Browse Penetration Testing job posts for project examples or post your job on Upwork for free!

Penetration Testing Job Cost Overview

Typical total cost of Upwork Penetration Testing projects based on completed and fixed-price jobs.

Upwork Penetration Testing Jobs Completed Quarterly

On average, 15 Penetration Testing projects are completed every quarter on Upwork.

15

Time to Complete Upwork Penetration Testing Jobs

Time needed to complete a Penetration Testing project on Upwork.

Average Penetration Testing Freelancer Feedback Score

Penetration Testing Upwork freelancers typically receive a client rating of 4.35.

4.35
Last updated: July 1, 2015
Clear all filters
  1. Saadat R.

    Saadat R.

    QA Expert - Security & Penetration Testing Specialist

    Pakistan - Last active: 1 month ago - Tests: 3 - Portfolio: 25

    SKILL SUMMARY ABOUT ME Being an Independent Software Quality Assurance & Testing personnel and full time freelancer, I have delivered testing analysis, design, and execution, reporting, fixes and follow-up services to my offshore clients all over the world particularly in USA, Canada, UK, France, Europe, Middle East, Russia, Japan, Australia etc. My specialties are ¤ MSc in COMPUTER SCIENCES with Specialization in Software Quality Assurance ¤ More than 11 years of hands on QA, QC, Manual & Automated Testing experience ¤ Vast experience in Automation Testing using Selenium Webdriver, MS CodedUI, LoadRunner, TestNG, Telerik WebAii etc solutions ¤ Extensive experience in Web, Desktop & Mobile Application Testing ¤ Extensive experience in Agile/Scrum/Kanban/Lean methodologies ¤ Extensive Experience of Security & Penetration Testing (Ethical Hacking) ¤ Great experience of Leading the QA Team, Writing test plan, Test Cases using requirement specifications, user stories, and system understanding ¤ 100% flexible, can work in any time zone 1 – REQUIREMENT ANALYSIS & UNDERSTANDING 2 - COMMUNICATIONS 3 – TEST PLANNING & DOCUMENTATION 4 – TESTS DESIGN 5 – QA DOCUMENTATION 6 – TEST EXECUTION I have performed extensive Manual & Automated testing for a wide range of almost all kind of Mobile, Web, RIA, Desktop Apps. I have always organized deliverables in a complete, clear, of good quality, and in timely manner. I perform different combinations of following testing types: 7 – TESTING TYPES ¤ Functional, Integration, System ¤ SOA, Web Services, 3rd Party API ¤ Boundary Value Analysis, Destructive, Structural ¤ GUI, UX, Usability, Accessibility ¤ Cross Browser, OS/ Platform/ Device ¤ Regression, Sanity, UAT, Exploratory ¤ Cookie, Session, User Authentication ¤ Security & Penetration for Mobile & Web apps ¤ Database, Multilingual ¤ Performance, Load, Stress ¤ BlackBox, GrayBox, WhiteBox ¤ Installation, Configuration, Software & Hardware Compatibility 8 – DATABASE SKILLS ¤ Sound expertise of Databases i.e. MySQL, MS SQL Server, ORACLE, PostgreSQL, MS Access, SQL, and related technologies ¤ Reviewed DB Schemas for improvements ¤ Performed Data Verification & Validation, Data Mapping, Feed Scheduling of DB Apps using SQL Scripts ¤ Involved in Performance Testing, Query Optimization, counting # of Data Reads on the pages ¤ Used SQL queries to evaluate and validate loaded/ imported data from external sources 9 – DEFECT REPORTING & ANALYSIS ¤ Defect Reporting with thorough Details & Reproduction Steps along with Screenshots, Screen-casts/ Videos, Images, Scripts etc. ¤ Defect Analysis based on Test Metrics ¤ Defect Summaries with Module-wise Metrics ¤ Status Reports, Quality Metric Reports, SQA Analysis Report 10 – FIXES AND FOLLOW-UPS ¤ Tested critical Bug Fixes and coordinated with developers ¤ Engaged in Release Setup/ Notes/ Support/ Follow-Up and testing the Release Delivering Process ¤ Coordinated with clients upon New Fixes and Change Requests 11 – QA AUDITS ¤ Reviewed Business Requirements, FS, and CRS Documents ¤ Design, Code Review, Project Plan, Design, Training Audits ¤ Verification & Validation Audits ¤ Review for QA artifacts like Test & Validation Plans, Test Cases and Data Validation SQL scripts

