Hackers of India

🧪 Experimental Feature

Focus Areas are an experimental feature that groups related content by tags. This page and its functionality may change as we refine the categorization system.

📦 Software Supply Chain Security

Security of software supply chains, including dependency management, SBOM, SCA, and third-party risk management

112
Contributors
47
Talks
46
Tool Demos
8
Panels

Top Contributors

Madhu Akula(9) Akhil Mahendra(7) Akshansh Jaiswal(4) Hare Krishna Rai(4) Hritik Vijay(4)

Related Tags (15)

#Container Security(46) #Supply Chain(23) #Supply Chain Security(16) #Software Composition Analysis(15) #Supply Chain Attack(14) #Open Source Security(12) #Sca(9) #Sbom(7) #Dependency Management(6) #Third Party Risk Management(6)
Show all 15 tags...
#Vendor Security(4) #Package Security(3) #Malicious Packages(2) #Typosquatting(2) #Software Bill of Materials(1)

All Entries (101 total, sorted by date)

DateTypeConferenceTitleSpeaker(s)Tags
2025-12-11Tool demoBlackhat DepConfuse: Shielding Your Packages from Dependency Confusion Attacks Source Code Akhil Mahendra, Harsh Varagiya, Sourav Kumar, Akshansh Jaiswal#supply-chain#dependency-management#package-security+2
2025-12-11Tool demoBlackhat SupplyShield: Protecting Your Software Supply Chain Source Code Rahul Sunder, Yadhu Krishna M, Hritik Vijay, Sourav Kumar#supply-chain#sbom#software-composition-analysis+3
2025-12-10Tool demoBlackhat EKSi-lite: Simple & Lightweight EKS Cluster Listing & Security Tool Source Code Divyanshu Shukla, Anjali Singh Shukla#aws#kubernetes#cloud-security-posture-management+4
2025-12-10Tool demoBlackhat Kubernetes Goat – A Hands-on Interactive Kubernetes Security Playground Source Code Madhu Akula#kubernetes#container-security#cloud-pentesting+1
2025-12-10Tool demoBlackhat KubeShadow - Advanced Offensive Kubernetes Red-Team Framework Source Code Aashita Pandey, Binayak Choudhury#kubernetes#red-teaming#cloud-pentesting+1
2025-12-10Tool demoBlackhat OWASP EKS Goat - Hands-on AWS EKS Security Source Code Divyanshu Shukla, Anjali Singh Shukla#aws#kubernetes#container-security
2025-12-10Tool demoBlackhat Spotter – Universal Kubernetes Security Engine Source Code Madhu Akula#kubernetes#container-security#cloud-security-posture-management+1
2025-12-10Tool demoBlackhat SBOM Play Source Code Anant Shrivastava#sbom#supply-chain#vulnerability-assessment+1
2025-12-10Tool demoBlackhat Catch the Flow: Securing CI/CD Workflows with Flowlyt Source Code Hare Krishna Rai, K v Prashant, Nandan Gupta#ci-cd#supply-chain#devsecops+1
2025-12-10Tool demoBlackhat Securing Secrets from Dev Machine to Deployments Using SLV Source Code Shibly Meeran, Sriram Krishnan, Keshav Kandasamy#devsecops#cicd-security#supply-chain
2025-10-10TalkC0c0n Ghosts in Your GitHub Actions and AI’s Hunt for Hidden Exploits Source Code Suchith Narayan#supply-chain#supply-chain-attack#devsecops+1
2025-10-01Tool demoSector KubeShadow - Advanced Offensive Kubernetes Red-Team Framework Source Code Aashita Pandey, Binayak Choudhury#kubernetes#red-teaming#container-security
2025-08-07Tool demoBlackhat Kubernetes Goat - A Hands-on Interactive Kubernetes Security Playground Source Code Madhu Akula#kubernetes#cloud-workload-protection#container-security+3
2025-08-07Tool demoBlackhat Kubernetes Security Scanner Source Code Video Krishna Priya#kubernetes#cloud-workload-protection#container-security+4
2025-08-07Tool demoBlackhat Spotter – Universal Kubernetes Security Scanner & Policy Enforcer Source Code Madhu Akula#kubernetes#cloud-workload-protection#container-security+4
