I am a certified cybersecurity professional specializing in Penetration Testing, VAPT, and Digital Forensics with extensive hands-on experience securing Web, Mobile, API, Network, and Server environments.
I help businesses identify real-world vulnerabilities, investigate cyber incidents, recover critical evidence, and strengthen their overall security posture with clear, actionable, and professional reports.
🛡️ Penetration Testing & VAPT Services
I provide manual + automated security assessments with detailed findings, including:
✔️ Web Application Penetration Testing (OWASP Top 10, 4000+ vulnerability checks)
✔️API Security Testing (REST, GraphQL, SOAP)
✔️ Mobile Application Security (Android & iOS)
✔️Network Penetration Testing (Internal & External)
✔️Active Directory Security Assessments
✔️Cloud Security Reviews (AWS, Azure & Google Cloud)
✔️Authentication & Authorization Testing
✔️Business Logic Vulnerability Assessment
✔️LLM/AI Application Security Assessment
✔️ Red Team & Adversary Simulation
✔️ Secure Configuration Reviews
🕵️♂️ Digital Forensics & Cybercrime Investigation
✔️ Cybercrime Investigations & Incident Response
✔️ Malware Analysis
✔️ Data Recovery (deleted/corrupted files)
✔️ Forensic Imaging & Analysis (.E01, .RAW, .IMG, .OVA, etc.)
✔️ Log Analysis & Timeline Reconstruction
✔️ Email Fraud, Phishing & Spoof Analysis
✔️ Corporate Cybersecurity Consultation
✔️ Professional Forensic Reporting for Legal Use
📄 Document Authenticity & Tampering Detection
Physical Documents:
✔️ Ink & Paper Analysis
✔️ Watermarks, Indentations, Aging Patterns
✔️ Detection of Erasures, Alterations & Page Substitution
Digital Documents:
✔️ Metadata Examination
✔️ File Signature Analysis
✔️ Detection of Hidden or Modified Content
Handwriting & Signature Verification:
✔️ Pattern & Stroke Analysis
✔️ Comparison with Known Samples
💬 Have Questions?
Feel free to message me — I reply quickly and provide free initial consultation.
Penetration Testing
Network Security
WordPress
Virus Removal
Information Security
Web Application Security
Malware Removal
Digital Forensics
Kali Linux
System Security
Cybersecurity Tool
Vulnerability Assessment
WordPress Malware Removal
Security Analysis
Metadata
MD HASANUR R.
Pabna Sadar, Bangladesh
$15/hr
4.9
26 jobs
CEH ( Certified Ethical Hacker).
I am a Professional Ethical Hacker and Expert in Penetration testing and Website Security and Network Scanning
I have 5+ experience in projects ranging from, Bug hunting, penetration testing, network Testing, Website Security, analysis, vulnerability assessment, and testing to investigative and forensic work. I bring high standards and tried and tested methodology with manual bug Hunting and techniques to deliver you professional results.
✅Professional at Bug Bounty Hunting
✅Professional at Penetration Testing
✅System Hacking
✅Network Scanning
✅Professional at API Testing
✅Professional at Android and IOS Penetration Testing
✅Professional in Security Testing
✅Professional at Web Application Security
✅Professional at Vulnerability Assessment
✅Professional at Network Penetration Testing
✅Professional at Hacked site Recover
✅ Professional at Malware Removal/Virus Removal
✅ Website Testing part manually
= Brute Force Attack
= Unauthorized access to card
= Business logic flaws allow the unauthorized transfer of funds
= Unauthorized access to customer data
= Unauthorized access to the example.com website
= Authentication related issues
= Authorization related issues
= Data Exposure
= Smuggling Testing
= Bypass Rate Limit Protection
= Bypass Authentication
= Broken Access Control
= Information Disclosure
= Remote Code Execution (RCE)
= Server-Side Request Forgery (SSRF)
= Subdomain Takeover
= Account Takeover
= Code Execution
= Content Discovery
= Cross-Site Request Forgery (CSRF)
= SQL Injection (SQLI)
= HTML Injection / Content Injection
= Cross-Site Scripting (XSS)
= Command Injection
= Local File Inclusion (LFI)
= Insecure Direct Object Reference (IDOR)
= XML External Entity (XXE)
= Remote File Inclusion (RFI)
= URL Redirection
✅System Testing
1. Password Cracking
2. Privilege Escalation
3. Malware Analysis
4. System Exploitation
5. Post Exploitation
6. Social Engineering
7. Network Sniffing
8. Denial of Service (DoS) Attacks
9. Security Misconfigurations
10. Vulnerability Scanning and Exploitation
12. Exploit Development
✅ Network Scanning
Network Scanning List
1. Network Discovery
2. Port Scanning
3. Vulnerability Scanning
4. Service Version Detection
5. Network Mapping
6. Network Protocol Analysis
7. Wireless Network Scanning
8. SNMP Scanning
9. DNS Enumeration:
10. Network Performance Testing
11. Firewall and IDS/IPS Evasion
12. IoT and SCADA Network Scanning:
13. Cloud Network Scanning
✅ Penetration Testing Tools:
= Metasploit
= BurpSuite Professional
= Nessus Professional
= Acunetix Proffessional
= Nuclei
= Nmap
= FFUF
= Gau
= Waybackurls
= SQLMAP
= wpscan
= OWASP ZAP, etc.
