| 2025-08-07 | Tool demo | Blackhat |
Spotter β Universal Kubernetes Security Scanner & Policy Enforcer
| Madhu Akula | #kubernetes#cloud-workload-protection#container-security+4 |
| 2025-08-06 | Tool demo | Blackhat |
Damn Vulnerable Browser Extension (DVBE): Unmask the risks of your Browser Supplements
| Abhinav Khanna, Krishna Chaganti | #web-security#secure-coding#security-assessment+2 |
| 2025-08-06 | Tool demo | Blackhat |
ParseAndC 4.0 - The Final Cut
| Parbati Kumar Manna | #reverse-engineering#binary-analysis#code-analysis+4 |
| 2025-04-03 | Talk | Blackhat |
ObfusQate: Where Quantum Magic Meets Code Security β Say Goodbye to Easy Cracking!
| Vivek Balachandran, Nikhil Bartake, Zi Jie See Toh, Michael Kasper | #secure-coding#quantum-computing#software-security |
| 2025-03-02 | Talk | Nullcon |
Building Glitch-Resistant Firmware: Practical Software Countermeasures for Hardware glitch attacks
| Shyam Kumar Arshid, Chinmay Krishna | #embedded-security#firmware-analysis#secure-coding+1 |
| 2025-03-02 | Panel | Nullcon |
From Code to Defense: Why Developers Are the New Security Leaders
| Vaibhav Gupta, Vikas Goyal, Hilal Lone, Gene Golovinsky | #secure-development#secure-coding#security-testing+3 |
| 2025-03-02 | Talk | Nullcon |
Hidden in Plain Sight: Large-Scale Exposure of Orphaned Commits on Major Git Platforms
| Kumar Ashwin | #secure-coding#devsecops#architecture |
| 2025-03-01 | Talk | Nullcon |
Drawing parallels between iOS and macOS Pentesting with DVMA
| Vaibhav Lakhani | #macos#ios#application-pentesting+3 |
| 2024-11-15 | Talk | C0c0n |
PCI 4.0, Javascript Security for product security teams
| Anand Kumar Ganesan, Mohammad Arif | #web-security#secure-coding#application-pentesting+2 |
| 2024-10-23 | Tool demo | Blackhat |
Cyber Arsenal47
| Simardeep Singh | #automated-scanning#vulnerability-assessment#security-assessment+2 |
| 2024-09-26 | Talk | Rootcon |
How to have visibility and security OF CICD ecosystem
| Pramod Rana | #ci-cd#application-hardening#cicd-pipeline+4 |
| 2024-08-09 | Talk | Defcon |
Breaking Secure Web Gateways (SWG) for Fun and Profit
| Vivek Ramachandran, Jeswin Mathai | #ssl#application-pentesting#secure-coding+3 |
| 2024-04-18 | Tool demo | Blackhat |
Secure Local Vault - Git Based Secret Manager
| Sriram Krishnan, Shibly Meeran | #blueteam#application-hardening#secure-coding+2 |
| 2023-09-23 | Talk | Nullcon |
Secure Coding: Fix From The Root
| Saddam Hussain, Gopika Subramanian | #secure-coding#application-pentesting#code-review+4 |
| 2023-08-25 | Tool demo | Hitbsecconf |
iGoat
| Swaroop Yermalkar | #ios#application-pentesting#secure-coding+3 |
| 2023-08-09 | Tool demo | Blackhat |
CASPR - Code Trust Auditing Framework
| Ajit Hatti | #secure-coding#code-review#secure-development+1 |
| 2023-08-07 | Talk | C0c0n |
Smart Contract Phishing : Attack & Defense
| Tejaswa Rastogi | #smart-contracts#phishing#secure-coding+1 |
| 2023-08-06 | Talk | C0c0n |
Mitigating SSRF at scale the right way with IMDSv2!
