| 2025-08-06 | Tool demo | Blackhat |
Damn Vulnerable Browser Extension (DVBE): Unmask the risks of your Browser Supplements
| Abhinav Khanna, Krishna Chaganti | web-securitysecure-codingpentesting+3 |
| 2025-08-06 | Tool demo | Blackhat |
ParseAndC 4.0 - The Final Cut
| Parbati Kumar Manna | reverse-engineeringbinary-analysiscode-analysis+4 |
| 2025-04-03 | Talk | Blackhat |
ObfusQate: Where Quantum Magic Meets Code Security β Say Goodbye to Easy Cracking!
| Vivek Balachandran | secure-coding |
| 2025-03-02 | Talk | Nullcon |
Building Glitch-Resistant Firmware: Practical Software Countermeasures for Hardware glitch attacks
| Shyam Kumar Arshid, Chinmay Krishna | embedded-securityfirmware-analysishardware-security+3 |
| 2025-03-02 | Talk | Nullcon |
Hidden in Plain Sight: Large-Scale Exposure of Orphaned Commits on Major Git Platforms
| Kumar Ashwin | vulnerability-managementsecure-codingdevsecops+1 |
| 2024-10-23 | Tool demo | Blackhat |
Cyber Arsenal47
| Simardeep Singh | automated-scanningvulnerability-assessmentpentesting+3 |
| 2023-09-23 | Talk | Nullcon |
Secure Coding: Fix From The Root
| Saddam Hussain, Gopika Subramanian | secure-coding |
| 2023-08-09 | Tool demo | Blackhat |
CASPR - Code Trust Auditing Framework
| Ajit Hatti | secure-coding |
| 2023-08-07 | Talk | C0c0n |
Smart Contract Phishing : Attack & Defense
| Tejaswa Rastogi | smart-contractsblockchain-securityphishing+3 |
| 2023-08-06 | Talk | C0c0n |
Mitigating SSRF at scale the right way with IMDSv2!
| Ayush Priya | web-securityapi-securityaws+3 |
| 2023-08-06 | Talk | C0c0n |
The new way to be secure
| Sakshi Bhutani | secure-developmentdevsecopssoftware-security+3 |
| 2023-05-11 | Tool demo | Blackhat |
CASPR - Code Trust Auditing Framework
| Atharva Chincholkar, Srishti Chaubey | secure-coding |
| 2022-09-24 | Talk | C0c0n |
Raining CVEs on Wordpress plugins with Semgrep
| Shreya Pohekar, Syed Sheeraz Ali | web-securitystatic-analysissast+2 |
| 2022-09-23 | Talk | C0c0n |
Hacking SmartContracts
| Anto Joseph | blockchain-securitysmart-contractsvulnerability-management+2 |
| 2022-09-08 | Talk | Nullcon |
Pushing Security Left By Mutating Byte Code
| Gaurav Gogia | secure-coding |
| 2022-08-12 | Talk | Defcon |
Stop worrying about Nation-States and Zero-Days; let’s fix things that have been known for years
| Vivek Ponnada | secure-codingvulnerability-managementdevsecops+1 |
| 2022-08-10 | Tool demo | Blackhat |
CASPR - Code Trust Audit Framework
| Ajit Hatti | secure-coding |
| 2021-11-13 | Talk | C0c0n |
Server-side javascript Injection
| Kavisha Sheth | web-securitysecure-codingweb-pentesting |
| 2021-10-15 | Talk | Rootcon |
The Curious case of knowing the unknown
| Vandana Verma Sehgal | vulnerability-managementsecure-codingdevsecops+1 |
| 2021-08-08 | Talk | Defcon |
AppSec 101: A Journey from Engineer to Hacker
| Arjun Gopalakrishna | secure-codingpentestingethical-hacking+2 |
| 2021-08-08 | Talk | Defcon |
Top 20 Secure PLC Coding Practices
| Vivek Ponnada | industrial-control-systems-securitysecure-codingvulnerability-management+3 |
| 2021-05-06 | Tool demo | Blackhat |
Demystifying the State of Kubernetes Cluster Security - The Cloud Native Way
| Vasant Kumar, Rupali Dash | kubernetescloudaudit+2 |
| 2021-05-06 | Tool demo | Blackhat |
FalconEye: Windows Process Injection Techniques - Catch Them All
