2022 | Hackers of India

2022

Dec 08- Blackhat(Arsenal)- Tool demo- ThunderCloud: Attack Cloud Without Keys!- - Shivankar Madaan
Dec 08- Blackhat(Arsenal)- Tool demo- Node Security Shield - A Lightweight RASP for NodeJS Applications- - Lavakumar Kuppan, Sukesh Pappu
Dec 08- Blackhat- Panel- Locknote: Conclusions and Key Takeaways from Day 2- Anant Shrivastava, Jeff Moss, Jiska Classen, Leigh Anney Galloway, Federico Maggi
Dec 08- Blackhat(Arsenal)- Tool demo- Industrial Control Systems: Capture the Train!- Dhruv Sharan, Arnaud Soullié
Dec 08- Blackhat- Talk- Exploring a New Class of Kernel Exploit Primitive- - Rohit Mothe, Andrew Ruddick
Dec 07- Blackhat(Arsenal)- Tool demo- vAPI: Vulnerable Adversely Programmed Interface- - Tushar Kulkarni
Dec 07- Blackhat(Arsenal)- Tool demo- Patronus: Swiss Army Knife SAST Toolkit- - Akhil Mahendra, Akshansh Jaiswal, Ashwin Shenoi
Dec 07- Blackhat(Arsenal)- Tool demo- h0neytr4p - How to catch the external threat actors with an easy to configure Honeypot.- - Subhash Popuri
Dec 07- Blackhat- Talk- Cross-Contract Ricochet Attacks & Off-Chain-On-Chain Manipulation of Billion Dollar NFT Collections- - Nitesh Dhanjani
Sep 29- Brucon- Talk- 0wn-premises: Bypassing Microsoft Defender for Identity- - Nikhil Mittal
Sep 28- Rootcon- Talk- Gazing into the Crystal Ball - The Fog of Cyberwarfare Escalations- Harshit Agrawal
Sep 24- C0c0n- Talk- Web3 Security - Security in MetaVerse, and the new world of web3- Rohit Srivastwa
Sep 24- C0c0n- Talk- Weaponising Social Media for Psychological Operations- A a Gafoor
Sep 24- C0c0n- Talk- Towards an Effective Intrusion Detection System Framework for Multi-Channel Man-in-the-Middle attacks Against Protected Wi-Fi Networks- Manesh Thankappan
Sep 24- C0c0n- Talk- Rationalizing Cyber Security Risk in Risk Language- Anish Koshy
Sep 24- C0c0n- Panel- Ransom Trends in India- Pardhasaradhi Ch, Srikanta Prasad, Jacxine Fernandez, Diwakar Sheoran
Sep 24- C0c0n- Talk- Raining CVEs on Wordpress plugins with Semgrep- Shreya Pohekar, Syed Sheeraz Ali
Sep 24- C0c0n- Talk- Power of Narratives in Cyber Security- Sunil Varkey
Sep 24- C0c0n- Talk- OSINT Tools and Techniques- Brijesh Singh
Sep 24- C0c0n- Talk- Need for Advanced SOC- Vijayakumar K M
Sep 24- C0c0n- Panel- MoonWorking’ and associated legal, ethical, security aspects- Georgie Kurien, Sreekumar Balachandran, Sony A, Robin Joy
Sep 24- C0c0n- Talk- Know Your Organization? : Mapping Entities in Google Workspace- Manish Gupta, Yash Bharadwaj
Sep 24- C0c0n- Talk- Introduction to RFID/NFC Hacking- Davis Sojan
Sep 24- C0c0n- Talk- In production with GRC for cloud- Mahesh Kalyanaraman
Sep 24- C0c0n- Talk- Deep Learning to detect Network Attacks- Varun Kohli
Sep 24- C0c0n- Panel- Data sovereignty - Challenges and the road ahead- Sanjeev Sharma, Saranga Rajan, A Muralidhar, Jojy Joy
Sep 24- C0c0n- Talk- Cyber Defence and Role of private players - public private partnership- Jasbir Singh Solanki
Sep 24- C0c0n- Talk- Cryptocurrency Forensics- Bhushan Gulabrao Borase
