Xss jobs

WORKING start working on each vulnerability: 1. We suggest that you have a fresh Linux VM ready for each vulnerability. . You can create a copy of your VM for each vulnerability. 2. Read the vulnerability disclosure and check out related links. 3. Deploy the vulnerable version of wordpress. 4. Design a proof of concept attack (similar to what we did in class). 5. Demonstrate your attack Submission You must prepare a report as part of your project repository in markdown format (your ). For each vulnerability provide the following: * Very brief description of the vulnerability & its significance. * Designed attack. Include and link to your source codes. The information should be sufficient to reproduce the attack. * Demonstration of the attack. List the steps, screenshots, and a sh...

I need someone to implement counter measures to CSRF,SSRF and XSS for a website on local. The website is already built.

I need a freelancer to fix the following issues. 1. Stored Cross Site Scripting(XSS) 2. CSRF in change password Lead to account takeover 3. Introduce AUTH in the Header 4. HTML Injection 5. Unrestricted file upload 6. PHP Version Disclosure 7. Cookie management, session cookies are displayed to the user 8. Create a CORN job to send email everyday. Include data of a specific table. NOTE: I will not give access to Freelancer to the website. Instead, I will share the PHP code and the DB file. After making the fix, please provide me with the fixed files. I will review and test the changes internally before releasing the milestone. My PHP site has pages like login, forget and reset the password, create and update incidents, create and update documents, manage users, manage profiles, ...

I need a web platform for customers who subscribe through PayPal and Mercado Pago. Users must pay a subscription package to be able to access certain areas of the website. That there are 3 subscription packages and that each package has an a...the administrator panel, the administrator will be able to unsubscribe users, delete users, edit users, view ip, ban users and set the reason for the ban. If a user is banned, at the time of login it will appear that the user has been banned from the website for the reason that has been entered. Passwords must be in bycrypt. Login and Registration system must have CSRF protection. Anti Bypass XSS and other vulnerabilities. Must be on PHP v8.1.X The website must be optimized for SEO. And have a good score in PageSpeed ​​Insights. Friendly d...

PLEASE READ!! Are you my new web developer? I want you to build me...visitor, etc. etc. Website need to be in a few language, most of them google translate its fine, but English and danish need to be native (I'm a danish speaking man, I can definitely help) something similar to those websites.. I see you specialize in: Hosting plan advices Custom login and sign up forms safe from CSRF and XSS attacks Protected user routes and dynamic authentication SPA applications with modern frameworks AWS services such emails for user login verification Advanced CSS design for custom websites Cool animations and effects for website design SEO optimization for better organic reach REST API's integration Database design and modeling

I have had <xss...> database attacks on my site for a year. One of the people who looked at them said the problem was with the code of the membership company I'm using (). Here's a link to the code: I need someone to go over the code the modify it to eliminate the <xss...> attacks on my databased. I will be $75 to anybody who can show me the fix in the next two days.

...Prevention of XSS attacks Technology: .Net 6 Web API, C# Requirement: Development of middleware to help prevent XSS attacks by removing script tags or any other associated characters from incoming requests i.e. sanitizing the incoming jsaon date. Requests will be a. POST requests with json in the body. See example below Objective: Prevention of XSS attacks Technology: .Net 6 Web API, C# Requirement: Development of middleware to help prevent XSS attacks by removing script tags or any other associated characters from incoming requests i.e. sanitizing the incoming jsaon date. Requests will be a. POST requests with json in the body. See example below Objective: Prevention of XSS attacks Technology: .Net 6 Web API, C# Requirement: Development of m...

It is a project to create an application that allows you to create new kanban boards and tasks and subtasks for each step between the backlog and completion. Must be programmed in PHP 8, TWIG, Bootstrap 5, MYSQL (PHPMyAdmin), JAVASCRIPT and JQUERY (must not use web templates with any type of copyright). Must have best practices to prevent XSS attack. It would be a dynamic website (PHP running on the web server - php files and html files in different folders) and Responsive for different screen sizes and tablets. More instructions and functionality are specified and detailed in the attached files.

