Melbourne Penetration Tester

We are wanting to expand the Penetration testing team in Melbourne

Project X  - a premium technical services business, Melbourne CBD based specialising in Penetration testing and IT Security services across the sector, 

The Project X IT team is passionate about forming honest, transparent and professional relationships with our clients. It’s generally a great place to work and our customers love us.  

Our team provide the absolute best services and technical ability in market and our  employees pride themselves in thinking outside the box. 

We are keen to speak with Engineers who have experience within the penetration testing space. The role will involve internal and external penetration testing, web application penetration testing and mobile application penetration testing (iOS and Android) and social engineering. 

  • Network, web application and mobile application penetration testing 

  • Conducting end-to-end security testing with clients, 

  • Documentation and report writing 

  • Ability to explain findings to non-technical professionals 

  • Outstanding organisational and data analytics skills 

  • Cyber-security certifications 

  •  A degree in computer security, computer science or equivalent 

  • Recognised security testing certifications (GIAC, CEH) 

  • Penetration testing experience of systems, web-based applications and networks. 

  • Solid knowledge and experience of using a variety of penetration testing or threat modelling tools including open source and commercial mapping 

 

For more information please email info@projectxit.com.au 

Penetraton tester Melbourne role.jpg
Leon Rogers
AxxonSoft Axxon Next – AxxonSoft Client Directory Traversal via an initial /css//..%2f substring in a URI. CVE-2018-7467

Project X Lead Penetration tester Anthony Cicalla has discovered the listed vulnerability with AxxonSoft Client Directory Traversal.

AxxonSoft Axxon Next – AxxonSoft Client Directory Traversal via an initial /css//..%2f substring in a URI. CVE-2018-7467

[Vulnerability Type]

Directory Traversal via an initial /css//..%2f substring in a URI

[Vendor of Product]

AxxonSoft Client

[Affected Product Code Base]

Axxon Next

[Affected Component]

AxxonSoft Client Web Application's Source Code

[Attack Type]

Remote

[Impact Information Disclosure]

true

[Attack Vectors]

It is a Directory Traversal 

 /css//..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows\System32\drivers\etc\hosts

 

Leon Rogers