I am a Senior Penetration Tester. I have experienced in Pentest of External/Internal Network Infrastructure, Web Applications, Mobile Apps (iOS + Android), Malware/RAT Development for red teaming Desktop application and Cloud Security Assessment.
Day Job Activities/Responsibilities
------------------------------------------
Pentesting Web Application
Pentesting Mobile Application (Android & IOS)
Network/Infrastructure Security Assessment and Pentesting
Red Team exercises and Social engineering/phishing campaigns
Source code review for many applications written in different languages
Develop various security tools for penetration testing
Develop exploits and malware (RAT)
Presenting and documenting detailed findings and fixes based on the testing
Participate in CTFs
Skills
------
Scripting & Automation:
Python, BASH
Network Security Assessment and Pentesting:
Nessus Pro, OpenVAS, Nexpose, Insight VM, Nikto, Nmap, CrackMapEexec, SMBMap, Maltego, Netcat, Hydra, Aircrack, John The Ripper, Metasploit, CrackMapExec, Hashcat, Powershell Empire, Impacket, Mimikatz, Powersploit, UACme, PRET, Bloodhound, Sharphound, PowerUpSQL, rpivot, Chisel, SSH Tunneling
Web Application Pentesting:
Maltego, Google Hacking, Wappalyzer, Nmap, Nikto, Burpsuite Pro, ZAP, Acunetix, BeEF, IBM Appscan, Metasploit, sqlmap, hydra, Custom Tools/Scripts
Mobile Application Pentesting:
Frida, Xposed, Logcat, Drozer, cycript, Needle, iNalyzer, Passion Fruite, House, Adb, Andbug, apktool, jadx, otool, clutch, class-dump, Radare2, Dumpdecrypt
Programming:
C, C++, C#, Python.