We are looking for an experiencedCybersecurity Specialist / Penetration Tester to perform a security assessment of a web application built with AI. Responsibilities: Perform black-box and white-box penetration testing. Identify security vulnerabilities (OWASP Top 10, API security, authentication, authorization, etc.). Test against common attack vectors such as XSS, SQL Injection, CSRF, SSRF, IDOR, file upload vulnerabilities, and authentication bypass. Review API security and AI-related attack surfaces. Provide a detailed report with findings, severity, proof of concept, and remediation recommendations. Requirements: Fluent English (written and spoken). Proven experience in web application penetration testing. Strong knowledge of OWASP Top 10 and modern web security. Experience testing REST APIs. Ability to provide a professional security report. Relevant certifications (OSCP, PNPT, eJPT, CEH, etc.) are a plus. To apply, please include: Your hourly rate (USD). Your estimated fixed price for this project. Your years of experience. Examples of similar security assessments you have completed. Your English proficiency level
Proposals are currently absent
Freelancers are reviewing the task — proposals will appear here soon.
Proposals are currently absent
Freelancers are reviewing the task — proposals will appear here soon.
Current freelance projects in the category Cybersecurity & Data Protection
Not specified
8 proposals
11:48
67 USD
9 proposals
A problem has arisen with how things are heard on the other end; we have gone through a lot but cannot find the issue. We need a competent person who can identify the problem and better configure the telephony. There is also a remote server in this chain that connects via RDP, VPN, and other means. Therefore, the person must understand how it works and check all elements.
Not specified
12 proposals
Hello. There have been multiple attacks on the online store in Moldova. The identity of the person who is 90% likely to have done this is known. It is necessary to try to gather as much information as possible from the server logs and other evidence about who did this. In general, to collect a body of evidence based on the available clues.
Loading...
Loading...