An ninh Web Jobs

is seeking an experienced web application security specialist to address specific vulnerabilities identified in our recent penetration testing assessment. As a healthcare technology company specializing in innovative oral health monitoring solutions, we prioritize robust security standards and regulatory compliance. This is a focused, short-term engagement to remediate six specific security findings in our web application infrastructure. We need an independent contractor who can take full ownership of implementing these security fixes efficiently and professionally. Scope of Work - Specific Vulnerability Remediations Based on our completed Web Penetration Testing assessment, you will address the following security findings: 1.-n/a 2. Server Version Disclosure Prevention • Task Ty...

I’m looking for a seasoned penetration tester to perform a focused security assessment on our live SaaS web application. The scope is firmly set on web application pentesting, zeroing in on session management. Your mission is to uncover and demonstrate any weaknesses that could enable session hijacking or cross-site request forgery (CSRF). You’ll work against a production-like staging instance with a demo user account I provide. A black-box approach is fine, but authenticated testing is mandatory so you can probe cookie handling, token rotation, SameSite settings, and logout logic. Feel free to wield Burp Suite, OWASP ZAP, or comparable tooling as long as your methodology aligns with the OWASP Testing Guide and PTES best practices. Deliverables • Executive su...

I am looking for IT and technical support assistance for web and digital-related tasks. The work may include troubleshooting technical issues, assisting with website management, fixing basic HTML and JavaScript errors, and handling simple debugging tasks. The freelancer may also help with documentation, organizing technical files, and providing clear instructions or reports for completed tasks. Knowledge of web security basics, network fundamentals, and system troubleshooting is a plus. Additional tasks may include assisting with digital tools such as Figma for layout support, CapCut for basic video editing, and managing or supporting content on platforms like YouTube and Instagram. Familiarity with AI tools such as ChatGPT and chatbot systems for workflow support or automation ideas is ...

My dedicated Linux server suddenly jumped to 100 % CPU, cPanel accounts refuse to load, and nothing has been tweaked recently—no software updates, no new scripts, no configuration edits. I suspect something malicious slipped in or a runaway process is exhausting resources, but I need solid confirmation and a clean-up fast. What I need you to do • SSH in, profile the load, and isolate the exact processes or connections causing the spike. • Scan thoroughly for root-kits, malware, or hidden cron jobs (tools such as maldet, rkhunter, chkrootkit are welcome, but feel free to use your own). • Patch or remove whatever you find, harden the box, and restart services so every cPanel account comes back online. • Hand me a concise report detailing the root cause, the...

I need an experienced Cloudflare specialist to turn on and properly configure the Web Application Firewall for my live site. You will first review my existing Cloudflare setup, activate the WAF, and tune the rule sets so that genuine traffic continues to flow while malicious requests are blocked. We’re having an issue on the website where it looks like bots are triggering/clicking the “Call” button, which is inflating our call conversions. Our campaign report is showing 541 conversions, and we definitely didn’t receive that many real calls. Someone suggested using Cloudflare as a security platform: Are you familiar with this? Let me know if you have recommendations, and if this is something you can implement for our site. Please bid with "Cloudflare and A...

My live Moodle site () is running smoothly on a VPS, yet Softaculous refuses to upgrade it because the installation path is wrong. I need an experienced Moodle + cPanel admin who can jump in, correct the path, and let Softaculous perform the upgrade without disturbing users. While you are inside cPanel, I also want the file structure tidied up. In particular, there are many old backup files scattered around; please locate and remove them safely so the home directory is clean and the disk quota drops. No mailbox or database work is required—this job is strictly about the file structure. Security is another priority. SiteLock is already attached to , but I would like you to confirm the configuration is complete. After that, extend the same SiteLock protection to 3foldtraining.com. I...

