Hire the best Vulnerability Assessment Specialists in India
Check out Vulnerability Assessment Specialists in India with the skills you need for your next job.
- $53 hourly
- 5.0/5
- (22 jobs)
A seasoned and dynamic cybersecurity professional with over 10 years of comprehensive experience in IT security, specializing in various domains including Vulnerability Assessment and Penetration Testing (VAPT), Web Application Penetration Testing (WAPT), API VAPT, Thick-Client Application Penetration Testing, Mobile Application Penetration Testing, Threat Hunting, Malware Analysis, and Firewall Security. Throughout my career, I have honed my skills using a wide array of industry-leading tools such as Burp Suite, Metasploit, ZAP Proxy, NMAP, DirBuster, WafW00f, QualysGuard, Nessus, Kali Linux, Wireshark, The Harvester, Sublist3r, LBD, SET, and Website-Watcher. My hands-on experience extends to working with LAN and WAN topologies, TCP/IP protocols, routers, switches, and firewalls within Internet, Intranet, and Extranet environments. My expertise includes conducting in-depth security research, analysis, and design for client computing systems and network infrastructure. I hold multiple esteemed certifications, including Certified Ethical Hacker (CEH, MILE2|CPTE|OSCP), ISO 27001 Information Security Lead Auditor, and ISO 9001 Quality Lead Auditor. I have had the privilege of working with a diverse clientele, including renowned names such as Glasswall, TIM Solutions, Extractable, Scramble, Crowdo, datalligence.ai, C.L.E. IT Solutions, Golteum, Graviton Consulting, Widia, CaringHumans, Technosprints, Blooms, Brainiot, Mazeart, and Tax Adda. Currently, I am associated with WebOrion, a leading cybersecurity firm, where I leverage my extensive expertise to deliver robust security solutions and comprehensive training programs. At WebOrion, we are committed to enhancing our clients' cybersecurity posture through innovative and effective security measures. If you are seeking a dedicated and highly skilled cybersecurity professional to address your security needs, let's connect and discuss how I can contribute to securing your digital assets.Vulnerability AssessmentNetwork Penetration TestingWebsite SecurityWeb App Penetration TestingWeb Application FirewallCloud SecuritySecurity AnalysisCode ReviewSecurity Assessment & TestingNetwork SecurityPenetration TestingMalware Removal - $40 hourly
- 5.0/5
- (20 jobs)
🔢 As an Upwork Top 1% Expert Vetted 👑 Certified Ethical Hacker and an Experienced Penetration Tester with over 8 years of experience Penetration Testing Web and Mobile based applications and networks, I use my background to break into systems to create and maintain boundaries around network devices and computer systems, protecting them from attacks. What makes me stand out from other freelancers is the fact that I am also a Cybersecurity Architect, capable of architecting solutions to enhance the security of your organsiation and preserving the security and integrity of my client's data. I have always been passionate about solving technical problems for my clients through Penetration Testing and I don't rest till I get to the root of the problem and solve it. I can help you secure your business by providing the following services: ✅ Web Application Penetration Testing, ✅ Secure Source Code Analysis, ✅ Mobile Application Penetration Testing, ✅ Network Penetration Testing, ✅ Secure Architecture Review, ✅ API Security Testing, ✅ Secure Configuration Review, ✅ Secure Code Review, ✅ Container Security Assessment, ✅ Red Team Assessment, ✅ Threat Modelling, ✅ Phishing Simulations & Assessment. 🙋♂️ Key Skills: ✔️ Penetration Testing & Vulnerability Assessment: I thrive on dissecting systems, identifying weaknesses, and recommending robust solutions. Armed with tools like Kali Linux, Metasploit, Nmap, and Wireshark, I delve into web applications, networks, and APIs. But here's the twist—I don't stop at discovery; I offer a free retest after remediation to ensure vulnerabilities stay sealed. ✔️ Network Security: I've designed and implemented secure network architectures, ensuring data confidentiality, integrity, and availability. Firewalls, intrusion detection systems, and VPNs—my toolkit covers it all. ✔️ Cloud Security: Proficient in securing cloud environments, especially Oracle Cloud Infrastructure (OCI). I stress-test cloud deployments, ensuring they withstand real-world attacks. ✔️ Secure Coding Practices: I advocate for secure coding principles using tools like SonarQube and collaborate with development teams to build resilient applications. Prevention beats cure, every time. Why Choose Me? 🌏 Holistic Approach: I don't just patch vulnerabilities; I architect comprehensive security solutions that align with business goals. My focus extends beyond the technical to encompass risk management and organizational resilience. 🗨️ Collaborative Communicator: I bridge the gap between technical jargon and business language, fostering understanding across teams. Effective communication is key to successful security implementation. 🏫 Continuous Learning: The threat landscape evolves, and so do I. Whether it's a new attack vector or an emerging technology, count me in. Learning is my superpower. ⛏️Tools I Use ☑️ Penetration Testing: Nmap, Metasploit, Burp Suite Professional, Wireshark, SQLmap, Kali Linux ☑️ Programming & Scripting Skills: Python, Bash, PowerShell, JavaScript, Java and C# ☑️ Security Frameworks & Standards: OWASP, NIST, CIA Triad, PCI-DSS 🫱🏽🫲🏽 Let's Connect: Ready to enhance your organization's security? Let's chat! Reach out to me here on Upwork, and let's build a safer digital future together. 🟢 Press '...' button and then ‘Send Message’ button in the top right-hand corner ✉️ 🚫 No hacking service - I do not provide any hacking services, and I will not engage in any activities that involve gaining unauthorized access to any accounts, systems, or social media platforms. Requests for such services will be declined.Vulnerability AssessmentPhishing WebsiteSystem SecurityNetwork SecurityWordPress Malware RemovalWeb Application SecurityApplication SecurityInformation SecurityIntrusion Prevention SystemIntrusion DetectionSecurity Assessment & TestingMalware RemovalSecurity TestingNetwork Penetration TestingPenetration Testing - $12 hourly
- 4.9/5
- (26 jobs)
Hi, I am Amit Singh and having 10+ years of significant and well-diversified experience in Cybersecurity domains, including ⭐Web Application penetration testing (SaaS, Cloud etc.)⭐Network Penetration testing(Servers, Active Directory, IoT etc.)⭐Web API pen-testing ⭐Mobile penetration testing (android & iOS)⭐Web 3.0 DApps & Smart Contract pen-testing (Blockchain technology)⭐ Source Code Review etc. 🏆Top Rated Profile on Upwork ✅I have performed penetration tests & vulnerability assessments and delivered professional reports to companies all over the world in accordance with: ☑️ Offensive Security (OSCP) standards ☑️ OWASP Top 10 Vulnerability ☑️ OWASP API Security Top 10 Vulnerability ☑️ OWASP Mobile Security Top 10 Vulnerability ☑️ Application Security Verification Standard 4.0 (ASVS 4.0) ☑️ CWE Top 25 Most Dangerous Software Errors ☑️ ISO 27001 Penetration Testing ☑️ Payment Card Industry Data Security Standard (PCI DSS) ☑️ General Data Protection Regulation (GDPR) ☑️ Common Vulnerability Scoring System (CVSS) ☑️ Open Source Security Testing Methodology Manual (OSSTMM) ✅ Cybersecurity Certifications:- ☑️ Certified eLearnSecurity Web application penetration tester (eWPT) ☑️ Certified API Security Professional( CASP) ☑️Certified Ethical hacker(CEH) ✅ The deliverable will be a professional Penetration Testing/Vulnerability Assessment report which includes: ☑️ Executive Summary ☑️ Assessment Methodology ☑️ Type of Tests ☑️Risk Level Classifications ☑️ Result Summary ☑️ Table of Findings ☑️ Detailed Findings. Each finds listed within the report will contain a CVSS score, Issue Description, Proof of Concept, Remediation, and Reference sections. ✅ Tool List (Acunetix, Nessus, BurpSuite Professional, Nmap, Netsparker, Metasploit Framework, OpenVAS, Mimikatz, SQLmap, Nikto, checkmax and Zaproxy etc. Note-For more info lets connect over the chat section. ThanksVulnerability AssessmentEthical HackingSecurity Assessment & TestingWeb App Penetration TestingCode ReviewOWASPAPI TestingWebsite SecurityInformation Security AuditInternet SecurityNetwork Penetration TestingWeb Application SecurityPenetration TestingNetwork SecuritySecurity Testing - $30 hourly
