Веб-безпека Jobs

Будь ласка, зареєструйтесь або увійдіть в систему для перегляду деталей.

I’m building an Android app that must ship with truly robust, “ethical-hacker-grade” protection. The single most important piece is a custom security module that monitors everything users do inside the app and flags anything suspicious. Here’s what I need you to deliver: • A lightweight, unobtrusive activity-monitoring component that captures user behaviour events in real time. • Intelligent tracking logic: distinguish normal navigation from potentially risky actions, then push those events to my existing backend through secure, encrypted calls. • Clear, well-structured code (Kotlin or Java) plus concise documentation so I can maintain and extend the module later. • A quick demonstration APK and companion README showing how to plug the c...

I need an experienced ethical hacker who can accurately trace the real-world IP and physical location associated with a suspected identity-theft incident on my platform. The objective is to gather verifiable evidence of where the malicious access originated so I can hand it to my legal and compliance teams. Scope of work • Analyse server and application logs I will supply (raw Apache/Nginx logs, Cloudflare records, plus limited VPN/proxy data). • Correlate timestamps, user-agent strings, and any packet captures to map each login back to its most probable exit node. • Bypass or reveal VPN, proxy, or Tor masking techniques when feasible, using OSINT, passive DNS, traceroute, WHOIS, Shodan, and similar tools. • Deliver a concise report that lists: – Conf...

I'm looking for an experienced Rust server developer to set up a game server for me. The main tasks involve server configuration and plugin installation. Key requirements: Complete server setup; Installation of paid plugins; BattleMetrics integration; Discord with bots; VIP store; Website; Loot balancing; Wipe system; Ideal skills and experience: - Proven experience managing Rust servers. - Familiarity with various Rust plugins. - Solid knowledge of server configuration and optimization. - Ability to ensure secure and stable server performance.

My server logs are filling up with requests from a non-Google, non-Bing “meta” crawler and the spike is chewing through bandwidth. I need help understanding exactly which user-agents or IP ranges are responsible and putting an end to their drain—whether that means a complete block or a well-tuned rate limit. I already have access to my site’s and can modify it, so you’re welcome to supply the exact directives there. If a stronger measure (.htaccess rules, nginx directives, firewall entries) is smarter, just outline the commands and I’ll apply them or give you temporary access to do so. Acceptance is simple: after your solution goes live, traffic from the offending crawler must drop to a negligible level and overall bandwidth should stabilise. Plea...

I am launching a finance-focused website that will operate under one domain yet serve visitors from several countries. The entire build must be done on WordPress—no other CMS or custom framework. Core purpose The site will position itself squarely in the finance space and concentrate on offering online loan services. Content, page flow, and any plug-ins you choose should keep that single goal in mind: guiding users from different regions to the right loan information, eligibility checks, and application pathways. Key requirements • A structure that supports multiple national audiences while remaining on one top-level domain (country-specific sub-folders or sub-directories are fine, but not separate domains). • Clear, compliant presentation of loan products—rat...

I already have a Windows machine ready and now need SoftEther configured on it so my team can reach internal resources securely from outside the office. The goal is simple: establish reliable, encrypted remote access using SoftEther’s VPN Server and standard username-and-password authentication. Here’s what I need from you: • Install or verify the latest SoftEther VPN Server on Windows, applying best-practice security settings. • Create the necessary virtual hub, user accounts and access lists so only authorised users can connect. • Configure port forwarding on the router / firewall to expose the correct SoftEther listener ports and confirm they are reachable from the internet. • Provide a brief, clear hand-off document (or screen-recorded walk-thro...

