Penetration Testing Jobs

I need a concise, CPTS-style penetration test focused on network infrastructure. You will receive a shortlist of public-facing domains plus several internal subnets that I want examined end-to-end. The engagement should mirror a real-world attack path: reconnaissance, exploitation, limited post-exploitation, and clear documentation of every step. Scope • Targets: the domains I provide and the connected internal network segments. • Methodology: full penetration testing, not just a vulnerability scan. Feel free to mix automated tools (nmap, Nessus, OpenVAS, Metasploit, BloodHound) with manual techniques. • Duration: this is a quick assessment, so I expect focused work rather than an open-ended engagement. Deliverables 1. Executive summary highlighting business impact in ...

I have an Alpha-stage AI platform that guides life-science researchers from idea through discovery. It currently runs on Base44, yet we now need the global reach, elasticity and tighter compliance posture that AWS offers. We have a detailed backlog and UX. The job is to lift-and-shift—and where sensible, re-architect—everything onto AWS without sacrificing a single existing capability: advanced data analysis pipelines, automated machine-learning model training, and real-time data processing must all run exactly as they do today, the backlog shows the must have and like to have items. While you carry out the migration, I also have a strategic improvements folded in: a markedly stronger security layer to SOc2 standard. Think IAM best practices, VPC segregation, encryption a...

I need to obtain hard-to-reach details—specifically the IP address, associated phone number, and any location-related information—linked to one particular Telegram account. Standard OSINT searches have already been exhausted, so I’m explicitly open to advanced, purely technical hacking techniques that dig directly into Telegram traffic or MTProto behaviour. If this is within your skill set, tell me how you would approach the task, which tools or exploits you prefer to leverage, and what minimal input you require from my side (e.g., username, recent message, session file). Deliverables • Verified current or last-seen IP address for the target account • Recovered phone number (or clear statement if technically impossible) • Any additional address or geo...

I need a thorough, methodical security assessment of my production-ready web application. The goal is to expose any weaknesses before launch, demonstrate real-world exploitability, and give me a clear, prioritized plan for remediation. Scope • Full application security testing: authentication, authorization logic, input validation, business-logic flows, session management, server configuration, and third-party integrations. • Black-box techniques are fine, but I can supply test credentials for deeper analysis if that helps you reach code paths hidden behind login. • Industry-standard tooling such as Burp Suite, OWASP ZAP, Nikto, or your preferred commercial scanner is expected, followed by manual verification so I’m not just getting automated false positives. ...

My iPhones and several smart-home devices have almost certainly been compromised. Unexplained behaviour, network slow-downs and repeated password lockouts suggest an active intrusion that I have not been able to stop remotely. I need an experienced cyber-security professional to visit in person, trace the breach and leave every device—and the Wi-Fi network itself—clean, secured and fully documented. What I expect during the visit • A thorough forensic check of each affected iPhone and the smart-home hub/gear, including router or mesh nodes you judge relevant. • Immediate containment and removal of any malicious profiles, apps, firmware or network configurations you uncover. • Clear advice on whether each device can be salvaged or should be replaced, follow...

I'm seeking a security assessment for my corporate website. The primary concern is phishing attacks. I'm looking for a detailed report and provides actionable recommendations to enhance security. Key Requirements: - Assessment of current security measures (basic) - Identification of phishing vulnerabilities - Recommendations for improvement Ideal Skills and Experience: - Experience with corporate website security - Expertise in phishing attack prevention

For this project I'm looking for a VERY competent consultant on Windows systems and (maybe) on ethical hacking. Standard approach is not useful and doesn't solve the task. I want to clarify that the request is made for purely educational and exercise purposes. The goal is to make a client accessible/usable again (ethical hacking techniques). The target client is really closed/blocked. The client is Windows 11 Enterprise 23H2 - Experience Pack 1000 - 64bit (OS build 22631.5908) Actual landscape: - Windows user is not local machine Administrator. - The local disk is encrypted via BitLocker (booting from the outside therefore does not allow reading the data); - BIOS has a password, not known; - Unauthorized applications are not allowed (no possible to install nothing more). - ...

My Shopify account has been compromised, and I need a thorough investigation. Key tasks: - Investigate account access issues - Identify and document unauthorized marketing activities - Provide evidence of account abuse Ideal skills and experience: - Strong background in cybersecurity - Experience with Shopify platform security - Ability to generate detailed investigative reports - Prior experience handling similar security breaches I expect a detailed report with evidence of abuse.