Test the API
56 USD Hello colleagues. There is a medium project, a simplified analog of LUN. I have almost completed the API for it, but it needs to be tested, including for security, for example, there is a division into roles, limits...
What you will receive: a detailed specification, design from Figma, Swagger documentation, and public methods.
The output will be two iterations: the first is a list of bugs and errors compiled by you in one document, including if any methods are considered redundant; the second, I will fix them within a day or two, and you will check if everything is corrected, even if the project is closed unexpectedly, I will handle any minor issues myself.
Part of the API has already been integrated with the frontend. I will not provide access to the code, but I can share various matrices of rights and all necessary information without any problems. The complex part is that you need to dive a little into the architecture of the project, although it is not particularly complicated and is based on several roles.
Applications 1
-
10 days56 USD
10 days56 USD
I will conduct comprehensive functional and security testing (Security & Business Logic QA) of your API within the strict framework of two iterations, focusing on the resilience of the rights matrix, request limits, and data isolation between roles.
How is the protection against IDOR vulnerabilities currently implemented at the backend architecture level: is the ownership check of the property object for a specific user (or role) performed dynamically through middleware at each endpoint, or is there a risk that public methods allow bypassing restrictions through manipulation of IDs in request parameters?
Budget and timelines will be discussed in personal correspondence.
Similar completed project: В модулі OpenCart виправити 5 проблем повязаних з Facebook API
-
1 day56 USD
1 day56 USD
Hello! I am ready to take on your project and will complete it urgently. I have extensive experience with similar tasks, so there will be no difficulties. If I have piqued your interest, feel free to write; I am happy to collaborate!
-
2 days56 USD
2979 14 0 2 days56 USD
Good day. I will write automated scripts using Typescript for testing your API and checking the limits and security of roles. I will create a detailed report of the found errors and perform a recheck after your corrections. I am ready to start now. I would appreciate the collaboration.
-
1 day56 USD
2556 38 0 1 day56 USD
Good day! I have reviewed the task and am ready to start. I have quite a lot of experience with APIs, integrations, and testing.
Experience:
• 4 years in Frontend and Backend development
• 2 years of commercial experience in product and blockchain
• Working with production code and real financial scenarios
Some of my projects:
… https://contentbuilder.ai/ - a commercial project from the USA, where I worked as a full-stack developer and implemented most of the functionality
https://freelancehunt.com/showcase/work/procasino/2025898.html
https://freelancehunt.com/showcase/work/bionrgg/2025897.html
-
4 days56 USD
2151 20 0 4 days56 USD
Hello.
I will take it on. As I read the scope - at the input swagger, specification, design from Figma, and public methods; at the output a document listing issues (bugs, security gaps, redundant methods), then you make corrections, I verify.
What I will check systematically.
Authorization and roles - whether the correct checks are performed at each endpoint, whether there are roles that can see others' resources (IDOR), whether the logic of privilege degradation is correct.
Limits and rate limiting - are they genuinely limited or cosmetic, how does 429 behave (returns Retry-After), can it be bypassed through variations of headers or parameters.
…
Discrepancies between swagger and actual implementation - field types, required fields, date formats, enums, response codes 200, 4xx, 5xx.
Information leaks in errors - stack traces in production, informative messages that assist an attacker.
Input validation - null, empty values, negative numbers, overflow, SQL injection through parameters, typical edge cases.
Business logic - racing scenarios on sensitive operations, repeated operations (idempotency), states that may be prohibited from the domain perspective.
First iteration - 2-3 days after receiving access and documentation. Review of corrections - one day. Access to the code is not needed; the rights matrix and swagger are sufficient.
-
5 days56 USD
2008 36 3 5 days56 USD
Good evening, I have over 5 years of experience in testing and API development, and I can easily handle end-to-end testing, from permission checks to basic errors. Feel free to reach out!
-
2 days56 USD
93540 1262 1 10 2 days56 USD
Hello. I am ready to conduct route testing through Swagger. Feel free to contact me. I will be happy to collaborate.
-
2 days68 USD
1014 6 0 2 days68 USD
Hello, I am a full-stack developer. I write APIs, connect them to the front end.
Please write in private messages, we will communicate.
-
7 days56 USD
162 7 days56 USD
Good day. The task is clear. Black-box testing of the API with a focus on roles and security. I have worked with similar: IDOR, privilege escalation, rate limits, auth bypass. This is a standard checklist for such architecture.
-
1 day56 USD
1806 34 3 1 day56 USD
Hello. I am ready to take on the project.
I have experience in testing and developing APIs, including role checks, ACL/access matrices, limits, authorization, permission-based access logic, and basic security risks (IDOR, excessive methods, role bypass, rate limit issues, validation, etc.).
I can:
* thoroughly review the swagger and role architecture;
* test public methods;
* check access logic between roles;
… * create a structured list of bugs/risks in one document;
* conduct a re-check after your revisions.
