SUMMARY

• Having 8+ years of experience as Cyber Security Engineer in various Domains such as Web Application/Thick Client Security Testing, Vulnerability Assessment, Penetration Testing and Generating reports using tools.
• Background/understanding of Software Development Lifecycle.
• Excellent knowledge in CWE, OWASP Top 10, and WASC Threat Classification 2.0 methodologies.
• Experience in penetration testing with Kali Linux: Nmap, Nessus, Nexpose, Wireshark, Proxy Chains, Enum4linux, Password Cracking, TCP Dump, PW Dump, FG Dump, and Metasploit.
• Responsible for the management and administration of processes and tools that enable the organization to identify, document, and access intellectual capital and information content.
• Experience with industry recognized SIEM (Security Information and Event Management) solutions such as IBM QRadar, Splunk, and Log Rhythm. h
• Application Security Analysis for some of the major Clients using HP Fortify & IBM App Scan.
• Experience with using a framework to evaluate and analyse mobile devices, applications, mobile environments, and supporting infrastructures and to identify design weaknesses and vulnerabilities.
• Proficient in understanding application - level vulnerabilities like XSS, SQL Injection, CSRF, authentication bypass, weak cryptography, authentication flaws etc.
• In-depth experience with log search tools such as Splunk, usage of regular expressions and natural language queries
• Good experience with system vulnerability detection and mitigation.
• Good Understanding of Web Technologies HTTP, HTML & CSS.
• Good Understanding of compliance and regulatory requirements like PCI DSS, SOX & HIPPA.
• Good Understanding in pen testing Mobile application both Android and IOS.
• Served as primary security liaison on infrastructure, application and database projects and day-today app/data activities.
• Experience using a wide variety of security tools to include Kali-Linux, Wireshark, L0phtcrack, Snort, Cain, Abel, Nikto, DirBuster, IBM AppScan, Nessus, Open Vas, W3AF, BeEF, Ettercap, Maltego.
• Experience in different web application security testing tools like Acunetix, Metasploit, Burp Suite, SQL map, OWASP ZAP Proxy, Nessus, Nmap and HP Fortify.
• Worked on all the Ping Federate OAUTH grant types to get the access token in order to access the protected API.
• Setup Continuous integration with Jenkins and make use of wide range of plugins available to setup smooth developer friendly workflows
• Experience in Microsoft Office SharePoint Server 2007, SharePoint Server 2010, SharePoint 2013, SharePoint Designer 2007, SharePoint Designer2010, SharePoint Designer2013.
• Configuration of oracle databases to support SharePoint on 2010/2013 platform.
• Knowledge of log formats and ability to aggregate and parse log data for syslog, http logs, DB logs for investigation purposes.
• Exceptional understanding of computing environments Linux: RHEL-7/DEB-KALI, Windows 7/10, Server 2012/2016 and Unix Operating systems.
• Knowledge of network security zones, Firewall configurations, IDS policies.
• Proficient in Linux operating system configuration, utilities, and programming.
• Broad knowledge of hardware, software, and networking technologies to provide a powerful combination of analysis, implementation, and support.
• Sound knowledge and industry experience in Vulnerability Assessment and Penetration Testing on WEB based Applications, Mobile based application, and Infrastructure penetration testing.
• Experience working with Qualys Guard to conduct Network Security assessments.
• Worked as a key member in streamlining security processes, design and implement efficient security solutions achieving security efficiency.
• Excellent collaborator, enthusiastic initiator, and ability to learn the fundamental concepts effectively and efficiently.
• Conducted presentations to clients projecting the security services offered by the firm.
• Expert ability with scripting languages such as Python and PowerShell.
• Having good experience in Secure SDLC and Source Code Analysis (Manual &Tools) on WEB based Applications.

TECHNICAL SKILLS

Networking: Packet Analysis (tcpdump, Wireshark), IDS (Bro, Snort), Splunk, Firewall, IDS/IPS, Access Control

Systems Administration: Active Directory, DNS, FTP, SSH, DHCP, SMB, HTTP, Virtualization (ESX)

Vulnerability Assessment: Nmap, Nessus, Ettercap, Metasploit, Honeypots (honeyD, inetSim), BurpSuite, Nexpose, Acunetix, IBM App Scan, HP Web Inspect

Penetration Testing: Wireshark, Metasploit Framework

SIEM Tools: TSIEM, Arc Sight

End Point Security: McAfee Suits (VSE, HIPS & HDLP), McAfee MOVE AV, Symantec McAfee Email Security Gateways GUI & CLI, McAfee Network Data Loss Prevention, McAfee NITRO SIEM Security Information and Event Management.