| Ayush Priya | #web-security#api-security#aws+2 |
| 2023-08-06 | Talk | C0c0n |
The new way to be secure
| Sakshi Bhutani | #secure-development#devsecops#software-security+3 |
| 2023-05-12 | Tool demo | Blackhat |
SCodeScanner - An Open-Source Source-Code Scanner
| Utkarsh Agrawal | #code-review#static-analysis#sast+2 |
| 2023-05-11 | Tool demo | Blackhat |
CASPR - Code Trust Auditing Framework
| Atharva Chincholkar, Srishti Chaubey | #secure-coding#application-pentesting#code-review+4 |
| 2023-03-09 | Panel | Nullcon |
How to make security easier for your developers
| Santosh Yadav, Frida Kiriakos, Marie Theresa Brosig, Xavier Rene Corail | #secure-development#security-testing#secure-coding+3 |
| 2023-01-26 | Talk | Usenix |
Building an Automated Machine for Discovering Privacy Violations at Scale
| Suchakra Sharma | #static-analysis#secure-coding#data-protection+2 |
| 2022-09-24 | Talk | C0c0n |
Raining CVEs on Wordpress plugins with Semgrep
| Shreya Pohekar, Syed Sheeraz Ali | #web-security#static-analysis#sast+1 |
| 2022-09-23 | Talk | C0c0n |
Hacking SmartContracts
| Anto Joseph | #smart-contracts#reverse-engineering#secure-coding |
| 2022-09-08 | Talk | Nullcon |
Pushing Security Left By Mutating Byte Code
| Gaurav Gogia | #secure-coding#application-hardening#static-analysis+1 |
| 2022-09-08 | Talk | Nullcon |
Raining CVEs On WordPress Plugins With Semgrep
| Shreya Pohekar, Syed Sheeraz Ali | #static-analysis#code-review#secure-coding+3 |
| 2022-09-08 | Talk | Nullcon |
Web3.0 - Smart Contracts Could Be Leaky
| Riddhi Shree | #smart-contracts#web3#decentralized-systems+3 |
| 2022-09-06 | Panel | Nullcon |
Securing the Software
| Mrudul Uchil, Abhisek Datta, Harish Goel, Matthew Bohne | #software-security#secure-development#security-testing+3 |
| 2022-08-12 | Talk | Defcon |
Stop worrying about Nation-States and Zero-Days; let’s fix things that have been known for years
| Vivek Ponnada | #secure-coding#devsecops#owasp |
| 2022-08-11 | Tool demo | Blackhat |
Patronus: Swiss Army Knife SAST Toolkit
| Akhil Mahendra, Akshansh Jaiswal, Ashwin Shenoi | #sast#software-composition-analysis#asset-inventory+4 |
| 2022-08-10 | Tool demo | Blackhat |
CASPR - Code Trust Audit Framework
| Ajit Hatti | #secure-coding#secure-development#security-tools+3 |
| 2021-11-13 | Talk | C0c0n |
Server-side javascript Injection
| Kavisha Sheth | #web-security#secure-coding#web-pentesting |
| 2021-11-11 | Tool demo | Blackhat |
Kubernetes Goat: Interactive Kubernetes Security Learning Playground
| Madhu Akula | #kubernetes#cloud-workload-protection#container-security+4 |
| 2021-10-15 | Talk | Rootcon |
The Curious case of knowing the unknown
| Vandana Verma Sehgal | #secure-coding#devsecops#software-security |
| 2021-08-27 | Talk | Hitbsecconf |
Securing Webviews and The Story Behind CVE-2021β21136
| Shiv Sahni, Imdadullah Mohammed | #android-security#secure-coding#security-testing+2 |
| 2021-08-08 | Talk | Defcon |
AppSec 101: A Journey from Engineer to Hacker
| Arjun Gopalakrishna | #secure-coding#security-assessment#ethical-hacking+2 |
| 2021-08-08 | Talk | Defcon |
Top 20 Secure PLC Coding Practices
