Browse Penetration Testing job posts for project examples or post your job on Upwork for free!

Penetration Testing Job Cost Overview

Typical total cost of Upwork Penetration Testing projects based on completed and fixed-price jobs.

Upwork Penetration Testing Jobs Completed Quarterly

On average, 11 Penetration Testing projects are completed every quarter on Upwork.


Time to Complete Upwork Penetration Testing Jobs

Time needed to complete a Penetration Testing project on Upwork.

Average Penetration Testing Freelancer Feedback Score

Penetration Testing Upwork freelancers typically receive a client rating of 4.41.

Last updated: October 1, 2015
Clear all filters

Tushar K.

Tushar K.

Development and Testing

India - Tests: 2 - Portfolio: 9

5+ years of extensive experience in Manual and Automated testing of Client/Server, N-tier Distributed Architecture, Web-based, Mobile and Desktop Applications with focus on System Analysis, Verification and Validation. As a Quality Assurance and Principal Quality Control Consultant, over the years I have tested a wide range of web based, client-server, windows-based and multimedia applications, mobile applications. - Expertise in Manual and Automation Testing on Web based and Software applications. - Efficient in Smoke Testing, Black-box-testing, Regression-testing, Functional-testing, Usability-testing, Database-testing, User acceptance-testing,Load Testing,Security Testing, Cross-browser Testing - Checking compliance with requirements, finding defects, logging and tracking them, performing validations of fixes and regressions, logging enhancements, creating documents/tools to improve the testing processes - Expertise in all stages in testing SDLC (i.e,Scheduling, Test design which includes test case design, test execution, testreporting by using test summary report then analysis of the found defects). - Expert in Security Testing of web applications to test Web Security Vulnerabilities. - Well dressed with the MySQL to do back-end testing of web applications. Hands on experience of Test Planning with effective skills of Test Case development along with Scenario Matrix. - Tools: QTP, Selenium(Open sources), Mantis So, you will have all necessary information to make your application the most stable, functional and user-friendly.

85% Job Success
$11.11 /hr
457 hours

--- Serhiy Chernikov ---

--- Serhiy Chernikov --- Agency Contractor

Team Lead\Lead QA Engineer\Business Analist

Ukraine - Tests: 2 - Portfolio: 14

• QA lead\Project Lead with more than 8 years of IT experience. • Excellent knowledge of development, testing activities: planning and control, analysis and design, implementation and execution development, test closure activities. • Good theoretical and practical knowledge of development, testing methodologies. I'm proficient in all of testing types and most software development methodologies (RUP, Agile, AUP, Waterfall).

Associated with: QA group, Global Network Solutions

$16.67 /hr
475 hours

Daniel Stahlnecker

Daniel Stahlnecker

IT Security Consultant

United States

Experienced with IT industry’s best practices in the security program, project, and risk management areas including NIST Special Publications, Federal Information Processing Standards, Federal Information Security Management Act, NISPOM, DITSCAP, and International Standards for Organization 27001, HIPAA, Disaster Recovery, Business Continuity, GLB, Visa CISP SEC Rules, PCI-DSS, NASD Rules, and NYSE Rules. Including extensive experience in a variety or project management methodologies (PMP BoK, Prince2, Scrum, Agile, Waterfall, etc.) Outstanding leadership and team building skills resulting in effective working relationships and top performance among staff. Extensive project management experience in turning security concepts and ideas into delivered solutions. An excellent communicator between technical and business units who can translate complex information into easily understood terms.

$33.33 /hr
3 hours

Saadat R.

Saadat R.

