| 2025-08-07 | Tool demo | Blackhat |
Frogy 2.0 - Automated external attack surface analysis toolkit
| Chintan Gurjar | #attack-surface#vulnerability-assessment#asset-management+2 |
| 2025-08-07 | Tool demo | Blackhat |
Pentest Copilot: Cursor for Pentesters
| Dhruva Goyal, Sitaraman Subramanian | #security-assessment#application-pentesting#vulnerability-assessment+1 |
| 2025-08-06 | Tool demo | Blackhat |
CloudLens
| Gaurav Joshi, Hare Krishna Rai, K v Prashant | #aws#cloud-pentesting#red-teaming+2 |
| 2025-08-06 | Tool demo | Blackhat |
Damn Vulnerable Browser Extension (DVBE): Unmask the risks of your Browser Supplements
| Abhinav Khanna, Krishna Chaganti | #web-security#secure-coding#security-assessment+2 |
| 2025-08-06 | Tool demo | Blackhat |
ProcessInjection
| Chirag Savla | #security-assessment#red-teaming#reverse-engineering+1 |
| 2025-08-06 | Tool demo | Blackhat |
Realtic
| Sohan Simha Prabhakar, Samarth Bhaskar Bhat, Danindu Gammanpilage | #security-assessment#vulnerability-assessment#static-analysis+3 |
| 2025-08-06 | Tool demo | Blackhat |
ROP ROCKET: Advanced Framework for Return-Oriented Programming
| Shiva Shashank, Bramwell Brizendine | #reverse-engineering#exploitation#security-assessment+2 |
| 2024-12-12 | Tool demo | Blackhat |
MPT: Pentest In Action!
| Jyoti Raval | #penetration-testing-tools#security-assessment#ethical-hacking |
| 2024-11-16 | Talk | C0c0n |
Hacking the Non-Windows Frontier: Thick Client Pentesting on Linux & Mac
| Ajay Sk | #security-assessment#linux#macos |
| 2024-11-15 | Talk | C0c0n |
[Yodha] Nightingale: Docker for Pentesters
| Raja Nagori | #docker#security-assessment#container-security+3 |
| 2024-11-15 | Talk | C0c0n |
Hackers highway: Uncovering vulnerabilities hidden behind every car’s license plate
| Kartik Lalan | #automotive-cybersecurity#reverse-engineering#security-assessment+1 |
| 2024-10-23 | Tool demo | Blackhat |
Cyber Arsenal47
| Simardeep Singh | #automated-scanning#vulnerability-assessment#security-assessment+2 |
| 2024-08-30 | Talk | Hitbsecconf |
Exploiting the In-Vehicle Browser: A Novel Attack Vector in Autonomous Vehicles
| Ravi Rajput | #web-security#security-assessment#exploitation+2 |
| 2024-08-29 | Talk | Hitbsecconf |
COMMSEC: CoralRaider Targets Victims Data and Social Media Accounts
| Chetan Raghuprasad, Joey Chen | #reverse-engineering#security-assessment#incident-management |
| 2024-08-14 | Talk | Usenix |
Shesha: Multi-head Microarchitectural Leakage Discovery in new-generation Intel Processors
| Anirban Chakraborty, Nimish Mishra, Debdeep Mukhopadhyay | #reverse-engineering#architecture#security-assessment |
| 2024-08-10 | Talk | Defcon |
Sneaky Extensions: The MV3 Escape Artists
| Vivek Ramachandran, Shourya Pratap Singh | #web-security#security-assessment#application-pentesting+4 |
| 2024-08-08 | Tool demo | Blackhat |
ICSGoat: A Damn Vulnerable ICS Infrastructure
| Shantanu Kale, Divya Nain | #ics-security#scada#plc-security+2 |
| 2024-06-27 | Talk | Troopers |
The Hidden Dangers Lurking in Your Pocket β Pwning Apple Wallet ecosystem and its apps
| Priyank Nigam | #security-assessment#api-security#secure-development |
| 2024-05-27 | Talk | Confidence |
Hacker’s Story from Reader to Global Admin in Azure
| Raunak Parmar | #cloud-pentesting#azure#ethical-hacking+4 |
| 2024-03-21 | Talk | Cansecwest |
Rolling in the Dough: How Microsoft Identified and Remidiated a Baker’s Dozen of Security Threats in the Windows DNS Server
| Arif Hussain, George Hughey | #security-assessment#architecture#incident-management |
| 2023-09-29 | Talk | Hackinparis |
A Tale of Credential Leak of a Popular Cloud Threat Actor
| Nitesh Surana | #container-security#docker#threat-hunting+1 |
| 2023-08-13 | Tool demo | Blackhat |
Advanced ROP Framework: Pushing ROP to Its Limits
| Shiva Shashank, Bramwell Brizendine | #reverse-engineering#security-assessment#exploitation+2 |
| 2023-08-11 | Talk | Defcon |
Generative Adversarial Network (GAN) based autonomous penetration testing for Web Applications
| Ankur Chowdhary | #web-security#xss#application-pentesting+3 |
| 2023-08-07 | Talk | C0c0n |
Serverless Siege: AWS Lambda Pentesting
| Anjali Singh Shukla, Divyanshu Shukla | #aws#serverless#cloud-pentesting+2 |
| 2023-08-07 | Talk | C0c0n |
Smart Contract Phishing : Attack & Defense
| Tejaswa Rastogi | #smart-contracts#phishing#secure-coding+1 |
| 2023-08-06 | Talk | C0c0n |
Expanding capability horizons : Homelabs and beyond
| Anant Shrivastava | #security-assessment#network-pentesting#architecture |
| 2023-06-05 | Talk | Confidence |
Evading modern day security defenses in corporate environments
| Himanshu Sharma, Rahul Vashista | #red-teaming#evasion#bypassing+4 |
| 2023-05-11 | Tool demo | Blackhat |
Kubernetes Goat: Interactive Kubernetes Security Learning Playground
| Madhu Akula | #kubernetes#cloud-workload-protection#container-security+4 |
| 2022-09-24 | Talk | C0c0n |
BEC, still the sure shot trap
| Georgie Kurien | #social-engineering#security-assessment#security-training |
| 2022-09-24 | Talk | C0c0n |
Introduction to RFID/NFC Hacking
| Davis Sojan | #embedded-security#firmware-analysis#security-assessment+1 |
| 2022-09-23 | Talk | C0c0n |
A Tale of Credential Leak of a Popular Cloud Threat Actor
| Nitesh Surana | #security-assessment#cloud-pentesting#cloud-workload-protection+2 |
| 2022-09-23 | Talk | C0c0n |
Log4j vulnerability continuous to be favourite for APT groups through mid 2022
| Niranjan Jayanand | #security-assessment#apt#exploit-kit+1 |
| 2022-09-23 | Talk | C0c0n |
Pwning Android Apps at Scale
| Sparsh Kulshrestha, Shashank Barthwal | #android-security#mobile-pentesting#reverse-engineering+2 |
| 2022-09-23 | Talk | C0c0n |
