- Knowledge of the OWASP Top 10, SANS top 25, WASC security Standards

- Knowledge of common web application attack vectors such as SQL injection, CSRF, XSS, Session

- Well familiar with basics of TCP/ IP and Networking principles.

- Experience in manual application penetration testing of web-based applications, thick-client applications, mobile applications, web services, API's

- Perform Web & Mobile Application security assessment.

- Familiar working with Publicly available exploits codes.

- Conduct application penetration exercise using automated tools, customized exploits and manual analysis.

- Conduct network penetration testing, system vulnerability assessment & security configuration review

- Provides analysis and validation post remediation.

- Hands on knowledge on Tools: Astra's Pentest, Nmap, Kali Linux, Metasploit, Armitage, Maltego, Burp, Paros Proxy Nessus, nexpose, Wireshark, sqlmap etc.