assessing and improving the security of internal management applications and service sales platforms, primarily built using Java and ASP.NET. analyzing application security, testing APIs & providing solutions to mitigate risks.Key Skills and Experiences:- Application Analysis (ASVS Standards): Performed security assessments based on OWASP ASVS. Identified and addressed critical vulnerabilities such as access control vulnerabilities and injections. while offering customized solutions.- API Security Testing & Automation: Designed automated security tests for REST, RPC and other styles of API. Uncovered vulnerabilities like authentication bypasses and data leaks, streamlining the testing process and improving coverage across multiple API types.- Vulnerability Chaining: Linked lower-severity vulnerabilities to uncover more significant risks, helping to demonstrate the potential real-world impact and prioritize fixes accordingly.- Static Code Analysis: Conducted code reviews of Java and ASP.NET applications to identify common vulnerabilities like lack of input sanitization type vulnerabilities (including SQL,XML or other types of injection), ensuring early detection and resolution.This role allowed me to collaborate closely with development teams to implement effective security practices and improve the overall security of critical enterprise applications.