Tech Secure and protect your website against hackers !!! - GoFuckYourself.com

Nick Tosser · 06-10-2015, 10:53 AM

I suggest you to secure a maximum your adult or mainstream websites and for that a security audit and an intrusion application is required !

Scan + application security intrusion testing on service provision contract only.

-> Full Pentest web + Server audit => $3,223

Working time: 2 weeks (10 days)

Payment deadline:

1. 50% of total prior to starting work
2. 30% after the submission of reports
3. 20% after a new test

Validity of price for 30 days after signing the contract.

Objective

A successfully delivered Service will address the following issues:

Identify existing vulnerabilities at application, system and network level.

Arrange identified vulnerabilities based on their severity rating.

Provide recommendations on related risks mitigation.

Methodology:

Resource audit carried out by "BlackBox" and included the following:

∙ Passive information collection;

∙ Defining the Web environment;

∙ Platform Identification;

∙ Determine the type of CMS;

∙ Port scanning;

∙ Collection of banners / search public exploits; ∙ Automatic scanning; ∙ Data analysis; ∙ Load test; ∙ Manual analysis in passive mode; ∙ Information analysis; ∙ Analysis of the attack vectors; ∙ Acknowledgement attack vectors; ∙ Reporting.

Actions :

∙ Vulnerability Scan server components; ∙ Search for vulnerabilities in web server environment; ∙ Check on the remote execution of arbitrary code; ∙ Overflow (buffer etc.); ∙ Check for code injection; ∙ Attempts to circumvent the authentication web resource; ∙ Check the web resource for the presence of XSS / CSRF vulnerabilities; ∙ Attempts to intercept privileged accounts (or the accounts of the session); ∙ Attempts to Remote File Inclusion / Local File Inclusion; ∙ Check components with known vulnerabilities; ∙ Check for redirection to other sites and open redirects; ∙ Scan directories and files, using brute force and «google hack»; ∙ Analysis of the search forms, registration forms, login forms, etc .; ∙ Checks the resource open to the possibility of obtaining confidential and sensitive information.

∙ Race condition;

∙ Bruteforce.

Network:

· Probe (or surveillance). Data gathering.

· Denial of service. This is really the consequence of an attack.

· R2L (remote to local), i.e., unauthorized access from a remote machine.

· U2R (user to root), i.e., unauthorized transition to root for an unprivileged user, privilege escalation.

· Data. This is meant to represent attacks whose goal is to obtain and extract (“exfiltrate”) confidential files from a system.

Web:

· A1 Injection ;

· A2 Broken Authentication and Session Management;

· A3 Cross-Site Scripting (XSS);

· A4 Insecure Direct Object References;

· A5 Security Misconfiguration ;

· A6 Sensitive Data Exposure ;

· A7 Missing Function Level Access Control ;

· A8 Cross-Site Request Forgery (CSRF);

· A9 Using Components with Known Vulnerabilities;

· A10 Invalidated Redirects and Forwards.

THE REPORT MUST BE CONTAIN THE IDENTIFIED VULNERABILITIES, DISTRIBUTED BY LEVEL OF CRITICALITY AND FEASIBILITY AND RECOMMENDATIONS, COMPLIANCE INFORMATION SECURITY.

Any intrusion test will only be made after signing a service contract duly signed by both parties and for management reasons the settlement will be made only via PayPal.
I remain at your disposal for any additional information on:
Skype => mtg-multimedia
mail: prestaseo519[at]gmail[dot]com

MiamiBoyz · 06-10-2015, 02:33 PM

Nick Tosser · 06-11-2015, 01:21 AM

Thursday Bump !

freecartoonporn · 06-11-2015, 10:40 AM

are you serious ?

thats expensive

CPA-Rush · 06-11-2015, 10:54 AM

this need a team of security pentesters ....

Harmon · 06-11-2015, 10:57 AM

I'll tell you what? You give me your domain, and I will have fun seeing as how good of a security expert you are.

$5,000. If I can not pull any secure information off of your servers? I'll pay you double what you are asking.

Deal?

SilentKnight · 06-11-2015, 07:24 PM

Nick Tosser · 06-13-2015, 12:29 AM

Quote:

Originally Posted by freecartoonporn

are you serious ? thats expensive

If we deal together i can make for you a small discount sure !

Quote:

Originally Posted by CPA-Rush

this need a team of security pentesters ....

Team i've man, two very competent people working for me don't worry !

Quote:

Originally Posted by Harmon

I'll tell you what? You give me your domain, and I will have fun seeing as how good of a security expert you are.

$5,000. If I can not pull any secure information off of your servers? I'll pay you double what you are asking.

Deal?

Don't get u man ?