2025-08-06Tool demoBlackhat Varunastra: Securing the Depths of Docker V2 Source Code Devang Solanki#container-security#docker#static-analysis+3
2025-08-06TalkBlackhat When ‘Changed Files’ Changed Everything: Uncovering and Responding to the tj-actions Supply Chain Breach Presentation Whitepaper Video Varun Sharma, Ashish Kurmi#ci-cd#incident-management#devsecops+2
2025-04-30TalkRsac Got Supply Pain? A Real-World Approach to Supply Chain SDL Video Mohit Arora, Richard Tonry#secure-development#devsecops#risk-management+4
2025-04-04Tool demoBlackhat Kubernetes Goat: A Hands-on Interactive Kubernetes Security Playground Source Code Madhu Akula#kubernetes#cloud-workload-protection#container-security+4
2025-04-03Tool demoBlackhat KubeSF V1.2 - Kubernetes Security Posture Audit Suite Abhishek S, Ajith Prabhu#kubernetes#cloud-workload-protection#container-security+4
2025-04-03Tool demoBlackhat Varunastra: Securing the Depths of Docker V2 Source Code Devang Solanki, Bhavarth Karmarkar#docker#container-security#vulnerability-assessment
2025-04-03Tool demoBlackhat SupplyShield: Protecting your software supply chain Source Code Yadhu Krishna M, Akhil Mahendra, Hritik Vijay#supply-chain#sbom#sca+2
2025-04-03TalkBlackhat Determining Exploitability of Vulnerabilities with SBOM and VEX Presentation Anusha Penumacha, Srinija Kammari#sbom#supply-chain#sca+1
2025-04-03Tool demoBlackhat SCAGoat - Exploiting Damn Vulnerable and Compromised SCA Application Source Code Hare Krishna Rai, Gaurav Joshi, K v Prashant#supply-chain#supply-chain-attack#sca+1
2025-03-02TalkNullcon Kernel Conquest: Breaking Boundaries and Demystifying Kernel SU for Root Access in Azure Cloud Shell Video Alla Vamsi Krishna, Kandi Abhishek Reddy#kernel#azure#container-security+2
2025-03-02TalkNullcon Securing the chains: Building defensive layers for software supply chains Video Yadhu Krishna M, Akhil Mahendra, Hritik Vijay#blueteam#container-security#sbom+3
2025-03-02PanelNullcon Enterprise Readiness for Supply Chain Attacks Sanjay Bahl, Cassie Crossley#supply-chain-security#supply-chain-attack#third-party-risk-management+4
2025-03-02PanelNullcon Modernizing Security Architecture: Platforms or Best-of-Breed, What Works Best? Ketan Vyas, Prajal Kulkarni, Satyavathi Divadari, Srihari Kotni#security-strategy#threat-modeling#zero-trust+3
2025-03-02TalkNullcon Satellite Communications: Analyzing and Protecting Space-Based Assets Video Drishti Jain#network-pentesting#ics-security#encryption+4
2024-12-12Tool demoBlackhat GoatPen: Hack, Hone, Harden Source Code Nishant Sharma, Shantanu Kale#aws#cloud-access-security-broker#cloud-compliance+4
2024-12-11Tool demoBlackhat SCAGoat - Exploiting Damn Vulnerable SCA Application Source Code Hare Krishna Rai, Gaurav Joshi, K v Prashant#supply-chain#sca#software-composition-analysis
2024-11-21TalkSecurityfest Breaking Container Boundary Using Side Channel Attack Video Adhokshaj Mishra#container-security#docker#security-testing+1
2024-11-16TalkC0c0n We got the Shiny SBoM; what next? Presentation Anant Shrivastava#sbom#supply-chain#supply-chain-security
2024-11-16TalkC0c0n Access for Sale: Inside the World of Ransomware Affiliates and Initial Access Brokers Nihar Sawant, Jaydev Joshi#ransomware#phishing#supply-chain-security
2024-11-15TalkC0c0n [Yodha] Nightingale: Docker for Pentesters Source Code Raja Nagori#docker#security-assessment#container-security+3