    $15.00 /hr
    414 hours
    5.00
  2. Razvan Muscalu

    Razvan Muscalu

    Information Technology and Security Expert

    Romania - Last active: 4 months ago - Tests: 8

    I enjoy investigating a multitude of subjects, for example when I was 14 I started to learn PHP, three weeks after I was programming an internal chat system for a casino in Holland. Afterwards, small web-related projects followed; when I was 16-17 I was hired as a company administrator in the fields of IT Security, Computers and Network administration/installation, CCTV surveillance, PBX administration and Access Control. At 18, I've started to research the field of reverse software engineering and subsequently developed web-crawlers/spiders as well as playing around with various programming languages. Soon after, I have found interest in the field of Ethical Hacking and developed applications regarding protocols such as POP3, SMTP, FTP and I have also conducted research on how the aforementioned protocols can be correlated in order to subdue RDP-enabled servers. To cut the story short, I have a diverse interest which spans a multitude of IT related fields.

    $13.00 /hr
    0 hours
    5.00
  3. Steven Stovall

    Steven Stovall

    DevOps, Cloud (AWS/Google), Security. Development: Rails/Python/PHP

    United States - Last active: 1 day ago - Tests: 2

    I enjoy solving challenging problems and utilizing technology to creatively design efficient, cost-effective solutions to meet business needs. Current Certifications: CISSP, CCNP, Net+/Sec+, MCP Cloud (AWS/Rackspace), Linux, Windows, VMware HA/vMotion/vCenter Open Source Software: Apache, nginx, Redis, elasticsearch, Zabbix, Logstash Information Security Auditing, Configuration, Policy Networking: Visio Diagrams, IPSEC/SSL VPNs, OSPF/EIGRP/BGP, Adaptive Security Appliances (ASAs), Wireless Controllers, F5 LTM, WiFi (RF Design) Information Security: Visio Diagrams (architecture), PCI DSS compliance, Splunk (syslog) Vulnerability Audit and Penetration Testing: Metasploit, Nexpose, Nessus, Vulnerability Reporting, Patch Management Development: Ruby/Rails, Git, Python, PHP, Perl, PowerShell, Bash, .NET

    $60.00 /hr
    25 hours
    5.00
  4. Maxim Tsoy

    Maxim Tsoy

    Experienced Python Developer and Security Researcher

    Russia - Last active: 5 months ago - Tests: 7 - Portfolio: 2

    1. Python development: Rich experience in distributed Python applications and web applications development using Django, Pyramid, and Celery. Released several mobile Python applications (kivy). 2. Security Assessment: I have a huge experience in vulnerability research and security assessment (currently this is my main occupation). Reached the top in many hacking contests, including DEF CON CTF. I usually specialize in web application security, however, I am experienced in network, database, cryptography and other security areas. Disclosed security advisories for many vendors including: - Cisco - Citrix - Yandex (Entered Bug Bounty Hall of Fame) - SAP - Qiwi 3. Game Development: Have an experience in game design and development using Game Maker Studio.

    $22.22 /hr
    249 hours
    0.00
  5. Aleksandre Vardanidze

    Aleksandre Vardanidze

    --admin systems|database|network|security

    Georgia - Last active: 2 months ago - Tests: 2

    --Admin systems Extensive experience with the configuration, hardening, and maintenance of various Linux distributions, including: * Red Hat Enterprise Linux, Fedora, CentOS * Debian, Ubuntu * OpenSuse Able to set up vital Linux infrastructure components including load balancers, DNS servers, proxy, web/application servers, and mail servers. Familiar with os-level security policies as well as server-level security layers like SELinux. --Admin database Skilled in MySQL database administration for standalone servers as well as replicated and clustered environments. I have also worked with postgsql --Admin Network I've been working as a network administrator for 5 years. For now I'm working in a governmental agency as a network administrator and network security specialist. Have experience with almost every cisco and hp network devices, also I design governmental network and our agency network design. I'm certified ccna,ccnp and ccna sec. had trainings in ccnp sec, ccdp, gsec, CEH,ENSA and Microsoft products (server 2003/8, exchange server and etc) Monitoring and diagnosing faults of VPN connections with other organization, Data Exchange Agency IPS/IDS system and sensor setup, operation. Security concept, design, documentation and implementation. --Admin other Here is the incomplete list of technologies and solutions I have used over my 5 years of experience. -Zabbix, Zenoss, Nagios, Munin and Cacti for monitoring purpose  -Configuration management - Puppet, SpaceWalk, Katello  -Web servers - Apache, Ngnix, Lighttpd  -Load Balancing with Haproxy and Barracuda Load Balancer  -Virtualization - Vmware ESXi --Computer Skills, Trainings and Certification Windows; Windows Server (2003/2008/2012); MS Office; Linux; MacOS ; Network Monitoring Tools; Certified Ethical Hacking ( CEH ) - Self-study Course Security Certified Network Specialist - Self-study Course EC-Council Network Security Administrator - Self-study Course Metasploit Framework Expert - Self-study Course CompTIA Security - Self-study Course HISTORY * SpeedLine - Aug 2010 to May 2012 - Linux Engineer, System Administrator * DATA EXCHANGE AGANCY - Jun 2012 to May 2014 -CERT SPECIALIST * Unipay - Jun 2014 to Present -Linux Enginner, Network Administrator

    $20.00 /hr
    0 hours
    0.00
  6. Dragan D.

