| 2025-12-11 | Tool demo | Blackhat |
Cloud Sec AI BOT
| Nandan Gupta, K v Prashant, Swarup Natukula | #cloud-security-posture-management#aws#azure+2 |
| 2025-12-11 | Tool demo | Blackhat |
ReForge: Where Crashes Become Weapons
| Sohan Simha Prabhakar, Samarth Bhaskar Bhat, Abinav Harsha, Danindu Gammanpilage | #fuzzing#exploit-development#vulnerability-assessment+1 |
| 2025-12-10 | Tool demo | Blackhat |
Catch the Flow: Securing CI/CD Workflows with Flowlyt
| Hare Krishna Rai, K v Prashant, Nandan Gupta | #ci-cd#supply-chain#devsecops+1 |
| 2025-12-10 | Tool demo | Blackhat |
Securing Secrets from Dev Machine to Deployments Using SLV
| Shibly Meeran, Sriram Krishnan, Keshav Kandasamy | #devsecops#cicd-security#supply-chain |
| 2025-12-10 | Tool demo | Blackhat |
EKSi-lite: Simple & Lightweight EKS Cluster Listing & Security Tool
| Divyanshu Shukla, Anjali Singh Shukla | #aws#kubernetes#cloud-security-posture-management+4 |
| 2025-12-10 | Tool demo | Blackhat |
Kubernetes Goat β A Hands-on Interactive Kubernetes Security Playground
| Madhu Akula | #kubernetes#container-security#cloud-pentesting+1 |
| 2025-12-10 | Tool demo | Blackhat |
Nightingale: Docker for Pentesters
| Raja Nagori | #penetration-testing-tools#docker#security-testing+1 |
| 2025-12-10 | Tool demo | Blackhat |
SBOM Play
| Anant Shrivastava | #sbom#supply-chain#vulnerability-assessment+1 |
| 2025-12-10 | Tool demo | Blackhat |
Spotter β Universal Kubernetes Security Engine
| Madhu Akula | #kubernetes#container-security#cloud-security-posture-management+1 |
| 2025-10-10 | Talk | C0c0n |
Ghosts in Your GitHub Actions and AI’s Hunt for Hidden Exploits
| Suchith Narayan | #supply-chain#supply-chain-attack#devsecops+1 |
| 2025-08-07 | Tool demo | Blackhat |
Spotter β Universal Kubernetes Security Scanner & Policy Enforcer
| Madhu Akula | #kubernetes#cloud-workload-protection#container-security+4 |
| 2025-08-07 | Tool demo | Blackhat |
Kubernetes Goat - A Hands-on Interactive Kubernetes Security Playground
| Madhu Akula | #kubernetes#cloud-workload-protection#container-security+3 |
| 2025-08-07 | Tool demo | Blackhat |
Kubernetes Security Scanner
| Krishna Priya | #kubernetes#cloud-workload-protection#container-security+4 |
| 2025-08-07 | Tool demo | Blackhat |
Halberd : Multi-Cloud Agentic Attack Tool
| Arpan Abani Sarkar | #cloud-access-security-broker#cloud-pentesting#security-testing+3 |
| 2025-08-07 | Talk | Blackhat |
Weaponizing Apple AI for Offensive Operations
| Hari Shanmugam | #ai#macos#ai-security+2 |
| 2025-08-06 | Talk | Blackhat |
When ‘Changed Files’ Changed Everything: Uncovering and Responding to the tj-actions Supply Chain Breach
| Varun Sharma, Ashish Kurmi | #ci-cd#incident-management#devsecops+2 |
| 2025-08-06 | Tool demo | Blackhat |
Damn Vulnerable Browser Extension (DVBE): Unmask the risks of your Browser Supplements
| Abhinav Khanna, Krishna Chaganti | #web-security#secure-coding#security-assessment+2 |
| 2025-08-06 | Tool demo | Blackhat |
ParseAndC 4.0 - The Final Cut
| Parbati Kumar Manna | #reverse-engineering#binary-analysis#code-analysis+4 |
| 2025-08-06 | Tool demo | Blackhat |
vet: Proactive Guardrails against Malicious OSS using Code Analysis
| Abhisek Datta | #static-analysis#software-security#devsecops+2 |
| 2025-08-06 | Talk | Blackhat |
Adversarial Fuzzer for Teleoperation Commands: Evaluating Autonomous Vehicle Resilience
| Shanit Gupta, Zhisheng Hu, Cooper De Nicola | #automotive-cybersecurity#security-testing#control-systems |
| 2025-08-06 | Tool demo | Blackhat |
Realtic
| Sohan Simha Prabhakar, Samarth Bhaskar Bhat, Danindu Gammanpilage | #security-assessment#vulnerability-assessment#static-analysis+3 |
| 2025-08-06 | Tool demo | Blackhat |
SmuggleShield - Protection Against HTML Smuggling
| Dhiraj Mishra | #web-security#malware-detection#browser-security+2 |
| 2025-04-30 | Talk | Rsac |
Got Supply Pain? A Real-World Approach to Supply Chain SDL
| Mohit Arora, Richard Tonry | #secure-development#devsecops#risk-management+4 |
| 2025-04-29 | Talk | Rsac |
RAG-NAROK: What Poorly-Built RAGs Can Do to Data Security
| Akash Mukherjee, Saurabh Shintre | #secure-development#devsecops#data-protection+1 |
| 2025-04-29 | Talk | Rsac |
XPIA AttacksβRethinking Defense in Depth for an AI-Powered World
| Aanchal Gupta, Abhilasha Bhargav Spantzel, John Leo Jr, Stefano Zanero | #ai#ai-security#input-validation+3 |
| 2025-04-04 | Tool demo | Blackhat |
Intro to CICDGuard - How to have visibility and security OF CICD ecosystem
| Pramod Rana | #cicd-pipeline#cicd-security#secure-development+3 |
| 2025-04-04 | Tool demo | Blackhat |
Decoy Mutex
| Madhukar Raina | #ransomware#endpoint-protection#malware-prevention+3 |
| 2025-04-04 | Tool demo | Blackhat |
Kubernetes Goat: A Hands-on Interactive Kubernetes Security Playground
| Madhu Akula | #kubernetes#cloud-workload-protection#container-security+4 |
| 2025-04-04 | Tool demo | Blackhat |
MORF - Mobile Reconnaissance Framework
| Amrudesh Balakrishnan, Abhishek Jm, Himanshu Das | #reconnaissance#application-pentesting#static-analysis+2 |
| 2025-04-04 | Tool demo | Blackhat |
RedInfraCraft : Automate Complex Red Team Infra
| Yash Bharadwaj, Manish Gupta | #cloud-access-security-broker#cloud-compliance#cloud-pentesting+1 |
| 2025-04-04 | Tool demo | Blackhat |
Agneyastra - Firebase Misconfiguration Detection Toolkit V2
| Bhavarth Karmarkar, Devang Solanki | #misconfiguration#cloud-pentesting#security-tools+1 |
| 2025-04-03 | Talk | Blackhat |
ObfusQate: Where Quantum Magic Meets Code Security β Say Goodbye to Easy Cracking!
| Vivek Balachandran, Nikhil Bartake, Zi Jie See Toh, Michael Kasper | #secure-coding#quantum-computing#software-security |
| 2025-04-03 | Tool demo | Blackhat |
Mantis - Asset Discovery at Scale
| Hitesh Thakur, Praveen Kanniah, Prateek Thakare | #asset-inventory#cloud-workload-protection#security-tools+4 |
| 2025-04-03 | Tool demo | Blackhat |
KubeSF V1.2 - Kubernetes Security Posture Audit Suite
| Abhishek S, Ajith Prabhu | #kubernetes#cloud-workload-protection#container-security+4 |
| 2025-04-03 | Tool demo | Blackhat |
MobXplore
| Aman Pareek, Akarsh Singh | #application-pentesting#ios-security#dynamic-analysis+4 |
| 2025-04-03 | Tool demo | Blackhat |
R0fuzz: A Collaborative Fuzzer
| Season Cherian, Anikait Panigrahi, Aparna Balaji | #fuzzing#ics-security#industrial-control-systems+2 |
| 2025-04-03 | Tool demo | Blackhat |
SmuggleShield 2.0 - Basic Protection Against HTML Smuggling
| Dhiraj Mishra | #application-pentesting#input-validation#security-testing |
| 2025-04-03 | Tool demo | Blackhat |
Halberd : Multi-Cloud Security Testing Tool
| Arpan Abani Sarkar | #cloud-access-security-broker#cloud-pentesting#security-tools+2 |
| 2025-04-03 | Tool demo | Blackhat |
VulnScout
| Samaksh K, Nimit Jain | #automated-scanning#security-tools |
| 2025-03-14 | Talk | Insomnihack |
The Art of Malware Smuggling (Unmasking SVG-Based Attack Techniques)
| Dhiraj Mishra | #endpoint-protection#security-testing#malware-distribution |
| 2025-03-02 | Talk | Nullcon |
Building Glitch-Resistant Firmware: Practical Software Countermeasures for Hardware glitch attacks
| Shyam Kumar Arshid, Chinmay Krishna | #embedded-security#firmware-analysis#secure-coding+1 |
| 2025-03-02 | Panel | Nullcon |
From Code to Defense: Why Developers Are the New Security Leaders
| Vaibhav Gupta, Vikas Goyal, Hilal Lone, Gene Golovinsky | #secure-development#secure-coding#security-testing+3 |
| 2025-03-02 | Talk | Nullcon |
Hidden in Plain Sight: Large-Scale Exposure of Orphaned Commits on Major Git Platforms
| Kumar Ashwin | #secure-coding#devsecops#architecture |
| 2025-03-01 | Talk | Nullcon |
Drawing parallels between iOS and macOS Pentesting with DVMA
| Vaibhav Lakhani | #macos#ios#application-pentesting+3 |
| 2025-03-01 | Talk | Nullcon |
The Future is Trustless: How zkVMS and zkTLS Transform Bug Bounties
| Anto Joseph | #bug-bounty#secure-development#security-testing+2 |
| 2025-03-01 | Talk | Nullcon |
MLOps Under Attack: Threat Modeling Modern AI Systems
| Sandeep Singh | #ai#ml#ai-security+4 |
| 2025-03-01 | Panel | Nullcon |
AI in SecOps: Enhancing Incident Response with Intelligence
| Mrudul Uchil, Parag Deodhar, Felix Mohan | #ai-security#ai#machine-learning+3 |
| 2025-03-01 | Talk | Nullcon |
MacOS Lockdown Mode: A Forensic Deep Dive
| Bhargav Rathod | #macos#digital-forensics#endpoint-protection+3 |
| 2024-12-12 | Tool demo | Blackhat |
MORF - Mobile Reconnaissance Framework
| Amrudesh Balakrishnan, Abhishek Jm, Himanshu Das | #application-pentesting#code-review#secure-development+3 |
| 2024-12-12 | Tool demo | Blackhat |
Cloud Offensive Breach and Risk Assessment (COBRA)
| Harsha Koushik, Anand Tiwari | #cloud-pentesting#cloud-workload-protection#security-testing+3 |
| 2024-12-12 | Tool demo | Blackhat |
Genzai - The IoT Security Toolkit
| Umair Nehri | #genzai#iot-device-management#iot-pentesting+4 |
| 2024-12-11 | Tool demo | Blackhat |
Android BugBazaar: Your mobile appsec playground to Explore, Exploit, Excel
| Amit Parjapat, Vedant Wayal | #android#application-pentesting#mobile-application-management+4 |
| 2024-12-11 | Tool demo | Blackhat |
Open Source Tool to Shift Left Security Testing by Leveraging AI
| Shivam Rawat, Shivansh Agrawal | #ai-security#secure-development#security-testing+2 |
| 2024-11-21 | Talk | Securityfest |
Wheels of Wonder
| Hrishikesh Somchatwar | #automotive-cybersecurity#car-hacking#embedded-systems+4 |
| 2024-11-21 | Talk | Securityfest |
Breaking Container Boundary Using Side Channel Attack
| Adhokshaj Mishra | #container-security#docker#security-testing+1 |
| 2024-11-16 | Talk | C0c0n |
Invisible Invaders: Bypassing Email Security with Legitimate Tools
| Dhruv Bisani | #bypassing#phishing#social-engineering+2 |
| 2024-11-16 | Talk | C0c0n |
Ride on the House - Exploiting Public Transport Ticketing Systems for Free Rides
| Rakesh Seal, Diptisha Samanta | #exploitation#ethical-hacking#network-pentesting+1 |
| 2024-11-16 | Talk | C0c0n |
Serverless Phishing Factory: Automate, Attack, Adapt
| Yash Bharadwaj, Manish Gupta | #phishing#serverless#cloud-workload-protection+2 |
| 2024-11-15 | Talk | C0c0n |
PCI 4.0, Javascript Security for product security teams
| Anand Kumar Ganesan, Mohammad Arif | #web-security#secure-coding#application-pentesting+2 |
| 2024-11-06 | Talk | Blackalps |
IDAT Loader: The Malwareβs Camouflaged Weapon
| Niranjan Jayanand | #endpoint-protection#dynamic-analysis#security-testing |
| 2024-10-23 | Tool demo | Blackhat |
Cyber Arsenal47
| Simardeep Singh | #automated-scanning#vulnerability-assessment#security-assessment+2 |
| 2024-10-23 | Talk | Blackhat |
Guardians of the OAuth Galaxy: Defending Your Organization from OAuth Application Attacks
| Shruti Ranjit, Mangatas Tondang | #blueteam#oauth#application-pentesting+4 |
| 2024-10-23 | Tool demo | Blackhat |
R0fuzz: A Collaborative Fuzzer
| Season Cherian, Vishnu Dev, Vivek N J | #fuzzing#ics-security#industrial-control-systems+1 |
| 2024-09-26 | Talk | Rootcon |
How to have visibility and security OF CICD ecosystem
| Pramod Rana | #ci-cd#application-hardening#cicd-pipeline+4 |
| 2024-08-29 | Tool demo | Hitbsecconf |
CICDGuard
| Pramod Rana | #ci-cd#cicd-pipeline#cicd-security+3 |
| 2024-08-10 | Talk | Defcon |
Sneaky Extensions: The MV3 Escape Artists
| Vivek Ramachandran, Shourya Pratap Singh | #web-security#security-assessment#application-pentesting+4 |
| 2024-08-09 | Talk | Defcon |
Breaking Secure Web Gateways (SWG) for Fun and Profit
| Vivek Ramachandran, Jeswin Mathai | #ssl#application-pentesting#secure-coding+3 |
| 2024-08-09 | Talk | Defcon |
Breaking Secure Web Gateways (SWG) for Fun and Profit
| Vivek Ramachandran, Jeswin Mathai | #swg#cloud-access-security-broker#application-pentesting+4 |
| 2024-08-09 | Talk | Defcon |
Reflections on a Decade in Bug Bounties: Experiences and Major Takeaways
| Nikhil Shrivastava, Charles Waterhouse | #bug-hunting#bug-bounty#security-training+3 |
| 2024-08-08 | Tool demo | Blackhat |
Open Source LLM Security
| Ankita Gupta 1, Ankush Jain | #ai-security#application-pentesting#security-testing+3 |
| 2024-08-08 | Tool demo | Blackhat |
Cloud Offensive Breach and Risk Assessment (COBRA)
| Anand Tiwari, Harsha Koushik | #cloud-security-posture-management#cloud-pentesting#security-testing+1 |
| 2024-08-08 | Tool demo | Blackhat |
Octopii v2
| Owais Shaikh | #red-teaming#ai-security#nlp+2 |
| 2024-08-07 | Tool demo | Blackhat |
Hacking generative AI with PyRIT
| Raja Sekhar Rao Dheekonda | #ai#ai-security#machine-learning+4 |
| 2024-08-07 | Tool demo | Blackhat |
TrafficWardenX: OpenWRT Security & Monitoring
| Sampad Adhikary, Tripti Sharma | #openwrt#network-monitoring#security-tools+3 |
| 2024-06-27 | Talk | Troopers |
The Hidden Dangers Lurking in Your Pocket β Pwning Apple Wallet ecosystem and its apps
| Priyank Nigam | #security-assessment#api-security#secure-development |
| 2024-04-19 | Tool demo | Blackhat |
AWSDefenderGPT: Leveraging OpenAI to Secure AWS Cloud
| Sherin Stephen, Nishant Sharma, Rishappreet Singh Moonga | #aws#ai-security#ai+4 |
| 2024-04-19 | Tool demo | Blackhat |
GearGoat : Car Vulnerabilities Simulator
| Nishant Sharma, Pranjal Soni, Sanjeev Mahunta | #car-hacking#iot-device-management#iot-pentesting+3 |
| 2024-04-19 | Tool demo | Blackhat |
Malware clustering using unsupervised ML : CalMal
| Himanshu Anand | #machine-learning#ai-security#malware-detection+3 |
| 2024-04-19 | Tool demo | Blackhat |
Monitoring and Detecting Leaks with GitAlerts
| Nikhil Mittal 1 | #osint#data-leak#reconnaissance+1 |
| 2024-04-18 | Tool demo | Blackhat |
Secure Local Vault - Git Based Secret Manager
| Sriram Krishnan, Shibly Meeran | #blueteam#application-hardening#secure-coding+2 |
| 2024-04-18 | Tool demo | Blackhat |
BinderAPI Scanner & BASS
| Krishnaprasad Subramaniam, Jeffrey Gaor, Valen Sai, Eric Tee Hock Nian | #api-security#application-pentesting#dynamic-analysis+3 |
| 2024-04-18 | Tool demo | Blackhat |
MORF - Mobile Reconnaissance Framework
| Amrudesh Balakrishnan, Abhishek Jm, Himanshu Das | #reconnaissance#application-pentesting#static-analysis+3 |
| 2024-04-18 | Talk | Blackhat |
Breaking Managed Identity Barriers In Azure Services
| Nitesh Surana, David Fiser | #azure#cloud-pentesting#access-management+3 |
| 2024-04-18 | Tool demo | Blackhat |
DetectiveSQ: A Extension Auditing Framework Version 2
| Govind Krishna, Xian Xiang Chang | #audit#application-pentesting#ai-security+4 |
| 2024-04-18 | Tool demo | Blackhat |
Nightingale: Docker for Pentesters
| Raja Nagori | #docker#application-pentesting#cloud-pentesting+3 |
| 2024-04-18 | Tool demo | Blackhat |
R0fuzz
| Season Cherian, Vishnu Dev | #fuzzing#ics-security#ics+2 |
| 2024-04-18 | Tool demo | Blackhat |
findmytakeover - find dangling domains in a multi cloud environment
| Aniruddha Biyani | #dns#cloud-workload-protection#cloud-pentesting+1 |
| 2024-03-12 | Talk | Nullcon |
Secure Web Gateways are dead. Whatβs next?