Sep 24- C0c0n- Talk- Citizen Mobile Security (ICAMPS)- Satyendra Verma
Sep 24- C0c0n- Talk- CANalyse: A Vehicle Network Analysis and Attack Tool- Kartheek Lade
Sep 24- C0c0n- Talk- Building Smart, Resilient and Sustainable Cyber Eco System- Navin Kumar Singh
Sep 24- C0c0n- Talk- BEC, still the sure shot trap- Georgie Kurien
Sep 23- C0c0n- Panel- What ails the Indian cybersecurity startup ecosystem?- Sunil Varkey, Ajit Hatti, Akash Mahajan, Aseem Jakhar, Shubham Mittal
Sep 23- C0c0n- Talk- TropicTrooper : Targets high profile victims using newly discovered MQTT backdoor- Saurabh Sharma, Noushin Shabab
Sep 23- C0c0n- Talk- Tracking the Bad guys. An interesting story of how the criminal underground operates- Aarushi Koolwal, Anjana Sathyan
Sep 23- C0c0n- Talk- Threats Landscape and Intelligence of API & Shield to protect- Navaneethan M
Sep 23- C0c0n- Talk- Technological Reliance for Resilience- Tulika Pandey
Sep 23- C0c0n- Talk- Startup Ecosystem and Investments in Post Covid Era- Sunil Kanchi
Sep 23- C0c0n- Talk- Securing your APIs for a cloud native future- Navendu Pottekkat
Sep 23- C0c0n- Talk- Rolling out Central Bank Digital Currency - Technical Design Considerations- Sunil Raveendran
Sep 23- C0c0n- Talk- Ransomware: Prevention, Early Detection and Response- Babitha Bp
Sep 23- C0c0n- Talk- Pwning Android Apps at Scale- Sparsh Kulshrestha, Shashank Barthwal
Sep 23- C0c0n- Talk- Maximizing ROI on cyber security investments: Do you think Adversary Simulation OR Purple teaming holds the key?- - Abhijith B R
Sep 23- C0c0n- Talk- Log4j vulnerability continuous to be favourite for APT groups through mid 2022- Niranjan Jayanand
Sep 23- C0c0n- Talk- Hyperledger Fabric & Ethereum Apps: Security Deep Dive- Alex Devassy, Dhanith Krishna
Sep 23- C0c0n- Talk- Hacking SmartContracts- Anto Joseph
Sep 23- C0c0n- Panel- Digital Apocalypse: Emerging cybersecurity challenges and future Crimes- Nidhish Bhatnagar, Amit Dubey, Philip Varughese Vayarakunnil, Rahul Sasi, Saranga Rajan, Suhel Daud
Sep 23- C0c0n- Talk- Cybersecurity for Manufacturing- Santhosh Srinivasan
Sep 23- C0c0n- Panel- Cybersecurity Dissonance: Perception vs Reality- Dinesh O Bareja, George Eapen, Jairam Ramesh, Rajesh Hemrajani, Suresh Sharma
Sep 23- C0c0n- Panel- Customer, Credit & Risk - Fintech trends 2022- Maya R Nair, Balakrishnan A, A Shiju Rawther, Linson Paul, Shivanath Somanathan
Sep 23- C0c0n- Talk- Common Misconfigurations in your Kubernetes Cluster and What can you do about it?- Kumar Ashwin
Sep 23- C0c0n- Talk- Collaborative efforts for safe digital banking- Biju K
Sep 23- C0c0n- Talk- Building a Safer and Innovative Digital Ecosystem- Vijay Pamarathi
Sep 23- C0c0n- Talk- Bridging the gap between Security and Operations- Sujay Rajashekar Gundagatti
Sep 23- C0c0n- Talk- Battle of 300 Crore - how they lost it and got most of it back- Prashant Choudhary
Sep 23- C0c0n- Talk- Attacking connected industries in 5G networks- Altaf Shaik
