Hire the Best Web Application Security Freelancers
in Bangladesh

More than 3,000 reviews on G2
Rating is 4.5 out of 5.
4.5/5
of Upwork by G2 peer reviewers
Md N.

Comilla, Bangladesh

$12/hr
4.9
107 jobs

✅Malware removal from ⦿ Wordpress ⦿ Shopify ⦿ PrestaShop ⦿ Wix ⦿ Magento ⦿ Squarespace ⦿ PHP ✅WordPress Design: ⦿ Wordpress Expert ⦿ Wordpress Designer ⦿ Wordpress Elementor Pro ⦿ Website Optimizaton ⦿ CMS ⦿ Shopify ⦿ Customer Wordpress Website ⦿ Ecommerce ⦿ Divi Theme ⦿ Premium Plugins ✅Fix Google Ads Disapproved for Malicious Software ✅Penetration testing and Vulnerability Assessment. ✅Cloudflare Setup and DDoS Security. ✅ Wordpress Migration I'm a full-time freelancer as a Cyber Security Specialist, Malware Analyst, and Penetration Tester. I can remove malware, delete viruses, do penetration tests, do vulnerability assessments, and remove malicious (Plugins, Themes, and Software). remove the Google warning from your website. I've 5 years of experience as a website security specialist in Ignite tech solutions. Also, I'm a freelancer on Fiverr and Upwork. I've got a level two badge on Fiverr. ✅Service I will provide: 0) Penetration testing and Vulnerability Assessment. 1) WordPress Malware Removal and Security. 2) Shopify Malware Removal and Security. 3) Cloudflare Setup and DDoS Security. 4) Website Backup and Migration from old host/server/domain to new host/server/domain. 5) Google Ads Disapproved for malicious software. ✅Wordpress service: ⦿Remove Malware. ⦿Penetration Testing / Vulnerability Testing ⦿Wordpress Malware removal. ⦿Website Security. ⦿Clean Server / Server Maintenence / cPanel / WHM Panel ⦿Delete Virus / Virus Removal ⦿Remove Google blacklist/ Red screen. ⦿Remove Japanese or Chinese search results. ⦿Security patch installation ⦿Remove malware ⦿Fix the hosting site suspended ⦿Delete junk or virus script ⦿Add SSL Certificate / Setup Cloudflare ⦿Database error / Remove malware from the database ⦿Fix emails problem / Emails not coming ⦿Spam emails coming / Unwanted emails coming ⦿Critical and Fatal Error ⦿Remove the PHP backdoor ⦿Blacklist Removal, McAfee blacklist ⦿WordPress version update ⦿Install Cloudflare SSL ⦿Fix Login Issue / Broken dashboard ⦿Remove website redirect URL / Fix redirecting issues ⦿Internal 404 or 505 Error ⦿Remove the PHP shell ⦿Unwanted / Bulk email coming ⦿White/Empty Screen ⦿Error Establishing Database Connection ⦿Theme/Plugin Broken ⦿Improve website security ⦿Corrupt .htaccess file ⦿Solve PHP memory limit ⦿Core files issues ⦿Upload size problem ⦿Forgot Username/password ✅Backup and Migration Service: I will backup WordPress sites, duplicate, clone, copy, host migration, WordPress migration, Transfer, move websites, and domain migration any WordPress website for personal and business. ⦿Database Backup and Transfer ⦿Change primary addon domain/domain/subdomain ⦿Move WP from root domain/subdomain/addon domain to main ⦿Old host to another new host ⦿Clone and duplicate the WordPress website ⦿Update WordPress version/theme/plugin ✅Penetration Test and Vulnerability Service: I will perform penetration and vulnerability tests with the VAPT report ⦿According to a security report, about 90% of websites are vulnerable to malicious attacks. ⦿A website is an essential part of your Business. The thing is how secure is your website? ⦿I will perform an advanced deep scan and penetration testing on your web application with a professional report which includes all vulnerabilities. ⦿Let me help you in making your website secure against hackers: ⦿Vulnerability Checklist: ⦿ Web attack vulnerabilities.[Input Validation, Code Execution, Bypass Authentication, SQL Injection, CSRF, LFI, Cross-site Scripting, Uploader Issues, Remote Code Execution, Buffer Overflow, Session Hijacking] ⦿ Information Gathering [Server Info, Open Port] ⦿ Authorization Testing [HTTP Header] ⦿ Data Validation Testing [XSS] ⦿ Denial of Service Testing [DDos Test] ⦿ Security Testing ✅Cloudflare service: ⦿Fix A Record, CNAME Record ⦿Fix NS, MX record ⦿Cloudflare setup ⦿Email Routing ⦿Configure Emails ⦿Add SSL ⦿Cloudflare SSL ⦿Cloudflare error fix ⦿Free SSL ⦿DDOS protection from Hackers ⦿setup DNS ⦿Website Security ⦿Enable green padlock ⦿Improve Website speed ⦿Setup firewall Errors I will fix: Mail Delivery Issue 500 internal server error 502 bad gateway or error 504 gateway timeout 503 service is temporarily unavailable 520: web server returns an unknown error 521 web server is down 522: connection timed out 524: a timeout occurred 525: SSL handshake failed 526: invalid SSL certificate Cloudflare Benefits: ⦿Minification ⦿HTTP/2 Protocol ⦿DNS Security ⦿Cloud WAF ⦿Image Optimization ⦿Browser Caching ⦿WebSockets ⦿Load Balancing ⦿Optimized Network Routing ✅I can work with any CMS like: ⦿Magento, OpenCart, Drupal, Joomla, Prestashop, WordPress, SHOPIFY, LARAVEL, SQUARESPACE, WIX, WOOCOMMERCE, BigCommerce, Blogger, Hubspot CMS, Typo3, Weebly, Webflow, CMS Hub. ✅Why Me: ⦿I will provide a Professional Report ⦿Give you technical support ⦿Quality Work