Terms of Services:
• 100% Customer Satisfaction
• Guaranteed Refund if not satisfied
Penetration Testing
Network Penetration Testing
WordPress Malware Removal
Security Assessment & Testing
Security Testing
Information Security
Malware Removal
Bug Bounty
Web Testing
Web Application Security
Vulnerability Assessment
Bug Investigation
Website Security
Ethical Hacking
AT&T Cybersecurity
MD Emran H.
Dhaka, Bangladesh
$70/hr
5.0
1 jobs
Hey there 👋
I’m Emran, a Cybersecurity & Blockchain Security Expert who’s been in the game for over 5 years — protecting businesses, startups, and Web3 projects from real-world attacks.
Think of me as your security partner, not just a freelancer. I’ll help you find the weak spots before hackers do, fix them fast, and make sure your system is safe, stable, and investor-ready.
I’ve worked with clients across web apps, blockchain, and crypto platforms, helping them secure millions in digital assets. I’m also ranked in the Top 26 globally on HackerOne, so you can trust I know what real threats look like — and how to stop them 🚀
🛡️ What I Can Help You With
• Web & Mobile Penetration Testing
• Blockchain / DeFi Security Audits
• Crypto Exchange & Wallet Security
• Threat Hunting & Incident Response
• Malware Removal, Reverse Engineering, and Security Hardening
• Clear Reports + Step-by-Step Fix Guidance
💡 Why Clients Love Working With Me
✅ Friendly, patient, and easy to communicate with
✅ Delivers clean, professional reports — no tech confusion
✅ 100% manual testing (no useless automated scans)
✅ Real hacker mindset — I find what others miss
✅ Always honest, always on your side 🤝
If you’re building something powerful — a web app, crypto project, or blockchain platform — I’ll make sure it’s secure, trusted, and ready for growth.
Penetration Testing
Network Penetration Testing
Network Engineering
Problem Solving
DevOps
Information Security
Virtual Assistance
Security Assessment & Testing
AT&T Cybersecurity
Web App Penetration Testing
Vulnerability Assessment
Business Intelligence
Venture Capital Consulting
IT Consultation
Blockchain, NFT & Cryptocurrency
Foysal H.
Dhaka, Bangladesh
$29/hr
5.0
51 jobs
I help startups, SaaS companies, fintech organizations, healthcare providers, and enterprises identify and eliminate security vulnerabilities before they become data breaches.
With 10+ years of offensive security experience and more than 200 successful penetration testing engagements, I provide manual, risk-focused security assessments that uncover vulnerabilities automated scanners often miss.
My assessments follow industry-recognized methodologies, including OWASP Testing Guide, OWASP ASVS, OWASP MASVS, PTES, NIST SP 800-115, and MITRE ATT&CK, delivering actionable findings that improve your security posture and support compliance initiatives.
Core Expertise
• Web Application Penetration Testing (OWASP Top 10)
• API Security Testing (REST, GraphQL, SOAP)
• Mobile Application Security (Android & iOS)
• Network Penetration Testing (Internal & External)
• Active Directory Security Assessments
• Cloud Security Reviews (AWS, Azure & Google Cloud)
• Authentication & Authorization Testing
• Business Logic Vulnerability Assessment
• LLM/AI Application Security Assessment
• Red Team & Adversary Simulation
• Secure Configuration Reviews
Industries Served
• Financial Services & FinTech
• Healthcare
• SaaS Platforms
• E-commerce
• Government
• Telecommunications
Deliverables
Every engagement includes:
✔ Executive Summary for management
✔ Detailed technical report
✔ CVSS-based risk ratings
✔ Step-by-step Proof of Concept
✔ Remediation guidance
✔ Security consultation
✔ Complimentary revalidation after remediation
Compliance Support
My assessments help organizations prepare for or strengthen compliance with:
• ISO 27001
• SOC 2
• PCI DSS
• HIPAA
• OWASP
Certifications
OSCP+ •OSCP• CREST • LPT Master • CRTP • C|PENT • CEH • ISO 27001 Lead Auditor and Lead Implementor
I believe penetration testing should provide clear business value—not just vulnerability lists. Every assessment is tailored to your environment, your threat model, and your compliance requirements, with practical recommendations your team can act on immediately.
