Greets!

I am a Penetration Tester with significant and well-diversified experience in multiple Pentesting domains including Web Application Pentesting, Network Pentesting, Mobile Application Pentesting, Source Code Review and RedTeaming.

I've had the privilege of auditing and hardening the security of a number of industry-leading organizations, the scope of work including Enterprise IT networks, Web/Mobile applications, AWS infrastructure, and APIs.

---- Service Description

1. Manual and Automated Web Application Penetration Testing based on OWASP TOP 10
2. Network Penetration Testing
3. Vulnerability Assessment
4. Source Code Review
5. Mobile Applications Penetration Testing

My core competency lies in performing black and gray box testing, on live web applications and networks or in lab environments as well as Mobile Based Applications. I am familiar with all common attack vectors and mitigation techniques, as well as finding known to public exploits known as 1days. Even though most of my work is confidential I can share stripped down vulnerability assessment samples if required to do so.

---- Tools I work best with

a). WebSec Tools: BurpSuite Professional, sqlmap, Sublist3r, nmap, Nikto2, Wapiti, wpscan.
b). NetSec Tools: Metasploit, Empire, PowerShell, tcpdump, MITMF, ettercap-ng, OpenVAS.
c). Technologies & OS: Kali Linux, WordPress, Darknet, TOR, Wayback Machine, Shodan, numerous github scripts.

@l3s7r0z