Blessen is a dedicated Information Security Consultant ,Independent Researcher,Cyber Security Enthusiast, International Conference Speaker & Trainer,Blogger,Bounty Hunter ,Synack Red Team Researcher whose qualifications include an Engineering Degree in Information Technology; OSCP ,CEH ,CHFI designations; and detailed knowledge of security tools, technologies and best practices. More than 4 years of experience in the creation and deployment of solutions protecting networks, systems and information assets for diverse companies and organizations.with core expertise in penetration testing web, mobile , internal & external network infrastructure,Cloud pen-test Performed a wide variety of penetration testing engagements in various sectors like Oil&natural gas , defense ,Pharmaceutical , Health sector ,Education etc. Performed penetration testing for a large number of banks under RBI and CERT-In directive. Participated in lot of bug bounty programs and been awarded and listed in Hall of Fame for responsible disclosure of vulnerabilities to vendors and CERT and executed freelance projects. Published advisories in exploit databases for independent research for vulnerabilities in security products. Delivered ethical hacking training's to students & corporate employees. Areas of Expertise : Expertise in Blackbox,Greybox,Whitebox manual testing approach for : Infrastructure (External&Internal), Application Penetration Testing (Thick and Thin client) ,Web Services Vulnerability Assessment Cloud penetration testing, Configuration reviews Mobile & Network forensics Hands-on experience with tools Application Security : OWASP ZAP,Burp Proxy,Fiddler , Firefox add-ons etc. Exploitation frameworks : Kali Linux ,Metasploit ,BeEf framework Vulnerability assessment : Nessus , Openvas , Nmap Commercial scanners : IBM AppScan ,Nexpose , HP WebInspect , Acunetix WVS and lot of open source tools. Android security : Drozer , Customized distro for android pen-test iOS : Introspy ,inalyzer and open source tools. Practical experience with frameworks such as OWASP,WASC,SANS,OSSTMM