  • Malware Removal
  • WordPress Website Design
  • Information Security
  • Penetration Testing
  • Vulnerability Assessment
  • Network Security
  • CMS Development
  • WordPress Malware Removal
  • Virus Removal
  • Cloudflare
  • SSL
  • Ethical Hacking
  • cPanel
  • WordPress Bug Fix
  • WordPress Security
Sajon D.

Satkhira, Bangladesh

$8/hr
4.6
66 jobs

🔐 Top-Rated Ethical Hacker & Cyber Security Expert | WordPress Malware Removal Specialist 🔐 💼 3+ Years of Experience | 🛡️ 270+ Projects Completed | 🌟 90+ Happy Clients Are you facing WordPress malware issues, website redirection problems, or a hacked site? I'm here to help you recover, secure, and optimize your Website 👨‍💻 My Expertise Includes: ✅ Ethical Hacking & Penetration Testing ✅ Malware Removal from WordPress, cPanel & Server ✅ Recover Hacked Websites ✅ Japanese Pharma SEO Spam Removal ✅ Redirect Malware & Backdoor Removal ✅ Blacklist Removal – Google Chrome Red Screen Fix ✅ Web Application Firewall (WAF) Setup ✅ Security Plugin Installation & Configuration ✅ Vulnerability Assessment & Remediation ✅ SSL Certificate Installation & HTTPS Setup ✅ Database & Server Security Hardening 🔎 Security Testing & Bug Hunting Skills: ✔️ Cross-Site Scripting (XSS) ✔️ SQL Injection (SQLi) ✔️ Remote Code Execution (RCE) ✔️ Cross-Site Request Forgery (CSRF) ✔️ Local/Remote File Inclusion (LFI/RFI) ✔️ Distributed Denial-of-Service (DDoS) ✔️ Server-Side Request Forgery (SSRF) ✔️ Authentication Bypass ✔️ Web Shell Detection ✔️ API Security Testing ✔️ 4000+ Other Vulnerability Checks – No False Positives ☁️ Hosting & Cloud Platforms I Work With: ⚙️ AWS (Amazon Web Services) ⚙️ Cloudflare, GoDaddy, HostGator, Namecheap ⚙️ WHM/cPanel, Plesk, Webmin, MediaTemple, Rackspace, Linode ⚙️ SSL Setup – Let's Encrypt, Paid SSLs ⚙️ WHMCS Reseller Setup, DNS, Email & Hosting Migrations ✅ Why Choose Me? ✨ 100% Client Satisfaction – I offer ongoing support and full transparency ✨ Fast Response – Quick Response and efficient issue resolution ✨ Industry-Standard Tools – Burp Suite, OWASP ZAP, Nikto, Nmap, WPScan & more ✨ Full Security Reports – Detailed vulnerability reports with actionable solutions 💬 Let’s secure your website before hackers get to it! 📩 Send me a message to get a Free Security Consultation or Malware Check. ✅ Web Application Penetration Testing (Web Pentesting) ✅ Ethical Hacking & Bug Hunting ✅ Malware Removal – WordPress, cPanel, Server ✅ Recover Hacked or Compromised Websites ✅ Japanese Pharma SEO Spam & Redirect Malware Removal ✅ Blacklist Removal – Fix Google Red Screen & Browser Warnings ✅ Security Hardening – Plugins, Firewall, Database & Server ✅ SSL Certificate Installation – Secure Your Site with HTTPS ✅ Vulnerability Assessment & Remediation Plans 🔎 Advanced Security Testing & Bug Hunting Coverage: ✔️ OWASP Top 10 Web Vulnerabilities ✔️ Cross-Site Scripting (XSS) ✔️ SQL Injection (SQLi) ✔️ Remote Code Execution (RCE) ✔️ Cross-Site Request Forgery (CSRF) ✔️ Local/Remote File Inclusion (LFI/RFI) ✔️ Authentication & Authorization Bypass ✔️ Server-Side Request Forgery (SSRF) ✔️ Web Shell Detection ✔️ Distributed Denial-of-Service (DDoS) ✔️ Business Logic Testing & API Security ✔️ 4000+ Other Vulnerabilities – Zero False Positives ☁️ Platforms, Hosting & Cloud Services I Work With: ⚙️ Amazon Web Services (AWS) ⚙️ GoDaddy, HostGator, Namecheap, Cloudflare, MediaTemple ⚙️ cPanel, WHM, Plesk, Webmin, Rackspace, Linode ⚙️ WHMCS Reseller Setup – DNS, Email, Hosting Migration ⚙️ SSL Installation – Let's Encrypt & Premium SSLs 🧠 Tools & Methodologies I Use: 🔍 Burp Suite, OWASP ZAP, Nikto, WPScan, Nmap, Metasploit 🔍 Manual Testing + Automated Scans for Deep Analysis 🔍 Full Security Audit Reports With Fix Recommendations ✅ Why Hire Me for Your Website Security Needs? ✨ Deep knowledge of both offensive and defensive security ✨ Full support before, during, and after every project ✨ Clear communication & fast delivery ✨ Trusted by 90+ satisfied clients since 2022 💬 Let’s secure your website from every angle. Message me now for a FREE consultation or malware check! 📩 I’m just one message away from making your website secure again

  • Information Security
  • Penetration Testing
  • Vulnerability Assessment
  • Cybersecurity Management
  • Cybersecurity Tool
  • Cybersecurity Monitoring
  • Ethical Hacking
  • Malware Removal
  • WordPress Bug Fix
  • WordPress Malware Removal
  • Malware Website
  • Malware Detection
  • Backup & Migration
  • Information Gathering
  • Bug Bounty
MD HASANUR R.

