Hackers of India

🧪 Experimental Feature

Tag-based content organization is an experimental feature. This page and its functionality may change as we refine the tagging system.

Tag: Web Security

Focus Areas: 🔐 Application Security 🌐 Web Application Security
93
Total Entries
68
Contributors

Top Contributors

Shreeraj Shah(10) Gursev Singh Kalra(5) Lavakumar Kuppan(5) Aditya K Sood(4) Ahamed Nafeez(4)

All Entries (93 total, sorted by date)

DateTypeConferenceTitleSpeaker(s)Tags
2025-08-07Tool demoBlackhat Frogy 2.0 - Automated external attack surface analysis toolkit Source Code Chintan Gurjar#attack-surface#vulnerability-assessment#asset-management+2
2025-08-07Tool demoBlackhat Q-TIP (QR Code Threat Inspection Platform) Rushikesh D Nandedkar#incident-management#web-security#architecture+1
2025-08-06Tool demoBlackhat Damn Vulnerable Browser Extension (DVBE): Unmask the risks of your Browser Supplements Source Code Abhinav Khanna, Krishna Chaganti#web-security#secure-coding#security-assessment+2
2025-08-06Tool demoBlackhat Open-Source API Firewall by Wallarm - Advanced Protection for REST and GraphQL APIs Source Code Satinder Khasriya#api-security#web-security#owasp+1
2025-08-06Tool demoBlackhat SmuggleShield - Protection Against HTML Smuggling Source Code Dhiraj Mishra#web-security#malware-detection#browser-security+2
2025-06-27TalkLehack From HTML Injection to Full AWS Account Takeover: Discovering Critical Risks in PDF Generation Video Raunak Parmar#ssrf#aws#web-security+2
2024-12-12Tool demoBlackhat Damn Vulnerable Browser Extension (DVBE) - Knowing the risks of your Browser Supplements Source Code Abhinav Khanna, Krishna Chaganti#browser-security#web-security#web-pentesting
2024-11-21TalkSecurityfest UnRegister Me - Advanced Techniques for hunting and securing user registration vulnerabilities Video Priyank Nigam#web-security#appsec#iam
2024-11-15TalkC0c0n PCI 4.0, Javascript Security for product security teams Video Anand Kumar Ganesan, Mohammad Arif#web-security#secure-coding#application-pentesting+2
2024-08-30TalkHitbsecconf Exploiting the In-Vehicle Browser: A Novel Attack Vector in Autonomous Vehicles Presentation Video Ravi Rajput#web-security#security-assessment#exploitation+2
2024-08-10TalkDefcon Sneaky Extensions: The MV3 Escape Artists Video Vivek Ramachandran, Shourya Pratap Singh#web-security#security-assessment#application-pentesting+4
2024-04-18Tool demoBlackhat Damn Vulnerable Browser Extension (DVBE) - Unfold the risks for your Browser Supplements Source Code Abhinav Khanna#browser-security#web-security#vulnerability-assessment
2023-08-11TalkDefcon Generative Adversarial Network (GAN) based autonomous penetration testing for Web Applications Video Ankur Chowdhary#web-security#xss#application-pentesting+3
2023-08-06TalkC0c0n Mitigating SSRF at scale the right way with IMDSv2! Video Ayush Priya#web-security#api-security#aws+2
2022-09-24TalkC0c0n Raining CVEs on Wordpress plugins with Semgrep Shreya Pohekar, Syed Sheeraz Ali#web-security#static-analysis#sast+1
2022-09-24TalkC0c0n Web3 Security - Security in MetaVerse, and the new world of web3 Rohit Srivastwa#web3#decentralized-systems#smart-contracts+2
2022-03-25TalkInsomnihack Hook, Line and Sinker - Pillaging API Webhooks Video Abhay Bhargav#web-security#api-security#ssrf+1
2021-11-13TalkC0c0n Exploiting 2A(Authentication and Authorization) Vulnerabilities of Web Application Gayatri Nayak#web-security#authentication#authorization+2
2021-11-13TalkC0c0n Server-side javascript Injection Presentation Kavisha Sheth#web-security#secure-coding#web-pentesting