The work format you described is completely suitable. Access to the code is not critical if there is swagger, specifications, and information on roles/limitations.
Regarding timelines — I can complete the first iteration after familiarizing myself with the API scope.
-
1 day56 USD
2264 18 3 1 day56 USD
Good evening. I have extensive experience in QA, I can help check your API. Write to me, we will discuss the details.
-
1 day56 USD
650 2 0 1 day56 USD
Hello! If I understand the task correctly — there is a ready API (similar to LUN), and it needs to be tested for bugs, security, and the correctness of roles/limits. The output will be two documents: first, a complete list of findings, and then a verification after your corrections.
Here’s how we do it:
— Read Swagger + specification + rights matrix
— Go through all public methods, checking if role A cannot do what is only allowed for role B
— Test limits, edge cases, excessive endpoints
— Create one clear document with all findings
— After your corrections — final verification
… If you are interested — message me privately, and we will discuss the details.
-
3 days56 USD
3025 37 0 1 3 days56 USD
Good day. I will test your API, from start to finish. I have a similar system myself and would be interested to see yours. Feel free to reach out, and we can discuss the details.
-
5 days56 USD
475 1 1 5 days56 USD
Hello.
I am interested in the project. I have experience working with APIs, testing logic, access roles, and verifying integrations.
For the task, I see the work in two stages, as you described:
1. Analysis of the specification, Swagger, roles, access matrices, and existing logic. I will conduct a check of functionality, integrations, and use cases.
I will separately check:
* roles and access matrices;
* limits and restrictions;
* redundant or duplicated methods;
* authorization logic and rights segregation;
… * potential security issues (access to others' resources, role bypass, IDOR, excessive API responses, etc.);
* compliance of Swagger with the actual behavior of the API.
The result of the first iteration will be a document with identified issues, bugs, and recommendations.
2. After making corrections — re-check and validation of fixes.
Lack of access to the code is not a problem if documentation, Swagger, rights matrices, and necessary scenarios are available. I am ready to dive into the architecture and logic of roles.
-
2 days56 USD
871 10 0 2 days56 USD
Vasyl, I can systematically test the API without access to the code: I will check scenarios with Swagger, role permissions, limits, redundant methods, and typical security risks. I will create a clear list of bugs/discrepancies in the first iteration, and after your corrections, I will perform a re-verification. I have worked with technical audits and structured checklists, so I will quickly dive into the architecture and provide a clear result. I can start immediately.
-
2 days56 USD
1856 10 1 2 days56 USD
Good day. I am interested in your order. I have been working in web development for over 10 years. Please write in private messages for detailed discussion of the specifications.
-
Winning proposal7 days68 USD
5196 21 0 1 Winning proposal7 days68 USD
Привіт! 👋
Я професійний веб-розробник з 7+ роками досвіду у розробці
Великий досвід з АРІ.
Маю глибоку експертизу та великий практичний досвід роботи з сучасними веб-технологіями, зокрема:
⚙️ HTML, CSS, JavaScript, PHP, Laravel, CodeIgniter, Yuii2, CakePhp, Symphony
✅ Wordpress, Shopify, WooCommerce, OpenCart, PrestaShop, Magento, Webflow, Weblium
🐍 Python (Django, Flask)
🟢 NodeJS
🧩 React JS, Vue JS, Angular
… 🗄 MySQL, PostgreSQL
🔧 Git, REST API та інтеграції
Пишіть!
Current freelance projects in the category Testing & QA
QA Tester iOS / iPadOS for Planner App (iPad + Apple Pencil)We are looking for a QA tester for regression testing of the application Digital Planner & Calendar Pro before a major release following the migration of the project from Xamarin to Flutter. Application: Digital Planner & Calendar Pro Main features: digital planner for iPad and… Testing & QA ∙ 2 days 16 hours back ∙ 4 proposals |
QA tester for Shopify project
45 USD
We are looking for an experienced quality tester for a Shopify e-commerce project. Tasks include: * Testing website functionality on desktop and mobile devices * Checking responsiveness on different devices and browsers * Testing the cart, checkout, forms, and user scenarios *… Web Programming, Testing & QA ∙ 7 days 22 hours back ∙ 32 proposals |
Need a QA to fully cover the project with automated tests and check the project for the functionality of features.We have a project - a SaaS web application. It needs to be tested thoroughly. Cover everything with automated tests, which is not possible - write checklists and test plans. It's approximately a task for 20-30 hours, please write your rate. So we can agree on the price, thank… Testing & QA ∙ 8 days 11 hours back ∙ 20 proposals |
Pentest, penetration testing
25 USD
Project Description: Our company is looking for an experienced freelance pentester to participate in information security projects for our clients. What needs to be done: • conduct external/internal penetration testing (VPN, firewall, web, API, DNS) • web application & API… Linux & Unix, Testing & QA ∙ 12 days 7 hours back ∙ 9 proposals |
Ukraine