Hi, I'm very interested in Your offer. I have over 10 years of experience as system admin for both windows and linux systems and also 10 plus experience in the field of computer/network and website security. I have done website security testing(I know all about xss, sqli, rfi/lfi, owasp 10 and others), but I also did QA combined with security testing, especially because doing website security testing requires using and finding all the functions of the website in question and then trying various invalid
inputs to see what will happen; sometimes it would result in badly rendered web page, sometimes it would expose sensitive information about the website in question. At the end of each day I tend to send progress report and at the end I'll write a document detailing found bugs/issues with screenshots.
Regarding proof of my experience in this matter, please take a look at my profile and my references/reviews/ratings regarding other projects of this type.
So, if You choose me I promise You that I'll complete the work by Your standards and also I can include security testing(I noticed you mentioned in the description that you want to know what mistakes you have, what needs improving and I did a quick look and found sql injection vulnerability, so I'd suggest security testing as potentially a separate project and I can provide that).
Thank You for considering my bid and I'm looking forward to Your reply.
Cheers