Security/Penetration Testing for Web App + Mobile App

Have 5+ years of experience in both black box and white box testing penetration testing. Perform VAPT(Vulnerability and penetration testing) services like Web-Application penetration testing; System Application penetration testing; Mobile application penetration testing; Network application penetration testing; social engineering penetration testing etc. Conduct penetration testing in a systematic approach. Follow the standard methodology of the industry like OWASP Testing Guide v4(OTGv4) ; SANS top 25; NIST SP 800-115; PCI DSS to perform penetration testing so that client can concentrate on their professions without worrying about security threats. Web Application Testing: Do web application penetration testing with the latest methodology like OWASP Top-10, SANS Top-25. Perform both manual and automated penetration testing for vulnerabilities like Injection flaws(such as SQL, NoSQL, OS, and LDAP injection etc),Broken Authentication, Sensitive Data Exposure,XML External Entities (XXE), Broken Access Control,Security Misconfiguration, Cross-site scripting(XSS), Insecure Deserialization, Using Components with Known Vulnerabilities,Insufficient Logging & Monitoring. Also perform source code reviews for many technologies like java, .NET, PHP etc. Approach for Manual Web-Application Penetration Testing: Conduct manual testing with following controls: * Configuration and Deployment Management Testing * Identity Management Testing * Authentication Testing * Authorization Testing * Session Management Testing * Input Validation Testing * Testing for Error Handling * Testing for weak Cryptography * Business Logic Testing * Client Side Testing Tools that use for Automated Web Penetration Testing: Acunetix, Burp-Suite, Netsparker, Nexpose, Nikto, IBM Appscan, HP fortify, W3af etc. Network penetration testing:Provide Network Penetration Testing so that your Network Infrastructure is secured from the real world attacks. Do both manual and automated network penetration testing. Approach for Manual Network Penetration Testing: Manually check for IDS/IPS, Server, Networks switch, Network Router, VPN, Firewalls, Anti-virus,Password etc. Tools that use for automated network penetration testing: OpenVas, Wireshark, Nessus, Metasploit, Armitage, Scapy etc.

Hello Sir , I am a cyber security specialist and a full stack web developer with extensive knowledge in python . I can be the penetration tester you are looking for . It's a perfect fit for my skills . I am not a company , i work independently , I have done testing on 17 clients including banks , high level investment platforms ,Also currenly working as a senior penetration tester on TICS-Tech Ltd . Sir penetration testing is a secretive task. The report is only for the client and client eyes only . If you looking for a real penetration testing report , Than the client will be vulnerable . I am sorry that i can't help you with the report. Timelines depend on the tests you are looking for . It needs to be discussed before actually offering a professional penetration test . I hope we can work together. Thank you

hi we are professional testing company we do testing on selenium, jmeter on webs and mobile platforms. we have been serving global customer on cutting edge technologies. i am keen to share some fo the recent work we have done., please connect for further discussion. regards, Puneet

I work for a Banking MNC and I am responsible for performing application security testing for all its applications. This will be my first freelancing project if you decide to give me a chance to help you in identifying vulnerabilities. I have more than 7+ years of experience in application security testing. When I say 7+, it is completely in application security domain. Currently I don't have a report which I can share it with you as a sample. But, you can expect a professional report with Proof of concept and high level remediation support. Looking forward to hear from you. Thanks & Regards, Saravana

I am working in Infosec and found vulnerabilities in IT companies and banks. Please reach out to me for more info,