i
Netrika Consulting
Filter interviews by
The methodology approach for API and web pen test involves identifying vulnerabilities, testing for exploits, and reporting findings.
Identify the scope of the test and the target systems
Perform reconnaissance to gather information about the target
Test for common vulnerabilities such as SQL injection and cross-site scripting
Test for exploits to determine the impact of vulnerabilities
Report findings and provide recommend
CSRF tokens are used to prevent unauthorized access to sensitive data or actions on a website.
CSRF tokens add an extra layer of security to web applications by ensuring that requests are coming from an authenticated user.
They are generated by the server and included in forms or URLs to verify the authenticity of the request.
Without CSRF tokens, attackers can use cross-site scripting (XSS) attacks to trick users into un...
OWASP vulnerabilities commonly encountered in security analysis
Injection flaws (SQL, LDAP, OS command, etc.)
Cross-site scripting (XSS)
Broken authentication and session management
Security misconfiguration
Sensitive data exposure
Insufficient logging and monitoring
Using components with known vulnerabilities
Insecure communication (e.g. lack of encryption)
Broken access control
XML External Entities (XXE)
I applied via Referral and was interviewed before Apr 2022. There were 2 interview rounds.
I applied via Referral and was interviewed before Apr 2022. There were 2 interview rounds.
Research Associate
63
salaries
| ₹2.5 L/yr - ₹3.4 L/yr |
Senior Research Associate
17
salaries
| ₹2.5 L/yr - ₹4.5 L/yr |
Research Analyst
12
salaries
| ₹2.5 L/yr - ₹4.5 L/yr |
Security Consultant
9
salaries
| ₹6 L/yr - ₹10 L/yr |
Team Lead
8
salaries
| ₹3.5 L/yr - ₹5.5 L/yr |
KPMG India
Deloitte
PwC
Ernst & Young