2024-11-15TalkC0c0n [Yodha] SCAGoat - Software Composition Analysis (SCA) Vulnerability Exploration Tool Source Code Gaurav Joshi, Hare Krishna Rai#supply-chain#sca#software-composition-analysis
2024-10-02TalkVirusbulletin From code to crime: exploring threats in GitHub Codespaces Presentation Whitepaper Video Nitesh Surana, Jaromir Horejsi#cloud-pentesting#supply-chain-security#exploitation
2024-08-07Tool demoBlackhat RedCloud OS : Cloud Adversary Simulation Operating System Source Code Manish Gupta, Yash Bharadwaj#os#cloud-pentesting#aws+4
2024-08-07Tool demoBlackhat TrafficWardenX: OpenWRT Security & Monitoring Sampad Adhikary, Tripti Sharma#openwrt#network-monitoring#security-tools+3
2024-05-24TalkAuscert Mastering the art of Attacking and Defending a Kubernetes Cluster Video Sanjeev Mahajan#kubernetes#cloud-pentesting#container-security+1
2024-04-19Tool demoBlackhat vet: Policy Driven vetting of Open Source Software Components Source Code Abhisek Datta#supply-chain-security#open-source-security#dependency-management+1
2024-04-18Tool demoBlackhat Nightingale: Docker for Pentesters Source Code Raja Nagori#docker#application-pentesting#cloud-pentesting+3
2023-12-06Tool demoBlackhat Docker Exploitation Framework Source Code Rohit Pitke, Emmanuel Law#exploitation#container-security#docker+4
2023-12-06Tool demoBlackhat SupplyShield: Protecting your software supply chain Source Code Akhil Mahendra, Hritik Vijay#aws#supply-chain#sbom+2
2023-09-29TalkHackinparis A Tale of Credential Leak of a Popular Cloud Threat Actor Nitesh Surana#container-security#docker#threat-hunting+1
2023-09-28TalkHackinparis How to have visibility and security OF CICD ecosystem Pramod Rana#cicd-security#devsecops#architecture+4
2023-09-23TalkNullcon The Curious Case Of The Rogue SOAR Presentation Video Mukesh Sai Kumar, Jaden Furtado#blueteam#application-pentesting#dynamic-analysis+3
2023-09-23TalkNullcon Uncovering Azure’s Silent Threats: A Journey Into Cloud Vulnerabilities Presentation Video Nitesh Surana#azure#cloud-pentesting#application-hardening+4
2023-08-10TalkDefcon Attacking Vehicle Fleet Management Systems Presentation Video Yashin Mehaboobe#automotive-cybersecurity#ics-security#embedded-systems+4
2023-08-09Tool demoBlackhat CASPR - Code Trust Auditing Framework Source Code Ajit Hatti#secure-coding#code-review#secure-development+1
2023-08-07PanelC0c0n CII Protection: How can the c0c0n community contribute ? Navin Kumar Singh#security-strategy#open-source-security#threat-modeling
2023-08-06TalkC0c0n Taking a Closer Look at CI/CD Pipeline Logs: Extracting Security-Related Information with Build Inspector Video Anshu Kumar, Pavan Sorab#devsecops#ci-cd#cicd-pipeline+2
2023-08-06TalkC0c0n Securing the Future: Addressing Cybersecurity Challenges in the Age of 5G Video Altaf Shaik#zero-trust#supply-chain-security#attack-surface+4
2023-05-11Tool demoBlackhat Kubernetes Goat: Interactive Kubernetes Security Learning Playground Source Code Madhu Akula#kubernetes#cloud-workload-protection#container-security+4
2023-05-11Tool demoBlackhat Nightingale: Docker for Pentesters Source Code Raja Nagori#docker#application-pentesting#container-security+4
2023-03-23TalkInsomnihack How to have visibility and security OF CICD ecosystem Video Pramod Rana#ci-cd#devsecops#supply-chain-security+3
2022-12-07Tool demoBlackhat Patronus: Swiss Army Knife SAST Toolkit Source Code Akhil Mahendra, Akshansh Jaiswal, Ashwin Shenoi#sast#software-composition-analysis#asset-inventory+1
