Dhananjay Mannur
Kanakapur
Summary
Seeking a challenging position as a Cyber Security Tester that promotes learning and growth and needs a highly motivated and skilled employee.
Experienced VAPT pentester with more than 4.4 years of experience in API, web applications, mobile, and Networking application testing. Proficient in identifying and exploiting security vulnerabilities to improve the overall security posture of clients.
Overview
4
4
years of professional experience
1
1
Certification
Work History
Cybersecurity Analyst
Stanvac Systems Pvt Ltd
Hyderabad
03.2020 - 06.2024
- Web Application and API Vulnerability assessment and penetration testing: Conducted OWASP Top Ten based vulnerability assessments And penetration testing
- Red teaming and offensive security.
- Performed security assessment of web application for BSFI, E commerce, Travel industry to identify various vulnerabilities like XSS, CSRF, SQLi, business logic flaws etc
- Conducted application retests, follow ups and ensured the closure of the identified vulnerabilities
- Executed end-to-end assessment projects, which include scope and timeline discussions, status and update calls, and ensuring timely delivery of the project.
- Performed REST and SOAP-based APIs using the OWASP API Top 10 methodology, using Postman, Swagger, and SOAP UI tools.
- Performed automated web application scans as a quarterly activity for multiple clients using various tools like Acunetix, Netsparker, Qualys, and Burp Suite.
- Performed technical review of draft/final report of Various web applications
- Mobile Application Vulnerability assessment and Networking penetration testing: Conducted Static and Dynamic Testing of Android applications on emulator or rooted device
- Performed reverse engineering of the application to manipulate the application logic and injecting backdoor into the application
- Conducted application retests, follow ups and ensured the closure of the identified vulnerabilities
- Bypassing the root detection and SSL pinning checks using various tools like root-clock, client side code tampering, objection or frida (for runtime manipulation of the application)
- Performed automated scan using opensource tools like mobsf And vulnerability scanner
- Performed a security assessment of Android applications such as voting, e-commerce, dashboards, travel, etc.
- To identify various vulnerabilities, such as hardcoding issues, SQL injection, business logic flaws, insecure data storage, etc.
- Analysis of Cryptography standards Encryption, Hashing, Digital Certificate for all the application and suggestion the best standards Based of the purpose of the application
- IDS/IPS Firewalls, OSI, and TCP/IP Networking.
Education
B.Com -
CMJ University
08.2013
Skills
- Burpsuite
- Kali Linux
- Wpscan
- Nmap
- Nessus
- Nikto
- Metasploit
- Wireshark
- Zap
- Jadx-Gui
- Objection
- Firda
- Android studio
- Mobsf
- Apktool
- Genymotion
- Postman
- Searchsploite
- ExploitDB
- Dirbuster
- Fuff
- SIEM tools
- Endpoint protection
Certification
Certified Ethical Hacker (CEH)
Languages
- Kannada
- English
- Hindi
Personal Information
- Date of Birth: 09/09/87
- Nationality: INDIAN
Disclaimer
I hereby declare that the information given above is true to the best of my knowledge.
Timeline
Cybersecurity Analyst
Stanvac Systems Pvt Ltd
03.2020 - 06.2024
B.Com -
CMJ University
Similar Profiles
Venkatesh KVenkatesh K
RPA Developer at SZ S/W Solutions Pvt LtdRPA Developer at SZ S/W Solutions Pvt Ltd
Francis ThomasFrancis Thomas
Design Engineer at STANVAC SYSTEMSDesign Engineer at STANVAC SYSTEMS
Chandan DattaChandan Datta
Assistant General Manager at Stanvac Chemicals India LtdAssistant General Manager at Stanvac Chemicals India Ltd
James BlueJames Blue
Cybersecurity Analyst (SOC I) Apprentice, Cybersecurity Analyst (SOC I), SOC at Talent Solutions, IncCybersecurity Analyst (SOC I) Apprentice, Cybersecurity Analyst (SOC I), SOC at Talent Solutions, Inc
Austen RussAusten Russ
Cybersecurity Analyst at U.S. ArmyCybersecurity Analyst at U.S. Army