Preparing 20 questions about software security for a written exam - Repost - open to bidding

A proposal has not yet been provided

Have 5+ years of experience in both black box and white box testing penetration testing. Perform VAPT(Vulnerability and penetration testing) services like Web-Application penetration testing; System Application penetration testing; Mobile application penetration testing; Network application penetration testing; social engineering penetration testing etc. Conduct penetration testing in a systematic approach. Follow the standard methodology of the industry like OWASP Testing Guide v4(OTGv4) ; SANS top 25; NIST SP 800-115; PCI DSS to perform penetration testing so that client can concentrate on their professions without worrying about security threats. Web Application Testing: Do web application penetration testing with the latest methodology like OWASP Top-10, SANS Top-25. Perform both manual and automated penetration testing for vulnerabilities like Injection flaws(such as SQL, NoSQL, OS, and LDAP injection etc),Broken Authentication, Sensitive Data Exposure,XML External Entities (XXE), Broken Access Control,Security Misconfiguration, Cross-site scripting(XSS), Insecure Deserialization, Using Components with Known Vulnerabilities,Insufficient Logging & Monitoring. Also perform source code reviews for many technologies like java, .NET, PHP etc. Approach for Manual Web-Application Penetration Testing: Conduct manual testing with following controls: * Configuration and Deployment Management Testing * Identity Management Testing * Authentication Testing * Authorization Testing * Session Management Testing * Input Validation Testing * Testing for Error Handling * Testing for weak Cryptography * Business Logic Testing * Client Side Testing Tools that use for Automated Web Penetration Testing: Acunetix, Burp-Suite, Netsparker, Nexpose, Nikto, IBM Appscan, HP fortify, W3af etc. Network penetration testing:Provide Network Penetration Testing so that your Network Infrastructure is secured from the real world attacks. Do both manual and automated network penetration testing. Approach for Manual Network Penetration Testing: Manually check for IDS/IPS, Server, Networks switch, Network Router, VPN, Firewalls, Anti-virus,Password etc. Tools that use for automated network penetration testing: OpenVas, Wireshark, Nessus, Metasploit, Armitage, Scapy etc.

A proposal has not yet been provided

Hello, I'm a computer security researcher.. i can do your project..

A proposal has not yet been provided

I perfect

I already pursuit a master on cyber security, also I helped a friend to write a quiz concerning it security exam.

Dear Hiring Manager/Hello I’ve carefully gone through your job I ’m an expert Security Consultant & Ethical Hacker & Malware Analyst with more than 5 years experiences . I am very much interested in your project with all of your requirements. For more on my skill and successfully finished jobs, please have a look on my Profile, I am always available on Email and Skype. Please have a voice or video chat if necessary. I will be available more than 60 hours per week and able to start your project as soon as possible according to you. Thank you for your consideration Best Regards

A proposal has not yet been provided

A proposal has not yet been provided

Knowledge of IS incidents handling & contention. - Knowledge of IS incidents forensic analysis & investigation. - Knowledge of network security technologies including firewalls, proxies, WAF, NAC, IPS & AV, URL/Content Filters. - Knowledge of Host security technologies including REPS Systems including Host Firewall, Host AV, Host IPS, Application Control, Encryption, & Policy Managers. - Knowledge of IS management systems including SIEM & vulnerability Management.