Website Security, Penetration Testing (4985286)

Other

Website Security, Penetration Testing

$10/hr Starting at $50

Testing website security issues in any web application: from CMS platforms like WordPress, Joomla, and Drupal to custom-built websites. Website security vulnerabilities come from misconfigured web servers, software and your developers code. Hackers are searching websites all the time trying to find vulnerabilities they can exploit to takeover accounts, steal sensitive data or to disrupt service by shutting down or rendering a particular website useless (DoS / DDoS).. Even the largest companies have suffered data breaches. Securing your website is tough, Firewalls don’t prevent attacks because the attacks come through on the same ports and protocols as legitimate traffic, SSL/TLS lets you encrypt communications but doesn’t block intruders, so the effective way is to detect and remediate web application vulnerabilities so hackers can’t exploit them. The security test includes but not limited to the OWASP top 10 vulnerabilities such as: Injection Broken Authentication and Session Management Cross-site Scripting (XSS) XML External Entities (XXE) Security Misconfiguration Sensitive Data Exposure Insecure Deserialization Using Components with known vulnerabilities Insufficient logging and monitoring Your website will be checked for Vulnerability Categories: Abuse Of Functionality, Arbitrary File Creation, Authentication Bypass, Bruteforce Possible, Buffer, Overflow, CSRF, Code Execution, Configuration, CRLF Injection, Default Credentials, Denial Of Service(IF REQUESTED BY CLIENT), Directory Listing, Directory Traversal, Error Handling, File Inclusion, HTTP Parameter Pollution, Information Disclosure, Insecure Admin Access, Insecure Deserialization, Ldap Injection, Malware, Privilege Escalation, SSRF, Server Side Template Injection, Source Code Disclosure, SQL Injection, Unauthenticated File Upload, URL Redirection, Weak Credentials, Weak Crypto, XFS, XSS, XXE, Xpath Injection. I will provide a full detailed report with all the vulnerabilities detected in the website, the files and locations where vulnerabilities have been detected and their severity level, to help you work on the website in order to address the vulnerabilities discovered during the test. The report will also include email addresses, external hosts, client scripts, information on the files which have a long response time, external links list, remediation examples and best practice recommendations for fixing the vulnerabilities.

About

$10/hr Ongoing

Download Resume

Testing website security issues in any web application: from CMS platforms like WordPress, Joomla, and Drupal to custom-built websites. Website security vulnerabilities come from misconfigured web servers, software and your developers code. Hackers are searching websites all the time trying to find vulnerabilities they can exploit to takeover accounts, steal sensitive data or to disrupt service by shutting down or rendering a particular website useless (DoS / DDoS).. Even the largest companies have suffered data breaches. Securing your website is tough, Firewalls don’t prevent attacks because the attacks come through on the same ports and protocols as legitimate traffic, SSL/TLS lets you encrypt communications but doesn’t block intruders, so the effective way is to detect and remediate web application vulnerabilities so hackers can’t exploit them. The security test includes but not limited to the OWASP top 10 vulnerabilities such as: Injection Broken Authentication and Session Management Cross-site Scripting (XSS) XML External Entities (XXE) Security Misconfiguration Sensitive Data Exposure Insecure Deserialization Using Components with known vulnerabilities Insufficient logging and monitoring Your website will be checked for Vulnerability Categories: Abuse Of Functionality, Arbitrary File Creation, Authentication Bypass, Bruteforce Possible, Buffer, Overflow, CSRF, Code Execution, Configuration, CRLF Injection, Default Credentials, Denial Of Service(IF REQUESTED BY CLIENT), Directory Listing, Directory Traversal, Error Handling, File Inclusion, HTTP Parameter Pollution, Information Disclosure, Insecure Admin Access, Insecure Deserialization, Ldap Injection, Malware, Privilege Escalation, SSRF, Server Side Template Injection, Source Code Disclosure, SQL Injection, Unauthenticated File Upload, URL Redirection, Weak Credentials, Weak Crypto, XFS, XSS, XXE, Xpath Injection. I will provide a full detailed report with all the vulnerabilities detected in the website, the files and locations where vulnerabilities have been detected and their severity level, to help you work on the website in order to address the vulnerabilities discovered during the test. The report will also include email addresses, external hosts, client scripts, information on the files which have a long response time, external links list, remediation examples and best practice recommendations for fixing the vulnerabilities.

Skills & Expertise

Bug ReportingCyber SecurityEthical HackingPenetration TestingUser TestingVulnerability AssessmentWeb Application SecurityWeb Application TestingWeb AuditWeb TestingWebsite Audit ReportWebsite ReviewWebsite SecurityWebsite Testing

Tarek D