- 5.0/5
- (5 jobs)
Highly skilled and motivated Security Engineer with over 10 years of experience in safeguarding critical systems and data within complex environments. Proven expertise in network security, cloud security, DevOps security, incident response, vulnerability assessment, risk management, security automation, and system administration. Committed to enhancing organizational security postures and ensuring compliance with industry standards. Skills & Expertise: Network Security: Proficient in designing, deploying, and maintaining secure network infrastructures, including firewalls, VPNs, IDS/IPS systems, and DDoS mitigation solutions. Experienced with SonicWall and Palo Alto firewall configurations, network hardening, and traffic analysis using tools like Wireshark. Cloud Security: Extensive experience in securing public, private, and hybrid cloud environments. Well-versed in AWS (CloudTrail, CloudWatch, GuardDuty, WAF, Inspector), Azure (Intune, Monitor, Sentinel, Defender for Cloud), and Google Cloud (IAM, Command Center, Scoutsuite) security best practices. Proficient in cloud access controls, data encryption, identity and access management, and implementing security automation using Ansible and Terraform. Vulnerability Assessment & Penetration Testing: Conduct comprehensive security assessments, identify vulnerabilities, and perform penetration testing using industry-standard tools such as OpenVAS, Nmap, OWASP ZAP, Nessus, and Kali Linux. Capable of performing rigorous security testing and forensic analysis on Unix/Linux operating systems. Threat Intelligence: Monitor and analyze real-time security threats, develop preventive measures, and implement security patches and updates. Experienced with SIEM tools like Splunk, Wazuh, Rapid7, CrowdStrike, and Security Onion. Proficient in threat hunting and incident response to mitigate risks promptly. Incident Response: Lead security incident investigations, document findings, and manage incident response efforts to minimize impact and prevent future occurrences. Develop incident response plans and conduct regular drills to ensure preparedness. Policy Development & Compliance: Develop and implement security policies, procedures, and standards aligned with industry best practices and regulatory compliance requirements (GDPR, HIPAA, PCI-DSS). Familiar with NIST, ISO 27001/2, CIS Controls, SOC 2, and other compliance frameworks. Conduct regular audits and ensure continuous compliance with evolving regulations. Encryption & Authentication: Knowledgeable in encryption protocols (TLS/SSL), cryptographic algorithms, PKI infrastructure, and secure authentication mechanisms (LDAP, RADIUS, SAML). Proficient in managing digital certificates and deploying secure access controls to protect sensitive data. Security Automation & DevOps: Implement security best practices in DevOps pipelines using tools like Jenkins, GitHub Actions, and ArgoCD. Automate security processes and integrate security tools in CI/CD pipelines for continuous security monitoring and vulnerability management. Collaboration & Leadership: Excellent communication and collaboration skills, with the ability to work effectively with cross-functional teams, stakeholders, and third-party vendors to ensure security integration across all aspects of an organization. Lead security awareness programs and drive initiatives to bolster organizational security culture. Certifications & Achievements: Recognized by Google for contributions to technology and security. Cloud Native Scholarship recipient, selected among top 300 out of 15,000 applicants. Global Cybersecurity Challenges (GCC): Achieved top 10 status in GCC 2.0 and top 5 in GCC 3.0, a prestigious international cybersecurity contest with participants from over 120 countries. Contributed to over 40 esteemed publications including Forbes, TechCrunch, and ZDNet, raising awareness about critical security issues. Feel free to reach out for any security needs or consultation. Looking forward to securing your digital assets and ensuring a robust security posture for your organization!Vulnerability AssessmentCybersecurity ManagementISO 27001DockerPenetration TestingKubernetesApplication SecurityNetwork SecurityInformation SecurityGoogle Cloud PlatformMicrosoft AzureCloud SecurityTerraformPythonAmazon Web Services - $25 hourly
- 5.0/5
- (19 jobs)
As an experienced Penetration Tester, I've conducted and led successful security audits, web application penetration testing, and red team engagements for a wide range of companies. My experience varies from working with global enterprises with large-scale infrastructures to smaller businesses looking to improve security measures for a competitive edge. I have worked with organizations like - HackerRank - World Bank - HDFC Bank - RBLBank - Kotak Mahindra Bank - Ganpat University - GTU University - BookMyShow - MakeMyTrip Certifications: CEH, eJPT, OSCP, Certified Metaverse Security Consultant. As a security engineer, my daily tasks include identifying and mitigating potential vulnerabilities by applying my knowledge of penetration testing, cyber security, and vulnerability assessment. Through these experiences, I have completely studied the prevailing technology stacks used globally, allowing me to determine their security vulnerabilities with precision. 🚫No hacking service - I do not provide any hacking services, and I will not engage in any activities that involve gaining unauthorized access to any accounts, systems, or social media platforms. Requests for such services will be declined. Working with me, you will: ★ Customized approach: I understand that every client's needs are unique, and I tailor my approach to meet your specific requirements. This ensures that you get the most comprehensive and effective security testing possible. ★ Timely delivery: I understand that time is of the essence when it comes to security testing, and I always deliver my reports on time, without compromising on quality. ★ Complete manual testing for your application and immediate notification if any high-impact issues are found. ★ Unlimited retesting for the fixed issues and unlimited revisions ★ Able to find critical bug classes that are often missed by automated pentests. 🔢 My stats are: ✅ Top-rated in information security and IT compliance categories ✅ Saved tens of thousands of dollars for clients by identifying critical vulnerabilities ✅ Ranked in the Top 50 at multiple bug bounty programs ✅ Supporting all time zones ✅ Long-term engagements ✅ Professional certifications (OSCP, CREST CPSA, OSEP, OSWP, CEH) Penetration Testing and Vulnerability Assessment Tools: Manual Testing: Burpsuite Professional, Nuclei, Ffuf, Nmap, Postman (API testing), Metasploit Framework, SQLmap, OWASP ZAP Automated Testing: Acunetix, Nessus, Netsparker, etc. Penetration testing service: 1. Penetration Testing Engagement: Thorough manual and automated testing of all functionalities, including internal penetration tests and network infrastructure testing. Professional enterprise-grade software is used, such as BurpSuite Professional, Acunetix, and Nessus. 