I need a certified ethical hacker to run a full-cycle social-engineering engagement focused exclusively on phishing simulation. The objective is to gauge how many employees interact with malicious-looking emails, identify patterns behind unsafe clicks or credential submissions, and turn those findings into actionable security awareness improvements. The work involves designing realistic phishing scenarios aligned with our business context, sending the campaign through a managed platform (GoPhish, King Phisher, or similar), silently harvesting the metrics, and then compiling a thorough post-test report. No destructive payloads or system exploitation are allowed—this is a people-centric test only. Deliverables • Campaign design document outlining themes, targets, schedule, and...

I need a certified ethical hacker to run a full-cycle social-engineering engagement focused exclusively on phishing simulation. The objective is to gauge how many employees interact with malicious-looking emails, identify patterns behind unsafe clicks or credential submissions, and turn those findings into actionable security awareness improvements. The work involves designing realistic phishing scenarios aligned with our business context, sending the campaign through a managed platform (GoPhish, King Phisher, or similar), silently harvesting the metrics, and then compiling a thorough post-test report. No destructive payloads or system exploitation are allowed—this is a people-centric test only. Deliverables • Campaign design document outlining themes, targets, schedule, and...

I need an experienced cyber-investigator to zero-in on malware that has recently infiltrated several personal computers in my office. The priority is to detect, isolate, and document every malicious component so we can move straight to containment and clean-up. I need someone to access a Blackmailing correspondence I had with a person on Telegram. I need the archives from this account and we must do this legally via Telegram? You will start with a remote sweep (or on-site if you are nearby), capture volatile data, analyse suspicious processes, services, registry changes and network traffic, then supply a concise report that identifies the malware family, infection vectors, and any persistence mechanisms you uncover. I will handle the actual remediation once I have your find...

PROJECT OVERVIEW We are hiring a developer to build a production-ready, paid web application that automates and guides small businesses through registration and ongoing federal compliance. This is a commercial market product, not a prototype or internal tool. The system includes payment gating, entitlement enforcement, document automation, and compliance tracking. WHAT YOU WILL BUILD A web application that: • Collects business data required for • Guides users through a step-by-step compliance workflow • Generates Reps & Certs and related documents • Provides exact submission instructions • Tracks compliance and renewal deadlines • Requires payment before access • Enforces feature access server-side • Integrates Stripe Checkou...

Tengo una página web que hasta hace poco funcionaba bien, pero hoy parte del texto, las imágenes y los fondos de color han desaparecido de la vista pública. Necesito a alguien que: • Localice la causa (CSS roto, conflicto de plugin, problemas de caché o similar) y restaure la visualización correcta de todo el contenido en desktop y móvil. • Revise por qué el plugin de WhatsApp ha dejado de mostrarse y lo vuelva a activar sin afectar el rendimiento. • Compruebe que cada página carga sin errores ni bucles de redirección y solucione cualquier incidencia detectada. • Entregue un breve reporte con los cambios aplicados y una copia de seguridad previa/posterior a la intervención. Trabajo con hosting...

My current portfolio site has been compromised with malware, so I need a fresh, clean build on a new server. I want to start from a modern, sleek template (WordPress, Webflow, or a comparable framework—whichever you work fastest in) and replicate the existing content, imagery, and basic structure while tightening security throughout the stack. Scope of work • Spin up a brand-new hosting environment (cPanel, Plesk, or a managed WordPress host is fine) and point the domain only after everything is signed off. • Install and customise the chosen modern template so the site feels current and visually polished. • Re-create all pages from the old site—text, images, video embeds—without transferring any infected code. • Implement security hardening: f...

need a ux designer who works from scratch to design complete which includes figma design and customer engagment flow.

I am having issues with Godaddy account

My WordPress site needs a thorough clean-up. I have broken links scattered across the homepage, several inner pages, and even the main navigation. At the same time the site crawls on load, crashes at unpredictable moments, and the layout becomes unresponsive on some devices. These issues started after a few recent plugin updates, so conflicts are likely at the core. Here is what I need from you: • Identify and repair every broken link on the homepage, inner pages, and menu. • Diagnose plugin conflicts, update or replace problem plugins, and restore full compatibility. • Optimise performance to remove slow load times, stop the random crashes, and make sure the theme responds correctly on all screen sizes. • Deliver a concise report summarising what was found, w...