TropicTrooper : Targets high profile victims using newly discovered MQTT backdoor
| Saurabh Sharma, Noushin Shabab | #reverse-engineering#security-assessment#iot-pentesting |
| 2022-08-25 | Talk | Hitbsecconf |
Building An Army Of Bots By Hijacking A Unicornβs Twitter Handle
| Rahul Sasi, Vishal Singh | #social-engineering#security-assessment#botnet+1 |
| 2022-08-25 | Talk | Hitbsecconf |
MPT: Pentest In Action
| Jyoti Raval | #security-assessment#application-pentesting#asset-management+2 |
| 2022-03-24 | Talk | Insomnihack |
Practical exploitation of zigbee-class networks with USB-based RF transceivers & open source software
| Nitin Lakshmanan, Sunil Kumar 1 | #iot-pentesting#wireless-security#hardware-hacking+3 |
| 2021-11-13 | Talk | C0c0n |
Case Study - Cyber Heist in a Bank and Recovery of Systems and Money
| Prashant Choudhary | #incident-management#forensics#security-assessment |
| 2021-11-13 | Talk | C0c0n |
Exploiting 2A(Authentication and Authorization) Vulnerabilities of Web Application
| Gayatri Nayak | #web-security#authentication#authorization+2 |
| 2021-11-12 | Talk | C0c0n |
βLetβs Go Phishingβ: Discerning the insidious nature of Social Engineering
| Ruchira Pokhriyal, Shashi Karhail | #social-engineering#security-assessment#security-training |
| 2021-10-13 | Tool demo | Rootcon |
Buzzard : Crafting your post exploitation framework against odds
| Aravindha Hariharan, Subhajeet Singha | #security-assessment#post-exploitation#privilege-escalation+2 |
| 2021-09-07 | Talk | Confidence |
Swapping Asprin formulas with MDMA while Red Teaming a Billion Dollar Pharmaceutical
| Aman Sachdev, Himanshu Sharma | #red-teaming#ethical-hacking#security-assessment+2 |
| 2021-08-08 | Talk | Defcon |
AppSec 101: A Journey from Engineer to Hacker
| Arjun Gopalakrishna | #secure-coding#security-assessment#ethical-hacking+2 |
| 2021-08-06 | Talk | Defcon |
Adversary village Kick-off
| Abhijith B R | #red-teaming#ethical-hacking#vulnerability-assessment+2 |
| 2021-08-05 | Talk | Defcon |
The Bug Hunterβs Recon Methodology
| Tushar Verma | #security-assessment#vulnerability-assessment#application-pentesting+1 |
| 2020-12-10 | Talk | Blackhat |
Effective Vulnerability Discovery with Machine Learning
| Asankhaya Sharma, Ming Yi Ang | #security-assessment#machine-learning#software-composition-analysis+4 |
| 2020-12-09 | Tool demo | Blackhat |
ArcherySec 2.0 - Open Source Vulnerability Assessment and Management
| Anand Tiwari | #blueteam#security-assessment#ci-cd |
| 2020-12-09 | Tool demo | Blackhat |
Strafer: A Tool to Detect Infections in Elasticsearch Instances
| Rohit Bansal, Aditya K Sood | #blueteam#security-assessment#threat-intelligence-analysis |
| 2020-11-21 | Talk | Appsecindonesia |
Learn how to find and exploit race conditions in web apps with OWASP TimeGap Theory
| Abhi M Balakrishnan | #web-security#owasp#application-pentesting+1 |
| 2020-10-07 | Talk | Rootcon |
Offensive Embedded Exploitation : Getting hands dirty with IOT/Embedded Device Security Testing
| Kaustubh Padwad | #red-teaming#security-assessment#reverse-engineering |
| 2020-10-02 | Tool demo | Blackhat |
OWASP Nettacker
| Sri Harsha Gajavalli, Ali Razmjoo Qalaei, Sam Stepanyan | #security-assessment#vulnerability-assessment#network-pentesting+3 |
| 2020-10-01 | Tool demo | Blackhat |
Adhrit: Android Security Suite
| Abhishek Jm, Akhil Mahendra | #android#code-analysis#reverse-engineering+1 |
| 2020-10-01 | Tool demo | Blackhat |
Mobexler: An All-in-One Mobile Pentest VM
| Abhinav Mishra | #android#ios#security-assessment+2 |
| 2020-10-01 | Tool demo | Blackhat |
OWASP Python Honeypot
| Sri Harsha Gajavalli, Ali Razmjoo | #web-security#owasp#security-assessment+1 |
| 2020-09-19 | Talk | C0c0n |
Automate your Recon with ReconNote
| Prasoon Gupta | #security-assessment#vulnerability-assessment#devsecops |
| 2020-09-18 | Talk | C0c0n |
Web Application hacking with WebZGround
| Parveen Yadav, Narendra Kumar | #web-security#web-pentesting#security-assessment+3 |
| 2020-09-18 | Talk | C0c0n |
Offensive Embedded Exploitation : Getting hands dirty with IOT/Embedded Device Security Testing
| Kaustubh Padwad | #red-teaming#security-assessment#iot-device-management+4 |
| 2020-08-05 | Tool demo | Blackhat |
vPrioritizer: Learn to say NO to almost every vulnerability (art of risk prioritisationβ¦)
| Pramod Rana | #risk-analysis#blueteam#security-strategy+4 |
| 2020-04-25 | Talk | Hitbsecconf |
THE STATE OF ICS SECURITY: THEN AND NOW
| Praveen Soni, Shivbihari Pandey, Ashish Kumar Gahlot | #vulnerability-assessment#security-assessment#blueteam |
| 2020-04-24 | Talk | Hitbsecconf |
COMMSEC: The State of ICS Security : Then and Now
| Praveen Soni, Shivbihari Pandey, Ashish Kumar Gahlot | #scada#blueteam#security-assessment |
| 2020-03-18 | Talk | Cansecwest |
The ARM-X Firmware Emulation Framework
| Saumil Shah | #red-teaming#arm#firmware+4 |
| 2020-03-06 | Tool demo | Nullcon |
Mobexler
| Abhinav Mishra, Abhishek Jaiswal | #android#ios#security-assessment+2 |
| 2020-03-06 | Tool demo | Nullcon |
PivotSuite
| Manish Gupta | #red-teaming#security-assessment#network-architecture+2 |
| 2020-03-06 | Tool demo | Nullcon |
SASTRI
| Rushikesh D Nandedkar, Lalit Bhandari | #security-assessment#virtual-machine#static-analysis+3 |
| 2020-03-06 | Tool demo | Nullcon |
VyAPI
| Riddhi Shree | #secure-coding#aws#amazon-cognito+3 |
| 2019-11-28 | Talk | Deepsec |
Mastering AWS Pentesting and Methodology
| Ankit Giri | #aws#security-assessment#cloud-pentesting+1 |
| 2019-10-22 | Talk | Hacklu |
Intro to Dark Arts: Getting Started with CTFs
| Geethna T K, Shruti Dixit, Sowmya Potluri | #reverse-engineering#binary-analysis#exploitation+1 |
| 2019-10-12 | Talk | Texascybersummit |
HX-3012 PErfidious: Make PE Backdooring Great Again!
