Ohio University
Ohio University
Log in Sign up

Early tech start-up seeking security & penetration testing

Closed
Borrow Me Baby
Borrow Me Baby
Vancouver, British Columbia, Canada
Kerry Campbell
Kerry Campbell
Co-Founder
(13)
3
Project
Academic experience
100 hours per learner
Learner
Anywhere
Intermediate level

Project scope

Categories
Website development Security (cybersecurity and IT security) Information technology Databases Networking
Skills
nmap penetration testing mobile application development nessus preparing executive summaries open web application security project (owasp) vulnerability research wordpress
Details

Borrow Me Baby has a new website that we'll be using as our MVP while we build our mobile application. As we are committed to protecting the data of our customers we are seeking students to conduct penetrations tests on our Wordpress website and plug-ins.

We would like a group of students to design and perform a pen test on our application, involving:

  1. Students become familiar with our business model, product and understand generally how it works.
  2. Students should spend time conducting research on state of the art pen testing technologies. They should look into common vulnerability lists such as OWASP Top 10, and common security tools such as Nmap, Burp Suitar, Nessus, and Wireshark.
  3. Students should have a written attack plan and present it to us so we can confirm we understand what the test will do and what might be uncovered.
  4. Students are free to attack our product as per the presented plan.
  5. Students submit a final report of any findings and recommendations
Deliverables

First, before testing begins, students should present a testing plan to our co-founders. This should include tools they will use, techniques for exploitation, what categorical vectors of attack will they go after, and any other information they feel like they need to present. This should be presented to us via a small slide deck or other means.

After testing is complete, the final deliverable should be a written report detailing how the test was conducted, what tests passed, what tests failed, recommendations for mitigation strategies, and any further notes from the testers. Other items to consider for a final report should be:

  • Executive summary detailing overview, timeline, key findings.
  • Findings categorized into vulnerability levels such as critical, high, medium, low.
  • Recap of tools used.
  • High detailed summaries of any findings and low detailed summaries of any tests conducted with no findings.
Mentorship

A walk through of the product, as well as lighter technical details of it will be provided to students before they begin testing.

Students will be able to ask questions at any point during the process.

About the company

Company
https://www.borrowmebaby.com
Vancouver, British Columbia, Canada
2 - 10 employees
Sales, Retail, Technology, Environment, Consumer goods & services

Borrow Me Baby is a parent-to-parent baby gear rental community.

Our mission is to create a sustainable online network that supports families by saving them time, money, and energy as they navigate the challenges of parenthood. We achieve this by connecting parents in local communities to lend and borrow baby items. Our platform handles communications and financial transactions securely and doubles as a community review site to help parents decide what’s best for them.

We’re motivated by our core values of accessibility, inclusion, and sustainability. To foster accessibility, BMB offers both web and mobile-friendly platforms. There are no barriers or fees to join. Borrowers can access high quality baby goods without the hefty price tag and long-term commitment, while families can recoup costs of their items when not in use e.g. between children.