Job Description We are seeking a skilled Full-Stack Developer with expertise in PHP, Laravel, and shared hosting to finalize a pre-production SaaS web application for product launch. The platform, built on Laravel with Bootstrap, jQuery, and Cloudflare, requires bug fixes, module enhancements within a 10-15 day timeline. You’ll work closely with our team, with detailed documentation provided during calls. Key Responsibilities check for errors on payment gateways (e.g., Stripe, RazorPay, Paddle) for subscription-based billing. Fix errors in the Company Import Module (handles bulk company data imports in Admin Panel). Resolve issues in the User Import Module (supports large-scale user data imports). Implement Email Settings Template Copying functionality in the Admin Panel. Enhance J...

I need help to find a hacker who compromised my computer over wifi. Requirements: - Analyze the breach and identify the hacker. - Use existing antivirus info for insights. - Provide a detailed report of findings. Ideal Skills: - Experience in cybersecurity and hacking investigations. - Proficient in analyzing antivirus data. - Strong problem-solving skills and attention to detail. Please include past work, experience, and a detailed project proposal in your application.

I’m launching an online store focused on clothing and accessories and home-goods. I will need the entire e-commerce site built from the ground up. The shop must look polished on desktop and mobile, handle secure checkout, and streamline back-end tasks through an automated inventory management system so stock levels update without manual intervention. Key points I want covered • Full e-commerce front-end with category pages, product detail pages, cart and checkout • Payment gateway and basic tax/shipping rules configured for launch • Automated inventory sync tied to the product catalogue (I’m open to plugins, APIs, or a custom script—whatever provides real-time accuracy) • Clean admin dashboard where I can add new products, photos and descript...

I'm looking for someone who understands how to configure a GL-iNet GL-MT6000 (Flip 2) router to connect to and work through a foreign VPN. I need to understand what settings to use, which provider/hosting provider to use, and which package to choose to connect the VPN to the router. I also need to understand how to resolve potential leaks, stress testing, and so on. After connecting the router and installing the VPN, I need to make sure there are no issues that could reveal my current location, and that everything works reliably.

1. Add basic Captcha to - Will you be using a WordPress plug-in or some other application? If so, which plug-in will you use and how will it work? How long will it take to install it? 2. Stop website scraping. What application do you propose using that will stop website scraping? How effective is it? Will it stop all illegal bot scraping? Will it still allow legitimate search bots such as Google, Yahoo, etc. to search the website? 3. Create a new page titled 142-page Private Placement Memorandum example document. This Private Placement consists of 5 distinct documents that make up the Private Placement Memorandum (PPM). Offering Document – 60 Pages This document is given to the investor and does not need to be returned. Business Plan – 39 pages Addendum - A This doc...

My WordPress site needs dependable, month-to-month care so it stays current, secure, and fast. Each month you’ll step in to handle: • Content updates • Plugin management (several premium plugins require timely updates) • Security checks, including scans and hardening recommendations Typical work involves posting or revising pages/posts I supply, updating the indicated plugins after testing on a staging clone, and running a full security sweep with any fixes applied. I keep a small list of must-have plugins; you’ll document the versions and actions taken in a concise report delivered at the end of every cycle. Access is via standard wp-admin credentials and cPanel; I can provide staging space if you prefer to test updates before they go live. The arrang...

I’m looking for a reliable WordPress specialist who can both keep my site healthy and show me how to handle everyday tasks on my own. Your first priority will be routine maintenance: safely updating all plugins and themes, running security checks, and configuring automated backups. I don’t have a preferred toolkit, so I’ll rely on you to recommend proven solutions—think ManageWP, UpdraftPlus, iThemes Security, or anything you trust that delivers the same peace of mind. Once the technical house-keeping is in order, I’d like a short, live training session (screen-share is fine) focused on some site management. A concise PDF or video recap afterward would be perfect so I can revisit the steps later. Deliverables: • Initial audit with all plugins, themes...

