About
Proactive security engineer with 2+ years of experience in web application and API security. Skilled in identifying security vulnerabilities. Proficient in generating detailed security reports & Knowledge About OWASP Top 10 vulnerabilities.
Skills & Expertise (27)
Work Experience
Security Engineer
ADiT Technologies
Sep 2023 - Present
Conducted web and API security assessment for an online shopping platform handling user accounts, product listings, cart, checkout, and order management. Identified and validated 30+ security vulnerabilities across web and API components, including OWASP Top 10 (2021) and API Security Top 10 (2023) issues. Tested authentication, authorization, session management, and payment workflow mechanisms. Discovered critical vulnerabilities such as IDOR (BOLA), SQL Injection, Stored XSS in product reviews, and broken access control in order APIs. Performed business logic testing for price manipulation, coupon abuse, cart tampering, negative quantity orders, and payment status bypass. Used Burp Suite Pro and Postman for request interception, parameter tampering, JWT analysis, and API validation.
Education
BE (Information & Technology) - Savitribai Phule Pune University
- · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (27)
Click a skill to find developers with the same skill
