We have a custom made php / mysql application running on a hosted iis6.
We are looking for somebody who can stresstest / exploit test / vulnerability test our semi stage/semi production server.
At first stage you get the url, second stage a view-only user login, and on 3rd stage a read/write login. We might add a 4rd stage with the full admin credentials.
First I'd like you to be in stealth mode, to eventually go over into more and more brutal 'attack' mode. You will have to keep in contact through instant messenger to clearly describe when you test which kind of stage/mode you are currently testing.
Test it, but don't break it if possible.
Clearly describe in a PM what your expertise + strong/weak points are. Nobody is perfect.