🧪 Experimental Feature

Tag-based content organization is an experimental feature. This page and its functionality may change as we refine the tagging system.

Tag: Software Security

Focus Area: 🔐 Application Security

Total Entries

Contributors

All Entries (98 total, sorted by date)

Date	Type	Conference	Title	Speaker(s)	Tags
2025-08-06	Tool demo	Blackhat	ParseAndC 4.0 - The Final Cut	Parbati Kumar Manna	#reverse-engineering #binary-analysis #code-analysis+4
2025-08-06	Tool demo	Blackhat	vet: Proactive Guardrails against Malicious OSS using Code Analysis	Abhisek Datta	#static-analysis #software-security #devsecops+2
2025-04-04	Talk	Blackhat	Standing on the Shoulders of Giants: De-Obfuscating WebAssembly Using LLVM	Vikas Gupta, Peter Garba	#reverse-engineering #code-analysis #software-security
2025-04-03	Talk	Blackhat	ObfusQate: Where Quantum Magic Meets Code Security – Say Goodbye to Easy Cracking!	Vivek Balachandran, Nikhil Bartake, Zi Jie See Toh, Michael Kasper	#secure-coding #quantum-computing #software-security
2025-03-02	Talk	Nullcon	Building Glitch-Resistant Firmware: Practical Software Countermeasures for Hardware glitch attacks	Shyam Kumar Arshid, Chinmay Krishna	#embedded-security #firmware-analysis #secure-coding+1
2025-03-02	Panel	Nullcon	From Code to Defense: Why Developers Are the New Security Leaders	Vaibhav Gupta, Vikas Goyal, Hilal Lone, Gene Golovinsky	#secure-development #secure-coding #security-testing+3
2024-12-12	Tool demo	Blackhat	MORF - Mobile Reconnaissance Framework	Amrudesh Balakrishnan, Abhishek Jm, Himanshu Das	#application-pentesting #code-review #secure-development+3
2024-08-09	Talk	Defcon	Reflections on a Decade in Bug Bounties: Experiences and Major Takeaways	Nikhil Shrivastava, Charles Waterhouse	#bug-hunting #bug-bounty #security-training+3
2024-04-18	Tool demo	Blackhat	DetectiveSQ: A Extension Auditing Framework Version 2	Govind Krishna, Xian Xiang Chang	#audit #application-pentesting #ai-security+4
2023-12-07	Tool demo	Blackhat	Akto - Open Source API Security Tool	Ankush Jain	#api-security #secure-development #security-testing+3
2023-12-06	Tool demo	Blackhat	DetectiveSQ: A Extension Auditing Framework	Jeswin Mathai, Shourya Pratap Singh	#threat-intelligence-analysis #application-pentesting #application-hardening+3
2023-09-23	Talk	Nullcon	Your App Is Probably A Spyware…Or Is It?	Gaurav Gogia, Pandurang Patil	#spyware #secure-development #security-testing+3
2023-08-25	Tool demo	Hitbsecconf	iGoat	Swaroop Yermalkar	#ios #application-pentesting #secure-coding+3
2023-08-10	Tool demo	Blackhat	SCodeScanner - An Open-Source Source-Code Scanner	Utkarsh Agrawal	#code-review #sast #secure-development+4
2023-08-09	Tool demo	Blackhat	Akto - Open Source API Security Tool	Ankush Jain, Ankita Gupta 1	#api-security #application-pentesting #security-testing+3
2023-08-06	Talk	C0c0n	Surviving In Dependency Hell	Kumar Ashwin	#secure-development #devsecops #software-security
2023-08-06	Talk	C0c0n	Taking a Closer Look at CI/CD Pipeline Logs: Extracting Security-Related Information with Build Inspector	Anshu Kumar, Pavan Sorab	#devsecops #ci-cd #cicd-pipeline+2
2023-08-06	Talk	C0c0n	The new way to be secure	Sakshi Bhutani	#secure-development #devsecops #software-security+3
2023-05-11	Tool demo	Blackhat	CASPR - Code Trust Auditing Framework	Atharva Chincholkar, Srishti Chaubey	#secure-coding #application-pentesting #code-review+4
2023-05-11	Tool demo	Blackhat	Nightingale: Docker for Pentesters	Raja Nagori	#docker #application-pentesting #container-security+4
2023-05-11	Tool demo	Blackhat	Post-Quantum Cryptography Library	Sagar Bhure, Shain Singh	#encryption #quantum-computing #secure-development+3
2023-04-26	Talk	Rsac	Designing Product Security for a Brighter Smile and a Healthier Tomorrow	Lokesh Pidawekar, Apoorva Phadke	#secure-development #devsecops #software-security+2
