Penetration Testing Jobs

We are a startup working on a highly confidential and private internal project. Due to the sensitive nature of this initiative, we require a highly experienced Cybersecurity Specialist with strong expertise in advanced security testing and simulation techniques. This is not a basic vulnerability scanning or standard assessment role. We need an expert capable of performing comprehensive, advanced-level security testing against robust environments while maintaining complete confidentiality. Project Duration: 2 to 3 months (possible extension based on project needs) Compensation: ₹3,00,000 per month (premium budget for the right expert with proven advanced skills) Key Requirements: 5+ years of hands-on experience in advanced cybersecurity testing and security operations Must hold advance...

I need all 50 selected PortSwigger Web Security Academy labs solved end-to-end, not just marked as completed. Each exploit must be reproduced with real traffic in Burp Suite (Community or Pro) and any other tooling you find useful; screenshots or evidence of the successful exploit have to be captured along the way. For every lab you solve, hand over a concise written report that follows the exact “Problem Statement → Solution → Results” structure. I only need a basic overview, so keep each section tight—no exhaustive step-by-step narrative, just the essential reasoning, key actions, and the final proof that the lab objective was met. Deliverables (one archive at the end): • A single document (PDF or DOCX) containing 50 mini-reports, each following the st...

I operate a live online betting platform and want a qualified ethical hacker to run a full-scale penetration test against the public-facing web application. The priority is website & application-level weaknesses, so I expect you to probe everything users can touch: signup, log-in, wallets, odds display, live bets, admin panels behind authentication—every feature that might be exploited. Please include the usual suspects—SQL injection, XSS, CSRF, IDOR, authentication bypass, file upload issues, business-logic flaws—essentially the OWASP Top 10 and anything else you uncover during your manual and automated reconnaissance. Black-box testing is preferred at first; if you later need limited credentials for deeper inspection we can arrange that. Deliverables I need: &bull...

Project Description: We are seeking a highly skilled and experienced cybersecurity professional to conduct a comprehensive Vulnerability Assessment and Penetration Test (VAPT) on our mobile application. The primary goal is to identify, assess, and report on security vulnerabilities within the mobile client and its associated backend APIs. The ideal candidate will have a proven track record in mobile security, follow industry-best practices (such as OWASP MASVS), and provide a detailed, actionable report. About the Application: Application Name: SecureApp Platform(s): iOS/Android Primary Function: An e-commerce platform for handmade goods Technology Stack (if known):React Native, Backend is Node.js Scope of Work: The VAPT should cover, but is not limited to, the following areas: 1. Mo...

I need an experienced security specialist to carry out a thorough review of our bank system’s defences, with the spotlight on the core database and the overall security architecture that surrounds it. This is not a simple camera-or-alarm health check; instead, I want the underlying structure, data flows, and access logic examined for weaknesses that could compromise customer information or interrupt critical services. Scope of work • Map the current database design, supporting servers, and connected services. • Perform vulnerability assessments and penetration tests against these elements, documenting every finding with clear evidence. • Evaluate encryption, key management, privileged-user policies, and change-management procedures to be sure they align with m...

We are a growing startup working on a highly private and confidential internal project. Due to the sensitive nature of this initiative, we require an experienced Cybersecurity Expert with strong background in advanced security operations, threat intelligence, and secure information handling Key Requirements: Proven expertise in cybersecurity, network security, and information protection Advanced skills in online research, deep investigation, and gathering intelligence from various web sources Experience with secure data collection, analysis, and management techniques Ability to work with complex security tools and environments while maintaining complete confidentiality Strong knowledge of anonymity practices, secure communication, and protective measures in challenging online scenarios...

I’m looking for an experienced ethical hacker or cybersecurity professional who can teach me the fundamentals and practical skills. Topics I want to cover: • Basics of cybersecurity & ethical hacking • How VPNs work (proper usage, limitations—not illegal use) • Online privacy & digital footprint protection • Network security fundamentals • OSINT (open-source intelligence) basics • Social media security & account protection • Understanding how attacks happen (phishing, etc.) and how to defend against them I prefer: • 1-on-1 sessions (Zoom/Google Meet) • Practical demonstrations + real-world examples • Step-by-step learning plan Goal: • Learn cybersecurity for personal knowledge and protection Pleas...

I need a an ethical hacker for pen testing and cyber security issues.