| Vivek Ramachandran | #browser-security#application-hardening#security-strategy+2 |
| 2023-12-07 | Tool demo | Blackhat |
Akto - Open Source API Security Tool
| Ankush Jain | #api-security#secure-development#security-testing+3 |
| 2023-12-07 | Tool demo | Blackhat |
Mantis - Asset Discovery at Scale
| Prateek Thakare, Bharath Kumar, Praveen Kanniah | #red-teaming#asset-inventory#asset-management+2 |
| 2023-12-07 | Tool demo | Blackhat |
Route53Sweep: Empowering AWS Route53 Security with Automated Scanning & Comprehensive Inventory Management
| Divyanshu Shukla, Anjali Singh Shukla | #aws#cloud-access-security-broker#cloud-monitoring+2 |
| 2023-12-06 | Talk | Blackhat |
AutoSpill: Zero Effort Credential Stealing from Mobile Password Managers
| Ankit Gangwal, Shubham Singh, Abhijeet Srivastava | #mobile-hacking#android-security#application-pentesting+2 |
| 2023-12-06 | Tool demo | Blackhat |
HAWK Eye - PII & Secret Detection tool for your Servers, Database, Filesystems, Cloud Storage Services
| Rohit Kumar | #bug-hunting#data-loss-prevention#data-protection+4 |
| 2023-12-06 | Tool demo | Blackhat |
MORF - Mobile Reconnaissance Framework
| Abhishek Jm, Amrudesh Balakrishnan, Himanshu Das | #reconnaissance#application-pentesting#static-analysis+3 |
| 2023-12-06 | Tool demo | Blackhat |
SSH into any device from anywhere with ZERO Open Network ports
| Anthony Prakash, Colin Constable | #ssh#zero-trust#secure-development+1 |
| 2023-12-06 | Tool demo | Blackhat |
DetectiveSQ: A Extension Auditing Framework
| Jeswin Mathai, Shourya Pratap Singh | #threat-intelligence-analysis#application-pentesting#application-hardening+3 |
| 2023-12-06 | Tool demo | Blackhat |
Honeyscanner: a vulnerability analyzer for Honeypots
| Shreyas Srinivasa, Emmanouil Vasilomanolakis, Aristofanis Chionis Koufakos, Ricardo Yaben | #vulnerability-assessment#honeypot#security-testing+2 |
| 2023-12-06 | Tool demo | Blackhat |
Octopii v2
| Owais Shaikh, Umair Nehri | #ai#data-protection#nlp+4 |
| 2023-12-06 | Tool demo | Blackhat |
AndroCop: One Click Forensic Investigation & Data Extraction Tool
| Abhinand N, Aswin M Guptha, Varun Nair | #android#android-security#mobile-forensics+4 |
| 2023-10-13 | Talk | Hackfest |
Exploring RAM Forensic Analysis for Effective Digital Investigations
| Sneha Banerjee | #forensics#memory-forensics#digital-forensics+2 |
| 2023-09-28 | Talk | Hackinparis |
How to have visibility and security OF CICD ecosystem
| Pramod Rana | #cicd-security#devsecops#architecture+4 |
| 2023-09-23 | Panel | Nullcon |
SHIFTING LEFT WITH SECURITY AND THE EVOLUTION OF YOUR DEVSECOPS TEAMβS JOURNEY TO EXCELLENCE
| Dinesh Varma, Satish Kumar Dwibhashi, Manoj Kumar | #secure-development#security-tools#cicd-security+2 |
| 2023-09-23 | Talk | Nullcon |
Secure Coding: Fix From The Root
| Saddam Hussain, Gopika Subramanian | #secure-coding#application-pentesting#code-review+4 |
| 2023-09-23 | Talk | Nullcon |
Deconstructing The Beast: A Deep Dive Into JIT Compilation Attacks In iOS
| Shubham Sharma | #ios#ios-security#application-pentesting+3 |
| 2023-09-23 | Talk | Nullcon |
Secure Your Angular App Using JWT And GraphQL
| Ankit Sharma | #blueteam#api-security#secure-development+1 |
| 2023-09-23 | Talk | Nullcon |
Your App Is Probably A Spyware…Or Is It?
| Gaurav Gogia, Pandurang Patil | #spyware#secure-development#security-testing+3 |
| 2023-09-23 | Talk | Nullcon |
How I hacked your bank account: A detailed look at UPI Security
| Abhay Rana | #hacking#application-hardening#input-validation+2 |
| 2023-09-23 | Talk | Nullcon |
Uncovering Azure’s Silent Threats: A Journey Into Cloud Vulnerabilities
| Nitesh Surana | #azure#cloud-pentesting#application-hardening+4 |
| 2023-09-16 | Talk | Romhack |
Hacking into the iOSβs VOLTE implementation
| Hardik Mehta, Rajanish Pathak | #ios#application-pentesting#security-testing |
| 2023-08-25 | Tool demo | Hitbsecconf |
iGoat
| Swaroop Yermalkar | #ios#application-pentesting#secure-coding+3 |
| 2023-08-25 | Tool demo | Hitbsecconf |
eBPFShield
| Sagar Bhure | #dns#machine-learning#security-tools+1 |
| 2023-08-24 | Tool demo | Hitbsecconf |
Vajra
| Raunak Parmar | #aws#azure#cloud-pentesting+3 |
| 2023-08-12 | Tool demo | Defcon |
Open Source API Security for devsecops
| Ankush Jain, Ankita Gupta 1 | #api-security#devsecops#ci-cd+2 |
| 2023-08-12 | Talk | Defcon |
Getting More Bang for your Buck:Appsec on a Limited Budget
| Vandana Verma Sehgal, Viraj Gandhi | #secure-development#devsecops#risk-management+2 |
| 2023-08-11 | Talk | Defcon |
Getting a Migraine - uncovering a unique SIP bypass on macOS
| Anurag Bohra, Jonathan Bar Or, Michael Pearse | #macos#endpoint-protection#bypassing+2 |
| 2023-08-10 | Tool demo | Blackhat |
SCodeScanner - An Open-Source Source-Code Scanner
| Utkarsh Agrawal | #code-review#sast#secure-development+4 |
| 2023-08-10 | Talk | Blackhat |
AI Assisted Decision Making of Security Review Needs for New Features
| Mrityunjay Gautam, Pavan Kolachoor | #ai#ai-security#deep-learning+3 |
| 2023-08-10 | Tool demo | Blackhat |
vAPI: Vulnerable Adversely Programmed Interface
| Tushar Kulkarni | #api-security#authorization#security-testing+3 |
| 2023-08-10 | Tool demo | Blackhat |
MELEE: A Tool to Identify Ransomware Infections in MySQL Deployments
| Aditya K Sood | #ransomware#malware-detection#security-tools |
| 2023-08-09 | Tool demo | Blackhat |
CASPR - Code Trust Auditing Framework
| Ajit Hatti | #secure-coding#code-review#secure-development+1 |
| 2023-08-09 | Tool demo | Blackhat |
Akto - Open Source API Security Tool
| Ankush Jain, Ankita Gupta 1 | #api-security#application-pentesting#security-testing+3 |
| 2023-08-09 | Tool demo | Blackhat |
ARCTIC - Automated Remediation for Correlation Threat Intelligence Collections
| Ankit Anurag, Ashwath Kumar, Manikandan Rajappan | #cloud-access-security-broker#incident-management#security-tools+2 |
| 2023-08-09 | Tool demo | Blackhat |
Damn Vulnerable Bank
| Akshansh Jaiswal, Hrushikesh Kakade, Rewanth Tammana | #android-security#application-pentesting#dynamic-analysis+3 |
| 2023-08-09 | Tool demo | Blackhat |
MORF - Mobile Reconnaissance Framework
| Abhishek Jm, Amrudesh Balakrishnan, Himanshu Das | #reconnaissance#application-pentesting#static-analysis+2 |
| 2023-08-09 | Tool demo | Blackhat |
AntiSquat - An AI-Powered Phishing Domain Finder
| Owais Shaikh, Umair Nehri | #ai#ai-security#phishing+2 |
| 2023-08-07 | Talk | C0c0n |
Start Left SDLC Security with Open-Source DevSecOps Tooling
| Aswin Raj, Shruti M G | #devsecops#secure-development#static-analysis+3 |
| 2023-08-07 | Talk | C0c0n |
Smart Contract Phishing : Attack & Defense
| Tejaswa Rastogi | #smart-contracts#phishing#secure-coding+1 |
| 2023-08-07 | Talk | C0c0n |
Shifting left blockchain development for safer DApps
| Dhanith Krishna | #smart-contracts#secure-development#devsecops+2 |
| 2023-08-07 | Talk | C0c0n |
Enhancing Red Team OPSEC: Abusing Stealthy In-Memory Binary Execution Techniques in Linux
| Pranav Sivvam | #red-teaming#linux#memory-forensics+2 |
| 2023-08-06 | Talk | C0c0n |
Taking a Closer Look at CI/CD Pipeline Logs: Extracting Security-Related Information with Build Inspector
| Anshu Kumar, Pavan Sorab | #devsecops#ci-cd#cicd-pipeline+2 |
| 2023-08-06 | Talk | C0c0n |
Mitigating SSRF at scale the right way with IMDSv2!
| Ayush Priya | #web-security#api-security#aws+2 |
| 2023-08-06 | Talk | C0c0n |
The new way to be secure
| Sakshi Bhutani | #secure-development#devsecops#software-security+3 |
| 2023-08-06 | Talk | C0c0n |
Surviving In Dependency Hell
| Kumar Ashwin | #secure-development#devsecops#software-security |
| 2023-05-12 | Tool demo | Blackhat |
SCodeScanner - An Open-Source Source-Code Scanner
| Utkarsh Agrawal | #code-review#static-analysis#sast+2 |
| 2023-05-12 | Tool demo | Blackhat |
GCPGoat : A Damn Vulnerable GCP Infrastructure
| Shantanu Kale, Rishappreet Singh Moonga, Ravi Verma, Govind Krishna | #gcp#cloud-pentesting#cloud-workload-protection+4 |
| 2023-05-12 | Tool demo | Blackhat |
Introducing the Operating System for Automotive Security Testing: A Hands-on Demonstration
| Ravi Rajput | #automobile#automotive-cybersecurity#embedded-systems+4 |
| 2023-05-12 | Tool demo | Blackhat |
eBPFShield: Advanced IP-Intelligence & DNS Monitoring using eBPF
| Sagar Bhure | #dns#machine-learning#network-monitoring+2 |
| 2023-05-11 | Tool demo | Blackhat |
CASPR - Code Trust Auditing Framework
| Atharva Chincholkar, Srishti Chaubey | #secure-coding#application-pentesting#code-review+4 |
| 2023-05-11 | Tool demo | Blackhat |
APKHunt | OWASP MASVS Static Analyzer
| Mrunal Chawda, Sumit Kalaria | #owasp#application-pentesting#code-review+4 |
| 2023-05-11 | Tool demo | Blackhat |
KernelGoat
| Shivankar Madaan | #kernel#secure-development#security-training |
| 2023-05-11 | Tool demo | Blackhat |
MORF - Mobile Reconnaissance Framework
| Abhishek Jm, Amrudesh Balakrishnan, Himanshu Das | #reconnaissance#application-pentesting#static-analysis+3 |
| 2023-05-11 | Tool demo | Blackhat |
Nightingale: Docker for Pentesters
| Raja Nagori | #docker#application-pentesting#container-security+4 |
| 2023-05-11 | Tool demo | Blackhat |
Post-Quantum Cryptography Library
| Sagar Bhure, Shain Singh | #encryption#quantum-computing#secure-development+3 |
| 2023-05-11 | Tool demo | Blackhat |
AzureGoat : A Damn Vulnerable Azure Infrastructure
| Nishant Sharma, Dasari Yashwanth Babu | #azure#cloud-pentesting#cloud-workload-protection+2 |
| 2023-05-11 | Tool demo | Blackhat |
Damn Vulnerable Bank
| Rewanth Tammana, Hrushikesh Kakade, Akshansh Jaiswal | #android-security#application-pentesting#dynamic-analysis+3 |
| 2023-05-11 | Tool demo | Blackhat |
Kubernetes Goat: Interactive Kubernetes Security Learning Playground
| Madhu Akula | #kubernetes#cloud-workload-protection#container-security+4 |
| 2023-05-11 | Tool demo | Blackhat |
CANalyse 2.0 : A Vehicle Network Analysis and Attack Tool
| Kartheek Lade | #automobile#car-hacking#iot-device-management+4 |
| 2023-05-11 | Tool demo | Blackhat |
ThreatSeeker - Threat Hunting via Windows Event Logs
| Ashish Bhangale, G Khartheesvar, Arafat Ansari | #threat-hunting#windows#security-tools |
| 2023-04-26 | Talk | Rsac |
Designing Product Security for a Brighter Smile and a Healthier Tomorrow
| Lokesh Pidawekar, Apoorva Phadke | #secure-development#devsecops#software-security+2 |
| 2023-04-20 | Talk | Hitbsecconf |
BYPASSING ANTI-CHEATS & HACKING COMPETITIVE GAMES
| Rohan Aggarwal | #hacking#hardware-hacking#bypassing+3 |
| 2023-03-23 | Talk | Insomnihack |
How to have visibility and security OF CICD ecosystem
| Pramod Rana | #ci-cd#devsecops#supply-chain-security+3 |
| 2023-03-09 | Panel | Nullcon |
How to make security easier for your developers
| Santosh Yadav, Frida Kiriakos, Marie Theresa Brosig, Xavier Rene Corail | #secure-development#security-testing#secure-coding+3 |
| 2023-03-09 | Panel | Nullcon |
Elements of a Successful Security Strategy: A Comprehensive Approach
| Sheetal Joseph, Sybe Izzak Rispens, Travis Carelock | #security-strategy#security-testing#secure-development+4 |
| 2023-01-26 | Talk | Usenix |
Building an Automated Machine for Discovering Privacy Violations at Scale
| Suchakra Sharma | #static-analysis#secure-coding#data-protection+2 |
| 2022-12-08 | Tool demo | Blackhat |
Node Security Shield - A Lightweight RASP for NodeJS Applications
| Lavakumar Kuppan, Sukesh Pappu | #application-hardening#secure-development#security-testing+4 |
| 2022-12-07 | Tool demo | Blackhat |
vAPI: Vulnerable Adversely Programmed Interface
| Tushar Kulkarni | #api-security#application-pentesting#secure-development+4 |
| 2022-12-07 | Talk | Blackhat |
Cross-Contract Ricochet Attacks & Off-Chain-On-Chain Manipulation of Billion Dollar NFT Collections
| Nitesh Dhanjani | #exploit#smart-contracts#solidity+4 |
| 2022-12-07 | Tool demo | Blackhat |
Patronus: Swiss Army Knife SAST Toolkit
| Akhil Mahendra, Akshansh Jaiswal, Ashwin Shenoi | #sast#software-composition-analysis#asset-inventory+1 |
| 2022-09-28 | Talk | Rootcon |
AWSGoat : A Damn Vulnerable AWS Infrastructure
| Jeswin Mathai, Shantanu Kale, Sanjeev Mahunta | #aws#cloud-pentesting#cloud-workload-protection+4 |
| 2022-09-24 | Talk | C0c0n |
Raining CVEs on Wordpress plugins with Semgrep
| Shreya Pohekar, Syed Sheeraz Ali | #web-security#static-analysis#sast+1 |
| 2022-09-23 | Talk | C0c0n |
Hacking SmartContracts
| Anto Joseph | #smart-contracts#reverse-engineering#secure-coding |
| 2022-09-23 | Talk | C0c0n |
Building a Safer and Innovative Digital Ecosystem
| Vijay Pamarathi | #secure-development#devsecops#software-security+2 |
| 2022-09-23 | Talk | C0c0n |
Collaborative efforts for safe digital banking
| Biju K | #secure-development#risk-management#architecture |
| 2022-09-23 | Talk | C0c0n |
Common Misconfigurations in your Kubernetes Cluster and What can you do about it?