Platforms/Applications: Continuous Monitoring Vulnerability Management, Web Application Scanning, ThreatProtect, Policy Compliance, Cloud Agents, Asset Management, Governance, Risk Management and ComplianceSolarwinds, Nexpose, Rapid7 Event Management RSA Archer, Blue Coat Proxy, IBM QRadar, NTT Security, LogRhythm, PenTest Tools Metasploit, Burpsuite, NMAP, Wireshark and Kali, Infoblox

Standards & Framework: OWASP, OSSTMM, PCI DSS

Security Software: Nessus, Ethereal, NMap, Metasploit, Snort, RSA Authentication, PIA

Programming Languages: C, C++, Java, Python, JavaScript, Linux, PowerShell, HTML

Networking: LAN, WAN, Wi-Fi, DNS, WINS, DHCP, TCP/IP, ISCSI, Firewalls/IPS/IDS

Protocols: TCP/IP, L2TP, PPTP, IPSEC, IKE, SSL, SSH, UDP, DHCP, DNS, NetBIOS, SNMP, TLS etc.

Domain Knowledge: Risk Management, BCP/DRP, ISO 27001, COBIT, Vulnerability

PROFESSIONAL EXPERIENCE

Confidential

Sr Cyber Security Engineer

Responsibilities:

• Conducting Vulnerability Assessments using IBM App Scan to evaluate attack vectors, Identify System Vulnerabilities and Develop remediation plans and Security Procedures, Web Application Vulnerability Assessment & Threat Modelling, Gap Analysis, secure code review on the applications.
• Drive cloud security standards through developing architecture and work with application teams to ensure the best solutions are implemented to support cloud initiatives identify the critical, High, Medium, Low vulnerabilities in the applications based on OWASP Top 10 and SANS 25 and prioritizing them based on the criticality.
• Work with the internal development team to relay customer feedback and incorporate it into our agile development process work within the cyber defense management leadership to provide operational support to SOC operations, vulnerability management, security engineering platforms (Email security, Cloud Security, DLP, IDM, Azure Security, CASB), and application security.
• Application support for tripwire, research and understand all aspects up tripwire and troubleshooting as well as find other ways to automate practices would help other teams within cyber security as well for any projects dealing with Nessus tools vulnerability management, risk and compliance in NERC standards.
• Manage IBM QRadar configuration files like inputs, props, transforms, and lookups. Upgrading the IBM QRadar Enterprise and security patching experience with DLP, Bluecoat websense, Proof point, Trend Micro, and IBM QRadar Enterprise SIEM security tools to monitor network environment.
• Managing the enterprise infrastructure of the System Security team, such as configuration of File Integrity Monitoring systems, Data Loss Prevention (DLP) toolsets, enterprise Antivirus solutions, and endpoint encryption.
• Utilize Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), McAfee Endpoint Encryption Data Leakage Prevention (DLP), PIA, Forcepoint, forensics, sniffers and malware analysis tools.
• Custom configuration of rules in IBM QRadar, and McAfee IPS to add greater value and enhanced correlation of logs recover information from computers and storage device and recovering data like documents, photos, and emails from computer hard drives and other data storage devices.
• Deploy Cisco Firepower solutions for IPS/URL/Malware detection and prevention. Configured Cisco AMP (Advanced Malware Protection) for endpoint security systems. Optimized IPS signatures on the Cisco Firepower management center to reduce false positives by disabling unnecessary rules and using the threshold, suppression, and pass rules features.
• Perform vulnerability scan with Nessus for improper configurations, missing patches, hosts, network, and insecure credentials and accounts combat operations IN Signals and info sec operations. Worked with NERC CIP, Tripwire, Tenable and IP360 Enterprise 8.6.
• Developed and assessed cyber security documentation for client information systems in accordance with FISMA, NIST Risk Management Framework, and departmental requirements identified and mitigate risks throughout assessment.
• Information Assurance: Managed information-related risks, ensured that authorized users have access to authorized information at the authorized time focused more on the business level and strategic risk management of information and related systems, as well as on the creation and application of security controls.