Project Description I am looking for an experienced developer who can implement a solution to send POST API requests directly from an active browser session, maintaining full session integrity and security context. The requirement is to replicate browser network requests exactly as they occur in DevTools — including all dynamic headers, cookies, tokens, and Akamai-related security parameters — without triggering bot protection or security blocks. Core Requirements: API request must originate from the same opened browser session Must reuse: All request headers Session cookies CSRF tokens Authorization tokens Dynamic security tokens Akamai-related parameters Must work with protected endpoints (Akamai / Bot Manager enabled) Should avoid 403, 401, 504, or security val...

I’m looking for a specialist to run a full health-check on my Local Area Network. The priority is to verify that everything works as intended and to pinpoint any performance bottlenecks that might slow users down. Security is being handled separately, so your focus will be strictly on functionality and performance. The job involves testing end-to-end connectivity, measuring throughput and latency at peak and off-peak times, and confirming that current configurations on switches, routers, and access points align with best practices. I expect you to use industry-standard network diagnostic tools—think Wireshark, iPerf, or SolarWinds—but you’re free to bring in any utilities you trust as long as the results are clearly documented. Deliverables • A concise repo...

My goal is simple: understand everything that may be blocking visitors from turning into customers and fix it fast. I need a thorough audit that looks at SEO performance, security vulnerabilities, user experience—and frankly any other factor that could be hurting my conversion rate. You’ll dig through on-page SEO, technical SEO, backlink health, code security holes, page-speed bottlenecks, mobile usability, navigation flow, copy clarity, and micro-conversion touchpoints. From there I’m expecting a clear, prioritized action plan I can hand to my dev team or implement myself. Speed matters; I’d like the first findings within the next few days and the full report shortly after. Deliverables: • A concise executive summary that highlights critical issues affecti...

The expected deliverables include a fully functional web platform and mobile application with course management, payments (one-time and subscription), certificates, coupons, reviews, AI-powered course search (RAG system), and role-based dashboards. The developer must provide complete source code, deployment (staging and production), database setup, Stripe integration, AI embedding pipeline, documentation, and secure, production-ready architecture. The estimated timeline is 10–12 weeks, covering both web platform and mobile app development.

I have already completed the technical investigation of a recent security alert: the endpoint protection platform flagged an executable that tried to tamper with system files and phone home to an external server. I verified the hash, monitored live-system behaviour, confirmed the activity as malicious, quarantined the file and rescanned the host to ensure it is now clean. What I need next is a professionally written incident report that translates those raw findings into a clear narrative for both management and technical stakeholders. The document should outline the timeline of events, the investigation methodology, indicators of compromise, remediation actions taken, and practical recommendations to harden the environment against similar threats. Where helpful, map tactics to MITRE ATT&...

I am seeking a skilled PHP Ecommerce developer to build a custom module for a third party ecommerce shopping cart. This module will maintain full sync with an external product source via API. Scope of work - Develop a custom PHP module for ecommerce site. - Implement full sync with external product source via API. - Ensure reliable data transfer and synchronization between the source and module. Developer expertise: Performance, Security, Testing procedures Programming language: PHP Ideal candidate Skills and experience: - Skilled in PHP development. - Experience with API integrations. - Knowledge of ecommerce platforms.

my client tech-support company needs our infected WordPress site rebuilt from the ground up, with a laser focus on performance and security. Wordfence is currently installed yet the malware persists, so I need a fresh redesign Scope • Spin up a fresh, secure WordPress instance. • Recover all critical data—blog posts (with comments), user accounts/profiles, and all media files—from the existing database. • Redesign the front end so it loads quickly and feels modern while preserving our tech-support brand. Core sections must include: - Blog area for ongoing articles - Real-time customer-support chat (plugin of your choice) - Clear service-listing pages • Implement best-practice security (server-level configs, WAF rules, plugin vetting, ongo...