| Shreyans Doshi | #reverse-engineering#binary-analysis#executable-analysis+1 |
| 2019-09-28 | Talk | C0c0n |
Vulnerability Prioritization with Threat Intelligence
| Muslim Koser, Devesh Vatsa, Rohit Srivastwa, Dinesh O Bareja | #threat-intelligence-analysis#automated-scanning#security-assessment+3 |
| 2019-09-27 | Talk | C0c0n |
Golang for Pentesters / RedTeamers
| Anant Shrivastava | #security-assessment#red-teaming#secure-coding |
| 2019-09-27 | Talk | C0c0n |
Offensive Machine Learning for Pentesters and Red Teams
| Tamaghna Basu | #machine-learning#security-assessment#red-teaming |
| 2019-09-27 | Talk | C0c0n |
Serverless SOAR
| Sabyasachi Dhal, Suresh Sharma | #secure-coding#security-assessment#serverless+4 |
| 2019-09-27 | Talk | C0c0n |
VyAPI - The Vulnerable Hybrid Android App
| Riddhi Shree | #secure-coding#aws#amazon-cognito+3 |
| 2019-08-11 | Talk | Defcon |
Exploiting and Securing iOS Apps using OWASP iGoat
| Swaroop Yermalkar | #ios-security#application-pentesting#security-assessment+3 |
| 2019-08-09 | Tool demo | Defcon |
EXPLIoT - IoT Security Testing and Exploitation Framework
| Aseem Jakhar, Murtuja Bharmal | #security-assessment#red-teaming#blueteam+1 |
| 2019-08-09 | Tool demo | Defcon |
PivotSuite: Hack The Hidden Network - A Network Pivoting Toolkit
| Manish Gupta | #red-teaming#security-assessment#network-pentesting |
| 2019-08-08 | Tool demo | Blackhat |
EXPLIoT: IoT Security Testing and Exploitation Framework
| Aseem Jakhar, Murtuja Bharmal | #security-assessment#red-teaming#blueteam+1 |
| 2019-08-08 | Talk | Defcon |
Hacking ICS devices for Fun Penetration Testing of Vehicle Components
| Arun Mane | #automotive-cybersecurity#can-bus#ics-security+2 |
| 2019-08-08 | Talk | Defcon |
Phishing in the cloud era
| Ashwin Vamshi, Abhinav Singh | #phishing#api-security#web-security+2 |
| 2019-08-08 | Talk | Defcon |
YOUR PHONE IS USING TOR AND LEAKING YOUR PII
| Milind Bhargava, Adam Podgorski | #data-protection#security-assessment#tor+1 |
| 2019-08-07 | Tool demo | Blackhat |
Medaudit: Auditing Medical Devices and Healthcare Infrastructure
| Anirudh Duggal | #security-assessment#application-pentesting#network-architecture+1 |
| 2019-08-07 | Tool demo | Blackhat |
PivotSuite: Hack The Hidden Network - A Network Pivoting Toolkit
| Manish Gupta | #red-teaming#security-assessment#network-pentesting |
| 2019-08-07 | Tool demo | Blackhat |
SASTRI: Plug and Play VM for SAST/Static Application Security Testing Realtime Integration/
| Rushikesh D Nandedkar, Lalit Bhandari | #security-assessment#virtual-machine#application-hardening+4 |
| 2019-03-28 | Tool demo | Blackhat |
Archery - Open Source Vulnerability Assessment and Management- 2.0
| Anand Tiwari | #security-assessment#blueteam#ci-cd |
| 2019-02-28 | Talk | Nullcon |
Andromeda - GUI based Dynamic Instrumentation Toolkit powered by Frida
| Shivang Desai | #secure-coding#security-assessment#dynamic-analysis+4 |
| 2019-02-28 | Talk | Nullcon |
Pentesting without Pentesters - Automating Security Testing with Functional Testing Test Cases
| Lavakumar Kuppan, Ankit Gupta | #security-assessment#application-pentesting#application-hardening+3 |
| 2018-12-06 | Tool demo | Blackhat |
Astra: Automated Security Testing For REST APIs
| Sagar Popat, Harsh Grover | #security-assessment#rest-api#ci-cd |
| 2018-11-08 | Talk | Defcamp |
Backdooring DVR/NVR devices
| Arun Mane | #hardware-reverse-engineering#embedded-security#security-assessment+2 |
| 2018-10-05 | Talk | C0c0n |
Pentesting GraphQL Applications
| Neelu Tripathy | #security-assessment#application-pentesting#dynamic-analysis+4 |
| 2018-10-04 | Talk | Confidence |
Hacking 50 Million users using 123456
| Aman Sachdev, Himanshu Sharma | #web-security#authentication#ethical-hacking+2 |
| 2018-09-27 | Talk | Rootcon |
Defending cloud Infrastructures with Cloud Security Suite
| Shivankar Madaan | #aws#secure-coding#web-security+2 |
| 2018-09-06 | Talk | Grrcon |
Angad: A Malware Detection Framework using Multi-Dimensional Visualization