| Vivek Ponnada, Sarah Fluchs | #ics-security#secure-coding#control-systems+1 |
| 2021-05-06 | Tool demo | Blackhat |
Demystifying the State of Kubernetes Cluster Security - The Cloud Native Way
| Vasant Kumar, Rupali Dash | #kubernetes#audit#secure-coding+1 |
| 2021-05-06 | Tool demo | Blackhat |
FalconEye: Windows Process Injection Techniques - Catch Them All
| Rajiv Kulkarni, Sushant Paithane | #windows#process-injection#blueteam+1 |
| 2020-12-10 | Talk | Blackhat |
Effective Vulnerability Discovery with Machine Learning
| Asankhaya Sharma, Ming Yi Ang | #security-assessment#machine-learning#software-composition-analysis+4 |
| 2020-09-18 | Talk | C0c0n |
Introducing SniperPhish: A Web-Email Spear Phishing Toolkit
| Sreehari Haridas, Gem George | #phishing#application-pentesting#security-development-lifecycle+4 |
| 2020-09-18 | Talk | C0c0n |
Web Application hacking with WebZGround
| Parveen Yadav, Narendra Kumar | #web-security#web-pentesting#security-assessment+3 |
| 2020-03-06 | Tool demo | Nullcon |
VyAPI
| Riddhi Shree | #secure-coding#aws#amazon-cognito+3 |
| 2020-03-06 | Tool demo | Nullcon |
Wolverine
| Furqan Khan, Siddharth Anbalahan | #linux#secure-coding#web-security+3 |
| 2019-12-04 | Tool demo | Blackhat |
AutoMacTC: Finding Worms in Apple Orchards - Using AutoMacTC for macOS Incident Response
| Kshitij Kumar, Jai Musunuri | #macos#secure-coding#forensics+1 |
| 2019-09-27 | Talk | C0c0n |
autoSource an automated framework for Source Code Review
| Malkit Singh | #code-review#secure-coding#static-analysis+3 |
| 2019-09-27 | Talk | C0c0n |
Golang for Pentesters / RedTeamers
| Anant Shrivastava | #security-assessment#red-teaming#secure-coding |
| 2019-09-27 | Talk | C0c0n |
Serverless SOAR
| Sabyasachi Dhal, Suresh Sharma | #secure-coding#security-assessment#serverless+4 |
| 2019-09-27 | Talk | C0c0n |
VyAPI - The Vulnerable Hybrid Android App
| Riddhi Shree | #secure-coding#aws#amazon-cognito+3 |
| 2019-08-30 | Talk | Hitbsecconf |
COMMSEC: PErfidious: Make PE Backdooring Great Again!
| Shreyans Doshi | #secure-coding#red-teaming#blueteam+1 |
| 2019-08-08 | Talk | Blackhat |
Preventing Authentication Bypass: A Tale of Two Researchers
| Ravi Jaiswal, Terry Zhang, Ron Chan | #security-development-lifecycle#identity-management#authentication+4 |
| 2019-08-07 | Tool demo | Blackhat |
SASTRI: Plug and Play VM for SAST/Static Application Security Testing Realtime Integration/
| Rushikesh D Nandedkar, Lalit Bhandari | #security-assessment#virtual-machine#application-hardening+4 |
| 2019-03-28 | Talk | Blackhat |
DevSecOps : What, Why and How
| Anant Shrivastava | #devsecops#secure-coding#ci-cd+3 |
| 2019-03-28 | Tool demo | Blackhat |
Kurukshetra: Playground for Interactive Security Learning
| Anirudh Anand, Mohan Kallepalli, Ankur Bhargava | #secure-coding#blueteam#application-pentesting+4 |
| 2019-03-28 | Tool demo | Blackhat |
pytm: A Pythonic Framework for Threat Modeling
| Rohit Shambhuni, Izar Tarandach | #secure-coding#threat-modeling#red-teaming |
| 2019-03-02 | Panel | Nullcon |
The Myth of Sisyphus Secure Product Development
| Bipin Upadhyay, Minatee Mishra, Neelu Tripathy, Vaibhav Gupta, Vishal Sahani | #secure-development#secure-coding#security-testing+3 |
