Tunkeutumistestaus Jobs

I’m ready to bring in a security specialist to run a thorough, manual penetration test on my live e-commerce application. Automated scanners aren’t enough for this engagement—I need human-driven testing that uncovers real-world attack paths. Here’s what I’m looking for: • A full manual assessment covering all SQL Injection, Cross-site Scripting (XSS) and Cross-site Request Forgery (CSRF),Web Application Penetration Testing , Network Penetration Testing Services External or Internal, Web Services Testing, API Testing • Exploitation-level proof of concept for every confirmed issue, with clear, reproducible steps. • A concise risk-ranked report that separates critical, high, medium and low findings, followed by practical remediation advice writ...

We would like to find someone who is capable of making a ticket buying bot, to PREVENT tickets from being bought from. This is a protection and defensive upwork post. We are looking to block vulnerabilities in the website. Thank you, J

Project Description: I am looking for a Cybersecurity Specialist to perform a comprehensive security audit on a newly developed desktop application. The goal is to evaluate the robustness of the authentication framework and provide a risk assessment report. Scope of Work: Conduct a Vulnerability Assessment on the application's login and validation protocols. Test the integrity of the software's validation logic against unauthorized access. Evaluate the effectiveness of current obfuscation and anti-tamper measures. Provide a detailed report with recommendations for hardening the software and improving data protection. Requirements: Proven experience in Application Security Testing and OWASP standards. Strong background in binary analysis and software protection mechanisms...

I’ve built a custom web application and it’s almost ready for production. Before the public rollout, I want a rigorous penetration test that will expose any weakness and help tighten every layer of security. The assessment must be hands-on and realistic, covering the full stack rather than a purely theoretical review. Scope My priorities are clear: • Code review – comb through the source for injection points, authentication flaws, insecure dependencies, and logic errors. • Network-level probing – map open ports, misconfigured firewalls, and potential lateral-movement paths. • Server configuration – evaluate patch levels, TLS setup, permissions, and hardening of the underlying OS and web server. Primary Goal The sole purpose is to imp...

Cloud Security Specialist – Immediate Infrastructure Hardening (Short Term) Project Overview Duration: 3 to 5 days Location: Remote Start: Immediate A healthcare technology platform requires a Cloud Security Specialist to implement quick security improvements identified in a recent penetration assessment. This is a focused, short-term assignment aimed at reducing immediate attack surface exposure at the infrastructure layer. Scope of Work All listed tasks must be completed. 1. Server Version Disclosure Prevention Remove server and framework version information from HTTP responses. Responsibilities Configure AWS Application Load Balancer to remove server headers Update CloudFront response headers policy Disable X Powered By headers in Customize error responses to prevent ve...

Cloud Security Specialist – Immediate Infrastructure Hardening (Short Term) Project Overview Duration: 3 to 5 days Location: Remote Start: Immediate A healthcare technology platform requires a Cloud Security Specialist to implement quick security improvements identified in a recent penetration assessment. This is a focused, short-term assignment aimed at reducing immediate attack surface exposure at the infrastructure layer. Scope of Work All listed tasks must be completed. 1. Server Version Disclosure Prevention Remove server and framework version information from HTTP responses. Responsibilities Configure AWS Application Load Balancer to remove server headers Update CloudFront response headers policy Disable X Powered By headers in Customize error responses to prevent ve...

is seeking an experienced web application security specialist to address specific vulnerabilities identified in our recent penetration testing assessment. As a healthcare technology company specializing in innovative oral health monitoring solutions, we prioritize robust security standards and regulatory compliance. This is a focused, short-term engagement to remediate six specific security findings in our web application infrastructure. We need an independent contractor who can take full ownership of implementing these security fixes efficiently and professionally. Scope of Work - Specific Vulnerability Remediations Based on our completed Web Penetration Testing assessment, you will address the following security findings: 1.-n/a 2. Server Version Disclosure Prevention • Task Ty...

is seeking an experienced web application security specialist to address specific vulnerabilities identified in our recent penetration testing assessment. As a healthcare technology company specializing in innovative oral health monitoring solutions, we prioritize robust security standards and regulatory compliance. This is a focused, short-term engagement to remediate six specific security findings in our web application infrastructure. We need an independent contractor who can take full ownership of implementing these security fixes efficiently and professionally. Scope of Work - Specific Vulnerability Remediations Based on our completed Web Penetration Testing assessment, you will address the following security findings: 1.-n/a 2. Server Version Disclosure Prevention • Task Ty...

