Pen Tester

CEH (Certified Ethical Hacker)Experience & Education :

• Bachelor’s degree in Computer Science, Cybersecurity, or a related field (or equivalent experience).
• 2-5 years of experience in web application security, penetration testing, or ethical hackingTools & TechnologiesThe candidate should be proficient in using the following tools and technologies for web application penetration testing : Web Application Security Testing Tools :
• Burp Suite (Pro & Community)
• WebInspectNetwork & Reconnaissance Tools :
• Nmap
• Masscan
• Amass
• Subfinder / Assetfinder
• Shodan / CensysExploitation & Attack Tools :
• SQLmap (SQL injection testing), Metasploit Framework,Scripting & Automation :
• Python / Bash / PowerShell
• JavaScript (for DOM-based attacks and exploitation)
• Postman / REST API testing toolsCode Analysis & Debugging :
• Source Code Review (Java, .NET, Python, JavaScript, etc.)
• Static Analysis Tools (SAST) – SonarQube, Snyk, Fortify
• Dynamic Analysis Tools (DAST) : Acunetix,
• Cloud & Container Security :
• AWS Security Tools (Pacu, ScoutSuite, Prowler)
• Docker Security Testing (Trivy, Dockle)
• Kubernetes Security Testing (Kube-hunter, Kube-bench)Qualifications & SkillsTechnical Skills :
• Deep understanding of OWASP Top 10 vulnerabilities and web security principles.
• Proficiency in HTTP / HTTPS protocols, authentication mechanisms, session management, and API security.
• Experience with scripting (Python, Bash, PowerShell, JavaScript) for automation and exploit development.
• Familiarity with Cloud Security (AWS, Azure, GCP) and container security (Docker, Kubernetes) is a plus.
• Knowledge of Secure Software Development Life Cycle (SDLC) practices.