You will get a professional pen test report and support to fix the issue and re-test
Sharma S.
You will get a professional pen test report and support to fix the issue and re-test
Sharma S.
- Delivery Time 5 days
- Small Company Size
5 days
delivery —
Oct 12, 2024
Revisions may occur after this date.
Upwork Payment Protection
Fund the project upfront. Sharma gets paid once you are satisfied with the work.
Project details
Pen test report with all the scan results
Web Application Security Assessments through a deep dive on,
1)Injection
2)Broken Authentication
3)Sensitive Data Exposure
4)XML External Entities (XXE)
5)Broken Access control
6)Security misconfigurations
7)Cross-Site Scripting (XSS)
8)Insecure Deserialization
9)Using Components with known vulnerabilitie
Web Application Security Assessments through a deep dive on,
1)Injection
2)Broken Authentication
3)Sensitive Data Exposure
4)XML External Entities (XXE)
5)Broken Access control
6)Security misconfigurations
7)Cross-Site Scripting (XSS)
8)Insecure Deserialization
9)Using Components with known vulnerabilitie
Cybersecurity Expertise
Gap Analysis, Cybersecurity AwarenessTechnology Type
Firewall, Computer Network, Database, Operating System, SaaS, Web Application, Mobile DeviceWhat's included
Service Tiers |
Starter
$500
|
Standard
$1,000
|
Advanced
$2,000
|
---|---|---|---|
Delivery Time | 5 days | 10 days | 15 days |
Small Company Size | - | - | |
Medium Company Size | - | - | |
Large Company Size | - | - | - |
About Sharma
Application Security | CISM, CEH, 62443 | Threat Modeling |VAPT
Bengaluru, India - 7:22 am local time
In my role as a product security assessor, I was responsible for identifying and mitigating security risks in software products. I used a variety of security assessment techniques, including security assessment, threat modeling, source code review, and vulnerability management. I also worked closely with developers and other stakeholders to ensure that security was considered throughout the development process.
I have experience in OT Security, and i have lead my organization to prepare and get certified in 62443-4-1, 62443-4-2, 62443-3-3. I was responsible for assessing and improving the security development of industrial control systems (ICS). I used the 62443 standard as a framework for my work, and I have a deep understanding of the security risks and vulnerabilities associated with ICS. I have also conducted security assessments for a variety of ICS environments, including power plants, and microgrids.
As a penetration tester, I have conducted security assessments for a variety of organizations, including Fortune 500 companies. I have a deep understanding of attack vectors and exploit techniques, and I use this knowledge to identify and exploit vulnerabilities in target systems. I also provide detailed reports of my findings, which include recommendations for remediation.
Experience & Skills:
✅ Certifications: CEH, CISM
✅ Completed threat modeling for 100+ applications
✅ 62443 gap analysis, assessment, and implementation
✅ Large experience in software development - C#, Python, Docker, Azure, DB
✅ OT Security
✅ Security code review
✅ Solid knowledge of ethical hacking, penetration testing, and vulnerability management.
✅ Ability to perform Vulnerability Assessment and Penetration Testing.
✅ Audited 50+ applications in diverse domains.
✅ Good knowledge of tools such as BurpSuite, Nikto, Nmap, Wireshark, etc.
✅ Deep understanding of Kali Linux and its Security tools.
As a technical writer, I have written a variety of security-related documentation, including security policies, procedures, and training materials. I have a strong understanding of technical concepts and I am able to communicate complex information in a clear and concise way.
I am a highly motivated and results-oriented individual with a strong work ethic. I am also a team player and I am able to work effectively with others to achieve common goals.
If you are looking for a security professional with a proven track record of success, I would be a great fit for your team. I am confident that I can help you to improve the security of your organization.
Please feel free to contact me if you have any questions or would like to discuss my qualifications in more detail.
Steps for completing your project
After purchasing the project, send requirements so Sharma can start the project.
Delivery time starts when Sharma receives requirements from you.
Sharma works on your project following the steps below.
Revisions may occur after the delivery date.
Star testing