Ethical Hacker | Penetration Tester | Security Analyst
Ethical Hacker with a proven track record of success conducting VAPT (Vulnerability Assessment and Penetration Testing), Security Consultation, Malware Detection/Deletion, and various other security-related services such as OSINT (Open-Source Intelligence), Threat Modeling, and compliance audits following GDPR, PCI-DSS, and ISO 27001 standards.
** Key Services Offered **
- Dynamic Application Security Testing (Black hat testing with no knowledge of code)
- Static Application Security Testing (White hat testing with full knowledge of code)
- OWASP top 10 and SANS / CWE 25 compliance
- Manual testing in accordance with WSTG 4.2, OWASP code review guide, and MSTG standards.
- Automated scans using tools like Burp Suite Professional, Metasploit OWASP Zap, WpScan, and AppScan.
- Source code scanning using tools like CodeQL, VCG, and SonarQube
- WordPress security vulnerabilities, themes, and plugins check
- Network (External) Penetration Testing (Infrastructure Security Testing)
- Compliance checks including PCI DSS, NIST, GDPR, and ISO 27001
- Remediating security vulnerabilities including SQL injection, Cross-Site Scripting, CSV Injection, and vulnerabilities in CWE 25.
- Threat Modeling based on STRIDE, PASTA, ASF, and DREAD methodologies
- Configuring Malware and Intrusion Detection System.
** Proficient in testing following devices **
- Web and Mobile Applications (Windows, iOS, and Android)
- APIs, Infrastructure (Windows, Mac OS, and Linux)
- IoT devices including embedded devices