Greetings,
This is CJ, I have read and understand your requirements.
I wanted to mention that I have performed PEN testing extensively in many of my projects I worked on. I have used FIDDLER to identify security threats.
I have performed manual ethical hack on web applications assessing the overall security posture of applications from an uninformed attacker(black box) perspective.
I can identify threats like Clickjacking, CORS, Forced browsing, SQL Injection, XSS attacks, CSRF, Horizontal Privilege Escalation, Verbose Banner, Verbose error message and more.
If given a chance I could provide you the report of origin of security threats and possible remediation. Rest, if you share your specification document, I will be happy to submit a detailed statement of work. My Skype Id is dotnetintellect
Lastly I am not from London. However, if you provide me the opportunity to work, I can confirm that location wouldn't be constraint in meeting any milestones.
Looking forward to a prompt response
Yours sincerely
CJ