| Ankur Tyagi | #blueteam#security-assessment#forensics |
| 2018-08-16 | Talk | Usenix |
Man-in-the-Machine: Exploiting Ill-Secured Communication Inside the Computer
| Siddharth Rao, Thanh Bui, Markku Antikainen, Viswanathan Manihatty Bojan, Tuomas Aura | #security-assessment#architecture#application-hardening+4 |
| 2018-08-12 | Tool demo | Defcon |
Expl-iotβIoT Security Testing and Exploitation framework
| Aseem Jakhar | #security-assessment#red-teaming#blueteam+1 |
| 2018-08-11 | Tool demo | Defcon |
Angad: A Malware Detection Framework using Multi-Dimensional Visualization
| Ankur Tyagi | #blueteam#security-assessment#forensics |
| 2018-08-11 | Tool demo | Defcon |
ArcheryβOpen Source Vulnerability Assessment and Management
| Anand Tiwari | #security-assessment#blueteam#ci-cd |
| 2018-08-11 | Tool demo | Defcon |
BLEMystiqueβAffordable custom BLE target
| Nishant Sharma, Jeswin Mathai | #ble#red-teaming#wearables+1 |
| 2018-08-11 | Tool demo | Defcon |
PA ToolkitβWireshark plugins for Pentesters
| Nishant Sharma, Jeswin Mathai | #wireshark#security-assessment#reconnaissance+4 |
| 2018-08-11 | Tool demo | Defcon |
Sh00tβAn open platform for manual security testers & bug hunters
| Pavan Mohan | #security-assessment#bug-hunting#secure-coding+1 |
| 2018-08-09 | Talk | Blackhat |
Follow the White Rabbit: Simplifying Fuzz Testing Using FuzzExMachina
| Bhargava Shastry, Vincent Ulitzsch, Dominik Maier | #security-assessment#blueteam#linux+1 |
| 2018-08-09 | Tool demo | Blackhat |
BLEMystique: Affordable Custom BLE Target
| Nishant Sharma, Jeswin Mathai | #ble#wearables#security-assessment |
| 2018-08-09 | Tool demo | Blackhat |
Jackhammer: One Security Vulnerability Assessment/Management Tool
| Madhusudhan Konda, Rajagopal Vr, Shreyas Chidambara | #azure#aws#gcp+3 |
| 2018-08-09 | Tool demo | Blackhat |
OWASP Offensive Web Testing Framework
| Viyat Bhalodia | #owasp#security-assessment#red-teaming |
| 2018-08-08 | Tool demo | Blackhat |
Archerysec Tool Demo
| Anand Tiwari | #security-assessment#blueteam#ci-cd |
| 2018-08-08 | Tool demo | Blackhat |
Astra: Automated Security Testing For REST APIs
| Ankur Bhargava, Prajal Kulkarni, Sagar Popat | #security-assessment#rest-api#api-security+4 |
| 2018-08-08 | Tool demo | Blackhat |
Damn Vulnerable iOS App: Swift Edition
| Prateek Gianchandani | #ios#security-assessment#red-teaming |
| 2018-08-08 | Tool demo | Blackhat |
Expl-iot: IoT Security Testing and Exploitation Framework
| Aseem Jakhar | #security-assessment#red-teaming#blueteam+1 |
| 2018-08-08 | Tool demo | Blackhat |
PA Toolkit: Wireshark Plugins for Pentesters
| Nishant Sharma, Jeswin Mathai | #wireshark#security-assessment#network-architecture+2 |
| 2018-08-08 | Tool demo | Blackhat |
V2X Validation Tool
| Raashid Ansari, Jonathan Petit | #security-assessment#automobile#red-teaming |
| 2018-06-04 | Talk | Confidence |
From 123456 on a staging to compromising a multi-million dollar VC - The journey of us Red Teamers of a hack spanning over 200 days
| Himanshu Sharma, Aman Sachdev | #red-teaming#ethical-hacking#security-assessment+2 |
| 2018-03-22 | Tool demo | Blackhat |
Archery - Open Source Vulnerability Assessment and Management
| Anand Tiwari | #security-assessment#red-teaming#blueteam+1 |
| 2018-03-22 | Tool demo | Blackhat |
Jackhammer - One Security Vulnerability Assessment/Management Tool
| Rajagopal Vr, Krishna Chaitanya Yarramsetty | #security-assessment#red-teaming#blueteam+4 |
| 2018-03-01 | Talk | Nullcon |
Unleashing D* on Android Kernel Drivers
| Aravind Machiry | #android#fuzzing#red-teaming+3 |
| 2018-01-31 | Talk | Owaspappseccalifornia |
Hunter β Optimize your Pentesters time
| Kiran Shirali | #application-pentesting#security-assessment#devsecops |
| 2017-12-06 | Talk | Blackhat |
DIFUZZING ANDROID KERNEL DRIVERS
| Aravind Machiry, Chris Salls, Yan Shoshitaishvili, Jake Corina, Shuang Hao | #android#red-teaming#linux+2 |
| 2017-12-06 | Tool demo | Blackhat |
EXPLIOT - INTERNET OF THINGS SECURITY TESTING AND EXPLOITATION FRAMEWORK
