Talent badge filter
Skills filter
Select talent location
Select talent time zones
$80/hr
100%
Job Success
$9K+ earned
Available now
Start of list.
End of list.
🔒 Cybersecurity | Penetration Testing | Server Hardening | System Administration | Secure Web Development
I am the owner of LTH Cybersecurity, and I help businesses secure their infrastructure and eliminate vulnerabilities before attackers find them.
As a Top Rated cybersecurity specialist with real-world experience in pentesting, system administration, and web application security, I combine deep technical expertise with a practical, business-first approach to protection.
🧰 My Core Skills
Penetration Testing & Vulnerability Assessment: OWASP-aligned testing for web apps, APIs, WordPress, and cloud environments.
Server Administration & Hardening: Linux/Windows configuration, firewall setup, SSH lockdowns, patch management, and intrusion monitoring.
Secure Web Development: Hardened backend logic, input validation, and security-by-design principles for Python (Flask/Django) and PHP applications.
Automation & Scripting (Python): Custom scanners, log parsers, alert systems, and API integrations for security monitoring or compliance.
Incident Response & Forensics: Log analysis, compromise detection, and recovery planning.
⚙️ Why Clients Hire Me
I’ve helped organizations across Canada and the US identify and remediate high-risk vulnerabilities before they were exploited.
I don’t just run tools — I explain the findings in clear language, deliver actionable recommendations, and help teams implement fixes.
Every engagement ends with a professional report, mitigation plan, and optional retest.
🚀 Let’s Secure Your Environment
Whether you need a penetration test, server audit, or custom security automation, I can help you strengthen your defenses and meet compliance goals.
Send me a message — I’ll review your setup and outline a security plan that fits your scope and budget.
Derek J.
has worked
.
$20/hr
100%
Job Success
$10K+ earned
Offers consultations
Start of list.
End of list.
I provide manual, risk-focused penetration testing and VAPT services for organizations that need accurate findings, clear impact, and practical remediation, not automated scan output.
I am a Lead Penetration Tester and Senior Cybersecurity Consultant with 150+ completed security assessments across fintech, SaaS, healthcare, and government environments. My work focuses on identifying high-impact vulnerabilities including business logic flaws, authentication and authorization weaknesses, SSO misconfigurations, and realistic attack paths that automated tools frequently miss.
Clients engage me when they need credible results they can rely on, whether for security hardening, audit preparation, or post-remediation validation.
(Services)
Web Application Penetration Testing
OWASP Top 10, business logic flaws, access control, session management
API Security Testing
REST and GraphQL APIs, BOLA/BFLA, authentication bypass, insecure design
Mobile Application Security Testing
Android and iOS applications (production and rooted/jailbroken environments)
Network and Infrastructure Penetration Testing
Internal and external VAPT, Active Directory security testing, lateral movement
Cloud Security Assessments
AWS and Azure configuration and attack surface reviews
Source Code Review
Manual review supported by static analysis
Compliance and Regulatory Testing
ISO 27001, NIST, CIS, SAMA / NCA CCC
Compromise Assessment and DFIR
(Methodology and Tools)
All findings are manually validated using industry-standard tools and techniques.
Web and API testing: (Burp Suite Pro, OWASP ZAP, Acunetix, sqlmap, Nikto)
Mobile testing: (MobSF, Frida, JADX, Drozer, apktool)
Network and AD testing: (Nmap, Nessus, Metasploit, BloodHound, Mimikatz)
Automation and scripting: Custom payloads and testing frameworks
(Deliverables)
Clear, concise penetration testing reports aligned with business risk
CVSS-based severity ratings mapped to CWE
Reproducible steps and verified evidence
Actionable remediation guidance
Re-testing support when required
Strict confidentiality and NDA-friendly engagement
Clients value my work for its depth, accuracy, and professional communication.
If you are looking for a reliable penetration tester who delivers results your technical and management teams can confidently act on, I would be glad to discuss your requirements.
Muhammad Talha A.
has worked
.
$30/hr
100%
Job Success
$10K+ earned
Available now
Offers consultations
Start of list.
End of list.
✅7+ years of expertise ✅100+ Pentest ✅Upwork Top 10%
With 7+ years of experience in offensive security and penetration testing, I’ve secured renowned fintech, E-commerce, SaaS, Banking, LMS and enterprise web apps/APIs. I deliver clear, actionable security reports that help dev teams remediate findings and support compliance and security efforts.
I have extensive experience in Vulnerability Assessment, Penetration Testing, and Vulnerability Management. Helped securing big names some of the Leading international bank; national government ministry; top regional payment gateways.