2. Professional Report and Statistics: A detailed report explaining the exploitation and discovery method of each vulnerability discovered, including proof-of-concept screenshots, full requests and responses, CVSS v3.0 standardized risk score, and impact. 3. Remediation Advice and Guidance: Remediation advice was provided for all security issues discovered, including guidance on how to fix the issues and warnings associated with the impact and risk of these vulnerabilities. 4. Asset Discovery: Active and passive methods are used to assess the digital footprint on the internet, including subdomain enumeration and service/port discovery. 5. Free Retest: Retest all vulnerabilities present in the report included in the price to ensure implemented security controls and/or fixes are working as intended. 6. OSINT Reconnaissance: Gather all valuable data about the company on the internet, including any breached email addresses and related passwords. 7. Briefing and debriefing: Calls or meetings are available to discuss the scope of work, the focus of the penetration testing engagement, including all subdomains, black-box or white-box engagement, account requirements, preferred hours for load testing, and any other guidance required. Calls or meetings are available after the penetration test is completed to discuss the engagement results, the main issues and concerns regarding the company's security, and any further clarification regarding any vulnerability and the associated impact or risk. ✅ The deliverable will be a professional penetration testing and vulnerability assessment report, which includes: ► Executive Summary ► Assessment Methodology ► Types of Tests ► Risk Level Classifications ► Result Summary ► Table of Findings ► Detailed Findings: Each finding in the report will contain a CVSS score, issue description, proof of concept, remediation, and reference sections. ► Retest for issues My Expertise: ★ Web Application Security Testing ★ API security testing ★ Penetration Testing ★ Internal Active Directory and External Network Pentest ★ Vulnerability Assessment. ★ Thick Client Pentest (Windows Desktop App Testing) ★ OSINT AssessementVulnerability AssessmentOpenVASApplication SecurityPenetration TestingNIST SP 800-53Web Application SecurityEthical HackingSecurity AnalysisCloud SecurityOWASPNetwork Penetration Testing - $30 hourly
- 5.0/5
- (6 jobs)
Hi, I am an (ISC)² certified security professional and cybersecurity consultant with 6+ years of experience in application vulnerability assessment and penetration testing, security auditing, Vulnerability management, and Incident Response. 🌟I currently work for a Fortune 50 company and day-to-day activities include Penetration Testing, Vulnerability Management, false-positive analysis, and automating security scans with DevSecOps. 🙋🏼♂️I have good expertise with various security testing tools ranging from open source to enterprise-level tools including Burpsuite Pro, Netsparker, Acunetix, Checkmarx, Tenable, Fortify SSC, Web Inspect, etc. Certifications I possess • (ISC)² Certified in Cybersecurity • EC Council USA Certified Ethical Hacker- CEH v9 • Certified Security analyst • Splunk Certified power user ✅ Contact me for manual/automated vulnerability assessment and penetration testing (VAPT) of your web or mobile application. ✅ I can provide you with a detailed report of all the vulnerabilities in your app with risk rating and mitigation techniques for the same. ✅ The report will be in compliance with OWASP top 10 vulnerabilities, SANS top 25 software errors, and other industry-wide standards. ✅ A re-testing will be provided once the report is submitted and the client fixes the vulnerabilities to confirm all vulnerabilities are patched and ensure security.Vulnerability AssessmentOWASPWebsite SecurityCode ReviewAPI TestingNetwork Penetration TestingInformation Security AuditWeb Application SecurityWeb App Penetration TestingCloud SecurityInformation Security ConsultationApplication SecurityPenetration TestingInformation SecuritySecurity Testing - $30 hourly
- 5.0/5
- (7 jobs)
CISM-certified Cyber Security Consultant with 9 years of experience implementing and managing comprehensive security solutions. Expertise in endpoint protection, SIEM solution, cloud security and penetration testing. I have a strong ability to assess, mitigate, and respond to complex security threats. I am experienced in leading security projects, creating tailored policies, and providing expert guidance to organizations of all sizes. Experienced in working with global teams across time zones, cultures, and languages AREAS OF EXPERTISE * Vulnerability Assessment and Penetration Testing (VAPT) * Endpoint Protection * Threat hunting * SOC Architecture and Implementation * Threat Detection and Incident Response * Azure and Microsoft 365 SecurityVulnerability AssessmentIncident ManagementMicrosoft Endpoint ManagerCloud SecurityCloud Security FrameworkInformation SecurityIncident Response PlanPenetration TestingSystem Security - $25 hourly
- 5.0/5
- (2,389 jobs)
⚡ TOP RATED Freelancer | ⚡ 12+ Years Experience I'm a Top Rated Upwork Freelancer and Offer Services in Malware Removal, Virus Removal, Ethical Hacking / Internet Security, WordPress Speed Optimization, Websites Transfer, SSL Installation, WordPress Development, Linux Server Administration and Zen Cart / Drupal / MODX / Moodle / Joomla Upgrade. Over the last 12 years, I Have Worked on 5000+ Websites Security (Cleaning from Malicious Code and Hardening Security), 1000+ Websites Transfer, 200+ WordPress Websites Speed Optimization (Delivered Results As Per Google PageSpeed Insights, GTmetrix) and 500+ SSL Installs (Including HTTP to HTTPS migration). Service Description: 1. Malware / Virus Removal from Websites (Cleaning Hacked Websites) and Servers. ✔100% Malware Cleanup Including Database Clean ✔Japanese Keyword Hack, SEO Spam / Pharma Hack Fix ✔Credit Card Stealers and Ecommerce Malware Fix ✔Google Blacklist Removal (This Site may be Hacked), Google Deceptive Warning Fix ✔McAfee SiteAdvisor, Norton Blacklist or Any VirusTotal Based Blacklist Fix ✔WP-VCD Malware, Backdoor / Malicious Javascript / Conditional Redirects Fix 2. Website Security Maintenance (Implementing Future Security Measures and Guiding How to Maintain Security for the Future). 3. Website Transfer/Migrate to New Host / Domain (Any PHP-based CMS or Custom-coded Website). 4. SSL Install, HTTP to HTTPS Migration with Secure Padlock. 5. WordPress (Websites Development and Troubleshooting Which Includes Fixing Critical Error / Fatal Errors). 6. Linux Server Administration. 7. Optimize and Increase the Speed of WordPress Websites. 8. Zen Cart / Drupal / MODX / Moodle / Joomla Upgrade (Upgrade to the Latest Stable Version). 9. Penetration Testing (Checking Websites for Security Vulnerabilities).Vulnerability AssessmentMalware DetectionDomain MigrationWordPress SecurityInformation SecurityWebsite MigrationWordPress Malware RemovalWordPressSSLInternet SecurityWebsite SecurityVirus RemovalPenetration TestingMalware RemovalNetwork Security - $15 hourly
- 5.0/5
- (127 jobs)
