Penetration Testing Jobs

I’m looking for an experienced security tester to run a full-scale penetration test on my web application stack. Web security is the only focus here, so please come prepared with a proven methodology that aligns with OWASP-Top-10 practices and the latest exploits in mind. Scope • Map and enumerate the application, then attempt to exploit any weakness you find—authentication, sessions, input validation, business logic, configuration, the works. • Produce a concise, evidence-based report that ranks each finding by risk, explains impact, and includes clear remediation steps my dev team can action immediately. • A short retest is expected once fixes are applied. Tools you’re comfortable with matter to me. If Burp Suite Pro, OWASP ZAP, Metasploit, Nessus...

My site already runs through Cloudflare and basic protection is in place, yet I know the platform can do much more for security. I want a seasoned Cloudflare specialist to go through my current setup, tighten every loose end, and leave me with a hardened configuration I can trust. Scope of work • Firewall rules – Review what I have, remove redundancies, and add precise allow/deny rules and rate limits that match real-world traffic patterns without blocking legitimate users. • SSL/TLS – Move the zone to the most secure Full (Strict) mode, renew or generate any required origin certificates, enforce HSTS and secure ciphers, and confirm end-to-end encryption is flawless. • Bot management – Configure Bot Fight Mode and related features so genuine traffic ...

I need a cyber-security professional who specialises in application security to review and harden a production-ready mobile app that runs on both iOS and Android. The codebase has already passed functional QA; now I want to be certain it stands up to real-world attacks. Scope • Perform a full security assessment that covers the OWASP Mobile Top 10. • Include static code analysis, dynamic runtime testing and API endpoint verification. • Highlight insecure data storage, improper authentication flows, weak cryptography and any third-party library risks. • Provide clear, reproducible proofs of concept for every confirmed vulnerability. Deliverables 1. Written penetration-test report detailing findings, risk ratings and recommended fixes. 2. A prioritised remed...

I need a thorough, professional penetration test that zeroes in on database security. The work will involve actively probing our live environment for misconfigurations, permission-escalation paths, injection points, improper encryption, and any other weakness that a determined attacker might exploit. Scope • Assess the entire database layer—from connection strings and authentication flows to stored procedures and backup endpoints—without disrupting business operations. • Document every finding with reproducible steps, risk ratings, and clear remediation guidance. • Validate fixes with a follow-up retest so we can close the loop confidently. Deliverables 1. Methodology outline (tools, test phases, compliance references). 2. Vulnerability assessment...

I'm seeking urgent cyber security assistance for my personal computer and android. I need a professional to secure my device and protect my data. Key Requirements: Virus removal Malware removal Penetrating testing Network security Ideal Skills and Experience: - Proven expertise in cyber security - Experience with personal computers - Ability to work quickly and efficiently - Strong knowledge of virus removal and data protection measures Please provide a detailed plan of action and estimated timeline.

My personal blog runs on a standard LAMP stack and I want a clear, ethical snapshot of its current security posture. The focus is on preventing data breaches and blocking any avenue for unauthorized access; malware checks are welcome but secondary. Scope You will carry out a legally authorised vulnerability assessment that covers: • A surface scan of the domain and sub-domains, mapping open ports and exposed services. • Manual and automated testing against the OWASP Top 10, using tools such as Burp Suite Community/Pro, OWASP ZAP, Nikto, or similar. • SSL/TLS configuration review, confirming protocol versions, cipher strength, and certificate chain integrity. • Inspection of server and application misconfigurations that could lead to privilege escalation, credenti...

ALFA NETWORKS ADAPTOR OR SIMILAR IS A REQUIREMENT I need a cyber sec expert who already owns an Alfa Networks USB adapter (or a comparable injection-capable card) to carry out a controlled WiFi-based denial-of-service exercise. The goal is to you use the Kali Live boot with persistence USB stick, and the Alfa Networks adaptor, to launch a Denial-of-Service attack on your own mobile phone (or smart TV etc) in order to prevent it accessing your home WiFi. its just a simulation so we only need 4 screenshots. I ordered my alfa networks adaptor but it got delayed with the shipment so now need help if you own one. ALFA NETWORKS ADAPTOR OR SIMILAR IS A REQUIREMENT

Penetration Test of the IT/OT System of a Photovoltaic Power Plant and Battery Energy Storage System 1. Subject of the Contract The subject of this contract is the execution of a comprehensive penetration test of the IT/OT infrastructure of a photovoltaic power plant and battery energy storage system to assess its resilience against cyberattacks and unauthorized remote control. The test must simulate real-world cyberattack scenarios, focusing on the possibility of: Unauthorized remote access Takeover of device control Manipulation of energy production or storage Disruption of system availability Exploitation of communication interfaces Leakage of sensitive data 2. Scope of Testing The test shall include: 2.1 External Testing Simulation of attacks from the public internet Analy...