2022-09-23TalkC0c0n Common Misconfigurations in your Kubernetes Cluster and What can you do about it? Kumar Ashwin#kubernetes#cloud-workload-protection#container-security+4
2022-09-08TalkNullcon Hack the Source: Securing Open Source Software – One bug at a time Video Sandeep Singh, Laurie Mercer#open-source-security#supply-chain#code-review+4
2022-09-07TalkNullcon Scale hacking to secure your cloud and beyond Video Anand Prakash#cloud-pentesting#cloud-security-posture-management#container-security+4
2022-09-07TalkNullcon Unearthing Malicious And Other “Risky” Open-Source Packages Using Packj Presentation Video Devdutt Patnaik, Ashish Bijlani#open-source-security#supply-chain#supply-chain-attack+3
2022-09-06PanelNullcon IoT Supply Chain Blues and the way forward Video Aseem Jakhar, Kedar Sovani, Anantharaman Iyer, Suvabrata Sinha, Sudarshan Rajagopal, Sachin Jain#iot-device-management#iot-pentesting#supply-chain-security+3
2022-08-11Tool demoBlackhat Patronus: Swiss Army Knife SAST Toolkit Source Code Akhil Mahendra, Akshansh Jaiswal, Ashwin Shenoi#sast#software-composition-analysis#asset-inventory+4
2022-08-10Tool demoBlackhat AzureGoat : A Damn Vulnerable Azure Infrastructure Source Code Jeswin Mathai, Nishant Sharma, Rachna Umaraniya#azure#cloud-pentesting#cloud-workload-protection+3
2022-08-10Tool demoBlackhat CASPR - Code Trust Audit Framework Source Code Ajit Hatti#secure-coding#secure-development#security-tools+3
2022-05-12Tool demoBlackhat Nightingale: Docker for Pentesters Source Code Raja Nagori#docker#application-pentesting#container-security+4
2022-05-12Tool demoBlackhat Mitigating Open Source Software Supply Chain Attacks Source Code Ajinkya Rajput, Ashish Bijlani#open-source-security#supply-chain#supply-chain-attack+3
2022-05-12Tool demoBlackhat Patronus: Swiss Army Knife SAST Toolkit Source Code Akhil Mahendra, Akshansh Jaiswal, Ashwin Shenoi#sast#software-composition-analysis#secure-development+1
2022-04-08TalkNullcon Bheem OS - A next-generation reasonably secure OS using Rust MicroVM Video Akram Ansari, Subash Sn#os#virtual-machine#container-security+3
2021-11-13TalkC0c0n Third Party Risk Management Mahesh Kalyanaraman#risk-management#compliance-governance#supply-chain+2
2021-11-12TalkC0c0n 2021 Supply Chain Attacks Analysis Ajit Hatti#incident-management#risk-management#supply-chain+1
2021-11-11Tool demoBlackhat Kubernetes Goat: Interactive Kubernetes Security Learning Playground Source Code Madhu Akula#kubernetes#cloud-workload-protection#container-security+4
2021-11-10Tool demoBlackhat Kubestriker: A Blazing Fast Security Auditing Tool Source Code Vasant Kumar#kubernetes#cloud-workload-protection#container-security+3
2021-08-04Tool demoBlackhat Kubestriker: A Blazing Fast Kubernetes Security Auditing Tool Source Code Pralhad Chaskar, Vasant Kumar#kubernetes#cloud-workload-protection#container-security+4
2020-12-10TalkBlackhat Effective Vulnerability Discovery with Machine Learning Presentation Video Asankhaya Sharma, Ming Yi Ang#security-assessment#machine-learning#software-composition-analysis+4
2020-10-02Tool demoBlackhat Phishing Simulation Assessment Source Code Jyoti Raval#phishing#blueteam#social-engineering+3
2020-09-18TalkC0c0n Kubernetes Goat - Vulnerable by Design Kubernetes Cluster Environment Source Code Video Madhu Akula#kubernetes#red-teaming#cloud-workload-protection+3
2020-03-07PanelNullcon Supply Chain Security In Critical Infrastructure Systems Video Manish Tiwari, Suchit Mishra, Faruk Kazi, Cristofaro Mune#supply-chain-attack#supply-chain-security#critical-infrastructure+3