2020-11-21TalkAppsecindonesia Learn how to find and exploit race conditions in web apps with OWASP TimeGap Theory Abhi M Balakrishnan#web-security#owasp#application-pentesting+1
2020-11-11TalkPowerofcommunity My Hacking Adventures With Safari Reader Mode Presentation Nikhil Mittal 1#browser-security#ios-security#vulnerability-assessment+1
2020-10-01Tool demoBlackhat OWASP Python Honeypot Source Code Sri Harsha Gajavalli, Ali Razmjoo#web-security#owasp#security-assessment+1
2020-09-18TalkC0c0n Web Application hacking with WebZGround Video Parveen Yadav, Narendra Kumar#web-security#web-pentesting#security-assessment+3
2020-08-09TalkDefcon Running an appsec program with open source projects Presentation Video Vandana Verma Sehgal#owasp#secure-development#devsecops+3
2020-03-06Tool demoNullcon Wolverine Source Code Furqan Khan, Siddharth Anbalahan#linux#secure-coding#web-security+3
2019-10-11TalkTexascybersummit Exploit The State of Embedded Web Security in IoT Devices ! Aditya K Sood#iot-security-testing#web-security#embedded-security
2019-09-23TalkRootcon Identity crisis: war stories from authentication failures Presentation Video Vishal Chauhan#authentication#identity-management#vulnerability-assessment+3
2019-08-08TalkDefcon Phishing in the cloud era Presentation Ashwin Vamshi, Abhinav Singh#phishing#api-security#web-security+2
2019-05-28TalkSecurityfest Oh! Auth: Implementation pitfalls of OAuth 2.0 & the Auth Providers who have fell in it Video Samit Anwer#web-security#iam#appsec
2018-10-05TalkC0c0n DomGoat - the DOM Security Playground Source Code Lavakumar Kuppan#xss#web-security#input-validation+4
2018-10-04TalkConfidence Hacking 50 Million users using 123456 Aman Sachdev, Himanshu Sharma#web-security#authentication#ethical-hacking+2
2018-09-27TalkRootcon Defending cloud Infrastructures with Cloud Security Suite Presentation Source Code Video Shivankar Madaan#aws#secure-coding#web-security+2
2018-08-11Tool demoDefcon Sh00t—An open platform for manual security testers & bug hunters Source Code Pavan Mohan#security-assessment#bug-hunting#secure-coding+1
2018-06-04TalkConfidence From 123456 on a staging to compromising a multi-million dollar VC - The journey of us Red Teamers of a hack spanning over 200 days Himanshu Sharma, Aman Sachdev#red-teaming#ethical-hacking#security-assessment+2
2018-05-30TalkAuscert How to Bypass Authentication & Authorization Presentation Sarwar Jahan#authentication#authorization#web-security+1
2018-05-29Award Data Exfiltration via Formula Injection #Part1 Source Code Ajay Prashar, Balaji Gopal#data-leak#exploitation#web-security+1
2017-06-26Tool demoBlackhat DiffDroid Source Code Anto Joseph#android#security-assessment#web-security
2017-06-23TalkHackinparis Injecting Security into Web apps with Runtime Patching and Context Learning Presentation Video Ajin Abraham#blueteam#secure-development#sqli+4
2017-05-23TalkPhdays Injecting security into web apps in the runtime Presentation Ajin Abraham#blueteam#secure-development#sqli+4
2017-03-03TalkNullcon Injecting Security into Web apps with Runtime Patching and Context Learning Presentation Video Ajin Abraham#blueteam#secure-development#sqli+4
2017-01-25TalkOwaspappseccalifornia DASTProxy: Don’t let your automated security testing program stall on crawlInstead focus on business context Presentation Video Kiran Shirali, Srinivasa Rao Chirathanagandla#dynamic-analysis#dast#devsecops+2
2017-01-25TalkOwaspappseccalifornia OCSP Stapling in the Wild Video Devdatta Akhawe, Emily Stark#web-security#architecture#devsecops
