Manual penetration tester

Posted: July 13, 2021, 5:11 p.m. - Full Time - Hyderabad

What will you acquire

• Critical Understanding of Web, Mobile, IoT architecture and protocols like HTTP(S), TCP/IP, ARP, SMTP, DNS, etc.
• Acquire good grip on scripting languages Python and GO.
• Thorough knowledge of core networking concepts (routing, ACL, load balancers, SSL/TLS, TCP).
• Solid understanding of Cryptography (Encryption, Authentication, Symmetric Cryptography, Asymmetric Cryptography, PKI)
• Thorough understanding of MITRE ATT&CK Enterprise Framework - Attack Types, Techniques and Mitigations.
• Sound understanding of Linux, Windows, and networking.
• Performing Penetration Testing on software applications (including web, mobile, desktop and cloud) using various ethical hacking methods (fuzzing, flooding, OWASP Top 10, SANS Top 25 & etc).
• Experience the efficient and effective usage of pen test tools (viz. Burp Suite, Metasploit, Nessus, CANVAS, password cracking, vulnerability scanners) and Methodologies having less dependency on tools.
• Obtain hands-on exploitation of devices which use variety of network protocols.
• A right way to learn and apply a wide variety of security and IT/OT technologies to enhance Penetration testing.
• Gain a deeper understanding of threat modelling, secure development, and advanced cryptography.
• Acquire an understanding of reverse engineering, malware, debuggers, kernel memory layout in Windows and Linux.
• Experience building web applications, software, or systems engineering.
• Knowledge of container platforms including Docker and Kubernetes.
• Learn how to actively hunt for threats, IOCs, and vulnerabilities in the environment.
• Learn how to emulate adversaries, mimic known adversarial tactics, techniques and procedures (TTPs).
• Derive indicators of compromise that can be leveraged during hunting activities, and technical security research.
• Gain critical skill set in building web applications, software, or systems engineering.
• A Strong knowledge of SKF’s
• Thorough knowledge in Threat Modelling.
• Full-fledged ability to perform Modules of Penetration Testing (Network, Web Application, Mobile Application, Cloud, Wireless, IoT).
• Ability to write clear and accurate documentation with analytical reporting.