ERP Testing Scope Document Objective • Perform a comprehensive testing and quality assessment of the ERP solution • Ensure the system is production-ready, secure, scalable, and aligned with ERP best practices Functional Testing Scope • Validate end-to-end ERP workflows across all modules • Finance & Accounting: Journal postings, reversals, reconciliation, tax calculations, period closing • Procurement: Purchase requests, approvals, vendor management • Sales: Order processing, invoicing, payments • Inventory: Stock management, movements, adjustments • User Management: Roles, permissions, RBAC validation • Master Data validation • Reporting accuracy • Audit trail verification Non-Functional Testing • Load testing • Performa...

My DeFi protocol is code-complete and ready for public launch, but it cannot go live until an exhaustive penetration test confirms it is watertight. The scope is limited to the Solidity smart contracts powering liquidity pools, staking logic, rewards distribution, and governance. I need you to probe for the full range of threats—re-entrancy, flash-loan manipulation, oracle spoofing, unchecked arithmetic, gas griefing, privilege escalation, and any logic flaws unique to DeFi. A balanced mix of automated scanners (e.g., Slither, MythX, Echidna) and deep manual review is expected so no subtle issue slips through. Deliverables • Comprehensive audit report detailing every vulnerability, its severity, reproduction steps, and clear remediation advice • Proof-of-concept e...

Our in-house team built the first cut of a transport ERP with Claude and ; it works for demos, but I now need it production-ready for real fleets and paying clients. Infrastructure – Deploy the application on Amazon Web Services. Please provision the full stack (compute, managed database, object storage, CI/CD) under my account, attach our domain, and issue a valid SSL certificate. A nightly snapshot and disaster-recovery plan must be in place before go-live. Core application hardening The logistics modules—inventory, fleet, fuel tracking, and invoicing—occasionally break under concurrent use. Your first task is to trace and remove those stability issues, then verify that multi-user roles and the audit-log engine behave consistently across all transactions. Securit...

Our BGMI (Battlegrounds Mobile India) infrastructure occasionally freezes when traffic surges. I want to put a permanent stop to that by building a preventive DDOS shield that covers every critical touch-point—login, in-game communication, and matchmaking. You will begin with a quick audit of the existing network layout and traffic patterns, then design and deploy a solution that blocks volumetric and application-layer attacks before they can overwhelm the servers. I expect minimal additional latency for legitimate players, clean documentation of every rule or service introduced, and a repeatable playbook I can apply to new nodes as we scale. Deliverables • Security architecture diagram and written rollout plan • Hardened configurations applied to the login, game, a...

I need a seasoned ethical hacker to carry out a full-scope security assessment of my environment. The end goal is simple: uncover any vulnerabilities before malicious actors can exploit them, then give me clear, actionable steps to fix them. Please outline your relevant experience when you reply—real-world projects, certifications (e.g., OSCP, CEH), and any notable results will help me understand how you approach engagements like this. Scope • Reconnaissance and vulnerability discovery • Exploitation and privilege escalation (within agreed boundaries) • Post-exploitation risk analysis • Clean, well-structured reporting that ranks issues by severity and urgency Deliverables 1. Executive-level summary (non-technical) 2. Detailed technical report...

我手上有一个具体的网页游戏站点，需要对它进行一次聚焦性的安全测试。目标是找出并复现「访问控制漏洞」，并最终提供一份可复用的脚本或小程序，帮助我在之后的版本中快速验证漏洞是否仍然存在。 重点说明 1. 站点类型：网页游戏。 2. 漏洞方向：我最关心的是访问控制层面的缺陷。 3. 其他说明：提问时我把“特定游戏网站”写在了漏洞类型一栏——请以此理解为“目标已锁定的单一站点”。 交付物 • 渗透测试步骤与发现过程的技术报告（含关键截图、复测方法）。 • 可执行的 PoC 脚本 / 程序，要求： – 一键运行即可验证漏洞是否存在； – 控制台输出清晰，必要时附使用说明。 合作须知 • 所有测试必须在我授权的演示环境中进行，严禁对正式生产环境造成干扰。 • 请在开始前与我确认测试窗口与目标域名。 • 代码可用 Python、Go 或您擅长的语言编写，只要依赖简单、易复现即可。 如果你在网页游戏安全、访问控制绕过或自动化 PoC 编写方面有成熟经验，就联系我讨论更多细节。