Представляем пакет без комиссии за найм!
Размещайте вакансии
Нанимайте без комиссий
Peneration Tester and Security Engineer - 22099 Outstaffing
Языки программирования/технологии
§ Питон
§ Прочность
§ С\С++
СУБД
§ Мой SQL
§ SQLite
Инструменты разработки
Среды виртуализации
§ VMWare
§ Виртуальная коробка
§ Генимотион
§ AndroidStudio
Операционные системы
§ Microsoft Windows 95/98/2000/XP/2003 Server/Vista/7/8/10
§ Кали Линукс
§ Убунту
Приложения/веб-серверы
Методологии
§ ОВАСП
§ НИСТ
§ ИСАКА
Инструменты тестирования
§ Nкарта
§ Никто
§ Берп Люкс
§ ОВАСП ЗАП
§ Несс
§ Wireshark
§ Мальтего
§ SQL-карта
§ Гобастер
§ Метасплойт
§ Облачная вспышка
§ Скользить
§ Апктул
Аппаратное обеспечение
§ Сетевые технологии
§ Различное технологическое устройство
Другой
§ Техническая документация/Отчеты о тестировании на проникновение
§ Обратный инжиниринг
Mobile application for IOS and Android fitness app. Red-team pentester, worked with clients security team. Conducting the penetration testing of all new releases of apps.
§ Analyze the system and prepare scope of work
§ Determine the possibility of specific attack vectors.
§ Reverse Engineering of Android app
§ Testing security of the apps
§ Dynamic and Static testing
§ Test api and requests to the server
§ Identify a combination of high and low risk vulnerabilities
§ Prepare a detailed report on found vulnerabilities including executive summary, risk level of each vulnerability and recommendations on how to fix them.
Nmap, Wireshark, Metasploit, Nessus, Burp Suite
Auditing the smart contract of token and bridge based on etherium. ERC20 standard.
§ Analyze the system and prepare scope of work
§ Check loops for miner attacks on timestamps and orders, and transaction order dependency
§ Determine inconsistency between specification and implementation
§ Identify defective design, logic, and access control
§ Provide recommendations to improve contract security and readability.
§ Prepare a detailed report on found vulnerabilities including executive summary, risk level of each vulnerability
Slither, Manticore, Surya, SonarQube
§ Smart Contract Audit
§ Check loops for miner attacks on timestamps and orders, and transaction order dependency
§ Determine inconsistency between specification and implementation
§ Identify defective design, logic, and access control
§ Provide recommendations to improve contract security and readability
Apktool, Graudit, Genymothion, Burpsuite
Dating platform. Penetration testing to estimate WAF security and uncover vulnerabilities.
§ Check loops for miner attacks on timestamps and orders, and transaction order dependency
§ Determine inconsistency between specification and implementation
§ Identify defective design, logic, and access control
§ Provide recommendations to improve contract security and readability
Apktool, Graudit, Genymothion, Burpsuite