| Aseem Jakhar | #security-assessment#red-teaming#blueteam+1 |
| 2017-11-14 | Talk | Blackhat |
Pwning a Smart Home in Under 10 Minutes
| Aditya Gupta | #iot-pentesting#embedded-security#security-assessment+2 |
| 2017-10-05 | Talk | Brucon |
Races, Reaches and Rescues!!! (Race condition vulnerabilities revisited)
| Rushikesh D Nandedkar, Sampada Nandedkar | #vulnerability-assessment#security-assessment#secure-coding+1 |
| 2017-10-05 | Talk | Virusbulletin |
The router of all evil: more than just default passwords and silly scripts
| Himanshu Anand, Chastine Menrige | #reverse-engineering#security-assessment#firmware-analysis |
| 2017-08-18 | Talk | C0c0n |
Androsia: A tool for securing in memory sensitive data
| Samit Anwer | #secure-coding#android#security-assessment |
| 2017-08-18 | Talk | C0c0n |
CoAP versus MQTT: IoT Protocol Vulnerability analysis
| Rajiv Pandey | #security-assessment#iot-pentesting#embedded-systems+1 |
| 2017-08-18 | Talk | C0c0n |
iGoat β A Self Learning Tool for iOS App Pentesting and Security
| Swaroop Yermalkar | #ios#security-assessment#blueteam+1 |
| 2017-08-18 | Talk | C0c0n |
Penetration Testing Orchestrator: A Framework that leverages multi-tool penetration testing approach combined with Machine Learning-NLP for faster result analysis
| Furqan Khan, Siddharth Anbalahan | #machine-learning#security-assessment#nlp+4 |
| 2017-08-18 | Talk | C0c0n |
Your friendly neighbourhood exploit
| Aseem Jakhar | #exploitation#security-assessment#reverse-engineering |
| 2017-07-30 | Tool demo | Blackhat |
Yasuo
| Saurabh Harit | #secure-coding#red-teaming#blueteam+3 |
| 2017-07-29 | Tool demo | Defcon |
Fuzzapi
| Abhijeth Dugginapeddi, Lalith Rallabhandi, Srinivas Rao | #fuzzing#rest-api#security-assessment |
| 2017-07-28 | Tool demo | Defcon |
Android Tamer
| Anant Shrivastava | #android#security-assessment#red-teaming+2 |
| 2017-07-28 | Tool demo | Defcon |
GibberSense
| Ajit Hatti | #encryption#red-teaming#security-assessment |
| 2017-07-28 | Tool demo | Defcon |
Lamma 1.0
| Ajit Hatti, Antriksh Shah | #encryption#security-assessment#audit+1 |
| 2017-07-27 | Tool demo | Blackhat |
Android Tamer
| Anant Shrivastava | #android#security-assessment#red-teaming+2 |
| 2017-07-27 | Talk | Blackhat |
Evading Microsoft ATA for Active Directory Domination
| Nikhil Mittal | #active-directory#red-teaming#security-assessment+1 |
| 2017-07-27 | Tool demo | Blackhat |
Fuzzapi - Fuzzing Your RESTAPIs Since Yesterday
| Lalith Rallabhandi, Abhijeth Dugginapeddi, Srinivas Rao | #fuzzing#rest-api#security-assessment+1 |
| 2017-07-27 | Talk | Defcon |
ICS Humla
| Sneha Rajguru, Arun Mane | #ics-security#security-assessment#embedded-systems+4 |
| 2017-07-27 | Tool demo | Blackhat |
Kubebot - Scaleable and Automated Testing Slackbot with the Backend Running on Kubernetes
| Anshuman Bhartiya | #security-assessment#bug-hunting#cloud-workload-protection+3 |
| 2017-06-26 | Tool demo | Blackhat |
DiffDroid
| Anto Joseph | #android#security-assessment#web-security |
| 2017-03-30 | Tool demo | Blackhat |
LAMMA 1.0
| Ajit Hatti | #encryption#security-assessment#static-analysis+1 |
| 2017-03-30 | Tool demo | Blackhat |
DAMN VULNERABLE SS7 NETWORK
| Akib Sayyed | #security-assessment#dos#ss7 |
| 2017-03-24 | Talk | Insomnihack |
How we hacked Distributed Configuration Management Systems
| Francis Alexander, Bharadwaj Machiraju | #security-assessment#application-pentesting#vulnerability-assessment+4 |
| 2017-03-23 | Talk | Troopers |
How we hacked Distributed Configuration Management Systems
| Bharadwaj Machiraju, Francis Alexander | #security-assessment#application-pentesting#vulnerability-assessment+4 |
| 2017-03-23 | Talk | Troopers |
How we hacked Distributed Configuration Management Systems
| Francis Alexander, Bharadwaj Machiraju | #security-assessment#application-pentesting#vulnerability-assessment+4 |
| 2017-03-03 | Talk | Nullcon |
Case study of SS7/Sigtran assessment
| Akib Sayyed | #ss7#security-assessment#blueteam+2 |
| 2017-03-03 | Talk | Nullcon |
Tale of training a Web Terminator!