| Kumar Ashwin | #kubernetes#cloud-workload-protection#container-security+4 |
| 2022-09-23 | Talk | C0c0n |
Hyperledger Fabric & Ethereum Apps: Security Deep Dive
| Alex Devassy, Dhanith Krishna | #smart-contracts#solidity#decentralized-systems+2 |
| 2022-09-23 | Talk | C0c0n |
Securing your APIs for a cloud native future
| Navendu Pottekkat | #api-security#secure-development#devsecops |
| 2022-09-08 | Talk | Nullcon |
Pushing Security Left By Mutating Byte Code
| Gaurav Gogia | #secure-coding#application-hardening#static-analysis+1 |
| 2022-09-08 | Talk | Nullcon |
Raining CVEs On WordPress Plugins With Semgrep
| Shreya Pohekar, Syed Sheeraz Ali | #static-analysis#code-review#secure-coding+3 |
| 2022-09-08 | Talk | Nullcon |
Web3.0 - Smart Contracts Could Be Leaky
| Riddhi Shree | #smart-contracts#web3#decentralized-systems+3 |
| 2022-09-08 | Talk | Nullcon |
vPrioritizer: Art of Risk Prioritization
| Pramod Rana | #vulnerability-assessment#security-development-lifecycle#risk-management+3 |
| 2022-09-08 | Talk | Nullcon |
Hack the Source: Securing Open Source Software β One bug at a time
| Sandeep Singh, Laurie Mercer | #open-source-security#supply-chain#code-review+4 |
| 2022-09-08 | Tool demo | Nullcon |
ZaaS: [OWASP] ZAP As A Service - Continous Security For 20K+ APIs
| Rohit Sehgal, Varun Kakumani | #owasp#api-security#cloud-workload-protection+3 |
| 2022-09-07 | Talk | Nullcon |
Scale hacking to secure your cloud and beyond
| Anand Prakash | #cloud-pentesting#cloud-security-posture-management#container-security+4 |
| 2022-09-07 | Talk | Nullcon |
Do PDF Tools Conform To The Specification?
| Prashant Anantharaman | #pdf#data-protection#static-analysis+4 |
| 2022-09-07 | Talk | Nullcon |
ElectroVolt: Pwning Popular Desktop Apps While Uncovering New Attack Surface On Electron
| Mohan Sri Rama Krishna Pedhapati, Maxwell Garrett | #red-teaming#application-pentesting#dynamic-analysis+4 |
| 2022-09-07 | Talk | Nullcon |
Hacking 5G Is No Rocket Science
| Altaf Shaik, Matteo Strada | #api-security#application-pentesting#security-testing |
| 2022-09-07 | Talk | Nullcon |
Hacking Android Foreground Services Escalation Of Privileges
| Rony Das | #android#android-security#mobile-hacking+3 |
| 2022-09-06 | Panel | Nullcon |
Securing the Software
| Mrudul Uchil, Abhisek Datta, Harish Goel, Matthew Bohne | #software-security#secure-development#security-testing+3 |
| 2022-09-06 | Panel | Nullcon |
Consumer Tech Bug Bounty Panel: Hear from the Program Managers
| Sandeep Singh, Rishika Hooda, Omar Benbouazza | #bug-bounty#security-testing#application-hardening+3 |
| 2022-08-26 | Talk | Hitbsecconf |
CAN A FUZZER MATCH A HUMAN
| Bhargava Shastry | #fuzzing#solidity#smart-contracts+4 |
| 2022-08-25 | Talk | Hitbsecconf |
MPT: Pentest In Action
| Jyoti Raval | #security-assessment#application-pentesting#asset-management+2 |
| 2022-08-13 | Panel | Defcon |
Who doesnβt like a little Spice? Emulation Maturity, Team Culture and TTPs
| Niru Ragupathy | #security-development-lifecycle#security-tools#incident-management+2 |
| 2022-08-12 | Panel | Defcon |
Agility Broke AppSec. Now It’s Going to Fix It.
| Vandana Verma Sehgal, Roy Erlich, Emil Vaagland, Seth Kirschner | #security-testing#secure-development#cicd-pipeline |
| 2022-08-12 | Talk | Defcon |
Stop worrying about Nation-States and Zero-Days; let’s fix things that have been known for years
| Vivek Ponnada | #secure-coding#devsecops#owasp |
| 2022-08-11 | Tool demo | Blackhat |
Patronus: Swiss Army Knife SAST Toolkit
| Akhil Mahendra, Akshansh Jaiswal, Ashwin Shenoi | #sast#software-composition-analysis#asset-inventory+4 |
| 2022-08-11 | Talk | Blackhat |
Eliminating Triage Intermediaries for Zero-day Exploits Using a Decentralised Payout Protocol
| Subhechha Subudhi, Clara Maine, Akke Toeter, Victoria Bosch | #zero-day#smart-contracts#security-development-lifecycle+2 |
| 2022-08-11 | Tool demo | Blackhat |
Octopii - AI-powered Personal Identifiable Information (PII) scanner
| Owais Shaikh | #ai#ai-security#data-protection+4 |
| 2022-08-11 | Talk | Blackhat |
ElectroVolt: Pwning Popular Desktop Apps While Uncovering New Attack Surface on Electron
| Mohan Sri Rama Krishna Pedhapati, Aaditya Purani, Max Garrett, William Bowling | #red-teaming#application-pentesting#code-review+4 |
| 2022-08-10 | Tool demo | Blackhat |
ArcherySec - Manage and Automate your Vulnerability Assessment
| Anand Tiwari | #application-pentesting#ci-cd#dynamic-analysis+3 |
| 2022-08-10 | Tool demo | Blackhat |
CASPR - Code Trust Audit Framework
| Ajit Hatti | #secure-coding#secure-development#security-tools+3 |
| 2022-08-10 | Talk | Blackhat |
Attacks From a New Front Door in 4G & 5G Mobile Networks
| Altaf Shaik, Shinjo Park, Matteo Strada | #api-security#access-management#identity-theft+4 |
| 2022-08-10 | Tool demo | Blackhat |
Node Security Shield - A Lightweight RASP for NodeJS Applications
| Lavakumar Kuppan, Sukesh Pappu | #application-hardening#code-review#secure-development+4 |
| 2022-08-10 | Tool demo | Blackhat |
AWSGoat : A Damn Vulnerable AWS Infrastructure
| Nishant Sharma, Jeswin Mathai, Sanjeev Mahunta | #aws#cloud-pentesting#cloud-workload-protection+4 |
| 2022-08-10 | Tool demo | Blackhat |
AzureGoat : A Damn Vulnerable Azure Infrastructure
| Jeswin Mathai, Nishant Sharma, Rachna Umaraniya | #azure#cloud-pentesting#cloud-workload-protection+3 |
| 2022-08-10 | Tool demo | Blackhat |
HazProne : Cloud Hacking
| Devansh Patel, Staford Titus S | #cloud-pentesting#cloud-workload-protection#aws+4 |
| 2022-08-10 | Tool demo | Blackhat |
Adhrit: Android Security Suite
| Amrudesh Balakrishnan, Rahul Sani, Abhishek Jm | #android#android-security#application-pentesting+4 |
| 2022-08-10 | Tool demo | Blackhat |
CANalyse (2.0): A vehicle network analysis and attack tool
| Kartheek Lade, Rahul Jeyasingh | #automobile#car-hacking#iot-device-management+4 |
| 2022-08-10 | Tool demo | Blackhat |
ParseAndC 2.0 β We Don’t Need No C Programs (for Parsing)
| Parbati Kumar Manna | #reverse-engineering#dynamic-analysis#network-pentesting+4 |
| 2022-08-10 | Tool demo | Blackhat |
ReconPal: Leveraging NLP for Infosec
| Jeswin Mathai, Shantanu Kale, Sherin Stephen | #reconnaissance#ai-security#nlp+3 |
| 2022-06-07 | Talk | Rsac |
Continuous Security - Integrating Pipeline Security
| Vandana Verma Sehgal | #ci-cd#cicd-pipeline#cicd-security+3 |
| 2022-06-01 | Talk | Securityfest |
Exploitation and automated detection of threats to modern cloud infrastructure
| Krishnaa Srinivasa, Maithri Nadig | #aws#vulnerability-assessment#cloud-monitoring+4 |
| 2022-05-12 | Tool demo | Blackhat |
Nightingale: Docker for Pentesters
| Raja Nagori | #docker#application-pentesting#container-security+4 |
| 2022-05-12 | Tool demo | Blackhat |
Node Security Shield
| Lavakumar Kuppan, Sukesh Pappu | #application-hardening#secure-development#security-testing+3 |
| 2022-05-12 | Tool demo | Blackhat |
Patronus: Swiss Army Knife SAST Toolkit
| Akhil Mahendra, Akshansh Jaiswal, Ashwin Shenoi | #sast#software-composition-analysis#secure-development+1 |
| 2022-04-08 | Talk | Nullcon |
Bheem OS - A next-generation reasonably secure OS using Rust MicroVM
| Akram Ansari, Subash Sn | #os#virtual-machine#container-security+3 |
| 2022-04-08 | Talk | Nullcon |
Attack Surfaces for 5G Networks
| Altaf Shaik | #application-pentesting#security-development-lifecycle#api-security |
| 2021-11-18 | Talk | Hackinparis |
Is it really an intrusion if you get called in?: Mis-configuration based attacks in AWS
| Kavisha Sheth | #aws#cloud-workload-protection#cloud-pentesting+3 |
| 2021-11-13 | Talk | C0c0n |
Server-side javascript Injection
| Kavisha Sheth | #web-security#secure-coding#web-pentesting |
| 2021-11-13 | Talk | C0c0n |
New way of looking at the hidden mysteries in the code
| Vandana Verma Sehgal | #code-review#static-analysis#reverse-engineering+2 |
| 2021-11-13 | Talk | C0c0n |
Emerging trends in cyber crimes : Investigation tools & techniques
| Triveni Singh | #incident-management#digital-forensics#forensics+3 |
| 2021-11-11 | Tool demo | Blackhat |
Kubernetes Goat: Interactive Kubernetes Security Learning Playground
| Madhu Akula | #kubernetes#cloud-workload-protection#container-security+4 |
| 2021-11-11 | Tool demo | Blackhat |
vAPI: Vulnerable Adversely Programmed Interface (OWASP API Top 10)
| Tushar Kulkarni | #api-security#application-pentesting#security-testing+4 |
| 2021-11-11 | Tool demo | Blackhat |
Damn Vulnerable Bank
| Akshansh Jaiswal, Hrushikesh Kakade, Rewanth Tammana | #android#android-security#application-pentesting+3 |
| 2021-11-10 | Tool demo | Blackhat |
Kubestriker: A Blazing Fast Security Auditing Tool
| Vasant Kumar | #kubernetes#cloud-workload-protection#container-security+3 |
| 2021-10-15 | Talk | Rootcon |
The Curious case of knowing the unknown
| Vandana Verma Sehgal | #secure-coding#devsecops#software-security |
| 2021-08-27 | Talk | Hitbsecconf |
Securing Webviews and The Story Behind CVE-2021β21136
| Shiv Sahni, Imdadullah Mohammed | #android-security#secure-coding#security-testing+2 |
| 2021-08-08 | Talk | Defcon |
AppSec 101: A Journey from Engineer to Hacker
| Arjun Gopalakrishna | #secure-coding#security-assessment#ethical-hacking+2 |
| 2021-08-08 | Talk | Defcon |
Top 20 Secure PLC Coding Practices
| Vivek Ponnada, Sarah Fluchs | #ics-security#secure-coding#control-systems+1 |
| 2021-08-07 | Tool demo | Defcon |
Tenacity- An Adversary Emulation Tool for Persistence
| Atul Nair, Harshal Tupsamudre | #incident-management#security-testing#attack-surface |
| 2021-08-06 | Panel | Defcon |
Adversary simulation, emulation or purple teaming - How would you define it?
