web application security

Hi there! May Peace Be Upon You !! I am a certified ethical hacker and pen tester. I just love hacking and breaking the rules, but don’t get me wrong as I said I am an ethical hacker. @Certified at Ethical Hacking @Certified at WEB APP SECURITY FUNDAMENTALS @Certified at Website Hacking / Penetration Testing @Certified at Cyber Security Forensics Main Skills: Penetration Testing, Web Application Security. Social Engineering, Red team assessment, Ethical Hacking & Countermeasures, Malware Analysis. I provide a variety of security services including white/black hat penetration testing, network and host auditing, Policies and Business Impact Analysis. I will do OWASP Top 10 Application Security Pentesting. A1:2017-Injection A2:2017-Broken Authentication A3:2017-Sensitive Data Exposure A4:2017-XML External Entities (XXE) A5:2017-Broken Access Control A6:2017-Security Misconfiguration A7:2017-Cross-Site Scripting (XSS) A8:2017-Insecure Deserialization A9:2017-Using Components with Known Vulnerabilities A10:2017-Insufficient Logging&Monitoring Please Contact me anytime if you are really looking forward to the quality and world-class work delivered to you. It will be a pleasure to work with you. See you online and have a great day! Warm regards, Shofiur

Have 5+ years of experience in both black box and white box testing penetration testing. Perform VAPT(Vulnerability and penetration testing) services like Web-Application penetration testing; System Application penetration testing; Mobile application penetration testing; Network application penetration testing; social engineering penetration testing etc. Conduct penetration testing in a systematic approach. Follow the standard methodology of the industry like OWASP Testing Guide v4(OTGv4) ; SANS top 25; NIST SP 800-115; PCI DSS to perform penetration testing so that client can concentrate on their professions without worrying about security threats. Web Application Testing: Do web application penetration testing with the latest methodology like OWASP Top-10, SANS Top-25. Perform both manual and automated penetration testing for vulnerabilities like Injection flaws(such as SQL, NoSQL, OS, and LDAP injection etc),Broken Authentication, Sensitive Data Exposure,XML External Entities (XXE), Broken Access Control,Security Misconfiguration, Cross-site scripting(XSS), Insecure Deserialization, Using Components with Known Vulnerabilities,Insufficient Logging & Monitoring. Also perform source code reviews for many technologies like java, .NET, PHP etc. Approach for Manual Web-Application Penetration Testing: Conduct manual testing with following controls: * Configuration and Deployment Management Testing * Identity Management Testing * Authentication Testing * Authorization Testing

Hello Sir/Madam, I am a highly experienced and skilled cyber security consultant. I have 9 years of experience in the navy as a network and information security officer. Also i have experience as a freelancer. I have Master Degree and PhD. candidate on Computer Engineering and Cyber Security. If you awarded me with your project i will not test your website with tools. I will also perform manuel tests to hijack your web site. After the first test i will give you a 2 week time to recover your web site then i will perform one more free test to see if the detected vulnerabilities are recovered. If you are interested in my proposal please contact with me on live chat. Also if you need, i can send you some of my sample works. Regards.

Hi, i know that i don't have reputation on freelancer website, stars or something like that. But i have what you want. I'm a ex-hacker, i worked with Federal Police of Brazil, and i found vulnerabilities in UN Brazil, Banks, Government Websites, Famous websites. I'm not the same of others ethical hackers, i know the real logic of real attacks. Pentest is more than Experience, is logic and knowledge. Just send me what you want i do with my best.

Hi, I'm Certified Ethical and Professional Hacker. I work as a Senior Cyber Security Analyst. I would like to work on your project. Kindly initiate chat to discuss the project in details. Thanks

Hi! My name is Andrey. I am a security expert with 5+ years of experience. I can provide for your site: - Penetration testing (White box, Black box, Grey box) - Vulnerability assessment according to OWASP top 10 WEB vulnerabilities - Coverage technical security controls via OWASP ASVS 3.0.1 - Perform DAST and SAST (Acunetix, Nessus, Checkmarx, Veracode, Burp Suite Pro) Usually, a very rough estimate for vulnerability assessment for standard web will take ~ 15-20h +/-20%. If you hire me to do this, so my hourly rate is $15/hr. I also guarantee the high quality of my work and the high level of communication with me. Looking forward to hearing from you. Thanks, Andrey

I have experience and expertise of 5 Years in the following domains:- Cloud Computing Platforms: AWS EC2 instances,Microsoft AZURE and Kubernetes Docker etc.. Server OS : Windows Server 2003-to-2012 R2, Kali Linux, Mint OS, Parrot OS, Matruix, Debian, RHEL, CentOS and Ubuntu. Also, I have Hands on experience of 5 Years of Network Security with Cisco Switches, Routers, SSH ,Ciphers Upgrade and Penetration Testing. -Web Application Testing on multiple leading Banks of India and Govt Organizations. -Mobile Application Testing with Manual Static and Dynamic Analysis using Drozer, AndroBugs and MobSF and custom hand written scripts. -Web servers and servlets containers: IIS, Puppet, CloudFare, Nagios Core, APACHE, NGINX, DOCKER Mail servers: -POSTFIX, MS Exchange 2000-to-2013, MS Exchange 2016, QMAIL, Mail Clients like ThunderBird, OutLook and Gapps. - Have Solved vulnerabilities of Email Spoofing and Domain Phishing by MX Records and SPF Mis- configurations Database servers: MySQL, MS SQL Virtualization:- MS Hyper-V, VMware Server, VirtualBox. Directory service: Active Directory, OpenLDAP, SAMBA,NFS and Group Policies. File servers: IIS FTP, proftpd, FileZilla FTP Server, SSH, Telnet, Putty, MobaXTerm. Firewalls: Windows firewall,ISA/Forefront TMG, MikroTik,PFSense Zywall and other Routers, Snort IDS IPS. Data Storage Systems: Netapp, FAS, EMC, VNX; Hosting Panels: EC2, cPanel,Website Panel Bug Bounties : Top Organizations around the Globe (Bugcrowd)

I have total 8 years of experience as a information security engineer. Good working experience at MNC's like Microsoft. I have experience in end to end web application security assessment like Threat Modelling, secure code review and penetration testing. I am very much capable of handling this project.