| Bharadwaj Machiraju | #ml#security-assessment#application-pentesting+4 |
| 2016-11-06 | Talk | Groundzerosummit |
Hacking The Droids
| Anto Joseph | #android-security#reverse-engineering#security-assessment+2 |
| 2016-11-04 | Tool demo | Blackhat |
AppMon: Runtime Security Testing & Profiling Framework for Native Apps
| Nishant Das Patnaik | #security-assessment#ios#macos+1 |
| 2016-11-04 | Tool demo | Blackhat |
Firmware Analysis Toolkit (FAT)
| Aditya Gupta | #firmware#security-assessment#embedded-systems+3 |
| 2016-11-04 | Tool demo | Blackhat |
Yasuo
| Saurabh Harit | #secure-coding#red-teaming#blueteam+3 |
| 2016-10-07 | Talk | Deepsec |
Inside Stegosploit
| Saumil Shah | #web-security#exploitation#security-assessment |
| 2016-08-06 | Tool demo | Defcon |
LAMMA (beta)
| Ajit Hatti | #encryption#security-assessment#audit+1 |
| 2016-08-05 | Talk | Defcon |
A Monitor Darkly: Reversing and Exploiting Ubiquitous On-Screen-Display Controllers in Modern Monitors
| Jatin Kataria, Ang Cui, Francois Charbonneau | #reverse-engineering#hardware-reverse-engineering#firmware-analysis+2 |
| 2016-08-04 | Tool demo | Blackhat |
AppMon
| Nishant Das Patnaik | #ios#macos#android+1 |
| 2016-08-04 | Talk | Blackhat |
DPTrace: Dual Purpose Trace for Exploitability Analysis of Program Crashes
| Rohit Mothe, Rodrigo Rubira Branco | #security-assessment#application-pentesting#dynamic-analysis+3 |
| 2016-08-04 | Tool demo | Blackhat |
LAMMA
| Ajit Hatti | #encryption#security-assessment#audit+1 |
| 2016-08-03 | Tool demo | Blackhat |
Android Tamer
| Anant Shrivastava | #android#security-assessment#red-teaming+2 |
| 2016-08-03 | Tool demo | Blackhat |
DataSploit
| Sudhanshu Chauhan, Shubham Mittal, Nutan Kumar Panda | #security-assessment#threat-hunting#osint+1 |
| 2016-07-01 | Talk | Hackinparis |
DIFFDroid - Dynamic Analysis Made Easier for Android
| Anto Joseph | #android#security-assessment#web-security |
| 2016-06-18 | Talk | Recon |
A Monitor Darkly: Reversing and Exploiting Ubiquitous On-Screen-Display Controllers in Modern Monitors
| Jatin Kataria, Ang Cui, Francois Charbonneau | #reverse-engineering#hardware-reverse-engineering#firmware-analysis+2 |
| 2016-05-26 | Talk | Hitbsecconf |
HITB Lab: Mobile Application Security for iOS and Android
| Tushar Dalvi, Tony Trummer | #android#ios#security-assessment+2 |
| 2016-04-01 | Tool demo | Blackhat |
Android Tamer
| Anant Shrivastava | #android#security-assessment#red-teaming+2 |
| 2016-04-01 | Tool demo | Blackhat |
HackSys Extreme Vulnerable Driver
| Ashfaq Ansari | #red-teaming#security-assessment#windows |
| 2016-03-15 | Talk | Groundzerosummit |
r00tKidz and Hacking
| Triveni Singh, Lea Paul | #security-assessment#ethical-hacking#privilege-escalation+2 |
| 2016-03-11 | Talk | Nullcon |
Automated Mobile Application Security Assessment with MobSF
| Ajin Abraham | #android#ios#security-assessment |
| 2016-03-11 | Talk | Nullcon |
Million Dollar Baby: Towards ANGRly conquering DARPA CGC
| Aravind Machiry | #red-teaming#security-assessment#application-pentesting+4 |
| 2016-03-11 | Talk | Nullcon |
Physical Lock Security
| Amey Gat, Swapnil Wadwalkar | #security-assessment#reverse-engineering#hardware-hacking |
| 2015-11-13 | Talk | Blackhat |
AUTOMATING LINUX MALWARE ANALYSIS USING LIMON SANDBOX
| Monnappa K A | #linux#security-assessment#malware-research+4 |
| 2015-11-12 | Tool demo | Blackhat |
Android Tamer
| Anant Shrivastava | #android#security-assessment#red-teaming+2 |
| 2015-11-05 | Talk | Groundzerosummit |
Exposing Cyber Espionage: Hello from Pakistan- IIC Session
| Jiten Jain | #incident-management#reverse-engineering#security-assessment |
| 2015-08-28 | Tool demo | Blackhat |
Damn Vulnerable iOS App (DVIA)
| Prateek Gianchandani | #ios#security-assessment#red-teaming |
| 2015-08-08 | Talk | Defcon |
Dissecting the Design of SCADA Web Human Machine Interfaces (HMIs) - Hunting Vulnerabilities
| Aditya K Sood | #scada#hmi#security-assessment+4 |
| 2015-08-08 | Talk | Defcon |
Powershell for Penetraton Testers
| Nikhil Mittal | #security-assessment#red-teaming#exploitation+3 |
| 2015-08-08 | Talk | Defcon |
QARK: Android App Exploit and SCA Tool
| Tushar Dalvi, Tony Trummer | #android#metasploit#red-teaming+3 |
| 2015-08-07 | Talk | Defcon |
Hacker’s Practice Ground
| Lokesh Pidawekar | #security-assessment#ethical-hacking#vulnerability-assessment+2 |
| 2015-08-05 | Tool demo | Blackhat |
QARK - Android Application SCA and Exploit Tool
| Tushar Dalvi | #android#red-teaming#security-assessment+2 |
| 2015-08-01 | Talk | C0c0n |
A Pentester’s Methodology to Discover, Automate and Exploit Windows Privilege Escalation flaws.
| Riyaz Walikar | #windows#red-teaming#security-assessment |
| 2015-08-01 | Talk | C0c0n |
Automated Security Analysis of Android & iOS Applications with Mobile Security Framework
| Ajin Abraham | #android#ios#security-assessment |
| 2015-05-29 | Talk | Hitbsecconf |
PowerShell for Penetration Testers
| Nikhil Mittal | #red-teaming#windows#powershell+1 |
| 2015-05-28 | Talk | Hitbsecconf |
The Savage Curtain: Mobile SSL Failures
| Tushar Dalvi, Tony Trummer | #ssl#security-assessment#mobile-application-management+1 |
| 2015-03-26 | Tool demo | Blackhat |
OWASP Xenotix XSS Exploit Framework
| Ajin Abraham | #owasp#xss#blueteam+3 |
| 2015-03-26 | Tool demo | Blackhat |
YSO Mobile Security Framework
| Ajin Abraham | #android#ios#security-assessment |
| 2015-02-06 | Talk | Nullcon |
Building custom scans for real world enterprise network
| Sanoop Thomas | #security-assessment#network-pentesting#vulnerability-assessment+1 |
| 2015-02-06 | Talk | Nullcon |
Pentesting a website with million lines of Javascript
| Lavakumar Kuppan, Ahamed Nafeez | #web-security#security-assessment#application-pentesting+2 |
| 2015-02-06 | Talk | Nullcon |
Toliman, a Hadoop Pentesting Tool
| Jitendra Chauhan | #security-assessment#security-tools#cloud-workload-protection+2 |
| 2014-10-17 | Talk | Blackhat |
Android Kernel and OS Security Assessment with Iron Crow
| Akhil Arora, Sumanth Naropanth | #android#kernel#android-security+1 |
| 2014-09-24 | Talk | Brucon |
OWASP: OWTF
| Bharadwaj Machiraju | #security-assessment#application-pentesting#dynamic-analysis+2 |
| 2014-08-21 | Talk | Usenix |
The Emperorβs New Password Manager: Security Analysis of Web-based Password Managers
| Devdatta Akhawe, Zhiwei Li, Warren He, Dawn Song | #web-security#xss#csrf+2 |
| 2014-08-07 | Tool demo | Blackhat |
C-SCAD: Assessing Security flaws in clearscada Web_X client!
