I have 3+ years of experience in penetration testing including Web Application penetration testing; Mobile Application penetration testing; Desktop application penetration testing; Network penetration testing; Network Security, Cloud Security Audits and Penetration Testing, Thick Client App Security, Container Security, Security Configuration Review - Firewall, Switches, Router, OS and Server, etc. Follow systematic approach and best industry methodology like OWASP Testing Guide v4(OTGv4) ; SANS top 25; NIST SP 800-115; PCI DSS etc to perform penetration testing :
Web & Mobile Application Penetration Testing : Perform both manual and automated penetration testing for vulnerabilities like SQL injection, Cross-site scripting(XSS), Cross-site request Forgery(CSRF), Code injections, Authentication Bypass, Access Violation, Remote File inclusion(RFI),Local File Inclusion(LFI) etc.
Mobile Application Penetration Testing : Perform both static and dynamic penetration testing for vulnerabilities of Android & iOS applications.
Internal & External Network Penetration Testing: Provide Network Penetration Testing so that your Network Infrastructure is secured from the real attacks. Perform both manual and automated network penetration testing to identify network security threats in your network.
As a result of my previous engagements in penetration testing and bug hunting, I excel at:
- Performing professional penetration testing, vulnerability management, and consultation.
- Preventing unauthorized access, and evaluating potential security risks.
- Creating high-quality Management and Technical reports.
In addition to this, I have Offensive Security Certified Professional (OSCP), Information Security Certified Professional (ISCP), Cyber Security Foundation Professional Certificate (CSFPC) accomplishments in my account. I got an Appreciation Certificate from NCIIPC (Indian Government) for submitting a few security issues. I attended private bug bounty programs organized by CCTNS (Crime and Criminal Tracking Network and Systems - Indian Government), Bharti Airtel and Singapore Government..
I helped to secure some companies such as Dell, DigitalOcean, StatusPage, Caviar, Western Union, UnderArmour, Arlo Cash Rewards, Kenna Security, Pantheon, Mailgun, Seek, Skyscanner, Fitbit, Overstock and many more.