Web Penetration Testing(OWASP Top 10 methodology) | Network Penetration testing | OWASP API Security | Mobile Vulnerability Assessment(iOS and Android) | Source Code Reviews(.Net, Java, PHP) | Vulnerability Assessment and Penetration Testing | SIEM team (Cloud(AWS and Azure) Security, File Integrity Monitoring and Event Monitoring, Endpoint Security and Encryption, Data Loss Prevention, Network Access Control, Threat Monitoring (Email Traffic and Malware Analysis), Privileged Access and Identity Management) Have 7+ years of experience in both black box and white box testing penetration testing. Perform VAPT (Vulnerability Assessment and Penetration Testing) services for web applications, networks, mobile; source code reviews; malware analysis; server hardening; and security analysis etc. Conduct penetration testing in a systematic approach. Follow the standard methodology of the industry like OWASP Testing Guide v4(OTGv4); SANS top 25; NIST SP 800-115; PCI DSS to perform penetration testing so that client can concentrate on their professions without worrying about security threats. Web Application Testing: Do web application penetration testing with the latest methodology like OWASP Top-10, SANS Top-25. Perform both manual and automated penetration testing for vulnerabilities like Injection flaws(such as SQL, NoSQL, OS, and LDAP injection etc),Broken Authentication, Sensitive Data Exposure,XML External Entities (XXE), Broken Access Control,Security Misconfiguration, Cross-site scripting(XSS), Insecure Deserialization, Using Components with Known Vulnerabilities,Insufficient Logging & Monitoring. Also, perform source code reviews for many technologies like Java, NET, PHP etc. Approach for Manual Web-Application Penetration Testing: Conduct manual testing with following controls: * Configuration and Deployment Management Testing * Identity Management Testing * Authentication Testing * Authorization Testing * Session Management Testing * Input Validation Testing * Testing for Error Handling * Testing for weak Cryptography * Business Logic Testing * Client Side Testing Tools that use for Automated Web Penetration Testing: Acunetix, Burp-Suite, Netsparker, Nexpose, Nikto, IBM AppScan, HP fortify, W3af etc. Network penetration testing: Provide both external and internal network Penetration Testing so that your Network Infrastructure is secured from the real world attacks. Do both manual and automated network penetration testing. Approach for Manual Network Penetration Testing: Manually check for IDS/IPS, Server, Networks switch, Network Router, VPN, Firewalls, Anti-virus, Password etc. Tools that use for automated network penetration testing: OpenVas, Wireshark, Nessus, Metasploit, Armitage, Scapy etc. Mobile Application Penetration Testing: Perform mobile applications application penetration testing with the latest OWASP methodology(MSTG). Performed both manual and automated penetration testing for vulnerabilities like Weak Server Side Controls, Insecure Data Storage, Insufficient Transport Layer Protection, Unintended Data Leakage, Poor Authorization and Authentication, Broken Cryptography, Client Side Injection, Security Decisions Via Untrusted Inputs, Improper Session Handling, Lack of Binary Protections. Tools: Burp-Suite, HP fortify, Dex2Jar, Apktool, framework-res.apk, iNalyzer. Source Code Reviews: Perform source code reviews for both front and back-end languages. Perform source code reviews standard methodology like OWASP top 10. Do manual and automated source code reviews for various web based security vulnerabilities like SQL injection, Cross site scripting (XSS), CSRF, RFI,LFI, Authentication bypass etc. Tools: CheckMarx, IBM Appscan source for analysis, Microfocus HP Fortify. Security Analysis and Server Hardening: Regularly check and maintain your systems, servers to ensure that they comply with the standards. Do hardening application checks the item automatically on a daily basis and monitors all critical networks and server components. We support various frameworks like CIS benchmarking for Desktops & Web Browsers, Mobile Devices, Network Devices, Servers – Operating Systems, Virtualization Platforms & Cloud etc. Social Engineering: Have experience in social engineering vectors: Vishing, Phishing, Smishing, Impersonation. Used the following social engineering cycle to conduct social engineering: Gather Information: Here Information gathered from company websites, social media and other publications. Plan Attack: Next step is outline how intends to execute the attack Acquire Tools: After planning, next include computer programs that an attacker will use when launching the attack. Attack: Exploit the weaknesses in the target system. Use acquired knowledge: Information gathered during the social engineering tactics is used in attacks such as password guessing. Tools: SET(Kali-Linux); GetGoPhishVulnerability AssessmentWeb TestingInformation Security AuditWeb Application SecurityWebsite SecurityNetwork Penetration TestingSoftware QASecurity AnalysisInternet SecurityInformation SecurityPenetration TestingNetwork Security - $30 hourly
- 4.9/5
- (140 jobs)
🔢 As a seasoned Penetration Tester, I have a proven track record of conducting and leading successful security audits, web application penetration tests, and red team engagements for a diverse range of clients. My experience ranges from working with multinational corporations with large-scale infrastructures to smaller companies seeking enhanced security measures for competitive advantage. As a security engineer, my day-to-day responsibilities revolve around leveraging my expertise in penetration testing, cyber security, and vulnerability assessment to identify and mitigate potential vulnerabilities. Through these experiences, I have comprehensively understood the prevailing technology stacks employed worldwide, allowing me to discern their security weaknesses with precision. 🚫No hacking service - I do not provide any hacking services, and I will not engage in any activities that involve gaining unauthorized access to any accounts, systems, or social media platforms. Requests for such services will be declined. Working with me, you will: ★ Customized approach: I understand that every client's needs are unique, and I tailor my approach to meet your specific requirements. This ensures that you get the most comprehensive and effective security testing possible. ★ Timely delivery: I understand that time is of the essence when it comes to security testing, and I always deliver my reports on time, without compromising on quality. ★ Complete manual testing for your application and immediate notification if any high-impact issues are found. ★ Unlimited retesting for the fixed issues and unlimited revisions ★ Able to find critical bug classes that are often missed by automated pentests. 🔢 My stats are: ✅ Top-rated in information security and IT compliance categories ✅ Saved tens of thousands of dollars for clients by identifying critical vulnerabilities ✅ Ranked in the Top 50 at multiple bug bounty programs ✅ Supporting all time zones ✅ Long-term engagements ✅ Professional certifications (OSCP, CREST CPSA, OSEP, OSWP) Sound like a fit? 🟢 Press '...' button and then ‘Send Message’ button in the top right-hand corner Penetration Testing and Vulnerability Assessment Tools: Manual Testing: Burpsuite Professional, Nuclei, Ffuf, Nmap, Postman (API testing), Metasploit Framework, SQLmap, OWASP ZAP Automated Testing: Acunetix, Nessus, Netsparker, etc. Penetration testing service: 1. Penetration Testing Engagement: thorough manual and automated testing of all functionalities, including internal penetration tests and network infrastructure testing. Professional enterprise-grade software is used, such as BurpSuite Professional, Acunetix, and Nessus. 2. Professional Report and Statistics: A detailed report explaining the exploitation and discovery method of each vulnerability discovered, including proof-of-concept screenshots, full requests and responses, CVSS v3.0 standardized risk score, and impact. 3. Remediation Advice and Guidance: Remediation advice was provided for all security issues discovered, including guidance on how to fix the issues and warnings associated with the impact and risk of these vulnerabilities. 4. Asset Discovery: Active and passive methods are used to assess the digital footprint on the internet, including subdomain enumeration and service/port discovery. 5. Free Retest: Retest all vulnerabilities present in the report included in the price to ensure implemented security controls and/or fixes are working as intended. 