Conduct a CREST‑approved penetration test covering OWASP Top 10, infrastructure, and API endpoints. Provide a full report and remediation guidance. You must be UK‑based and able to invoice us as a self‑employed contractor or registered business. You will be working as part of a small team during an intensive 2‑week delivery sprint. Deliverables: Pen test plan Full CREST report Remediation list Optional retest (if included in your service)

ALFA NETWORKS ADAPTOR OR SIMILAR IS A REQUIREMENT I need a cyber sec expert who already owns an Alfa Networks USB adapter (or a comparable injection-capable card) to carry out a controlled WiFi-based denial-of-service exercise. The goal is to you use the Kali Live boot with persistence USB stick, and the Alfa Networks adaptor, to launch a Denial-of-Service attack on your own mobile phone (or smart TV etc) in order to prevent it accessing your home WiFi. its just a simulation so we only need 4 screenshots. I ordered my alfa networks adaptor but it got delayed with the shipment so now need help if you own one. ALFA NETWORKS ADAPTOR OR SIMILAR IS A REQUIREMENT

This is where many vulnerabilities have been discovered on the admin page. Can I extract the data from the consultation requests submitted here? I need data such as name, phone number, date, and notes.

We are a new SaaS startup looking for a rigorous security specialist to perform a **comprehensive end-to-end security audit**. Our mobile app (iOS & Android) is our core product and requires deep-dive scrutiny, while our landing pages and staff admin panel need a focused vulnerability assessment to ensure total ecosystem integrity. ### **The Scope of Work** We need more than a generic automated scan; we require a blend of manual penetration testing and structured configuration review. * **Mobile App (Deep Dive):** Comprehensive testing based on the **OWASP Mobile Application Security (MAS)** framework. This includes binary analysis, session management, local data storage security, and API communication. * **Web & Admin Panel:** Vulnerability assessment of the staff-facing das...

I am looking for an experienced Security Consultant to work on an ad hoc or fixed monthly basis to oversee and strengthen multiple IT environments. The role is focused purely on security, monitoring, hardening, and continuous improvement. This is not general IT support. I need someone who can take ownership of reviewing systems daily, identifying risks, closing security gaps, and ensuring everything remains properly configured and secure. Systems and Platforms in Scope • N-able N-central • Cove Data Protection • SentinelOne EDR • Site24x7 monitoring • Windows Server environments • Microsoft 365 and Office 365 security • Routers, firewalls and managed switches • Patch management systems • Backup monitoring and recovery testing Key Responsibil...

I need a seasoned ethical hacker to probe the security of my production-ready Android application. The task covers everything from installing the APK on a range of devices and emulators to hunting for flaws in authentication, data storage, network calls, and component exposure. Please treat the engagement as a comprehensive black-box review: assume no source code, no prior credentials, and simulate a real-world attacker’s mindset while remaining fully within legal and agreed-upon bounds. I expect manual exploitation to complement automated scans so that business-logic weaknesses and misconfigurations do not slip through the cracks. You are free to use tools such as MobSF, Burp Suite, Frida, JADX, or any specialised mobile framework you normally rely on, provided the findings are rep...

I need an experienced ethical-hacker who can take a close look at my site, show me exactly where it is vulnerable, and then help me close those gaps. The scope is open at this point because I have not yet pinpointed whether the main priority will be penetration testing, a full clean-up, or even regaining access to an account; I’m happy to clarify once you have reviewed the site and outlined the risks you see. Here is what I will be expecting: • A concise vulnerability report written in plain language that highlights each issue, how it was found, and the potential impact. • A step-by-step remediation plan with clear explanations (no jargon walls). • Implementation of the agreed fixes, followed by proof that the holes are truly closed—re-testing after patch...

Project Description: I am looking for an experienced Cyber Security content writer / technical ghostwriter to write a complete book focused on modern cyber security practices. The book should be: ✔ Written in simple, humanized language (not robotic or overly academic) ✔ Easy to understand for learners, professionals, and aspiring security practitioners ✔ Technically accurate yet engaging ✔ Practical and real-world focused The total length should be within 500 pages. Scope of the Book: The book will broadly cover areas such as: Cyber Security fundamentals Application Security Penetration Testing concepts Secure SDLC OWASP Top 10 API Security Mobile Security Threat Modeling DevSecOps basics Governance, Risk & Compliance (GRC) Real-world case studies / attack scenarios Best practic...

I need an experienced cyber-security professional who can deliver a focused training program for my team of intermediate-level technicians. The sessions must dive deep into Network Security, Penetration Testing, and Incident Response, blending theory with practical, hands-on exercises so staff can apply what they learn immediately on the job. Please propose: • A modular course outline that walks through each topic in logical progression. • The format you prefer (live virtual classes, in-person workshops, recorded labs, or a mix). • Any lab environments, tools, or simulation platforms you typically use so I can verify compatibility with our infrastructure. • Duration per module and total contact hours you recommend for intermediate learners. • Post-training...