Myself a Licensed Penetration Tester, Ethical hacker, Security Analyst and Security researcher having 9+ years of rich experience in penetration testing with sound knowledge in remediation.
• A Licensed Penetration Tester certified LPT(Master) Professional with expert level penetration testing and black box hacking skills.
• Certified Security Analyst (ECSA) with Advanced Hacking skills.
• A Certified Ethical Hacker (CEH) professional with passion in Ethical hacking & penetration testing
• Knowledge on Network Vulnerability Assessment and Penetration Testing (VA/PT)
• Perform ethical hacks to assess the vulnerabilities of application, Internet and/or Intranet connected systems, networks, and applications including Windows, Linux operating systems
• Conducted manual web application penetration testing of web applications which included assessment of online banking and enterprise applications
• Proficient in exploiting application level vulnerabilities listed in OWASP top 10, OSSTMM and WASC standards including vulnerabilities like Injection, XSS, CSRF, Session hijacking, authentication bypass, weak cryptography, authentication flaws etc
• Skilled in using automated web application Dynamic security scanners such as Burp Suite, Accunetix, HP WebInspect or Fortify.
• Skilled in using conducting the Static security testing using the tool like Checkmarx.
• Skilled in implementing security testing frameworks such as OWTF (Offensive Web Application Testing Framework) and GBS Openvas.
• Experience in tools such as OWASP ZAP, Paros proxy for manual web application penetration tests and Tenable Nessus and Nmap tool for network vulnerability scanning / penetration testing
• Preparing the Comprehensive VAPT report and present on security vulnerabilities and remediations to stake holders
• Having good experience in Banking and Financial Services applications and payment.
• Having hands on experience in Threat Modelling using STRIDE model.
• Good working experience in conducting the PoCs and presenting to clients as part of Pre-Sales activity.
• Excellent in Secure-SDLC, SAST, DAST Test Plan, Test Estimation
Reviews For This Service