You are a senior cybersecurity + machine learning engineer. Build a practical, runnable, end-to-end Transformer-based Web Application Firewall (AI-WAF) prototype suitable for Smart India Hackathon / ISRO SIH demonstration. The system must implement the full pipeline: Log Ingestion → Parsing → Normalization → Tokenization → Transformer Training → Multi-Class Attack Classification → Anomaly Scoring → Real-Time Non-Blocking Inference → Alerting & Logging → Incremental Fine-Tuning ======================================== 1. CORE FUNCTIONAL REQUIREMENTS ======================================== A. Multi-Class Attack Detection The Transformer model must classify HTTP requests into: - BENIGN - SQL_INJECTION - XSS - COMMAND_INJECTION - PATH_TR...

I would like a website where customers can: pay 1 fee to download mp3 songs that will be divided into different genre's. need to be able to sign-up/login/forget password. There is no subscription, just 1 price paid via paypal. On the front end, I need them to be able to "preview" 5 songs from each genre. so a simple "preview" and "sign up" buttons. Paypal checkout. Once logged in, they can simply download any song from any genre/category but I also need the download hidden so they can't just copy the link and post/share with anyone else. I either want something custom or an all in 1 solution if using wordpress. I don't want to use woocommerce and some membership software. Please let me know your thoughts it's best if you have al...

I need a robust web server configured specifically for storing and managing transaction records. The entire environment must meet recognized industry standards such as PCI DSS, so every layer—from operating system hardening to database encryption and network configuration—has to align with those controls. Here is what success looks like to me: • Provision a scalable server (cloud or on-prem, your recommendation) built for high-volume transaction data. • Implement advanced encryption at rest and in transit, with key management that satisfies PCI DSS. • Configure access controls, logging, and monitoring so audit trails are complete and tamper-proof. • Provide clear documentation of the architecture, compliance checkpoints, and any scripts or automation ...

I need a tailored set of Cloudflare WAF rules that operates as a Custom Bot Policy. The objective is straightforward: detect suspicious, automated traffic and have Cloudflare respond with a CAPTCHA challenge instead of an outright block. You’ll start by assessing my current Cloudflare configuration, then craft one or more custom WAF expressions that reliably flag bots through indicators such as abnormal request rates, header irregularities, IP reputation scores, or other signals you’ve had success with. Once matched, the rule action must be “Challenge (CAPTCHA).” Deliverables • Finalised WAF rule set added to my Cloudflare dashboard • Proof-of-concept tests showing legitimate users unaffected and bots challenged • A brief hand-over note ex...

I hold written authorization from the system owner and need an experienced ethical-hacking professional to carry out a controlled breach of our production environment. The assignment goes beyond a traditional penetration test: I want you to replicate a real-world, end-to-end intrusion scenario so we can measure how our monitoring, logging and incident-response teams react under pressure. Scope • Obtain initial access using any non-destructive vector you discover (phishing simulation, misconfigurations, credential weakness, etc.). • Laterally move, escalate privileges and demonstrate data access without altering or deleting information. • Leave tamper-proof evidence (flags) in pre-agreed directories so we can verify compromise. • Conclude with a thorough report that det...

My provider has suspended my Ubuntu VPS after flagging a hack on the web-server layer (Apache/Nginx, exact stack is in the incident report I will share once we start). At the moment I have zero hardening in place—no firewall rules, no SSL, nothing—so the attacker clearly found an easy way in. I do have a recent full backup, so you can work safely and roll back if needed. Your mission is to identify the entry point, remove any malicious code or files, close the vulnerability, and leave the server in a state that convinces the host to lift the ban. You are welcome to use tools such as fail2ban, UFW/iptables, ClamAV, rkhunter, ModSecurity, or any other utilities you normally rely on. Deliverables • Clean, uncompromised web root and services reinstated • Detailed ...

My CodeIgniter website has been running unchanged for years, yet since yesterday every attempt to sign in is rejected with the “Incorrect username/password” message—even for known-good accounts. I’m not sure whether anything on the server was updated, but I do have full cPanel, SSH, and MySQL access so you can inspect code, configuration files, and logs. Here’s what I need from you: • Identify the exact cause of the failed authentication. • Implement a clean, well-commented fix that restores normal login behaviour without breaking anything else. • Provide a brief report outlining what went wrong and what you changed. The stack is classic PHP, MySQL, and CodeIgniter. Once I confirm that users can log in again, I’ll close the job imm...