| Anant Shrivastava, Vincent Yiu, Martin Ingesen, Jean Marie Bourbon, Samuel Kimmons, Joe Vest | #security-testing#incident-management#red-teaming+3 |
| 2021-08-05 | Talk | Defcon |
The Bug Hunterβs Recon Methodology
| Tushar Verma | #security-assessment#vulnerability-assessment#application-pentesting+1 |
| 2021-08-05 | Talk | Blackhat |
The Devil is in the GAN: Defending Deep Generative Models Against Adversarial Attacks
| Ambrish Rawat, Killian Levacher, Mathieu Sinn | #ai#ai-security#deep-learning+4 |
| 2021-08-04 | Tool demo | Blackhat |
Joern: An Interactive Shell for Code Analysis
| Suchakra Sharma, Vickie Li, Fabian Yamaguchi | #vulnerability-assessment#code-review#sast+4 |
| 2021-08-04 | Tool demo | Blackhat |
Kubestriker: A Blazing Fast Kubernetes Security Auditing Tool
| Pralhad Chaskar, Vasant Kumar | #kubernetes#cloud-workload-protection#container-security+4 |
| 2021-08-04 | Tool demo | Blackhat |
Counterfit: Attacking Machine Learning in Blackbox Settings
| Raja Sekhar Rao Dheekonda, Will Pearce | #vulnerability-assessment#ai-security#machine-learning+2 |
| 2021-08-04 | Tool demo | Blackhat |
ParseAndC: A Universal Parser and Data Visualization Tool for Security Testing
| Parbati Kumar Manna | #reverse-engineering#application-pentesting#code-review+4 |
| 2021-08-04 | Talk | Blackhat |
Siamese Neural Networks for Detecting Brand Impersonation
| Jugal Parikh, Nitin Kumar Goel, Justin Grana, Yuchao Dai | #impersonation#ai-security#deep-learning+4 |
| 2021-08-04 | Tool demo | Blackhat |
Attack Surface Framework
| Prajwal Panchmahalkar, Mauricio Espinosa | #network-defense#application-pentesting#attack-surface+1 |
| 2021-05-06 | Tool demo | Blackhat |
Demystifying the State of Kubernetes Cluster Security - The Cloud Native Way
| Vasant Kumar, Rupali Dash | #kubernetes#audit#secure-coding+1 |
| 2021-05-06 | Tool demo | Blackhat |
FalconEye: Windows Process Injection Techniques - Catch Them All
| Rajiv Kulkarni, Sushant Paithane | #windows#process-injection#blueteam+1 |
| 2021-03-06 | Talk | Nullcon |
Bug hunter adventures
| Shreyas Dighe, Yuvraj Dighe | #bug-hunting#application-pentesting#bug-bounty+3 |
| 2020-12-10 | Talk | Blackhat |
Effective Vulnerability Discovery with Machine Learning
| Asankhaya Sharma, Ming Yi Ang | #security-assessment#machine-learning#software-composition-analysis+4 |
| 2020-12-09 | Tool demo | Blackhat |
ArcherySec 2.0 - Open Source Vulnerability Assessment and Management
| Anand Tiwari | #blueteam#security-assessment#ci-cd |
| 2020-10-02 | Talk | Blackhat |
Identifying Multi-Binary Vulnerabilities in Embedded Firmware at Scale
| Aravind Machiry, Nilo Redini, Andrea Continella, Ruoyu Wang, Yan Shoshitaishvili, Cristopher Kruegel, Giovanni Vigna, Chad Spensky | #embedded-systems#firmware-analysis#static-analysis+1 |
| 2020-09-18 | Talk | C0c0n |
Introducing SniperPhish: A Web-Email Spear Phishing Toolkit
| Sreehari Haridas, Gem George | #phishing#application-pentesting#security-development-lifecycle+4 |
| 2020-09-18 | Talk | C0c0n |
Web Application hacking with WebZGround
| Parveen Yadav, Narendra Kumar | #web-security#web-pentesting#security-assessment+3 |
| 2020-09-18 | Talk | C0c0n |
Automation in Bug Bounties to Work Smarter
| Prerak Mittal | #bug-hunting#bug-bounty#security-tools+4 |
| 2020-09-18 | Talk | C0c0n |
My top 3 findings in bug Bounty journey | Aiming for high impact issues
| Ankit Giri | #bug-hunting#bug-bounty#security-testing+3 |
| 2020-09-18 | Talk | C0c0n |
Kubernetes Goat - Vulnerable by Design Kubernetes Cluster Environment
| Madhu Akula | #kubernetes#red-teaming#cloud-workload-protection+3 |
| 2020-09-18 | Talk | C0c0n |
Broken Cryptography & Account Takeover
| Harsh Bothra | #encryption#ssl#security-testing+2 |
| 2020-09-18 | Keynote | C0c0n |
Data protection and Privacy Data protection and Privacy
| Kris Gopalakrishnan | #ai-security#data-protection#identity-theft+2 |
| 2020-08-22 | Talk | Thedianainitiative |
Internal Red Team Operations Framework - Building your practical internal Red Team
| Abhijith B R | #red-teaming#cyber-war#phishing+3 |
| 2020-08-22 | Talk | Thedianainitiative |
Hacking into Android Ecosystem
| Aditi Bhatnagar | #android#android-security#application-pentesting+3 |
| 2020-08-09 | Talk | Defcon |
Running an appsec program with open source projects
| Vandana Verma Sehgal | #owasp#secure-development#devsecops+3 |
| 2020-08-06 | Tool demo | Blackhat |
MSTICpy: The Security Analysis Swiss Army Knife
| Ashwin Patil, Pete Bryan, Ian Hellen | #digital-forensics#incident-management#data-analytics+3 |
| 2020-07-26 | Talk | Hitbsecconf |
Swapping Asprin Formulas With MDMA While Red Teaming a Billion Dollar Company
| Himanshu Sharma, Aman Sachdev | #red-teaming#application-pentesting#incident-management+2 |
| 2020-03-07 | Panel | Nullcon |
Hack the law: Protection for cybersecurity research in India
| Apar Gupta, Manu Zacharia, Raman Jit Singh Chima, Neelu Tripathy | #cyber-law#cybersecurity-strategy#security-development-lifecycle |
| 2020-03-06 | Tool demo | Nullcon |
Talisman
| Suhas Vishwanath | #secure-development#macos#linux+3 |
| 2020-03-06 | Tool demo | Nullcon |
VyAPI
| Riddhi Shree | #secure-coding#aws#amazon-cognito+3 |
| 2020-03-06 | Tool demo | Nullcon |
Wolverine
| Furqan Khan, Siddharth Anbalahan | #linux#secure-coding#web-security+3 |
| 2020-03-06 | Tool demo | Nullcon |
SASTRI
| Rushikesh D Nandedkar, Lalit Bhandari | #security-assessment#virtual-machine#static-analysis+3 |
| 2020-03-06 | Tool demo | Nullcon |
Callidus
| Chirag Savla | #red-teaming#azure#application-pentesting+2 |
| 2020-03-06 | Tool demo | Nullcon |
spike2kill
| Manish Singh | #web-scraping#ai-security#nlp+4 |
| 2020-03-06 | Tool demo | Nullcon |
PivotSuite
| Manish Gupta | #red-teaming#security-assessment#network-architecture+2 |
| 2019-12-04 | Tool demo | Blackhat |
AutoMacTC: Finding Worms in Apple Orchards - Using AutoMacTC for macOS Incident Response
| Kshitij Kumar, Jai Musunuri | #macos#secure-coding#forensics+1 |
| 2019-12-04 | Tool demo | Blackhat |
DumpTheGit
| Malkit Singh | #reconnaissance#data-leak#data-protection+1 |
| 2019-11-01 | Talk | Appsecdayaustralia |
Protecting the Damned: Deploying Insecure Applications at Scale
| Vivek Ramachandran | #blueteam#container-security#docker+3 |
| 2019-11-01 | Talk | Hackfest |
The Mechanics of Malware’s Darkside
| Yagnesh Waran P, Laura Harris | #dynamic-analysis#static-analysis#security-testing+1 |
| 2019-10-17 | Talk | Hitbsecconf |
Advances in the Trinity of AI: Data, Algorithms & Compute Infrastructure
| Anima Anandkumar | #ai#deep-learning#data-analytics+1 |
| 2019-10-16 | Tool demo | Hitbsecconf |
Introducing ARM-X - The ARM IoT Firmware Emulation Framework
| Saumil Shah | #arm#linux#firmware-analysis+4 |
| 2019-10-10 | Talk | Brucon |
Security transition from 4G to 5G: are we secure enough?
| Altaf Shaik, Ravishankar Borgaonkar | #5g#4g#network-architecture+3 |
| 2019-09-28 | Talk | Romhack |
Oh! Auth: Implementation pitfalls of OAuth 2.0 & the Auth Providers who have fell in it
| Samit Anwer | #oauth#phishing#csrf+2 |
| 2019-09-27 | Talk | C0c0n |
autoSource an automated framework for Source Code Review
| Malkit Singh | #code-review#secure-coding#static-analysis+3 |
| 2019-09-27 | Talk | C0c0n |
Golang for Pentesters / RedTeamers
| Anant Shrivastava | #security-assessment#red-teaming#secure-coding |
| 2019-09-27 | Talk | C0c0n |
Serverless SOAR
| Sabyasachi Dhal, Suresh Sharma | #secure-coding#security-assessment#serverless+4 |
| 2019-09-27 | Talk | C0c0n |
VyAPI - The Vulnerable Hybrid Android App
| Riddhi Shree | #secure-coding#aws#amazon-cognito+3 |
| 2019-09-27 | Talk | C0c0n |
Practical Approach to Cyber Security for financial institutions
| Georgie Kurien | #financial-institutions#secure-development#risk-management+2 |
| 2019-09-27 | Talk | C0c0n |
Securing Payment Data with PCI Security Standards and Programs
| Nitin Bhatnagar | #blueteam#data-protection#secure-development+3 |
| 2019-09-27 | Talk | C0c0n |
Security @scale for startups
| Shivanath Somanathan | #devsecops#secure-development#software-security+2 |
| 2019-09-27 | Talk | C0c0n |
Stepping into Password Less Economy
| Ajit Hatti | #authentication#identity-management#secure-development+1 |
| 2019-09-27 | Panel | C0c0n |
Shouldn’t Organization disclose breaches - The need for a shared platform
| Sunil Varkey, Jacxine Fernandez, Rahul Sasi, K K Chaudhary | #data-leak#data-protection#security-testing+4 |
| 2019-09-13 | Talk | 44con |
One Person Army β Playbook on how to be the first Security Engineer at a company
| Kashish Mittal | #devsecops#application-hardening#secure-development+4 |
| 2019-09-13 | Talk | Globalappsec |
A Purple Team View of Serverless and GraphQL Applications
| Abhay Bhargav | #purpleteam#cloud-workload-protection#serverless+3 |
| 2019-09-12 | Keynote | Globalappsec |
Making a Change, One at a time - Diversity: More than just Gender
| Vandana Verma Sehgal | #security-training#human-factor#cybersecurity-strategy+3 |
| 2019-08-30 | Talk | Hitbsecconf |
COMMSEC: PErfidious: Make PE Backdooring Great Again!
| Shreyans Doshi | #secure-coding#red-teaming#blueteam+1 |
| 2019-08-11 | Talk | Defcon |
Shifting the DevSecOps Culture, Taking away the sugar piece and giving the pile to ants
| Vandana Verma Sehgal | #devsecops#secure-development#ci-cd+2 |
| 2019-08-11 | Talk | Defcon |
Exploiting and Securing iOS Apps using OWASP iGoat
| Swaroop Yermalkar | #ios-security#application-pentesting#security-assessment+3 |
| 2019-08-08 | Talk | Blackhat |
DevSecOps : What, Why and How
| Anant Shrivastava | #devsecops#ci-cd#cicd-pipeline+4 |
| 2019-08-08 | Talk | Blackhat |
Preventing Authentication Bypass: A Tale of Two Researchers
| Ravi Jaiswal, Terry Zhang, Ron Chan | #security-development-lifecycle#identity-management#authentication+4 |
| 2019-08-08 | Tool demo | Blackhat |
CSF: Container Security Framework
| Vaibhav Gupta | #blueteam#container-security#docker+2 |
| 2019-08-07 | Tool demo | Blackhat |
SASTRI: Plug and Play VM for SAST/Static Application Security Testing Realtime Integration/
| Rushikesh D Nandedkar, Lalit Bhandari | #security-assessment#virtual-machine#application-hardening+4 |
| 2019-08-07 | Tool demo | Blackhat |
Medaudit: Auditing Medical Devices and Healthcare Infrastructure
| Anirudh Duggal | #security-assessment#application-pentesting#network-architecture+1 |
| 2019-08-05 | Tool demo | Blackhat |
CertPivot: Infra-Chaining + Cert-Check
| Ajit Hatti | #incident-management#threat-hunting#ssl+1 |
| 2019-06-02 | Tool demo | Defcon |
VoIPShark: Open Source VoIP Analysis Platform
| Nishant Sharma, Jeswin Mathai, Ashish Bhangale | #voip#sip#network-pentesting+1 |
| 2019-05-21 | Talk | Phdays |
Breaking Microsoft Edge extensions security policies
| Nikhil Mittal | #application-pentesting#code-review#security-testing+2 |
| 2019-05-21 | Talk | Phdays |
GDALR: an efficient model duplication attack on black-box machine learning models
| Rewanth Tammana, Nikhil Joshi | #red-teaming#machine-learning#api-security+3 |
| 2019-05-10 | Talk | Hitbsecconf |
HAXPO: RF Exploitation: Demystifying IoT/OT Hacks with SDR
| Himanshu Mehta, Harshit Agrawal | #rf#red-teaming#hardware-embedded+3 |
| 2019-05-09 | Talk | Hitbsecconf |
GDALR: Duplicating Black Box Machine Learning Models
| Rewanth Tammana, Nikhil Joshi | #machine-learning#red-teaming#api-security+2 |
| 2019-05-04 | Talk | Thotcon |
What The Frida Gave Me: A Novel Take on E-Ticket Forging and E-Ticket Stealing
| Priyank Nigam | #frida#application-pentesting#dynamic-analysis+3 |
| 2019-03-28 | Tool demo | Blackhat |
Archery - Open Source Vulnerability Assessment and Management- 2.0
| Anand Tiwari | #security-assessment#blueteam#ci-cd |
| 2019-03-28 | Talk | Blackhat |
DevSecOps : What, Why and How
| Anant Shrivastava | #devsecops#secure-coding#ci-cd+3 |
| 2019-03-28 | Tool demo | Blackhat |
Kurukshetra: Playground for Interactive Security Learning
| Anirudh Anand, Mohan Kallepalli, Ankur Bhargava | #secure-coding#blueteam#application-pentesting+4 |
| 2019-03-28 | Tool demo | Blackhat |
pytm: A Pythonic Framework for Threat Modeling
| Rohit Shambhuni, Izar Tarandach | #secure-coding#threat-modeling#red-teaming |
| 2019-03-21 | Talk | Troopers |
Evolution of kernel fuzzers in NetBSD
| Siddharth M | #red-teaming#fuzzing#security-development-lifecycle |
| 2019-03-02 | Panel | Nullcon |
The Myth of Sisyphus Secure Product Development
| Bipin Upadhyay, Minatee Mishra, Neelu Tripathy, Vaibhav Gupta, Vishal Sahani | #secure-development#secure-coding#security-testing+3 |
| 2019-03-02 | Panel | Nullcon |
Navigating Risk in the Changing Business and Technology Landscape
| Rahul Neel Mani, Burgess Cooper, Manish Tiwari, Mannan Godil | #risk-management#cybersecurity-strategy#business-resilience+4 |
| 2019-03-02 | Panel | Nullcon |
CISO Strategy for OT and IoT risk and Threat Management
| Gaurav Shukla, Gomeet Pant, Rakesh Viswanathan, Sudarshan Rajagopal | #ics-security#iot-pentesting#cybersecurity-strategy+3 |
| 2019-02-28 | Talk | Nullcon |
Andromeda - GUI based Dynamic Instrumentation Toolkit powered by Frida
| Shivang Desai | #secure-coding#security-assessment#dynamic-analysis+4 |
| 2019-02-28 | Talk | Nullcon |
Building Hardened IoT Implementations with LangSec
| Prashant Anantharaman | #blueteam#secure-development#input-validation+4 |
| 2019-02-28 | Talk | Nullcon |
