Urgently Require a Pen Tester to work remotely
$250-750 USD
Maksettu toimituksen yhteydessä
Hi, This job is about a UK based competition related to cyyber securety. I need someone who is proficient with these jobs. There are program rules, and expected eligibility.
Program Rules
TESTING POLICY AND RESPONSIBLE DISCLOSURE
Please adhere to the following rules while performing research on this program:
Denial of service (DoS) attacks on Ooredoo QPSC applications, servers, networks or infrastructure are strictly forbidden.
Avoid tests that could cause degradation or interruption of our services.
Do not use automated scanners or tools that generate large amount of network traffic.
Do not leak, manipulate, or destroy any user data or files in any of our applications/servers.
Do not copy any files from our applications/servers or disclose them.
No vulnerability disclosure, full, partial or otherwise, is allowed.
Notify Ooredoo immediately if you discover any evidence of a breach of Ooredoo’s systems apart from your own tests.
We strive to review submitted vulnerabilities reports within 4 weeks.
Ooredoo will not pursue legal action against researchers who report vulnerabilities within the terms of company’s reporting mechanism.
By participating to this program :
You agree not to disclose to any third party any information related to your report, the vulnerabilities and/or errors reported, nor the fact that a vulnerabilities and/or errors has been reported to Ooredoo.
You agree to indemnify and hold Ooredoo harmless against all claims, losses, demands, proceedings, fines, and expenses arising from or related to your violation of these rules.
Unless otherwise required under applicable law or regulation, Ooredoo has no responsibility to pay you compensation for any direct, indirect, or consequential losses, property damage, financial loss, loss of productivity, information that is lost or corrupted, regardless of whether such loss could have been foreseen, or any other loss that is not due to Ooredoo’s gross negligence.
You agree that these terms and conditions will be governed by the laws of the State of Qatar and you consent to the jurisdiction of the courts of Qatar, which will have exclusive jurisdiction over any dispute arising hereunder.
REWARD ELIGIBILITY
We are happy to thank everyone who submits valid reports which help us improve the security of Ooredoo QPSC, however only those that meet the following eligibility requirements may receive a monetary reward:
You must be the first reporter of a vulnerability.
The vulnerability must be a qualifying vulnerability (see below).
The report must contain the following elements:
Clear textual description of the vulnerability, how it can be exploited, the security impact it has on the application, its users and Ooredoo QPSC, and remediation advice on fixing the vulnerability;
Proof of exploitation: screenshots demonstrating the exploit was performed, and showing the final impact;
Provide complete steps with the necessary information to reproduce the exploit, including (if necessary) code snippets, payloads, commands etc.
You must not break any of the testing policy rules listed above.
You must not be a former or current employee of Ooredoo QPSC or one of its contractors.
If you find the same vulnerability several times, please create only one report and eventually use comments. You'll be rewarded accordingly to your findings.
The triage team will use the "One Fix One Reward" process: if two or more endpoints use the same code base and a single fix can be deployed to fix all the others weaknesses, only one endpoint will be considered as eligible for a reward and other reports will be closed as 'informative'.
Reward amounts are based on:
Reward grid of the report's scope;
CVSS scoring and actual business impact of the vulnerability upon performing risk analysis.
If you are confident you can perform these tasks send me a proposal describing all your qualifications and previous accomplishment. Start your proposal with a word "cupcake" so I know you have read the description.
Projektin tunnus: #36699231
Tietoa projektista
17 freelanceria on tarjonnut keskimäärin $491 tähän työhön
Hello i am a cybersecurity engineer and i am certified professional pentester, i have read your description and i can work with you, just contact me to discuss more about the project.
Hello, my name is John and I am a certified ethical hacker with over 15 years of experience in computer security, software testing, web security and virtualization. I specialize in testing and analysis of software appl Lisää
I understand that you are looking for someone who can work remotely to test the UK competition related to cybersecurity. With my experience in computer security and web security, I am confident that I can provide the n Lisää
I am excited to apply for this position at your esteemed organization. With my certification as a Certified Ethical Hacker V12 from EC-COUNCIL and ongoing studies in the field, I am confident that I have the skills and Lisää
Cupcake. Hey i am interested on working for your network . I do not have enough experience but i have reported many vulnerabilities in my 2 months of internship. I think i can even report interesting vulnerabilities to Lisää
Can we discuss the scope size? Cyber Security summitinformation security specialist. Cyber Security | Pentest | Threat Intelligence | Ethical Hacking | DevSecOpsa
Hi, This is Koumudi. With over 6 years of experience in the cybersecurity field, specializing in threat modeling, penetration testing, code review, configuration review, and Azure security, I am confident in our abili Lisää
