HITESH MISTRY

ASSOCIATE CONSULTANT

P +91-830******* E ada8sr@r.postjobfree.com A A-108, R3, Life Republic, Marunji, Pune (411057) OBJECTIVE

EDUCATION

Extremely motivated to constantly develop my skills and grow professionally. I am confident in my ability to come up with Interesting ideas for improvising my work.

ASM’s ICS(Pune),

Master of Computer

Application(MCA) - 2015

Percentage: - 66%

KEY SKILLS

WEB APPLICATION

PENETRATION TESTING

MOBILE APPLICATION

PENETRATION TESTING

NETWORK

PENETRATION TESTING

AWARDS

EMPLOYEE OF THE

MONTH

LEADERSHIP AWARD

BEST PERFORMER AWARD

EXPERIENCE

ASSOCIATE CONSULTANT

Infosys Pvt. Ltd. July2019 – Present

• Application scanning using Burpsuite.

SECURITY CONSULTANT – L2

Security Brigade Oct2016 – July2019

• Conducted security testing on the Web application, Mobile application, Thick Client and Web services.

• Proficient in identifying various critical vulnerabilities like SQL Injection, XSS attack, response splitting, session hijacking, authentication bypass, authorization, authentication flaws, remote & local file inclusion and also, business logic vulnerabilities.

• Tested more than 100+ web and mobile applications detecting critical and non-critical bugs.

• Discussion and explaining application owners and developers on existing vulnerabilities on applications to mitigate them effectively.

• Conducted review on various other aspects of applications like Server Hardening, Configuration Review, Thick client application testing, Vulnerability Assessment and Penetration Testing.

• Worked in various banking projects related to testing of their payment applications.

• Additional job roles include team management, conducting L2 approvals and report approval of team members.

• Worked with various HTTP tools like Burp Proxy, Fiddler, Zap Proxy, iron WASP, etc.

WEB AND MOBILE APPLICATION SECURITY TOOLS

• Http interception tools like Burp Suite Pro, Fiddler.

• Social Engineering or Password generation / cracking tools such as Hydra, Ncrack, Crunch.

• Web application Vulnerability Scanning tools such as Accunetix, AppScan.

• Web Penetration tools like SQL map, Nikto, Metasploit, etc.

• Mobile application Security and Penetration Testing using Mobsf, Freda,etc.

NETWORK SECURITY TOOLS

• Network Scanning tools Nessus, Nmap, Nexpose Network Sniffing tools such as Wireshark.

NETWORK PROTOCOLS

• Configuration and Implementation of routing protocols.

• Knowledge of different networking protocols like TCP, UDP, FTP, TFTP, SSH, SNMP, TFTP, DHCP, NTP, SIP, RSTP, RDP, DNS, etc.

CERTIFICATIONS AND AWARDS

• CEH (Certified Ethical Hacker) – EC-Council.

• ECSA (Certified Security Analyst)- EC-council.

• Rewarded by Casper Security Team via Hackerone

Contact this candidate