A Hacker Walks into a Co-working Space
| Rahul Binjve | #red-teaming#application-pentesting#network-architecture+2 |
| 2019-02-28 | Talk | Nullcon |
Pentesting without Pentesters - Automating Security Testing with Functional Testing Test Cases
| Lavakumar Kuppan, Ankit Gupta | #security-assessment#application-pentesting#application-hardening+3 |
| 2018-12-06 | Tool demo | Blackhat |
Astra: Automated Security Testing For REST APIs
| Sagar Popat, Harsh Grover | #security-assessment#rest-api#ci-cd |
| 2018-12-05 | Tool demo | Blackhat |
Kurukshetra: Playground for Interactive Security Learning
| Anirudh Anand, Mohan Kallepalli | #secure-coding#blueteam#application-hardening+4 |
| 2018-12-05 | Tool demo | Blackhat |
Mafia: Mobile Security Automation Framework for Intelligent Auditing
| Ankur Bhargava, Mohan Kallepalli | #audit#security-testing#secure-development+4 |
| 2018-11-27 | Talk | Hitbsecconf |
BSIDES: Creating Browser Extensions to Hunt for Low-Hanging Fruit
| Rewanth Tammana | #red-teaming#application-pentesting#browser-security+2 |
| 2018-10-19 | Talk | Appsecdayaustralia |
Continuous Integration and Delivery with Docker Containers
| Vasant Kumar | #docker#blueteam#container-security+4 |
| 2018-10-19 | Talk | Appsecdayaustralia |
Threat Modeling-as-Code & Automation for DevSecOps wins
| Abhay Bhargav | #threat-modeling#devsecops#application-hardening+4 |
| 2018-10-05 | Talk | C0c0n |
DomGoat - the DOM Security Playground
| Lavakumar Kuppan | #xss#web-security#input-validation+4 |
| 2018-10-05 | Talk | C0c0n |
Pentesting GraphQL Applications
| Neelu Tripathy | #security-assessment#application-pentesting#dynamic-analysis+4 |
| 2018-10-05 | Talk | C0c0n |
Unconventional vulnerabilities in Google Cloud Platform
| Pranav Venkat | #gcp#red-teaming#cloud-pentesting+3 |
| 2018-10-05 | Talk | C0c0n |
Using Fault Injection for Forensics
| Yashin Mehaboobe | #forensics#digital-forensics#security-testing+2 |
| 2018-09-27 | Talk | Rootcon |
Defending cloud Infrastructures with Cloud Security Suite
| Shivankar Madaan | #aws#secure-coding#web-security+2 |
| 2018-09-27 | Talk | Rootcon |
Bug Bounty Hunting on Steroids
| Anshuman Bhartiya | #bug-hunting#bug-bounty#security-tools+3 |
| 2018-09-12 | Talk | 44con |
Make ARM Shellcode Great Again
| Saumil Shah | #arm#embedded-systems#security-tools+3 |
| 2018-08-16 | Talk | Usenix |
Man-in-the-Machine: Exploiting Ill-Secured Communication Inside the Computer
| Siddharth Rao, Thanh Bui, Markku Antikainen, Viswanathan Manihatty Bojan, Tuomas Aura | #security-assessment#architecture#application-hardening+4 |
| 2018-08-11 | Tool demo | Defcon |
ArcheryβOpen Source Vulnerability Assessment and Management
| Anand Tiwari | #security-assessment#blueteam#ci-cd |
| 2018-08-11 | Tool demo | Defcon |
Halcyon IDE
| Sanoop Thomas | #reconnaissance#red-teaming#nmap+1 |
| 2018-08-11 | Tool demo | Defcon |
Sh00tβAn open platform for manual security testers & bug hunters
| Pavan Mohan | #security-assessment#bug-hunting#secure-coding+1 |
| 2018-08-11 | Tool demo | Defcon |
HealthyPiβConnected Health
| Ashwin Whitchurch | #raspberry-pi#hardware-embedded#embedded-systems+4 |
| 2018-08-10 | Talk | Defcon |
Building visualisation platforms for OSINT data using open source solutions
| Bharath Kumar, Madhu Akula | #security-analytics#threat-hunting#osint+3 |
| 2018-08-09 | Tool demo | Blackhat |
Jackhammer: One Security Vulnerability Assessment/Management Tool
| Madhusudhan Konda, Rajagopal Vr, Shreyas Chidambara | #azure#aws#gcp+3 |
| 2018-08-09 | Tool demo | Blackhat |
Mafia: Mobile Security Automation Framework for Intelligent Auditing
| Ankur Bhargava, Sagar Popat, Mohan Kallepalli | #audit#security-testing#automated-scanning+4 |
| 2018-08-08 | Tool demo | Blackhat |
AutoMacTC: Finding Worms in Apple Orchards - Using AutoMacTC for macOS Incident Response
| Kshitij Kumar, Jai Musunuri | #macos#secure-coding#forensics+1 |
| 2018-08-08 | Tool demo | Blackhat |
Archerysec Tool Demo
| Anand Tiwari | #security-assessment#blueteam#ci-cd |
| 2018-08-08 | Tool demo | Blackhat |
Astra: Automated Security Testing For REST APIs
| Ankur Bhargava, Prajal Kulkarni, Sagar Popat | #security-assessment#rest-api#api-security+4 |
| 2018-08-08 | Tool demo | Blackhat |
ThreatPlaybook
| Abhay Bhargav, Sharath Kumar | #threat-modeling#ci-cd#security-development-lifecycle+4 |
| 2018-08-08 | Tool demo | Blackhat |
Halcyon IDE: For Nmap Script Developers
| Sanoop Thomas | #reconnaissance#red-teaming#nmap+1 |
| 2018-08-08 | Tool demo | Blackhat |
SCoDA: Smart COntract Defender and Analyzer
| Ajit Hatti | #blueteam#secure-coding#smart-contracts+4 |
| 2018-06-27 | Talk | First |
Securing your in-ear fitness coach: Challenges in hardening next generation wearables
| Sumanth Naropanth, Sunil Kumar | #secure-development#architecture#devsecops |
| 2018-05-13 | Talk | Defcon |
Androsia: Securing ‘Data in Process’ for your Android Apps
| Samit Anwer | #android#blueteam#android-security+4 |
| 2018-03-22 | Tool demo | Blackhat |
Androsia - A Step Ahead in Securing Sensitive In-Memory Android Application Data
| Samit Anwer | #android#blueteam#application-hardening+4 |
| 2018-03-22 | Talk | Blackhat |
XOM-switch: Hiding Your Code from Advanced Code Reuse Attacks In One Shot
| Ravi Sahita, Daiping Liu, Mingwei Zhang | #blueteam#application-hardening#code-review+4 |
| 2018-03-13 | Talk | Troopers |
Securing your in-ear fitness coach: Challenges in hardening next generation wearables
| Sumanth Naropanth, Kavya Racharla | #secure-development#data-protection#architecture |
| 2018-03-03 | Panel | Nullcon |
Forensic Challenges and Road Ahead
| Manu Zacharia, Brijesh Singh, Sanjay Bahl, Vladimir Katalov | #data-leak#data-protection#forensics+4 |
| 2018-03-01 | Talk | Nullcon |
Security through obscurity and fear
| Abhinav Srivastava | #application-pentesting#secure-development#security-testing+3 |
| 2018-03-01 | Talk | Nullcon |
A Game between Adversary and AI Scientist
| Satnam Singh | #ai#blueteam#ai-security+3 |
| 2018-03-01 | Talk | Nullcon |
SpotPhish: Zero-Hour Phishing Protection
| Ganesh Varadarajan | #phishing#blueteam#anti-phishing+1 |
| 2017-12-07 | Tool demo | Blackhat |
THREAT MINER SDL - AUTOMATING THREAT INTELLIGENCE FOR SDL
| Raghudeep Kannavara | #threat-intelligence-analysis#machine-learning#security-development-lifecycle+4 |
| 2017-12-07 | Tool demo | Blackhat |
DataSploit - OSINT Framework
| Shubham Mittal | #osint#reconnaissance#security-tools+2 |
| 2017-10-19 | Talk | Hacklu |
Are your VoLTE and VoWiFi calls secure?
| Sreepriya Chalakkal | #volte#vowifi#sip+2 |
| 2017-10-05 | Talk | Brucon |
Races, Reaches and Rescues!!! (Race condition vulnerabilities revisited)
| Rushikesh D Nandedkar, Sampada Nandedkar | #vulnerability-assessment#security-assessment#secure-coding+1 |
| 2017-09-21 | Talk | Appsecusa |
Androsia: A tool for securing in memory sensitive data
| Samit Anwer | #android-security#static-analysis#secure-coding |
| 2017-09-21 | Talk | Appsecusa |
iGoat β A Self Learning Tool for iOS App Pentesting and Security
| Swaroop Yermalkar | #ios#application-pentesting#ios-security+4 |
| 2017-08-19 | Talk | C0c0n |
Building Trust for Digital Transactions in India’s COD Culture
| Parry Aftab, Betsy Broder, Sridhara R Sidhu, Mirza Faizan | #secure-development#risk-management#architecture |
| 2017-08-19 | Panel | C0c0n |
Security in Banking - Being one step aheadt
| Sunil Varkey, Rajesh Hemrajani, Biju K, Bhavin Bhansali, B R Nath, V George Antony | #financial-institutions#secure-development#security-strategy |
| 2017-08-18 | Talk | C0c0n |
Androsia: A tool for securing in memory sensitive data
| Samit Anwer | #secure-coding#android#security-assessment |
| 2017-08-18 | Talk | C0c0n |
iGoat β A Self Learning Tool for iOS App Pentesting and Security
| Swaroop Yermalkar | #ios#security-assessment#blueteam+1 |
| 2017-08-18 | Talk | C0c0n |
Case study: Security of Digital Wallet apps in India
| Ashwath Kumar, Sandesh Mysore Anand | #appsec#mobile-pentesting#application-hardening+4 |
| 2017-08-18 | Talk | Usenix |
DR. CHECKER: A Soundy Analysis for Linux Kernel Drivers
| Aravind Machiry, Chad Spensky, Jake Corina, Nick Stephens, Christopher Kruegel, Giovanni Vigna | #linux#kernel#static-analysis+4 |
| 2017-08-18 | Talk | C0c0n |
Anti-Virus Bypassing for Fun and Profit
| Vanshit Malhotra | #red-teaming#malware-research#bypassing+2 |
| 2017-08-18 | Talk | C0c0n |
Exploiting the smartness of BLE Stack
| Apoorva Gupta | #bluetooth#red-teaming#mobile-hacking+3 |
| 2017-08-18 | Talk | C0c0n |
Penetration Testing Orchestrator: A Framework that leverages multi-tool penetration testing approach combined with Machine Learning-NLP for faster result analysis
| Furqan Khan, Siddharth Anbalahan | #machine-learning#security-assessment#nlp+4 |
| 2017-08-18 | Talk | C0c0n |
The Internet Of Things: Essentials of Secur(IOT)y
| Arpit Bajpai, Ronald Michael | #blueteam#iot-device-management#iot-pentesting+4 |
| 2017-08-18 | Talk | C0c0n |
Cloud_Security Suite - One stop tool for auditing cloud infrastructure
| Shivankar Madaan, Jayesh Chauhan | #aws#blueteam#cloud-monitoring+4 |
| 2017-08-18 | Talk | C0c0n |
The Covert Cupid Under .11 Veil !!! /* Approach for Covert WIFI*/
| Rushikesh D Nandedkar | #wifi#network-pentesting#security-tools+1 |
| 2017-07-30 | Tool demo | Blackhat |
Yasuo
| Saurabh Harit | #secure-coding#red-teaming#blueteam+3 |
| 2017-07-27 | Tool demo | Blackhat |
Fuzzapi - Fuzzing Your RESTAPIs Since Yesterday
| Lalith Rallabhandi, Abhijeth Dugginapeddi, Srinivas Rao | #fuzzing#rest-api#security-assessment+1 |
| 2017-07-27 | Tool demo | Blackhat |
Gibber Sense
| Ajit Hatti | #secure-coding#reconnaissance#encryption+3 |
| 2017-07-27 | Tool demo | Blackhat |
Kubebot - Scaleable and Automated Testing Slackbot with the Backend Running on Kubernetes
| Anshuman Bhartiya | #security-assessment#bug-hunting#cloud-workload-protection+3 |
| 2017-07-27 | Talk | Defcon |
ICS Humla
| Sneha Rajguru, Arun Mane | #ics-security#security-assessment#embedded-systems+4 |
| 2017-07-26 | Tool demo | Blackhat |
Devknox - Autocorrect Security Issues from Android Studio
| Subho Halder | #android#code-analysis#secure-coding |
| 2017-07-26 | Tool demo | Blackhat |
Datasploit - Automated Open Source Intelligence (OSINT) Tool
| Kunal Aggarwal, Shubham Mittal, Sudhanshu Chauhan | #osint#reconnaissance#social-engineering+4 |
| 2017-06-23 | Talk | Hackinparis |
Injecting Security into Web apps with Runtime Patching and Context Learning
| Ajin Abraham | #blueteam#secure-development#sqli+4 |
| 2017-05-23 | Talk | Phdays |
Injecting security into web apps in the runtime
| Ajin Abraham | #blueteam#secure-development#sqli+4 |
| 2017-04-14 | Talk | Hitbsecconf |
Is There a Doctor in The House? Hacking Medical Devices and Healthcare Infrastructure
| Anirudh Duggal | #red-teaming#application-pentesting#data-protection+3 |
| 2017-03-30 | Tool demo | Blackhat |
LAMMA 1.0
| Ajit Hatti | #encryption#security-assessment#static-analysis+1 |
| 2017-03-30 | Tool demo | Blackhat |
Datasploit - Automated Open Source Intelligence (OSINT) Tool
| Shubham Mittal | #osint#reconnaissance#security-tools+3 |
| 2017-03-30 | Tool demo | Blackhat |
Devknox - Autocorrect Security Issues from Android Studio
| Subho Halder | #android#code-analysis#secure-coding |
| 2017-03-04 | Panel | Nullcon |
Application Security Opportunities and Challenges in a DevOps World
| Abhay Bhargav, Ajay Bongirwar, Arun Jadhav, Pravesh Sharma, Adam Leaonard | #secure-development#security-testing#dynamic-analysis+3 |
| 2017-03-03 | Talk | Nullcon |
DevOpSec: Rapid Security in the Cloud with AWS and CIS
| Mikhail Advani, Rajesh Tamhane | #devsecops#aws#cloud-compliance+4 |
| 2017-03-03 | Talk | Nullcon |
Agility with security mitigations in Windows 10
| Swamy Shivaganga Nagaraju | #windows#blueteam#security-development-lifecycle+2 |
| 2017-03-03 | Talk | Nullcon |
Injecting Security into Web apps with Runtime Patching and Context Learning
| Ajin Abraham | #blueteam#secure-development#sqli+4 |
| 2017-03-03 | Talk | Nullcon |
Case Study on RFID (proximity cards) hacking
| Sarwar Jahan, Ashwath Kumar | #rfid#red-teaming#hardware-embedded+4 |
| 2017-03-03 | Talk | Nullcon |
Hacking medical devices and infrastructure
| Anirudh Duggal | #red-teaming#application-pentesting#security-testing |
| 2017-03-03 | Talk | Nullcon |
Tale of training a Web Terminator!
| Bharadwaj Machiraju | #ml#security-assessment#application-pentesting+4 |
| 2017-01-25 | Talk | Owaspappseccalifornia |
DASTProxy: Donβt let your automated security testing program stall on crawlInstead focus on business context
| Kiran Shirali, Srinivasa Rao Chirathanagandla | #dynamic-analysis#dast#devsecops+2 |
| 2016-11-11 | Talk | Deepsec |
Human vs Artificial intelligence β Battle of Trust
| Hemil Shah | #ai#application-pentesting#application-hardening+4 |
| 2016-11-11 | Talk | Deepsec |
AMSI: How Windows 10 Plans To Stop Script Based Attacks and How Good It Does That
| Nikhil Mittal | #blueteam#amsi#endpoint-protection+1 |
| 2016-11-04 | Tool demo | Blackhat |
Yasuo
| Saurabh Harit | #secure-coding#red-teaming#blueteam+3 |
| 2016-11-03 | Tool demo | Blackhat |
DataSploit
| Shubham Mittal, Nutan Kumar Panda | #osint#reconnaissance#security-tools+3 |
| 2016-10-27 | Talk | Brucon |
Decepticon The Rise and Evolution of an Intelligent Evil Twinβ¦!!!