My Services:
===========
▪️ Manual, automated, agentic AI vulnerability assessment & Penetration Testing
▪️ Web, Network, System & Cloud Penetration Testing
▪️ Simulate attackers' techniques to test defense
▪️ SAST / DAST Security Scanning
▪️ Application Security Audits for Compliance (PCI-DSS, ISO 27001, HIPAA, FDA, SOC 2, etc.)
▪️ Cloud Configuration Reviews & Threat Modeling (AWS, Azure, GCP)
▪️ Cybersecurity & Penetration Testing Training
▪️ Visual Security Reports with Technical & Executive Summaries
▪️ Provide step-by-step fixes to strengthen your app
My Core Expertise:
================
1. Web & API testing using Burp Suite, OWASP ZAP, AI Agents
2. Network pentesting with Nmap, Nessus, Metasploit, Hydra
3. Cloud security assessments using ScoutSuite, Prowler, and manual checks
4. Active Directory & internal infrastructure exploitation
5. Secure code review with Semgrep, Snyk
6. Scripting in Python, Bash, JavaScript, PHP
7. SIEM analysis, threat hunting with Splunk, and QRadar
Read about my certifications, projects, reviews, and portfolios below 👇
Iftekharul I.
has worked
.
$15/hr
100%
Job Success
$4K+ earned
Start of list.
End of list.
💪 Top Rated
I help startups, SaaS companies, and enterprises identify security vulnerabilities before attackers do. With 6+ years of cybersecurity experience, I specialize in manual penetration testing, application security, API security, cloud security, and compliance assessments.
I've worked with organizations across the United States, United Kingdom, Germany, and Canada, delivering comprehensive security assessments and actionable remediation guidance. My assessments have uncovered critical vulnerabilities, including Account Takeover, Remote Code Execution (RCE), IDOR, Authentication & Authorization flaws, Business Logic vulnerabilities, SSRF, XSS, CSRF, SQL Injection, Sensitive Data Exposure, and Security Misconfigurations.
My Services
• Web Application Penetration Testing (OWASP Top 10)
• Mobile Application Security Testing (Android & iOS)
• REST & GraphQL API Security Testing
• External & Internal Network Penetration Testing
• Vulnerability Assessment & Risk Analysis
• Secure Code Review (SAST)
• Cloud Security Assessments (AWS, Azure, GCP)
• Security Architecture Review
• CASA Tier 2 Security Testing
• Security Automation Development
Compliance Experience
• CMMC Level 2
• NIST SP 800-171
• NIST SP 800-53
• ISO 27001
• SOC 2
• GDPR
Security Tools
• Burp Suite Professional
• Nmap
• Nessus
• Metasploit
• OWASP ZAP
• SonarQube
• Veracode
• Appknox
• Bandit
Automation & Development
I also build custom security automation solutions using:
• Python
• Bash
• Node.js
• Java
to automate vulnerability management, security testing, reporting, and repetitive security workflows.
Why Clients Hire Me
✅ 6+ Years of Professional Cybersecurity Experience
✅ Manual Testing No Automated Scanner-Only Reports
✅ Clear, Executive-Friendly & Technical Reports
✅ Detailed Proof of Concept and Remediation Guidance
✅ Independent Consultant (No Agency, No Subcontracting)
✅ Responsive Communication & Reliable Delivery
If required, I can demonstrate redacted professional penetration testing reports during a meeting via screen sharing. Due to client confidentiality, I do not publicly distribute full reports without authorization.
If you're looking for a security professional who focuses on finding real vulnerabilities not just running automated tools I'd be happy to discuss your project.
Wafa A.
has worked
.
Bangladesh
$30/hr
$100+ earned
Start of list.
End of list.
Dear Client,
I am a cybersecurity professional with over 16+ years of experience in the field, and more than 10+ years of official corporate work experience. My expertise includes penetration testing and vulnerability assessment across a wide range of domains, including Web, API, Mobile Applications, Desktop Applications, Networks, Servers, and AI Security.
I am highly proficient in using various cybersecurity tools and methodologies, including DAST and SAST, and have strong skills in identifying and exploiting vulnerabilities. I have been actively involved in bug bounty programs on platforms such as Bugcrowd, HackerOne, Intigriti, YesWeHack and More.
Throughout my career, I have discovered and reported over 100+ CVEs. I have successfully completed numerous government and non-government projects, often serving as a Team Lead or Project Manager. In addition, I have conducted corporate and student training sessions on cybersecurity topics.
I also work on a contract and freelance basis, providing cybersecurity services and training to diverse clients.
$45/hr
96%
Job Success
Available now
Offers consultations
Start of list.
End of list.
Hi, my name is Martin and I've been a principal penetration tester since 2011. Over the years, I've worked on a range of projects across Europe, East Asia, the Middle East, and the UK, serving clients from start-ups to global high street names. My focus is on providing a wide range of penetration testing services, including infrastructure, web and mobile applications, APIs, and cloud security assessments.