QA Expert - Security & Penetration Testing Specialist

Pakistan - Tests: 3 - Portfolio: 25

SKILL SUMMARY ABOUT ME Being an Independent Software Quality Assurance & Testing personnel and full time freelancer, I have delivered testing analysis, design, and execution, reporting, fixes and follow-up services to my offshore clients all over the world particularly in USA, Canada, UK, France, Europe, Middle East, Russia, Japan, Australia etc. My specialties are ¤ MSc in COMPUTER SCIENCES with Specialization in Software Quality Assurance ¤ More than 11 years of hands on QA, QC, Manual & Automated Testing experience ¤ Vast experience in Automation Testing using Selenium Webdriver, MS CodedUI, LoadRunner, TestNG, Telerik WebAii etc solutions ¤ Extensive experience in Web, Desktop & Mobile Application Testing ¤ Extensive experience in Agile/Scrum/Kanban/Lean methodologies ¤ Extensive Experience of Security & Penetration Testing (Ethical Hacking) ¤ Great experience of Leading the QA Team, Writing test plan, Test Cases using requirement specifications, user stories, and system understanding ¤ 100% flexible, can work in any time zone 1 – REQUIREMENT ANALYSIS & UNDERSTANDING 2 - COMMUNICATIONS 3 – TEST PLANNING & DOCUMENTATION 4 – TESTS DESIGN 5 – QA DOCUMENTATION 6 – TEST EXECUTION I have performed extensive Manual & Automated testing for a wide range of almost all kind of Mobile, Web, RIA, Desktop Apps. I have always organized deliverables in a complete, clear, of good quality, and in timely manner. I perform different combinations of following testing types: 7 – TESTING TYPES ¤ Functional, Integration, System ¤ SOA, Web Services, 3rd Party API ¤ Boundary Value Analysis, Destructive, Structural ¤ GUI, UX, Usability, Accessibility ¤ Cross Browser, OS/ Platform/ Device ¤ Regression, Sanity, UAT, Exploratory ¤ Cookie, Session, User Authentication ¤ Security & Penetration for Mobile & Web apps ¤ Database, Multilingual ¤ Performance, Load, Stress ¤ BlackBox, GrayBox, WhiteBox ¤ Installation, Configuration, Software & Hardware Compatibility 8 – DATABASE SKILLS ¤ Sound expertise of Databases i.e. MySQL, MS SQL Server, ORACLE, PostgreSQL, MS Access, SQL, and related technologies ¤ Reviewed DB Schemas for improvements ¤ Performed Data Verification & Validation, Data Mapping, Feed Scheduling of DB Apps using SQL Scripts ¤ Involved in Performance Testing, Query Optimization, counting # of Data Reads on the pages ¤ Used SQL queries to evaluate and validate loaded/ imported data from external sources 9 – DEFECT REPORTING & ANALYSIS ¤ Defect Reporting with thorough Details & Reproduction Steps along with Screenshots, Screen-casts/ Videos, Images, Scripts etc. ¤ Defect Analysis based on Test Metrics ¤ Defect Summaries with Module-wise Metrics ¤ Status Reports, Quality Metric Reports, SQA Analysis Report 10 – FIXES AND FOLLOW-UPS ¤ Tested critical Bug Fixes and coordinated with developers ¤ Engaged in Release Setup/ Notes/ Support/ Follow-Up and testing the Release Delivering Process ¤ Coordinated with clients upon New Fixes and Change Requests 11 – QA AUDITS ¤ Reviewed Business Requirements, FS, and CRS Documents ¤ Design, Code Review, Project Plan, Design, Training Audits ¤ Verification & Validation Audits ¤ Review for QA artifacts like Test & Validation Plans, Test Cases and Data Validation SQL scripts