2016-10-07TalkDeepsec Inside Stegosploit Presentation Video Saumil Shah#web-security#exploitation#security-assessment
2016-07-01TalkHackinparis DIFFDroid - Dynamic Analysis Made Easier for Android Source Code Video Anto Joseph#android#security-assessment#web-security
2016-03-15TalkGroundzerosummit Web App Security Harpreet Singh, Himanshu Sharma, Nipun Jaswal#web-security#api-security#secure-coding+3
2015-11-05TalkGroundzerosummit Sanctioned to Hack: Your SCADA HMIs Belong to Us! Aditya K Sood#ics-security#web-security#firmware-analysis+2
2015-10-25TalkToorcon PixelCAPTCHA – A Unicode Based CAPTCHA Scheme Gursev Singh Kalra#web-security#authentication#bypassing
2015-09-25TalkAppsecusa The State of Web Application Security in SCADA Web Human Machine Interfaces (HMIs)! Aditya K Sood#scada#hmi#web-security+1
2015-09-11Talk44con Stegosploit – Drive-by Browser Exploits using only Images Presentation Source Code Video Saumil Shah#steganography#red-teaming#web-security+1
2015-08-07TalkDefcon Hacker’s Practice Ground Video Lokesh Pidawekar#security-assessment#ethical-hacking#vulnerability-assessment+2
2015-05-28TalkHitbsecconf Stegosploit: Hacking With Pictures Presentation Saumil Shah#red-teaming#steganography#web-security
2015-03-27TalkSyscan Stegosploit - Hacking with Pictures Presentation Video Saumil Shah#steganography#red-teaming#web-security+1
2015-02-06TalkNullcon Pentesting a website with million lines of Javascript Presentation Lavakumar Kuppan, Ahamed Nafeez#web-security#security-assessment#application-pentesting+2
2015-01-27TalkOwaspappseccalifornia The Emperor’s New Password Manager: Security Analysis of Web-based Password Managers Video Devdatta Akhawe#web-security#xss#csrf+2
2014-09-25TalkVirusbulletin Optimized mal-ops. Hack the ad network like a boss Presentation Video Rahul Kashyap, Vadim Kotov#browser-security#web-security#malware-distribution+1
2014-08-21TalkUsenix The Emperor’s New Password Manager: Security Analysis of Web-based Password Managers Presentation Whitepaper Devdatta Akhawe, Zhiwei Li, Warren He, Dawn Song#web-security#xss#csrf+2
2014-03-27TalkBlackhat JS Suicide: Using JavaScript Security Features to Kill JS Security Presentation Video Ahamed Nafeez#web-security#red-teaming#csrfguard+1
2014-03-15TalkHitbsecconf JS Suicide: Using Javascript Security Features to Kill Itself Presentation Ahamed Nafeez#web-security#application-pentesting#code-review+3
2014-02-14TalkNullcon A security analysis of Browser Extensions Presentation Abhay Rana#browser-security#web-security#vulnerability-assessment
2014-02-14TalkNullcon phoneypdf: A Virtual PDF Analysis Framework Presentation Video Kiran Bandla#pdf#web-security#red-teaming+2
2013-08-15TalkUsenix Alice in Warningland: A Large-Scale Field Study of Browser Security Warning Effectiveness Presentation Whitepaper Devdatta Akhawe, Adrienne Felt#web-security#security-training#architecture+2
2013-07-31TalkBlackhat Javascript static security analysis made easy with JSPrime Presentation Whitepaper Source Code Video Nishant Das Patnaik, Sarathi Sabyasachi Sahoo#web-security#blueteam#application-hardening+4
2013-03-01TalkNullcon Automating JavaScript Static Analysis Lavakumar Kuppan#web-security#security-assessment#blueteam
2012-10-25TalkAppsecusa Cross Site Port Scanning Video Riyaz Walikar#web-security#owasp#api-security
2012-09-28TalkNullcon Alert(/xss/) - How to catch an XSS before someone exploits / reports it? Ahamed Nafeez#web-security#xss#secure-coding+2
2012-09-26TalkNullcon How secure is internet banking in India Video Ajit Hatti#web-security#authentication#financial-institutions+1
