Extensive experience in development and architecture large scale web applications using Service oriented architecture (SOA), n-tier using Struts, JSP, AJAX, JDBC, EJB, Oracle, Java Stored Procedures, Oracle Stored procedures on application servers like IBM Websphere and Jakarta Tomcat. Good understanding of various web application vulnerabilities like XSS/SQLi/CSRF/Session related attacks, etc.
• Developed enterprise application using service oriented architecture and J2EE design patterns.
• Developed applications using technologies like HTML, JavaScript, AJAX, J2EE.
• Highly experienced in focusing on the security aspects in all phases of software development life cycle.
• Worked with various open source tools and platforms.
• Helped build various POC’s for [login to view URL] including an XSS filter POC demonstrating black list filtering.
• Developed an insecure and secure version of application for Whitehat educational service division, including a demo of output encoding to mitigate XSS using OWASP encoding project.
• Working on Java Input Validation API (JIVA).
Technical Expertise:
Languages
Java, JavaScript, XML, XSL/XSLT, HTML, C, C++, SQL, ASP, Visual Basic.
Java Technologies
EJB 1.1/2.0, Struts, JSF, Servlets, AJAX, JSP, JSP Tag Libraries, JNDI, JDBC, Java Mail 1.2, Java Beans 1.1, JDK 1.4.0, JMS, JSSE, JCE, JAAS, JFC/Swing 1.1, JNI, Java XML, JAF 1.0, RMI, Reflection API, JDOM, Thread API, Lucene, Jena2.
Operating Systems
Linux, Unix, Windows95/98/NT 4.0/2000/XP.
Database
Oracle 8i/9i, DB2, MYSQL 4.0/5.0, SQL Server, Hypersonic SQL, PostGre SQL 7.4/8.1, Microsoft Access.
Servers
Websphere 4.0/5.1/6.0, BEA Weblogic 8.1, Sun Java System Application Server 8.0/9.0, Jakarta Tomcat 4.1/5.0, Apache Web Server 1.3/2.0, IIS 5.0.
Software
RSA, Netbeans, IntelliJ, Clear Case, VSS, SQL Navigator, ANT, Weblogic Workshop.
XML Technologies
XML, XSL/XSLT, Jaxp-1.1, Xerces.1.3.1, Xalan, XSP, JAXP, Jasper.
Other
Web Services, Hibernate, RDF, OOD/OOP, HTTP, TCP, UDP, Firewall, Internet, ODBC, JDBC, Web Browsers, RFC’s, Web Semantics.