$12.50 /hr
443 hours

Zhu WenQi

Zhu WenQi

PHP Mysql Javascript Developer, Penetration Tester,Shanghai China

China - Tests: 9 - Portfolio: 4

Over the last 7 years, I have developed a wide range of websites using HMTL, Ajax , PHP, and MySQL including sites for startup companies and small businesses. I have developed a CRM named Online Management System (OMS) for an insurance company. The main functions of the CRM are capture leads from multi campaigns, make PDF quotation according to different insurance options, track leads' sale progress, a basic report function. I also have developed a platform,both frontend and backend, which is named TAP (The Advocacy Platform). TAP is a gamified marketing platform which delivers research, user generated content, and most importantly transforms consumers into true authentic Brand Advocates. Advocacy campaigns via TAP have delivered key message recall of 40-50% at 1/10th of TV media cost. Fueled by a community of over 125,000 women in the top 20 cities in China, TAP has delivered 5 million brand 'missions' since January 2012 for key clients such as Reckitt Benckiser, P&G, Kimberley Clarke, J&J, GSK, and Fonterra. My core competency lies in complete end-end management of a new website development project, and I am seeking opportunities to build websites from the ground up for you or your business.

81% Job Success
$25.56 /hr
64 hours

Mohammad ali K.

Mohammad ali K.

Sr. QA Specialist - Mobile/Desktop/Selenium/Wordpress/Joomla/HTML/CSS

Bangladesh - Tests: 7 - Portfolio: 20

Strong background in software testing for packaged and company written software applications in the following areas: E-Commerce, Consumer Products/Retail, National Defense, Medical Products, Human Resources, ERP, Medical Insurance, Medical Information, Financial, Security, and Mortgage. • Automation testing covers: The creation of automation test plans, writing automation requirements and either creating the automation scripts myself or direct co-workers on the creation of automation test scripts. • Skilled to complete multiple testing projects simultaneously across multiple technologies under tight dead-lines and deliver the projects completed by established due dates. • Able to lead/work with a variety of testing teams made up of team members: full-time, contract and offshore. • Working with IT and Business Management on benefits of QA in the development life-cycle to improve quality. • Strong leadership skills to instill confidence in my work with the business community. • Proven ability to mentor others in a variety of skills used in the Quality Assurance field. • Possess excellent communication and presentation skills, self starter, quick learner, and team player. • Have established QA processes where no previously established processes existed. • Proven abilities to create comprehensive test plans to validate any size system. • Excellent business/system knowledge and working experience in gathering requirements when missing used in the creation of test plans and test case creation. • Proficient in all types of testing approaches that includes risk mitigation to get projects into the production environment with minimal delays while maintaining highest level of quality. • Able to review existing processes and suggest ways to improve on existing processes to increase efficiency. • Hands-on QA Lead/QA Engineer/Senior QA Analyst for a package Mortgage Financial system that integrates with 32 other systems. • Review software documentation to ensure technical accuracy and compliance to mitigate risks for a complex citrix based financial system. • The establishment of testing standards where none existed within the company. The standards were designed to be flexible due to tight deadlines. • Prepared, presented a QA strategy to meet company goals to improve quality of the systems. • Established mentoring programs for the QA Team. • Creating and generating system test scripts for different test scenarios covering critical areas of system functionality. • Coordinated other company resources to assist with testing, working alongside with QA. • Coordinated QA resources on daily testing activities. • Report testing progress and quality by tracking metrics and defects. • Performed various types of testing such as: functional, smoke, integration, regression, user acceptance, and negative/positive testing. • Established testing environments to mimic the installed client environments to enable the testing team to better test and resolve client reported issues. • Responsible for management of the Customer Service functions. • Provide technical support during software installation or configuration at Client locations. • Designed and wrote automated scripts for smoke testing, to augment the manual testing efforts. • Technologies included the following: Fiddler, SaaS Citrix, XML, Various freeware QA performance testing tools, Windows 8.1 & Mac, Cross Browser testing: IE10, Safari and FireFox, Http Return Codes, Microsoft SQL Server, Java script, Cloud testing using Amazon, C# with Microsoft Visual Studio Test Professional Premium 2012, Microsoft Test Manager for Test Plan/Test Case creation and Microsoft Team Foundation Server for Kanban story and bug tracking. • Participated in product design reviews to provide input on functional requirements, product designs, schedules, or potential problems for a complex internal web-system. • Develop testing programs that address areas such as software scenarios, regression testing, negative testing, error or bug retests, integration or usability. • Document software defects, using a bug tracking system, and report defects to software developers. • Report testing progress and quality by tracking metrics, defects and code coverage. • Designed and wrote automated scripts to smoke and regression test 20 web-pages. • Technologies included the following: C# with Microsoft Visual Studio Test Professional 2012 for automation, Windows 7, IE 8 & 9, FireFox, IE Tester, Fiddler, Web-page links, Http Return Codes, Https Security, Microsoft SQL Server, Microsoft Test Manager for Test Plan/Test Case creation and Microsoft Team Foundation Server for Kanban stories and bug tracking.