| Rajiv Kulkarni, Sushant Paithane | windowsprocess-injectionblueteam+1 |
| 2020-09-18 | Talk | C0c0n |
Web Application hacking with WebZGround
| Parveen Yadav, Narendra Kumar | web-securityweb-pentestingpentesting+3 |
| 2020-03-06 | Tool demo | Nullcon |
VyAPI
| Riddhi Shree | secure-codingawsamazon-cognito+5 |
| 2020-03-06 | Tool demo | Nullcon |
Wolverine
| Furqan Khan, Siddharth Anbalahan | linuxsecure-codingweb-application-security+3 |
| 2019-12-04 | Tool demo | Blackhat |
AutoMacTC: Finding Worms in Apple Orchards - Using AutoMacTC for macOS Incident Response
| Kshitij Kumar, Jai Musunuri | macossecure-codingforensic+1 |
| 2019-09-27 | Talk | C0c0n |
autoSource an automated framework for Source Code Review
| Malkit Singh | code-reviewsecure-codingstatic-analysis+3 |
| 2019-09-27 | Talk | C0c0n |
Golang for Pentesters / RedTeamers
| Anant Shrivastava | pentestredteamsecure-coding |
| 2019-09-27 | Talk | C0c0n |
Serverless SOAR
| Sabyasachi Dhal, Suresh Sharma | secure-codingpentest |
| 2019-09-27 | Talk | C0c0n |
VyAPI - The Vulnerable Hybrid Android App
| Riddhi Shree | secure-codingawsamazon-cognito+5 |
| 2019-08-30 | Talk | Hitb Sec Conf |
COMMSEC: PErfidious: Make PE Backdooring Great Again!
| Shreyans Doshi | secure-codingredteamblueteam+1 |
| 2019-03-28 | Talk | Blackhat |
DevSecOps : What, Why and How
| Anant Shrivastava | devsecopssecure-coding |
| 2019-03-28 | Tool demo | Blackhat |
Kurukshetra: Playground for Interactive Security Learning
| Anirudh Anand, Mohan Kallepalli, Ankur Bhargava | secure-codingblueteam |
| 2019-03-28 | Tool demo | Blackhat |
pytm: A Pythonic Framework for Threat Modeling
| Rohit Shambhuni | secure-codingthreat_modelingredteam |
| 2019-02-28 | Talk | Nullcon |
Andromeda - GUI based Dynamic Instrumentation Toolkit powered by Frida
| Shivang Desai | secure-codingpentest |
| 2018-12-05 | Tool demo | Blackhat |
Kurukshetra: Playground for Interactive Security Learning
| Anirudh Anand, Mohan Kallepalli | secure-codingblueteam |
| 2018-09-27 | Talk | Rootcon |
Defending cloud Infrastructures with Cloud Security Suite
| Shivankar Madaan | cloudawssecure-coding+3 |
| 2018-08-11 | Tool demo | Defcon |
Halcyon IDE
| Sanoop Thomas | reconnaissanceredteamnmap+1 |
| 2018-08-11 | Tool demo | Defcon |
Sh00tβAn open platform for manual security testers & bug hunters
| Pavan Mohan | pentestbug-huntingsecure-coding+1 |
| 2018-08-08 | Tool demo | Blackhat |
AutoMacTC: Finding Worms in Apple Orchards - Using AutoMacTC for macOS Incident Response
| Kshitij Kumar, Jai Musunuri | macossecure-codingforensic+1 |
| 2018-08-08 | Tool demo | Blackhat |
Halcyon IDE: For Nmap Script Developers
| Sanoop Thomas | reconnaissanceredteamnmap+1 |
| 2018-08-08 | Tool demo | Blackhat |
SCoDA: Smart COntract Defender and Analyzer
| Ajit Hatti | blueteamsecure-coding |
| 2017-10-05 | Talk | Brucon |
Races, Reaches and Rescues!!! (Race condition vulnerabilities revisited)
| Rushikesh D Nandedkar, Sampada Nandedkar | vulnerability-assessmentpentestingsecure-coding+2 |
| 2017-09-21 | Talk | App Sec Usa |
Androsia: A tool for securing in memory sensitive data
| Samit Anwer | android-securitymobile-securitystatic-analysis+1 |
| 2017-08-18 | Talk | C0c0n |
Androsia: A tool for securing in memory sensitive data
| Samit Anwer | secure-codingandroidmobile+1 |
| 2017-08-18 | Talk | C0c0n |
