Evgeny Erdelevsky

Advising methods to reduce or fix security risks to systems, creating and planning penetration methods, tests, and scripts. Responsible for working with clients to identify their needs from the test, like the type and number of systems they would like to test. Experience in manual penetration and application testing. White/gray/black box penetration testing on the financial systems using Kali Linux for OWASP top 10 Vulnerabilities like XSS, SQL Injection, CSRF, Privilege Escalation and all the test-case of a web application security testing.Skilled using Burp Suite, Acunetix Automatic Scanner, NMAP, DirBuster, Wireshark, Nessus, SQL Map for web application Penetration tests. Conducted Vulnerability Assessment on applications. Knowledge of network architectures, operating systems, application software and cyber security tools. Knowledge of programming languages, Python, golang, kotlin. Understanding of information security and applied cryptographic protocols.Proficiency in scripting, Unix operating systems and windows.  Ability to exploit recognized vulnerabilities.Strong written and oral communication skills with the ability to explain technical ideas to non-technical individuals at any level.Proficient in understanding application level vulnerabilities like XSS, SQL Injection, CSRF, Authentication bypass, Weak Cryptography, Authentication flaws etc. Conducted Dynamic and Static Application Security Testing (SAST & DAST). Carrying out attacks on customers' wireless networks, as well as bluetooth devices such as computer mice (mousejacking)Report writing using standardized method for rating IT vulnerabilities and determining the urgency of response. (CVSSv2.0 Calculator.) Providing details of the issues identified and the remediation plan to the stake holders. Worked with DevOps teams to automate security scanning into the build process.