Penetration Testing Jobs

is seeking an experienced web application security specialist to address specific vulnerabilities identified in our recent penetration testing assessment. As a healthcare technology company specializing in innovative oral health monitoring solutions, we prioritize robust security standards and regulatory compliance. This is a focused, short-term engagement to remediate six specific security findings in our web application infrastructure. We need an independent contractor who can take full ownership of implementing these security fixes efficiently and professionally. Scope of Work - Specific Vulnerability Remediations Based on our completed Web Penetration Testing assessment, you will address the following security findings: 1.-n/a 2. Server Version Disclosure Prevention • Task Ty...

My dedicated Linux server suddenly jumped to 100 % CPU, cPanel accounts refuse to load, and nothing has been tweaked recently—no software updates, no new scripts, no configuration edits. I suspect something malicious slipped in or a runaway process is exhausting resources, but I need solid confirmation and a clean-up fast. What I need you to do • SSH in, profile the load, and isolate the exact processes or connections causing the spike. • Scan thoroughly for root-kits, malware, or hidden cron jobs (tools such as maldet, rkhunter, chkrootkit are welcome, but feel free to use your own). • Patch or remove whatever you find, harden the box, and restart services so every cPanel account comes back online. • Hand me a concise report detailing the root cause, the...

I need a certified ethical hacker to run a full-cycle social-engineering engagement focused exclusively on phishing simulation. The objective is to gauge how many employees interact with malicious-looking emails, identify patterns behind unsafe clicks or credential submissions, and turn those findings into actionable security awareness improvements. The work involves designing realistic phishing scenarios aligned with our business context, sending the campaign through a managed platform (GoPhish, King Phisher, or similar), silently harvesting the metrics, and then compiling a thorough post-test report. No destructive payloads or system exploitation are allowed—this is a people-centric test only. Deliverables • Campaign design document outlining themes, targets, schedule, and...

I need a certified ethical hacker to run a full-cycle social-engineering engagement focused exclusively on phishing simulation. The objective is to gauge how many employees interact with malicious-looking emails, identify patterns behind unsafe clicks or credential submissions, and turn those findings into actionable security awareness improvements. The work involves designing realistic phishing scenarios aligned with our business context, sending the campaign through a managed platform (GoPhish, King Phisher, or similar), silently harvesting the metrics, and then compiling a thorough post-test report. No destructive payloads or system exploitation are allowed—this is a people-centric test only. Deliverables • Campaign design document outlining themes, targets, schedule, and...

I need an experienced cyber-investigator to zero-in on malware that has recently infiltrated several personal computers in my office. The priority is to detect, isolate, and document every malicious component so we can move straight to containment and clean-up. I need someone to access a Blackmailing correspondence I had with a person on Telegram. I need the archives from this account and we must do this legally via Telegram? You will start with a remote sweep (or on-site if you are nearby), capture volatile data, analyse suspicious processes, services, registry changes and network traffic, then supply a concise report that identifies the malware family, infection vectors, and any persistence mechanisms you uncover. I will handle the actual remediation once I have your find...

I need an experienced cyber-security professional who can move straight past theory and actually put the right protections in place. My environment is already running, but the current safeguards are piecemeal. Your task will be to evaluate what is there, decide what is missing, and implement the controls that close those gaps—whether that involves configuring firewalls, hardening servers, enforcing least-privilege access, deploying endpoint protection, or setting up logging and alerting in a SIEM. I’m looking for measurable improvements, not just a written report. Once the new measures are live, I’ll need clear documentation of every change plus a brief hand-over session so my in-house team can maintain what you install. Deliverables • Security controls fully dep...

I need help to find a hacker who compromised my computer over wifi. Requirements: - Analyze the breach and identify the hacker. - Use existing antivirus info for insights. - Provide a detailed report of findings. Ideal Skills: - Experience in cybersecurity and hacking investigations. - Proficient in analyzing antivirus data. - Strong problem-solving skills and attention to detail. Please include past work, experience, and a detailed project proposal in your application.

I’m looking for a qualified security professional to run a full-scale penetration test against my public-facing web application. The goal is to simulate real-world attack scenarios, uncover exploitable weaknesses, and receive a clear, actionable roadmap for tightening our defenses. Scope – Web application layer only (no network infrastructure or API testing at this stage). – Black-box or gray-box methodology is fine; we can agree on the exact approach once you review the stack and access level I can provide. What I expect from you • A concise test plan outlining the tools and techniques you’ll use (e.g., Burp Suite, OWASP Zap, manual code review where appropriate). • Execution of the penetration test without disrupting production traffic. &bull...

I hold written authorization from the system owner and need an experienced ethical-hacking professional to carry out a controlled breach of our production environment. The assignment goes beyond a traditional penetration test: I want you to replicate a real-world, end-to-end intrusion scenario so we can measure how our monitoring, logging and incident-response teams react under pressure. Scope • Obtain initial access using any non-destructive vector you discover (phishing simulation, misconfigurations, credential weakness, etc.). • Laterally move, escalate privileges and demonstrate data access without altering or deleting information. • Leave tamper-proof evidence (flags) in pre-agreed directories so we can verify compromise. • Conclude with a thorough report that det...