2012-08-03TalkC0c0n Evil JavaScript Bishan Singh#red-teaming#web-security#application-pentesting+4
2012-07-26Tool demoBlackhat Bypassing Every CAPTCHA provider with clipcaptcha Source Code Gursev Singh Kalra#web-security#bypassing#security-tools
2012-07-14TalkHope Advancements in Botnet Attacks and Malware Distribution Video Aditya K Sood#botnet#web-security#reverse-engineering+1
2012-05-13TalkCarolinacon Attacking CAPTCHAs for Fun and Profit Gursev Singh Kalra#web-security#bypassing#exploitation
2012-03-15TalkNullcon An App(le) a day keeps the wallet away Antriksh Shah#security-assessment#web-security#api-security+1
2012-03-02Award CAPTCHA Re-Riding Attack Source Code Gursev Singh Kalra#web-security#bypassing#authentication
2012-02-15TalkNullcon Content sniffing Algorithm bypassing techniques and possible attack vectors Video Anil Aphale, Chaitany Kamble#red-teaming#xss#web-security+2
2012-02-15TalkNullcon Javascript static analysis with IronWASP Presentation Video Lavakumar Kuppan#web-security#security-assessment#blueteam
2012-02-15TalkNullcon Node.js: The good, bad and ugly Video Bishan Singh#web-security#red-teaming#blueteam+1
2011-11-17Award CAPTCHA Hax With TesserCap Source Code Gursev Singh Kalra#web-security#bypassing#authentication
2011-09-06TalkSecuritybyte Application Security Strategies Presentation K K Mookhey#secure-coding#secure-development#web-security+3
2011-09-06TalkSecuritybyte Enabling Un-trusted Mashups Presentation Bishan Singh#web-security#xss#csrf+4
2011-09-06TalkSecuritybyte Security Threats on Social Networks Presentation Nithya Raman#social-engineering#web-security#security-training+1
2011-08-03TalkBlackhat Reverse Engineering Browser Components: Dissecting and Hacking Silverlight, HTML 5 and Flex Presentation Whitepaper Video Shreeraj Shah#reverse-engineering#ajax#web-security+1
2010-11-11TalkBlackhat Attacking with HTML5 Presentation Lavakumar Kuppan#web-security#xss#web-pentesting+1
2010-10-13TalkHitbsecconf Hacking a Browser’s DOM – Exploiting Ajax and RIA Presentation Video Shreeraj Shah#red-teaming#web-security#ajax+3
2010-06-18TalkSyscan REVERSE ENGINEERING WEB 2.0 APPLICATIONS Shreeraj Shah#reverse-engineering#ajax#web-security+1
2010-03-15TalkBlackhat 400 Apps in 40 Days Presentation Video Nish Bhalla, Sahba Kazerooni#risk-management#application-pentesting#attack-surface+1
2009-05-19TalkSyscan Securing Enterprise Applications Shreeraj Shah#web-security#ajax#xss+4
2008-10-29TalkHitbsecconf Top 10 Web 2.0 Attacks Presentation Video Shreeraj Shah#web-security#ajax#xss+4
2008-04-16TalkHitbsecconf Securing Next Generation Applications – Scan, Detect and Mitigate Shreeraj Shah#web-security#ajax#xss+4
2007-11-20TalkDeepsec Web 2.0 Application Kung-Fu - Securing Ajax & Web Services Presentation Video Shreeraj Shah#ajax#web-security#blueteam
2007-09-06TalkHitbsecconf Hacking Ajax and Web Services – Next Generation Web Attacks on the Rise Presentation Video Shreeraj Shah#red-teaming#ajax#web-security
2007-04-05TalkHitbsecconf WEB 2.0 Hacking – Defending Ajax and Web Services Presentation Shreeraj Shah#red-teaming#blueteam#purpleteam+2
2007-03-15TalkBlackhat Exploit-Me Series – Free Firefox Application Penetration Testing Suite Launch Presentation Video Nish Bhalla, Rohit Sethi#web-security#xss#sql-injection+4
2006-08-02TalkBlackhat SQL Injections by Truncation Presentation Bala Neerumalla#web-security#sql-injection#secure-coding
2005-06-10TalkSyscan .Net Web Security-Attack And Defense Shreeraj Shah#.net#web-security#web-pentesting