Steffin S. Status: Offline
KozhikodeIndia
96% Job Success
Top Rated

Penetration Tester, Information Security Expert , Application Security

🔢 As a seasoned Penetration Tester, I have a proven track record of conducting and leading successful security audits, web application penetration tests, and red team engagements for a diverse range of clients. My experience ranges from working with multinational corporations with large-scale infrastructures to smaller companies seeking enhanced security measures for competitive advantage. As a security engineer, my day-to-day responsibilities revolve around leveraging my expertise in penetration testing, cyber security, and vulnerability assessment to identify and mitigate potential vulnerabilities. Through these experiences, I have comprehensively understood the prevailing technology stacks employed worldwide, allowing me to discern their security weaknesses with precision. 🚫No hacking service - I do not provide any hacking services, and I will not engage in any activities that involve gaining unauthorized access to any accounts, systems, or social media platforms. Requests for such services will be declined. Working with me, you will: ★ Customized approach: I understand that every client's needs are unique, and I tailor my approach to meet your specific requirements. This ensures that you get the most comprehensive and effective security testing possible. ★ Timely delivery: I understand that time is of the essence when it comes to security testing, and I always deliver my reports on time, without compromising on quality. ★ Complete manual testing for your application and immediate notification if any high-impact issues are found. ★ Unlimited retesting for the fixed issues and unlimited revisions ★ Able to find critical bug classes that are often missed by automated pentests. 🔢 My stats are: ✅ Top-rated in information security and IT compliance categories ✅ Saved tens of thousands of dollars for clients by identifying critical vulnerabilities ✅ Ranked in the Top 50 at multiple bug bounty programs ✅ Supporting all time zones ✅ Long-term engagements ✅ Professional certifications (OSCP, CREST CPSA, OSEP, OSWP) Sound like a fit? 🟢 Press '...' button and then ‘Send Message’ button in the top right-hand corner Penetration Testing and Vulnerability Assessment Tools: Manual Testing: Burpsuite Professional, Nuclei, Ffuf, Nmap, Postman (API testing), Metasploit Framework, SQLmap, OWASP ZAP Automated Testing: Acunetix, Nessus, Netsparker, etc. Penetration testing service: 1. Penetration Testing Engagement: thorough manual and automated testing of all functionalities, including internal penetration tests and network infrastructure testing. Professional enterprise-grade software is used, such as BurpSuite Professional, Acunetix, and Nessus. 2. Professional Report and Statistics: A detailed report explaining the exploitation and discovery method of each vulnerability discovered, including proof-of-concept screenshots, full requests and responses, CVSS v3.0 standardized risk score, and impact. 3. Remediation Advice and Guidance: Remediation advice was provided for all security issues discovered, including guidance on how to fix the issues and warnings associated with the impact and risk of these vulnerabilities. 4. Asset Discovery: Active and passive methods are used to assess the digital footprint on the internet, including subdomain enumeration and service/port discovery. 5. Free Retest: Retest all vulnerabilities present in the report included in the price to ensure implemented security controls and/or fixes are working as intended. 6. OSINT Reconnaissance: Gather all valuable data about the company on the internet, including any breached email addresses and related passwords. 7. Briefing and debriefing: Calls or meetings are available to discuss the scope of work, the focus of the penetration testing engagement, including all subdomains, black-box or white-box engagement, account requirements, preferred hours for load testing, and any other guidance required. Calls or meetings are available after the penetration test is completed to discuss the engagement results, the main issues and concerns regarding the company's security, and any further clarification regarding any vulnerability and the associated impact or risk. ✅ The deliverable will be a professional penetration testing and vulnerability assessment report, which includes: ► Executive Summary ► Assessment Methodology ► Types of Tests ► Risk Level Classifications ► Result Summary ► Table of Findings ► Detailed Findings: Each finding in the report will contain a CVSS score, issue description, proof of concept, remediation, and reference sections. ► Retest for issues (The vulnerabilities will be retested after they're fixed; multiple retests can be done to ensure the issues are remediated.) My Expertise: ★ Web Application Security Testing ★ API security testing ★ Penetration Testing ★ Internal Active Directory and External Network Pentest ★ Vulnerability Assessment. ★ Thick Client Pentest (Windows Desktop App Testing) ★ OSINT Assessement
Work history

Steffin S. has more jobs. Create an account to review them
Skills

Skills

  • Security Assessment & Testing
  • Security Testing
  • Vulnerability Assessment
  • System Security
  • Application Security
  • Web App Penetration Testing
  • Website Security
  • Web Application Security
  • OWASP
  • Risk Assessment

Get started working with Steffin quickly with these predefined projects.

Get started working with Steffin quickly with these predefined projects.

You will get a professional penetration testing and a comprehensive report.

From $250
4 days delivery

You will get Vulnerability Assessment & Report covering OWASP 2021 for your Organization

From $200
3 days delivery

Testimonials

Endorsements from past clients

"We hired Steffin for a penetration test for one of our key clients. Steffin did an excellent job and was extremely responsive throughout the process. Highly recommended!"

Nick B.
Jun 2023

Verified