Pabna Sadar, Bangladesh

$15/hr
4.9
26 jobs

CEH ( Certified Ethical Hacker). I am a Professional Ethical Hacker and Expert in Penetration testing and Website Security and Network Scanning I have 5+ experience in projects ranging from, Bug hunting, penetration testing, network Testing, Website Security, analysis, vulnerability assessment, and testing to investigative and forensic work. I bring high standards and tried and tested methodology with manual bug Hunting and techniques to deliver you professional results. ✅Professional at Bug Bounty Hunting ✅Professional at Penetration Testing ✅System Hacking ✅Network Scanning ✅Professional at API Testing ✅Professional at Android and IOS Penetration Testing ✅Professional in Security Testing ✅Professional at Web Application Security ✅Professional at Vulnerability Assessment ✅Professional at Network Penetration Testing ✅Professional at Hacked site Recover ✅ Professional at Malware Removal/Virus Removal ✅ Website Testing part manually = Brute Force Attack = Unauthorized access to card = Business logic flaws allow the unauthorized transfer of funds = Unauthorized access to customer data = Unauthorized access to the example.com website = Authentication related issues = Authorization related issues = Data Exposure = Smuggling Testing = Bypass Rate Limit Protection = Bypass Authentication = Broken Access Control = Information Disclosure = Remote Code Execution (RCE) = Server-Side Request Forgery (SSRF) = Subdomain Takeover = Account Takeover = Code Execution = Content Discovery = Cross-Site Request Forgery (CSRF) = SQL Injection (SQLI) = HTML Injection / Content Injection = Cross-Site Scripting (XSS) = Command Injection = Local File Inclusion (LFI) = Insecure Direct Object Reference (IDOR) = XML External Entity (XXE) = Remote File Inclusion (RFI) = URL Redirection ✅System Testing 1. Password Cracking 2. Privilege Escalation 3. Malware Analysis 4. System Exploitation 5. Post Exploitation 6. Social Engineering 7. Network Sniffing 8. Denial of Service (DoS) Attacks 9. Security Misconfigurations 10. Vulnerability Scanning and Exploitation 12. Exploit Development ✅ Network Scanning Network Scanning List 1. Network Discovery 2. Port Scanning 3. Vulnerability Scanning 4. Service Version Detection 5. Network Mapping 6. Network Protocol Analysis 7. Wireless Network Scanning 8. SNMP Scanning 9. DNS Enumeration: 10. Network Performance Testing 11. Firewall and IDS/IPS Evasion 12. IoT and SCADA Network Scanning: 13. Cloud Network Scanning ✅ Penetration Testing Tools: = Metasploit = BurpSuite Professional = Nessus Professional = Acunetix Proffessional = Nuclei = Nmap = FFUF = Gau = Waybackurls = SQLMAP = wpscan = OWASP ZAP, etc. Terms of Services: • 100% Customer Satisfaction • Guaranteed Refund if not satisfied

  • Web Application Security
  • WordPress Malware Removal
  • Security Assessment & Testing
  • Security Testing
  • Information Security
  • Penetration Testing
  • Malware Removal
  • Bug Bounty
  • Web Testing
  • Vulnerability Assessment
  • Bug Investigation
  • Website Security
  • Ethical Hacking
  • Network Penetration Testing
  • AT&T Cybersecurity
Foysal H.

Dhaka, Bangladesh

$29/hr
5.0
51 jobs

I help startups, SaaS companies, fintech organizations, healthcare providers, and enterprises identify and eliminate security vulnerabilities before they become data breaches. With 10+ years of offensive security experience and more than 200 successful penetration testing engagements, I provide manual, risk-focused security assessments that uncover vulnerabilities automated scanners often miss. My assessments follow industry-recognized methodologies, including OWASP Testing Guide, OWASP ASVS, OWASP MASVS, PTES, NIST SP 800-115, and MITRE ATT&CK, delivering actionable findings that improve your security posture and support compliance initiatives. Core Expertise • Web Application Penetration Testing (OWASP Top 10) • API Security Testing (REST, GraphQL, SOAP) • Mobile Application Security (Android & iOS) • Network Penetration Testing (Internal & External) • Active Directory Security Assessments • Cloud Security Reviews (AWS, Azure & Google Cloud) • Authentication & Authorization Testing • Business Logic Vulnerability Assessment • LLM/AI Application Security Assessment • Red Team & Adversary Simulation • Secure Configuration Reviews Industries Served • Financial Services & FinTech • Healthcare • SaaS Platforms • E-commerce • Government • Telecommunications Deliverables Every engagement includes: ✔ Executive Summary for management ✔ Detailed technical report ✔ CVSS-based risk ratings ✔ Step-by-step Proof of Concept ✔ Remediation guidance ✔ Security consultation ✔ Complimentary revalidation after remediation Compliance Support My assessments help organizations prepare for or strengthen compliance with: • ISO 27001 • SOC 2 • PCI DSS • HIPAA • OWASP Certifications OSCP+ •OSCP• CREST • LPT Master • CRTP • C|PENT • CEH • ISO 27001 Lead Auditor and Lead Implementor I believe penetration testing should provide clear business value—not just vulnerability lists. Every assessment is tailored to your environment, your threat model, and your compliance requirements, with practical recommendations your team can act on immediately. If you're planning a new product launch, preparing for an audit, or simply want confidence in your security posture, let's discuss your scope. I'll provide a clear testing plan, timeline, and deliverables before the engagement begins.

