Test d'intrusion Jobs

I need an experienced ethical hacker to assess the security of my production web application. The platform handles login credentials—users sign in with their mobile number and password—so I want to be absolutely certain this flow cannot be abused. Scope • Run a full penetration test coupled with an automated and manual vulnerability scan. • Focus especially on authentication, session management, and any area where those credentials travel or are stored. Deliverables - A clear, step-by-step report detailing every finding, severity rating, and proof-of-concept where exploitation is possible. - Practical remediation advice I can hand straight to my development team. - A concise executive summary of overall risk. All testing must respect live-traffic uptime, ...

My customer-facing web applications need a fully-fledged bug bounty program that starts with a professional security assessment. The focus is pure CyberSecurity: map the current attack surface, uncover vulnerabilities, and shape a disclosure workflow that rewards researchers responsibly. You will first perform a thorough security assessment on the live web apps, documenting every finding with severity, reproducible steps, and clear remediation advice. From those results, design the bounty structure (scope wording, reward tiers, triage flow, and response SLAs) so it can be published on platforms such as HackerOne or Bugcrowd. Deliverables • Comprehensive assessment report (OWASP Top 10 coverage, business-logic flaws, misconfigurations, etc.) • Drafted public program brief, inc...

I’m looking for an experienced cybersecurity consultant who can step into my ongoing technology-sector client engagements and add immediate value. The work revolves around helping mid-size SaaS and platform companies identify risks, tighten controls, and document clear remediation roadmaps. You’ll collaborate directly with end-clients, so strong communication skills and the ability to translate technical findings into business language are essential. Day-to-day tasks may include vulnerability reviews, policy gap analysis, incident-response planning, and presenting recommendations to C-level stakeholders. Familiarity with frameworks such as NIST CSF, ISO 27001, and CIS Controls will be handy, though I’m open to whichever methodology best fits each client’s environme...

I am looking for an experienced reverse engineer or mobile security specialist to help analyze the network communication of an Android application. The application currently implements SSL certificate pinning, which prevents traffic inspection using standard interception tools (such as proxies). Because of this, I cannot capture the login requests and related API communication. Project Goals: Perform reverse engineering of the Android APK. Identify and bypass the SSL pinning protection implemented in the app. Enable traffic inspection so the login requests can be captured and analyzed. Document the login request structure and related API endpoints. Help replicate the login request programmatically using either: Node.js, or Python The final goal is to understand how the login API ...

I need an experienced security engineer to harden our multi-tenant SaaS product, prepare us for HIPAA and SOC 2 Type II audits, and stay on call for incident response. The stack runs primarily on AWS, Azure or GCP, with containerised workloads orchestrated by Kubernetes. Day-to-day you will probe our web apps and APIs with Burp Suite and OWASP ZAP, script automation in Bash, and guide the team as we fold security controls into an established Git-based CI/CD pipeline. Key objectives • Run a full penetration test against the platform, documenting exploitable findings against the OWASP Top 10 and cloud-specific misconfigurations. • Configure vulnerability scanning (Nessus, Snyk, Trivy) and wire SAST, DAST and dependency checks into our build pipelines. • Implement and v...

I have a small office network—fewer than twenty endpoints—that I want thoroughly examined for weaknesses. The immediate focus is a vulnerability assessment combined with a full network-security audit. Pen-testing isn’t required right now, but I would like the audit to be detailed enough that we could progress smoothly to active exploitation tests later if needed. Scope – Map every device and service, then scan using industry-standard tools such as Nmap, Nessus or OpenVAS. – Analyse configurations (firewall rules, router settings, shared resources, OS hardening) and identify misconfigurations or outdated software. – Provide a clear, prioritized remediation plan. Critical issues first, followed by medium and low-risk findings. – Conclude wit...

I have a single hash that was exported from a password manager. I’m unsure of the exact algorithm it uses—only that it originates from that application—so step one will be identifying the hash type, then recovering the underlying plaintext. Everything needs to run smoothly on a Linux machine, so please rely on tools that work natively there (Hashcat, John the Ripper, or similar). What I need from you • Perform the crack / decryption and provide the recovered string in clear text. • Supply a brief write-up or script so I can reproduce the process on my own Linux box if ever needed again. I’ll test the result on delivery by feeding the plaintext back into the manager and confirming the match, so accuracy is critical. Let me know which tools you intend ...

Project Title: Web Security Audit & Penetration Testing for Marketplace Website Description: We are preparing to launch a new online marketplace platform and are looking for an experienced web security specialist to perform a full security review of the site. The goal is to identify any vulnerabilities and ensure the platform is secure before public launch. Scope of work: • Perform a full security audit of the web application • Conduct penetration testing to identify vulnerabilities • Review authentication, API security, and database access • Check for common vulnerabilities (OWASP Top 10) • Identify potential risks in front-end and back-end architecture • Provide a clear report outlining vulnerabilities and recommended fixes Important: • You must hav...

Our ads are being removed. I need someone who can find a solution to this bot attack problem.