• Experience using DAST tools to detect potential vulnerabilities such as HP Webinspect, SolarWinds, Zap, Burp, Tenable, Splunk, Alertlogic, Symantec Endpoint Protection, Zscaler, McAfee security, Portswigger, Fiddler, Wireshark, Nmap, JIRA, Sonatype, Coverity.
• Assist with vulnerability scans and reporting to clients and IT departments, use of Nessus scan and Report, Review the vulnerability scan that affects the assets and find critical devices that have critical vulnerability
• Support the development and maintenance of program level Information Assurance A&A process activities and related documentation such as systems concept of operations, system security design, implementation plans, and operational procedures.
• Working on Tenable.sc helps you improve and maintain your cybersecurity program and visibility across your entire environment, including cloud, virtualized and mobile environments.
• Work with different application teams to help them understand the vulnerabilities listed and provide recommendations to fix the same provide timely incident response to all system and/or network security breaches.
• Perform Man-in-the-Middle attack by intercepting the Wireless parameter of (iPhone) mobile on wireless network design, implementation and support for network security technologies and products (WAF, Cisco ISE, AMP, Firepower, etc.)
• Implement solutions as a part of the project support which include Event Sentry SIEM, Nessus Vulnerability scanner and Palo Alto Firewall.
• Manage and Maintain Nessus Vulnerability scanner 6.11.0, add additional scan engine to a production environment and identify gaps in patching manage organize Kick off meetings with the application teams to understand the application security requirements, application flow, functionality, architecture, and the technology.
• Maintain strong working relationships with individuals and groups involved in managing information risks across the organization score the vulnerabilities based on CWE / CVSS scoring system.
• Hands on Experience in conducting web application security scan using IBM App Scan, HP web inspect and Accunetix.
• Use Network monitoring tools to ensure network connectivity and Protocol analysis tools to assess and Pinpoint networking issues causing service disruption to generate and presented reports on Security Vulnerabilities to both internal and external customers.
• Experience in using Kali Linux to do vulnerability assessment with tools like DirBuster, Nessus, and Nmap responsible for exploiting the critical threats that were reported during the scanning phase.
• Expertise in using the DAST tools (Like IBM App Scan and Burp Suite Pro) while the application is running to penetrate the application in various ways to identify potential vulnerabilities outside the code and in third party interfaces.
• Maintain knowledge of current security trends and advisories, develop regular communication to develop a wide security awareness across the firm's stakeholders ensuring Cyber security processes are incorporated in system design, development, testing, and implementation.
• Other Adhoc Activities like monthly and weekly report creations. Scheduling meeting with different application teams for understanding future pipelines for applications performing source code analysis (Python, .Net) to find the vulnerabilities at the code level and providing mitigation techniques to the developers.
• Email Administration: Managed clientele email accounts via Microsoft Exchange Server. Provided Windows Exchange Email server support provide email and email security using Cisco Ironport, VPN, Firewall, and Internet /Web security.
• Provided Email, VPN, Firewall, Internet /Web security and Information Security (Confidential) perform Manual assessment on Java/.Net applications for the results from the AppScan to eliminate false positives and report the High, Medium and Low issues.
• Participate in the development, architecture, documentation and improvement of security monitoring and operational systems to include Threat Vulnerability Scanning / Analytics, including configuring dashboards / metrics views into the current operational state, alert response.
• Analyze the enterprise's information security environment and recommending security measures to safeguard applications and information assets using threat modelling, OWASP, CWE use SAST tools (Like HP Fortify and SonarQube) to test source code, byte code to expose weaknesses in the software before it is deployed responsible for monitoring and, providing analysis in a 24x7x365 Security Operation Center (SOC) using Splunk SIEM, IDS/IPS tools.