Sep 23- C0c0n- Talk- A Tale of Credential Leak of a Popular Cloud Threat Actor- Nitesh Surana
Sep 08- Nullcon- Tool demo- ZaaS: [OWASP] ZAP As A Service - Continous Security For 20K+ APIs- - Rohit Sehgal, Varun Kakumani
Sep 08- Nullcon- Talk- Web3.0 - Smart Contracts Could Be Leaky- - Riddhi Shree
Sep 08- Nullcon- Talk- vPrioritizer: Art of Risk Prioritization- - Pramod Rana
Sep 08- Nullcon- Tool demo- Vajra - Your Weapon To Cloud- - Raunak Parmar
Sep 08- Nullcon- Talk- The Different Faces Of macOS Malware: Detecting Anomalies In A Poisoned Apple- - Amit Malik, Pratik Jeware
Sep 08- Nullcon- Talk- Raining CVEs On WordPress Plugins With Semgrep- - Shreya Pohekar, Syed Sheeraz Ali
Sep 08- Nullcon- Talk- Pushing Security Left By Mutating Byte Code- - Gaurav Gogia
Sep 08- Nullcon- Talk- Handling A Bug Bounty program From A Blue Team Perspective- - Ashwath Kumar, Ankit Anurag
Sep 08- Nullcon- Talk- Hack the Source: Securing Open Source Software – One bug at a time- - Sandeep Singh, Laurie Mercer
Sep 08- Nullcon- Talk- Automate Your Whatsapp Chats- - Aditi Bhatnagar
Sep 07- Nullcon- Talk- Unearthing Malicious And Other “Risky” Open-Source Packages Using Packj- - Devdutt Patnaik, Ashish Bijlani
Sep 07- Nullcon- Talk- Scale hacking to secure your cloud and beyond- - Anand Prakash
Sep 07- Nullcon- Talk- Honey, I Just Put The Hospital On A Ventilator! - DICOM And Its Pitfalls- - Shyam Sundar Ramaswami, Rakesh Mahanthi
Sep 07- Nullcon- Talk- Hacking Android Foreground Services Escalation Of Privileges- - Rony Das
Sep 07- Nullcon- Talk- Hacking 5G Is No Rocket Science- - Altaf Shaik, Matteo Strada
Sep 07- Nullcon- Talk- Hack The Bridge- - Anto Joseph
Sep 07- Nullcon- Talk- ElectroVolt: Pwning Popular Desktop Apps While Uncovering New Attack Surface On Electron- - Mohan Sri Rama Krishna Pedhapati, Maxwell Garrett
Sep 07- Nullcon- Talk- Do PDF Tools Conform To The Specification?- - Prashant Anantharaman
Sep 06- Nullcon- Panel- Unlocking Security Collaboration With Cyber Threat Intelligence- - Avkash Kathiriya, Varun Singla, Mathan Babu Kasilingam, Amol Naik
Sep 06- Nullcon- Panel- Securing India The CERTIn Way- - Saikat Datta, Sanjay Bahl, Ajit Menon, Anuprita Daga
Sep 06- Nullcon- Panel- Secure Service Edge (SSE): Challenges & Upsides of Adoption- - Rahul Neel Mani, Anuprita Daga, Rajesh Hemrajani
Sep 06- Nullcon- Panel- PAM Maturity From Zero Trust To Least Privilege- - Ajay Bongirwar, Charanjit Bhatia, Bala Ramanan
Sep 06- Nullcon- Panel- IoT Supply Chain Blues and the way forward- - Aseem Jakhar, Kedar Sovani, Anantharaman Iyer, Suvabrata Sinha, Sudarshan Rajagopal, Sachin Jain
Sep 06- Nullcon- Panel- Impact of disruptive technologies on CISO’s career & progression- - Burgess Cooper, Sandeep Karan, Jacxine Fernandez, Ravi Kumar, Ankur Bhargava
Sep 06- Nullcon- Panel- Does your SOC sucks?- - Krishna Pandey, Shweta Kshirsagar, Vivek Gopalan, Yogi Kapur
Sep 06- Nullcon- Panel- Consumer Tech Bug Bounty Panel: Hear from the Program Managers- - Sandeep Singh, Rishika Hooda, Omar Benbouazza