Ich suche einen Webdesigner für die Gestaltung und technische Umsetzung einer modernen, seriösen und einfühlsamen Website für meine Tätigkeit als Trauerrednerin. Umfang: - 4 Seiten: - Startseite - Über mich - Trauerrede & Ablauf (inkl. „Wie ich arbeite“) - Kontakt - Responsives Design (Mobil, Tablet und Desktop) - Kontaktformular - DSGVO-konformes Impressum und Datenschutzerklärung - SEO-Grundlagen für eine gute Auffindbarkeit bei Google - Einfache spätere Bearbeitung der Inhalte Designwunsch: - Ruhig, warmherzig und vertrauensvoll - Helle, freundliche Farben - Professionelle und hochwertige Optik - Fokus auf Persönlichkeit, Empathie und Vertrauen Region: Eifel / Aachen / Städteregion Aachen V...

My site’s contact page loads fine, yet none of the messages ever reach me. The form should forward each submission to a specific email address that sits on a different domain from the website, but right now nothing arrives—no copies, no spam folder entries, nothing. I need someone to trace the break-point, correct it, and prove that messages get through reliably. Whether the issue lies in PHP mail(), an SMTP mis-configuration, DNS or SPF / DKIM records, I’m open to the fix you recommend so long as it does not require moving the mailbox. Once repaired, send a few test submissions and show me the headers so I can see they were delivered end-to-end. Deliverables: • Debugged and working contact form that emails the designated off-domain address • Clear note of c...

Team of developers - php mysql html js cpanel twilio cloudflare Amazon Simple Email Service (SES)

Hi I will share the details with the shortlisted candidates. Thanks

I need to back tracking phising code / malware from personal computer to determine the security risk caused by specific malware / phising code on mac

Title: Google Ads Compromised Site / Malicious Software Fix Specialist Needed We need an experienced Google Ads technical compliance specialist to diagnose and fix a Google Ads disapproval issue related to “Compromised Site,” “Malicious Software,” “Destination Not Working,” or crawler/security detection. Our visible landing page appears clean, and we have already checked the following: - Google Search Console: Clean - Google Safe Browsing: Clean - Redirects: Clean - Public routes: All 200 - Third-party scripts: Removed for review build - Console errors: None - Network errors: None - Staging references: None - Backend calls on landing page: Clean - Production redeploy: Complete We need someone who can go deeper and verify exactly what Google Ads crawl...

I already have a full Vulnerability Assessment & Penetration Testing (VAPT) report for my website and now need every issue in that document closed. The report flags multiple findings, ranging from high-risk items like injection flaws to medium and low-risk mis-configurations. What I need from you is simple: patch every line item, prove the fix works, and document what you changed so future releases stay secure. How you tackle each weakness is up to you, provided the end result passes a follow-up scan. If you normally align your work with OWASP Top Ten, NIST, or even ISO-27001 guidelines, great—just let me know which framework you’ll reference so I can keep our internal records tidy. Deliverables • Hardened source code or configuration updates for every vulnerab...

I am seeking an experienced web application developer or small development team to build an MVP (Minimum Viable Product) of a transport management system called FreightOps. The system is designed specifically for Australian road freight operators and will be used internally by our transport company before being commercialised as a SaaS product. The objective is to build a simple, fast and user-friendly operational workflow platform. The system must be mobile friendly and accessible through any web browser. USER ROLES Super Admin Company Admin Dispatcher / Office Staff Driver Subcontractor (Future Stage) CORE MODULES USER MANAGEMENT Create and manage users Role-based permissions Password reset User activation/deactivation CUSTOMER MANAGEMENT Fields: Customer Name Contact Name Phone...

Saya menerima sebuah link aplikasi atau layanan online, namun saat ini link tersebut sudah tidak bisa diakses. Tujuan utama saya adalah mengakses kembali link tersebut. Saya belum memiliki detail lengkap seperti URL penuh, pesan kesalahan, atau platform yang digunakan, sehingga saya membutuhkan bantuan untuk: • Menelusuri dan menganalisis penyebab link tidak dapat diakses. • Menyediakan solusi praktis yang memungkinkan saya membuka kembali halaman atau layanan terkait. • Menjelaskan langkah-langkah yang dilakukan agar saya dapat mereplikasi prosesnya jika masalah serupa muncul di masa depan. Jika Anda perlu informasi tambahan, beri tahu saya apa saja yang perlu saya kumpulkan (misalnya URL lengkap, pesan kesalahan, atau detail platform) agar proses troubleshooting ...