Cloud_Security Suite - One stop tool for auditing cloud infrastructure
| Shivankar Madaan, Jayesh Chauhan | cloudawssecure-coding+3 |
| 2017-08-18 | Talk | C0c0n |
iGoat β A Self Learning Tool for iOS App Pentesting and Security
| Swaroop Yermalkar | iosmobilepentest+2 |
| 2017-07-30 | Tool demo | Blackhat |
Yasuo
| Saurabh Harit | secure-codingredteamblueteam+3 |
| 2017-07-27 | Tool demo | Blackhat |
Fuzzapi - Fuzzing Your RESTAPIs Since Yesterday
| Lalith Rallabhandi, Abhijeth Dugginapeddi, Srinivas Rao | fuzzingrest-apipentest+1 |
| 2017-07-27 | Tool demo | Blackhat |
Gibber Sense
| Ajit Hatti | secure-codingreconnaissancecryptography+3 |
| 2017-07-26 | Tool demo | Blackhat |
Devknox - Autocorrect Security Issues from Android Studio
| Subho Halder | androidmobilecode-analysis+1 |
| 2017-03-30 | Tool demo | Blackhat |
Devknox - Autocorrect Security Issues from Android Studio
| Subho Halder | androidmobilecode-analysis+1 |
| 2016-11-04 | Tool demo | Blackhat |
Yasuo
| Saurabh Harit | secure-codingredteamblueteam+3 |
| 2016-09-23 | Talk | Rootcon |
Halcyon β A Faster Way to Build Custom Scripts for Nmap Scans
| Sanoop Thomas | secure-codingreconnaissanceredteam+1 |
| 2016-08-04 | Tool demo | Blackhat |
Droid-FF: Android Fuzzing Framework
| Anto Joseph | androidfuzzingsecure-coding+2 |
| 2016-08-04 | Tool demo | Blackhat |
Maltese (Malware Traffic Emulating Software)
| Sasi Siddharth | dnssecure-coding |
| 2016-05-26 | Talk | Hitb Sec Conf |
HITB Lab: Mobile Application Security for iOS and Android
| Tushar Dalvi | mobileandroidios+3 |
| 2016-03-15 | Talk | Groundzerosummit |
Web App Security
| Harpreet Singh, Himanshu Sharma, Nipun Jaswal | web-securityapi-securitysecure-coding+3 |
| 2015-08-05 | Tool demo | Blackhat |
PixelCaptcha: A unicode based captcha scheme
| Gursev Singh Kalra | secure-coding |
| 2015-08-01 | Talk | C0c0n |
NoPo - The NoSQL HoneyPot Framework
| Francis Alexander | secure-coding |
| 2014-11-13 | Talk | Ground Zero Summit |
Cyber ‘BrahMos’ - Static analysis driven secure coding
| Joy Sen | secure-coding |
| 2014-06-23 | Talk | Hackinparis |
Pentesting NoSQL DB’s with NoSQL Exploitation Framework
| Francis Alexander | secure-codingpentest |
| 2014-02-14 | Talk | Nullcon |
Attack of the setuid bit - pt_chown and pwning root terminals
| Siddhesh Poyarekar | glibcredteamblueteam+2 |
| 2013-11-21 | Talk | Appsec Usa |
Wassup MOM? Owning the Message Oriented Middleware
| Gursev Singh Kalra | api-securityvulnerability-managementsecure-coding+1 |
| 2013-09-27 | Talk | C0c0n |
Infiltrating the Intranet with Skanda
| Jayesh Chauhan | redteamsecure-coding |
| 2013-09-27 | Talk | C0c0n |
Snake Bites
| Anant Shrivastava | secure-codingpentestxss |
| 2013-09-27 | Talk | C0c0n |
Static analysis of malware with PyTriage
| Yashin Mehaboobe | secure-coding |
| 2013-08-01 | Tool demo | Blackhat |
Sparty
| Aditya K Sood | secure-codingauditblueteam |
| 2013-08-01 | Tool demo | Blackhat |
XENOTIX xBOT
| Ajin Abraham | botnetlinuxwindows+3 |
| 2012-12-06 | Talk | Blackhat |
The art of exploiting logical flaws in web apps
| Sumit Siddharth | redteamsecure-coding |
| 2012-10-26 | Talk | App Sec Usa |
The 7 Qualities of Highly Secure Software
| Mano Paul | secure-developmentsoftware-securitysecure-coding+3 |
| 2012-09-28 | Talk | Nullcon |
Alert(/xss/) - How to catch an XSS before someone exploits / reports it?
