Professional Documents
Culture Documents
TECHNICAL SUMMARY
3.2 years strong experience in both manual and automated security testing on web
applications.
Also have 3 Years experience in network vulnerability testing and remediation.
Penetration testing knowledge on both web and infrastructural assessment.
Strong knowledge and experience in testing web application vulnerabilities as per the
industry best practices such as OWASP TOP 10 and SANS TOP 25.
Knowledge on finding critical vulnerabilities such as session management and
business logic flaws, flatform specific vulnerabilities and etc.,
Hands on experience on working with tools such as Nessus, Nmap, Metasploit, Burp
suite Pro, IBM Appscan, HP web inspect and Kali Linux tools.
EDUCATIONAL QUALIFICATION
DOMAIN SKILLS
1
EMPLOYMENT DETAILS
Identify high risk applications from customer portfolio taking into consideration their
requirements for security assessments.
Perform and conduct proof of concept for the vulnerabilities identified during the tests.
Providing recommendations and ensuring that appropriate corrective actions have been
taken by Technical Team for closure.
Experience in identifying network Vulnerabilities using Tenable Nessus tool and reporting the
vulnerabilities with remediation.
As part of the project worked on both manual and automated testing by using the tools like
Burp suite and IBM Appscan.
Once all the false positives eliminated will share the consolidated report with stakeholders.
Once client has remediated issues will re-verify the issues by manually and share to client.
Performing information security risk assessments of various products, process and
technologies across the business unit and identify potential risks.
Identification of Application Vulnerability and finding weakness in the Applications.
Created a checklist & Process documents based organizational requirements for infra and
applications.
Preparation of weekly reports, monthly reports, dashboards, process documents.
Develop Checklist for Test case and Test Scenario.
Defect review and classification with assignment of severity.
Internal and External Vulnerability identification and POC creation.
Test cases design and execution.
SIGNIFICANT ACHIEVEMENTS
CURRENTLY RESEARCHING
Preparing for the web application security expert certification from EC-Council.
Learning bug bounty programs and penetration testing concepts.
2
WEB APPLICATION VAPT TOOLS
Hands on experience on web application security testing with tools such as Burp Suite
pro, SQL Map, Nikto, Dirb, HTTP live, Nmap, Other Kali Linux tools.
Hands on experience in manual web app & network vulnerability testing tools,
automated tools like Metasploit, Nmap, Kali Linux tools. Etc.
Hands on experience on working with tools such as Nessus, Nmap, Metasploit Pro, Burp
suite.
PERSONAL DETAILS
DECLARATION
I hereby declare that the information given above is true to best of my knowledge and belief
and I bear responsibility for the correctness of the above-mentioned particulars.