I need a seasoned ethical hacker to assess the security of our one-time-password (OTP) verification flow from end to end. The engagement is fully authorised and limited to our staging environment; no production traffic may be disrupted. Scope of the test • Probe OTP generation and validation logic for weaknesses or predictable patterns • Attempt request manipulation, parameter tampering, and replay attacks to gauge bypass potential • Evaluate rate-limiting and brute-force defences, including lockout and alerting mechanisms • Review session handling during the OTP step to spot fixation, hijack, or privilege-escalation vectors • Inspect related APIs and webhook calls for improper authentication, excessive data exposure, or logic flaws • Analyse pass...

I have an existing WordPress site sitting in the cloud that now needs a quick refresh before we go live on our own hosting. Here’s what I need handled: • Logo tweak – simply add the letter “K” to the current artwork (I will supply the original file). • Move the finished site to my hosting account and point it to the live domain; I already have full credentials for both. • Turn off the automatic invoice that goes out after checkout and replace it with a clean order-confirmation email. I will give you the Slovak copy so you can paste it in. • Add a captcha or a comparable anti-spam tool to the contact/checkout forms—spam has been a real problem. • Insert one additional delivery/shipping option in the checkout flow. Please quot...

It has been one week since we switched back to hosted pop up form, and we have not had any issues until today where customers say it did not load, i checked myself and on first try incognito mode i got payment form with blank source. i checked and i suspect this has been added as card skimmer recently. I would like a certified Magento developer to trace and remove every fragment of that code, then upgrade the site to the latest stable Magento release so this doesn’t recur. During the process please: • Audit the entire codebase (core, theme, custom modules) to identify injected scripts or compromised files. • Repair or replace any affected files and confirm the storefront, admin, and APIs operate normally. • Upgrade Magento to the newest official version, appl...

I’m looking for a freelancer to help protect my API key and secure my AI app deployments across Vercel, Github,Google AI Studio, and Bolt.ai. I have already moved the relevant URLs and projects from AI Studio and to GitHub and imported them into Vercel. I now need someone Protect my API key is not exposed. Check for insecure handling of environment variables, client-side leaks, or public references. Recommend and explain the corrections needed. Leave clear written instructions so I can personally make the remaining changes on my other URLs. Work on only one Vercel account, one AI Studio project, and one project as a reference case, not across all my projects. I am specifically looking for someone who can guide me step by step, not just make changes silently. Please note: No direc...

Für eine kleine HTML/JavaScript-Site brauche ich ein schlankes, aber sicheres Login-System auf Basis von Node.js (Express). Die Zugangsdaten sollen in einer PostgreSQL-Datenbank liegen, Passwörter werden dabei ausschließlich mit bcrypt gehasht. Sessions müssen serverseitig verwaltet werden, sodass nach erfolgreichem Login jede weitere HTML-Seite den eingeloggten Zustand erkennt und schützt. Folgende Sicherheits­funktionen sind für mich Pflicht: • Zwei-Faktor-Authentifizierung (TOTP, z. B. Google Authenticator) • Captcha beim Login- und Registrierungs-Formular • Beschränkung der Login-Versuche, um Brute-Force-Angriffe abzufangen Ich stelle statische HTML-Seiten bereit; Du lieferst den Node.js-Backend-Code, das Datenbank-S...

I have a Claude-generated web application that I now want examined by a seasoned coding engineer. Because the build relied heavily on AI assistance, I’d like a fresh pair of human eyes to make sure everything is production-ready. The key areas I need you to cover are: • Code verification – confirm the structure, style and logic are sound and maintainable. • Debugging – trace and resolve any hidden or obvious runtime errors. • Security testing – probe for vulnerabilities (injection, XSS, authentication flaws, misconfigured headers, etc.) and recommend or implement fixes. Tech stack details are a bit ambiguous; the codebase may include JavaScript, Python, Ruby on Rails or a mix, so I’ll provide you with full repository access and deploymen...

