I possess expertise in several areas of cybersecurity, including Web-App security, Mobile App security, API security, Network security, vulnerability assessment, and penetration testing. My proficiency with tools such as Burp Suite, Nessus, Nmap, Postman, and Drozer, and other open-source tools are extensive. For detecting vulnerabilities in Web and Mobile applications, I mostly rely on Parrot Security OS and open-source tools like Nuclei, amass, sqlmap and some self-made tools like initial.sh.
As a security researcher, I have identified various vulnerabilities, including account takeover, SQL injections, Broken Access Control (e.g. IDOR), and a series of vulnerabilities that may result in account takeover. LFI, RFI, CSRF, and XSS are some of my favourite vulnerabilities to explore. My work centre around addressing OWASP Top 10, SANS 25 standards.
Provides a complete Penetration Test against the web application in order to ensure its safety.
Provides Android Application Penetration Testing in order to make the Android app secure.
Provides iOS Application Penetration Testing in order to make the iOS app secure.
Provides Cloud Penetration Testing/Security Review in order to make the Infrastructure secure.
Provides Source Code Review in order to Secure source code of the application.