I am active in information security domain from past 3.5 years. I am a Certified Ethical Hacker (CEHv7) and ISO 27001 Lead Auditor. I run my own security blog and have written a research paper also. I have good practical exposure of various security tools including IBM Appscan, Acunetix & Nikto (Web Vulnerability Scanners), Burp Suite (HTTP Proxy for security testing), Backtrack (A complete package of security tools), metasploit (Vulnerability exploitation framework), Nessus (Network & Web Vulnerability scanner), Nmap (Port scanner, services fingerprinting and OS fingerprinting), xprobe2 (OS fingerprinting), pof (services identification), HPing3 (services identification), FireWalk (firewall probing) and many more depending upon the operating system and running services. I am comfortable with both Windows and UNIX (red hat, ubuntu, fedora) based operating systems. I have developed different projects in PHP/JavaScript/MySQL. Apart from this I have experience of Python and Basic C programming.
White Hat Penetration Testing
--------------------------------------------
1. Information Gathering (Collection of Internal IP addresses)
2. Port Scanning (SYN scan, Ping scan, UDP scan, Nessus port scanning through amap)
3. Open ports confirmation through tcptraceroute
4. OS Fingerprinting (Nmap, xprobe, p0f)
5. Service Fingerprinting (Nmap,amap)
6. Vulnerability Scanning (Nessus, Nikto & other tools based upon open ports and identified services)
7. Exploitation (Metasploit)
8. Reporting