If you're planning a new product launch, preparing for an audit, or simply want confidence in your security posture, let's discuss your scope. I'll provide a clear testing plan, timeline, and deliverables before the engagement begins.
Penetration Testing
Network Penetration Testing
Ethical Hacking
Cryptography
Web App Penetration Testing
Cybersecurity Tool
Kali Linux
Vulnerability Assessment
Information Security
Governance, Risk Management & Compliance
AI Governance
OWASP
Security Testing
ISO 27001
Red Team Assessment
AI Security
Application Security
Security Operation Center
Digital Forensics
GM Salman A M.
Satkhira, Bangladesh
$30/hr
5.0
56 jobs
🚨 If your application, SaaS platform, or cloud environment has never undergone a professional security assessment, you may have unknown vulnerabilities that attackers can exploit.
I’m a Certified Penetration Tester and Ethical Hacker providing Vulnerability Assessment and Penetration testing (VAPT) services for web applications, APIs, cloud infrastructure, mobile apps, SaaS platforms, and network environments. My goal is not just to find vulnerabilities — but to help you understand real security risks and fix them effectively.
I perform manual penetration testing supported by professional security tools to identify exploitable weaknesses such as authentication flaws, privilege escalation paths, injection vulnerabilities, and business logic issues.
You will receive a clear and actionable security report that helps developers resolve issues and allows management to understand the real business impact.
🎯 My Services
- Vulnerability Assessment & Penetration Testing (VAPT)
- Web Application Penetration Testing (OWASP Top 10)
- API Penetration Testing (REST, GraphQL, authentication flaws, IDOR, injection)
- Cloud Infrastructure Security (AWS, Azure — misconfigurations, IAM, exposed services)
- Network Penetration Testing (internal & external)
- Mobile Application Security (Android & iOS)
- SaaS Platform Security & Penetration Testing (multi-tenant logic, RBAC, privilege escalation)
- CMS Security (WordPress, Laravel, custom apps)
- Retesting after remediation
📋 What You Will Receive
A clear, structured security report designed for both technical teams and business stakeholders, including:
• Executive summary for management and decision-makers
• Detailed vulnerability findings with severity ratings
• CVSS scoring and risk prioritization
• Proof-of-concept evidence (screenshots, request/response captures)
• Business impact explanation for each issue
• Step-by-step remediation guidance for developers
• Retesting validation after fixes are applied
• Reporting that can support ISO 27001 and SOC 2 compliance preparation
🏆 Certifications
- Certified Ethical Hacker Practical — EC-Council
- eLearnSecurity Junior Penetration Tester (eJPT) — INE
- Certified API Penetration Tester — APISec University
- IBM Cybersecurity Analyst
- Cisco Verified Ethical Hacker
- ISO 27001:2022 Lead Auditor
🛠️ Tools I work with
Burp Suite Pro, OWASP ZAP, Nmap, Nessus, Metasploit, MobSF, Wireshark, Postman, and custom Python/Bash scripts and so on.
Whether you're preparing for a security review, compliance audit, or investor due diligence, I can help you understand your attack surface and security risks.
📩 Send me your scope or asset list and I’ll help you determine the best testing approach.
Penetration Testing
Network Penetration Testing
Vulnerability Assessment
Malware Removal
Information Security
Application Security
Security Assessment & Testing
Cybersecurity Management
Web App Penetration Testing
WordPress Malware Removal
Website Security
Ethical Hacking
Web Application Security
System Administration
OWASP
NAHID M.
Nabinagar, Bangladesh
$15/hr
5.0
8 jobs
I have conducted and led hundreds of security audits, penetration tests and red team engagements for a variety of companies, ranging from multinational corporations with thousands of hosts in scope to startups or small clients that want to have an edge over their competition security-wise.
My day-to-day job is that of an ethical hacker, which has allowed me to amass great hands-on experience in the field of Penetration Testing, Cyber Security and Vulnerability Assessment, and to have a great understanding of the most widespread and modern technology stacks currently in use around the globe and their flaws from a security standpoint.
