176985602337900

Find freelancers. Lose those costly delays.

With 1.7 million freelancers, we'll match you with the perfect talent.

or, Register with Elance »

Security tests for a website
Sign in to Add to Watch List

IT & Programming > Other IT & Programming

View Change History

The client has made the following changes to the job.

Description
Date

Job awarded.

Nov 24, 2010
Close

Job Description

  |  Change History >>

Updated

Close
  • Posted: Fri, Nov 19, 2010
  • Time Left: Closed
  • Location: Anywhere
  • Client prefers freelancers from:
    Anywhere

    You are still able to submit a proposal for this job.

    The client prefers freelancers from
    a different location.

    You're still able to submit a proposal for this job, regardless of your location.
  • Start: Immediately
  • Budget: Less than $500
  • Fixed Price Job
  • Elance Escrow Protection
  • W9 Not Required
Sign in to view client's details

I have a website deployed on a few machines and VPS,
Generally, it contains a front-end on one machine,
I backend accessed on another machine, which is actrually a proxy, and another machine where the actual backend code resides and the DB on a seperate VPS.

I need to test the following:
If the system can be hacked with XSS and Code/SQL injections,
If the system is protected for brute-forcing
If admin privilages can "leak" between different admin types (IE, if a sub-admin user can get system admin priviliages somehow)
If the system can be hacked with session hijacking
If you can somehow find the real backend server (normal users will access the proxy)
If the DB is well protected.

I don't want the tests to take more than 2-3 days all in all.
Further details will be given to the chosen provider.

Deliverable: a PDF report on all attempts carried out, their results, screenshots if any volnurability is found and a suggestion how to fix it.

Sign in or Register to see more

Job ID: 21983495
Proposals
Avg $ | High $ | Low $ — Show Pricing
  • Submit Date (Latest)

 United Kingdom  |  
Highly skilled penetration testers specialising in all areas of network and application security. Experienced in testing high profile networks and...
1
  |  
 0.0   |  $0 Earnings   |  0 Jobs
Bid ID: 22006520  |  Submitted: Nov 22, 2010 09:18 ET 
Proposal SEALED

 India  |  
infySEC is a rapidly growing security services organization,Our focus is on three areas: Client Security, Research & Development and building up...
1
  |  
 0.0   |  $0 Earnings   |  0 Jobs
Bid ID: 21997257  |  Submitted: Nov 21, 2010 14:31 ET 
Proposal SEALED

 India
Skinfotech is a CMMI Level-3 certified software development company with a strong team of 200+ engineers,with Head Office in US Michigan.It has...
1
  |  
 0.0   |  Private   |  0 Jobs
Bid ID: 21986739  |  Submitted: Nov 20, 2010 02:13 ET 
Proposal SEALED

 United States  |  
INVITED
Kaaval Tech is run by Kumar, a freelance ethical hacking, penetration testing and information security professional. With over 7 years of industry...
1
  |  
 0.0   |  $0 Earnings   |  0 Jobs
Bid ID: 21984652  |  Submitted: Nov 19, 2010 20:45 ET 
Proposal SEALED

 Bosnia and Herzegovina
INVITED
I completed 86 jobs here with 5.0 rating which says for itself :)
2
  |  
 4.3   |  Private   |  2 Jobs
Bid ID: 21983542  |  Submitted: Nov 19, 2010 17:18 ET 
Proposal SEALED
Sign in to Elance and start working on jobs today.
Sign in to view more of the job details and submit a proposal. Once registered, you'll have access to thousands of jobs online or through email.
Are you ready to post a job like this one?
Post a Similar Job »