Browse Penetration Testing job posts for project examples or post your job on Upwork for free!

Penetration Testing Job Cost Overview

Typical total cost of Upwork Penetration Testing projects based on completed and fixed-price jobs.

Upwork Penetration Testing Jobs Completed Quarterly

On average, 19 Penetration Testing projects are completed every quarter on Upwork.

19

Time to Complete Upwork Penetration Testing Jobs

Time needed to complete a Penetration Testing project on Upwork.

Average Penetration Testing Freelancer Feedback Score

Penetration Testing Upwork freelancers typically receive a client rating of 4.36.

4.36
Last updated: August 1, 2015
Clear all filters
  1. Mihai-George Cornateanu

    Mihai-George Cornateanu

    Senior Linux System Engineer

    United Kingdom - Last active: 5 months ago - Tests: 12 - Portfolio: 1

    Linux System Administrator. LAMP Administrator. Security expert - Senior Ethical Hacker. PCI Compliance expert. ✔ Apache ✔ PHP ✔ MySQL ✔ DNS ✔ FTP ✔ Samba ✔ Postfix / Qmail / Sendmail ✔ DomainKey / DKIM / SPF ✔ Courier / Dovecot (IMAP/POP) ✔ SpamAssassin / ClamAV Amavis ✔ Kernel Hardening & Securing ✔ IPTables ✔ Wordpress, Joomla, PHPBB, Drupal ✔ Bash scripting

    $30.00 /hr
    186 hours
    4.85
  2. Oleg Boytsev

    Oleg Boytsev

    Information Security Engineer/Malware Analyst/Reverse Engineer

    Belarus - Last active: 16 days ago - Tests: 1 - Portfolio: 1

    5 years of experience in IT Security field. Highly motivated to solve interesting tasks. Core Qualifications and abilities: High skills in *nix systems administration and information security; Computer network attack/defense; Deep experience in web application security testing (according to OWASP guideline); Strong background in malware analysis and reverse engineering; Responsive, organization skills and the ability to work with minimal supervision; Ability to learn and apply new technologies effectively. Technical skills: Standards/Practices: OWASP standards, ISO 17799 Operating Systems: Windows, Linux, FreeBSD; Networking: TCP/IP, LANs, VPNs, Firewalls; Software: Ollydbg, IDA Pro, GDB, Nmap, Metasploit framework, Burp Suite, Sqlmap, Wireshark, Tcpdump. Programming languages: x86 Assembly, Python Network & System Security: implementing different kinds of tools for network (ModSecurity) and system security Vulnerability Assessments: have a strong background in web application security testing, buffer overflows, format string vulnerabilities Malware Analysis: familiar with tools and techniques that allow to analyse and describe an evil sample according to the best practices. Unpacking, disassembling, binary Debugging/patching, dynamic (behavior) analysis. Reverse Engineering: familiar with Ollydbg, IDA Pro and GDB. System administration: LAMP, DNS, iptables, etc.., know how to solve a vast majority of issues.

    $35.00 /hr
    0 hours
    0.00
  3. Robert C.

    Robert C.

    TIBCO Consultant & E-Commerce Architect

    United States - Last active: 1 month ago - Tests: 2 - Portfolio: 2

    Good Day and thank you for taking a moment to read my profile! I started working in IT about four years ago as a technical support representative for Simple Helix, a Magento specialist web hosting company. From there, I had the opportunity to spend a year as a Network Analyst for a local, carrier class, ISP before moving on to a position as a Linux Systems Engineer with a Magento development firm. In the present, I work as an Applications Engineer with a focus on the TIBCO stack, most notably AMX, BusinessWorks, EMS, and SilverFabric. I have a very strong background in Linux/Unix administration and have worked extensively with CentOS, Red Hat, and Debian. I've worked with networks from a physical perspective, as a NOC Technican, as well as logical perspective troubleshooting complex application issues. Over the past few months I've taken the opportunity to learn to code in Java and I've recently attended Red Hat training for JBoss EAP 6. I'm a CPTE (Certified Penetration Testing Engineer) and would happily pursue projects as an E-Commerce Architect, Systems Engineer, TIBCO Engineer, JBoss Administrator, entry-level Programmer, or entry-level Ethical Hacker. I am available for new jobs immediately outside of US business hours.