Ferus · 06-13-2015, 06:39 AM

What a load of bullshit

Never *not even once* do business with these kind of people, unless they provide you up-front detailed info of how the test will be run

and NEVER use a Company that isent ISO certified

Nick Tosser · 06-14-2015, 03:18 AM

Quote:

Originally Posted by Ferus

What a load of bullshit

Never *not even once* do business with these kind of people, unless they provide you up-front detailed info of how the test will be run

and NEVER use a Company that isent ISO certified

Can you read my post first please, all related events are detailed in my post and everything is serious and directed by a professional.

Ferus · 06-14-2015, 03:48 AM

Quote:

Originally Posted by Nick Tosser

Can you read my post first please, all related events are detailed in my post and everything is serious and directed by a professional.

If you call that details, you dont know what you are talking about.... Still cant see any ISO cert.

Barry-xlovecam · 06-14-2015, 05:51 AM

What is your motto "a name you can trust"?

Urban Dictionary: A - Tosser

SilentKnight · 06-14-2015, 09:39 AM

Quote:

Originally Posted by Nick Tosser

THE REPORT MUST BE CONTAIN THE IDENTIFIED VULNERABILITIES, DISTRIBUTED BY LEVEL OF CRITICALITY AND FEASIBILITY AND RECOMMENDATIONS, COMPLIANCE INFORMATION SECURITY.

"The report must be contain the..." (huh?)

Quote:

Originally Posted by Nick Tosser

Team i've man, two very competent people working for me don't worry !

Is this the level of communication customers can expect?

You can't proofread or even form a simple sentence. How diligent is your security and protection services?

Nick Tosser · 06-16-2015, 02:42 AM

Don't forget no scamming:

Payment deadline:

1. 50% of total prior to starting work
2. 30% after the submission of reports
3. 20% after a new test

Ferus · 06-17-2015, 02:17 PM

Quote:

Originally Posted by Nick Tosser

Don't forget no scamming:

Payment deadline:

1. 50% of total prior to starting work
2. 30% after the submission of reports
3. 20% after a new test

For that Price (or less) I can have Forte do the exact same.... ZERO upfront payment

Nick Tosser · 06-18-2015, 02:24 AM

Enjoy a Discount Offer now 15%
-> Full Pentest web + Server audit => $2739

Nick Tosser · 06-19-2015, 02:11 AM

Friday Bump !!!

06-10-2015, 10:53 AM	#1
Nick Tosser Confirmed User Industry Role: Join Date: Jun 2008 Location: Worldwide Posts: 168	Secure and protect your website against hackers !!! I suggest you to secure a maximum your adult or mainstream websites and for that a security audit and an intrusion application is required ! Scan + application security intrusion testing on service provision contract only. -> Full Pentest web + Server audit => $3,223 Working time: 2 weeks (10 days) Payment deadline: 1. 50% of total prior to starting work 2. 30% after the submission of reports 3. 20% after a new test Validity of price for 30 days after signing the contract. Objective A successfully delivered Service will address the following issues: Identify existing vulnerabilities at application, system and network level. Arrange identified vulnerabilities based on their severity rating. Provide recommendations on related risks mitigation. Methodology: Resource audit carried out by "BlackBox" and included the following: ∙ Passive information collection; ∙ Defining the Web environment; ∙ Platform Identification; ∙ Determine the type of CMS; ∙ Port scanning; ∙ Collection of banners / search public exploits; ∙ Automatic scanning; ∙ Data analysis; ∙ Load test; ∙ Manual analysis in passive mode; ∙ Information analysis; ∙ Analysis of the attack vectors; ∙ Acknowledgement attack vectors; ∙ Reporting. Actions : ∙ Vulnerability Scan server components; ∙ Search for vulnerabilities in web server environment; ∙ Check on the remote execution of arbitrary code; ∙ Overflow (buffer etc.); ∙ Check for code injection; ∙ Attempts to circumvent the authentication web resource; ∙ Check the web resource for the presence of XSS / CSRF vulnerabilities; ∙ Attempts to intercept privileged accounts (or the accounts of the session); ∙ Attempts to Remote File Inclusion / Local File Inclusion; ∙ Check components with known vulnerabilities; ∙ Check for redirection to other sites and open redirects; ∙ Scan directories and files, using brute force and «google hack»; ∙ Analysis of the search forms, registration forms, login forms, etc .; ∙ Checks the resource open to the possibility of obtaining confidential and sensitive information. ∙ Race condition; ∙ Bruteforce. Network: · Probe (or surveillance). Data gathering. · Denial of service. This is really the consequence of an attack. · R2L (remote to local), i.e., unauthorized access from a remote machine. · U2R (user to root), i.e., unauthorized transition to root for an unprivileged user, privilege escalation. · Data. This is meant to represent attacks whose goal is to obtain and extract (“exfiltrate”) confidential files from a system. Web: · A1 Injection ; · A2 Broken Authentication and Session Management; · A3 Cross-Site Scripting (XSS); · A4 Insecure Direct Object References; · A5 Security Misconfiguration ; · A6 Sensitive Data Exposure ; · A7 Missing Function Level Access Control ; · A8 Cross-Site Request Forgery (CSRF); · A9 Using Components with Known Vulnerabilities; · A10 Invalidated Redirects and Forwards. THE REPORT MUST BE CONTAIN THE IDENTIFIED VULNERABILITIES, DISTRIBUTED BY LEVEL OF CRITICALITY AND FEASIBILITY AND RECOMMENDATIONS, COMPLIANCE INFORMATION SECURITY. Any intrusion test will only be made after signing a service contract duly signed by both parties and for management reasons the settlement will be made only via PayPal. I remain at your disposal for any additional information on: Skype => mtg-multimedia mail: prestaseo519[at]gmail[dot]com __________________ “We waste time looking for the perfect lover, instead of creating the perfect love.” ― Tom Robbins