| Rushikesh D Nandedkar, Amrita C Iyer, Krishnakant Patil | #reverse-engineering#evil-twin-attack#network-monitoring+3 |
| 2016-10-14 | Talk | Appsecusa |
Automating API Penetration Testing using fuzzapi
| Abhijeth Dugginapeddi, Lalith Rallabhandi | #fuzzing#api-security#application-pentesting+4 |
| 2016-10-14 | Talk | Appsecusa |
DevOps to DevSecOps: a 2-dimensional view of security for DevOps
| Sanjeev Sharma | #application-hardening#secure-coding#security-development-lifecycle+3 |
| 2016-10-13 | Talk | Appsecusa |
Lightning Talk - Demystifying Windows Application
| Rupali Dash | #windows#application-hardening#secure-coding+4 |
| 2016-10-13 | Talk | Appsecusa |
When encryption is not enough: Attacking Wearable - Mobile Application communication over BLE
| Sumanth Naropanth, Kavya Racharla, Chandra Prakash Gopalaiah | #reverse-engineering#secure-development#ble+4 |
| 2016-09-23 | Talk | Rootcon |
Halcyon β A Faster Way to Build Custom Scripts for Nmap Scans
| Sanoop Thomas | #secure-coding#reconnaissance#red-teaming+1 |
| 2016-08-19 | Talk | C0c0n |
App Sec in the Time of Docker Containers
| Akash Mahajan | #docker#application-pentesting#container-security+4 |
| 2016-08-19 | Talk | C0c0n |
Breaking into Gas stations!
| Suraj Pratap | #red-teaming#ethical-hacking#exploit-delivery+2 |
| 2016-08-19 | Talk | C0c0n |
Esoteric XSS Payloads
| Riyaz Walikar | #xss#red-teaming#code-injection+3 |
| 2016-08-19 | Talk | C0c0n |
SSD Forensics : A Nightmare for Forensic Investigators
| Santosh Khadsare | #forensics#memory-forensics#incident-management+2 |
| 2016-08-06 | Tool demo | Defcon |
Datasploit
| Shubham Mittal | #osint#reconnaissance#data-leak+4 |
| 2016-08-06 | Tool demo | Defcon |
Android-InsecureBank
| Dinesh Shetty | #android#red-teaming#application-pentesting+4 |
| 2016-08-04 | Tool demo | Blackhat |
Droid-FF: Android Fuzzing Framework
| Anto Joseph | #android#fuzzing#secure-coding+1 |
| 2016-08-04 | Tool demo | Blackhat |
Maltese (Malware Traffic Emulating Software)
| Sasi Siddharth | #dns#secure-coding#malware-detection+2 |
| 2016-08-04 | Talk | Blackhat |
Understanding HL7 2.x Standards Pen Testing and Defending HL7 2.x Messages
| Anirudh Duggal | #ics-security#risk-management#application-pentesting+3 |
| 2016-08-03 | Tool demo | Blackhat |
Android-InsecureBankv2
| Dinesh Shetty | #android#red-teaming#application-pentesting+4 |
| 2016-05-26 | Talk | Hitbsecconf |
HITB Lab: Mobile Application Security for iOS and Android
| Tushar Dalvi, Tony Trummer | #android#ios#security-assessment+2 |
| 2016-05-17 | Talk | Phdays |
Fingerprinting and Attacking a Healthcare Infrastructure
| Anirudh Duggal | #red-teaming#fingerprinting#ransomware+4 |
| 2016-05-17 | Talk | Phdays |
Security Automation Based on Artificial Intelligence
| Rahul Sasi | #ai#blueteam#ai-security+4 |
| 2016-04-01 | Tool demo | Blackhat |
LIMON-SANDBOX FOR ANALYZING LINUX MALWARES
| Monnappa K A | #linux#dynamic-analysis#static-analysis+2 |
| 2016-03-15 | Talk | Groundzerosummit |
Web App Security
| Harpreet Singh, Himanshu Sharma, Nipun Jaswal | #web-security#api-security#secure-coding+3 |
| 2016-03-11 | Talk | Nullcon |
Real-time Ingestion of security telemetry data into Hadoop distributed system to respond to 0-day
| Pallav Jakhotiya, Vipul Sawant | #secure-development#blueteam#data-analytics+3 |
| 2016-03-11 | Talk | Nullcon |
Million Dollar Baby: Towards ANGRly conquering DARPA CGC
| Aravind Machiry | #red-teaming#security-assessment#application-pentesting+4 |
| 2016-03-11 | Talk | Nullcon |
Attacking and defending healthcare - EMR solutions
| Anirudh Duggal | #red-teaming#blueteam#application-pentesting+1 |
| 2016-03-11 | Talk | Nullcon |
Making Machines think about security for fun and profit
| Rahul Sasi | #blueteam#ml#application-pentesting+4 |
| 2015-11-19 | Talk | Deepsec |
Continuous Intrusion: Why CI Tools Are an Attacker’s Best Friends.
| Nikhil Mittal | #red-teaming#ci-cd#cicd-security+3 |
| 2015-11-13 | Talk | Blackhat |
Continuous Intrusion: Why CI tools are an Attacker’s Best Friends
| Nikhil Mittal | #red-teaming#ci-cd#application-pentesting+4 |
| 2015-11-05 | Talk | Groundzerosummit |
XSS - The art of evading web application filters!
| Anirudh Anand | #xss#application-pentesting#input-validation+2 |
| 2015-11-05 | Talk | Groundzerosummit |
Elliptical Curve Cryptography
| Aneesha S | #encryption#elliptic-curve-cryptography#secure-development+1 |
| 2015-11-05 | Talk | Groundzerosummit |
Hacking RFIDs under 2000INR
| Jayesh Chauhan | #rfid#red-teaming#hardware-embedded+4 |
| 2015-11-05 | Talk | Groundzerosummit |
Authentication flaw in Automatic Bank Passbook printing machine.
| Indrajeet Bhuyan | #authentication#identity-management#application-pentesting+3 |
| 2015-11-05 | Talk | Groundzerosummit |
Thanks for the free cookies
| Anshul Saxena, Nishant Yadav | #red-teaming#application-pentesting#security-testing |
| 2015-11-05 | Talk | Groundzerosummit |
Trailing Terror in the Darknets
| Shesh Sarangdhar | #deep-web#tor#cryptocurrency+1 |
| 2015-11-05 | Talk | Groundzerosummit |
chellam β a Wi-Fi IDS/Firewall for Windows
| Vivek Ramachandran | #wifi#firewall#ids+3 |
| 2015-11-05 | Talk | Groundzerosummit |
OSINT Black Magic: Listen who whispers your name in the dark!!!
| Sudhanshu Chauhan, Nutan Kumar Panda | #osint#deep-web#data-leak+4 |
| 2015-10-21 | Talk | Hacklu |
Stegosploit - Delivering Drive-By Exploits With Only Images
| Saumil Shah | #red-teaming#steganography#application-pentesting+1 |
| 2015-10-08 | Talk | Brucon |
The .11 Veil, Camouflage & Covert!!! Invisible Wifi, Revealed
| Rushikesh D Nandedkar, Amrita C Iyer | #wifi#network-pentesting#security-testing+2 |
| 2015-08-05 | Tool demo | Blackhat |
PixelCaptcha: A unicode based captcha scheme
| Gursev Singh Kalra | #secure-coding#application-hardening#input-validation+3 |
| 2015-08-01 | Talk | C0c0n |
NoPo - The NoSQL HoneyPot Framework
| Francis Alexander | #secure-coding#application-pentesting#security-testing+2 |
| 2015-08-01 | Talk | C0c0n |
Understanding the known : A deep look at OWASP A9 : Using Components with Known Vulnerabilities
| Anant Shrivastava | #owasp#blueteam#security-testing+4 |
| 2015-08-01 | Talk | C0c0n |
From AOSP ( Android OpenSource Project ) to ABD ( Android Based Devices )
| Anto Joseph | #android#mobile-device-management#embedded-systems+2 |
| 2015-08-01 | Talk | C0c0n |
Attack chaining for web exploitation- From Information leakage to gaining Root access
| Abhijeth Dugginapeddi | #red-teaming#application-pentesting#attack-surface+2 |
| 2015-08-01 | Talk | C0c0n |
Demystifying and Breaking BLE
| Yashin Mehaboobe | #bluetooth#mobile-hacking#exploit-delivery+1 |
| 2015-08-01 | Talk | C0c0n |
Hacking RFIDs under 2000 INR
| Jayesh Chauhan, Divya S John | #rfid#hardware-embedded#embedded-systems+3 |
| 2015-07-06 | Talk | Blackhat |
DOM FLOW - UNTANGLING THE DOM FOR MORE EASY-JUICY BUGS
| Ahamed Nafeez | #red-teaming#xss#application-pentesting+2 |
| 2015-06-16 | Talk | Blackhat |
The Savage Curtain: Mobile SSL Failures
| Tushar Dalvi, Tony Trummer | #ssl#mobile-application-management#application-pentesting+1 |
| 2015-05-28 | Talk | Hitbsecconf |
The Savage Curtain: Mobile SSL Failures
| Tushar Dalvi, Tony Trummer | #ssl#security-assessment#mobile-application-management+1 |
| 2015-05-26 | Talk | Phdays |
Invisible Backdoors In Your Code
| Debasis Mohanty | #blueteam#code-review#secure-coding+4 |
| 2015-05-26 | Talk | Phdays |
iOS Application Exploitation
| Prateek Gianchandani, Egor Tolstoy | #ios#red-teaming#application-pentesting+4 |
| 2015-03-26 | Tool demo | Blackhat |
SecPod Saner
| Preeti Subramanian | #blueteam#security-tools#automated-scanning+2 |
| 2015-03-15 | Talk | Defcon |
TECHNICAL TALK-FUZZING ASYNCHRONOUS PROTOCOLS BUILT OVER WEBSOCKETS
| Lavakumar Kuppan | #fuzzing#application-pentesting#dynamic-analysis+1 |
| 2015-02-06 | Talk | Nullcon |
Building security and compliance into the software delivery process
| Anubhav Bathla, Dinesh Pillai, S Chandrasekhar, Harish Pillay | #secure-development#devsecops#security-compliance+3 |
| 2015-02-06 | Talk | Nullcon |
Pentesting a website with million lines of Javascript
| Lavakumar Kuppan, Ahamed Nafeez | #web-security#security-assessment#application-pentesting+2 |
| 2015-02-06 | Talk | Nullcon |
Toliman, a Hadoop Pentesting Tool
| Jitendra Chauhan | #security-assessment#security-tools#cloud-workload-protection+2 |
| 2015-01-27 | Talk | Owaspappseccalifornia |
The Emperor’s New Password Manager: Security Analysis of Web-based Password Managers
| Devdatta Akhawe | #web-security#xss#csrf+2 |
| 2014-11-21 | Talk | Deepsec |
Mobile SSL Failures
| Tushar Dalvi, Tony Trummer | #ssl#android-security#ios-security+3 |
| 2014-11-13 | Talk | Groundzerosummit |
Cyber ‘BrahMos’ - Static analysis driven secure coding
| Joy Sen | #secure-coding#static-analysis#sast+4 |
| 2014-11-13 | Talk | Groundzerosummit |
Attacking Web-Proxies like never before
| Ahamed Nafeez | #red-teaming#application-hardening#security-testing |
| 2014-11-13 | Talk | Groundzerosummit |
Evaluating WAF (Web Application Firewall) for Fun and Profit with WOF
| Bhaumik Merchant | #red-teaming#application-pentesting#security-testing+1 |
| 2014-11-13 | Talk | Groundzerosummit |
Fuzzing Asynchronous Protocols built over Websockets
| Lavakumar Kuppan | #fuzzing#red-teaming#application-pentesting+2 |
| 2014-11-13 | Talk | Groundzerosummit |
How I won Browser Fuzzing
| Amol Naik | #fuzzing#red-teaming#security-testing+4 |
| 2014-11-13 | Talk | Groundzerosummit |
SCADA Exploitation through Firmware
| Ashish Saxena | #red-teaming#firmware-analysis#ics-security+3 |
| 2014-09-24 | Talk | Brucon |
OWASP: OWTF
| Bharadwaj Machiraju | #security-assessment#application-pentesting#dynamic-analysis+2 |
| 2014-09-11 | Talk | 44con |
Darshak: how to turn your phone into a low cost IMSI catcher device
| Ravishankar Borgaonkar, Swapnil Udar | #imsi#endpoint-protection#security-tools |
| 2014-08-22 | Talk | C0c0n |
My tryst with Source Code Review
| Anant Shrivastava | #code-review#secure-coding#security-testing |
| 2014-08-22 | Talk | C0c0n |
Still Single with a bleeding heart (Tool Release)
| Tamaghna Basu | #secure-development#application-pentesting#secure-coding+1 |
| 2014-08-22 | Talk | C0c0n |
Breaking and Securing Mobile Apps - Automagically
| Aditya Gupta | #purpleteam#mobile-application-management#mobile-hacking+4 |
| 2014-08-22 | Talk | C0c0n |
Exploiting NoSQL Like Never Before
| Francis Alexander | #red-teaming#application-pentesting#security-testing |
| 2014-08-22 | Talk | C0c0n |
Lesser Known Attack - XML Injection
| Amol Naik | #red-teaming#application-pentesting#code-review+3 |
| 2014-08-21 | Talk | Usenix |
The Emperorβs New Password Manager: Security Analysis of Web-based Password Managers
| Devdatta Akhawe, Zhiwei Li, Warren He, Dawn Song | #web-security#xss#csrf+2 |
| 2014-08-07 | Tool demo | Blackhat |
C-SCAD: Assessing Security flaws in clearscada Web_X client!
| Aditya K Sood | #red-teaming#security-assessment#ics-security+3 |
| 2014-06-23 | Talk | Hackinparis |
Pentesting NoSQL DB’s with NoSQL Exploitation Framework
| Francis Alexander | #secure-coding#security-assessment#application-pentesting+4 |
| 2014-03-15 | Talk | Hitbsecconf |
JS Suicide: Using Javascript Security Features to Kill Itself
| Ahamed Nafeez | #web-security#application-pentesting#code-review+3 |
| 2014-03-15 | Talk | Blackhat |
Anatomy of a Credit Card Stealing POS Malware
| Amol Sarwate | #reverse-engineering#security-assessment#security-testing |
| 2014-02-15 | Tool demo | Nullcon |
DrupSnipe
| Ranjeet Sengar, Sukesh Pappu | #drupal#security-assessment#application-pentesting+2 |
| 2014-02-15 | Tool demo | Nullcon |
NoSQL Exploitation Framework
| Francis Alexander | #red-teaming#application-pentesting#security-tools+3 |
| 2014-02-15 | Tool demo | Nullcon |
OWASP OWTF - The Offensive (Web) Testing Framework
| Bharadwaj Machiraju, Abraham Aranguren | #security-assessment#application-pentesting#security-tools+3 |
| 2014-02-15 | Tool demo | Nullcon |
XMLChor
| Harshal Jamdade | #exploitation#web-pentesting#security-tools |
| 2014-02-14 | Talk | Nullcon |
Attack of the setuid bit - pt_chown and pwning root terminals
| Siddhesh Poyarekar | #glibc#red-teaming#blueteam+2 |
| 2014-02-14 | Talk | Nullcon |
Chrome - OS Security 2014: New and future hotness
| Sumit Gwalani | #blueteam#application-hardening#application-pentesting+4 |
| 2014-02-14 | Talk | Nullcon |
Pentesting without Pentesters - Automating Security Testing with Functional Testing Test Cases
| Ankita Gupta, Lavakumar Kuppan | #security-assessment#application-pentesting#security-development-lifecycle+3 |
| 2014-02-14 | Talk | Nullcon |
2014 The year in which we cannot ignore SCADA
| Amol Sarwate | #scada#blueteam#ics-security+4 |
| 2014-02-14 | Talk | Nullcon |
User Privacy in Cellular Networks
| Ravishankar Borgaonkar | #data-protection#network-architecture#data-governance+2 |
| 2013-11-21 | Talk | Appsecusa |
Wassup MOM? Owning the Message Oriented Middleware
| Gursev Singh Kalra | #api-security#secure-coding#application-pentesting |
| 2013-11-21 | Talk | Deepsec |
Automation In Android & iOS Application Security Review
| Hemil Shah | #android#ios#application-pentesting+4 |
| 2013-11-20 | Talk | Appsecusa |
Why is SCADA Security an Uphill Battle?
