Przedstawiamy pakiet bez prowizji za zatrudnienie!
Publikuj oferty pracy
Zatrudniaj bez prowizji
Peneration Tester and Security Engineer - 22099 Outstaffing
Języki programowania/Technologie
§ Pythona
§ Solidność
§ C\C++
RDBMS
§ Mój SQL
§ SQLite
Narzędzia programistyczne
Środowiska wirtualizacyjne
§ VMWare
§ VirtualBox
§ Genymocja
§ AdroidStudio
System operacyjny
§ Microsoft Windows 95/ 98/ 2000/ XP/ 2003 Server/ Vista / 7/8/10
§ Kali Linux
§ Ubuntu
Serwery aplikacji/internetowe
Metodologie
§ OWASP
§ NIST
§ ISACA
Narzędzia do testowania
§ Nmapa
§ Nikto
§ Zestaw beknięcia
§ OWASP ZAP
§ Nessus
§ Wiresharka
§ Maltego
§ Mapa sql
§ Pogromca
§ Metasploit
§ Rozbłysk chmur
§ Ślizgać się
§ Apktool
Sprzęt komputerowy
§ Technologie sieciowe
§ Inne urządzenie technologiczne
Inny
§ Dokumentacja techniczna/ Raporty z testów penetracyjnych
§ Inżynieria wsteczna
Mobile application for IOS and Android fitness app. Red-team pentester, worked with clients security team. Conducting the penetration testing of all new releases of apps.
§ Analyze the system and prepare scope of work
§ Determine the possibility of specific attack vectors.
§ Reverse Engineering of Android app
§ Testing security of the apps
§ Dynamic and Static testing
§ Test api and requests to the server
§ Identify a combination of high and low risk vulnerabilities
§ Prepare a detailed report on found vulnerabilities including executive summary, risk level of each vulnerability and recommendations on how to fix them.
Nmap, Wireshark, Metasploit, Nessus, Burp Suite
Auditing the smart contract of token and bridge based on etherium. ERC20 standard.
§ Analyze the system and prepare scope of work
§ Check loops for miner attacks on timestamps and orders, and transaction order dependency
§ Determine inconsistency between specification and implementation
§ Identify defective design, logic, and access control
§ Provide recommendations to improve contract security and readability.
§ Prepare a detailed report on found vulnerabilities including executive summary, risk level of each vulnerability
Slither, Manticore, Surya, SonarQube
§ Smart Contract Audit
§ Check loops for miner attacks on timestamps and orders, and transaction order dependency
§ Determine inconsistency between specification and implementation
§ Identify defective design, logic, and access control
§ Provide recommendations to improve contract security and readability
Apktool, Graudit, Genymothion, Burpsuite
Dating platform. Penetration testing to estimate WAF security and uncover vulnerabilities.
§ Check loops for miner attacks on timestamps and orders, and transaction order dependency
§ Determine inconsistency between specification and implementation
§ Identify defective design, logic, and access control
§ Provide recommendations to improve contract security and readability
Apktool, Graudit, Genymothion, Burpsuite