2022-12-08	Tool demo	Blackhat	Node Security Shield - A Lightweight RASP for NodeJS Applications	Lavakumar Kuppan, Sukesh Pappu	#application-hardening #secure-development #security-testing+4
2022-09-23	Talk	C0c0n	Building a Safer and Innovative Digital Ecosystem	Vijay Pamarathi	#secure-development #devsecops #software-security+2
2022-09-07	Talk	Nullcon	Do PDF Tools Conform To The Specification?	Prashant Anantharaman	#pdf #data-protection #static-analysis+4
2022-09-07	Talk	Nullcon	ElectroVolt: Pwning Popular Desktop Apps While Uncovering New Attack Surface On Electron	Mohan Sri Rama Krishna Pedhapati, Maxwell Garrett	#red-teaming #application-pentesting #dynamic-analysis+4
2022-09-06	Panel	Nullcon	Securing the Software	Mrudul Uchil, Abhisek Datta, Harish Goel, Matthew Bohne	#software-security #secure-development #security-testing+3
2022-08-10	Tool demo	Blackhat	Adhrit: Android Security Suite	Amrudesh Balakrishnan, Rahul Sani, Abhishek Jm	#android #android-security #application-pentesting+4
2022-08-10	Tool demo	Blackhat	Node Security Shield - A Lightweight RASP for NodeJS Applications	Lavakumar Kuppan, Sukesh Pappu	#application-hardening #code-review #secure-development+4
2022-08-10	Tool demo	Blackhat	ParseAndC 2.0 – We Don’t Need No C Programs (for Parsing)	Parbati Kumar Manna	#reverse-engineering #dynamic-analysis #network-pentesting+4
2022-05-12	Tool demo	Blackhat	Nightingale: Docker for Pentesters	Raja Nagori	#docker #application-pentesting #container-security+4
2022-05-12	Tool demo	Blackhat	Node Security Shield	Lavakumar Kuppan, Sukesh Pappu	#application-hardening #secure-development #security-testing+3
2021-11-13	Talk	C0c0n	New way of looking at the hidden mysteries in the code	Vandana Verma Sehgal	#code-review #static-analysis #reverse-engineering+2
2021-10-15	Talk	Rootcon	The Curious case of knowing the unknown	Vandana Verma Sehgal	#secure-coding #devsecops #software-security
2021-08-27	Talk	Hitbsecconf	Securing Webviews and The Story Behind CVE-2021–21136	Shiv Sahni, Imdadullah Mohammed	#android-security #secure-coding #security-testing+2
2021-08-04	Tool demo	Blackhat	Joern: An Interactive Shell for Code Analysis	Suchakra Sharma, Vickie Li, Fabian Yamaguchi	#vulnerability-assessment #code-review #sast+4
2021-08-04	Tool demo	Blackhat	ParseAndC: A Universal Parser and Data Visualization Tool for Security Testing	Parbati Kumar Manna	#reverse-engineering #application-pentesting #code-review+4
2020-03-06	Tool demo	Nullcon	FRISPY	Tejas Girme, Parmanand Mishra	#spyware #red-teaming #api-security+3
2020-03-06	Tool demo	Nullcon	SASTRI	Rushikesh D Nandedkar, Lalit Bhandari	#security-assessment #virtual-machine #static-analysis+3
2019-11-01	Talk	Hackfest	The Mechanics of Malware’s Darkside	Yagnesh Waran P, Laura Harris	#dynamic-analysis #static-analysis #security-testing+1
2019-09-27	Talk	C0c0n	autoSource an automated framework for Source Code Review	Malkit Singh	#code-review #secure-coding #static-analysis+3
2019-09-27	Talk	C0c0n	Security @scale for startups	Shivanath Somanathan	#devsecops #secure-development #software-security+2
2019-09-13	Talk	44con	One Person Army – Playbook on how to be the first Security Engineer at a company	Kashish Mittal	#devsecops #application-hardening #secure-development+4
2019-08-11	Talk	Defcon	Shifting the DevSecOps Culture, Taking away the sugar piece and giving the pile to ants	Vandana Verma Sehgal	#devsecops #secure-development #ci-cd+2
2019-05-21	Talk	Phdays	Breaking Microsoft Edge extensions security policies	Nikhil Mittal	#application-pentesting #code-review #security-testing+2
2019-03-02	Panel	Nullcon	The Myth of Sisyphus Secure Product Development	Bipin Upadhyay, Minatee Mishra, Neelu Tripathy, Vaibhav Gupta, Vishal Sahani	#secure-development #secure-coding #security-testing+3
2019-02-28	Talk	Nullcon	Building Hardened IoT Implementations with LangSec	Prashant Anantharaman	#blueteam #secure-development #input-validation+4
