Sai Manohar Chevula

Associate Security Consultant

Talent

ThoothukudiMember since 21 May 2026

OWASP Top 10Network vulnerability assessmentNmapBurp SuiteOWASP ZAPMetasploittheHarvesterDNSReconSublist3rDirbcurlOSINT

Hire this person

Send a job offer directly to this candidate

OWASP Top 10Network vulnerability assessmentNmapBurp SuiteOWASP ZAP

About

Security Analyst with hands-on experience in web and network vulnerability assessment and penetration testing. Skilled in identifying, validating, and documenting security vulnerabilities using tools like Burp Suite, Nmap, and OWASP ZAP. Strong knowledge of OWASP Top 10 and application security testing, with experience in manual validation techniques. Proficient in OSINT for reconnaissance and attack surface analysis. Currently enhancing expertise in API and Android application security.

Experience

Penetration Tester – Intern - KLEAP INSTITUTE OF INFORMATION SECURITY - Hyderabad, T.S

Conducted web application reconnaissance and enumeration (footprinting, subdomain discovery, path enumeration) using theHarvester, DNSRecon, and Sublist3r, aligning with OWASP methodologies.
Performed automated and manual vulnerability scanning using Nmap, OWASP ZAP, Burp Suite, and Dirb to identify attack surfaces, hidden endpoints, and vulnerable parameters.
Executed deep application testing and parameter manipulation using Burp Suite modules (Repeater, Intruder) to identify injection flaws and business logic vulnerabilities.
Identified and validated vulnerabilities including CSRF, XSS, IDOR, clickjacking, and weak CSP using tools like curl and Google CSP Evaluator / SecurityHeaders.io, providing reproducible proof-of-concepts.
Performed authenticated testing and privilege escalation checks using tools like Metasploit, Burp extensions, and session analysis tools in controlled environments.
Prepared detailed VAPT reports with CVSS risk ratings, PoC steps, screenshots, and remediation guidance to support effective vulnerability remediation.
Conducted web application security testing on banking and insurance applications using Burp Suite and curl.
Analyzed authentication, session management, input validation, and APIs.
Identified vulnerabilities such as weak password policies, lack of rate limiting, and business logic flaws.
Tested CORS, security headers, and Content Security Policy (CSP) configurations.
Performed client-side analysis to detect sensitive data exposure.
Discovered CORS misconfigurations and weak CSP policies.
Documented findings with proof-of-concepts and remediation recommendations following OWASP guidelines.