6. OSINT Reconnaissance: Gather all valuable data about the company on the internet, including any breached email addresses and related passwords. 7. Briefing and debriefing: Calls or meetings are available to discuss the scope of work, the focus of the penetration testing engagement, including all subdomains, black-box or white-box engagement, account requirements, preferred hours for load testing, and any other guidance required. Calls or meetings are available after the penetration test is completed to discuss the engagement results, the main issues and concerns regarding the company's security, and any further clarification regarding any vulnerability and the associated impact or risk. ✅ The deliverable will be a professional penetration testing and vulnerability assessment report, which includes: ► Executive Summary ► Assessment Methodology ► Types of Tests ► Risk Level Classifications ► Result Summary ► Table of Findings ► Detailed Findings: Each finding in the report will contain a CVSS score, issue description, proof of concept, remediation, and reference sections. ► Retest for issues (The vulnerabilities will be retested after they're fixed; multiple retests can be done to ensure the issues are remediated.) My Expertise: ★ Web Application Security Testing ★ API security testing ★ Penetration Testing ★ Internal Active Directory and External Network Pentest ★ Vulnerability Assessment. ★ Thick Client Pentest (Windows Desktop App Testing) ★ OSINT AssessementVulnerability AssessmentRisk AssessmentOWASPNetwork Penetration TestingBlack Box TestingWeb Application SecurityWebsite SecurityWeb App Penetration TestingApplication SecuritySystem SecuritySecurity TestingSecurity Assessment & TestingNetwork SecurityPenetration TestingInformation Security - $35 hourly
- 4.8/5
- (2 jobs)
Experienced Penetration tester and Occasional Bug Bounty hunter Day Job Activities/Responsibilities ------------------------------------------ Pentesting Web Application Develop various security tools for penetration testing Presenting and documenting detailed findings and fixes based on the testing Participate in CTFs and Bug Bounty Programs Training ----------- BurpSuite Mastery by Peritus Academy. Skills ------ Scripting & Automation: Python, Php, Javascript, BASH, Linux, Servers Experienced with all common attack vectors and mitigation techniques. My specialties are: - Web Application Penetration Testing - Api Penetration Testing - Security Assessment - Vulnerability Assessment - Owasp Top 10 - Reconnaissance - Open Source Intelligence (OSINT) I look forward to hearing from you! Keen on Deadlines, want fair business together.Vulnerability AssessmentGoogle Chrome ExtensionServerBrowser ExtensionApplication SecurityOWASPWeb App Penetration TestingPenetration TestingWordPress Malware RemovalBash ProgrammingLinuxInformation SecurityWebsite SecurityJavaScriptPHP - $40 hourly
- 5.0/5
- (10 jobs)
Mustaque (CISSP) brings and assist clients in infrastructure Security, Cloud Security, Network Security, Cloud Migration, Threat Intelligence and integrating Information Security program for an organization. With over 15+ years of IT experience, I provide cost-effective solutions to Start-Ups, SMBs/SMEs, and Large Enterprises. I am passionate about helping people succeed in their core business while making an impact on securing their computing environment and making it difficult for outsiders to penetrate or get unauthorized access to the network. I have worked with organizations like IBM, Microland, Bank of America, and other Fortune 500 companies. My background covers the technology discipline (Security by design, Public Cloud Security, Public Cloud Migration, Network Security, threat intelligence, Vulnerability Assessment & Management, and Consulting). My Specialization is to build a solid platform using a security by design concept to stop inside and outside threats. Skill Set: Next Generation Firewalls (Cisco FTD, FortiGate, PaloAlto, Meraki) F5 SSLO, WAF , IPSec. SSL VPN, Zero Trust Architecture, Cloud Security, Internet security, firewalls, IDS, IPS, Nessus, Qualys, Kali Linux, Meta-exploit, Honeypots. Here are some of the area's Mustaque can help with: - Design and Implement Secure virtual data center in Public Cloud (Azure, AWS). - Design and Implement Cloud Security components while designing a virtual data center. - Design and Implement SDWAN at the enterprise level. Add SDWAN security while designing it. - Design and Implement Zero Trust Architecture using state of art zero trust technologies - Help to perform Risk Assessment. - Implementing Security Solutions at multiple layers to provide adequate security. - Audit and assist in implementing Compliance per the standard. - Security Incident & Reporting. - Design, implement and monitor Threat Intelligence program. - Design, implement and test the Disaster Recovery Program. - Research on System logs to build a security data lake. Product Experience: I have worked in Multi-Vendor Environment. Enough exposure to Industry-leading solutions. Professional Certifications: CISSP - Certified Information Systems Security Professional ZTCA - Zero Trust Certified Architect CASA - Certified AlgoSec Security Administrator ECSA - EC-Council Certified Security Analyst CEH - Certified Ethical Hacker MCSA - Microsoft Certified Solutions AssociateVulnerability AssessmentIT Compliance AuditNetwork EngineeringCloud SecurityCloud ImplementationWeb Application FirewallCloud ArchitectureCloud MigrationNetwork AdministrationNetwork DesignSystem SecurityInformation SecurityKali LinuxAT&T CybersecurityNetwork Security - $50 hourly
- 5.0/5
- (2 jobs)
"I really appreciate what you did for Katana by helping us to fortify our product security! Thank You, Usama" - Priit Kaasik (Co-founder & CTO at Katana Manufacturing ERP) I help you make your applications secure by identifying security flaws in your applications, APIs, and codebases. Recently, I helped Sketchdeck discover over 35+ high-severity loopholes affecting 100K+ users in their applications by doing penetration testing, secure code review, and API security testing. "I highly recommend Usama for any application security needs. He has been a valuable asset to our team at Sketchdeck, discovering critical security issues through manual testing and in-depth analysis. He has a lot of expertise in white-hat-hacking, is extremely creative and driven to help secure our web application. I recommend Usama to anyone looking to bolster their security measures." - Joe Teibel (Head of product & engineering @Sketchdeck) "We increased the reported severity from High to Critical. This is because it allows the takeover of another account, given only that account's email address. We were impressed with this report, Usama. You found a critical vulnerability, one that nobody else had found. Nice job." - Clio, (A leading lawyer's platform)Vulnerability AssessmentNetwork Penetration TestingWeb App Penetration TestingNetwork SecurityInformation Security AuditJavaScriptNode.jsWebsite SecurityInformation SecurityApplication SecuritySecure SDLCWeb Application SecurityEthical HackingSecurity Testing - $70 hourly
- 5.0/5
- (14 jobs)
~Steering Blockchain concentric projects on the process and importance of Security Audits ~Researching use-cases and the process of Blockchain Implementation ~Building Connections to strengthen a more secure and safe community in the Blockchain space | DeFiVulnerability AssessmentSecurity EngineeringWeb Application SecurityFinancial AuditDAppsBlockchain DevelopmentBlockchain SecurityEthereumSmart ContractRustBlockchainBlockchain ArchitectureSolidityLayer 2 BlockchainBinance Coin - $45 hourly
- 5.0/5
- (36 jobs)
