Abhinav Mishra

● Performed Penetration testing on various Web Application, API, Network, Android and Thick client Application.

● Led a security assessment project for one of the leading IT management tools and was able to find high level vulnerabilities.

● Performed Penetration testing for world's leading investment banking firm application's and uncovered many critical and high vulnerabilities related privilege, injection, and business logic.

● Performed Penetration testing for Airport application's and was able to found vulnerabilities related to Injection, authentication and account take over.

● Performed Penetration testing for Middle East based EdTech organization applications and found many high and critical vulnerabilities related injection and business logic.

● Performed Penetration testing for India's leading IT company and uncovered may high vulnerabilities related to business logic, sessions and injection.

● Performed source code review using automated tools to find the flaws overlooked in the initial phases of development.

● Hands - on experience in reviewing and defining requirements for information security solutions and mitigation techniques. Performed vulnerability assessment, Patch management and penetration testing using various tools like Metasploit, Burp Suite, DirBuster, OWASP ZAP proxy, NMAP, Nessus, SQL Map, Nets sparker, Kali Linux, Wire shark, fiddler.

● Conducted manual and automated security testing for web, mobile, api, thick client and network applications based on OWASP and CWE/SANS standards.

● Working Knowledge in Windows and Linux (Kali Linux) operating system configuration and utilities.

● Performed both internal and external Network penetration testing based on the client's specifications.

● Done analysis of the results from penetration test to identify the risks that need to be taken care of immediately.

● Performed Penetration testing on various Web Application, API, Network, Android and Thick client Application.

● Led a security assessment project for one of the leading IT management tools and was able to find high level vulnerabilities.

● Performed Penetration testing for world's leading investment banking firm application's and uncovered many critical and high vulnerabilities related privilege, injection, and business logic.

● Performed Penetration testing for Airport application's and was able to found vulnerabilities related to Injection, authentication and account take over.

● Performed Penetration testing for Middle East based EdTech organization applications and found many high and critical vulnerabilities related injection and business logic.

● Performed Penetration testing for India's leading IT company and uncovered may high vulnerabilities related to business logic, sessions and injection.

● Performed source code review using automated tools to find the flaws overlooked in the initial phases of development.

● Hands - on experience in reviewing and defining requirements for information security solutions and mitigation techniques. Performed vulnerability assessment, Patch management and penetration testing using various tools like Metasploit, Burp Suite, DirBuster, OWASP ZAP proxy, NMAP, Nessus, SQL Map, Nets sparker, Kali Linux, Wire shark, fiddler.

● Conducted manual and automated security testing for web, mobile, api, thick client and network applications based on OWASP and CWE/SANS standards.

● Working Knowledge in Windows and Linux (Kali Linux) operating system configuration and utilities.

● Performed both internal and external Network penetration testing based on the client's specifications.

● Done analysis of the results from penetration test to identify the risks that need to be taken care of immediately.

● Performed Penetration testing on various Web Application, API, Network, Android and Thick client Application

● Lead a Security assessment project for one of the leading IT management tool product and was able to find high vulnerabilities.

● Performed Penetration testing for world's leading investment banking firm application's and uncovered many critical and high vulnerabilities related privilege, injection, and business logic

● Performed Penetration testing for Airport application's and was able to found vulnerabilities related to Injection, authentication and account take over

● Performed Penetration testing for Middle East based EdTech organization applications and found many high and critical vulnerabilities related injection and business logic

● Performed Penetration testing for India's leading IT company and uncovered may high vulnerabilities related to business logic, sessions and injection

● Performed source code review using automated tools to find the flaws overlooked in the initial phases of development

● Hands - on experience in reviewing and defining requirements for information security solutions and mitigation techniques

● Performed vulnerability assessment, Patch management and penetration testing using various tools like Metasploit, Burp

● Suite, DirBuster, OWASP ZAP proxy, NMAP, Nessus, SQL Map, Nets sparker, Kali Linux, Wire shark, fiddler

● Conducted manual and automated security testing for web, mobile, api, thick client and network applications based on

● OWASP and CWE/SANS standards

● Working Knowledge in Windows and Linux (Kali Linux) operating system configuration and utilities

● Performed both internal and external Network penetration testing based on the client's specifications

● Done analysis of the results from penetration test to identify the risks that need to be taken care of immediately

● Generated and presented reports on Security Vulnerabilities to external customers.

● Performed manual Penetration Testing on critical client Web Application, Android Application , Thick Client application, API and Network , found many high vulnerabilities related to privilege escalation, session management authentication, authorization, injection and business logic.

● Uncovered high vulnerabilities at the infrastructure level for internet facing websites.

● Update with the new hacking and latest vulnerabilities to ensure no such loopholes are present in the existing system by performing Vulnerability assessment and pen testing for our clients

● Performed source code review using automated tools to find the flaws overlooked in the initial phases of development

● Experience in using Kali Linux to Penetration testing

● Used Network scanning using tools like Acunetix and Nessus

● Providing details of the issues identified and the remediation plan to the stake holders

● Communicating and coordinating day-to- day project activities within the project team and assure that priorities are developed and known

● Create Vulnerability Assessment report detailing exposures that were identified, rate the severity of the system, and suggestions to mitigate any exposures and testing known vulnerabilities.