100% Job Success
$11.11 /hr
1,532 hours

Alexey Bubliy

Alexey Bubliy

Penetration Tester, Ethical Hacker

Russia - Tests: 12 - Portfolio: 5

Hi, My name is Alexei Bubly. In my portfolio, are a few of the projects that I've developed. I believe my strong points are my Creativeness and Punctuality. My #1 goal will always be to meet your needs and deadline. When working on a new project, I like to speak with the client, so that I can have a clear understanding of his/her needs and vision of the project. I'm honest and fair. Since 2013, I worked as a freelancer for the Department of Defense. Also did a security audit of many sites and systems. Also from 2014, I worked as a system administrator in the Russian telecommunications company MTS, then I set up the network and protect them. During all this time I kept to make websites on order Please take a look at my work history for comments from other clients. Thank you in advance for your time and consideration. I look forward to working with you soon. I have a Bachelors in Software Engineering from Moscow Tehnological Institute in Russia. Listed below are my experience and skills. — Web development: PHP, JavaScript, JQuery, HTML5, CSS3, Bootstrap3 etc; — Penetration testing: Ethical Haching, security audit, wireless security, Acunetix WVS, OWASP, Burp suite etc; — Frameworks: Eclipse RCP, JUnit, CodeIgniter. — Core web: XML, JSON, HTML/CSS, JavaScript; — IDE: Eclipse, NetBeans. — OS: Linux, Windows, Mac OS X; — VCS: Git, Mercurial, SVN; — SQL;

92% Job Success
$18.00 /hr
171 hours

Ivan D.

Ivan D.

Linux Administration/IT Security/PHP/WordPress/HTML/CSS

Bulgaria - Tests: 6 - Portfolio: 3

Linux Server Administration - Setting up VPS and dedicated servers with strengthen security. Usually prefer to work with Ubuntu, Debian and CentOS, but any other distro is fine. - chroot-ing - firewall - iptables Linux server security - Log analysing - Honey Pots - Strengthening Security - Chrooting - Iptables - Software protection against DoS with iptables and custom scripts - php7 Wordpress Development -Custom Wordpress Themes from PSD -Plugin development and tweaking.

Groups: Bluehost Developers and Designers

$15.56 /hr
2 hours

Rabiul I.

Rabiul I. Agency Contractor

Security Consultant,Cloud / AWS Expert,SysAdmin,Programmer,DevOps Eng.