| 2019-02-28 | Talk | Nullcon |
Andromeda - GUI based Dynamic Instrumentation Toolkit powered by Frida
| Shivang Desai | #secure-coding#security-assessment#dynamic-analysis+4 |
| 2019-02-28 | Talk | Nullcon |
Building Hardened IoT Implementations with LangSec
| Prashant Anantharaman | #blueteam#secure-development#input-validation+4 |
| 2018-12-05 | Tool demo | Blackhat |
Kurukshetra: Playground for Interactive Security Learning
| Anirudh Anand, Mohan Kallepalli | #secure-coding#blueteam#application-hardening+4 |
| 2018-10-19 | Talk | Appsecdayaustralia |
Continuous Integration and Delivery with Docker Containers
| Vasant Kumar | #docker#blueteam#container-security+4 |
| 2018-10-05 | Talk | C0c0n |
DomGoat - the DOM Security Playground
| Lavakumar Kuppan | #xss#web-security#input-validation+4 |
| 2018-09-27 | Talk | Rootcon |
Defending cloud Infrastructures with Cloud Security Suite
| Shivankar Madaan | #aws#secure-coding#web-security+2 |
| 2018-09-12 | Talk | 44con |
Make ARM Shellcode Great Again
| Saumil Shah | #arm#embedded-systems#security-tools+3 |
| 2018-08-16 | Talk | Usenix |
Man-in-the-Machine: Exploiting Ill-Secured Communication Inside the Computer
| Siddharth Rao, Thanh Bui, Markku Antikainen, Viswanathan Manihatty Bojan, Tuomas Aura | #security-assessment#architecture#application-hardening+4 |
| 2018-08-11 | Tool demo | Defcon |
Halcyon IDE
| Sanoop Thomas | #reconnaissance#red-teaming#nmap+1 |
| 2018-08-11 | Tool demo | Defcon |
Sh00tβAn open platform for manual security testers & bug hunters
| Pavan Mohan | #security-assessment#bug-hunting#secure-coding+1 |
| 2018-08-08 | Tool demo | Blackhat |
AutoMacTC: Finding Worms in Apple Orchards - Using AutoMacTC for macOS Incident Response
| Kshitij Kumar, Jai Musunuri | #macos#secure-coding#forensics+1 |
| 2018-08-08 | Tool demo | Blackhat |
Halcyon IDE: For Nmap Script Developers
| Sanoop Thomas | #reconnaissance#red-teaming#nmap+1 |
| 2018-08-08 | Tool demo | Blackhat |
SCoDA: Smart COntract Defender and Analyzer
| Ajit Hatti | #blueteam#secure-coding#smart-contracts+4 |
| 2018-05-13 | Talk | Defcon |
Androsia: Securing ‘Data in Process’ for your Android Apps
| Samit Anwer | #android#blueteam#android-security+4 |
| 2018-03-22 | Tool demo | Blackhat |
Androsia - A Step Ahead in Securing Sensitive In-Memory Android Application Data
| Samit Anwer | #android#blueteam#application-hardening+4 |
| 2018-03-22 | Talk | Blackhat |
XOM-switch: Hiding Your Code from Advanced Code Reuse Attacks In One Shot
| Ravi Sahita, Daiping Liu, Mingwei Zhang | #blueteam#application-hardening#code-review+4 |
| 2017-10-05 | Talk | Brucon |
Races, Reaches and Rescues!!! (Race condition vulnerabilities revisited)
| Rushikesh D Nandedkar, Sampada Nandedkar | #vulnerability-assessment#security-assessment#secure-coding+1 |
| 2017-09-21 | Talk | Appsecusa |
Androsia: A tool for securing in memory sensitive data
| Samit Anwer | #android-security#static-analysis#secure-coding |
| 2017-09-21 | Talk | Appsecusa |
iGoat β A Self Learning Tool for iOS App Pentesting and Security
| Swaroop Yermalkar | #ios#application-pentesting#ios-security+4 |
