Scribd Logo
Upload

Welcome to Scribd!

  • Tota Sneha 3.0 Years

    Uploaded by

    Prajjwal Singh
    9 views2 pages
    This document contains the resume of Sneha Tota. It outlines her professional objective of working in cyber security, specifically web application security testing, vulnerability assessment, and penetration testing. It lists her technical skills and tools experience, which includes knowledge of OWASP vulnerabilities and Kali Linux. It details her work experience of 3 years in cyber security roles, current role at PwC, and past roles. It lists her responsibilities and projects, which involve web application vulnerability assessment and penetration testing. It provides her trainings and certifications in ethical hacking and cyber security.

    Original Description:

    lkjhdkjsflkjsfa

    Original Title

    Tota_Sneha_3.0_years

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document contains the resume of Sneha Tota. It outlines her professional objective of working in cyber security, specifically web application security testing, vulnerability assessment, and penetration testing. It lists her technical skills and tools experience, which includes knowledge of OWASP vulnerabilities and Kali Linux. It details her work experience of 3 years in cyber security roles, current role at PwC, and past roles. It lists her responsibilities and projects, which involve web application vulnerability assessment and penetration testing. It provides her trainings and certifications in ethical hacking and cyber security.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    9 views2 pages

    Tota Sneha 3.0 Years

    Uploaded by

    Prajjwal Singh
    This document contains the resume of Sneha Tota. It outlines her professional objective of working in cyber security, specifically web application security testing, vulnerability assessment, and penetration testing. It lists her technical skills and tools experience, which includes knowledge of OWASP vulnerabilities and Kali Linux. It details her work experience of 3 years in cyber security roles, current role at PwC, and past roles. It lists her responsibilities and projects, which involve web application vulnerability assessment and penetration testing. It provides her trainings and certifications in ethical hacking and cyber security.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    Sneha Tota Mobile: +918247744108

    k2-255 Tube colony Baridih Email: tsneha0506@gmail.com


    Jamshedpur (JH)

    Professional Objective:

    To work in the vast field of Cyber Security. Web application security testing, vulnerability assessment and
    penetration testing. I want a platform where continuous learning and growth is assured and the expectations out
    of my knowledge. Aspiring to have a good career path with my interest and ability to learn and deliver the results.

    Cyber Security & Technical Skills:

    ● Knowledge of OWASP Top 10 vulnerabilities.


    ● Knowledge of sans25/NIST vulnerabilities
    ● Worked on Vulnerability Assessment and Penetration Testing on web application, API as per DAST OWASP
    methodology.
    ● Hands on Experience on Network-PT
    ● Worked on Kali Linux
    ● Knowledge of programming language like PHP, JAVA, HTML
    ● Networking principals like OSI model, tcp/ip protocol, 3-way hanshake protocol, port scanning.
    ● Experience in Vulnerability assessment& Penetration Testing, Web Application Security Testing
    etc…,

    ● Experience in Burp Suite, SqlMap, metasploit, nessus, wpscan , nmap , zenmap , and many DAST
    methodology tools for Vulnerability assessment & Penetration Testing.

    Security auditing and testing tools:

    Nmap, Wireshark, Nikto, Sqlmap, Burp Suite, Acunetix, OWASP ZAP, Sqlmap, Dirbuster,WPscan,Maltego,google
    dorks,zenmap etc.

    Job experience:

    Total experience: 3.0 years

    ● Currently working with the "PWC" as an Associate security Consultant from January 2022.
    ● Worked with "Network Intelligence" as Cyber Security Analyst from February 2021 TO January 2022.
    ● Worked with "Purple Talk" as Trainee Security Analyst from December 2018 TO November 2020
    ● Internship at Byodbuzz Pvt ltd October 2017 as an Intern Security Analyst
    ● 3 years till present Working Experience with bugcrowd.com as an “Independent Security Researcher”.
    (October 2017 to till now.)

    Responsibilities:

    ● Web application VAPT


    ● Test case & checklist preparation
    ● DAST methodology
    ● Vulnerability Assessment
    ● BRD Review
    ● Vulnerability Management
    ● API security Testing
    ● Network Security
    ● Android Testing
    ● Report Preparation and Communicating with the client to fix those reported issues.
    Projects Undertaken:

    ● Private Client, is a digital platform offered by PwC which is India’s largest 5G Network provider for
    customer and businesses. Currently application functionality is offered as NMS (Network Management
    System) webapp.
    Activity Performed: BRD review, Web application Vulnerability assessment and penetration testing,
    Dynamic analysis, Network Pentesting.
    Skills Used: Manual, Burpsuite, nikto,OWASP ZAP,Nmap
    ● Private Client, is a digital platform offered by PwC which provides a wide range of Television, Home
    Appliances and Consumer Electronics. Currently, application functionality is offered as web app.
    Activity Performed: BRD review, Web application Vulnerability assessment and penetration testing,
    Dynamic analysis
    Skills Used: Manual, Burpsuite, nikto,OWASP ZAP
    ● Private Client by NII (Network Intelligence), is a digital banking platform that provides online banking
    services. Currently, application functionality is offered as web app.
    Activity Performed: BRD review, Web application Vulnerability assessment and penetration testing,
    Dynamic analysis
    Skills Used: Manual, Burpsuite, nikto,OWASP ZAP
    ● Private Client, is a digital platform offered by Purpletalk to enable users to access a variety of NFL and
    NBA cards such as auction and payments for buying those cards. Currently, application functionality is
    offered as web app.
    Activity Performed: BRD review, Web application Vulnerability assessment and penetration testing,
    Dynamic analysis
    Skills Used: Manual, Burpsuite, nikto,OWASP ZAP
    ● Private Client, is premium service for uploading podcasts for freelancing teachers , artists etc
    Activity Performed: Web app VAPT
    Skills Used:Manual ,Burpsuite,OWASPZAP,DirectoryBuster
    ● Government Client, is a web application which keep and maintain the data of all the Kendra and its digital
    procurement
    Activity Performed: Web & API VAPT
    Skills used: Burp suite, Manual
    ● Private Client, is an application for retailers for scanning QR codes for unit+shipper journeys
    Activity Performed: Web application VAPT
    Skills used: Burpsuite,OWASP ZAP, Manual,etc..
    ● Private Client is A web portal to store and maintain the data canada metropolitian railway details
    Activity Performed: Web application VAPT
    Skills used: Burpsuite,DirectoryBuster,Nikto ,nessus, Manual,etc...

    *Have worked more than 30 Web application Projects.

    Trainings/Certifications:

    ● Certified Ethical Hacker (C|EH), from EC-Council


    ● Certified Secure Computer User CSCU, from EC-Council
    ● Certified Cyber Security Expert Level 1.0, from Byodbuzz (Rajahmundry), one of the leading cyber
    security institutes in Andhra pradesh.

    I hereby declare that the information furnished above is true to the best of my knowledge.

    Tota Sneha

    You might also like