    $33.33 /hr
    474 hours
    4.86
  4. Mariusz Z.

    Mariusz Z.

    Penetration Tester, Linux/UNIX Security Admin,Intrusion Analyst, CISSP

    Poland - Last active: 3 months ago - Tests: 9 - Portfolio: 1

    I'm Linux Security Administrator & Web Application Penetration Tester with 8 years of experience in the IT field. I'm CISSP (ID# 478556) and OWASP member. My expertise ranges from designing, building secure & robust systems to analysis of subtle software security flaws. I can help you with: - thoroughly security testing your web application (black-box and/or white-box tests) and helping in mitigating detected vulnerabilities - analyzing and assessing vulnerabilities in your application's underlying IT infrastructure - security hardening Linux/UNIX servers/clusters - recommending solutions and best practices on how to design and maintain secure AWS infrastructures - responding to security incident in Linux/UNIX environment, helping in recovery process (rootkit detection, malware removal, etc.)

    $19.00 /hr
    123 hours
    4.79
  5. Maxim Tsoy

    Maxim Tsoy

    Experienced Python Developer and Security Researcher

    Russia - Last active: 5 months ago - Tests: 7 - Portfolio: 2

    1. Python development: Rich experience in distributed Python applications and web applications development using Django, Pyramid, and Celery. Released several mobile Python applications (kivy). 2. Security Assessment: I have a huge experience in vulnerability research and security assessment (currently this is my main occupation). Reached the top in many hacking contests, including DEF CON CTF. I usually specialize in web application security, however, I am experienced in network, database, cryptography and other security areas. Disclosed security advisories for many vendors including: - Cisco - Citrix - Yandex (Entered Bug Bounty Hall of Fame) - SAP - Qiwi 3. Game Development: Have an experience in game design and development using Game Maker Studio.

    $22.22 /hr
    249 hours
    0.00
  6. Dragan D.

    Dragan D.

    Drupal Developer,Security Researcher,PHP Developer

    Serbia - Last active: 5 months ago - Tests: 7 - Portfolio: 1

    During the years of productive work I performed work for customers from USA, Canada, Netherlands, Russia, Australia. Both sides enjoyed cooperation. Over the last 7 years, I have developed a wide range of websites using HMTL, PHP, MySQL. I also have some experience in the following areas: Ajax, OOP and software design and testing.

    $16.67 /hr
    0 hours
    0.00
  7. Aleksandre Vardanidze

    Aleksandre Vardanidze

    --admin systems|database|network|security

    Georgia - Last active: 2 months ago - Tests: 2

    --Admin systems Extensive experience with the configuration, hardening, and maintenance of various Linux distributions, including: * Red Hat Enterprise Linux, Fedora, CentOS * Debian, Ubuntu * OpenSuse Able to set up vital Linux infrastructure components including load balancers, DNS servers, proxy, web/application servers, and mail servers. Familiar with os-level security policies as well as server-level security layers like SELinux. --Admin database Skilled in MySQL database administration for standalone servers as well as replicated and clustered environments. I have also worked with postgsql --Admin Network I've been working as a network administrator for 5 years. For now I'm working in a governmental agency as a network administrator and network security specialist. Have experience with almost every cisco and hp network devices, also I design governmental network and our agency network design. I'm certified ccna,ccnp and ccna sec. had trainings in ccnp sec, ccdp, gsec, CEH,ENSA and Microsoft products (server 2003/8, exchange server and etc) Monitoring and diagnosing faults of VPN connections with other organization, Data Exchange Agency IPS/IDS system and sensor setup, operation. Security concept, design, documentation and implementation. --Admin other Here is the incomplete list of technologies and solutions I have used over my 5 years of experience. -Zabbix, Zenoss, Nagios, Munin and Cacti for monitoring purpose  -Configuration management - Puppet, SpaceWalk, Katello  -Web servers - Apache, Ngnix, Lighttpd  -Load Balancing with Haproxy and Barracuda Load Balancer  -Virtualization - Vmware ESXi --Computer Skills, Trainings and Certification Windows; Windows Server (2003/2008/2012); MS Office; Linux; MacOS ; Network Monitoring Tools; Certified Ethical Hacking ( CEH ) - Self-study Course Security Certified Network Specialist - Self-study Course EC-Council Network Security Administrator - Self-study Course Metasploit Framework Expert - Self-study Course CompTIA Security - Self-study Course HISTORY * SpeedLine - Aug 2010 to May 2012 - Linux Engineer, System Administrator * DATA EXCHANGE AGANCY - Jun 2012 to May 2014 -CERT SPECIALIST * Unipay - Jun 2014 to Present -Linux Enginner, Network Administrator