| 2017-08-18 | Talk | C0c0n |
Androsia: A tool for securing in memory sensitive data
| Samit Anwer | #secure-coding#android#security-assessment |
| 2017-08-18 | Talk | C0c0n |
iGoat β A Self Learning Tool for iOS App Pentesting and Security
| Swaroop Yermalkar | #ios#security-assessment#blueteam+1 |
| 2017-07-30 | Tool demo | Blackhat |
Yasuo
| Saurabh Harit | #secure-coding#red-teaming#blueteam+3 |
| 2017-07-27 | Tool demo | Blackhat |
Fuzzapi - Fuzzing Your RESTAPIs Since Yesterday
| Lalith Rallabhandi, Abhijeth Dugginapeddi, Srinivas Rao | #fuzzing#rest-api#security-assessment+1 |
| 2017-07-27 | Tool demo | Blackhat |
Gibber Sense
| Ajit Hatti | #secure-coding#reconnaissance#encryption+3 |
| 2017-07-26 | Tool demo | Blackhat |
Devknox - Autocorrect Security Issues from Android Studio
| Subho Halder | #android#code-analysis#secure-coding |
| 2017-03-30 | Tool demo | Blackhat |
Devknox - Autocorrect Security Issues from Android Studio
| Subho Halder | #android#code-analysis#secure-coding |
| 2017-03-03 | Talk | Nullcon |
DevOpSec: Rapid Security in the Cloud with AWS and CIS
| Mikhail Advani, Rajesh Tamhane | #devsecops#aws#cloud-compliance+4 |
| 2016-11-04 | Tool demo | Blackhat |
Yasuo
| Saurabh Harit | #secure-coding#red-teaming#blueteam+3 |
| 2016-10-14 | Talk | Appsecusa |
Automating API Penetration Testing using fuzzapi
| Abhijeth Dugginapeddi, Lalith Rallabhandi | #fuzzing#api-security#application-pentesting+4 |
| 2016-10-14 | Talk | Appsecusa |
DevOps to DevSecOps: a 2-dimensional view of security for DevOps
| Sanjeev Sharma | #application-hardening#secure-coding#security-development-lifecycle+3 |
| 2016-10-13 | Talk | Appsecusa |
Lightning Talk - Demystifying Windows Application
| Rupali Dash | #windows#application-hardening#secure-coding+4 |
| 2016-10-13 | Talk | Appsecusa |
When encryption is not enough: Attacking Wearable - Mobile Application communication over BLE
| Sumanth Naropanth, Kavya Racharla, Chandra Prakash Gopalaiah | #reverse-engineering#secure-development#ble+4 |
| 2016-09-23 | Talk | Rootcon |
Halcyon β A Faster Way to Build Custom Scripts for Nmap Scans
| Sanoop Thomas | #secure-coding#reconnaissance#red-teaming+1 |
| 2016-08-04 | Tool demo | Blackhat |
Droid-FF: Android Fuzzing Framework
| Anto Joseph | #android#fuzzing#secure-coding+1 |
| 2016-08-04 | Tool demo | Blackhat |
Maltese (Malware Traffic Emulating Software)
| Sasi Siddharth | #dns#secure-coding#malware-detection+2 |
| 2016-08-03 | Tool demo | Blackhat |
Android-InsecureBankv2
| Dinesh Shetty | #android#red-teaming#application-pentesting+4 |
| 2016-05-26 | Talk | Hitbsecconf |
HITB Lab: Mobile Application Security for iOS and Android
| Tushar Dalvi, Tony Trummer | #android#ios#security-assessment+2 |
| 2016-03-15 | Talk | Groundzerosummit |
Web App Security
| Harpreet Singh, Himanshu Sharma, Nipun Jaswal | #web-security#api-security#secure-coding+3 |
| 2015-11-13 | Talk | Blackhat |
Continuous Intrusion: Why CI tools are an Attacker’s Best Friends
| Nikhil Mittal | #red-teaming#ci-cd#application-pentesting+4 |
| 2015-11-05 | Talk | Groundzerosummit |
XSS - The art of evading web application filters!