Hello, I am Vatsal Raichura. I have 4+ years of experience in the IT Industry as an Information and Network Security Specialist. I have worked with many top IT, Security, and Crypto Brands. I have expertise in Vulnerability Assessment and Penetration Testing (VAPT), Blockchain & Smart Contract Audits, Web and Application testing, Network and System testing, Blackbox testing, etc.Vulnerability AssessmentFuzzingSmart ContractBlockchainPenetration TestingInformation SecuritySolidityFinancial AuditSecurity TestingDAppsIT Compliance AuditWeb Application SecurityISO 27001Mobile App Testing - $45 hourly
- 5.0/5
- (62 jobs)
✅ Top Rated Plus Expert ✅ 1000+ Hours ✅ Professional Penetration Tester Senior Penetration Tester with more than 6+ years of rich industry experience in Web, Mobile, API, and Network Penetration Testing. I have successfully completed 500+ Web application Pentests, 200+ Mobile Application Penetration Tests, 300+ API Penetration Tests, 100+ External Network Penetration Tests and 30+ Internal Penetration Tests. I am also a Security researcher acknowledged by Yahoo (among other notable companies like SolarEdge, Imgur, Artsy, etc.) for disclosing a number of vulnerabilities via the HackerOne bug bounty platform. My core competency is Blackbox, Greybox Testing on Web, API, Mobile, and Network applications. I am familiar with all attacks and mitigations and am well-versed in OWASP, NIST, and PTES Frameworks. My Pentesting reports include clear documentation of the vulnerabilities found along with the remediations to make sure the client is 100% satisfied. I am also certified in AWS, and Azure and have a very keen knowledge of Cloud Security and cloud administration. ✅ I have conducted Penetration Tests, Vulnerability Assessments and delivered professional reports to companies around the world complying with the following: ►OWASP Web Security Top 10 Vulnerability ►OWASP API Security Top 10 Vulnerability ►OWASP Mobile Security Top 10 Vulnerability ►External Network Penetration Testing ►Internal Network Penetration Testing ►Payment Card Industry Data Security Standard (PCI DSS) ►System and Organization Controls 2 (SOC2) ►General Data Protection Regulation (GDPR) ►Common Vulnerability Scoring System (CVSS) ►Open Source Security Testing Methodology Manual (OSSTMM) My Certs include: ►CompTIA Pentest+ ►AWS Solutions Architect ►Azure Administrator Tools: Burp Suite, Nikto, Nmap, Zap, Metasploit, Nessus, W3af, Ffuf, Dirb, etc... I am available 24/7. If you are interested in cooperation, drop me a line :)Vulnerability AssessmentWeb Application SecurityNetwork Penetration TestingWeb App Penetration TestingCloud SecurityMobile App TestingInformation Security AuditInformation SecurityMetasploitNetwork SecurityPenetration Testing - $40 hourly
- 5.0/5
- (11 jobs)
Ethical Hacker with good understanding of Penetration testing methodology and in-depth coding/networking knowledge. Coming with Strong communication skills, technical writing skills, and certification in Ethical Hacking and Internet Investigation Specialist.Vulnerability AssessmentNetwork Penetration TestingMetasploitCybersecurity ManagementWireless SecurityWeb App Penetration TestingEmail SecurityNetwork SecurityResearch PapersInformation SecurityKali LinuxContent WritingPenetration TestingTechnical Writing - $50 hourly
- 5.0/5
- (24 jobs)
Services Offering : Ethical Hacking, Vulnerability Assessment & Penetration Testing, DevSecOps, Web Application Security, API Security, Android & iOS Mobile application Security, Network Security, Desktop Application Security, Cloud Security Audits and Penetration Testing, Thick Client App Security, Secure Code Review, DevSecOps, Container Security, IoT/Hardware Security, Blockchain or Smart Contract Security Audit, Security Configuration Review - Firewall, Switches, Router, OS and Server, etc. I am a Certified Cyber Security Expert/Professional and Security Engineer. I have more than 5 years of corporate experience in vulnerability assessment & penetration testing of Web Application, API, Android & iOS Mobile application, Network, Desktop Application, Cloud Security Audits and Penetration Testing, Thick Client App Security, Secure Code Review, DevSecOps, Container Security, IoT/Hardware Security, Blockchain/Smart Contract Security Audit, Security Configuration Review - Firewall, Switches, Router, OS and Server, etc. Follow systematic approach and best industry methodology like OWASP Testing Guide v4(OTGv4) ; SANS top 25; NIST SP 800-115. I help to identify and mitigate the threats and vulnerabilities in systems and softwares with my skills I provide the following services: ✅ Penetration Testing Engagement ✅ This includes both thorough manual testing of all functionalities and automated testing for all websites, applications, servers or infrastructure included in the scope of work, using both professional enterprise grade software such as BurpSuite Professional and Nessus and also personal scripts and tools gathered over past engagements. This services extends as well to internal penetration tests and network infrastructure testing as well. ✅ Professional Report & Statistics ✅ Detailed report explaining step-by-step the exploitation and discovery method of each and every vulnerability discovered. Proof-of-Concept screen captures, full requests and responses, CVSS v3.0 standardised risk score, impact and ownership included. ✅ Remediation Advice & Guidance ✅ Remediation advice regarding all security issues discovered, how to fix them and warnings associated with the impact and risk of these vulnerabilities. ✅ Asset Discovery ✅ Through both active and passive methods, I can help you asses how big your digital footprint is on the internet and what is the attack platform visible from an outsider threat perspective. This includes subdomain enumeration and service/port discovery. ✅ Free Checkup ✅ Included in the price will be a checkup/retest of all aforementioned vulnerabilities present in the report in order to ensure that the implemented security controls and/or fixes are working as intended and that there is no other way to bypass them or exploit that vulnerability any longer. Technical Skills: - Vulnerability Assessment & Penetration Testing - Web Application VAPT - API VAPT - Android & iOS Mobile ApplicationVAPT - Network VAPT - AWS/ Azure/ GCP/ DigitalOcean Cloud Security Audit and Penetration Testing - Microsoft Office 365 Security Audit or Configuration Review - Thick Client or Desktop Application VAPT - Active Directory Security - DevSecOps - Container Security - VoIP Penetration Testing/ Security Testing - IoT/Hardware Security Testing - Smart Contract Security Audit - Threat Modeling - Threat Intelligence - Open Source Intelligence - Security Configuration Review - Firewall, Switches, Router, Operating Systems and Servers Certification Achieved: - CREST Practitioner Security Analyst (CPSA) - CREST Registered Penetration Tester (CRT) - Offensive Security Certified Professional (OSCP) - ISO 27001 Lead Auditor - (ISC)2 Certified in CyberSecurity - Information Security Certified Professional (ISCP) - Cyber Security Foundation Professional Certificate (CSFPC) - Certified AppSec Practitioner (CAP) Achievements : I got Appreciation Certificate from NCIIPC (Indian Government) for submitting few security issues. I attended private bugbounty programs organised by CCTNS (Crime and Criminal Tracking Network and Systems - Indian Government) and Bharti Airtel. I helped to secure some companies such as Dell, DigitalOcean, StatusPage, Caviar, Western Union, UnderArmour, Arlo Cash Rewards, Kenna Security, Pantheon, Mailgun, Seek, Skyscanner, Fitbit, Overstock and more.Vulnerability AssessmentCode ReviewISO 27001Ethical HackingNetwork Penetration TestingWebsite SecurityCloud SecurityWeb App Penetration TestingSecurity TestingInformation SecurityApplication SecuritySource Code ScanningSecurity Assessment & TestingPenetration TestingNetwork Security - $40 hourly
- 5.0/5