    $20.00 /hr
    0 hours
    0.00
  8. Alfonso Valdes

    Alfonso Valdes

    Linux / Amazon AWS / WHM WordPress / Nginx / Security / Docker DevOps

    Mexico - Last active: 12 hours ago - Tests: 4 - Portfolio: 6

    A self-motivated System and Network security administrator with more than 10 years in the management and analysis of Linux/Unix enterprise Servers (60- 70 servers). With deep and advance knowledge of highly scalable servers, Cloud Computing, High Performance, Hardening Servers, Migrations, Ethical hacking, Development Operations - DevOps, Open Source services and Server optimization. Lately Building WordPress hosting environments highly available and scalable in AWS/DigitalOcean/Google Compute/Azure. Certifications such as: Certified Ethical Hacker - Red Hat Certified Engineer - Cisco CCNA. Expertise in: MIGRATIONS: Wordpress/Magento/LAMP/Cpanel migration plans and implementation, backup-restore and recovery plans. Helped dozens of clients migrate their web sites and applications into the AWS, Digital Ocean, Google Cloud Compute Design and build Web Servers with HIGH PERFORMANCE (LAMP, NGINX/python, Nginx/Varnish, Nginx/php-fpm, Jboss, Apache tomcat and Varnish) - Improve and Fix performance issues, service optimization, security issues and deployments. WORDPRESS HIGH PERFORMANCE AND TRAFFIC SITES IMPLEMENTATIONS: Improve Wordpress performance, design a cloud hosting with complex services using Wordpress, Wordpress multisite, wordpress + woocommerce, wordpress with NGINX/varnish , integration with CDN, Memcached/Redis, Amazon S3, etc etc. Build an entire HOSTING environment from design, implementation and maintenance. MALWARE removal and analysis: WordPress / Magento / Joomla Malware removal and remediation, Incident handling and Forensics analysis. BOOST and optimize websites with: NGINX, Varnish, REDIS, Amazon S3, Memcached, APC, apache tunning and mysql tunning, Amazon CloudFront and more. Amazon Cloud Computing ( AWS ) - AMAZON EC2, amazon CDN S3, amazon RDS, amazon ELB, Amazon AutoScaling, Amazon VPC, CloudFront, Route53, etc. Also Management of multiple Control panels like Rackspace Cloud Computing, SoftLayer, GoDaddy, HostGator, dreamhost and MediaTemple. DevOps and Continuous integration: Docker + vagrant, Vagrant + Puppet, Puppet + Git, Docker + Ansible. Continuous integration with Jenkins, travisCI, distelli and more... Designing and deploying scalable & Highly available systems such as: Amazon Load Balancing (ELB), Hearbeat, HAProxy, Mysql cluster, Nginx Load Balancer, Apache cluster... Network and web security such as: Vulnerability Assessments, Hardening servers, security audits, Penetration testing, Virus/Malware/Threats/Vulnerabilities countermeasures, web security, fail2ban, Tripwire-AIDE-OSSEC, mod_security, mod_evasive, Denial of Services (DDOS) countermeasures, Firewalls (iptables, CSF and apf), etc. VPS: Cpanel / WHM / Plesk / DirectAdmin / Webadmin - Migrations, management, hardening, configuration, maintenance and high level of Administration. Databases Administration such as: Mysql tweaking and tunning, MongoDB, load balancing and Mysql replication (Master & Slave) for High traffic. Database: Mysql tweaking and tunning, MongoDB, ElasticSearch, Apache Solr, Sphinx, lucene, MariaDB, Postgresql replication & Pgpool, Mysql load balancing and Mysql replication (Master & Slave) for High traffic. Networking: TCP/IP high expertise, NAT, FIREWALLS, CISCO routing and switching and Packet analysis with tcpdump and wireshark. Storage solutions and Directory management: SAMBA, NFS, FTP and sftp. LVM and RAID*. SCRIPTING: Bash and python. Proficient with MAIL Servers: postfix, sendmail and Zimbra. Source control versioning: GIT and SVN. Deploying and maintaining Monitoring systems such as: nagios, ZAbbix, cacti and Jboss Operation Network (JON). Research & development (R & D) for any open source service and technology.