Confidential, NYC, NY

Cyber/Network Security Engineer

Responsibilities:

• Interface with users, technicians, engineers, vendors, and other Technical Maintenance personnel to install, update and debug automated systems ensuring products and systems comply with cyber security standards and practices.
• Develop test routines and monitoring solutions. Penetration testing using Nmap and Wireshark day to day support of servers, workstations, network, and other equipment Drive cloud security standards through developing architecture and work with application teams to ensure the best solutions are implemented to support cloud initiatives.
• Document support procedures specific to systems to be utilized by the Technical Maintenance and Engineering departments.
• Plan, execute and oversee remediation activities for valid vulnerabilities which are identified using Application Scanning tools with application scanning to identify security vulnerabilities in the web application and architectural weaknesses.
• Worked within the cyber defence management leadership to provide operational support to SOC operations, vulnerability management, security engineering platforms (Email security, Cloud Security, DLP, IDM, Azure Security Security, CASB), and application security.
• Architecture design and Implementation of centralized IBM Qradar SIEM for High Availability and Redundancy effectively communicate with Business Operations and other functional areas on web application vulnerabilities.
• Experience in planning, installing, configuration, and administering IBM Security Identity Manager 7.0.1. Support, performance tuning and troubleshooting ISIM 7. Configure and manage ISIM 7 security e.g., configuration of single sign-on, secure communication with supported middleware etc.
• Hands-on technical experience with testing of web applications in Java or .NET, Experience with audits, e.g., A-123, SOC 1/2, FISCAM. Radius and Kerberos Server experience API testing using Postman.
• Experience using DAST tools to detect potential vulnerabilities such as HP Web inspect, Solar Winds, Zap, Burp, Tenable, Splunk, Alert logic, Symantec Endpoint Protection, Zscaler, McAfee security, Port swigger, Fiddler, Wireshark, Nmap, JIRA, Sonatype, Coverity. Experience in Palo Alto Networks and Firewall (PA-5000, PA-3000, PA-500) series, PA IPsec VPN Tunnel.
• Manage IBM QRadar configuration files like inputs, props, transforms, and lookups. Upgrading the IBM QRadar Enterprise and security patching maintain strong working relationships with individuals and groups involved in managing information risks across the organization.
• Experienced with DLP, Bluecoat websense, Proof point, Trend Micro, and IBM QRadar Enterprise SIEM security tools to monitor network environment managing the enterprise infrastructure of the System Security team, such as configuration of File Integrity Monitoring systems, Data Loss Prevention (DLP) toolsets, enterprise Antivirus solutions, and endpoint encryption.
• Utilize Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), McAfee Endpoint Encryption Data Leakage Prevention (DLP), PIA, Forcepoint, forensics, sniffers and malware analysis tools.
• Developed and assessed cyber security documentation for client information systems in accordance with FISMA, NIST Risk Management Framework, and departmental requirements identified and mitigate risks throughout assessment.
• Hands on different web application security testing tools like Acunetix, Metasploit, Burp Suite, SQL map, OWASP ZAP Proxy, Nessus, Nmap and HP Fortify experience with Red hat Linux Server, macOS Server, Microsoft Windows Server, MS Active Directory, Azure AD, and Configure and manage AWS/Azure Cloud Infrastructure, Virtualization (VMware NSX, Hyper-V).
• Extensive experience hands-on Azure IaaS / PaaS designing and building Azure solutions. PowerShell experience as it relates to Azure, AD, and Office 365.
• Email Administration: Managed clientele email accounts via Microsoft Exchange Server. Provided Windows Exchange Email server support, email and email security using Cisco Ironport, VPN, Firewall, and Internet /Web security.
• Provided Email, VPN, Firewall, Internet /Web security and Information Security (Confidential).
• Deploy, manage, and effectively maintain security systems and their corresponding or associated software, including firewalls, checkpoint firewall, squid firewall, blue coat proxy and routers, IDS, IPS, cryptography systems, Encryption (RSA, AES), Tokenization (Open NMT), and anti-virus software. Experience in Python, PowerShell, and JavaScript programming language.
• Audit and adjust permissions, access-lists, file shares, and any other access control mechanism in place troubleshoot and document network security incidents produce and present security reports for management monitor and analyze network security data.
• Experience setting up Firewalls, using NAV tools, Vulnerability Management platforms, Security Analytics platforms, Penetration Testing frameworks (Metasploit or Resolve).
• Advanced knowledge of Cisco wireless LAN controllers, Cisco access points, Cisco ISE, Cisco routers ( Cisco 1921, Rv320, Rv215w, Rv042, Rv042G), Cisco L2/L3 switches, Cisco Prime, Generic Routing Encapsulation, load balancing (F5 BIG-IP Local Traffic Manager, Cisco Load Balancer, Citrix, Azure load balancer), QOS, PBR, WCCP, VPN, NAT, VoIP, IPsec, Multicast, DNS services, MPLS networks, LAN, WAN, Juniper Networks Firewall (Juniper EX series EX2300, EX4300, EX3400, QFX5100-48T, QFX10002-36, SRX series, Cisco ASA firewalls/Router (5508-x with firepower, 5516, 5585, 5545, 5555), Cisco Meraki MX100 Firewall, and network and routing protocols (Ethernet, TCP/IP, SNMP, VLAN Trunking, BGP, OSPF, ISIS, EBGP,IBGP,RIP).
• Experience utilizing Wi-Fi analyzers, Wi-Fi survey software tools (i.e., Air Magnet, Ekahau, etc.) and test equipment working across the full stack of enterprise security tools to include everything from the physical layer to the application layer
• Worked on Cisco Nexus series 5k, 7k, 9k switches, Cisco Catalyst Switches (2960, 3560, 6500), Cisco 300/200 series.
• Ability to lead the design of network security infrastructure and the integration of new requirements into existing architectures. Experience leading compliance assessments of relevant cyber security frameworks.
• Remain informed on trends and issues in the security industry, including current and emerging technologies and policies.