- (6 jobs)
I am a Penetration Tester with various skills I have learned over the years, I’m very enthusiastic for cyber security and always keep myself up to date with cyber news and threatsVulnerability AssessmentNIST Cybersecurity FrameworkCode ReviewWeb Application SecurityWeb App Penetration TestingRed Team AssessmentCloud SecurityAPI TestingMobile App TestingMobile App Bug FixEthical HackingInformation SecuritySource Code ScanningSecurity TestingPenetration Testing - $50 hourly
- 5.0/5
- (2 jobs)
Hi, I'm Parikshit Certification and Experience: Certified Ethical Hacker - Practical 2022 Certified in Comptia Security+ Certified Azure Fundamental certified Azure Security Compliance and Identity Fundamentals Certified. 8+ years of Experience in IT industry as Security Consultant. Technical skills: Web application penetration testing Network Penetration testing Vulnerability assessment Ethical Hacking DevSecOps (SAST & DAST) Linux Administration System Administration System and Network Security. Web application Security. technowebhack.com : Owning a website based on Ethical hacking, Linux, Networking, Computer tricks and tips. Let me know if I can be helpful 😊 At your ServiceVulnerability AssessmentSystem SecurityWindows 10 AdministrationEnd User Technical SupportWeb Application SecurityLinux System AdministrationDevOpsNetwork Penetration TestingWeb App Penetration TestingSystem AdministrationWindows Administration - $50 hourly
- 5.0/5
- (3 jobs)
⭐⭐ 𝐀𝐕𝐀𝐈𝐋𝐀𝐁𝐋𝐄 𝐀𝐋𝐋-𝐓𝐈𝐌𝐄 ⭐⭐ 🏅 3 Years+ Experience in Cyber Security, Penetration Testing, Website Developing & Malware Removing✅ Full-Time Availability: 40 Hours/Week, 24/7 Ready to Assist You Always! ⭐ Hello! I'm Jaruk Akhon, a dedicated Cyber Security Expert with a passion for protecting businesses from cyber threats. With 4 years + of experience in penetration testing, malware removal, and enhancing digital security frameworks, I have successfully secured numerous systems and applications. ⭐ KEY SKILLS: • Penetration Testing: Skilled in identifying vulnerabilities in applications, networks, and systems, ensuring robust security. • Malware Removal: Experienced in diagnosing and eliminating malware threats, and restoring system integrity and performance. • Cyber Threat Analysis: Proficient in assessing threats and implementing strategic security measures to mitigate risks. • Security Policy Development: Expertise in designing and implementing security policies and protocols tailored to business needs. • Continuous Learning: Stay up-to-date with the latest cybersecurity trends, tools, and technologies. ⭐ WHY CHOOSE ME?: • Proven Track Record: I have successfully completed many projects to safeguard digital assets. Industry Certifications: Certified • Client-Centric Approach: I prioritize understanding your unique challenges and delivering customized solutions. • Reliable Partner: Committed to maintaining confidentiality and providing timely, actionable insights. 🏅 Let's collaborate and work together to create something incredible! Please get in touch with me; I'd love to assist you in realizing your idea! 💡🤝 Best wishes, Jaruk AkhonVulnerability AssessmentEncryptionSystem SecurityInformation SecurityWeb App Penetration TestingPenetration TestingDatabase SecurityDigital ForensicsMalware DetectionMalware RemovalWordPress Malware RemovalKali LinuxCybersecurity ManagementNetwork Mapper - $40 hourly
- 5.0/5
- (3 jobs)
Hello, I'm Harsh Kashiparekh, a forward-thinking cybersecurity entrepreneur dedicated to fortifying digital landscapes against evolving threats. With a relentless drive for innovation and a datadriven analytical approach, I specialize in solving complex business problems. I bring a wealth of experience from having establishing startups and assessing the cybersecurity posture of large, publicly traded companies while working at a B4 in New York, having implemented cutting-edge tools across multinational corporations in India and the United States. About My Ventures: As the Founder of Securis360, my focus revolves around Vulnerability Assessment and Penetration Testing (VAPT), compliance audits, SOC and info sec compliance, and certifications including ISO 27001, PCI-DSS, GDPR, HIPAA, HITRUST, and SOC1/SOC2. My experienced team in both India and the US excels in navigating the intricate requirements of cybersecurity certifications,Vulnerability AssessmentSecurity Operation CenterSecurity AnalysisCybersecurity MonitoringCyber Threat IntelligencePenetration TestingCybersecurity ManagementSystem Security - $60 hourly
- 4.8/5
- (156 jobs)
SSO expert having Identity and Access Management expertise of 16+ years in SAML / OpenId Connect / Oauth 2.0 / JWT / FIDO2/ Webauthn / 2FA etc. I have experience with open source and commercial SAML implementations (Shibboleth, SimpleSAMLphp, Okta, OneLogin, Auth0, Spring Security SAML, Keycloak, ForgeRock, IBM Security Access Manager etc.), and I am comfortable working in any programming language (PHP, Java, JavaScript, Python, ASP.NET, C#, Ruby, Go, etc.) or framework (Node.js, Meteor, Angular, Django, CodeIgniter, Concrete5, Yii, Symfony, Laravel, WordPress etc.). I have a strong track record of helping clients succeed with: -Adding SAML authentication to custom applications -Troubleshooting SAML Identity Provider and Service Provider errors -Deploying SAML Identity Providers (IdPs) and Service Providers (SPs) -Finding the right architecture for layering SSO technologies (AD, LDAP, OAuth, OpenID Connect, CAS, Kerberos, JWT, multi-factor, etc.) -Providing training, documentation and third-party support -Deployment and architectures of LDAP solutions (OpenDJ, OpenLDAP, IBM Security Directory Server etc). Architectures with high availablity and custom schema. LDAP proxy / bridge solutions deployment. -Architectures and solution Implementation of Identity and Access governance solutions (Sailpoint IIQ , IBM Security Identity Manager, IBM Security directory integrator ). -Role based access control implementation in Identity management solutions. -Risk based access control implementation with Access Management solutions. Devops and cloud security - - Dockerize applications and platforms. - Deployment of applications on AWS EKS platform. - Deployment of applications on GCP GKE platform. Complex Integrations - - Rest API development and security with Oauth / JWT tokens. - API gateway integrations of API. SSO and Identity Access Management Integration Expert | Technical Project ManagerVulnerability AssessmentSolution Architecture ConsultationOKTAApplication SecuritySingle Sign-OnAPI IntegrationOAuthCybersecurity ManagementSecurity AnalysisInformation Security ConsultationAuth0LDAPUser Identity ManagementAmazon Cognito - $40 hourly
- 5.0/5
- (22 jobs)
Key qualifications: * Information Security * Kali Linux * Metasploit and Wireshark * Penetration Testing using Kali * Internet of Things and Go * Programming, development and design Oracle sql, pl/sql * Database modeling and design * Oracle Database Administration 8i,9i,10g,11g * Oracle RAC 9i,10g,11g * Oracle Data Guard (installation and configuration) * Oracle Standby * Oracle ODI * Oracle OWB * Oracle Forms/Reports All Versions * Oracle data warehousing design, and implementation * Oracle Business Intelligence 10g, 11g * Weblogic * Kali Linux * Oracle Discoverer * Oracle Apex design and development * C, C++ * PHP * MYSQL * php, vbscript, javascript * Eclipse * SQLCL * Oracle SQL Developer * Database Security * Work on Windows and Linux OS * Penetration Testing * Internet of Things * Service Design * Creativity * Prototyping * NodeJS * Go * HTML5 * Business building * User Experience * JavaScript * Innovation * Google Cloud * Python * Shopify * Solidity I am a Phd holder in database and I have 10+ years of experience in Oracle Development and Penetration testing. I can provide complete penetration testing services. I can conduct penetration tests on your website in order to find vulnerabilities. I can perform host, network, and web application penetration tests. I offer you vulnerability assessment/penetration testing with easy-to-read report. I have sufficient time to spend on new projects. Many jobs are active but there are long term & regular maintenance jobs. Not all jobs are active at this moment. I am having excellent motivation skills and a proof of records for delivering projects on time within scope of the requirement. My expertise also includes SQL Analytical queries, PLSQL along with database programmingVulnerability AssessmentNewsletterInformation Security AwarenessSecurity AnalysisTechnical WritingContent WritingBlockchainOracle PLSQLDatabase ProgrammingPythonSQL ProgrammingInformation SecurityPenetration Testing - $25 hourly