Need to build an informative website of 11 pages Arabic/English with CMS. if has to be responsive and compatible with the common browsers. it has to be secured against cyber attacks such as XSS and SQL injection, malware , bots ...etc it need to be connected with google analytics, also the CMS need to have the option to insert meta information and keywords for SEO it will show information from a ready made API in JSON it will also have a form that will send the information using an API the logins are just URLs to a ready made website the design materials has to be unique (this includes everything in the pages added by the designer)

i find some vulnerabilities on burpsuit scanner so i wanna understand how to use them

Hello, i have an app which is 50% Golang, 15% Ruby, 12.5% typescript, 12% HTML. It has some security flaws which need fixing. For example: -Password policy change to not allow easy passwords -Prtotection against Injection attacks (e.g. HTML injection, XSS, command injection) -Broken Authentication and session management - Bypass 2FA Authentication -Access control-related misconfigurations -Software misconfigurations -Sensitive data exposure -Open Redirect -Cache poisoning - Header Injection -Clickjacking I am looking for someone who knows how to fix security flaws.

Hello, i have an app which is 50% Golang, 15% Ruby, 12.5% typescript, 12% HTML. It has some security flaws which need fixing. For example: -Password policy change to not allow easy passwords -Prtotection against Injection attacks (e.g. HTML injection, XSS, command injection) -Broken Authentication and session management - Bypass 2FA Authentication -Access control-related misconfigurations -Software misconfigurations -Sensitive data exposure -Open Redirect -Cache poisoning - Header Injection -Clickjacking I am looking for someone who knows how to fix security flaws.

Hello, i have an app which is 50% Golang, 15% Ruby, 12.5% typescript, 12% HTML. It has some security flaws which need fixing. For example: -Password policy change to not allow easy passwords -Prtotection against Injection attacks (e.g. HTML injection, XSS, command injection) -Broken Authentication and session management - Bypass 2FA Authentication -Access control-related misconfigurations -Software misconfigurations -Sensitive data exposure -Open Redirect -Cache poisoning - Header Injection -Clickjacking I am looking for someone who knows how to fix security flaws.

Hello, i have an app which is 50% Golang, 15% Ruby, 12.5% typescript, 12% HTML. It has some security flaws which need fixing. For example: -Password policy change to not allow easy passwords -Prtotection against Injection attacks (e.g. HTML injection, XSS, command injection) -Broken Authentication and session management - Bypass 2FA Authentication -Access control-related misconfigurations -Software misconfigurations -Sensitive data exposure -Open Redirect -Cache poisoning - Header Injection -Clickjacking I am looking for someone who knows how to fix security flaws.

...panel (Back & front End) beside a strong order matching engine will be specified later. Module for adding and paring specified 50 coins i Module for adding and paring ERC20, TRC20, Bep20 token Wallets BTC + 2 fiat currencies Payment gateway 3 strategy bot trading for the exchange users 8. Integration of these security protocols: (SQL Injection Prevention, HTTPS Authentication, Cross-Site Scripting (XSS) Protection, 2 Factor Authentication, Data Encryption, Cross-Site Request Forgery (CSRF) Protection, Anti Distributed Denial of Service (DDoS) Protection) NFT Marketplace ERC721A/ERC721/ERC1155 Smart Contract ERC20 and Staking Smart Contract Minting Landing Page Wallet Connectivity (Desktop & mobile)...

Hello, i have an app which is 50% Golang, 15% Ruby, 12.5% typescript, 12% HTML. It has some security flaws which need fixing. For example: -Password policy change to not allow easy passwords -Prtotection against Injection attacks (e.g. HTML injection, XSS, command injection) -Broken Authentication and session management - Bypass 2FA Authentication -Access control-related misconfigurations -Software misconfigurations -Sensitive data exposure -HTTP Request Smuggling -Open Redirect -Cache poisoning - Header Injection -Clickjacking I am looking for someone who knows how to fix security flaws.