Confidential, Austin, TX

Cyber Security Engineer

Responsibilities:

• Experience with many of the following technologies/roles: Privileged Account Management, TwoFactor Authentication, Web filtering, Web Application Firewalls, Virtualized computing environments, Encryption-at-rest and encryption-in-transit, Vulnerability Management.
• Installation and configuration of networks and network devices such as web application firewalls, network firewalls, switches, checkpoint firewall, squid firewall, blue coat proxy and routers.
• Network Security configuration, audit, and management of Windows servers. Installation, configuration, audit, and management of security tools.
• Security configuration, audit, and management of applications and databases. Leading security incident investigations, including basic forensic analysis and reporting.
• Deploying, automating, maintaining, and managing AWS cloud-based production system, to ensure the availability, performance, scalability and security of productions systems.
• Maintenance and monitoring of network and host intrusion detection and prevention technologies. Implementing security controls.
• Experience with using a broad range of AWS technologies (e.g., EC2, RDS, ELB, EBD, S3, VPC, Glacier, IAM, Cloud Watch, KMS) to develop and maintain an Amazon AWS based cloud solution, with an emphasis on best practice cloud security.
• Implemented physical and procedural safeguards for information resources within the facility. Communicate effectively with senior management, peers, staff, and customers both inside and outside the corporation.
• Administered access to information resources and makes provisions for timely detection, reporting, and analysis of actual and attempted unauthorized access to information resources proposed and assisted with the acquisition of security hardware/software.
• Develops and maintains access control rules, VOIP systems.
• Maintains user lists, passwords, encryption keys, and other authentication and security-related information and databases.
• Experience using DAST tools to detect potential vulnerabilities such as HP Web inspect, Solar Winds, Zap, Burp, Tenable, Splunk, Alertlogic, Symantec Endpoint Protection, Zscaler, McAfee security, Portswigger, Fiddler, Wireshark, Nmap, JIRA, Sonatype and Coverity.
• Experience in Palo Alto Networks and Firewall, maintaining local and remote networks lead the design, implementation, and migration of enterprise infrastructure and application services to software defined networks.
• Experience in Palo Alto networks and firewall and configure and manage AWS/ Azure cloud infrastructure.
• Develops and leads procedure for testing disaster recovery plan and provide help-desk-style assistance administered MS Windows Server, Red Hat Linux Server, and Network/Security Administration.
• Advanced knowledge of Cisco wireless LAN controllers, Cisco access points, Cisco ISE, Cisco routers, Cisco L2/L3 switches, Cisco Prime, Generic Routing Encapsulation, load balancing (F5 BIG-IP Local Traffic Manager, Cisco Load Balancer, Citrix, Azure load balancer), QOS, PBR, WCCP, VPN, NAT, VoIP, IPSec, Multicast, DNS services, MPLS networks, LAN, WAN, Juniper Networks Firewall, Cisco ASA firewalls and network and routing protocols (Ethernet, TCP/IP, SNMP, VLAN Trunking, BGP, OSPF, ISIS, EBGP,IBGP,RIP).
• Excellent written and verbal communication skills.
• Ability to create, update and maintain technical documentation. Ability to work independently. Experience with Service Now.
• Provided guidance and policy regarding the administration of all computer security systems and their corresponding or associated software, including endpoint security, intrusion detection systems, and application whitelisting.
• Participated in strategic security relationships between internal resources and external entities, including government, customers, vendors, and partner organizations.
• Experience with using a broad range of AWS technologies (e.g., EC2, RDS, ELB, EBD, S3, VPC, Glacier, IAM, Cloud Watch, KMS) to develop and maintain an Amazon AWS based cloud solution, with an emphasis on best practice cloud security.
• Experience hands-on Azure IaaS / PaaS, designing and building Azure solutions. PowerShell experience as it relates to Azure, AD, and Office 365.