Bangladesh - Tests: 6 - Portfolio: 15

I'm a senior professional Security Expert / DevOps Engineer/ SysAdmin having more than 7 years industrial experience.I specialize in Black Box/White Box Penetration Testing,Computer Forensics,Code Auditing, Ethical hacking, ( Very well versed in SOC 2, Fedramp, COBIT, PCI DSS, HIPAA, ISO 27001/27002 , NIST, and IRS PUB 1075 ) I have also hands on experience with Cloud Computing ( AWS : EC2,VPS,RDS,S3 / Google Compute Engine / RackSpace / VmWare ), Server Administration ( Windows 2003,2008,2012/ Linux / Unix ), Programming Languages , Scripting and various other technologies. Academic and Professional Certification: ☛ Certified Ethical Hacker ➳ CEH ☛ Certified Information Systems Security Professional ➳ CISSP ☛ AWS Certified Professional ☛ Microsoft Certified IT Professional (MCITP) As an IT Security Specialist and DevOps Engineer I have done following projects in my professional career. ✿✿✿ Penetrated and patched more than 20 Canadian and Russian Government Sector's Servers and five Malaysian Government Sector's Servers including Ministry of Work (KKR-22 Servers), Ministry of Health (MOH-67 Servers), Ministry of Education (MOE -17 Servers). ✿✿✿ Managed and Secured more than 10k servers including windows 2008,2012,Linux ,Unix and cloud based servers ✿✿✿ Identified security issues and risks management to various platforms such as e-commerce based websites,WordPress,Magento,Joomla, Expression Engine, Drupal and many more. ✿✿✿ Formulated innovative solutions to real-world problems by doing Penetration Testing (Black Box/White Box) ,Audit Testing and real life attack. ✿✿✿ Evaluated many of largest company's security vulnerabilities such as Dell,HP,Microsoft,High Tech Crime Solutions,H-A Links Solution,Kingdom Market Solution and many more. ✿✿✿ Trained more than 200 IT professionals from around the globe including Defense IT Security Expert, Mobile Operators Security Manager, PHD & Masters Students in IT security field. ✿✿✿ Developed custom tools for automating Security testing in OWASP community . ✶✶✶ Brilliant understanding ,excellent command and practical exposure to : ➳ OWASP TOP 10, SANS TOP 20, CWE, OSSTMM, ISSAF standards ✔ Vulnerability Analysis/Assessment & Pen-testing Box : ➳ Kali Linux,BackTrack 5r3,Blackbuntu,BackBox,WeakerThan 3.6,GameOver 0.1 null, Metasploit & Metasploitable, OWASP Broken Web Apps1.0, Dojo,Whydah 1.0,Matriux Ec Centric ✔ Vulnerabilities and Protection ➳ SQLI,XSS,XSRF,CSRF,RTE,LFI,IIS Vulnerabilities,DNN,DDos Attack,Click Jacking,Phishing,Middle Man Attack,ARF Spoffing ✔ Programming Languages: ➳ Shell Scripting ,C,C++,C#,Perl,Python,Ruby on Rails,Visual Basic,Batch File. ✔ Web Design Language: ➳ HTML,XHTML,PHP,JavaScript,jQuery ✔ Network Protocols ➳ TCP/IP, NetBIOS / Netbeui, IPX, OSI) and associated technologies such as DNS, FTP, HTTP ✔ Network Traffic Monitoring Tools ➳ Network General Sniffer, LANalyzer, NetXray ✔ Network Topologies and Others ➳ Token Passing, Ethernet,F-Secure SSH & Anti-virus,Skybox,Encryption, Social Engineering ,Reverse Engineering,VPN, SSL,,PCI-DSS Compliance ✔ Firewalls ➳ Gauntlet, Cisco PIX, CheckPoint, Raptor Services that I provide : ➳ Vulnerability Assessment, Penetration Testing , Black Box | White Box Testing | Code Auditing | Network Security Testing | Cyber Fraud Investigation and anything related with Hacking, Security and Forensic. ➳ Removal of Malware | Viruses | Backdoors | Shell | Phishing | Spam and any other malicious codes ➳ Recovery and Securing Joomla | Wordpress | Drupal | OsCommerce | Magento | OpenCart | Wordpress | PHPBB | Vbulletin ➳ Recovery and Securing Custom Platforms ➳ Server Setup and Maintaining ( Windows 2003/2008/2012; Linux/ Ubuntu / Redhat / Debian ; Apache / Centos / Nginx / Chef / Critix ; Cpanel/ Plesk / DirectAdmin/ WHM/ Webmin ) ➳ Cloud Computing ( AWS : EC2 / RDS / S3 / VPC / CloudFront / ElasticBeanStalk ; Google Compute Engine / RackSpace / VmWare ) I have ability to work under pressure and meet deadlines.Client's satisfaction is my first priority.

Groups: BoonEx, concrete5...

