate a live online betting platform and want a qualified ethical hacker to run a full-scale penetration test against the public-facing web application. The priority is website & application-level weaknesses, so I expect you to probe everything users can touch: signup, log-in, wallets, odds display, live bets, admin panels behind authentication—every feature that might be exploited. Please include the usual suspects—SQL injection, XSS, CSRF, IDOR, authentication bypass, file upload issues, business-logic flaws—essentially the OWASP Top 10 and anything else you uncover during your manual and automated reconnaissance. Black-box testing is preferred at first; if you later need limited credentials for deeper inspection we can arrange that. Deliverables I need: • A concise executive summary highlighting critical findings • A detailed technical report for each vulnerability with PoC screenshots or scripts, severity rating, and clear remediation steps • A follow-up verification test after fixes are applied All testing must be non-destructive and scheduled so it never impacts active bettors. Please outline your methodology, toolset (Burp Suite, OWASP ZAP, custom scripts, etc.), and the estimated timeline in your proposal.