I’m looking for a skilled WordPress developer who can take my idea from a blank page to a fully functioning, responsive website. The domain and hosting are ready; everything that happens between first install and launch is where I need your expertise. Here’s what I have in mind so far: • A clean, modern layout that looks great on mobile and desktop • Intuitive navigation with clear calls-to-action • Solid foundation for SEO, speed, and security (caching, image optimisation, SSL) Beyond that, I’m open to your suggestions on themes, plugins, and any best-practice integrations (contact forms, social media hooks, email capture, analytics, etc.). Process wise, I’d like to: 1. Brief you on my content goals and brand style. 2. Review two or...

I need an expert who can review the current implementation and make sure the widget is working Your task will be to audit the existing code and adjust the way to make it work

I’m ready to bring in a security specialist to run a thorough, manual penetration test on my live e-commerce application. Automated scanners aren’t enough for this engagement—I need human-driven testing that uncovers real-world attack paths. Here’s what I’m looking for: • A full manual assessment covering all SQL Injection, Cross-site Scripting (XSS) and Cross-site Request Forgery (CSRF),Web Application Penetration Testing , Network Penetration Testing Services External or Internal, Web Services Testing, API Testing • Exploitation-level proof of concept for every confirmed issue, with clear, reproducible steps. • A concise risk-ranked report that separates critical, high, medium and low findings, followed by practical remediation advice writ...

I have a WordPress website that I am trying to advertise on Google Ads, but Google finds it as a Compromised Site. I have hired a develop over here and over a month already and he wasn't able to fix it. I hope I finally find someone who can fix it.

We are looking for an experienced DNS and domain reputation specialist to help resolve an ongoing production issue affecting users on certain mobile networks (specifically T-Mobile). The specific error users see is: DNS_PROBE_FINISHED_NXDOMAIN Our platform is hosted on AWS (Route 53 + ALB / CloudFront). DNS is correctly configured and resolves properly on most networks (Google DNS, Quad9, etc.). Our domain reputation has already been reviewed and corrected by major security providers. However, users on T-Mobile are still experiencing DNS-based blocking or resolution issues. This appears to be related to carrier-level DNS filtering or residual reputation/security classification behavior — not core infrastructure misconfiguration. ⸻ Scope of Work • Diagnose carrier-level DNS...

We would like to find someone who is capable of making a ticket buying bot, to PREVENT tickets from being bought from. This is a protection and defensive upwork post. We are looking to block vulnerabilities in the website. Thank you, J

I'm looking for an expert to optimize the performance of my web application. Key focus areas include: - Application performance enhancement - Resolving specific performance issues (to be discussed) Ideal skills and experience: - Proven track record in web app performance optimization - Expertise in identifying and resolving slow loading times, high memory usage, and crashes - Strong knowledge of web technologies and optimization tools - Ability to analyze and improve application performance metrics Please provide relevant experience and approach in your bids.

Saya membutuhkan solusi lengkap untuk meng-host sesi live streaming penjualan. Fokus utamanya adalah menyiarkan acara secara langsung dengan chat interaktif sehingga penonton dapat bertanya atau memesan produk real-time, sekaligus menyediakan analytics untuk memantau jumlah penonton, durasi tonton, dan konversi. Lingkup kerja utama: • Menyiapkan server atau layanan hosting yang stabil untuk live streaming Full HD. • Mengintegrasikan fitur live chat langsung di halaman pemutar. • Menambahkan modul user analytics yang dapat diekspor ke laporan Excel atau Google Sheets. • Membangun panel admin sederhana untuk menjadwalkan siaran, memulai/ menghentikan streaming, dan mengunggah rekaman untuk replay. • (Opsional) Menghubungkan platform dengan aplikasi kantor po...

