Need security expert to find security holes in our website

Hi, my name is Simon and I am running web security company Cyber Guard Enterprise Ltd. We can do penetration test up to the latest standards and exactly according with your requirements. The whole process is manual, no automated tools, thus we can adapt to your needs exactly. My proposal is as follows; if you want, you can provide the website URL before awarding the project, and if we are able to show you shortly afterwards any vulnerabilities that allowed to compromise your website, then you can award the project and we will help you to fix it as soon as possible. That way you are sure, you are dealing with experts. For the actual testing, we will test for both common (XSS, SQL injection, CSRF...) and rare (CRLF injection, XPath injection...) vulnerabilities, whilst using only the most common open source tools to assist, along with our privately developed toolbox. Then a report is drafted for you, and then the code problems are addressed and fixed. Hope to hear from you soon in regards to further specification to the project. Best regards Simon CGE LTD

There should be some open port to upload files as I understand from your description. I can check sql injections as well

Hi, Thanks for inviting. Please provide me site URL to further inspect so that I can better understand about the loopholes. Thanks

Hi, We are growing IT Company in India Having expertise in setup and management of different Linux web hosting servers like CentOS, RedHat, Ubuntu, Debian etc. We have expert level knowledge in web hosting panels like cpanel, plesk, webmin , ispconfig, zpanel, Direct admin etc. We will implement security as below:- Security features: Tweak Security: open_basedir protection Compilers Access configuration for all accounts (except root) Shell Bomb/memory Protection FTP Server Security: anonymous FTP access configuration Secure and latest ftp server selection Allow Anonymous Uploads configuration MySQL security: MySQL root password configuration Server up to date: packages upgradation to stable version PHp configuration & security : PHP stable and latest version, configuration and optimization with Suhosin patch Kernel Hardening : Linux Kernel with Grsecurity Patch SSH security and monitoring: disable direct root access while root authentication admin will get notification disable shell access for normal users ssh port configuration Mod_Security installation and configuration: It prevents sql injection RFI, LFI, XSS attacks etc Email server security : SPF/DKIM installation RDNS creation Open Relay Disable Exim mail server security tweaks ClamAV Antivirus for virus scan Thanks

Hello Sir, I will go through your whole server manually. My experience says that If one infected file exists on your server then it will infect your whole server. So I need to check each file and folder manually. I will also check your SQL file because I have found malicious script or suspicious script in SQL file many times. Thanks

A proposal has not yet been provided

La propuesta todavía no ha sido proveída

I am a Penetration Tester and a well known security researcher from Romania. You can check some of my work on my portofolio. I'm rewarded by Google, Microsoft, Facebook and Yahoo! at the age of 18 for vulnerabilities found in their services. I'm certified with Offensive Security's OSCP and C|EH. The reason I'm not bidding a lot of money is simple. For me, it is something I'm doing often, I'm working with security vulnerabilities daily. I guarantee I`ll find the hole in the shortest time and help you patch it. I am the right person to do that. Please consider my bid! Thanks!

Hello, I have done this many times, I can find all kind of holes starting from SQL injection ended with XSS, I can start work right now so please contact me if your interested. Thankks

With over 15 Years Experience in IT Infrastructure and Security Operations, Engineering and Management, an Assessment of an External Website (URL) can be achieved in the in the time period and budget proposed.

We have Expertise in Web Security and Anti Hacking. I believe the approach should be changed a bit. Even if we found the script which is root cause of problem the hacker may have hidden shells in place where they can hack the website again. Here is what we will be offering. We will perform a Pen Test to see how the hacker got in. We are also offering you that we will audit the website and find backdoors / shells in the website. If the hacker already has gained access and if you already upgraded joomla chances are there are some shells hidden in the website and he keeps coming back from it. We will also add the site in the web monitoring service of sucuri for a month as well. If you need we can also offer WAF (Web Application Firewall) service for you. WAF will eliminate 98% of the threat. We will offer you suggestion in order to secure it completely for one year.

Security expert here. Please let me perform some testings without affecting the application. Have done similar projects like this before. Regards.

Hello! I'm Web Security Expert with more than 5 years experience. I'm ready to start auditing. Please provide me with URL to this website.

A proposal has not yet been provided

Hello. I can find and secure the vulnerabilities of your website. As you said that you found a file, it's about a cross-site scripting attack, based of a vulnerability in one of your forms. Anyway, I will verify your entire website for all attacks (xss,sql-injection,ssi, etc.). As a security measure for you, i require the payment only after your website is full secured. Just contact me to discuss further details. Thank you!

4+ years of experience in the Application security field covering 45+ applications from Financial, Marketing and Healthcare domains Expertise in Design review, Code review and Dyamic Analysis of applications Availability of State of the art automation tools Excellent Reporting procedure Verified mitigation controls Willing to conduct sessions to the Developers to understand the issues discovered

We are experience penetration testers, will allocated dedicated resource to perform this using commercial tools, free tools and manual penetration testing within the time frame. Notes We do require authorization of your website to start scanning. Questions 1) What is the technology and hosting service used for your website? 2) Are there any developer who is conducting code review for this? 3) How soon do you need to trigger? Do you have any long term plan for incremental scanning?

Hi, I'm interested in below proposal. I am having 9+yrs of exp. in testing.(4+ yrs of exp. in Application & Network Security testing) Responsibilities: Performed Vulnerability analysis of web applications. Involved in Threat modelling Involved in Architecture - Security Testing Performed Penetration Testing using tools like BURP,ACUNETIX. Used Sniffer tools like Wireshark. Performed Source Code review using tools like HP FORTIFY Identified Vulnerabilities like SSRF,Remote File Include. Kindly let me know,if you have any queries. Regards, Siva

Hi I am a security expert at the General Electric and maintain security standards for more than 100 applications. I have many done many security certification course including SANS security, HP Fortify, CISSP, and many others. i can find all the security holes and also provide you the permanent solution for your website.

Hi, My name is Ricardo Longatto and I am a Certified Ethical Hacker. I work with penetration test in web applications, networks, wifi, etc. My work is find holes and to send a full report with the holes and forms of mitigate.

Hello, I believe I am quite qualified for this project because it falls into my area of expertise and pentesting is my forte. I have found major vulnerabilities in major networks and I also have a few CVEs under my belt. CVE-2014-5088, CVE-2014-5089, CVE-2014-5090, CVE-2014-5091, CVE-2014-5092, CVE-2014-5093, CVE-2014-5094 [ pertain to Status2k Server Monitoring Software ] CVE-2014-5081, CVE-2014-5082, CVE-2014-5083, CVE-2014-5084, CVE-2014-5085, CVE-2014-5086, CVE-2014-5087 [ pertain to Sphider Search Software ] CVE-2014-3205, CVE-2014-3206 [ pertain to Seagate BlackArmor Network-attached Storage ]