I’m starting from scratch and want to build a solid foundation in ethical hacking, not the shady stuff. What I need is a structured, online-based learning path that moves me steadily from absolute beginner through the essentials of reconnaissance, vulnerability scanning, exploitation, and post-exploitation—all with a clear focus on legal, responsible practice. Here’s what I’m looking for you to deliver: • A step-by-step syllabus broken into logical modules that I can follow in my own time, with estimated completion times and milestone quizzes. • Curated links to reputable online courses, labs, and CTF platforms (Think TryHackMe, Hack The Box, or equivalent), together with your notes on why each resource is worth my time. • A concise toolkit setu...

Je souhaite établir une collaboration sur la durée avec un(e) spécialiste capable de renforcer la sécurité de nos réseaux d’entreprise, de nos environnements cloud et de notre parc IoT. Objectifs prioritaires • Mettre en place une protection active contre les intrusions (IDS/IPS, segmentation, règles firewall affinées). • Sécuriser les données en transit et au repos : chiffrement, gestion des clés, politiques de sauvegarde vérifiables. • Structurer la gestion des accès : Zero-Trust, MFA, revues de droits périodiques. Défis actuels – Menaces internes : droits excessifs, shadow IT, comportement à risque. – Attaques externes : phishin...

I need a concise, CPTS-style penetration test focused on network infrastructure. You will receive a shortlist of public-facing domains plus several internal subnets that I want examined end-to-end. The engagement should mirror a real-world attack path: reconnaissance, exploitation, limited post-exploitation, and clear documentation of every step. Scope • Targets: the domains I provide and the connected internal network segments. • Methodology: full penetration testing, not just a vulnerability scan. Feel free to mix automated tools (nmap, Nessus, OpenVAS, Metasploit, BloodHound) with manual techniques. • Duration: this is a quick assessment, so I expect focused work rather than an open-ended engagement. Deliverables 1. Executive summary highlighting business impact in ...

I have an Alpha-stage AI platform that guides life-science researchers from idea through discovery. It currently runs on Base44, yet we now need the global reach, elasticity and tighter compliance posture that AWS offers. We have a detailed backlog and UX. The job is to lift-and-shift—and where sensible, re-architect—everything onto AWS without sacrificing a single existing capability: advanced data analysis pipelines, automated machine-learning model training, and real-time data processing must all run exactly as they do today, the backlog shows the must have and like to have items. While you carry out the migration, I also have a strategic improvements folded in: a markedly stronger security layer to SOc2 standard. Think IAM best practices, VPC segregation, encryption a...

I need to obtain hard-to-reach details—specifically the IP address, associated phone number, and any location-related information—linked to one particular Telegram account. Standard OSINT searches have already been exhausted, so I’m explicitly open to advanced, purely technical hacking techniques that dig directly into Telegram traffic or MTProto behaviour. If this is within your skill set, tell me how you would approach the task, which tools or exploits you prefer to leverage, and what minimal input you require from my side (e.g., username, recent message, session file). Deliverables • Verified current or last-seen IP address for the target account • Recovered phone number (or clear statement if technically impossible) • Any additional address or geo...

I need a thorough, methodical security assessment of my production-ready web application. The goal is to expose any weaknesses before launch, demonstrate real-world exploitability, and give me a clear, prioritized plan for remediation. Scope • Full application security testing: authentication, authorization logic, input validation, business-logic flows, session management, server configuration, and third-party integrations. • Black-box techniques are fine, but I can supply test credentials for deeper analysis if that helps you reach code paths hidden behind login. • Industry-standard tooling such as Burp Suite, OWASP ZAP, Nikto, or your preferred commercial scanner is expected, followed by manual verification so I’m not just getting automated false positives. ...

My iPhones and several smart-home devices have almost certainly been compromised. Unexplained behaviour, network slow-downs and repeated password lockouts suggest an active intrusion that I have not been able to stop remotely. I need an experienced cyber-security professional to visit in person, trace the breach and leave every device—and the Wi-Fi network itself—clean, secured and fully documented. What I expect during the visit • A thorough forensic check of each affected iPhone and the smart-home hub/gear, including router or mesh nodes you judge relevant. • Immediate containment and removal of any malicious profiles, apps, firmware or network configurations you uncover. • Clear advice on whether each device can be salvaged or should be replaced, follow...