One of the things that sets me apart from other penetration testers is my approach to the work. I've spent years mastering my craft, staying up-to-date with the latest technologies and techniques, and honing my skills. When I take on a project, I bring all of this knowledge and experience to bear, quickly identifying and exploiting vulnerabilities to provide my clients with the information they need to improve their security posture.
In addition to my technical expertise, I'm also an excellent communicator. I understand that many of my clients are not technical experts themselves, so I'm always happy to explain complex technical concepts in simple, easy-to-understand language. I work closely with my clients to understand their needs and provide tailored solutions that meet their specific requirements.
When it comes to deliverables, I take great pride in producing detailed reports and other materials that provide clear, concise information about the results of my testing. I know that my clients rely on this information to make important decisions about their security, so I always ensure that my reports are accurate, thorough, and actionable.
Overall, I'm proud of the work I do as a principal penetration tester, and I'm committed to helping my clients stay safe and secure in an increasingly complex digital landscape. If you need infrastructure testing, web and mobile application testing, or cloud security assessments, please don't hesitate to get in touch – I'd be happy to discuss how I can help.
Experience and expertise within the following disciplines:
• Web Application Penetration Testing
• Mobile Applications Penetration Testing
• API Penetration Testing (REST, SOAP, GraphQL)
• Thick Client Application Penetration Testing
• External Infrastructure Penetration Testing
• Internal Infrastructure Penetration Testing
• Server Build Reviews
• Workstation Build Reviews
• Mobile Device and MDM Testing
• Network Device Security Reviews
• IoT Security
• Embedded Hardware
• Simulated Phishing
• Wireless Assessments
• Red Team Assessments
• AWS Configuration Reviews
• Azure Configuration Reviews
• Office365 Configuration Reviews
Martin N.
has worked
.
Associated with
NeedSec Limited
$30/hr
80%
Job Success
$800+ earned
Available now
Offers consultations
Start of list.
End of list.
## Cyber Security Expert | Penetration Tester | VAPT | SIEM | SOC | OSCP+
#Protect Your Business from Cyber Threats with CyberSecurity Expert
I help growing businesses and enterprises secure their digital assets and achieve compliance through comprehensive cybersecurity solutions. With 12+ years of hands-on experience and elite certifications (OSCP, CEH), I've protected companies across finance, healthcare, SaaS, and enterprise sectors from costly security breaches.
As the Founder of Codesecure Solutions, I lead a team of skilled professionals delivering enterprise-grade security services that prevent breaches, ensure compliance, and build long-term digital resilience.
##My Core Services:
# VAPT as a Service - Complete vulnerability assessments that identify security gaps in the system
• Web, Mobile, API, Network, and Cloud penetration testing
• OWASP Top 10, API Security Top 10 coverage with business logic testing
• Black-box, gray-box, and white-box methodologies
• Executive and technical reports with prioritized remediation roadmaps
# SOC as a Service - 24/7 security monitoring and incident response to detect threats in real-time
• Wazuh SIEM deployment with custom detection rules
• Real-time threat monitoring and automated alerting
• File integrity monitoring and compliance reporting
• Incident response playbooks and threat hunting
# GRC as a Service - Compliance solutions for SOC 2, HIPAA, ISO 27001.
• Gap analysis and risk assessment
• Policy development and security control implementation
• Audit preparation and ongoing compliance monitoring
• Risk mitigation strategies and governance frameworks
# Additional Security Services:
• Secure Code Review (SAST) - Multi-language code analysis (PHP, Python, JavaScript, Java)
• Cloud Security Audits - AWS & Azure configuration hardening and IAM optimization
• WAF Configuration - Cloudflare custom rules, bot mitigation, and API protection
• Security Automation - SOAR workflows for faster incident response
# Recent Results:
- Secured a fintech platform handling $50M+ transactions (zero breaches in 2+ years)
- Achieved SOC 2 Type II compliance for 15+ SaaS companies on first audit attempt
- Reduced security incident response time by 80% through custom SIEM configurations
- Identified critical vulnerabilities in 200+ applications before production deployment
# Why Choose Us:
• Elite OSCP certification
• 100% client satisfaction rate with transparent communication
• 24/7 availability for urgent security incidents
• Money-back guarantee if you're not fully satisfied
• Strict NDA adherence and zero tolerance for shortcuts
# Perfect For:
• Growing companies preparing for compliance audits
• Businesses that have experienced security incidents
• Organizations in regulated industries requiring ongoing security oversight
• Companies needing enterprise security without enterprise costs
Ready to secure your business? Send me a message with your specific security challenges, and I'll provide a free 30-minute consultation to discuss how we can protect your digital assets and ensure compliance.
$50/hr
100%
Job Success
Available now
Start of list.
