Pen testing/Penetration testing instructions LAMP server
$30-250 USD
Pagado a la entrega
You must be a penetration tester with experience in order to deliver this project.
We regularly create servers for ourselves and our clients and we want to have a set of instructions that we can use every time we create a new server to test the server's security and its vulnerabilities.
Since every pen tester is different, the tests we have done so far vary from person to person, based on expertise and experience.
In order to make our life easier, we would like to have a list (of best practices) of ALL the tests that can be performed, by following a set of instructions, to evaluate the security of a server.
When we say ALL the tests, we mean from the very basic tests to the most advanced tests to determine if a service has security issues or vulnerabilities.
This must also include tests that show leaking information about the server.
Such a list will help us to avoid errors and better protect our servers.
Therefore, for an ubuntu 20.04 server, using either another ubuntu server or a kali linux server (or whichever server type believe is best),
make a list of tests that should be performed to test a LAMP server for vulnerabilities, so as to ultimately make sure it is completely secure.
Your list of tests should have as many tests as necessary to test a (LAMP) server. This means testing all aspects of the LAMP... testing linux, php, apache and mysql for security issues and vulnerabilities.
This must be a step by step list, numbering each test in the order that you believe it should be performed.
Then for each test, (using the structure in the example below) include the name of the program/command/script that should be run/executed and the installation command.
Then show the actual command to be executed and explain what the command does and why you are using it.
Then also explain what the result would be and how to understand if the result is good or bad in terms of server security.
And finally, if the test results in a problem, indicate the fix or solution to resolve the security issue.
For example, if you think nmap needs to be run, then:
1) explain how to install nmap on the testing machine;
2) provide the nmap command(s) that should be executed;
3) explain why the particular nmap is being used;
4) explain how to understand the result of the test to determine if a problem exists;
5) if a problem exists, explain how to resolve the problem.
We understand that a problem may have many causes and solutions, and that a simple fix is not always easy to explain. In such cases, simply indicate the fix with a brief explanation pointing us in the right direction.
You can use ChatGPT to refine your commands and help with explanations. When an experienced pen tester uses ChatGPT to prepare tests it makes for better tests, and dramatically reduces the work involved.
Note that the server domain will be behind Cloudflare, so the tests should consider this.
Also provide an equivalent for testing the server directly via its IP address, therefore going around Cloudflare.
Once you have provided the list, we will either create a virtual server or use a physical machine, reformat it to the operating system you specify for the tests, install all the programs/commands/scripts you specify,
and then perform the tests to see the results.
Please make sure you understand this project properly before bidding on it.
Please ASK any questions you have BEFORE bidding.
Your bid here will be your FINAL bid.
Thank you.
Nº del proyecto: #35649169
Sobre el proyecto
28 freelancers están ofertando un promedio de $429 por este trabajo
Hey there, I have been in the InfoSec for years. I had conducted tons of Penetration Testing projects. I have the required skills and experience. I can deliver your required project with the required details includ Más
Hi there, I've closely reviewed the needs and requirements for this project and believe that my qualifications have prepared me to contribute and add immediate value to the project. I am available right now for the pr Más
Hi, I am Haresh, having 12+ years of experience in Software Testing Industry. - Having unique blend of knowledge in Quality Product Delivery, Processes Management, Functional testing, Integration and regression tes Más
Hello, I am Yasir Iqbal. I have completed my MS degree in Cyber Security and working as a manager in cyber security. I am looking after our SoC and cybersecurity team. Diverse experience of web application pen-testing, Más
I am a Certified Ethical Hacker with over 9 years of professional Ethical Hacking experience. My portfolio ranges from working with the Military Cyber Warfare Command to Civilian Infrastructure. I have a broad range Más
*I can start right away* Hey Andrew M., Good morning! I have read the details of your project (Pen testing/Penetration testing instructions LAMP server) and understood that my skill set matches this project. I am sk Más
Hey, I am writing to express my interest in your project to create a set of instructions for testing the security and vulnerabilities of a server. As an experienced penetration tester with expertise in web, computer, a Más
Hello I can do this. Please share the details of the task so that I can check and confirm accordingly.
I am a Pro manuation and automation tester having 5+ years of work experience in manual and automation testing. Pro selenium, mantis and similar tools to help you achieve error free websites, applications, games and/o Más
I am a Pro manuation and automation tester having 5+ years of work experience in manual and automation testing. Pro selenium, mantis and similar tools to help you achieve error free websites, applications, games and/or Más
I have 30 years of experience in internet services. I think I can easily meet your requirements. High quality work. I am willing to explain your pentest Tasks negotiable. Regards, Khawar Nehal
Hi, I am an expert in Penetration Testing. I have total over five years of experienced in API, Web App, Mobile and Network pentation testing. I'm also freelance penetration tester in my country. I have experiences in Más