I am able to provide the following services:
✅ Penetration Testing Engagement ✅
This includes both thorough manual testing of all functionalities and automated testing for all websites, applications, servers or infrastructure included in the scope of work, using both professional enterprise grade software such as BurpSuite Professional and Nessus and also personal scripts and tools gathered over past engagements. This services extends as well to internal penetration tests and network infrastructure testing as well.
✅ Professional Report & Statistics ✅
Detailed report explaining step-by-step the exploitation and discovery method of each and every vulnerability discovered. Proof-of-Concept screen captures, full requests and responses, CVSS v3.0 standardised risk score, impact and ownership included.
✅ Remediation Advice & Guidance ✅
Remediation advice regarding all security issues discovered, how to fix them and warnings associated with the impact and risk of these vulnerabilities.
✅ Asset Discovery ✅
Through both active and passive methods, I can help you asses how big your digital footprint is on the internet and what is the attack platform visible from an outsider threat perspective. This includes subdomain enumeration and service/port discovery.
✅ Free Checkup ✅
Included in the price will be a checkup/retest of all aforementioned vulnerabilities present in the report in order to ensure that the implemented security controls and/or fixes are working as intended and that there is no other way to bypass them or exploit that vulnerability any longer.
✅ OSINT Reconnaissance ✅
Gathering of all valuable data pertaining to your company available on the internet. This includes any breached email addresses and related passwords available in cleartext on the internet, usually being traded on the dark web. Full access to over 4 billion records of personally curated lists of such information will help you to asses how vulnerable you are and what passwords need to be changed as soon as possible.
✅ Briefing ✅
I am available for calls/meetings discussing what the Scope of Work will be, where the focus of the penetration testing engagement will be, if all subdomains need to be included, if you want a black-box type of engagement or a white-box engagement, if accounts will be required, preferred hours for load testing and any other guidance your company would require if this is the first penetration test engagement that you are doing.
✅ Debriefing ✅
I am available for calls/meetings after the penetration test is completed in order to discuss with you the results of the engagement, what the main issues were and what my concerns regarding the security of your company are. This includes any further clarification regarding any vulnerability and the impact/risk associated with it.
Penetration Testing
Network Penetration Testing
Application
Testing
Website
Software Testing
Ethical Hacking
Cyber Threat Intelligence
Security Testing
Digital Forensics
Cybersecurity Management
Web Application Security
WordPress Security
QA Testing
QA Software & Testing Tools
How it works
Post a job for freePost a job
Tell us what you need. Create your own job post or generate one with AI then filter talent matches.
Hire top talent fast
Consult, interview, and hire quickly, so you can meet the freelancers you're excited about.
Collaborate easily
Use Upwork to chat or video call, share files, and track project progress right from the app.
Payment simplified
Manage payments in one place with flexible billing options. Only pay for approved work, hourly or by milestone.
Don't just take our word for it
“Upwork provides an umbrella-level of security. I can see a talent’s work history and ratings. I can hold payments in escrow. I can communicate through Upwork Messages instead of working through my email address.”
KD
Kim Darling
Emerald Tiger
“Upwork is the best platform to hire skilled professionals when we're not looking for a full-time employee. All the companies in our portfolio use Upwork to find talent across a wide range of fields.”
DM
David Merry
Kinetic Investments
“Our very specific requirements can be a challenge—With Upwork, we’re able to access a bigger community to ensure the success of our projects.”
KK
Katja Krohn
Summa Linguae
How do I hire a Network Pentester in Bangladesh on Upwork?
You can hire a Network Pentester in Bangladesh on Upwork in four simple steps:
Create a job post tailored to your Network Pentester project scope. We'll walk you through the process step by step.
Browse top Network Pentester talent on Upwork and invite them to your project.
Once the proposals start flowing in, create a shortlist of top Network Pentester profiles and interview.
Hire the right Network Pentester for your project from Upwork, the world's largest work marketplace.
At Upwork, we believe talent staffing should be easy.
How much does it cost to hire a Network Pentester?
Rates charged by Network Pentesters on Upwork can vary with a number of factors including experience, location, and market conditions. See hourly rates for in-demand skills on Upwork.
Why hire a Network Pentester in Bangladesh on Upwork?
As the world's work marketplace, we connect highly-skilled freelance Network Pentesters and businesses and help them build trusted, long-term relationships so they can achieve more together. Let us help you build the dream Network Pentester team you need to succeed.
Can I hire a Network Pentester in Bangladesh within 24 hours on Upwork?
Depending on availability and the quality of your job post, it's entirely possible to sign up for Upwork and receive Network Pentester proposals within 24 hours of posting a job description.