Programming Languages/ Technologies
§ Python
§ Bash
§ Php
§ HTML
§ C\C++
§ Technical Documentation/Penetration Testing Reports/Proposals
RDBMS
§ My SQL
§ PostgreSQL
Development Tools
§ AWS/Kubernetes
§ Git
Virtualization environments
§ VMWare
§ VirtualBox
Operating Systems
§ Microsoft Windows 95/ 98/ 2000/ XP/ 2003 Server/ Vista / 7/8/10
§ Kali Linux
§ Ubuntu
§ CentOS
Application/Web Servers
§ Nginx
§ Tomcat
§ Apache
Methodologies
§ OWASP
Testing Tools
§ Nmap
§ Nikto
§ Burp Suite
§ OWASP ZAP
§ Nessus
§ Wireshark
§ Maltego
§ Sqlmap
§ Gobuster
§ Metasploit
§ Cloudflare
§ Slither
Simulation of cyberattack on clients website. Vulnerability scanning and prevention from future attacts.
§ Analyze the system and prepare scope of work
§ Testing the security of the website
§ Dynamic and Static vulnerability scanning
§ Exploitation of found vulnerabilities, fuzzing.
§ Prepare a detailed report on found vulnerabilities including executive summary, risk level of each vulnerability and recommendations on how to fix them.
Industry-standard penetration testing tools and frameworks, including Nmap, Sniper, Nessus, Maltego, Hydra, the Metasploit Framework, Searchsploit, Gobuster, Wireshark, Burp Suite, Tcpdump and Sqlmap
Testing the security posture of the organization with a simulated attack on the website.
§ Analyze the system and prepare the scope of work
§ Identification of site`s loopholes
§ Information gathering, searching for fingerprints in the backend of the website
§ Manual security scanning
§ Communication with the client's security engineer
§ Creating a final report with the summary, risk level of each, vulnerability and recommendations on how to fix them included
The Harvester, Nikto, Nmap, Burp Suite, Sniper, Nessus, Maltego, Hydra, Metasploit, Searchsploit, Gobuster, Wireshark, , Tcpdump and Sqlmap
Nmap, Sniper, Nessus, Maltego, Hydra, the Metasploit Framework, Searchsploit, Dirb, Gobuster, Wireshark, Burp Suite, Tcpdump and Sqlmap. AWS infrastructure deployment.