| Ahamed Nafeez | web-securityxsssecure-coding+2 |
| 2012-03-15 | Talk | Nullcon |
An App(le) a day keeps the wallet away
| Antriksh Shah | pentestingweb-securityapi-security+1 |
| 2011-09-06 | Talk | Securitybyte |
Application Security Strategies
| K K Mookhey | secure-codingsecure-developmentweb-security+3 |
| 2011-09-06 | Talk | Securitybyte |
Enabling Un-trusted Mashups
| Bishan Singh | web-securityxsscsrf+4 |
| 2010-11-25 | Talk | Deepsec |
Developers are from Mars, Compliance Auditors are from Venus
| Neelay S Shah | compliancegovernancerisk-management+4 |
| 2010-04-14 | Talk | Blackhat |
Attacking JAVA Serialized Communication
| Manish Saindane | secure-codingredteampentest |
| 2009-12-05 | Talk | Clubhack |
Revealing the Secrets: Source Code Disclosure, Techniques and Impacts
| Anant Kochhar | secure-developmentsecure-coding |
| 2009-11-19 | Talk | Deepsec |
Top 10 Security Issues Developers Don’t Know About
| Neelay S Shah | secure-codingdevsecopsvulnerability-management+3 |
| 2009-11-17 | Talk | Securitybyte |
Applications - The new cyber security frontier
| Mano Paul | secure-developmentdevsecopssoftware-security+2 |
| 2009-05-19 | Talk | Syscan |
Securing Enterprise Applications
| Shreeraj Shah | blueteamweb-application-securityajax+8 |
| 2008-12-06 | Talk | Clubhack |
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA’s and Caching
| Karmendra Kohli | secure-developmentsecure-codingblueteam+1 |
| 2008-12-06 | Talk | Clubhack |
Reverse Engineering v/s Secure Coding
| Atul Alex | secure-codingreverse-engineeringredteam+2 |
| 2008-10-29 | Talk | Hitb Sec Conf |
Top 10 Web 2.0 Attacks
| Shreeraj Shah | blueteamweb-application-securityajax+5 |
| 2008-04-16 | Talk | Hitb Sec Conf |
Securing Next Generation Applications Γ’β¬β Scan, Detect and Mitigate
| Shreeraj Shah | blueteamweb-application-securityajax+5 |
| 2007-08-02 | Talk | Blackhat |
Breaking C++ Applications
| Neel Mehta | redteamsecure-coding |
| 2006-09-21 | Talk | Hitb Sec Conf |
Finding Secrets in ISAPI
| Nish Bhalla | secure-codingreverse-engineering |
| 2006-08-02 | Talk | Blackhat |
SQL Injections by Truncation
| Bala Neerumalla | web-securitysql-injectionsecure-coding+1 |
| 2006-01-26 | Talk | Blackhat |
Analysis of Adversarial Code: Problem, Challenges, Results
| Arun Lakhotia | secure-codingblueteam |
| 2005-09-29 | Talk | Hitb Sec Conf |
Analyzing Code for Security Defects
| Nish Bhalla | code-analysisblueteamsecure-coding |
| 2003-12-12 | Talk | Hitb Sec Conf |
Defending Web Applications: Strategies, methods and practices
| Shreeraj Shah | blueteamsecure-codingfirewall+1 |