My friends html5 chat rooms are being hacked cause of the xss and patches are not updated/not there to stop them. I got screenshots of examples of the issue. Also they are using discord somehow to hack the chats as well. We need help asap. Thanks

I am looking for someone who can fix the following vulnerabilities in a simple Document Management Software on Java based open source D Space Version 6.0 1. Stored XSS - Cross-site scripting (also known as XSS) is a web security vulnerability which occurs when a malicious script is injected directly into a vulnerable web application cause of input validation. 2. Reflected XSS -- Reflected XSS is one of the part of Cross-Site-Scripting attacks and termed as “Non-Persistence XSS” or “Type II”. 3 Rate Limiting- number of wrong login attempts to be limited to 3 & then 15 mins wait 4. CSRF- cross site request forgery- The most effective way to protect against CSRF vulnerabilities requests an additional token th...

We need to implement on Apache server configuration for content security policy for a wordress site.

Looking for a full-stack developer to develop an admin and user dashboard with ...value to resubmit the form. ● Affiliate & Referral Program. ● Latest News (Blog style). ● Notification and Announcement page. ● Multilingual Support (Internationalization/i18n & RTL). ●Operations menu by user role -Display the latest news -Display the latest notifications and announcements -Display last login specifications Security Features ● JWT or ACLs Authentication ● Cross-Site Scripting (XSS) Protection ● SQL Injection Protection ● CSRF Protection ● Secure Encrypt Password Hashing ● 256-bit Enterprise-Grade Encryption ● SMTP / API Mail (Mailgun Email Service) ● Sending data through webhooks or APIs Also, the developer must sign a Non-disclosure Agreement to work on our project.

hello looking for XSS Stored expert only to find vulnerability in my web chat room code. the website open only for tests and for vulnerability finder. p.s self xss its not vulnerability just XSS Stored the chat with html entities and cloduflare WAF the chat base on html + php pm me if you think you can find xss stored only

based on xss dataset, 5000 words.

FRONTEND Application Frontend consist of a street map with Markers (service providers) and a search bar. Service Providers (Markers): 1) User will open website/APP 2) User can create marker 3) After click on create marker user can select marker position on map 4) User chose a category 5) User enter the details (Dynamic): - Name - Lat long (Auto fetch) - Cit...2. Markers management ( CRM based ) a. Create b. Edit c. Delete d. Approve e. Search/Filter 3. Full statistics on markers view, page view etc. 4. Application development should be done based on modules a. Markers b. Categories c. Reviews d. Users GENERAL 1. APP will load markers based on map zoom 2. APP will load marker details after marker its clicked 3. APP should be secured against DDOS ,XSS, injections and other types ...

FRONTEND Application Frontend consist of a street map with Markers (service providers) and a search bar. Service Providers (Markers): 1) User will open website/APP 2) User can create marker 3) After click on create marker user can select marker position on map 4) User chose a category 5) User enter the details (Dynamic): - Name - Lat long (Auto fetch) - Cit...2. Markers management ( CRM based ) a. Create b. Edit c. Delete d. Approve e. Search/Filter 3. Full statistics on markers view, page view etc. 4. Application development should be done based on modules a. Markers b. Categories c. Reviews d. Users GENERAL 1. APP will load markers based on map zoom 2. APP will load marker details after marker its clicked 3. APP should be secured against DDOS ,XSS, injections and other types ...

-Knowledge ZAP Penetration Tool Testing -Pen test tool to discover, and then fix, XSS vulnerabilities -Rest of the details will be shared once I get the best knowledge person.

Deploy a framework to help with DDoS and other SQL, XSS, LFI, Brute-force, CSRF Prevention, following good security practices and against mainly Bot ​​attacks & HTTP Flood without using CloudFlare or any other CDN services we're planing to build our own Mitigation strategy by configuring available open source resources to prevent attacks and build log monitoring dashboard for traffic just like CloudFlare provides. Also have to done is os level port restrictions and limitations on Ubuntu (UFW / IPtables) Our team will test deployed security by doing Large Scale attack and if it didn't break work security is intact and dashboard is also working to see the traffic then you'll get your reward. *Note: You'll have to provide proper configuration steps to us so we ...

Our website uses the OJS CMS platform. We have SiteLock installed on our web host BlueHost and recently received an email stating, "Thank you for protecting your website, SiteLock. Your scanner has been hard at work! During a recent scan, it found a cross-site scripting (XSS) vulnerability that could jeopardize the security of your website." We need someone to determine whether such a vulnerability indeed exists, and quote to repair/remove it without breaking site functionality.

