Budget: 250 EUR Deadline: 5 days
Good day! Write in private messages, we will discuss the details, access, updates... Thank you...
The site on Joomla 3.x + Virtuemart
A person can purchase a product without registration.
One morning more than 700 orders from different "people" with card payment. Moreover, the payment was made.
This is a carding attack.
Requirements:
Check the site for viruses and hacking. Send a report.
If necessary, implement protection.
Budget: 250 EUR Deadline: 5 days
Good day! Write in private messages, we will discuss the details, access, updates... Thank you...
Budget: 149 EUR Deadline: 1 day
Hello! I understand the seriousness of the situation. This is classic carding (brute-forcing stolen cards). Your payment gateway may block the account due to a high level of fraud (chargebacks).
I specialize in security. I have experience working with Joomla + VirtueMart.
My action plan:
Audit: I will scan the files and server logs to rule out the presence of shells/backdoors.
Protection (Main): I will implement Google reCAPTCHA v3 (or Cloudflare Turnstile) at the checkout stage. This will 100% block bots without interfering with real customers (without manual captcha input).
Report: I will provide a document with the results of the check and instructions.
I work carefully, data will not be compromised.
I am ready to start immediately.
Budget: 270 EUR Deadline: 3 days
Good day, I have a lot of experience with Joomla, ready to set up security and remove the directory.
Budget: 200 EUR Deadline: 1 day
Hello!
Without the answers below, the protection will be minimal.
1. Payment
- What payment system?
- Are transactions successfully charged or only authorized?
- Is there a fraud report from the payment system?
2. Logs
- Access to server logs (Apache/Nginx + PHP)?
- Are VirtueMart order logs available?
3. Site outline
- Joomla version (exactly)?
- Are third-party payment/captcha plugins used?
- Is there a CDN/WAF currently?
4. Current limitations
- Can guest-checkout be temporarily disabled? (yes/no)
- Can limits/captcha be introduced on checkout? (yes/no)
5. Stage goal
- Priority:
A) incident investigation
B) urgent protection
C) both (recommended)
Budget: 60 EUR Deadline: 3 days
Hello! Yes, this looks like a carding attack. I am ready to quickly check Joomla 3.x + Virtuemart for hacks/malicious code and prepare a brief report. If confirmed, I will set up protection (payment restrictions/anti-bot, rules for checkout, WAF/filters).
Budget: 350 EUR Deadline: 30 days
Hello! I have reviewed your assignment and believe that I can successfully complete it. I would be happy to collaborate, please write to me personally for further details.
We are looking for an experiencedCybersecurity Specialist / Penetration Tester to perform a security assessment of a web application built with AI. Responsibilities: Perform black-box and white-box penetration testing. Identify security vulnerabilities (OWASP Top 10, API security, authentication, authorization, etc.). Test against common attack vectors such as XSS, SQL Injection, CSRF, SSRF, IDOR, file upload vulnerabilities, and authentication bypass. Review API security and AI-related attack surfaces. Provide a detailed report with findings, severity, proof of concept, and remediation recommendations. Requirements: Fluent English (written and spoken). Proven experience in web application penetration testing. Strong knowledge of OWASP Top 10 and modern web security. Experience testing REST APIs. Ability to provide a professional security report. Relevant certifications (OSCP, PNPT, eJPT, CEH, etc.) are a plus. To apply, please include: Your hourly rate (USD). Your estimated fixed price for this project. Your years of experience. Examples of similar security assessments you have completed. Your English proficiency level
A problem has arisen with how things are heard on the other end; we have gone through a lot but cannot find the issue. We need a competent person who can identify the problem and better configure the telephony. There is also a remote server in this chain that connects via RDP, VPN, and other means. Therefore, the person must understand how it works and check all elements.
Hello. There have been multiple attacks on the online store in Moldova. The identity of the person who is 90% likely to have done this is known. It is necessary to try to gather as much information as possible from the server logs and other evidence about who did this. In general, to collect a body of evidence based on the available clues.