| Aditya K Sood | #red-teaming#security-assessment#ics-security+3 |
| 2014-08-06 | Tool demo | Blackhat |
Flowinspect: Yet another network inspection tool
| Ankur Tyagi | #security-assessment#network-monitoring#ids+2 |
| 2014-06-23 | Talk | Hackinparis |
Pentesting NoSQL DB’s with NoSQL Exploitation Framework
| Francis Alexander | #secure-coding#security-assessment#application-pentesting+4 |
| 2014-05-21 | Talk | Phdays |
Android Exploitation
| Aditya Gupta | #android#red-teaming#security-assessment+1 |
| 2014-03-15 | Talk | Blackhat |
Anatomy of a Credit Card Stealing POS Malware
| Amol Sarwate | #reverse-engineering#security-assessment#security-testing |
| 2014-02-15 | Tool demo | Nullcon |
DrupSnipe
| Ranjeet Sengar, Sukesh Pappu | #drupal#security-assessment#application-pentesting+2 |
| 2014-02-15 | Tool demo | Nullcon |
OWASP OWTF - The Offensive (Web) Testing Framework
| Bharadwaj Machiraju, Abraham Aranguren | #security-assessment#application-pentesting#security-tools+3 |
| 2014-02-15 | Tool demo | Nullcon |
OWASP Xenotix XSS Exploit Framerwork
| Ajin Abraham | #owasp#xss#blueteam+3 |
| 2014-02-14 | Talk | Nullcon |
Flowinspect - A Network Inspection Tool
| Ankur Tyagi | #security-assessment#malware-detection#network-monitoring+2 |
| 2014-02-14 | Talk | Nullcon |
o’Dea Assertions - Untwining the Security of the SAML Protocol
| Achin Kulshrestha | #authentication#saml#sso+2 |
| 2014-02-14 | Talk | Nullcon |
Pentesting without Pentesters - Automating Security Testing with Functional Testing Test Cases
| Ankita Gupta, Lavakumar Kuppan | #security-assessment#application-pentesting#security-development-lifecycle+3 |
| 2013-11-07 | Talk | Groundzerosummit |
How I built a pentest lab in under 70 USD
| Swaroop Yermalkar | #security-assessment#ethical-hacking#bug-bounty+1 |
| 2013-11-07 | Talk | Groundzerosummit |
IronWASP
| Lavakumar Kuppan | #security-assessment#application-pentesting#security-tools+2 |
| 2013-09-27 | Talk | C0c0n |
From Bedroom to Boardroom - Taking your Weekend Infosec Project Global
| Vivek Ramachandran | #devsecops#secure-development#security-assessment+2 |
| 2013-09-27 | Talk | C0c0n |
Snake Bites
| Anant Shrivastava | #secure-coding#security-assessment#xss |
| 2013-09-13 | Talk | Grrcon |
Matriux Leandros - An Open Source Penetration Testing and Forensic Distribution
| Prajwal Panchmahalkar | #security-assessment#forensics#digital-forensics+1 |
| 2013-08-01 | Tool demo | Blackhat |
OWASP Xenotix XSS Exploit Framework
| Ajin Abraham | #owasp#xss#blueteam+3 |
| 2013-07-31 | Tool demo | Blackhat |
JMSDigger
| Gursev Singh Kalra | #security-assessment#red-teaming#blueteam+1 |
| 2013-05-28 | Talk | Confidence |
My Experiments with truth: a different route to bug hunting
| Devesh Bhatt | #security-assessment#vulnerability-assessment#secure-development+2 |
| 2013-03-15 | Tool demo | Blackhat |
OWASP Xenotix XSS Exploit Framework
| Ajin Abraham | #owasp#xss#blueteam+3 |
| 2013-03-01 | Talk | Nullcon |
Automating JavaScript Static Analysis
| Lavakumar Kuppan | #web-security#security-assessment#blueteam |
| 2013-03-01 | Talk | Nullcon |
Mobile Code mining for discovery and exploits
| Hemil Shah | #code-analysis#secure-development#blueteam+4 |
| 2012-12-01 | Talk | Clubhack |
HAWAS β Hybrid Analyzer for Web Application Security
| Lavakumar Kuppan | #security-assessment#application-pentesting#dynamic-analysis+4 |
| 2012-09-28 | Talk | Nullcon |
Attacking Angry Droids
| Aditya Gupta, Subho Halder | #android-security#reverse-engineering#security-assessment+1 |
| 2012-09-26 | Talk | Nullcon |
The art of Passive Web Vul Analysis with IronWASP
| Lavakumar Kuppan | #security-assessment#application-pentesting#security-testing+2 |
| 2012-08-03 | Talk | C0c0n |
Cracking the Mobile Application Source Code
| Sreenarayan Ashokkumar | #android#ios#blackberry+2 |
| 2012-08-03 | Talk | C0c0n |
Cyber Weapons
| Sameer Saxena | #security-assessment#exploitation#cyber-war+3 |
| 2012-08-03 | Talk | C0c0n |
Layer 8 Exploitation: A threat to National Security
| Aakash Goel | #social-engineering#security-assessment#security-training+1 |
| 2012-08-03 | Talk | C0c0n |
WebApp Remote Code Execution using Server Side Scripting Engines
| Rahul Sasi | #red-teaming#security-assessment#application-pentesting+4 |
| 2012-07-22 | Tool demo | Blackhat |
Kautilya and Nishang
| Nikhil Mittal | #post-exploitation#ethical-hacking#security-assessment+1 |
| 2012-05-24 | Talk | Hitbsecconf |
CXML/VXML Auditing for IVR Pentesters and PCI/DSS Consultants
| Rahul Sasi | #security-assessment#ivr#application-pentesting+2 |
| 2012-03-21 | Talk | Troopers |
More Fun Using Kautilya or Is It a Thumb Drive? Is It a Toy? No, Itβs a Keyboard
| Nikhil Mittal | #security-assessment#red-teaming#keylogging |
| 2012-03-15 | Talk | Nullcon |
An App(le) a day keeps the wallet away
