VAPT Intern (Web Application Penetration Testing) – Remote – Freshers
Job Description
Speclar is seeking a motivated and security-driven VAPT Intern to join its cybersecurity team. This internship is designed for candidates who want hands-on exposure to Web Application Penetration Testing (Web PT) and vulnerability assessment.
The selected candidate will work alongside experienced security professionals, contributing to real-world security assessments and developing practical skills in identifying and reporting web application vulnerabilities.
Responsibilities:
- Assist in performing Web Application Penetration Testing following OWASP methodology.
- Identify and analyze common web vulnerabilities such as SQL Injection, XSS, CSRF, IDOR, SSRF, and others.
- Support vulnerability assessments and structured security testing activities.
- Prepare clear and well-documented VAPT reports with remediation recommendations.
- Use tools such as Burp Suite, OWASP ZAP, Nmap, and other security testing tools.
- Re-test vulnerabilities after remediation and document validation results.
Job Requirements
• Basic understanding of Web Application Security concepts.
• Knowledge of OWASP Top 10 vulnerabilities.
• Familiarity with HTTP/HTTPS, REST APIs, authentication, and session management.
• Exposure to penetration testing tools (Burp Suite preferred).
• Basic scripting knowledge (Python or Bash is a plus).
• Strong analytical and documentation skills.
Preferred Qualifications
• Pursuing or recently completed a degree in Cybersecurity, Computer Science, or a related field.
• Participation in CTFs, labs (TryHackMe, HackTheBox), or bug bounty programs.
• Relevant certifications such as eJPT or CEH (optional).
• To Apply: Interested candidates may send their resume with Subject Line: Application for VAPT Internship.
About the Company
Speclar is a cybersecurity-focused organization committed to delivering high-quality security assessments and building strong security capabilities. The company provides practical exposure and growth opportunities within the cybersecurity domain.
