ความปลอดภัยทางอินเทอร์เน็ต Jobs

I’m looking for a seasoned cybersecurity professional who can carry out a full-scale penetration test against my public-facing web application. My priority is threat assessment and mitigation, so the exercise must simulate real-world attack scenarios, uncover exploitable weaknesses, and give me a clear path to harden the platform. Scope You will conduct a comprehensive, OWASP-aligned assessment that includes manual exploitation techniques in addition to automated scans. I expect you to explore authentication, authorization, session management, input validation, business logic, and any server-side misconfigurations. Google platform for email/domain management and primarily cloud based tools. Tool choice is up to you—Burp Suite, OWASP ZAP, Kali Linux utilities, Metasploit, or...

We are looking for a cybersecurity specialist to support our security assessment and compliance services for small and medium-sized businesses in the Middle East. Role Summary: You will conduct structured security reviews of client environments using industry-standard tools and frameworks, focusing on both technical security and regulatory compliance. Key Responsibilities: 1. Security Assessments: • Run vulnerability scans on networks, servers, and web applications. • Identify security misconfigurations, exposed services, and potential entry points. • Analyze results and validate critical findings. 2. Compliance Reviews: • Map findings against ISO 27001 controls for information security. • Assess client adherence to NIST Cybersecurity Framework (CSF) funct...

I’m currently living behind Iran’s ever-tightening firewall. Virtually every international site or service is unreachable, yet I do have a single VPN profile that still punches through. I don’t know whether it relies on residential IP routing, a stealth transport layer, custom TLS camouflage, or something else entirely—but it works, and I need to understand why so I can keep reliable access going forward. Here’s what I’m hoping you can do for me: • Examine the configuration file and any accompanying certificates or keys I supply, reverse-engineer the protocol or obfuscation technique in use, and clearly document the mechanics in plain language. • Show me how to replicate the same approach on my own infrastructure (VPS or residential tunnel...

I need a solid, full-scope “cyber” penetration test on my web platform with a single objective: uncover every web-based vulnerability before launch. You will have access to a dedicated staging environment plus test credentials so you can attack the application exactly as an external threat actor would. Scope • End-to-end testing of all public and authenticated areas, APIs, and server configuration • Combination of automated scans (e.g., OWASP ZAP, Nikto) and manual exploitation with Burp Suite, Kali Linux toolset, Metasploit, etc. • No social-engineering or mobile testing is required—focus purely on web weaknesses. Deliverables (acceptance criteria) 1. Executive summary for non-technical stakeholders. 2. Detailed technical report listing each f...

I’m a mid-career cybersecurity professional and my LinkedIn presence isn’t doing me any favors. My goal is crystal-clear: I want recruiters at tech companies to find me, see immediate evidence of my value, and invite me to interview for full-time security roles. What I need from you • A high-impact headline and summary that sell my threat-hunting, incident-response, and governance strengths while weaving in the right keywords for LinkedIn’s search algorithm and typical ATS filters. • Re-crafted work-experience entries that highlight measurable accomplishments (e.g., vulnerability-remediation percentages, audit-pass rates, MTTR improvements) instead of task lists. • A refreshed Skills & Endorsements section that spotlights cloud security, secure...

I’m ready to have my website professionally stress-tested so I can patch every weak spot before it becomes a problem. The engagement centres on two critical areas that hold our most sensitive logic and data—the Login System and the User Data Storage modules. Within those components I want you to probe specifically for SQL Injection, Cross-Site Scripting (XSS) and Broken Authentication issues, emulating real-world attack scenarios while staying fully within ethical boundaries. Industry-standard tooling such as Burp Suite, OWASP ZAP, sqlmap, or their equivalents is expected so results are reproducible and mapped against OWASP Top 10. All findings must be compiled in a comprehensive, developer-friendly document that not only confirms each vulnerability but explains impact, suppli...

I’m ready to have my website professionally stress-tested so I can patch every weak spot before it becomes a problem. The engagement centres on two critical areas that hold our most sensitive logic and data—the Login System and the User Data Storage modules. Within those components I want you to probe specifically for SQL Injection, Cross-Site Scripting (XSS) and Broken Authentication issues, emulating real-world attack scenarios while staying fully within ethical boundaries. Industry-standard tooling such as Burp Suite, OWASP ZAP, sqlmap, or their equivalents is expected so results are reproducible and mapped against OWASP Top 10. All findings must be compiled in a comprehensive, developer-friendly document that not only confirms each vulnerability but explains impact, suppli...

