Security Audit/Threat Assessment using STRIDE model

Hi there! May Peace Be Upon You !! I am a Certified Ethical Hacker and Pen Tester. I just love hacking and breaking the rules, but don’t get me wrong as I said I am an ethical hacker. @Certified at Windows Security & Forensics @Certified at Ethical Hacking @Certified at WEB APP SECURITY FUNDAMENTALS @Certified at Website Hacking / Penetration Testing Main Skills: Penetration Testing, Web Application Security. Social Engineering, Red team assessment, Ethical Hacking & Countermeasures, Malware Analysis My core competency lies in performing black and gray box testing, on the live web applications/networks or in lab environments.I am familiar with all common attack vectors and mitigation techniques, as well as finding unknown to public exploits known as 0days in web applications. Even though most of my work is confidential I can share vulnerability assessment sample. I have experience in vulnerability assessment for PCI & HIPAA Compliance. Service Description 1)Web Application Penetration Testing based on OWASP TOP 10 2)Network Penetration Testing 3)Vulnerability Assessment 4)Security Hardening See you online and have a great day! Warm regards, Shofiur

I work as a junior web penetration tester. VAPT is my field. I do use automatic tools such as nessus,burp acunetix but the manual penetration is the most important part where you can find sqli,xss, privillege escalation. I usually do black box testing and some grey box testing(where i have 2 test users one normal user and 2nd admin user to try different priv. escalation methods) At the end i will present a full report with vulnerabilities found classifiend and with my recomandations on how to mittigate threats. For more details feel free to contact me.

Security Audit. I am an experienced ethical hacker with over 8+ years experience in Cyber Security field. I have helped secure a number of Applications and thus i would like to work for you. I have a clear understanding of threat modelling and risk assessment and thus i find myself suitable for the task. Please consider

Greetings,  It is my understanding that you are looking for an information security professional who can perform deep pentest/black box penetration test on your web application. Being an Information security professional I will perform deep security test to secure your website for further attacks and let you know how you can secure your website efficiently. I am a cyber security professional having over 7+ years of experience in Information Security, Vulnerability Management, Penetration Testing, Security Operation Center (SOC), Investigations, web application testing, Audits & Trainings. My skillset includes: Threat and Vulnerability Assessment, Penetration Testing, Web Application Pentesting and Mobile Applications. My first priority is always start from manual testing then on Automated Web Penetration Testing: Burp-Suite, Nexpose, W3af, OpenVas, Nessus, Metasploit, Armitage etc. Looking forward to hear back from you for detailed discussion over your requirement.  Thanks !

For our understanding we want to know what the possible areas of attack are and what we have done to prevent it. - I'm a certified ethical hacker and certified security analyst and can do a complete look at the site. We will probably use this in the ISO 27001 audit that we are doing soon. - I can get you prepared for the ISO certification.

Please share a detail with us we are audit your security parameters and share a vulnerability because now a day's data breaches is most vulnerability

Hello, I hope you are Doing Well. We just read your short project description and understand that you are looking for Web Application/Penetration Tester of your site from the first point. Based on the understanding We would like to take this discussion further to explain better about our understanding as well get to know your thoughts that would help us make a great protected site.

19 years of rich experienced with a demonstrated history of working in Cyber Security, Information Security, Systems Audit, Data Center Audits, RBI Cyber Security Framework Implementer, Governance, Risk & Compliance, Global Compliance & Standards like - ISO 27001, PCI DSS, PA DSS, GDPR, SOC Type 1, 2 (SSAE 16/18, SAS 70), HIPAA/HiTRUST, FISMA, BCP/DR (ISO 22301), Web Application Security (OWASP Top 10 Risk) and Vulnerability Assessment & Penetration Testing