Cyber Security: Advanced Manual Web Penetration Testing
$950
Explore the marketplace!
What you get with this Offer
Manual penetration testing is the most accurate yet time and resource consuming method to ensure that your web application is safe and secured. some of the issues that will be tested are the following:
SQL Injection
XSS (Cross-site Scripting)
DOM XSS
Command Injection
Blind Command Injection
Local File Inclusions & Arbitrary File Reading
Remote File Inclusions
Remote Code Injection / Evaluation
CRLF / HTTP Header Injection / Response Splitting
Open Redirection
Frame Injection
Database User with Admin Privileges
Vulnerability, Database (Inferred vulnerabilities)
View State not Signed
View State not Encrypted
Web Backdoors
TRACE / TRACK Method Support Enabled
Disabled XSS Protection
ASP.NET Debugging Enabled
ASP.NET Trace Enabled
Accessible Backup Files
Accessible Apache Server-Status and Apache Server-Info pages
Server Application Vulnerability Tests
Accessible Hidden Resources
Vulnerable Crossdomain.xml File
Vulnerable Robots.txt File
Vulnerable Google Sitemap
Application Source Code Disclosure
Silverlight Client Access Policy File Vulnerable
CVS, GIT, and SVN Information and Source Code Disclosure
PHPInfo() Pages Accessible and PHPInfo() Disclosure in other Pages
Sensitive Files Accessible
Redirect Response BODY Is Too Large
Redirect Response BODY Has Two Responses
Insecure Authentication Scheme Used Over HTTP
Password Transmitted over HTTP
Password Form Served over HTTP
Authentication Obtained by Brute Forcing
Basic Authentication Obtained over HTTP
Weak Credentials
E-mail Address Disclosure
Internal IP Disclosure
Directory Listing
Version Disclosure
Internal Path Disclosure
Access Denied Resources
MS Office Information Disclosure
AutoComplete Enabled
MySQL Username Disclosure
Default Page Security
Cookies not marked as Secure
Cookies not marked as HTTPOnly
Stack Trace Disclosure
Programming Error Message Disclosure
Database Error Message Disclosure
SQL Injection
XSS (Cross-site Scripting)
DOM XSS
Command Injection
Blind Command Injection
Local File Inclusions & Arbitrary File Reading
Remote File Inclusions
Remote Code Injection / Evaluation
CRLF / HTTP Header Injection / Response Splitting
Open Redirection
Frame Injection
Database User with Admin Privileges
Vulnerability, Database (Inferred vulnerabilities)
View State not Signed
View State not Encrypted
Web Backdoors
TRACE / TRACK Method Support Enabled
Disabled XSS Protection
ASP.NET Debugging Enabled
ASP.NET Trace Enabled
Accessible Backup Files
Accessible Apache Server-Status and Apache Server-Info pages
Server Application Vulnerability Tests
Accessible Hidden Resources
Vulnerable Crossdomain.xml File
Vulnerable Robots.txt File
Vulnerable Google Sitemap
Application Source Code Disclosure
Silverlight Client Access Policy File Vulnerable
CVS, GIT, and SVN Information and Source Code Disclosure
PHPInfo() Pages Accessible and PHPInfo() Disclosure in other Pages
Sensitive Files Accessible
Redirect Response BODY Is Too Large
Redirect Response BODY Has Two Responses
Insecure Authentication Scheme Used Over HTTP
Password Transmitted over HTTP
Password Form Served over HTTP
Authentication Obtained by Brute Forcing
Basic Authentication Obtained over HTTP
Weak Credentials
E-mail Address Disclosure
Internal IP Disclosure
Directory Listing
Version Disclosure
Internal Path Disclosure
Access Denied Resources
MS Office Information Disclosure
AutoComplete Enabled
MySQL Username Disclosure
Default Page Security
Cookies not marked as Secure
Cookies not marked as HTTPOnly
Stack Trace Disclosure
Programming Error Message Disclosure
Database Error Message Disclosure
Get more with Offer Add-ons
-
I can send SMS Notifications To The Client About The Job Completion
Additional 5 working days
+$10
What the Freelancer needs to start the work
The client must have read the description carefully to understand what exactly he/she should expect out of this hourly.
Your website and server should be accessible remotely. Assets within the intranet are not supported.
The client must contact me first to ensure there are available vacancies for his/her assets.
The client will be interviewed to understand the needs better.
We collect cookies to enable the proper functioning and security of our website, and to enhance your experience. By clicking on 'Accept All Cookies', you consent to the use of these cookies. You can change your 'Cookies Settings' at any time. For more information, please read ourCookie Policy
Cookie Settings
Accept All Cookies