06-11-2015, 01:21 AM	#3
Nick Tosser Confirmed User Industry Role: Join Date: Jun 2008 Location: Worldwide Posts: 168	Thursday Bump ! __________________ “We waste time looking for the perfect lover, instead of creating the perfect love.” ― Tom Robbins

06-11-2015, 10:40 AM	#4
freecartoonporn Confirmed User Industry Role: Join Date: Jan 2012 Location: NC Posts: 7,683	are you serious ? thats expensive __________________ SSD Cloud Server, VPS Server, Simple Cloud Hosting \| DigitalOcean

06-11-2015, 10:54 AM	#5
CPA-Rush small trip to underworld Industry Role: Join Date: Mar 2012 Location: first gen intel 80386/nintendo-gb/arcade/ps1/internet person Posts: 4,927	this need a team of security pentesters .... __________________ automatic exchange - paxum , bitcoin,pm, payza . daizzzy signbucks caution will black-hat black-hat your traffic ignored forever :zuzana designs {firefox- remove some posters \|skills#1\|skills#2\| email >[email protected] } ツ

06-16-2015, 02:42 AM	#14
Nick Tosser Confirmed User Industry Role: Join Date: Jun 2008 Location: Worldwide Posts: 168	Don't forget no scamming: Payment deadline: 1. 50% of total prior to starting work 2. 30% after the submission of reports 3. 20% after a new test __________________ “We waste time looking for the perfect lover, instead of creating the perfect love.” ― Tom Robbins

06-10-2015, 02:33 PM	#2
MiamiBoyz fgfdftre6 Industry Role: Join Date: Oct 2012 Location: In the closet with your dad! Posts: 6,690

06-11-2015, 10:57 AM	#6
Harmon ( ͡ʘ╭͜ʖ╮͡ʘ) Industry Role: Join Date: Mar 2004 Posts: 20,000	I'll tell you what? You give me your domain, and I will have fun seeing as how good of a security expert you are. $5,000. If I can not pull any secure information off of your servers? I'll pay you double what you are asking. Deal?

06-11-2015, 07:24 PM	#7
SilentKnight Megan Fox's fluffer Industry Role: Join Date: Oct 2005 Location: shooting pool in Elysium Posts: 24,818

06-13-2015, 06:39 AM	#9
Ferus Bye - Left to do stuff Industry Role: Join Date: Feb 2013 Posts: 4,109	What a load of bullshit Never not even once do business with these kind of people, unless they provide you up-front detailed info of how the test will be run and NEVER use a Company that isent ISO certified

06-14-2015, 05:51 AM	#12
Barry-xlovecam It's 42 Industry Role: Join Date: Jun 2010 Location: Global Posts: 18,083	What is your motto "a name you can trust"? Urban Dictionary: A - Tosser

06-18-2015, 02:24 AM	#16
Nick Tosser Confirmed User Industry Role: Join Date: Jun 2008 Location: Worldwide Posts: 168	Enjoy a Discount Offer now 15% -> Full Pentest web + Server audit => $2739 __________________ “We waste time looking for the perfect lover, instead of creating the perfect love.” ― Tom Robbins

06-19-2015, 02:11 AM	#17
Nick Tosser Confirmed User Industry Role: Join Date: Jun 2008 Location: Worldwide Posts: 168	Friday Bump !!! __________________ “We waste time looking for the perfect lover, instead of creating the perfect love.” ― Tom Robbins