    Dragan D.

    Drupal Developer,Security Researcher,PHP Developer

    Serbia - Last active: 5 months ago - Tests: 7 - Portfolio: 1

    During the years of productive work I performed work for customers from USA, Canada, Netherlands, Russia, Australia. Both sides enjoyed cooperation. Over the last 7 years, I have developed a wide range of websites using HMTL, PHP, MySQL. I also have some experience in the following areas: Ajax, OOP and software design and testing.

    $16.67 /hr
    0 hours
    0.00
  7. Alfonso Valdes

    Alfonso Valdes

    Linux / Amazon AWS / WHM WordPress / Nginx / Security / Docker DevOps

    Mexico - Last active: 11 hours ago - Tests: 4 - Portfolio: 6

    A self-motivated System and Network security administrator with more than 10 years in the management and analysis of Linux/Unix enterprise Servers (60- 70 servers). With deep and advance knowledge of highly scalable servers, Cloud Computing, High Performance, Hardening Servers, Migrations, Ethical hacking, Development Operations - DevOps, Open Source services and Server optimization. Lately Building WordPress hosting environments highly available and scalable in AWS/DigitalOcean/Google Compute/Azure. Certifications such as: Certified Ethical Hacker - Red Hat Certified Engineer - Cisco CCNA. Expertise in: MIGRATIONS: Wordpress/Magento/LAMP/Cpanel migration plans and implementation, backup-restore and recovery plans. I have helped dozens of clients migrate their web sites and applications into the AWS, Digital Ocean, Google Compute CLOUD Design and build Web Servers with HIGH PERFORMANCE (LAMP, NGINX/python, Nginx/Varnish, Nginx/php-fpm, Jboss, Apache tomcat and Varnish) - Improve and Fix performance issues, service optimization, security issues and deployments. WORDPRESS HIGH PERFORMANCE AND TRAFFIC SITES IMPLEMENTATIONS: Improve Wordpress performance, design a cloud hosting with complex services using Wordpress, Wordpress multisite, wordpress + woocommerce, wordpress with NGINX/varnish , integration with CDN, Memcached/Redis, Amazon S3, etc etc. Build an entire HOSTING environment from design, implementation and maintenance. MALWARE removal and analysis: WordPress / Magento / Joomla Malware removal and remediation, Incident handling and Forensics analysis. BOOST and optimize websites with: NGINX, Varnish, REDIS, Amazon S3, Memcached, APC, apache tunning and mysql tunning, Amazon CloudFront and more. Amazon Cloud Computing ( AWS ) - AMAZON EC2, amazon CDN S3, amazon RDS, amazon ELB, Amazon AutoScaling, Amazon VPC, CloudFront, Route53, etc. Also Management of multiple Control panels like Rackspace Cloud Computing, SoftLayer, GoDaddy, HostGator, dreamhost and MediaTemple. DevOps and Continuous integration: Docker + vagrant, Vagrant + Puppet, Puppet + Git, Docker + Ansible. Continuous integration with Jenkins, travisCI, distelli and more... Designing and deploying scalable & Highly available systems such as: Amazon Load Balancing (ELB), Hearbeat, HAProxy, mysql cluster, apache cluster... Network and web security such as: Vulnerability Assessments, Hardening servers, security audits, Penetration testing, Virus/Malware/Threats/Vulnerabilities countermeasures, web security, fail2ban, Tripwire-AIDE-OSSEC, mod_security, mod_evasive, Denial of Services (DDOS) countermeasures, Firewalls (iptables, CSF and apf), etc. VPS: Cpanel / WHM / Plesk / DirectAdmin / Webadmin - Migrations, management, hardening, configuration, maintenance and high level of Administration. Databases Administration such as: Mysql tweaking and tunning, MongoDB, load balancing and Mysql replication (Master & Slave) for High traffic. Database: Mysql tweaking and tunning, MongoDB, ElasticSearch, Apache Solr, Sphinx, lucene, MariaDB, Postgresql replication & Pgpool, Mysql load balancing and Mysql replication (Master & Slave) for High traffic. Networking: TCP/IP high expertise, NAT, FIREWALLS, CISCO routing and switching and Packet analysis with tcpdump and wireshark. Storage solutions and Directory management: SAMBA, NFS, FTP and sftp. LVM and RAID*. SCRIPTING: Bash and python. Proficient with MAIL Servers: postfix, sendmail and Zimbra. Source control versioning: GIT and SVN. Deploying and maintaining Monitoring systems such as: nagios, ZAbbix, cacti and Jboss Operation Network (JON). Backups solutions: amanda, rsync, Amazon backups and rsnapshot. Research & development (R & D) for any open source service and technology.