| Antriksh Shah | #security-assessment#web-security#api-security+1 |
| 2012-02-15 | Talk | Nullcon |
Haxdroid: Empowering Android Handset
| Anant Shrivastava, Prashant Mahajan, Pardhasaradhi Ch | #android#security-assessment#red-teaming |
| 2012-02-15 | Talk | Nullcon |
Javascript static analysis with IronWASP
| Lavakumar Kuppan | #web-security#security-assessment#blueteam |
| 2012-02-15 | Talk | Nullcon |
Ra.2 Blackbox DOM-based XSS scanner
| Nishant Das Patnaik, Sarathi Sabyasachi Sahoo | #xss#blueteam#security-assessment |
| 2011-12-04 | Talk | Clubhack |
Pen testing Mobile Applications
| Prashant Verma | #security-assessment#android#ios |
| 2011-12-04 | Talk | Clubhack |
Android Tamer
| Anant Shrivastava | #android#security-assessment#red-teaming+2 |
| 2011-12-04 | Talk | Clubhack |
Mere paas Teensy hai
| Nikhil Mittal | #hid#red-teaming#security-assessment |
| 2011-11-17 | Talk | Deepsec |
FakeAntiVirus - Journey from Trojan to a Persisent Threat
| Jagadeesh Chandraiah | #trojan#reverse-engineering#security-assessment |
| 2011-11-04 | Talk | Hackfest |
Here are your keystrokes
| Nikhil Mittal | #red-teaming#keylogging#security-assessment+1 |
| 2011-10-07 | Talk | C0c0n |
Automated Malware Analysis - Setting up the Environment
| K v Prashant, Pushkar Pashupat | #security-assessment#dynamic-analysis#malware-research+1 |
| 2011-10-07 | Talk | C0c0n |
Pentesting iPhone Applications
| Satish Bommisetty | #ios#security-assessment#application-pentesting+4 |
| 2011-09-07 | Talk | Securitybyte |
IronWASP - A Web Application Security Testing Platform
| Lavakumar Kuppan | #security-assessment#application-pentesting#dynamic-analysis+4 |
| 2011-02-25 | Talk | Nullcon |
Penetration Testing a Biometric System
| Rahul Sasi | #security-assessment#biometric#hid+1 |
| 2011-02-25 | Talk | Nullcon |
SSLSmart β Smart SSL Cipher Enumeration
| Gursev Singh Kalra | #encryption#ssl#security-assessment |
| 2010-12-04 | Talk | Clubhack |
Ultimate Pen Test β Compromising a highly secure environment
| Nikhil Mittal | #security-assessment#social-engineering#application-pentesting+4 |
| 2010-08-01 | Talk | C0c0n |
Hackers’ EcoSystem in India
| Rohit Srivastwa | #security-assessment#security-training#risk-management |
| 2010-08-01 | Talk | C0c0n |
Horses, Rats and Bots
| Jairam Ramesh | #botnet#reverse-engineering#security-assessment |
| 2010-04-14 | Talk | Blackhat |
Attacking JAVA Serialized Communication
| Manish Saindane | #secure-coding#red-teaming#security-assessment |
| 2010-02-25 | Talk | Nullcon |
Penetration Testing versus Source Code
| Nikhil Wagholikar | #security-assessment#code-analysis#application-pentesting+4 |
| 2009-12-05 | Talk | Clubhack |
Mobile Application Security Testing
| Gursev Singh Kalra | #security-assessment#mobile-pentesting#application-pentesting+4 |
| 2009-12-05 | Talk | Clubhack |
Risk Based Penetration Testing
| Nikhil Wagholikar, K K Mookhey | #security-assessment#incident-management#cybersecurity-strategy+1 |
| 2009-11-19 | Talk | Deepsec |
Top 10 Security Issues Developers Don’t Know About
| Neelay S Shah | #secure-coding#devsecops#software-security+2 |
| 2009-11-18 | Talk | Securitybyte |
Risk based Penetration Testing
| K K Mookhey | #security-assessment#risk-management#ethical-hacking+3 |
| 2009-03-16 | Talk | Cansecwest |
On Approaches and Tools for Automated Vulnerability Analysis
| Tanmay Ganacharya, Abhishek Singh, Swapnil Bhalode, Nikola Livic, Scott Lambert | #security-assessment#blueteam#automated-scanning+4 |
| 2008-12-06 | Talk | Clubhack |
Introduction to backtrack
| Kunal Sehgal | #security-assessment#linux#ethical-hacking+1 |
| 2008-08-20 | Talk | Owaspappsecindia |
Case Study: Testing 200+ applications in a $10 Billion Enterprise
| Roshen Chandran | #security-assessment#application-pentesting#security-testing+4 |
| 2008-08-20 | Talk | Owaspappsecindia |
Web 2.0 Attacks - Next Generation Threats on the Rise
| Shreeraj Shah | #red-teaming#blueteam#purpleteam+3 |
| 2008-02-20 | Talk | Blackhat |
Scanning Applications 2.0 - Next Generation Scan, Attacks and Tools
| Shreeraj Shah | #red-teaming#blueteam#purpleteam+3 |
| 2007-12-09 | Talk | Clubhack |
The future of automated web application testing
| Amish Shah, Umesh Nagori | #security-assessment#application-pentesting#security-testing+3 |
| 2007-03-15 | Talk | Blackhat |
Exploit-Me Series β Free Firefox Application Penetration Testing Suite Launch
| Nish Bhalla, Rohit Sethi | #web-security#xss#sql-injection+4 |
| 2005-04-10 | Talk | Hitbsecconf |
Whispers On The Wire - Network Based Covert Channels, Exploitation and Detection
| Pukhraj Singh | #red-teaming#blueteam#purpleteam+1 |
| 2001-07-13 | Talk | Defcon |
Security & Privacy are Critically Important Issues in Todays Digitally Connected Age
| Sharad Popli | #security-assessment#data-protection#blueteam |