| Amol Sarwate | #scada#application-pentesting#application-hardening+4 |
| 2013-11-20 | Panel | Appsecusa |
Aim-Ready-Fire
| Pravir Chandra, Ajoy Kumar, Suprotik Ghose, Jason Rottaupt, Ramin Safai, Sean Barnum, Wendy Nather | #appsec#secure-development#security-strategy |
| 2013-11-20 | Talk | Appsecusa |
Project Talk: OWASP OpenSAMM Project
| Pravir Chandra, Seba Deleersnyder | #software-security#secure-development#devsecops+4 |
| 2013-11-07 | Talk | Groundzerosummit |
How I built a pentest lab in under 70 USD
| Swaroop Yermalkar | #security-assessment#ethical-hacking#bug-bounty+1 |
| 2013-11-07 | Talk | Groundzerosummit |
IronWASP
| Lavakumar Kuppan | #security-assessment#application-pentesting#security-tools+2 |
| 2013-09-27 | Talk | C0c0n |
Infiltrating the Intranet with Skanda
| Jayesh Chauhan | #red-teaming#secure-coding#ethical-hacking+1 |
| 2013-09-27 | Talk | C0c0n |
Snake Bites
| Anant Shrivastava | #secure-coding#security-assessment#xss |
| 2013-09-27 | Talk | C0c0n |
Static analysis of malware with PyTriage
| Yashin Mehaboobe | #secure-coding#static-analysis#dynamic-analysis+2 |
| 2013-09-27 | Talk | C0c0n |
From Bedroom to Boardroom - Taking your Weekend Infosec Project Global
| Vivek Ramachandran | #devsecops#secure-development#security-assessment+2 |
| 2013-09-27 | Talk | C0c0n |
Blur Captcha
| Anirudh Duggal, Abhinav Mohanty | #red-teaming#security-testing#application-pentesting+1 |
| 2013-09-27 | Talk | C0c0n |
Pwning WiFi Devices!
| Swaroop Yermalkar | #wifi#red-teaming#network-pentesting+2 |
| 2013-09-13 | Talk | Rootcon |
My Experiments with truth: a different route to bug hunting
| Devesh Bhatt | #bug-hunting#bug-bounty#security-testing+3 |
| 2013-09-12 | Talk | Grrcon |
The Droid Exploitation Saga β All Over Again!
| Aditya Gupta, Subho Halder | #android#red-teaming#android-security+4 |
| 2013-08-02 | Talk | Defcon |
Interactive Web Security Testing with IronWASP
| Lavakumar Kuppan | #application-pentesting#dynamic-analysis#security-testing+3 |
| 2013-08-01 | Tool demo | Blackhat |
Sparty
| Aditya K Sood | #secure-coding#audit#blueteam |
| 2013-08-01 | Tool demo | Blackhat |
XENOTIX xBOT
| Ajin Abraham | #botnet#linux#windows+3 |
| 2013-07-31 | Talk | Blackhat |
Javascript static security analysis made easy with JSPrime
| Nishant Das Patnaik, Sarathi Sabyasachi Sahoo | #web-security#blueteam#application-hardening+4 |
| 2013-05-28 | Talk | Confidence |
My Experiments with truth: a different route to bug hunting
| Devesh Bhatt | #security-assessment#vulnerability-assessment#secure-development+2 |
| 2013-03-15 | Talk | Blackhat |
The Sandbox Roulette- Are you ready for the gamble?
| Rahul Kashyap, Rafal Wojtczuk | #blueteam#application-pentesting#dynamic-analysis+3 |
| 2013-03-15 | Talk | Blackhat |
Vulnerability analysis of 2013 SCADA issues
| Amol Sarwate | #scada#ics-security#attack-surface+2 |
| 2013-03-01 | Talk | Nullcon |
Inception of graphical passwords
| Rishi Narang | #authentication#application-pentesting#secure-development+3 |
| 2013-03-01 | Talk | Nullcon |
Mobile Code mining for discovery and exploits
| Hemil Shah | #code-analysis#secure-development#blueteam+4 |
| 2013-03-01 | Talk | Nullcon |
Bug Bounty Hunter’s confession
| Amol Naik | #bug-hunting#security-training#ethical-hacking+3 |
| 2013-03-01 | Talk | Nullcon |
Detecting and Exploiting XSS Vulnerabilities and Xenotix XSS Exploitation Framework
| Ajin Abraham | #xss#red-teaming#application-pentesting+3 |
| 2013-03-01 | Talk | Nullcon |
CSRF Finder as a Mozilla Addon
| Piyush Pattanayak | #csrf#blueteam#application-pentesting+4 |
| 2012-12-06 | Talk | Blackhat |
The art of exploiting logical flaws in web apps
| Sumit Siddharth, Richard Dean | #red-teaming#secure-coding#application-pentesting+1 |
| 2012-12-06 | Talk | Blackhat |
Attacking ODATA
| Gursev Singh Kalra | #red-teaming#api-security#application-pentesting+2 |
| 2012-12-06 | Talk | Blackhat |
HTML5 top 10 threats β Stealth Attack and Silent Exploits
| Shreeraj Shah | #red-teaming#application-pentesting#dynamic-analysis+4 |
| 2012-12-06 | Talk | Blackhat |
Poking servers with Facebook(and other web applications)
| Riyaz Walikar | #xspa#red-teaming#application-pentesting+2 |
| 2012-12-01 | Talk | Clubhack |
Content-Type attack -Dark hole in the secure environment
| Raman Gupta | #red-teaming#application-pentesting#pdf+3 |
| 2012-12-01 | Talk | Clubhack |
FatCat Web Based SQL Injector
| Sandeep Kamble | #sqli#red-teaming#input-validation+4 |
| 2012-12-01 | Talk | Clubhack |
XSSshell
| Vandan Joshi | #xss#application-pentesting#code-review+4 |
| 2012-12-01 | Talk | Clubhack |
Anatomy of a Responsible Disclosure β Zero Day Vulnerability in Oracle BI Publisher
| Vishal Kalro | #zero-day#application-pentesting#secure-development+1 |
| 2012-12-01 | Talk | Clubhack |
HAWAS β Hybrid Analyzer for Web Application Security
| Lavakumar Kuppan | #security-assessment#application-pentesting#dynamic-analysis+4 |
| 2012-12-01 | Talk | Clubhack |
Stand Close to Me, & Youβre pwned! : Owning SmartPhones using NFC
| Aditya Gupta, Subho Halder | #nfc#red-teaming#android-security+4 |
| 2012-12-01 | Talk | Clubhack |
Detecting and Exploiting XSS with Xenotix XSS Exploit Framework
| Ajin Abraham | #xss#red-teaming#application-pentesting+4 |
| 2012-11-29 | Talk | Deepsec |
Bad Things in Good Packages - Creative Exploit Delivery
| Saumil Shah | #red-teaming#exploit-delivery#security-testing |
| 2012-11-23 | Talk | Malcon |
Advances in ROP attacks
| Raashid Bhat | #red-teaming#bypassing#exploit-delivery+3 |
| 2012-11-23 | Talk | Malcon |
Advanced Malware Engine
| Mohit Kumar | #android#red-teaming#malware-research+3 |
| 2012-11-23 | Talk | Malcon |
Tampering in Energy Meters
| Mohit Arora | #energy-theft#embedded-systems#firmware-analysis+2 |
| 2012-11-23 | Talk | Malcon |
Windows Phone 8 Malware Prototype
| Shantanu Gawde | #windows-phone#red-teaming#mobile-device-management+3 |
| 2012-11-07 | Award | |
Cross Site Port Attack (XSPA)
| Riyaz Walikar | #application-pentesting#security-testing#dynamic-analysis+3 |
| 2012-10-26 | Talk | Appsecusa |
The 7 Qualities of Highly Secure Software
| Mano Paul | #secure-development#software-security#secure-coding+3 |
| 2012-10-26 | Talk | Appsecusa |
XSS & CSRF with HTML5 - Attack, Exploit and Defense
| Shreeraj Shah | #xss#csrf#dynamic-analysis+3 |
| 2012-09-28 | Talk | Nullcon |
Alert(/xss/) - How to catch an XSS before someone exploits / reports it?
| Ahamed Nafeez | #web-security#xss#secure-coding+2 |
| 2012-09-26 | Talk | Nullcon |
Opening the kimono: Automating behavioral analysis for mobile apps
| Pradeep Kulkarni, Michael Sutton | #application-pentesting#security-testing#dynamic-analysis+1 |
| 2012-09-26 | Talk | Nullcon |
The art of Passive Web Vul Analysis with IronWASP
| Lavakumar Kuppan | #security-assessment#application-pentesting#security-testing+2 |
| 2012-09-05 | Talk | 44con |
Why Integrity is left alone and not given TLC (Tender, Love and Care) it deserves?
| Jitender Arora | #data-protection#security-strategy#threat-modeling+3 |
| 2012-08-29 | Talk | Owaspappsecindia |
Find me if you can Smart fuzzing and discovery!
| Shreeraj Shah | #fuzzing#application-pentesting#dynamic-analysis+3 |
| 2012-08-15 | Award | |
Attacking OData: HTTP Verb Tunneling, Navigation Properties for Additional Data Access, System Query Options ($select)
| Gursev Singh Kalra | #api-security#web-pentesting#security-tools |
| 2012-08-03 | Talk | C0c0n |
Evil JavaScript
| Bishan Singh | #red-teaming#web-security#application-pentesting+4 |
| 2012-08-03 | Talk | C0c0n |
Gathering security requirements
| K v Prashant, Saleem Ahamed | #security-testing#secure-development#security-development-lifecycle+2 |
| 2012-08-03 | Talk | C0c0n |
Easy Money with UI-Redressing
| Amol Naik | #bug-hunting#application-pentesting#dynamic-analysis+4 |
| 2012-08-03 | Talk | C0c0n |
WebApp Remote Code Execution using Server Side Scripting Engines
| Rahul Sasi | #red-teaming#security-assessment#application-pentesting+4 |
| 2012-08-03 | Talk | C0c0n |
Enterprise server security
| Raghav Shandilya | #blueteam#security-tools#network-monitoring+2 |
| 2012-07-26 | Tool demo | Blackhat |
Bypassing Every CAPTCHA provider with clipcaptcha
| Gursev Singh Kalra | #web-security#bypassing#security-tools |
| 2012-07-25 | Tool demo | Blackhat |
Oyedata for OData Assessments
| Gursev Singh Kalra | #api-security#web-pentesting#security-tools |
| 2012-05-24 | Talk | Hitbsecconf |
CXML/VXML Auditing for IVR Pentesters and PCI/DSS Consultants
| Rahul Sasi | #security-assessment#ivr#application-pentesting+2 |
| 2012-03-15 | Talk | Nullcon |
An App(le) a day keeps the wallet away
| Antriksh Shah | #security-assessment#web-security#api-security+1 |
| 2012-03-15 | Talk | Owaspappsecindia |
The Magic of Passive Web Vulnerability Analysis
| Lavakumar Kuppan | #application-pentesting#security-testing#static-analysis+2 |
| 2012-03-14 | Talk | Blackhat |
Hacking XPATH 2.0
| Sumit Siddharth, Tom Forbes | #red-teaming#application-pentesting#input-validation+1 |
| 2012-02-15 | Talk | Nullcon |
Application security cost management
| Ketan Vyas | #blueteam#application-pentesting#secure-development+2 |
| 2012-02-15 | Talk | Nullcon |
Best practices to improve the security grading of your project
| Hemant Khandelwal | #blueteam#threat-modeling#secure-development |
| 2012-02-15 | Talk | Nullcon |
Attacking Backup Software
| Nibin Varghese | #red-teaming#application-pentesting#security-testing |
| 2012-02-15 | Talk | Nullcon |
CAPTCHAs for fun and Profit
| Gursev Singh Kalra | #red-teaming#application-pentesting#input-validation+2 |
| 2012-02-15 | Talk | Nullcon |
IVR Security: Internal Network attacks via phone lines
| Rahul Sasi | #ivrs#red-teaming#application-pentesting+1 |
| 2011-12-04 | Talk | Clubhack |
DOM XSS β Encounters of the 3rd Kind
| Bishan Singh | #xss#red-teaming#secure-coding+4 |
| 2011-12-04 | Talk | Clubhack |
Android Forensics
| Manish Chasta | #android#forensics#android-security+4 |
| 2011-12-04 | Talk | Clubhack |
Hacking your Droid
| Aditya Gupta | #red-teaming#android#mobile-hacking+4 |
| 2011-11-25 | Talk | Malcon |
Exploit the Exploit kits
| Dhruv Soi | #blueteam#exploit-kit#malware-detection+3 |
| 2011-10-13 | Talk | Hitbsecconf |
Web Wars 3
| Saumil Shah | #cyber-war#exploit-delivery#application-pentesting+1 |
| 2011-10-07 | Talk | C0c0n |
Paranoid Android
| Ankur Bhargava, Mrigesh | #android#android-security#mobile-hacking+3 |
| 2011-10-07 | Talk | C0c0n |
Secure HTTP Headers or How I can finally convince management to let go of IE6
| Akash Mahajan | #application-pentesting#secure-development#security-testing+1 |
| 2011-10-07 | Talk | C0c0n |
Security Threats in Custom ROM’s (Android)
| Anant Shrivastava | #android#android-security#application-pentesting+3 |
| 2011-10-07 | Talk | C0c0n |
Web Application Backdoor Attack,Evasion and Detection
| Rahul Sasi | #purpleteam#application-pentesting#backdoor-detection+4 |
| 2011-10-07 | Talk | C0c0n |
Deep(er) Penetration: Reaching the Internal Network using Exposed Web Applications
| Riyaz Walikar | #red-teaming#application-pentesting#application-hardening+1 |
| 2011-10-07 | Talk | C0c0n |
iPhone Jailbreak
| Antriksh Shah | #ios#ios-security#jailbreak+3 |
| 2011-10-07 | Talk | C0c0n |
Pentesting iPhone Applications
| Satish Bommisetty | #ios#security-assessment#application-pentesting+4 |
| 2011-09-19 | Talk | Brucon |
Step-by-Step for Software Security (that anyone can follow)
| Pravir Chandra | #software-security#secure-development#devsecops+4 |
| 2011-09-07 | Talk | Securitybyte |
Mobile Devices β Boon or Curse?