Final updates to Angular/Laravel website code to be production ready. This includes updating page design with new graphics assets and final styling, minor touch ups to pages, implementing google analytics tagging and GDPR cookie consent for analytics compliance, and proactively adding mitigations for common web security threats (SQL injection, XSS, and CSRF).

...you include POST/GET/REQUEST/FILE calls in your plugin, it's important to sanitize, validate, and escape them. The goal here is to prevent a user from accidentally sending trash data through the system, as well as protecting them from potential security issues. SANITIZE: Data that is input (either by a user or automatically) must be sanitized as soon as possible. This lessens the possibility of XSS vulnerabilities and MITM attacks where posted data is subverted. VALIDATE: All data should be validated, no matter what. Even when you sanitize, remember that you don’t want someone putting in ‘dog’ when the only valid values are numbers. ESCAPE: Data that is output must be escaped properly when it is echo'd, so it can't hijack admin screens. There a...

Hi Hicham O., I noticed your profile and would like to offer you my project. We can discuss any details over chat. A couple of questions in the lab regards about auditing and test cases like XSS, CSRF, SQLi, and CMDI.

hello, I am looking for a professional programmer who can help me with html, php and sql (interface with pdo). I have written a multi-input search. It should meet the security maximum (e.g. sql injection, xss... etc). Currently it has no prepared statements regarding the multi-search itself. The code is partly not where it should be (php code more topmost etc..how it should be right) Requirements: - php with pdo - sql - security knowledge - html with bootstrap multi input search properties: - search with sql %-wildcard by checkbox click - search with regular expressions by checkbox click - search for the opposite sql "not like" after checkbox click values from the input fields ($_GET handover): - clientid = integer - company = string - firstname = string - lastname = ...

I have a website that was some time no active. I wanted to activate it with entering the wp-admin but it was redirecting. XSS exploit prob. When i wanted to restore earlier backups the thing sends only: Your PHP installation appears to be missing the MySQL extension which is required by WordPress. i wanted to get the last backup working with entering wp-admin also.

I am looking for php web developer to build website similar to attached screenshot. I have attached screenshot of portal. Also need to install on my web hosting cpanel (i will provide cpanel account). Should be on PHP & MYSQL and PHP Framework (codeigniter/laravel). Website should be secure 1. Cross-Site Request Forgery (CSRF) Prevention 2. Cross-Site Scripting (XSS) Prevention 3. Password Hashing 4. Avoiding SQL Injection Please check attached screenshot.

I am looking for an Infosec expert

a)Using an appropriate tool demonstrate how Cross-Site Scripting (XSS) functions. You must compile a report, including screenshots of your work and clear instructions on how to reproduce it, including the following: • Vulnerabilities that can be used to develop a XSS attack. • An example of how a file upload could be used to launch an XSS attack. • An example of Reflected XSS. • An example of Stored XSS. • Provide at least TWO examples of how the attacker may utilise XSS (by any method above) to their benefit. Clearly explain the lifecyclec of both attacks, from identification of the vulnerability, to achieving the final goal of the exploit (and state explicitly what that goal is). Remember that your aim is to provide a rep...

...System Enable & Disable Comment System Secure Authentication Password Reset Google Analytics Advanced Settings Options Visual Settings Change Logo, Favicon, Site Title, Site Description, etc. from Admin Panel Easy Installation Using Installation Wizard Detailed Documentation Runs on PHP 5.6, 7.0, 7.1, 7.2, 7.3, 7.4, 8.0 Security Cross-Site Request Forgery (CSRF) Prevention Cross-Site Scripting (XSS) Prevention Password Hashing Avoiding SQL Injection I dont want any previous script.. I want fully new functional script...