Sep 06- Nullcon- Panel- Cloud Services for Financial Inclusion: Possibilities & Challenges- - Nandkumar Saravade, Ganesh Ar, Himanshu Das, Navin Kumar Singh
Sep 06- Nullcon- Panel- Securing the Software- - Mrudul Uchil, Abhisek Datta, Harish Goel, Matthew Bohne
Aug 26- Hitbsecconf- Talk- CAN A FUZZER MATCH A HUMAN- - Bhargava Shastry
Aug 25- Hitbsecconf- Talk- MPT: Pentest In Action- - Jyoti Raval
Aug 25- Hitbsecconf- Talk- Building An Army Of Bots By Hijacking A Unicorn’s Twitter Handle- - Rahul Sasi, Vishal Singh
Aug 14- Defcon(Ics Village)- Talk- Tales from the trenches - why organizations struggle to get even the basics of OT asset visibility & detection right- Vivek Ponnada
Aug 13- Defcon(Adversary Village)- Panel- Who doesn’t like a little Spice? Emulation Maturity, Team Culture and TTPs- Niru Ragupathy
Aug 12- Defcon(Ics Village)- Talk- Stop worrying about Nation-States and Zero-Days; let’s fix things that have been known for years- - Vivek Ponnada
Aug 12- Defcon(Appsec Village)- Panel- Agility Broke AppSec. Now It’s Going to Fix It.- - Vandana Verma Sehgal, Roy Erlich, Emil Vaagland, Seth Kirschner
Aug 11- Thedianainitiative- Talk- The Real Cost of Free: What you need to know before downloading a free app- - Ruchira Pokhriyal
Aug 11- Blackhat- Talk- RollBack - A New Time-Agnostic Replay Attack Against the Automotive Remote Keyless Entry Systems- - Soundarya Ramesh, Levente Csikor, Hoon Wei Lim, Jun Wen Wong, Rohini Poolat Parameswarath, Chan Mun Choon
Aug 11- Blackhat(Arsenal)- Tool demo- Patronus: Swiss Army Knife SAST Toolkit- - Akhil Mahendra, Akshansh Jaiswal, Ashwin Shenoi
Aug 11- Blackhat(Arsenal)- Tool demo- Octopii - AI-powered Personal Identifiable Information (PII) scanner- - Owais Shaikh
Aug 11- Blackhat- Talk- Eliminating Triage Intermediaries for Zero-day Exploits Using a Decentralised Payout Protocol- - Subhechha Subudhi, Clara Maine, Akke Toeter, Victoria Bosch
Aug 11- Blackhat- Talk- ElectroVolt: Pwning Popular Desktop Apps While Uncovering New Attack Surface on Electron- - Mohan Sri Rama Krishna Pedhapati, Aaditya Purani, Max Garrett, William Bowling
Aug 11- Thedianainitiative- Talk- Connecting Dots Between Security Teams & Customer Expectations- - Shruthi Kamath
Aug 10- Blackhat(Arsenal)- Tool demo- Vajra - Your Weapon To Cloud- - Raunak Parmar
Aug 10- Blackhat- Talk- The Open Threat Hunting Framework: Enabling Organizations to Build, Operationalize, and Scale Threat Hunting- - Sameer Koranne, John Dwyer, Neil Wyler
Aug 10- Blackhat(Arsenal)- Tool demo- ReconPal: Leveraging NLP for Infosec- - Jeswin Mathai, Shantanu Kale, Sherin Stephen
Aug 10- Blackhat(Arsenal)- Tool demo- ParseAndC 2.0 – We Don’t Need No C Programs (for Parsing)- - Parbati Kumar Manna
Aug 10- Blackhat(Arsenal)- Tool demo- Node Security Shield - A Lightweight RASP for NodeJS Applications- - Lavakumar Kuppan, Sukesh Pappu
Aug 10- Blackhat(Arsenal)- Tool demo- HazProne : Cloud Hacking- - Devansh Patel, Staford Titus S
Aug 10- Blackhat(Arsenal)- Tool demo- CASPR - Code Trust Audit Framework- - Ajit Hatti
