Title : Insecure Bank Mobile Application

Description : Insecure Bank Provides Financial Transactions.It provides the Latest Transaction details,E-Statements,Account Balances And Electronic Bill payments.Quick transfer of Funds Can be done.Access to loan statements and Access to Card Statements.Monitoring term deposits

Testing :

Penetration Testing : Analyzed the Application Against Application Attacks,Server Attacks And Network Attacks.Reverse Engineered the Android Application.Did WhiteBox/GreyBox Penetration Testing Checked For Code Review of the application.Checked to see if the application is obfuscated or in plain text.Used Burp Suite Proxy to Intercept the Application.Studied the Structure of the Packages Looked for the Propritary Package Names using the Company name.Made an inventory of the files found To narrow the resuts used For the report.Did a static analysis Using Mobsf on the Apk.And Dynamic Analysis using GenyMotion Android Emulator

Title : Medaz

Description : Migrating MedAZ from VB6 to MVC using C#.net.

Medaz is a complete Suite focusing on Physician Practices covering the whole nine yards of Patient Scheduling, Electronic Health Record and Revenue Cycle. With a particular focus on US health care sector, the above is certified for Meaningful Use under Obama care Management

Testing :

Penetration Testing : Performed Penetration Testing on MedAZ Web application Security’s Infrastructure And Vulnerability Assessment Of Database Servers. Reviewed Policies And Act like a Subject Matter Expert on best Practice. Verified SSL Authentication For Secure Application Development On Web Servers. Port Scan Servers Using NMAP And Close All Unnecessary Ports To Reduce The Attack Surface .Performed Live Packet Data Capture With Wireshark To Examine Security Flaws

Title : Kerhes

Description : Developing software by using MVC (C#.net). It is a website which is used in educational institutions for placements. This website is used to keep student’s details and also based on their academic details the job vacancy will be scheduled. Students have to upload their documents for employment verification, if they did not upload their documents warning will be send through mail. Administrator can categorize the students based on their academic details and job details.

Testing :

Penetration Testing : Performed Dynamic And Static Analysis of Web application Using Net Sparker. Scanned Kerhes Database For MEDAZ Security Clients For Vulnerabilities Based on the Restful Architectures. Conducted White/Grey Box Penetration Testing on the Student Database Systems Using Kali Linux Creating the Reports On RCA (Root Cause Analysis) as per the guidelines Followed in SANS And OWASP top 10.