2018-10-19	Talk	Appsecdayaustralia	Threat Modeling-as-Code & Automation for DevSecOps wins	Abhay Bhargav	#threat-modeling #devsecops #application-hardening+4
2018-10-05	Talk	C0c0n	Pentesting GraphQL Applications	Neelu Tripathy	#security-assessment #application-pentesting #dynamic-analysis+4
2018-03-22	Talk	Blackhat	XOM-switch: Hiding Your Code from Advanced Code Reuse Attacks In One Shot	Ravi Sahita, Daiping Liu, Mingwei Zhang	#blueteam #application-hardening #code-review+4
2018-03-01	Talk	Nullcon	Security through obscurity and fear	Abhinav Srivastava	#application-pentesting #secure-development #security-testing+3
2017-10-05	Talk	Brucon	Races, Reaches and Rescues!!! (Race condition vulnerabilities revisited)	Rushikesh D Nandedkar, Sampada Nandedkar	#vulnerability-assessment #security-assessment #secure-coding+1
2017-08-18	Talk	Usenix	DR. CHECKER: A Soundy Analysis for Linux Kernel Drivers	Aravind Machiry, Chad Spensky, Jake Corina, Nick Stephens, Christopher Kruegel, Giovanni Vigna	#linux #kernel #static-analysis+4
2017-03-03	Talk	Nullcon	Agility with security mitigations in Windows 10	Swamy Shivaganga Nagaraju	#windows #blueteam #security-development-lifecycle+2
2016-08-19	Talk	C0c0n	App Sec in the Time of Docker Containers	Akash Mahajan	#docker #application-pentesting #container-security+4
2016-08-06	Tool demo	Defcon	Android-InsecureBank	Dinesh Shetty	#android #red-teaming #application-pentesting+4
2016-08-04	Talk	Blackhat	DPTrace: Dual Purpose Trace for Exploitability Analysis of Program Crashes	Rohit Mothe, Rodrigo Rubira Branco	#security-assessment #application-pentesting #dynamic-analysis+3
2016-05-17	Talk	Phdays	Security Automation Based on Artificial Intelligence	Rahul Sasi	#ai #blueteam #ai-security+4
2015-11-13	Talk	Blackhat	Continuous Intrusion: Why CI tools are an Attacker’s Best Friends	Nikhil Mittal	#red-teaming #ci-cd #application-pentesting+4
2015-08-01	Talk	C0c0n	Understanding the known : A deep look at OWASP A9 : Using Components with Known Vulnerabilities	Anant Shrivastava	#owasp #blueteam #security-testing+4
2015-05-26	Talk	Phdays	Invisible Backdoors In Your Code	Debasis Mohanty	#blueteam #code-review #secure-coding+4
2015-02-06	Talk	Nullcon	Building security and compliance into the software delivery process	Anubhav Bathla, Dinesh Pillai, S Chandrasekhar, Harish Pillay	#secure-development #devsecops #security-compliance+3
2014-08-22	Talk	C0c0n	Breaking and Securing Mobile Apps - Automagically	Aditya Gupta	#purpleteam #mobile-application-management #mobile-hacking+4
2014-08-22	Talk	C0c0n	Lesser Known Attack - XML Injection	Amol Naik	#red-teaming #application-pentesting #code-review+3
2014-02-15	Tool demo	Nullcon	OWASP OWTF - The Offensive (Web) Testing Framework	Bharadwaj Machiraju, Abraham Aranguren	#security-assessment #application-pentesting #security-tools+3
2014-02-14	Talk	Nullcon	Chrome - OS Security 2014: New and future hotness	Sumit Gwalani	#blueteam #application-hardening #application-pentesting+4
2014-02-14	Talk	Nullcon	Pentesting without Pentesters - Automating Security Testing with Functional Testing Test Cases	Ankita Gupta, Lavakumar Kuppan	#security-assessment #application-pentesting #security-development-lifecycle+3
2013-11-20	Talk	Appsecusa	Project Talk: OWASP OpenSAMM Project	Pravir Chandra, Seba Deleersnyder	#software-security #secure-development #devsecops+4
2013-09-27	Talk	C0c0n	From Bedroom to Boardroom - Taking your Weekend Infosec Project Global	Vivek Ramachandran	#devsecops #secure-development #security-assessment+2
2013-09-27	Talk	C0c0n	Static analysis of malware with PyTriage	Yashin Mehaboobe	#secure-coding #static-analysis #dynamic-analysis+2
2013-08-15	Talk	Usenix	An Empirical Study of Vulnerability Rewards Programs	Devdatta Akhawe, David Wagner, Matthew Finifter	#bug-bounty #software-security #risk-management+2