- 4.9/5
- (4 jobs)
Do you suspect your system is hacked ? Do you think some malicious process is running on your host machine/computer? Do you think any schedule task is there which is leaking sensitive data from your system? Do you have doubts that your system is connected to C2C server where your system is acting as bot, which even degrades the performance of machine ? Do you see any random installation on startup or any process which was not executed by you ? Do you think any virus is there in your system, which is not getting detected by your antivirus from normal/deep scan ? If you answer is YES, for all the above questions, I CAN HELP YOU BRING BACK YOUR SYSTEM TO NORMAL STATE. I will acquire the image of your whole system, and will do deep Host analysis and memory analysis and find RCA(Root cause analysis), I will use OSINT, Human Intelligence, and Threat intelligence techniques which give more authenticity to work. If your system is infected, I suggest immediately contain your machine, So I can help you further eradicate the malware from your system, or if the execution is on the System level, than can suggest you for re-image of the machine based on analysis of the system. There can be many ways from which your system can be infected like: - Clicked on a Phishing Link. - Executed Malware unknowingly. - Clicked on a Spam/Marketing Link which redirected you to malicious link, and you are unaware of it. - Normal browsing activity, which redirected to malicious domain. There can be numerous ways, I can help you get rid of it and be your security consultant and train you, so can prevent you from clicking phishing/malware links. Below are my skills that can help you complete your project. 📌 Malware Analysis/Removal (Systems & websites and all types of CMS) 📌 Network Security/Wireless Security (testing, traffic analysis and monitoring) 📌 Ethical Hacking & Security Consulting 📌 Security Code Review, analysis and patching 📌 Vulnerability Assessment of Network Devices/Databases 📌 Red Team - Phishing Simulation. 📌 WordPress Security - Preventing your website from getting hacked. 📌 Recovery of Hacker Website 📌 Website/Mobile Penetration Testing. I can help you in auditing. 1 : Web application Security Audit 2 : Mobile application Security Audit 3 : API Endpoint Security Audit 4 : Database Security Audit 5 : Cloud Security Audit 6 : Infrastructure Security Audit 7 : Network Security Audit 8 : Thick Client 9 : Docker Penetrating If you have any query, please reach out to me so can discuss in detail. Thank YouVulnerability AssessmentPenetration TestingSecurity AnalysisEmail SecurityCyber Threat IntelligenceCybersecurity ToolIncident ManagementNetwork MonitoringCybersecurity ManagementNetwork PlanningFirewall - $50 hourly
- 5.0/5
- (2 jobs)
Since 2015 I work professionally as a Pen Tester/Security Researcher providing cyber security services like penetration testing, network security, Web application security using global standards like OWASP, SANS 24. I am Certified CEH and OSCP. Providing Cyber Security Services: 1. Web Application Penetration Testing 2. Network Penetration Testing 3. Cloud Security Assessments 4. C/C++ source code audits and vulnerability research 5 Mobile Application Penetration Testing 6 Source Code Review 7 Threat Modeling Offered Solutions: 5. Continuous, Expert-assisted Vulnerability Assessment or re-validation of Vulnerabilities Pride of Quality Work: 1. Offering high quality penetration testing services and Delivery of Service. 2. Focus on advanced cyber security business solutions like manual attack techniques and on adherence to industry-wide standards and methodologies: OWASP TOP 10, OWASP ASVS, OSSTMM and SANS 24 during the testing. 3. Delivering actionable and professionally written reports with mitigation of reported vulnerabilities.Vulnerability AssessmentMobile App TestingAPI TestingIT Compliance AuditInformation SecurityNetwork SecurityPenetration Testing - $9 hourly
- 5.0/5
- (21 jobs)
Cybersecurity expert, offering expertise to help protect companies, organizations, and agencies from malicious attacks. I am experienced in working with Fortune 800 brands, multinational companies, government, military, and intelligence agencies. 🛡️As a Certified Penetration Tester, I search for weaknesses, business logic mistakes, and weak end-points, among other things, in the following areas: ➜ Web Application Security (WebApp Pentesting) ➜ Website Security ➜ Mobile Apps ➜ Web Assets ➜ Network ➜ Server ➜ Any internet-connected product or device. 🎯 Types of Cyber Security Services: ➜ Penetration Testing (External & Internal) ➜ Vulnerability Assessment ➜ Gap Analysis ➜ Internet Security ➜ Security Analysis ➜ Web Testing ➜ Network Security ➜ 24x7 Monitoring, Managed SOC ➜ Digital Forensics ➜ Risk Assessment ➜ Black Box Penetration Testing ➜ Red Teaming Operations 📟 In the security assessment, I will conduct a thorough security check and cover the following topics: ➜ Web Application vulnerabilities (SQLi, XSS, CSRF, unpatched software libraries, OWASP, etc.). ➜ Open ports on your hosting server. ➜ Exposed Credentials for your domain across the dark web. ➜ Email security issues that affect your email deliverability. ➜ SSL Certificate security issues (detect misconfigurations). ➜ Exposed subdomains. ➜ IP address information and malware infections on your website. ➜ Domain name information and security issues (domain expiry date, name servers, etc.). 🌟 I will offer you a complete pentesting report on vulnerabilities that I will create using a set of methods and manual approaches that I have built publically accessible scripts, and professional automated techniques. 🌟 The pentesting report will include a detailed explanation of how to reproduce vulnerabilities and remediation/patch/fix procedures. 👨🏼💻Since 2013, I've been compromising and pentesting online systems, and I have professional knowledge in the following areas: ➜ Web Application Pentesting. ➜ Red Teaming ➜ Mobile Application Assessments (Android & iOS) 🌟 We will discuss specific recommendations for your further actions and support you in the further procedure even after the review.Vulnerability AssessmentVirus RemovalInternet SecurityInformation Security AuditWeb Application SecurityBlack Box TestingWhite Box TestingOWASPApplication SecurityInformation SecurityWebsite SecurityKali LinuxPenetration TestingWeb App Penetration TestingEthical HackingSecurity Testing Want to browse more freelancers?
Sign up
How hiring on Upwork works
1. Post a job
Tell us what you need. Provide as many details as possible, but don’t worry about getting it perfect.
2. Talent comes to you
Get qualified proposals within 24 hours, and meet the candidates you’re excited about. Hire as soon as you’re ready.
3. Collaborate easily
Use Upwork to chat or video call, share files, and track project progress right from the app.
4. Payment simplified
Receive invoices and make payments through Upwork. Only pay for work you authorize.