| Kishor Sonawane, Oliver Ng | #mobile-device-management#mobile-application-management#application-hardening+4 |
| 2011-09-07 | Talk | Securitybyte |
Web Application Defender
| K v Prashant, Mohammed Imran | #blueteam#application-pentesting#secure-development+4 |
| 2011-09-07 | Talk | Securitybyte |
IronWASP - A Web Application Security Testing Platform
| Lavakumar Kuppan | #security-assessment#application-pentesting#dynamic-analysis+4 |
| 2011-09-06 | Talk | Securitybyte |
Application Security Strategies
| K K Mookhey | #secure-coding#secure-development#web-security+3 |
| 2011-09-06 | Talk | Securitybyte |
Enabling Un-trusted Mashups
| Bishan Singh | #web-security#xss#csrf+4 |
| 2011-09-06 | Talk | Securitybyte |
Botnets at Application+ layer
| Raj Shastrakar | #bot#red-teaming#application-pentesting+4 |
| 2011-09-06 | Talk | Securitybyte |
Runtime thread injection and execution in Linux processes
| Aseem Jakhar | #thread-injection#linux#process-injection+2 |
| 2011-08-03 | Talk | Blackhat |
Killing the Myth of Cisco IOS Diversity: Towards Reliable, Large-Scale Exploitation of Cisco IOS
| Jatin Kataria, Ang Cui, Salvatore Stolfo | #cisco-ios#hardware-embedded#firmware-analysis+4 |
| 2011-02-25 | Talk | Nullcon |
(secure) SiteHoster β Disable XSS & SQL Injection
| Abhishek Kumar | #xss#sqli#blueteam+1 |
| 2011-02-25 | Talk | Nullcon |
JSON Fuzzing: New approach to old problems
| K v Prashant, Tamaghna Basu | #fuzzing#red-teaming#application-pentesting+4 |
| 2011-02-25 | Talk | Nullcon |
Automatic Program Analysis using Dynamic Binary Instrumentation (DBI)
| Sunil Kumar | #dynamic-binary-instrumentation#code-analysis#dynamic-analysis+3 |
| 2010-12-04 | Talk | Clubhack |
Firefox Security!
| Prasanna Kanagasabai | #application-pentesting#secure-development#security-testing+4 |
| 2010-12-04 | Talk | Clubhack |
Mantra β Free and Open Source security framework based on browser platform
| Abhi M Balakrishnan | #blueteam#endpoint-protection#application-pentesting+3 |
| 2010-12-04 | Talk | Clubhack |
Attacking with HTML5
| Lavakumar Kuppan | #red-teaming#application-pentesting#security-testing |
| 2010-11-25 | Talk | Deepsec |
Developers are from Mars, Compliance Auditors are from Venus
| Neelay S Shah | #security-compliance#security-governance#risk-management+4 |
| 2010-10-27 | Talk | Hacklu |
Exploit Delivery - Tricks and Techniques
| Saumil Shah | #red-teaming#exploit#exploit-delivery+4 |
| 2010-10-14 | Talk | Hitbsecconf |
Exploit Delivery
| Saumil Shah | #red-teaming#exploit#exploit-delivery+2 |
| 2010-08-01 | Talk | C0c0n |
Code Disclosure over HTTP
| Anant Kochhar | #red-teaming#application-hardening#code-review+4 |
| 2010-08-01 | Talk | C0c0n |
Last line of defense - Host Intrusion Prevention and Secure application development.
| Avinash Shenoi | #blueteam#application-hardening#secure-coding+3 |
| 2010-08-01 | Talk | C0c0n |
Writing x86 ShellCode & Secure Self Modifying code and Cross Platform Programming - A Security Angle
| Praseed Pai | #windows#red-teaming#secure-coding |
| 2010-08-01 | Talk | C0c0n |
Concept, Methodology and Challenges in Computer Forensics
| Sebastian Edassery | #forensics#digital-forensics#incident-management+2 |
| 2010-08-01 | Talk | C0c0n |
Client Side Exploits using PDF
| Ankur Bhargava, Tamaghna Basu | #red-teaming#pdf#data-leak+2 |
| 2010-08-01 | Talk | C0c0n |
Wireless MITM
| Prashant Mahajan | #red-teaming#network-pentesting#security-tools |
| 2010-07-30 | Talk | Defcon |
Hacking Oracle From Web Apps
| Sumit Siddharth | #sql-injection#application-pentesting#security-testing+2 |
| 2010-07-29 | Talk | Blackhat |
Hacking Browser’s DOM - Exploiting Ajax and RIA
| Shreeraj Shah | #red-teaming#ajax#application-pentesting+4 |
| 2010-07-29 | Talk | Blackhat |
Hacking Oracle From Web Apps
| Sumit Siddharth | #red-teaming#sql-injection#application-pentesting+3 |
| 2010-04-14 | Talk | Blackhat |
Attacking JAVA Serialized Communication
| Manish Saindane | #secure-coding#red-teaming#security-assessment |
| 2010-03-02 | Award | |
Bypassing CSRF protections with ClickJacking and HTTP Parameter Pollution
| Lavakumar Kuppan | #clickjacking#application-hardening#security-testing+1 |
| 2010-02-25 | Talk | Nullcon |
Penetration Testing versus Source Code
| Nikhil Wagholikar | #security-assessment#code-analysis#application-pentesting+4 |
| 2010-02-25 | Talk | Nullcon |
Software Fuzzing with Wireplay.
| Abhisek Datta | #fuzzing#red-teaming#network-pentesting+3 |
| 2010-02-25 | Talk | Nullcon |
Imposter ke karnamey: The Browser Phishing Tool.
| Lavakumar Kuppan | #phishing#red-teaming#security-testing+1 |
| 2009-12-05 | Talk | Clubhack |
Revealing the Secrets: Source Code Disclosure, Techniques and Impacts
| Anant Kochhar | #secure-development#secure-coding#code-review+2 |
| 2009-12-05 | Talk | Clubhack |
Indian IT Act 2000 vs 2009
| Rohas Nagpal | #cyber-law#embedded-systems#firmware-analysis+4 |
| 2009-12-05 | Talk | Clubhack |
Mobile Application Security Testing
| Gursev Singh Kalra | #security-assessment#mobile-pentesting#application-pentesting+4 |
| 2009-12-04 | Talk | Clubhack |
Facilitate Collaboration with Information Rights Management
| Abhijit Tannu | #information-rights-management#data-protection#application-hardening+4 |
| 2009-11-19 | Talk | Deepsec |
Top 10 Security Issues Developers Don’t Know About
| Neelay S Shah | #secure-coding#devsecops#software-security+2 |
| 2009-11-18 | Talk | Securitybyte |
Introduction to Web Protection Library
| Anil Chintala | #blueteam#application-pentesting#secure-development+4 |
| 2009-11-18 | Talk | Securitybyte |
Hacking Oracle From Web
| Sumit Siddharth | #red-teaming#sql-injection#application-hardening+1 |
| 2009-11-18 | Talk | Securitybyte |
Rumbling Infections β Web Malware Ontology
| Aditya K Sood | #dynamic-analysis#malware-research#sandbox+2 |
| 2009-11-17 | Talk | Securitybyte |
Applications - The new cyber security frontier
| Mano Paul | #secure-development#devsecops#software-security+2 |
| 2009-08-06 | Talk | C0c0n |
Cyber Forensics
| Krishna Sastry Pendyal | #forensics#digital-forensics#data-leak+4 |
| 2009-07-31 | Talk | Defcon |
Advancing Video Application Attacks with Video Interception, Recording, and Replay
| Arjun Sambamoorthy, Jason Ostrom | #red-teaming#security-tools#application-hardening |
| 2009-05-19 | Talk | Syscan |
Securing Enterprise Applications
| Shreeraj Shah | #web-security#ajax#xss+4 |
| 2009-05-19 | Talk | Syscan |
Securing Applications at Gateway with Web Application Firewalls
| Shreeraj Shah | #blueteam#footprinting#firewall+1 |
| 2009-04-22 | Talk | Hitbsecconf |
Application Defense Tactics & Strategies - WAF at the Gateway
| Shreeraj Shah | #blueteam#footprinting#firewall+1 |
| 2009-04-22 | Talk | Troopers |
Browser Design Flaws β Hacking by Breaking in Architectures
| Aditya K Sood | #red-teaming#application-pentesting#secure-development+1 |
| 2009-04-22 | Talk | Troopers |
SQL Injections: More Fun and Profit
| Sumit Siddharth | #red-teaming#application-pentesting#code-review+4 |
| 2009-03-16 | Talk | Cansecwest |
On Approaches and Tools for Automated Vulnerability Analysis
| Tanmay Ganacharya, Abhishek Singh, Swapnil Bhalode, Nikola Livic, Scott Lambert | #security-assessment#blueteam#automated-scanning+4 |
| 2009-02-19 | Talk | Blackhat |
Blinded by Flash: Widespread Security Risks Flash Developers Don’t See
| Prajakta Jagdale | #flash#blueteam#application-pentesting+2 |
| 2008-12-06 | Talk | Clubhack |
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA’s and Caching
| Karmendra Kohli | #secure-development#secure-coding#blueteam+1 |
| 2008-12-06 | Talk | Clubhack |
Reverse Engineering v/s Secure Coding
| Atul Alex | #secure-coding#reverse-engineering#red-teaming+2 |
| 2008-12-06 | Talk | Clubhack |
Hacking Client Side Insecurities
| Aditya K Sood | #red-teaming#application-pentesting#input-validation+1 |
| 2008-11-13 | Talk | Deepsec |
Game of Web 2.0 Security - Attacking Next Generation Apps
| Shreeraj Shah | #red-teaming#application-pentesting#dynamic-analysis+2 |
| 2008-10-29 | Talk | Hitbsecconf |
Top 10 Web 2.0 Attacks
| Shreeraj Shah | #web-security#ajax#xss+4 |
| 2008-10-29 | Talk | Hitbsecconf |
Browser Exploits - A New Model for Browser Security
| Saumil Shah | #red-teaming#application-pentesting#code-review+3 |
| 2008-10-22 | Talk | Hacklu |
Browser Exploits - A new model for Browser security
| Saumil Shah | #red-teaming#application-hardening#browser-security+4 |
| 2008-08-20 | Talk | Owaspappsecindia |
Building Enterprise AppSec Program
| Nish Bhalla | #appsec#secure-development#security-testing+4 |
| 2008-08-20 | Talk | Owaspappsecindia |
Case Study: Testing 200+ applications in a $10 Billion Enterprise
| Roshen Chandran | #security-assessment#application-pentesting#security-testing+4 |
| 2008-08-20 | Talk | Owaspappsecindia |
Application Security Trends & Challenges
| Kamlesh Bajaj | #owasp#appsec#secure-development+4 |
| 2008-08-20 | Talk | Owaspappsecindia |
Web Application Security: Too Costly To Ignore
| Rajesh Nayak | #appsec#blueteam#application-hardening+4 |
| 2008-04-16 | Talk | Hitbsecconf |
Securing Next Generation Applications Γ’β¬β Scan, Detect and Mitigate
| Shreeraj Shah | #web-security#ajax#xss+4 |
| 2008-03-27 | Talk | Blackhat |
Iron Chef Black Hat: John Henry Challenge
| Pravir Chandra, Jacob West, Brian Chess, Sean Fay | #ethical-hacking#secure-development#devsecops |
| 2007-12-09 | Talk | Clubhack |
Hacking Web 2.0 Art and Science of Vulnerability Detection
| Shreeraj Shah | #red-teaming#application-pentesting#dynamic-analysis+4 |
| 2007-12-09 | Talk | Clubhack |
Subtle Security flaws: Why you must follow the basic principles of software security
| Varun Sharma | #blueteam#software-security#secure-coding+4 |
| 2007-12-09 | Talk | Clubhack |
The future of automated web application testing
| Amish Shah, Umesh Nagori | #security-assessment#application-pentesting#security-testing+3 |
| 2007-08-02 | Talk | Blackhat |
Smoke ’em Out!
| Rohyt Belani | #forensics#incident-management#digital-forensics+4 |
| 2007-03-30 | Talk | Blackhat |
Web Service Vulnerabilities
| Nish Bhalla | #blueteam#purpleteam#application-pentesting+4 |
| 2006-11-29 | Talk | Pacsec |
Smashing Heap by Free Simulation
| Sandip Chaudhari | #heap#red-teaming#exploit-delivery+4 |
| 2006-10-19 | Talk | Hacklu |
Smashing Heap by Free Simulation:
| Sandip Chaudhari | #heap#red-teaming#exploit-development+2 |
| 2006-10-19 | Talk | Hacklu |
Writing Metasploit plugins - from vulnerability to exploit
| Saumil Shah | #metasploit#red-teaming#exploit-development+3 |
| 2006-09-21 | Talk | Hitbsecconf |
Finding Secrets in ISAPI
| Nish Bhalla | #secure-coding#reverse-engineering#application-pentesting+4 |
| 2006-08-05 | Talk | Defcon |
Zulu A Command Line Wireless Frame Generator
| Anmol Sheth, Damon Mccoy | #debugging#network-pentesting#linux+1 |
| 2006-08-02 | Talk | Blackhat |
SQL Injections by Truncation
| Bala Neerumalla | #web-security#sql-injection#secure-coding |
| 2006-08-02 | Talk | Blackhat |
Web Application Incident Response & Forensics: A Whole New Ball Game!
| Rohyt Belani, Chuck Willis | #application-pentesting#code-review#incident-management+3 |
| 2006-08-01 | Talk | Blackhat |
Writing Metasploit Plugins - from Vulnerability to Exploit
| Saumil Shah | #metasploit#exploit-development#secure-coding+2 |
| 2006-04-13 | Talk | Hitbsecconf |
Writing Metasploit Plugins - From Vulnerability to Exploit
| Saumil Shah | #metasploit#red-teaming#exploit-development+3 |
| 2006-01-26 | Talk | Blackhat |
Analysis of Adversarial Code: Problem, Challenges, Results
| Arun Lakhotia | #secure-coding#blueteam#static-analysis+1 |
| 2005-09-29 | Talk | Hitbsecconf |
Analyzing Code for Security Defects
| Nish Bhalla | #code-analysis#blueteam#secure-coding |
| 2005-09-26 | Talk | Hitbsecconf |
Web hacking Kung-Fu and Art of Defense
| Shreeraj Shah | #blueteam#application-pentesting#code-review+4 |
| 2005-07-28 | Talk | Blackhat |
Rapid Threat Modeling
| Akshay Aggarwal | #threat-modeling#red-teaming#security-strategy+4 |
| 2005-04-12 | Talk | Hitbsecconf |
Web Application Kung-Fu, The Art of Defense
| Shreeraj Shah | #blueteam#application-hardening#secure-coding+4 |
| 2005-03-31 | Talk | Blackhat |
Defeating Automated Web Assessment Tools
| Saumil Shah | #red-teaming#security-testing#application-pentesting+1 |
| 2004-07-29 | Talk | Blackhat |
Evasion and Detection of Web Application Attacks
| K K Mookhey | #blueteam#intrusion-detection#application-pentesting+3 |
| 2004-07-28 | Talk | Blackhat |
Defeating Automated Web Assessment Tools
| Saumil Shah | #red-teaming#application-pentesting#application-hardening+2 |
| 2004-05-19 | Talk | Blackhat |
HTTP Fingerprinting and Advanced Assessment Techniques
| Saumil Shah | #fingerprinting#blueteam#automated-scanning+2 |
| 2004-01-29 | Talk | Blackhat |
HTTP Fingerprinting and Advanced Assessment Techniques
| Saumil Shah | #fingerprinting#blueteam#application-pentesting+3 |
| 2003-12-16 | Talk | Blackhat |
HTTP Fingerprinting & Advanced Assessment Techniques
| Saumil Shah | #fingerprinting#blueteam#network-defense+3 |
| 2003-12-12 | Talk | Hitbsecconf |
Defending Web Applications: Strategies, methods and practices
| Shreeraj Shah | #blueteam#secure-coding#firewall+1 |
| 2003-10-01 | Talk | Blackhat |
HTTP Fingerprinting & Advanced Assessment Techniques
| Saumil Shah | #fingerprinting#blueteam#application-pentesting+2 |
| 2003-07-31 | Talk | Blackhat |
HTTP Fingerprinting & Advanced Assessment Techniques
| Saumil Shah | #fingerprinting#blueteam#application-pentesting+2 |
| 2003-02-26 | Talk | Blackhat |
HTTP: Advanced Assessment Techniques
| Saumil Shah | #fingerprinting#blueteam#application-pentesting+4 |
| 2001-04-26 | Talk | Blackhat |
Web Hacking
| Saumil Shah | #red-teaming#application-pentesting#security-testing+4 |
| 2001-02-14 | Talk | Blackhat |
Web Hacking
| Saumil Shah | #red-teaming#application-pentesting#dynamic-analysis+3 |