Confidential, Dallas, TX

Information Security Analyst

Responsibilities:

• Adding security rules and pushing the security policy on the checkpoint.
• Monitoring critical vulnerability analysis including using Burp suite to analyze departmental tools for vulnerabilities.
• Maintaining, reviewing and updating Information Security System documentation, to include but not limited to System Security Plan (SSP), Plan of Action & Milestone, Risk Assessment, policies and procedures, security control baselines in accordance with NIST guidelines and security practices.
• Performing web application scanning using IBM App scan to detect web application vulnerabilities.
• Palo Alto’s Mine meld threat collation tool and custom threat intelligence feed miners.
• Implemented various Switch Port Security features as per the company’s policy.
• Provided technical support for expansion of the existing network architecture to incorporate new users.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500.
• Conduct IT controls risk assessment to identify system threats, vulnerabilities, and risk, and generate reports.
• LAN cabling in compliance with CAT5 standards.
• Hands-on experience in Cisco Routers and Switches.
• Maintenance and troubleshooting of connectivity problems using Ping, Trace route.
• Involved in network monitoring, alarm notification and acknowledgement.
• Configure and maintain Windows NT/2000 environment services, including Active Directory, DFS, WINS, DNS, DHCP, file replications and logon scripts.
• Investigate security incidents and recommend actions needed to resolve situations.
• Familiar with Vulnerability Scanning Tools such as Tenable Cloud Scanner, Nessus and analyses reports to vulnerabilities.
• Categorizing vulnerabilities by using OWASP top 10 and SANS top 25 vulnerabilities guide. Working with OWASP tools to perform tasks.
• Installing, configuration and deployment of Splunk Forwarders, indexes, search heads and deployment server.
• Working with OWASP tools such as ZAP proxy to detect vulnerabilities.
• Scanning assets and confirming vulnerabilities using Tenable cloud and Rapid 7 tools.
• Demonstrate attention to detail reviewing new systems or networks to implement appropriate security measures.
• Troubleshooting and tuning the performance of Endpoint Protection (Crowdstrike) in the enterprise environment
• Conducted Vulnerability testing using tools like Nessus, Burp Suite, Retina and Web Inspect, and analyzed reports. Validated remediated vulnerabilities.
• Working with teams on IT audits and ITIL transformations and processing frameworks.

Confidential

Security Analyst

Responsibilities:

• Responsible for resolving all LAN/WAN connectivity other issues and analyse Vulnerabilities reports from various scans and assessments by acting on high risk / critical Vulnerabilities to other Vulnerabilities.
• Management of system security and file system security policies and analysing systems to determine ways of improving performance and conducting routine checks, warranty claims, hardware failure, replacement, software up-gradation, download patches and hotfixes.
• Infrastructure deployment from the very basis to complete function and Information Security Policy as per PCI-DSS Audit Compliance review controls related to various business process of entity for compliance with COSO framework.
• Responsible for conducting structured security certification and accreditation (C&A) activities utilizing the Risk Management Framework and in compliance with the Federal Information Security Modernization Act (FISMA) requirements.
• Performing OS updates and upgrading application and actively used Splunk to monitoring/metric collection for applications in a cloud-based environment and also maintained all shared resource and monitor free and utilized disk space.
• Responsible of setting up projector, audio/video devices for meetings and lectures and keeping and tracking inventory of all loaner laptops issued to students and staffs.

Environment: MS SQL, MySQL, Web scarab, HTML, Kali Linux, OWSP, DirBuster, NMAP, IBM AppScan, BirpSuite, HP Fortify, Windows XP, PHP.