I need an experienced ethical hacker to uncover every weakness that could be abused from the outside. My main objective is simple: give me a clear, evidence-based picture of how a determined attacker could break in so I can close those gaps before anyone else finds them. Scope – Your focus is remote exploitation. Treat the target as an unknown black-box and assume no internal access. – Feel free to use the full penetration-testing toolkit—Metasploit, Burp Suite, Nmap, custom scripts—whatever gets reliable, reproducible results. – Any vulnerability you discover should be demonstrated with a non-destructive proof of concept. Deliverables 1. Executive-level summary that ranks each issue by real-world impact and likelihood. 2. Technical report detail...

Preciso de um script focado em Processamento de pagamento para o meu site. A solução deve: • Gerar e capturar transações de forma segura (criptografia, tokenização ou equivalente). • Validar valores, moeda e dados do comprador antes do envio ao gateway. • Exibir mensagens claras de sucesso ou erro e registrar logs para auditoria. • Ser fácil de integrar a páginas PHP/JavaScript já existentes, com instruções passo-a-passo. Ainda avalio qual gateway ou método usar; aceito sugestões que incluam cartão de crédito/débito, PayPal ou até transferência bancária, conforme viabilidade técnica e custo. Entrego acesso ao servidor de tes...

I need a virtual private server set up for a personal VPN using WireGuard on DigitalOcean. The operating system should be Ubuntu. Additionally, I require firewall setup for enhanced security. Ideal Skills and Experience: - Experience with DigitalOcean and Ubuntu - Proficiency in WireGuard and VPN configurations - Strong knowledge in firewall setup and server security

I’m looking for a freelancer to help protect my API key and secure my AI app deployments across Vercel, Github,Google AI Studio, and Bolt.ai. I have already moved the relevant URLs and projects from AI Studio and to GitHub and imported them into Vercel. I now need someone Protect my API key is not exposed. Check for insecure handling of environment variables, client-side leaks, or public references. Recommend and explain the corrections needed. Leave clear written instructions so I can personally make the remaining changes on my other URLs. Work on only one Vercel account, one AI Studio project, and one project as a reference case, not across all my projects. I am specifically looking for someone who can guide me step by step, not just make changes silently. Please note: No direc...

I run an online store on Loveable and need a partner who can jump on Freelancer’s call feature with me while we tidy up three core areas at once: • SEO optimisation – full sweep of keyword research, on-page fixes and backlink outreach so every product page starts ranking. • Google Shopping – create a compliant product feed, structure campaigns, then bolt on proper tracking and analytics so we finally see which ad is converting. • Site security – tighten SSL, patch any obvious holes and put basic monitoring in place to keep the checkout safe. I’m ready to begin immediately, screen-share as we go and move fast, so clear spoken English and availability for real-time calls are a must. If you already know the Loveable backend and can guide me s...

I’m looking for an experienced cybersecurity instructor who can guide me through the full process of vulnerability assessment—from planning and scoping through reporting and remediation advice. My goal is to gain practical, job-ready skills, not just theory, so I’d like each session to combine short explanations with hands-on demonstrations and walk-through labs. We’ll cover topics such as: • Setting up and hardening a testing environment • Scanning and enumeration with popular tools (Nmap, Nessus, OpenVAS, etc.) • Interpreting scan results to identify true positives • Prioritising and documenting findings in a clear, professional report I already have a basic understanding of networking and operating systems; what I need is structured ...

I'm seeking someone to help remove an entire website from Facebook that's attacking my boss, who has been a great support to me. This project is personal and not affiliated with my employer. Requirements: - Remove the entire website using technical means - Ensure content is permanently deleted and inaccessible Ideal Skills and Experience: - Expertise in website takedown and content removal - Familiarity with legal and technical avenues for removing harmful online content - Discretion and professionalism are a must Timeframe: Within a month