Budget: 8000 UAH Deadline: 2 days
Hello, I possess all the necessary competencies, both technical and economic. I will be happy to help as quickly as possible.
Role and tasks of the specialist
Goal: Conduct a thorough manual audit of the web application and infrastructure, from which automated scanners (Omni-Scanner) received initial leads, or those targets where automation fails due to complex protections (WAF, Captcha, application logic).
Main principle: Human intuition. The specialist must look for business logic vulnerabilities, exploit chains (chaining vulnerabilities), and conduct unconventional attacks that are inaccessible to bots. More details here https://docs.google.com/document/d/18dYMA5LvrTEf8Lx1WNKe3ZpJ0JMlzKVKhv0ou2fSZus/edit?tab=0
Budget: 8000 UAH Deadline: 2 days
Hello, I possess all the necessary competencies, both technical and economic. I will be happy to help as quickly as possible.
Budget: 8000 UAH Deadline: 5 days
Good day. It's quite an interesting task, and I will gladly complete it.
Budget: 8000 UAH Deadline: 1 day
Greetings! The categories specified in the order are not quite correct (classic QA or data engineer won't help here); you need a pure Application Security / Pentest specialist. Automated scanners like Omni-Scanner are good for finding forgotten software versions or default configs, but they are completely blind when it comes to application logic and custom WAF rules. My main specialization is indeed manual analysis and logical vulnerabilities:
Business Logic Flaws: I look for vulnerabilities in the logic of the shopping cart, payment systems, ID substitution (IDOR), bypassing restrictions (Rate Limit / Captcha), and Race Conditions, which automation physically cannot simulate.
Vulnerability Chaining: I don't just fix low bugs; I chain them together. For example, from a harmless Self-XSS through CSRF or header substitution, I can escalate to a full account takeover (Account Takeover) or SSRF/RCE.
Bypassing protective mechanisms: I have experience analyzing WAF logic (both cloud and custom modules), searching for "gray areas" in request parsing (HTTP Request Smuggling, SQLi through filters, bypassing authorization through headers like X-Forwarded-For).
I have studied the document linked. I am ready to conduct a quality black-box/gray-box audit, check the findings from your scanner, and provide a detailed report (RTF) on the classification of OWASP Top 10 with a detailed description of PoC (Proof of Concept) and remediation recommendations.
I am willing to consider a budget of 8000 UAH as a starting point for assessing the critical scope. I suggest we chat privately to discuss the architecture of the web application (stack, presence of API) and define the exact project scope.
Looking forward to your response!
Budget: 8000 UAH Deadline: 5 days
Hello!
I have experience in manual QA and testing complex logic of web applications.
I will focus on:
- finding vulnerabilities in business logic
- non-standard scenarios and bypassing restrictions
- building chains of vulnerabilities
- checking authorization, access rights, and data validation
Deliverables:
- a structured report with vulnerabilities (description, reproduction steps, impact)
- risk prioritization
- recommendations for remediation
I am ready to review the technical specifications and discuss the details.
Budget: 8000 UAH Deadline: 5 days
Hello! I will perform a manual analysis. I will complete your task quickly and efficiently.
My latest works
https://florist-map.vercel.app
https://indexfast.pp.ua
https://monitortest.pp.ua
https://mamamia.pp.ua
My portfolio: https://freelancehunt.com/ua/freelancer/romas6ka.html#portfolio
Feel free to write, I will start working today. I look forward to collaborating with you!
Budget: 27000 UAH Deadline: 7 days
We already have a nearly ready process for manual auditing of web applications and infrastructure, which can be quickly adapted to your goals and started within the marketplace. I'm available to discuss.))
Regarding the budget - 8000 UAH seems sufficient only for a short initial manual check of 1-2 points, while a deep L2/L3 audit based on your document I would estimate starting from 35000 UAH for 7 days.
Look, there’s a nuance - before any checks, written permissions for testing are needed, along with a list of domains or IPs, load limits, and prohibited actions; otherwise, we might accidentally create not an audit, but an adventure for lawyers.