End of list.
I identify critical vulnerabilities in web applications, APIs, networks, and cloud infrastructure before attackers exploit them. Specialized in OWASP Top 10, authentication bypass, and business logic flaws.
🎯 Services:
Web Application Testing - OWASP Top 10, SQL injection, XSS, CSRF, authentication flaws, session management
API Security - REST/GraphQL testing, authorization bypass, rate limiting, data exposure
Network Pentesting - External/internal testing, Active Directory, privilege escalation
Cloud Security - AWS, Azure, GCP misconfigurations, IAM issues, storage exposure
Mobile Apps - iOS/Android security, API endpoints, insecure data storage
🛠️ Tech Stack:
Burp Suite Pro, Metasploit, Python, Nmap, Docker, Kubernetes | Web: PHP, Node.js, Java, .NET | Databases: MySQL, PostgreSQL, MongoDB | Cloud: AWS, Azure, GCP
📦 You Get:
✅ Executive + technical reports with CVSS scoring
✅ Proof-of-concept exploits for critical findings
✅ Step-by-step remediation guidance with code examples
✅ Free retesting after fixes
✅ Video demonstration of vulnerabilities
💼 Industries: Fintech, Healthcare, SaaS, E-commerce, Blockchain, Government
Compliance: PCI-DSS, SOC 2, HIPAA, ISO 27001 testing experience
Don't wait for a security incident. Contact me today for a comprehensive security assessment.
Mansoor A.
has worked
.
$70/hr
$10K+ earned
Start of list.
End of list.
Dedicated Cyber Security Professional
IT - 15+ Years
InfoSec - 10+ Years
Penetration Testing - 10+ Years
Certifications include:
- Information Security (23) -
Offensive Security Certified Professional (OSCP), Offensive-Security
Certified Information Systems Security Professional (CISSP), (ISC)2
Network Security Professional, CompTIA
Network Vulnerability Assessment Professional, CompTIA
Pentest+, CompTIA
Certified Information Systems Auditor (CISA), ISACA
Certified Risk and Informations Control (CRISC), ISACA
Systems Security Certified Practitioner (SSCP), (ISC)2
Security+, CompTIA
Cybersecuirty Analyst+ (CSA+), CompTIA
Certificate of Cloud Security Knowledge (CCSK), Cloud Security Alliance
Cloud Essentials, CompTIA
Security Analytics Professional, CompTIA
Nessus Certificate of Completion, Tenable
CSX Cybersecurity Fundamentals, ISACA
IT Fundamentals+, CompTIA
Certified Red Team Professional (CRTP), Pentester Academy
eJPT - Junior Penetration Tester, e-LearnSecurity
Certified Red Team Expert (CRTE), Pentester Academy
WorkshopPLUS - Office 365: Security and Compliance, Microsoft
AWS Certified Cloud Practioner, AWS
Cybersecurity Audit Certificate, ISACA
Attacking Active Directory with Linux, Pentester Academy
- CVE (3) -
CVE-2019-17526
CVE-2018-11628
CVE-2023-33524
- Industries (6) -
Healthcare
Financial
Education
Government
Technology
Consulting
I am available for consulting, with a speciality in penetration testing, at the earliest convenience.
Christopher B.
has worked
.
$33/hr
$1K+ earned
Offers consultations
Start of list.
End of list.
I am a ethical hacker and Cyber Security Expert, I am "Dedicated Security Expert" I have successfully handled malware & hack issues for hundred of websites in last few years, and also provide security for corporate and individuals.
In my deliverables, I create Professional Penetration testing reports detailing each vulnerability I find, proofs-of-concept, and solutions to how you fix those vulnerabilities. Provide The Right Way To Prevent Vulnerabilities and Protect your web application, Network, and System from hackers.
I am passionate about creating a safer world where businesses are protected from Cyber-criminals, and I have worked tirelessly to make that dream a reality.
My Service Including :-
✅Hacking and Pen-testing Android Applications.
✅Hacking and Pen-testing iOS Applications
✅Network Penetration Testing / Hacking.
✅Clean malware-hosting server.
✅protect your online accounts from hackers.
✅WordPress protection solution.
✅Social Engineering.
✅Malware Analysis- Dissecting Malicious Software
✅Location Tracking .
✅Vulnerability Analysis
✅SQL i Injection Web Attacks test.
✅Computer Forensics Investigation
✅Information Gathering
✅ Scanning
✅Test for XSS
✅ Test for SQL injections
✅ Test for CSRF
✅ Test for Insecure CORS
✅ Test for URL redirection
✅ Test for LFI & RFI
✅ Test for critical file uploading
✅Test for Command injection
✅ Test for directory Traversing
✅ Test for SSRF
✅Test for SSTI
MD Mubarak M.
has worked
.