  • Application Security
  • Ethical Hacking
  • Cryptography
  • Penetration Testing
  • Network Penetration Testing
  • Web App Penetration Testing
  • Cybersecurity Tool
  • Kali Linux
  • Vulnerability Assessment
  • Information Security
  • Governance, Risk Management & Compliance
  • AI Governance
  • OWASP
  • Security Testing
  • ISO 27001
  • Red Team Assessment
  • AI Security
  • Security Operation Center
  • Digital Forensics
NAHID M.

Nabinagar, Bangladesh

$15/hr
5.0
8 jobs

I have conducted and led hundreds of security audits, penetration tests and red team engagements for a variety of companies, ranging from multinational corporations with thousands of hosts in scope to startups or small clients that want to have an edge over their competition security-wise. My day-to-day job is that of an ethical hacker, which has allowed me to amass great hands-on experience in the field of Penetration Testing, Cyber Security and Vulnerability Assessment, and to have a great understanding of the most widespread and modern technology stacks currently in use around the globe and their flaws from a security standpoint. I am able to provide the following services: ✅ Penetration Testing Engagement ✅ This includes both thorough manual testing of all functionalities and automated testing for all websites, applications, servers or infrastructure included in the scope of work, using both professional enterprise grade software such as BurpSuite Professional and Nessus and also personal scripts and tools gathered over past engagements. This services extends as well to internal penetration tests and network infrastructure testing as well. ✅ Professional Report & Statistics ✅ Detailed report explaining step-by-step the exploitation and discovery method of each and every vulnerability discovered. Proof-of-Concept screen captures, full requests and responses, CVSS v3.0 standardised risk score, impact and ownership included. ✅ Remediation Advice & Guidance ✅ Remediation advice regarding all security issues discovered, how to fix them and warnings associated with the impact and risk of these vulnerabilities. ✅ Asset Discovery ✅ Through both active and passive methods, I can help you asses how big your digital footprint is on the internet and what is the attack platform visible from an outsider threat perspective. This includes subdomain enumeration and service/port discovery. ✅ Free Checkup ✅ Included in the price will be a checkup/retest of all aforementioned vulnerabilities present in the report in order to ensure that the implemented security controls and/or fixes are working as intended and that there is no other way to bypass them or exploit that vulnerability any longer. ✅ OSINT Reconnaissance ✅ Gathering of all valuable data pertaining to your company available on the internet. This includes any breached email addresses and related passwords available in cleartext on the internet, usually being traded on the dark web. Full access to over 4 billion records of personally curated lists of such information will help you to asses how vulnerable you are and what passwords need to be changed as soon as possible. ✅ Briefing ✅ I am available for calls/meetings discussing what the Scope of Work will be, where the focus of the penetration testing engagement will be, if all subdomains need to be included, if you want a black-box type of engagement or a white-box engagement, if accounts will be required, preferred hours for load testing and any other guidance your company would require if this is the first penetration test engagement that you are doing. ✅ Debriefing ✅ I am available for calls/meetings after the penetration test is completed in order to discuss with you the results of the engagement, what the main issues were and what my concerns regarding the security of your company are. This includes any further clarification regarding any vulnerability and the impact/risk associated with it.

  • Web Application Security
  • Application
  • Penetration Testing
  • Testing
  • Website
  • Software Testing
  • Ethical Hacking
  • Cyber Threat Intelligence
  • Security Testing
  • Digital Forensics
  • Cybersecurity Management
  • WordPress Security
  • Network Penetration Testing
  • QA Testing
  • QA Software & Testing Tools
GM Salman A M.

