Java Application Code review & resolve the security related vulnerabilities

Hi Sir, I am an experienced software developer expert in java ,j2ee , spring,   hibernate orm, webservices,xml xslt, db like technolgies. I can do this. pls contact for further progress.

I can surely help you in security related issues. I have worked in past on related issues. I have 8 yrs of exp. We will have to write interceptors to intercept each request with each intercept performing a defined role with proper logging. All my previous projects had 5/5 ratings so you can be sure quality work. Do have a chat before assigning to someone else I am sure we can workout a deal. Looking forward to work with you

Have 5+ years of experience in both black box and white box testing penetration testing. Perform VAPT(Vulnerability and penetration testing) services like Web-Application penetration testing; System Application penetration testing; Mobile application penetration testing; Network application penetration testing; social engineering penetration testing etc. Conduct penetration testing in a systematic approach. Follow the standard methodology of the industry like OWASP Testing Guide v4(OTGv4) ; SANS top 25; NIST SP 800-115; PCI DSS to perform penetration testing so that client can concentrate on their professions without worrying about security threats. Web Application Testing: Do web application penetration testing with the latest methodology like OWASP Top-10, SANS Top-25. Perform both manual and automated penetration testing for vulnerabilities like Injection flaws(such as SQL, NoSQL, OS, and LDAP injection etc),Broken Authentication, Sensitive Data Exposure,XML External Entities (XXE), Broken Access Control,Security Misconfiguration, Cross-site scripting(XSS), Insecure Deserialization, Using Components with Known Vulnerabilities,Insufficient Logging & Monitoring. Also perform source code reviews for many technologies like java, .NET, PHP etc. Approach for Manual Web-Application Penetration Testing: Conduct manual testing with following controls: * Configuration and Deployment Management Testing * Identity Management Testing * Authentication Testing * Authorization Testing * Session Management Testing * Input Validation Testing * Testing for Error Handling * Testing for weak Cryptography * Business Logic Testing * Client Side Testing Tools that use for Automated Web Penetration Testing: Acunetix, Burp-Suite, Netsparker, Nexpose, Nikto, IBM Appscan, HP fortify, W3af etc. Network penetration testing:Provide Network Penetration Testing so that your Network Infrastructure is secured from the real world attacks. Do both manual and automated network penetration testing. Approach for Manual Network Penetration Testing: Manually check for IDS/IPS, Server, Networks switch, Network Router, VPN, Firewalls, Anti-virus,Password etc. Tools that use for automated network penetration testing: OpenVas, Wireshark, Nessus, Metasploit, Armitage, Scapy etc.

A proposal has not yet been provided

A proposal has not yet been provided

Hi, I have reviewed your requirement and I can do this job as per your requirement. We have huge expertise in Java, WORDPRESS , Laravel, Node.Js , React.Js, CakePHP, Codeigniter, Angular.js, Bootstrap, API Integration, Plugins , MYSQL, JavaScript, HTML, Jquery, Magento, HTML 5 ,YII frame, PSD to HTML and CSS to name a few. We have built more than 200 website in Magento and WordPress including theme and customized theme as well. I am looking for long term work relationship from you. Looking forward for your positive response. For more reference please see portfolio herewith. Regards, Ravichandran

Hello, I have a strong back-ground in website Security Audit and Penetration testing..Just went through your requirement, Features and technology used in the given project of JAVA based application..I'm having 7 years of industry experience in Penetration testing services. I'm interested to provide you a list of vulnerabilities and security loop holes by the automated tools as well as manual approach of penetration testing and vulnerability assessment.. I have all the tools which are enterprise version and like HP web inspect and NetSparker Enterprise version and also manual testing is add on which I use to do. I would be interested to have some discussion with you. Best Regards, Jai

I am a student of Computer Science and Engineering and I think I am the perfect one for this because I am well enough patient

I worked as a security researcher in Zoho corporation for 5 years. To find the frequent occurring vulnerabilities, 1. XSS 2. SQL Injection 3. XML entity attack 4. Resource leak Can be easily identified by running penetration testing tools. But some of them are hard to find, we have to manually review those. With my due experience, i will do my best to find out those.

Hello, Prashant has 7+ years experience working in the information security consulting field. He holds a ISTQB, IBM APPS SCAN, CEH Certifications and a Graduation(B.E.) in Computer Science from Rajiv Gandhi University, Bhopal. Prashant has executed more than 90 Projects and led relationships with clients in India, Hong Kong, UAE & Philippines. He has worked on diverse engagements broadly comprising Application Security Testing, Secure code Review, and has developed Java based DoS attack Framework .He has implemented complete project life cycle - from capturing customer requirements to delivering solutions on time. He has actively contributed to practice development by creating reusable components and sharing key project-learning within the practice. He has been trained in programming aspects also like J2SE, J2EE, WEB Server Architecture and capable of mapping the testing practice along with development. Specialties:- Vulnerability Assessment & Penetration Testing Web Services Penetration Testing Web Application Security Threat Modeling Secure Code Review Burp suite & Extenders WebApplication Development Network Penetration Testing With above Introduction, I would like to say that I will more happy to have a discussion and provide you initial guidance before even the project is awarded. That is absolutely Complimentary. Let me know if you would like to get engage in discussion.