SQL Injection expert

Hello I have a vast experience with .net and SQL development and would like to help you test and discover any existing vulnerabilities. I will perform this test and produce a document with my findings. Additionally, if you can provide the sources of the site, I am happy to look at them for common mistakes that may have gone undiscovered as part of the injection testing (some cannot be seen/exploited easily from the outside, but may be present and possibly be discovered later). For this second part I would need to see the site to be able to assess the workload involved, if it may be of interest to you I will advise on this once the initial work (with virgin eyes) has been completed and we can go from there. I look forward to working with you on this interesting project! I'll provide skype and email contact details once milestone escrowed/project awarded and can get started straight away. thanks & regards, Janos

A proposal has not yet been provided

Hi I am Microsoft Certified professional in MS SQL Server having 10 years of professional development experience. Please get in touch to discuss this project in more details before final commitment. Regards Sam

A proposal has not yet been provided

Expert in PHP and Web Security How can I assist you in this job ? You can see my portfolio about various web attacks including SQL Injection and I also know prevention against them Thanks

Hello! I'm Web Security Expert with more than 5 years experience. I'm ready to start auditing. Please provide me with URL to this website.

hi i am an expert in sql injection and penetration testing of websites and systems I am sure you will be quite happy with my work

Dear Sir, I am an expert in security analysis and web servers. To do this I have executed several projects including hardening of servers and fixing websites vulnerabilities. Mt very first project on this site a month back was hardening of server. My bid is not only for SQL Injection but also for the complete vulnerability and penetration testing. I expect to take a day to provide you this information. The information or list of vulnerabilities would be checked before I give them to you to remove false positives. If you can let me know the website address, I would be happy to provide an initial screening report. Looking forward to hearing from you soon. Regards, Abhi

i use sql injection techniques for my daily job, from mysql to sqlsever /<dbms> backends. If you need i can use other kind of (test) attack

If you have source code for the website, then verifying its security is much more efficient. A lot of websites are based on open source CMS systems. Otherwise, testing the security involves making an educated guess about which parameters in the GET or POST request might be vulnerable. Typically, a prerequisite for effectively auditing the site is to have a user login. More complete coverage of code paths is possible with an admin login for the website. To secure the site, all input parameters should be validated before any are used to construct SQL statements. This involves matching on allowed strings and generating an error if there is no match. There are various tools that are useful for this task, including: manual request replay, fuzzing, HTML and Javascript code tidying, Perl and command-line web client automation I am familiar with some of the techniques that might be used for SQL injection. There are tutorials on how to test for this possibility. It also depends on what SQL server they are using, whether certain query syntax is supported. An SQL injection vuln that has visible results in the HTML is much easier to detect than a blind SQL injection, although the latter is still possible. Thank you for your consideration. I look forward to your reply.

Our comprehensive penetration testing services mimic an attacker seeking to access sensitive files by exploiting security weaknesses on your website. During the engagement, we begin by assessing your website's infrastructure "weakest links", as well as other possible venues of attack. We then generate a report containing all the discoveries and submit it for your review. This is included in the quoted price. Further on we can provide remedies/corrections for the discovered weaknesses and can educate our clients regarding quick discovery and response ability to eventual attacks. Looking forward to hearing from you.

Hi, I would like to submit my proposal for the project posted by you: 1. We are a team of 3 people who work together towards achieving goal 2. Being working in team increases enables to deliver fast and within timelines 3. We all are engineers by professional who understand the importance of commitment. 4. We are .NET, Sql expert. Regards, vWorkerTeam