    $24.99 /hr
    8,729 hours
    4.90
  8. Shadab Shaikh

    Shadab Shaikh

    QA / Website Testing / iPhone / Android / WordPress

    India - Last active: 4 days ago - Tests: 5 - Portfolio: 4

    Dear All, My name is Shadab Shaikh, I am a web & Mobile app tester with 9+years of hands on experience in TESTING Web & Mobile Applications. I offer a five point promise so that you will know what to expect: * I'll listen to you: that's the best place to start in understanding your objectives * I'll avoid geek speak and talk to you in plain English * I'll use a common sense approach that's based on your business, not my agenda * I'll think outside of the box and encourage you to do so too * I'll be here whenever you have a question I use all the latest testing tools and techniques. I have strong knowledge of SDLC and different types of testing mythology (Black box testing, Regression, Smoke, sanity testing). I am very much familiar with ad hoc & Scrum (agile) testing mythology . I am using bug tracking tool mantis, Jira, Unfuddle, basecamp, Bugzilla. I have knowledge of W3C valid XHTML and CSS. After testing your application, I will write a report on found bugs and suggestions with screenshots and steps to reproduce them. So, you will have all necessary information to make your application the most stable, functional and user-friendly.

    $11.11 /hr
    802 hours
    4.94
  9. Zhu WenQi

    Zhu WenQi

    PHP Mysql Javascript Developer, Penetration Tester,Shanghai China

    China - Last active: 1 month ago - Tests: 9 - Portfolio: 4

    Over the last 7 years, I have developed a wide range of websites using HMTL, Ajax , PHP, and MySQL including sites for startup companies and small businesses. I have developed a CRM named Online Management System (OMS) for an insurance company. The main functions of the CRM are capture leads from multi campaigns, make PDF quotation according to different insurance options, track leads' sale progress, a basic report function. I also have developed a platform,both frontend and backend, which is named TAP (The Advocacy Platform). TAP is a gamified marketing platform which delivers research, user generated content, and most importantly transforms consumers into true authentic Brand Advocates. Advocacy campaigns via TAP have delivered key message recall of 40-50% at 1/10th of TV media cost. Fueled by a community of over 125,000 women in the top 20 cities in China, TAP has delivered 5 million brand 'missions' since January 2012 for key clients such as Reckitt Benckiser, P&G, Kimberley Clarke, J&J, GSK, and Fonterra. My core competency lies in complete end-end management of a new website development project, and I am seeking opportunities to build websites from the ground up for you or your business.

    $25.56 /hr
    64 hours
    5.00
  10. Zia Rehman

    Zia Rehman

    Expert Software QA & Test Engineer

    Pakistan - Last active: 4 days ago - Tests: 5 - Portfolio: 3

    **Functional Testing, Cross-Browser Testing, Usability Testing, Accessibility Testing, Regression Testing**** Over the last 3 years, I have experienced in Software testing using Automated tools like QTP,Cenzic(Application Security) and Manual pen Test. I also have experience with bug tracking tools e.g ReadMine, Mantis, Pivotal Tracker, Fogbugz. My core competency lies in complete and end-to-end testing of software projects and products, and I am seeking opportunities for Software testing for your software projects and products. I also have experience in the following areas: PHP, JavaScript, Ajax, OOP, and software design and development. This will definitaly help me to test the software more than just black box testing. Testing and Bug Tracking Tools: 1- QTP 2- ReadMine 3- Fogbugz 4- Mantis 5- Pivotal Tracker I am using following process for software testing. 1- Estimation of the project 2- Write Test Scenarios 3- Write Test Cases 4- Execution of Test Cases 5- Create defect Report 6- Review defect report and sent to Client Testing levels used: 1- Black box (functional, cosmetic and GUI based issues) 2- Grey Box (verify database as well) 3- Business Logic (sometimes need to verify log files if necessary) Documentation (Documents prepared): 1- TestScenarios 2- TestCases 3- DefectReport Regarding why should you hire me I just want to say that I am: *Responsible *Good Communication skills *Good in Manual Penetration Testing *Document every things from Test Plan to Release Notes *Experienced QA and Test Engineer

    $5.56 /hr
    373 hours
    5.00