2019-11-01TalkAppsecdayaustralia Protecting the Damned: Deploying Insecure Applications at Scale Video Vivek Ramachandran#blueteam#container-security#docker+3
2019-09-27TalkC0c0n Doing SecOps for the Cloud using Cloud Native Services Akash Mahajan#blueteam#cloud-workload-protection#container-security+3
2019-09-27TalkC0c0n Security @scale for startups Shivanath Somanathan#devsecops#secure-development#software-security+2
2019-08-10Tool demoDefcon Local Sheriff Source Code Konark Modi#reconnaissance#blueteam#data-leak+3
2019-08-08Tool demoBlackhat CSF: Container Security Framework Source Code Vaibhav Gupta#blueteam#container-security#docker+2
2019-03-28Tool demoBlackhat MLsploit: A Cloud-Based Framework for Adversarial Machine Learning Research Source Code Nilaksh Das, Evan Yang, Li Chen#machine-learning#blueteam#ai-security+4
2018-10-19TalkAppsecdayaustralia Continuous Integration and Delivery with Docker Containers Video Vasant Kumar#docker#blueteam#container-security+4
2018-09-27TalkRootcon Bug Bounty Hunting on Steroids Presentation Video Anshuman Bhartiya#bug-hunting#bug-bounty#security-tools+3
2018-08-11Tool demoDefcon HealthyPi—Connected Health Source Code Ashwin Whitchurch#raspberry-pi#hardware-embedded#embedded-systems+4
2018-08-10TalkDefcon Building visualisation platforms for OSINT data using open source solutions Video Bharath Kumar, Madhu Akula#security-analytics#threat-hunting#osint+3
2018-08-10TalkDefcon AN OSINT APPROACH TO THIRD PARTY CLOUD SERVICE PROVIDER EVALUATION Presentation Video Lokesh Pidawekar#third-party-risk-management#supply-chain#vendor-security
2018-03-03PanelNullcon Forensic Challenges and Road Ahead Video Manu Zacharia, Brijesh Singh, Sanjay Bahl, Vladimir Katalov#data-leak#data-protection#forensics+4
2018-03-01TalkNullcon Breaking Into Container Orchestrators Presentation Nadeem Hussain#red-teaming#cloud-workload-protection#container-security+2
2018-03-01TalkNullcon Software Supply Chain Cyberattack Presentation Samiran Ghatak#red-teaming#cyberattack#supply-chain-attack+1
2017-03-04PanelNullcon Challenges in securing the cloud Vinayak Hegde, Manish Tiwari, Subramanian Kumar, David Lenoe, Lucas Moody#cloud-access-security-broker#cloud-compliance#cloud-monitoring+4
2016-08-19TalkC0c0n App Sec in the Time of Docker Containers Akash Mahajan#docker#application-pentesting#container-security+4
2015-09-24TalkAppsecusa QARK: Android App Exploit and SCA Tool Video Tushar Dalvi, Tony Trummer#android-security#sca#software-composition-analysis
2015-02-07PanelNullcon Startup panel – Make in India Aseem Jakhar, Radha Shelat, Sumit D Chowdhury, Shomiron Das Gupta, Sastry Tumuluri, Shiju Sathyadevan#security-strategy#cybersecurity-framework#business-resilience+4
2013-08-16TalkUsenix Building Securable Infrastructure: Open-Source Private Clouds Video Pravir Chandra#cloud-pentesting#architecture#open-source-security
2012-02-15TalkNullcon Open source revolution :Need Hardware - Software marriage Venkatesh#embedded-systems#hardware-embedded#open-source-security
2011-10-08TalkC0c0n Stratagemizing Security Against Perpetrators In Cloud Infrastructure K S Abhiraj#blueteam#cloud-security-posture-management#cloud-pentesting+4
2010-12-04TalkClubhack Ultimate Pen Test – Compromising a highly secure environment Presentation Nikhil Mittal#security-assessment#social-engineering#application-pentesting+4
2009-12-05TalkClubhack Indian IT Act 2000 vs 2009 Presentation Rohas Nagpal#cyber-law#embedded-systems#firmware-analysis+4