I would simplify it - first, we check reconnaissance, business logic, sessions, roles, CMS, and critical scanner hooks, then we provide a report with risks, reproduction, and priorities for fixes.
> Please clarify how many goals are included in the first stage and if there is a separate test environment.
> Is it necessary to only find vulnerabilities or also to check fixes after improvements?
> https://business.ingello.com/platforma - similar experience with corporate roles, processes, and access rights.
> https://business.ingello.com/lita - a project with sensitive data and strict access scenarios.
> https://systems-fl.ingello.com - who we are and what system projects we do.
If we agree on the boundaries, we can carefully start the work - quietly, without unnecessary heroics, but with a normal engineering mindset.))
Budget: 8000 UAH Deadline: 3 days
Good day! I am ready to conduct a thorough manual security audit of the web application and infrastructure. Using intuition and unconventional approaches, I will identify vulnerabilities in business logic and exploit chains that are not accessible to automated scanners. Experience working with WAF, Captcha, complex application logic, and advanced testing techniques. Contact me to discuss the details.
An experienced 1C programmer is needed for a one-time data migration from 1C to a new CRM system. It is necessary to export data from 1C while preserving all relationships between entities: products, clients, receipts, invoices, balances, product movement history, and other directories. The export format can be JSON, SQL, or any other format convenient for further import. The main requirement is to maintain the data structure and all relationships between documents and objects so that the data can be correctly transferred to another CRM without loss of information. Experience in data migration between 1C and third-party systems will be an advantage. There is no need to migrate to another CRM, just provide a file or create functionality to save a dump file locally on click. Everything is managed locally, so you will need to work through AnyDesk or something similar. I don't know the prices for such work, so please make your offers.
We are looking for support for a project based on Yii , we need to make edits and improvements to the database, there is partially a connection with the previous contractor .....................
It is necessary to migrate the database from CRM G-PLUS to MyChatBot Database volume - 26 thousand leads 2 funnels - Call center and Sales department with their own funnels Lead cards (besides name and number) have many different fields Leads also have voice recordings of calls. These also need to be transferred I expect an approximate amount and implementation timeline from the candidate
Create a dashboard for monitoring and analyzing the performance of the company's location network (branches) in Google Business Profile (GBP) through the official Google Business Profile API. Process via a script based on Google Apps Script (link to Google Sheets). Record data in Google Sheets (which serves as a database for Looker Studio). Update: Daily (with an indication of the last update date). Create a Google Cloud service account. The script runs once a day (trigger at 03:00 AM) and sends a request to the GBP API. It retrieves metrics for the previous day for each location (locationId). Records data in a flat format (row = unique combination of Date + Branch ID + Metrics). Key Performance Indicator CardsCard NameGBP MetricDynamic FormatProfile ViewsImpressions (Search + Maps)Percentage %, Sparkline (blue)CallsLocal Services Phone CallsPercentage %, Sparkline (green)Website ClicksWebsite ClicksPercentage %, Sparkline (purple)Direction RequestsDirection RequestsPercentage %, Sparkline (orange)Average RatingAverage Review RatingAbsolute change (e.g., +0.1), Sparkline (yellow)New ReviewsNew Reviews CountPercentage %, Sparkline (turquoise)
Hello everyone! I'm looking for a Backend Developer (NestJS) to work on a new project. What needs to be done Develop a REST API using NestJS. Prepare and maintain documentation through Swagger (OpenAPI), so that the frontend developer can automatically generate a client using Orval and always work with the current specification. Design a clean, scalable architecture that will be easy to maintain and develop. Requirements Strong knowledge of NestJS and TypeScript. Experience with PostgreSQL. Experience integrating with Supabase: authentication and authorization; working with the database; using the platform's built-in features. Experience integrating Stripe (through Supabase features). Understanding of API security principles, authorization, data validation, and application protection. Ability to write clean, structured, and extensible code. If you have relevant experience, please send: examples of projects or GitHub; your desired rate (for the screens I provided, so I can understand your rate, hourly is inconvenient as it's unclear what volume of work will be done, everyone has a different pace);