Scenario Background: The scenario assumes that you are working as a security expert for a fictional company, Acme Coffee Company. The company includes several roles, including Bruno (CEO), Spike (Vice President of Sales), Eilik and Eilika (Sales), Loki (System Administrator), and Avery (Marketing). Loki has built a new company server, and Bruno has hired you to conduct a comprehensive security analysis and assessment of that server and submit a complete report. The final report should include your findings, techniques, graphics, and methodology, along with recommendations for improving any security issues identified. Video Overview: The instructor explains that the final project will provide a target machine personally built by the instructor to represent the Acme company environment. Yo...

I am ready to put my in-house web application through a thorough white-box penetration test and need a seasoned ethical hacker to run point. Because I can supply source code, architecture docs, and admin-level credentials, you will have full visibility to explore logic flaws, insecure configurations, and anything else that could turn into a real-world exploit. A key requirement is prior experience registering newly discovered vulnerabilities in official government vulnerability databases or repositories; I will rely on you not only to uncover issues but also to craft the correct disclosure package so the finding can be submitted and tracked according to policy. Scope • Inspect the entire codebase, APIs, and third-party integrations. • Execute manual and automated testing us...

TÉRMINOS DE REFERENCIA Servicio de Análisis de Vulnerabilidades y Pruebas de Intrusión para Infraestructura Tecnológica 1. OBJETIVO DE LA CONTRATACIÓN Contratar un servicio especializado de Análisis de Vulnerabilidades y Pruebas de Intrusión que permita evaluar el nivel de seguridad en: • Defensa perimetral • Redes internas • Sistemas operativos • Aplicaciones web publicadas • Aplicaciones móviles • Sistemas de información y equipos de comunicación 2. PLAZO DE PRESTACIÓN DEL SERVICIO El servicio deberá ejecutarse en un plazo máximo de 45 días calendario. 3. DESCRIPCIÓN DEL SERVICIO Actividades • Evaluar el nivel de seguridad en aplicaciones web, activo...

I will perform a professional security scan of your website using Kali Linux tools. The service includes a detailed PDF report highlighting vulnerabilities and practical solutions to improve your website security. Fast and reliable service guaranteed. Suitable for WordPress and custom websites. أقوم بإجراء فحص أمني احترافي لموقعك باستخدام أدوات Kali Linux. الخدمة تشمل تقرير PDF مفصل يوضح الثغرات والحلول العملية لتحسين أمان الموقع. خدمة سريعة وموثوقة. مناسبة لمواقع WordPress والمواقع المخصصة

Hace unos días mi tienda en línea fue infectada por un virus malicioso. Desde entonces sufro redirecciones indeseadas y un rendimiento cada vez más lento. Busco a alguien de habla hispana con experiencia demostrable eliminando malware “invisible” en sitios de comercio electrónico. Lo que necesito que hagas: • Realizar un escaneo completo para localizar todos los archivos o scripts infectados. • Eliminar por completo el malware sin interrumpir las ventas ni perder datos. • Reforzar la seguridad (firewalls, permisos, actualizaciones, copias de seguridad) para evitar futuras infecciones. • Restaurar la velocidad normal de carga y verificar que no queden redirecciones. • Entregarme un informe final con los archivos m...

I’m looking for an experienced security tester to run a full-scale penetration test on my web application stack. Web security is the only focus here, so please come prepared with a proven methodology that aligns with OWASP-Top-10 practices and the latest exploits in mind. Scope • Map and enumerate the application, then attempt to exploit any weakness you find—authentication, sessions, input validation, business logic, configuration, the works. • Produce a concise, evidence-based report that ranks each finding by risk, explains impact, and includes clear remediation steps my dev team can action immediately. • A short retest is expected once fixes are applied. Tools you’re comfortable with matter to me. If Burp Suite Pro, OWASP ZAP, Metasploit, Nessus...

My site already runs through Cloudflare and basic protection is in place, yet I know the platform can do much more for security. I want a seasoned Cloudflare specialist to go through my current setup, tighten every loose end, and leave me with a hardened configuration I can trust. Scope of work • Firewall rules – Review what I have, remove redundancies, and add precise allow/deny rules and rate limits that match real-world traffic patterns without blocking legitimate users. • SSL/TLS – Move the zone to the most secure Full (Strict) mode, renew or generate any required origin certificates, enforce HSTS and secure ciphers, and confirm end-to-end encryption is flawless. • Bot management – Configure Bot Fight Mode and related features so genuine traffic ...

We are a new SaaS startup looking for a rigorous security specialist to perform a **comprehensive end-to-end security audit**. Our mobile app (iOS & Android) is our core product and requires deep-dive scrutiny, while our landing pages and staff admin panel need a focused vulnerability assessment to ensure total ecosystem integrity. ### **The Scope of Work** We need more than a generic automated scan; we require a blend of manual penetration testing and structured configuration review. * **Mobile App (Deep Dive):** Comprehensive testing based on the **OWASP Mobile Application Security (MAS)** framework. This includes binary analysis, session management, local data storage security, and API communication. * **Web & Admin Panel:** Vulnerability assessment of the staff-facing das...