Aug 10- Blackhat(Arsenal)- Tool demo- CANalyse (2.0): A vehicle network analysis and attack tool- - Kartheek Lade, Rahul Jeyasingh
Aug 10- Blackhat(Arsenal)- Tool demo- AzureGoat : A Damn Vulnerable Azure Infrastructure- - Jeswin Mathai, Nishant Sharma, Rachna Umaraniya
Aug 10- Blackhat(Arsenal)- Tool demo- AWSGoat : A Damn Vulnerable AWS Infrastructure- - Nishant Sharma, Jeswin Mathai, Sanjeev Mahunta
Aug 10- Blackhat- Talk- Attacks From a New Front Door in 4G & 5G Mobile Networks- - Altaf Shaik, Shinjo Park, Matteo Strada
Aug 10- Blackhat(Arsenal)- Tool demo- ArcherySec - Manage and Automate your Vulnerability Assessment- - Anand Tiwari
Aug 10- Blackhat(Arsenal)- Tool demo- Adhrit: Android Security Suite- - Amrudesh Balakrishnan, Rahul Sani, Abhishek Jm
Jul 24- Maycontainhackers- Talk- No Permissions Needed!- - Aditi Bhatnagar
Jul 23- Maycontainhackers- Talk- How would a real life social media be like?- Aditi Bhatnagar
Jul 23- Hope- Talk- Combating Ransom-War: Evolving Landscape of Ransomware Infections in Cloud Databases- - Aditya K Sood
Jun 07- Rsac- Talk- Continuous Security - Integrating Pipeline Security- - Vandana Verma Sehgal
Jun 01- Securityfest- Talk- Exploitation and automated detection of threats to modern cloud infrastructure- - Krishnaa Srinivasa, Maithri Nadig
May 18- Cansecwest- Talk- Launching EMUX - A framework for emulating ARM and MIPS IoT Devices- - Saumil Shah
May 18- Phdays- Panel- Challenges for cybersecurity conferences. Part II- Aseem Jakhar, Timur Yunusov, Igor Lukic, Dhillon Andrew Kannabhiran
May 12- Blackhat(Arsenal)- Tool demo- ThunderCloud: Attack Cloud Without Keys!- - Shivankar Madaan
May 12- Blackhat(Arsenal)- Tool demo- ReconPal: Leveraging NLP for Infosec- - Jeswin Mathai, Shantanu Kale, Sherin Stephen
May 12- Blackhat(Arsenal)- Tool demo- Patronus: Swiss Army Knife SAST Toolkit- - Akhil Mahendra, Akshansh Jaiswal, Ashwin Shenoi
May 12- Blackhat- Talk- Non-Intrusive Vulnerability Localization and Hotpatching for Industrial Control Systems- - Prashant Rajput, Michail Maniatakos
May 12- Blackhat(Arsenal)- Tool demo- Node Security Shield- - Lavakumar Kuppan, Sukesh Pappu
May 12- Blackhat(Arsenal)- Tool demo- Nightingale: Docker for Pentesters- - Raja Nagori
May 12- Blackhat(Arsenal)- Tool demo- Mitigating Open Source Software Supply Chain Attacks- - Ajinkya Rajput, Ashish Bijlani
May 12- Blackhat- Panel- Locknote: Conclusions and Key Takeaways from Black Hat Asia 2022- Vandana Verma Sehgal, Jeff Moss, Ryan Flores, Lidia Giuliano, Stefano Zanero
May 12- Blackhat- Keynote- Keynote: #HackingDemocracy: Will Our Societies Hold?- Samir Saran
Apr 08- Nullcon- Panel- Digital Identity In The Age Of Fintech- - Sheetal Joseph, Alessandro Avagliano, Guido Reismueller, Benoit Flippen, Travis Carelock
Apr 08- Nullcon- Talk- Bheem OS - A next-generation reasonably secure OS using Rust MicroVM- - Akram Ansari, Subash Sn
Apr 08- Nullcon- Talk- Attack Surfaces for 5G Networks- - Altaf Shaik

2022nd