Expert Penetration Tester for web applications
1. Penetration testing on a Client’s Website and on Fedora 14 Operating System.
• Performed Risk assessment, control design on operating system, database, and the web server and control implementation (Hardening of OS, Database and Web server).
• Capture the Flag Situation on the client’s website provided by the university by performing a full website Penetration testing.
2. Penetration testing on Metasploitable Linux virtual machine by using Backtrack5 r3.
• Performing Penetration Testing on the target and a detailed report on the PT of functions such as :
o Host enumeration, Service enumeration and fingerprinting, vulnerability scanning, vulnerability exploitation, and privilege escalation.
3. Implementing Information Security Management System (ISMS) on the Client provided by the university.
• Developing an ISMS Scope, ISMS Policy, implementing Risk Assessment (RA) Methodology, RA report, Risk Treatment Plan, and Security Awareness Training program.
4. Performing Web application vulnerabilities on Webgoat (vulnerable) environment.
5. Performing System security vulnerabilities on vulnerable system provided by the University.
6. Solving Cryptography and PKI challenge provided by the University.