Database security

we can start now

Expert on website security and sql injection protection. Thanks, Tonmay

Hello ranji29kum, Please check your PMs. Thanks! Best Regards, Stan.

Sir, I think I stand a chance here! Please view PM for details!

I can do this for you.

The assesment will scann fro the following * Version Check o Vulnerable Web Servers o Vulnerable Web Server Technologies – such as “PHP 4.3.0 file disclosure and possible code execution. * CGI Tester o Checks for Web Servers Problems – Determines if dangerous HTTP methods are enabled on the web server (e.g. PUT, TRACE, DELETE) o Verify Web Server Technologies * Parameter Manipulation o Cross-Site Scripting (XSS) – over 40 different XSS variations are tested. o SQL Injection o Code Execution(Unix and Windows) o Directory Traversal (Unix and Windows) o File Inclusion o Script Source Code Disclosure o CRLF Injection o Cross Frame Scripting (XFS) o PHP Code Injection o XPath Injection o Full Path Disclosure o LDAP Injection o Cookie Manipulation o Arbitrary File creation (AcuSensor Technology) o Arbitrary File deletion (AcuSensor Technology) o Email Injection (AcuSensor Technology) o File Tampering (AcuSensor Technology) o URL redirection o Remote XSL inclusion * MultiRequest Parameter Manipulation o Blind SQL/XPath Injection * File Checks o Checks for Backup Files or Directories - Looks for common files (such as logs, application traces, CVS web repositories) o Cross Site Scripting in URI o Checks for Script Errors * File Uploads o Unrestricted File uploads Checks * Directory Checks o Looks for Common Files (such as logs, traces, CVS) o Discover Sensitive Files/Directories o Discovers Directories with Weak Permissions o Cross Site Scripting in Path and PHPSESSID Session Fixation. o Web Applications o HTTP Verb Tampering * Text Search o Directory Listings o Source Code Disclosure o Check for Common Files o Check for Email Addresses o Microsoft Office Possible Sensitive Information o Local Path Disclosure o Error Messages o Trojan shell scripts (such as popular PHP shell scripts like r57shell, c99shell etc) * Weak Passwords o Weak HTTP Passwords * GHDB Google Hacking Database o Over 1200 GHDB Search Entries in the Database * Port Scanner and Network Alerts o Port scans the web server and obtains a list of open ports with banners o Performs complex network level vulnerability checks on open ports such as: + DNS Server vulnerabilities (Open zone transfer, Open recursion, cache poisoning) + FTP server checks (list of writable FTP directories, weak FTP passwords, anonymous access allowed) + Security and configuration checks for badly configured proxy servers + Checks for weak SNMP community strings and weak SSL cyphers + and many other network level vulnerability checks! * Other vulnerability tests may also be preformed using the manual tools provided, including: o Input Validation o Authentication attacks o Buffer overflows o Blind SQL injection o Sub domain scanning

Will be done.

I have experience providing security assessments to schools as well as multiple Fortune 500 companies. I worked for Ernst & Young, one of the premiere companies in the professional services industry.

Hi, I am ready. Let me know the details to start the work right now. thanks.