Attack a web application by exploiting its XSS vulnerabilities

...Solutions LLC. They have contacted you to research the latest threats in IT and specifically, are interested in, the OWASP Top 10 vulnerabilities. Your job, is to test for and document, THREE of the the following vulnerabilities: A1 Injection A2 Broken Authentication A3 Sensitive Data Exposure A4 XML External Entities (XXE) A5 Broken Access Control A6 Security Misconfiguration A7 Cross-Site Scripting (XSS) A8 Insecure Deserialization A9 Using Components with Known Vulnerabilities A10 Insufficient Logging & Monitoring Explain the Vulnerabilities and Mitigation Explain to the business executives, why these vulnerabilities matter, including the potential risk to the business. You should link these vulnerabilities into the OWASP TOP 10 2017. You are expected to provide real ...

hi i have a very small XSS assignment which can be done in an hour or 2 if you're expert but i do not have the time to do now. Do u mind taking a look and see whether u can do it?

hi i have a very small XSS task which can be done in an hour or 2 if you're expert but i do not have the time to do now. Do u mind taking a look and see whether u can do it?

hi i have a very small XSS assignment which can be done in an hour or 2 if you're expert but i do not have the time to do now. Do u mind taking a look and see whether u can do it?

hi i have a very small XSS assignment which can be done in an hour or 2 if you're expert but i do not have the time to do now. Do u mind taking a look and see whether u can do it?

...Architecture : MVC - Codeigniter or Lavarel or your own best (after our appraisal) Hosting : We will provide Budget : $150-$250 This is simple multilingual (English as primary) event portal, which will divide into few phase to develop. Current bidding is the first phase, to develop the portal primary event functions and all related users functions as described below. ========== Security Concern : 1) XSS Attack Prevention 2) RCE Attack Prevention 3) SQL Injection Protection : All sql related query must be strictly validate & sanitize before query 4) Form Upload : All form data must be validated before process; image/file upload must check 5) Login : - Validate if login from same browser, ip zone, not same send email verification code - Not fail more than 10 times, captch...

Hello, I hire you for the project we discussed in Django and python and XSS, SQLI inspection

i have currently an informative website () in both arabic/english. i want to re-innovate the design with a creative one and rebuild the website in laravel for both the website and CMS. it has to be responsive, compatible with most known browsers, secure against injections and attacks as (xss, xxe ,component with vulnerabilities). i should be able to modify all content with the cms. i should be able to add seo keywords, meta tags, tracking codes to the pages using the CMS (in both languages) i also need to add news, packages and payment pages. the developer has to be committed to the timeframe as delays are not acceptable

Hello, We looking for CodeIgniter Need expert for SQL Injection and XSS attacks Our site is in Code ignitor, You can review our code and lets know what is loophole that need to be fix list and you going to fix them all. Database security and Code security as we getting attack both side. Please write in details your expertise for this. will discuss more details on PM. Thanks!

Hello, We looking for CodeIgniter Need expert for SQL Injection and XSS attacks Our site is in Code ignitor, You can review our code and lets know what is loophole that need to be fix list and you going to fix them all. Database security and Code security as we getting attack both side. Please write in details your expertise for this. will discuss more details on PM. Thanks!

I need to correct the vulnerabilities on some pages of my website, so this web can be safe against XSS and SQL Injection attacks.

...Filters * Number of repeated clients - will show model a detailed history of interactions/payments/calls/call-attempts/with a particular member * Account activity overview * Social Media-like connectivity. Marketing & Promotional Features * SEO-friendly coding structure and URL * Social Sharing Bookmarks * Testimonials * blog * Newsletter 
 Security Features * Email Verification * SQL injection and XSS hacking-proof coding structure and database * CAPTCHA for all forms to avoid spam entries * Database indexing for fast page loading * Verify phone number, credit card and social networking sites * Verify Ownership * Verified status for users and members who have been verified. GSM feature. Geo location feature for users on the site and the app for user’s location. ...

...Experience Integrating with Third-Party APIs and develop restful API's Experience performance optimization of high-traffic sites Experience in committing patches for Drupal core or other contributed modules. Excellent knowledge of PHP, MYSQL experience Fluency with LAMP (Linux, Mysql, PHP) technology stack Able to use Git in a team working environment Knowledge of security best practices (e.g CSRF/XSS prevention) Drupal community contributions and involvement in open source communities Experience with Drupal theme development 3+ years experience developing with HTML5, CSS3, and JavaScript Strong JavaScript capabilities, especially jQuery Experience with content first/mobile-first responsive design principles Eager to learn, improve, develop and share Develop coder compliant ...