| Anirudh Anand | #xss#application-pentesting#input-validation+2 |
| 2015-08-05 | Tool demo | Blackhat |
PixelCaptcha: A unicode based captcha scheme
| Gursev Singh Kalra | #secure-coding#application-hardening#input-validation+3 |
| 2015-08-01 | Talk | C0c0n |
NoPo - The NoSQL HoneyPot Framework
| Francis Alexander | #secure-coding#application-pentesting#security-testing+2 |
| 2015-05-26 | Talk | Phdays |
Invisible Backdoors In Your Code
| Debasis Mohanty | #blueteam#code-review#secure-coding+4 |
| 2014-11-21 | Talk | Deepsec |
Mobile SSL Failures
| Tushar Dalvi, Tony Trummer | #ssl#android-security#ios-security+3 |
| 2014-11-13 | Talk | Groundzerosummit |
Cyber ‘BrahMos’ - Static analysis driven secure coding
| Joy Sen | #secure-coding#static-analysis#sast+4 |
| 2014-08-22 | Talk | C0c0n |
My tryst with Source Code Review
| Anant Shrivastava | #code-review#secure-coding#security-testing |
| 2014-08-22 | Talk | C0c0n |
Still Single with a bleeding heart (Tool Release)
| Tamaghna Basu | #secure-development#application-pentesting#secure-coding+1 |
| 2014-06-23 | Talk | Hackinparis |
Pentesting NoSQL DB’s with NoSQL Exploitation Framework
| Francis Alexander | #secure-coding#security-assessment#application-pentesting+4 |
| 2014-02-14 | Talk | Nullcon |
Attack of the setuid bit - pt_chown and pwning root terminals
| Siddhesh Poyarekar | #glibc#red-teaming#blueteam+2 |
| 2013-11-21 | Talk | Appsecusa |
Wassup MOM? Owning the Message Oriented Middleware
| Gursev Singh Kalra | #api-security#secure-coding#application-pentesting |
| 2013-11-20 | Talk | Appsecusa |
Why is SCADA Security an Uphill Battle?
| Amol Sarwate | #scada#application-pentesting#application-hardening+4 |
| 2013-09-27 | Talk | C0c0n |
Infiltrating the Intranet with Skanda
| Jayesh Chauhan | #red-teaming#secure-coding#ethical-hacking+1 |
| 2013-09-27 | Talk | C0c0n |
Snake Bites
| Anant Shrivastava | #secure-coding#security-assessment#xss |
| 2013-09-27 | Talk | C0c0n |
Static analysis of malware with PyTriage
| Yashin Mehaboobe | #secure-coding#static-analysis#dynamic-analysis+2 |
| 2013-08-01 | Tool demo | Blackhat |
Sparty
| Aditya K Sood | #secure-coding#audit#blueteam |
| 2013-08-01 | Tool demo | Blackhat |
XENOTIX xBOT
| Ajin Abraham | #botnet#linux#windows+3 |
| 2013-07-31 | Talk | Blackhat |
Javascript static security analysis made easy with JSPrime
| Nishant Das Patnaik, Sarathi Sabyasachi Sahoo | #web-security#blueteam#application-hardening+4 |
| 2012-12-06 | Talk | Blackhat |
The art of exploiting logical flaws in web apps
| Sumit Siddharth, Richard Dean | #red-teaming#secure-coding#application-pentesting+1 |
| 2012-12-01 | Talk | Clubhack |
Content-Type attack -Dark hole in the secure environment
| Raman Gupta | #red-teaming#application-pentesting#pdf+3 |
| 2012-12-01 | Talk | Clubhack |
FatCat Web Based SQL Injector
| Sandeep Kamble | #sqli#red-teaming#input-validation+4 |
| 2012-12-01 | Talk | Clubhack |
XSSshell
| Vandan Joshi | #xss#application-pentesting#code-review+4 |
| 2012-11-07 | Award | |
Cross Site Port Attack (XSPA)
| Riyaz Walikar | #application-pentesting#security-testing#dynamic-analysis+3 |
| 2012-10-26 | Talk | Appsecusa |
The 7 Qualities of Highly Secure Software
| Mano Paul | #secure-development#software-security#secure-coding+3 |
| 2012-10-26 | Talk | Appsecusa |
XSS & CSRF with HTML5 - Attack, Exploit and Defense
| Shreeraj Shah | #xss#csrf#dynamic-analysis+3 |
| 2012-09-28 | Talk | Nullcon |
Alert(/xss/) - How to catch an XSS before someone exploits / reports it?