Satkhira, Bangladesh

$30/hr
5.0
56 jobs

🚨 If your application, SaaS platform, or cloud environment has never undergone a professional security assessment, you may have unknown vulnerabilities that attackers can exploit. I’m a Certified Penetration Tester and Ethical Hacker providing Vulnerability Assessment and Penetration testing (VAPT) services for web applications, APIs, cloud infrastructure, mobile apps, SaaS platforms, and network environments. My goal is not just to find vulnerabilities — but to help you understand real security risks and fix them effectively. I perform manual penetration testing supported by professional security tools to identify exploitable weaknesses such as authentication flaws, privilege escalation paths, injection vulnerabilities, and business logic issues. You will receive a clear and actionable security report that helps developers resolve issues and allows management to understand the real business impact. 🎯 My Services - Vulnerability Assessment & Penetration Testing (VAPT) - Web Application Penetration Testing (OWASP Top 10) - API Penetration Testing (REST, GraphQL, authentication flaws, IDOR, injection) - Cloud Infrastructure Security (AWS, Azure — misconfigurations, IAM, exposed services) - Network Penetration Testing (internal & external) - Mobile Application Security (Android & iOS) - SaaS Platform Security & Penetration Testing (multi-tenant logic, RBAC, privilege escalation) - CMS Security (WordPress, Laravel, custom apps) - Retesting after remediation 📋 What You Will Receive A clear, structured security report designed for both technical teams and business stakeholders, including: • Executive summary for management and decision-makers • Detailed vulnerability findings with severity ratings • CVSS scoring and risk prioritization • Proof-of-concept evidence (screenshots, request/response captures) • Business impact explanation for each issue • Step-by-step remediation guidance for developers • Retesting validation after fixes are applied • Reporting that can support ISO 27001 and SOC 2 compliance preparation 🏆 Certifications - Certified Ethical Hacker Practical — EC-Council - eLearnSecurity Junior Penetration Tester (eJPT) — INE - Certified API Penetration Tester — APISec University - IBM Cybersecurity Analyst - Cisco Verified Ethical Hacker - ISO 27001:2022 Lead Auditor 🛠️ Tools I work with Burp Suite Pro, OWASP ZAP, Nmap, Nessus, Metasploit, MobSF, Wireshark, Postman, and custom Python/Bash scripts and so on. Whether you're preparing for a security review, compliance audit, or investor due diligence, I can help you understand your attack surface and security risks. 📩 Send me your scope or asset list and I’ll help you determine the best testing approach.

  • Web Application Security
  • Application Security
  • Penetration Testing
  • Vulnerability Assessment
  • Malware Removal
  • Information Security
  • Security Assessment & Testing
  • Cybersecurity Management
  • Web App Penetration Testing
  • WordPress Malware Removal
  • Website Security
  • Ethical Hacking
  • Network Penetration Testing
  • System Administration
  • OWASP

How it works

Post a job for freePost a job

Tell us what you need. Create your own job post or generate one with AI then filter talent matches.

Hire top talent fast

Consult, interview, and hire quickly, so you can meet the freelancers you're excited about.

Collaborate easily

Use Upwork to chat or video call, share files, and track project progress right from the app.

Payment simplified

Manage payments in one place with flexible billing options. Only pay for approved work, hourly or by milestone.

Don't just take our word for it

How do I hire a Web Application Security Freelancer in Bangladesh on Upwork?

You can hire a Web Application Security Freelancer in Bangladesh on Upwork in four simple steps:

  • Create a job post tailored to your Web Application Security Freelancer project scope. We'll walk you through the process step by step.
  • Browse top Web Application Security Freelancer talent on Upwork and invite them to your project.
  • Once the proposals start flowing in, create a shortlist of top Web Application Security Freelancer profiles and interview.
  • Hire the right Web Application Security Freelancer for your project from Upwork, the world's largest work marketplace.

At Upwork, we believe talent staffing should be easy.

How much does it cost to hire a Web Application Security Freelancer?

Rates charged by Web Application Security Freelancers on Upwork can vary with a number of factors including experience, location, and market conditions. See hourly rates for in-demand skills on Upwork.

Why hire a Web Application Security Freelancer in Bangladesh on Upwork?

As the world's work marketplace, we connect highly-skilled freelance Web Application Security Freelancers and businesses and help them build trusted, long-term relationships so they can achieve more together. Let us help you build the dream Web Application Security Freelancer team you need to succeed.

Can I hire a Web Application Security Freelancer in Bangladesh within 24 hours on Upwork?

Depending on availability and the quality of your job post, it's entirely possible to sign up for Upwork and receive Web Application Security Freelancer proposals within 24 hours of posting a job description.