Cybersecurity Consultant
CurrentConducted in-depth penetration testing on web applications, APIs, mobile apps, and network infrastructure to identify and address vulnerabilities effectively.Executed application security assessments, including vulnerability scanning, source code reviews, and penetration testing, ensuring robust security measures for clients.Specialized in identifying and remediating application-level vulnerabilities such as XSS, SQL Injection, CSRF, Authentication Bypass, Access Control, SSRF, and Business Logic flaws.Managed end-to-end client engagements, understanding their security needs, preparing tailored security strategies, and providing actionable remediation plans.Delivered detailed vulnerability assessment reports with clear risk evaluations, mitigation strategies, and impact analyses.Proficient in using advanced tools like Burp Suite, Nessus, Nmap, Metasploit, Wireshark, Frida, Subfinder, HTTPX, Naabu, Nuclei, and SQLMap for security testing.Enhanced automation testing by developing custom scripts for reconnaissance and vulnerability scanning.Conducted training sessions for cybersecurity teams, enhancing their skills in web, API, and mobile application security.Played CTFs and engaged in hands-on labs to continually improve technical expertise and stay updated with the latest attack vectors and defense strategies.Collaborated with cross-functional teams to design secure architecture and ensure compliance with industry standards like OWASP and NIST.