• Projects 7
  • Rating 5.0
  • Rating 6 195

Budget: 1200 USD Deadline: 8 days

For an AI-integrated web app, the assessment needs two parallel tracks. The first is standard web/API testing covering auth bypass, IDOR, SSRF and injection chains. The second is AI-layer testing against OWASP Top 10 for LLM Applications 2025. On the AI side, the vectors that matter most are prompt injection (direct and indirect via stored user content), system prompt leakage, excessive agency if the model calls tools/APIs, and vector/embedding weaknesses if you use RAG. I test with Burp Suite Pro for the web layer, manual adversarial prompting plus custom scripts for the AI layer. Deliverable: severity-rated report with reproducible PoC per finding and remediation steps prioritized by risk. What's the tech stack? Specifically interested whether the AI component has tool-calling or external data retrieval, since that determines how wide the AI attack surface actually is.

  • Projects -
  • Rating -
  • Rating 363

Budget: 1500 USD Deadline: 7 days

Hello Slava,
I’m interested in performing a comprehensive security assessment of your AI-powered web application.
I can cover black-box and white-box penetration testing, OWASP Top 10, REST API security, authentication, authorization, IDOR, XSS, SQL injection, CSRF, SSRF, file-upload vulnerabilities, and AI-specific risks such as prompt injection and sensitive-data exposure.
You will receive a professional report with severity ratings, reproducible proof-of-concept steps, and practical remediation recommendations. I can also perform a retest after the identified vulnerabilities are fixed.
My details:
Hourly rate: $35/hour
Estimated fixed price: $1500,
Experience: 2 years
English proficiency: Intermediate (B1–B2). Strong written English and good listening comprehension; spoken communication is currently less fluent.
Relevant experience: Hands-on experience assessing web applications and REST APIs for OWASP Top 10 vulnerabilities, including authentication flaws, IDOR, XSS, SQL injection, CSRF, SSRF, and insecure file uploads. I have also prepared structured security reports with proof-of-concept steps and remediation guidance.

  • Projects -
  • Rating -
  • Rating 196

Budget: 2500 USD Deadline: 10 days

we already have a nearly ready security assessment framework for ai web apps, so we can adapt it quickly and start here on freelancehunt now ))

hourly rate - 45 usd
preliminary fixed price - 2500 usd
estimated timeline - 10 business days after access
experience - 10+ years in web systems, rest api integrations, ai automation, security-aware architecture and remediation work
english - fluent written, comfortable spoken

WE can test black-box and white-box areas, rest api, authentication flows, role permissions, file uploads, owasp top 10 and ai-specific prompt or data exposure risks.

  • Projects 25
  • Rating 5.0
  • Rating 13 814

Budget: 2000 USD Deadline: 5 days

I have strong experience in web application penetration testing, including both black-box and white-box approaches, with a focus on OWASP Top 10, API security, authentication/authorization flaws, and modern web attack vectors. I can assess issues such as XSS, SQL Injection, CSRF, SSRF, IDOR, file upload vulnerabilities, broken access control, and authentication bypass, as well as review AI-related attack surfaces and integration points

55$/h / fixed 2000$

Proposals concealed

The list does not show proposals concealed by the client or freelancer with a Plus profile, as well as proposals violating rules