We are seeking an experienced cybersecurity professional to develop a high-quality, advanced-level practical ethical hacking video course built around a realistic simulated enterprise attack environment. This course must focus heavily on hands-on execution and demonstrate a structured multi-step attack workflow inside a controlled lab network. The final deliverable must contain approximately 10–12 hours of fully edited, polished video content (final runtime after editing). Budget: 40,000 INR (Maximum) Timeline: 30–60 days Core Course Requirements The course must: Be advanced-level practical content Be structured around a connected simulated company environment Include multiple interconnected attack scenarios Demonstrate complete attack chains Include reconnaissance, e...

Over the past few days I have noticed a sharp, unexplained spike in direct traffic on my corporate website. The pattern is the same worldwide—thousands of repeated page views hitting the same endpoints every few minutes—yet no genuine engagement follows. Because I have no firewall, captcha, or other security layer in place, I suspect an automated script or bot is hammering the site and inflating my analytics. I need a security-minded developer to: • Analyse server logs, analytics data, and DNS records to confirm the source, volume, and behaviour of the suspicious requests. • Pinpoint whether the traffic originates from a compromised script inside the site, a third-party resource, or external botnets. • Recommend and implement practical counter-measures such...

My wired Ethernet network has stopped working, and I need a skilled technician to get it back online quickly. I’ve already ruled out basic cable swaps, so I’m looking for someone who can: • Diagnose the root cause of the outage (switch, patch panel, NIC, or configuration). • Walk me through any testing steps I should perform on-site (ping, traceroute, link-light checks). • Provide clear, step-by-step instructions or remote-session support to restore connectivity. • Verify that all connected devices regain stable internet and LAN access once the fix is applied. • Offer a brief preventive checklist so I can avoid the same issue in the future. I can share photos of the rack layout, current IP scheme, and error messages from the router and switch interfac...

I need an experienced security engineer to harden our multi-tenant SaaS product, prepare us for HIPAA and SOC 2 Type II audits, and stay on call for incident response. The stack runs primarily on AWS, Azure or GCP, with containerised workloads orchestrated by Kubernetes. Day-to-day you will probe our web apps and APIs with Burp Suite and OWASP ZAP, script automation in Bash, and guide the team as we fold security controls into an established Git-based CI/CD pipeline. Key objectives • Run a full penetration test against the platform, documenting exploitable findings against the OWASP Top 10 and cloud-specific misconfigurations. • Configure vulnerability scanning (Nessus, Snyk, Trivy) and wire SAST, DAST and dependency checks into our build pipelines. • Implement and v...

I have a small office network—fewer than twenty endpoints—that I want thoroughly examined for weaknesses. The immediate focus is a vulnerability assessment combined with a full network-security audit. Pen-testing isn’t required right now, but I would like the audit to be detailed enough that we could progress smoothly to active exploitation tests later if needed. Scope – Map every device and service, then scan using industry-standard tools such as Nmap, Nessus or OpenVAS. – Analyse configurations (firewall rules, router settings, shared resources, OS hardening) and identify misconfigurations or outdated software. – Provide a clear, prioritized remediation plan. Critical issues first, followed by medium and low-risk findings. – Conclude wit...

Job Title: Cyber Security Engineer (Checkpoint Firewall & Akamai WAF) Duration: 2 Hours per Day Budget: ₹30,000 per Month Start Date: Immediate About the Role We are looking for a skilled Cyber Security Engineer with expertise in Checkpoint Firewall and Akamai WAF to support our network security infrastructure. The ideal candidate will be responsible for managing firewall configurations, monitoring network security policies, and assisting in the implementation of web application firewall protections to safeguard enterprise systems. Key Responsibilities Configure, manage, and optimize Checkpoint Firewall environments (policy management, rule configuration, and troubleshooting). Implement and maintain Akamai Web Application Firewall (WAF) rules to protect web applications from security t...

Yesterday I noticed that every message and folder in my Hotmail account had vanished after an unauthorized login. I have since taken back control of the mailbox and switched on two-factor authentication, but Microsoft support told me they are unable to restore the data. I still need those emails. I’m after someone who knows the ins and outs of / Microsoft 365 back-end recovery, server-side retention, and forensic mail restoration. If you can locate and reinstate the deleted items—whether through the Recoverable Items folder, legacy PST pulls, or other Microsoft recovery channels—and then harden the account so this can’t happen again, please let me know your approach and an estimated timeline. Acceptance criteria • All recoverable emails and folders resto...

Project Title: Web Security Audit & Penetration Testing for Marketplace Website Description: We are preparing to launch a new online marketplace platform and are looking for an experienced web security specialist to perform a full security review of the site. The goal is to identify any vulnerabilities and ensure the platform is secure before public launch. Scope of work: • Perform a full security audit of the web application • Conduct penetration testing to identify vulnerabilities • Review authentication, API security, and database access • Check for common vulnerabilities (OWASP Top 10) • Identify potential risks in front-end and back-end architecture • Provide a clear report outlining vulnerabilities and recommended fixes Important: • You must hav...