Web portal security and server testing against hacking attacks and vulnerablilities
$350
Delivery in
5 days
Response time
within a few days
- Views 453
Amount of days required to complete work for this Offer as set by the freelancer.
Rating of the Offer as calculated from other buyers' reviews.
Average time for the freelancer to first reply on the workstream after purchase or contact on this Offer.
Explore the marketplace!
What you get with this Offer
I specialize in Web security, Malware Analysis and Exploit writing.
I have over 7 years of experience in this domain and work with the top startups and companies in my city. I use 30% security tools and over 80% pen test is done on manual basis so as to avoid false positive.
My process of auditing is as follows:
1. Recon:
Finding as much info as i can by using both tools and google dorks.
2. Scanning for Vulnerabilities:
After recon, I usually scan for OWASP-Top 10 and SANS - Top 25 vulnerabilities by using my favorite tool metasploit, burpsuite and nikto.
After filtering the results from the tools for false positive , I go about manual testing and scanning using my own '0' day scripts and also scanning for any bugs due to wrong business logic or advanced attack vectors which are usually not covered by the tools.
3. Exploiting
Once the vulnerabilities have been detected , I write my own scripts in python language to create a working proof of concept code which after running will exploit those vulnerabilities and thus validate my findings.
4. Reporting
I enclose my findings in a professional, orderly , comprehensive looking report listing my findings, their impact both technical as well as commercial and their mitigation. The report also contains advisory on what programming language or server side updates you will need to do and what other tools you will need to deploy on your production server.
You will get a detailed report of bugs in your web portal / server and instructions to mitigate them.
I have over 7 years of experience in this domain and work with the top startups and companies in my city. I use 30% security tools and over 80% pen test is done on manual basis so as to avoid false positive.
My process of auditing is as follows:
1. Recon:
Finding as much info as i can by using both tools and google dorks.
2. Scanning for Vulnerabilities:
After recon, I usually scan for OWASP-Top 10 and SANS - Top 25 vulnerabilities by using my favorite tool metasploit, burpsuite and nikto.
After filtering the results from the tools for false positive , I go about manual testing and scanning using my own '0' day scripts and also scanning for any bugs due to wrong business logic or advanced attack vectors which are usually not covered by the tools.
3. Exploiting
Once the vulnerabilities have been detected , I write my own scripts in python language to create a working proof of concept code which after running will exploit those vulnerabilities and thus validate my findings.
4. Reporting
I enclose my findings in a professional, orderly , comprehensive looking report listing my findings, their impact both technical as well as commercial and their mitigation. The report also contains advisory on what programming language or server side updates you will need to do and what other tools you will need to deploy on your production server.
You will get a detailed report of bugs in your web portal / server and instructions to mitigate them.
What the Freelancer needs to start the work
I will need
1. Domain name / IP address of the web portal / network against which the test has to be conducted
2. Indemnity agreement indemnifying me against any losses to intellectual property during the audit process and proof of ownership of the domain.
We collect cookies to enable the proper functioning and security of our website, and to enhance your experience. By clicking on 'Accept All Cookies', you consent to the use of these cookies. You can change your 'Cookies Settings' at any time. For more information, please read ourCookie Policy
Cookie Settings
Accept All Cookies