2013-08-02	Talk	Defcon	Interactive Web Security Testing with IronWASP	Lavakumar Kuppan	#application-pentesting #dynamic-analysis #security-testing+3
2013-05-28	Talk	Confidence	My Experiments with truth: a different route to bug hunting	Devesh Bhatt	#security-assessment #vulnerability-assessment #secure-development+2
2012-12-01	Talk	Clubhack	Anatomy of a Responsible Disclosure – Zero Day Vulnerability in Oracle BI Publisher	Vishal Kalro	#zero-day #application-pentesting #secure-development+1
2012-12-01	Talk	Clubhack	HAWAS – Hybrid Analyzer for Web Application Security	Lavakumar Kuppan	#security-assessment #application-pentesting #dynamic-analysis+4
2012-11-07	Award		Cross Site Port Attack (XSPA)	Riyaz Walikar	#application-pentesting #security-testing #dynamic-analysis+3
2012-10-26	Talk	Appsecusa	The 7 Qualities of Highly Secure Software	Mano Paul	#secure-development #software-security #secure-coding+3
2012-09-05	Talk	44con	Why Integrity is left alone and not given TLC (Tender, Love and Care) it deserves?	Jitender Arora	#data-protection #security-strategy #threat-modeling+3
2012-08-03	Talk	C0c0n	Easy Money with UI-Redressing	Amol Naik	#bug-hunting #application-pentesting #dynamic-analysis+4
2012-03-15	Talk	Owaspappsecindia	The Magic of Passive Web Vulnerability Analysis	Lavakumar Kuppan	#application-pentesting #security-testing #static-analysis+2
2011-09-19	Talk	Brucon	Step-by-Step for Software Security (that anyone can follow)	Pravir Chandra	#software-security #secure-development #devsecops+4
2011-02-25	Talk	Nullcon	Automatic Program Analysis using Dynamic Binary Instrumentation (DBI)	Sunil Kumar	#dynamic-binary-instrumentation #code-analysis #dynamic-analysis+3
2011-02-25	Talk	Nullcon	Fuzzing with complexities	Vishwas Sharma	#fuzzing #red-teaming #application-pentesting+4
2010-12-04	Talk	Clubhack	Firefox Security!	Prasanna Kanagasabai	#application-pentesting #secure-development #security-testing+4
2010-02-25	Talk	Nullcon	Software Fuzzing with Wireplay.	Abhisek Datta	#fuzzing #red-teaming #network-pentesting+3
2009-12-05	Talk	Clubhack	Revealing the Secrets: Source Code Disclosure, Techniques and Impacts	Anant Kochhar	#secure-development #secure-coding #code-review+2
2009-11-19	Talk	Deepsec	Top 10 Security Issues Developers Don’t Know About	Neelay S Shah	#secure-coding #devsecops #software-security+2
2009-11-17	Talk	Securitybyte	Applications - The new cyber security frontier	Mano Paul	#secure-development #devsecops #software-security+2
2009-04-22	Talk	Troopers	Browser Design Flaws – Hacking by Breaking in Architectures	Aditya K Sood	#red-teaming #application-pentesting #secure-development+1
2009-04-22	Talk	Troopers	SQL Injections: More Fun and Profit	Sumit Siddharth	#red-teaming #application-pentesting #code-review+4
2008-10-22	Talk	Hacklu	Browser Exploits - A new model for Browser security	Saumil Shah	#red-teaming #application-hardening #browser-security+4
2007-12-09	Talk	Clubhack	Subtle Security flaws: Why you must follow the basic principles of software security	Varun Sharma	#blueteam #software-security #secure-coding+4
2006-11-29	Talk	Pacsec	Smashing Heap by Free Simulation	Sandip Chaudhari	#heap #red-teaming #exploit-delivery+4
2006-10-19	Talk	Hacklu	Writing Metasploit plugins - from vulnerability to exploit	Saumil Shah	#metasploit #red-teaming #exploit-development+3
2006-09-21	Talk	Hitbsecconf	Finding Secrets in ISAPI	Nish Bhalla	#secure-coding #reverse-engineering #application-pentesting+4
2006-08-01	Talk	Blackhat	Writing Metasploit Plugins - from Vulnerability to Exploit	Saumil Shah	#metasploit #exploit-development #secure-coding+2
2006-04-13	Talk	Hitbsecconf	Writing Metasploit Plugins - From Vulnerability to Exploit	Saumil Shah	#metasploit #red-teaming #exploit-development+3
2005-07-28	Talk	Blackhat	Rapid Threat Modeling	Akshay Aggarwal	#threat-modeling #red-teaming #security-strategy+4

🧪 Experimental Feature

Tag: Software Security

Top Contributors

All Entries (98 total, sorted by date)