Saya membutuhkan solusi lengkap untuk meng-host sesi live streaming penjualan. Fokus utamanya adalah menyiarkan acara secara langsung dengan chat interaktif sehingga penonton dapat bertanya atau memesan produk real-time, sekaligus menyediakan analytics untuk memantau jumlah penonton, durasi tonton, dan konversi. Lingkup kerja utama: • Menyiapkan server atau layanan hosting yang stabil untuk live streaming Full HD. • Mengintegrasikan fitur live chat langsung di halaman pemutar. • Menambahkan modul user analytics yang dapat diekspor ke laporan Excel atau Google Sheets. • Membangun panel admin sederhana untuk menjadwalkan siaran, memulai/ menghentikan streaming, dan mengunggah rekaman untuk replay. • (Opsional) Menghubungkan platform dengan aplikasi kantor po...

Saya membutuhkan sebuah tulisan deskriptif dalam bahasa Indonesia yang menggambarkan makhluk hidup—tepatnya seorang manusia—dengan fokus utama pada emosi dan perasaan. Tujuan saya adalah membawa pembaca seolah-olah berada di dalam kepala tokoh, merasakan getaran hati, riak napas, dan perubahan ekspresi yang terjadi sepanjang situasi yang Anda bangun. Ruang lingkup: • Panjang naskah sekitar 600–800 kata. • Sudut pandang bebas (orang pertama atau ketiga), asalkan konsisten. • Gunakan pancaindra untuk memunculkan detail sensorik: suara denyut jantung, wangi udara, tekstur kulit saat merinding, dan sebagainya. • Hindari daftar sifat; ceritakan lewat aksi kecil—jari yang gemetar, mata yang membasah, senyum setengah tertahan. • Bahasa har...

I’m launching an online store and need a developer who can take the project from blank domain to a fully operational e-commerce site. The single non-negotiable requirement is a rock-solid payment gateway integration that handles multiple cards securely and passes PCI compliance checks. I’m open on platform—Shopify, WooCommerce, Magento, or any other stack you’re comfortable with—as long as the final build is stable, fast, and easy for me to manage after hand-off. Product search, filters, and customer reviews may be added in later phases, but they aren’t part of this initial scope. Deliverables • Responsive storefront with sample product catalog • Payment gateway set up, tested end-to-end in both sandbox and live modes • Admin das...

I’ve built a custom web application and it’s almost ready for production. Before the public rollout, I want a rigorous penetration test that will expose any weakness and help tighten every layer of security. The assessment must be hands-on and realistic, covering the full stack rather than a purely theoretical review. Scope My priorities are clear: • Code review – comb through the source for injection points, authentication flaws, insecure dependencies, and logic errors. • Network-level probing – map open ports, misconfigured firewalls, and potential lateral-movement paths. • Server configuration – evaluate patch levels, TLS setup, permissions, and hardening of the underlying OS and web server. Primary Goal The sole purpose is to imp...

Cloud Security Specialist – Immediate Infrastructure Hardening (Short Term) Project Overview Duration: 3 to 5 days Location: Remote Start: Immediate A healthcare technology platform requires a Cloud Security Specialist to implement quick security improvements identified in a recent penetration assessment. This is a focused, short-term assignment aimed at reducing immediate attack surface exposure at the infrastructure layer. Scope of Work All listed tasks must be completed. 1. Server Version Disclosure Prevention Remove server and framework version information from HTTP responses. Responsibilities Configure AWS Application Load Balancer to remove server headers Update CloudFront response headers policy Disable X Powered By headers in Customize error responses to prevent ve...

Cloud Security Specialist – Immediate Infrastructure Hardening (Short Term) Project Overview Duration: 3 to 5 days Location: Remote Start: Immediate A healthcare technology platform requires a Cloud Security Specialist to implement quick security improvements identified in a recent penetration assessment. This is a focused, short-term assignment aimed at reducing immediate attack surface exposure at the infrastructure layer. Scope of Work All listed tasks must be completed. 1. Server Version Disclosure Prevention Remove server and framework version information from HTTP responses. Responsibilities Configure AWS Application Load Balancer to remove server headers Update CloudFront response headers policy Disable X Powered By headers in Customize error responses to prevent ve...