I’m ready to bring in a security specialist to run a thorough, manual penetration test on my live e-commerce application. Automated scanners aren’t enough for this engagement—I need human-driven testing that uncovers real-world attack paths. Here’s what I’m looking for: • A full manual assessment covering all SQL Injection, Cross-site Scripting (XSS) and Cross-site Request Forgery (CSRF),Web Application Penetration Testing , Network Penetration Testing Services External or Internal, Web Services Testing, API Testing • Exploitation-level proof of concept for every confirmed issue, with clear, reproducible steps. • A concise risk-ranked report that separates critical, high, medium and low findings, followed by practical remediation advice writ...

We would like to find someone who is capable of making a ticket buying bot, to PREVENT tickets from being bought from. This is a protection and defensive upwork post. We are looking to block vulnerabilities in the website. Thank you, J

Project Description: I am looking for a Cybersecurity Specialist to perform a comprehensive security audit on a newly developed desktop application. The goal is to evaluate the robustness of the authentication framework and provide a risk assessment report. Scope of Work: Conduct a Vulnerability Assessment on the application's login and validation protocols. Test the integrity of the software's validation logic against unauthorized access. Evaluate the effectiveness of current obfuscation and anti-tamper measures. Provide a detailed report with recommendations for hardening the software and improving data protection. Requirements: Proven experience in Application Security Testing and OWASP standards. Strong background in binary analysis and software protection mechanisms...

I’ve built a custom web application and it’s almost ready for production. Before the public rollout, I want a rigorous penetration test that will expose any weakness and help tighten every layer of security. The assessment must be hands-on and realistic, covering the full stack rather than a purely theoretical review. Scope My priorities are clear: • Code review – comb through the source for injection points, authentication flaws, insecure dependencies, and logic errors. • Network-level probing – map open ports, misconfigured firewalls, and potential lateral-movement paths. • Server configuration – evaluate patch levels, TLS setup, permissions, and hardening of the underlying OS and web server. Primary Goal The sole purpose is to imp...

Cloud Security Specialist – Immediate Infrastructure Hardening (Short Term) Project Overview Duration: 3 to 5 days Location: Remote Start: Immediate A healthcare technology platform requires a Cloud Security Specialist to implement quick security improvements identified in a recent penetration assessment. This is a focused, short-term assignment aimed at reducing immediate attack surface exposure at the infrastructure layer. Scope of Work All listed tasks must be completed. 1. Server Version Disclosure Prevention Remove server and framework version information from HTTP responses. Responsibilities Configure AWS Application Load Balancer to remove server headers Update CloudFront response headers policy Disable X Powered By headers in Customize error responses to prevent ve...

Cloud Security Specialist – Immediate Infrastructure Hardening (Short Term) Project Overview Duration: 3 to 5 days Location: Remote Start: Immediate A healthcare technology platform requires a Cloud Security Specialist to implement quick security improvements identified in a recent penetration assessment. This is a focused, short-term assignment aimed at reducing immediate attack surface exposure at the infrastructure layer. Scope of Work All listed tasks must be completed. 1. Server Version Disclosure Prevention Remove server and framework version information from HTTP responses. Responsibilities Configure AWS Application Load Balancer to remove server headers Update CloudFront response headers policy Disable X Powered By headers in Customize error responses to prevent ve...

is seeking an experienced web application security specialist to address specific vulnerabilities identified in our recent penetration testing assessment. As a healthcare technology company specializing in innovative oral health monitoring solutions, we prioritize robust security standards and regulatory compliance. This is a focused, short-term engagement to remediate six specific security findings in our web application infrastructure. We need an independent contractor who can take full ownership of implementing these security fixes efficiently and professionally. Scope of Work - Specific Vulnerability Remediations Based on our completed Web Penetration Testing assessment, you will address the following security findings: 1.-n/a 2. Server Version Disclosure Prevention • Task Ty...

I’m starting from scratch and want to build a solid foundation in ethical hacking, not the shady stuff. What I need is a structured, online-based learning path that moves me steadily from absolute beginner through the essentials of reconnaissance, vulnerability scanning, exploitation, and post-exploitation—all with a clear focus on legal, responsible practice. Here’s what I’m looking for you to deliver: • A step-by-step syllabus broken into logical modules that I can follow in my own time, with estimated completion times and milestone quizzes. • Curated links to reputable online courses, labs, and CTF platforms (Think TryHackMe, Hack The Box, or equivalent), together with your notes on why each resource is worth my time. • A concise toolkit setu...

Nous avons développé une plateforme de mise en relation entre entreprises et prestataires freelances dans les métiers : sécurité privée, hôtes/hôtesses d’accueil, vente & retail. Le site est déjà entièrement fonctionnel (développé via Lovable), avec un workflow complet incluant : publication d’offres et candidatures, consultation de profils et embauche directe, échanges entre clients et prestataires, envoi de devis/factures, paiement par séquestre, validation de mission et déclenchement du paiement, système de notation. Nous recherchons un(e) professionnel(le) capable d’auditer, corriger et sécuriser l’ensemble. Mission recherchée :...

Je souhaite établir une collaboration sur la durée avec un(e) spécialiste capable de renforcer la sécurité de nos réseaux d’entreprise, de nos environnements cloud et de notre parc IoT. Objectifs prioritaires • Mettre en place une protection active contre les intrusions (IDS/IPS, segmentation, règles firewall affinées). • Sécuriser les données en transit et au repos : chiffrement, gestion des clés, politiques de sauvegarde vérifiables. • Structurer la gestion des accès : Zero-Trust, MFA, revues de droits périodiques. Défis actuels – Menaces internes : droits excessifs, shadow IT, comportement à risque. – Attaques externes : phishin...