Associated with: Web-Mamba Agency

97% Job Success
$60.00 /hr
2,437 hours

Aty P.

Aty P. Agency Contractor

Linux Server Admin, Security Expert, PHP MySQL, Wordpress Expert

India - Tests: 5 - Portfolio: 43

Hi, My name is Aty. Over the last 9 years since 2007, I have led mufti-functional teams to execute on mission-critical engagements. I did job with large design firms in my starting career for 2-3 years. I then assembled a crack commando unit of the best people I encountered. We take on assignments, right-size the solution to the problem, and then use the team approach: an architect to ensure you have a platform suitable to your needs, razor sharp analysts to document the deliverable, creative designers for graphics, and masters of code. We then put very cheap SEO and maintenance folks to ensure your rankings remain at the top, and your site runs blazing fast. Each of these people bill at different rates, so you get maximum bang for your buck. When you hire anyone at Quinji, you hire the team resources. You will not suffer if someone is not available. We have the breadth of skills and depth of resources to ensure your project is on time and on budget. I am native US English speaker and this feedback is given to me by more than 20 different clients which they found a plus point while making conversation when they are outsourcing their work for better communication and understanding. Always available on Skype for voice or text during my working hours. I completed 3000 hours on upwork formerly Odesk with 5 star feedback up to May 2015. Hope it will boost some confidence inside my capabilities to complete your assignments successfully. Looking forward to hear from you. ********************************************* My Technical Skills are as below: ------------------------------------------------ Security Expert -> SQLi/XSS, Trojan Removal, Malware and Malicious Code Removal, Security Configuring on servers, CSF, mod_security, DDos Attack, Phishing attack, Iframe, eval and base64 signature detection, VPS and Dedicated server Management, Monitoring, cloaking, pharma hacks, shell detection, spam blocking. Penetration testing, Nessus, Nmap, Metasploit, Maldet, Blackhole Exploits detection removal and others.. -------------------------------------- Server Management: Ngnix, Apache, Firewall, Fail2Ban, IpTables, VNC Server, PHP, MX, IMAP, Dovecot, FTP, SSL, SSH, PhpMyAdmin, Cpanel, WHM, WHMCS, Mail Server, Roundcube, Digital Ocean Droplet, Linode VPS, Hostgator, Godaddy, Bluehost -------------------------------------- Developer -> PHP/MySQL, Core CMS -> Joomla, Drupal, WordPress, CakePHP, CodeIgnitor, CURL -------------------------------------- Social Framework -> SocialEngine, Dolphin, JomSocial, Community Builder. -------------------------------------- Ecommerce ->OScommerce, Magento, Cscart, ZenCart, BigCommerce, CBSubs, Virtuemart, Woocommerce (Extension Building) -------------------------------------- Payment Gateways: Paypal Standard, Paypal Pro, Stripe,, CCAvenue -------------------------------------- API: Facebook, Google Developers, Twitter, Youtube API, Instagram, Social Login and shares, Paypal, Stripe, -------------------------------------- Framework -> Cakephp, Codeignitor, Zend, Symfony. Yii -------------------------------------- Java Script Framework -> JQuery, JQuery UI, Mootools -------------------------------------- Android: PhoneGap Developer -------------------------------------- SEO/SEM -> OnPage SEO optimization so Search engines crawl all the required content automatically, Article Writing and Submission, Social Bookmarking, Link Building, Press Release, Directory Submission, Social Media, Traffic Generation, Youtube, Facebook, Twitter, Digg and so on with all Ethical Methods. Latest strategy according to Panda 4.4 algo follwed while doing SEO -------------------------------------- Desktop or Laptop Fixes -> I used Remote Desktop or Team Viewer to take access to client machines to fix their machines from spywares, Malwares, viruses or Trojans installed on their machines. ******************************** Hope once we start we will be in long term business relationship.

Groups: AWeber, BoonEx...

Associated with: Quinji

99% Job Success
$30.00 /hr
2,964 hours