    $24.99 /hr
    8,781 hours
    4.90
  9. Zhu WenQi

    Zhu WenQi

    PHP Mysql Javascript Developer, Penetration Tester,Shanghai China

    China - Last active: 1 month ago - Tests: 9 - Portfolio: 4

    Over the last 7 years, I have developed a wide range of websites using HMTL, Ajax , PHP, and MySQL including sites for startup companies and small businesses. I have developed a CRM named Online Management System (OMS) for an insurance company. The main functions of the CRM are capture leads from multi campaigns, make PDF quotation according to different insurance options, track leads' sale progress, a basic report function. I also have developed a platform,both frontend and backend, which is named TAP (The Advocacy Platform). TAP is a gamified marketing platform which delivers research, user generated content, and most importantly transforms consumers into true authentic Brand Advocates. Advocacy campaigns via TAP have delivered key message recall of 40-50% at 1/10th of TV media cost. Fueled by a community of over 125,000 women in the top 20 cities in China, TAP has delivered 5 million brand 'missions' since January 2012 for key clients such as Reckitt Benckiser, P&G, Kimberley Clarke, J&J, GSK, and Fonterra. My core competency lies in complete end-end management of a new website development project, and I am seeking opportunities to build websites from the ground up for you or your business.

    $25.56 /hr
    64 hours
    5.00
  10. Zia Rehman

    Zia Rehman

    Expert Software QA & Test Engineer

    Pakistan - Last active: 5 days ago - Tests: 5 - Portfolio: 3

    **Functional Testing, Cross-Browser Testing, Usability Testing, Accessibility Testing, Regression Testing**** Over the last 3 years, I have experienced in Software testing using Automated tools like QTP,Cenzic(Application Security) and Manual pen Test. I also have experience with bug tracking tools e.g ReadMine, Mantis, Pivotal Tracker, Fogbugz. My core competency lies in complete and end-to-end testing of software projects and products, and I am seeking opportunities for Software testing for your software projects and products. I also have experience in the following areas: PHP, JavaScript, Ajax, OOP, and software design and development. This will definitaly help me to test the software more than just black box testing. Testing and Bug Tracking Tools: 1- QTP 2- ReadMine 3- Fogbugz 4- Mantis 5- Pivotal Tracker I am using following process for software testing. 1- Estimation of the project 2- Write Test Scenarios 3- Write Test Cases 4- Execution of Test Cases 5- Create defect Report 6- Review defect report and sent to Client Testing levels used: 1- Black box (functional, cosmetic and GUI based issues) 2- Grey Box (verify database as well) 3- Business Logic (sometimes need to verify log files if necessary) Documentation (Documents prepared): 1- TestScenarios 2- TestCases 3- DefectReport Regarding why should you hire me I just want to say that I am: *Responsible *Good Communication skills *Good in Manual Penetration Testing *Document every things from Test Plan to Release Notes *Experienced QA and Test Engineer

    $5.56 /hr
    373 hours
    5.00