| Ahamed Nafeez | #web-security#xss#secure-coding+2 |
| 2012-08-03 | Talk | C0c0n |
Evil JavaScript
| Bishan Singh | #red-teaming#web-security#application-pentesting+4 |
| 2012-03-15 | Talk | Nullcon |
An App(le) a day keeps the wallet away
| Antriksh Shah | #security-assessment#web-security#api-security+1 |
| 2011-12-04 | Talk | Clubhack |
DOM XSS β Encounters of the 3rd Kind
| Bishan Singh | #xss#red-teaming#secure-coding+4 |
| 2011-09-07 | Talk | Securitybyte |
Mobile Devices β Boon or Curse?
| Kishor Sonawane, Oliver Ng | #mobile-device-management#mobile-application-management#application-hardening+4 |
| 2011-09-06 | Talk | Securitybyte |
Application Security Strategies
| K K Mookhey | #secure-coding#secure-development#web-security+3 |
| 2011-09-06 | Talk | Securitybyte |
Enabling Un-trusted Mashups
| Bishan Singh | #web-security#xss#csrf+4 |
| 2010-11-25 | Talk | Deepsec |
Developers are from Mars, Compliance Auditors are from Venus
| Neelay S Shah | #security-compliance#security-governance#risk-management+4 |
| 2010-08-01 | Talk | C0c0n |
Code Disclosure over HTTP
| Anant Kochhar | #red-teaming#application-hardening#code-review+4 |
| 2010-08-01 | Talk | C0c0n |
Last line of defense - Host Intrusion Prevention and Secure application development.
| Avinash Shenoi | #blueteam#application-hardening#secure-coding+3 |
| 2010-08-01 | Talk | C0c0n |
Writing x86 ShellCode & Secure Self Modifying code and Cross Platform Programming - A Security Angle
| Praseed Pai | #windows#red-teaming#secure-coding |
| 2010-07-30 | Talk | Defcon |
Hacking Oracle From Web Apps
| Sumit Siddharth | #sql-injection#application-pentesting#security-testing+2 |
| 2010-04-14 | Talk | Blackhat |
Attacking JAVA Serialized Communication
| Manish Saindane | #secure-coding#red-teaming#security-assessment |
| 2010-02-25 | Talk | Nullcon |
Penetration Testing versus Source Code
| Nikhil Wagholikar | #security-assessment#code-analysis#application-pentesting+4 |
| 2009-12-05 | Talk | Clubhack |
Revealing the Secrets: Source Code Disclosure, Techniques and Impacts
| Anant Kochhar | #secure-development#secure-coding#code-review+2 |
| 2009-12-04 | Talk | Clubhack |
Facilitate Collaboration with Information Rights Management
| Abhijit Tannu | #information-rights-management#data-protection#application-hardening+4 |
| 2009-11-19 | Talk | Deepsec |
Top 10 Security Issues Developers Don’t Know About
| Neelay S Shah | #secure-coding#devsecops#software-security+2 |
| 2009-11-17 | Talk | Securitybyte |
Applications - The new cyber security frontier
| Mano Paul | #secure-development#devsecops#software-security+2 |
| 2009-05-19 | Talk | Syscan |
Securing Enterprise Applications
| Shreeraj Shah | #web-security#ajax#xss+4 |
| 2008-12-06 | Talk | Clubhack |
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA’s and Caching
