Requirements
- Perform Web/Thick Client/Web Services/Mobile Application manual penetration testing
- Conduct Secure Code Review Assessments
- In-depth knowledge of OWASP Testing Methodology that involves manual application penetration testing concepts such as (XSS, CSRF, SQLi, SSRF, XML Entity Injection, Java Deserialization attacks, IDOR, authorization bypass, etc.).
- In-depth understanding of API testing methodology (endpoint security, authentication, and other categories within API testing).
- Proficiency in Information Security tools such as Nessus, Nmap, Burp, Netsparker, WebInspect, AppScan, Veracode, Checkmarx, Qualys, Nexpose, Core Impact, Metasploit and manual techniques to exploit vulnerabilities (both network and application layers)
The difference between something good and something great is attention to detail – AVM Consulting.