| Karmendra Kohli | #secure-development#secure-coding#blueteam+1 |
| 2008-12-06 | Talk | Clubhack |
Reverse Engineering v/s Secure Coding
| Atul Alex | #secure-coding#reverse-engineering#red-teaming+2 |
| 2008-10-29 | Talk | Hitbsecconf |
Top 10 Web 2.0 Attacks
| Shreeraj Shah | #web-security#ajax#xss+4 |
| 2008-10-22 | Talk | Hacklu |
Browser Exploits - A new model for Browser security
| Saumil Shah | #red-teaming#application-hardening#browser-security+4 |
| 2008-08-20 | Talk | Owaspappsecindia |
Application Security Trends & Challenges
| Kamlesh Bajaj | #owasp#appsec#secure-development+4 |
| 2008-08-20 | Talk | Owaspappsecindia |
Building Enterprise AppSec Program
| Nish Bhalla | #appsec#secure-development#security-testing+4 |
| 2008-08-20 | Talk | Owaspappsecindia |
Web Application Security: Too Costly To Ignore
| Rajesh Nayak | #appsec#blueteam#application-hardening+4 |
| 2008-04-16 | Talk | Hitbsecconf |
Securing Next Generation Applications Γ’β¬β Scan, Detect and Mitigate
| Shreeraj Shah | #web-security#ajax#xss+4 |
| 2007-12-09 | Talk | Clubhack |
Hacking Web 2.0 Art and Science of Vulnerability Detection
| Shreeraj Shah | #red-teaming#application-pentesting#dynamic-analysis+4 |
| 2007-12-09 | Talk | Clubhack |
Subtle Security flaws: Why you must follow the basic principles of software security
| Varun Sharma | #blueteam#software-security#secure-coding+4 |
| 2007-03-30 | Talk | Blackhat |
Web Service Vulnerabilities
| Nish Bhalla | #blueteam#purpleteam#application-pentesting+4 |
| 2006-09-21 | Talk | Hitbsecconf |
Finding Secrets in ISAPI
| Nish Bhalla | #secure-coding#reverse-engineering#application-pentesting+4 |
| 2006-08-02 | Talk | Blackhat |
SQL Injections by Truncation
| Bala Neerumalla | #web-security#sql-injection#secure-coding |
| 2006-08-01 | Talk | Blackhat |
Writing Metasploit Plugins - from Vulnerability to Exploit
| Saumil Shah | #metasploit#exploit-development#secure-coding+2 |
| 2006-01-26 | Talk | Blackhat |
Analysis of Adversarial Code: Problem, Challenges, Results
| Arun Lakhotia | #secure-coding#blueteam#static-analysis+1 |
| 2005-09-29 | Talk | Hitbsecconf |
Analyzing Code for Security Defects
| Nish Bhalla | #code-analysis#blueteam#secure-coding |
| 2005-09-26 | Talk | Hitbsecconf |
Web hacking Kung-Fu and Art of Defense
| Shreeraj Shah | #blueteam#application-pentesting#code-review+4 |
| 2005-04-12 | Talk | Hitbsecconf |
Web Application Kung-Fu, The Art of Defense
| Shreeraj Shah | #blueteam#application-hardening#secure-coding+4 |
| 2003-12-12 | Talk | Hitbsecconf |
Defending Web Applications: Strategies, methods and practices
| Shreeraj Shah | #blueteam#secure-coding#firewall+1 |
| 2001-02-14 | Talk | Blackhat |
Web Hacking
| Saumil Shah | #red-teaming#application-pentesting#dynamic-analysis+3 |