2025
-
Apr 04-
Blackhat(Arsenal)-
Tool demo-
MORF - Mobile Reconnaissance Framework-
-
Amrudesh Balakrishnan, Abhishek Jm, Himanshu Das
2024
-
Dec 12-
Blackhat(Arsenal)-
Tool demo-
RedCloud OS : Cloud Adversary Simulation Operating System-
-
Yash Bharadwaj, Manish Gupta
-
Dec 12-
Blackhat(Arsenal)-
Tool demo-
MPT: Pentest In Action!-
-
Jyoti Raval
-
Dec 12-
Blackhat(Arsenal)-
Tool demo-
MORF - Mobile Reconnaissance Framework-
-
Amrudesh Balakrishnan, Abhishek Jm, Himanshu Das
- Dec 12- Blackhat- Panel- Locknote: Conclusions and Key Takeaways from Black Hat Europe 2024- Vandana Verma Sehgal, Jeff Moss, Stefano Zanero, James Forshaw, Meadow Ellis
-
Dec 12-
Blackhat(Arsenal)-
Tool demo-
Halberd : Cloud Security Testing Tool-
-
Arpan Abani Sarkar
-
Dec 12-
Blackhat(Arsenal)-
Tool demo-
GoatPen: Hack, Hone, Harden-
-
Nishant Sharma, Shantanu Kale
-
Dec 12-
Blackhat(Arsenal)-
Tool demo-
Genzai - The IoT Security Toolkit-
-
Umair Nehri
-
Dec 12-
Blackhat(Arsenal)-
Tool demo-
DarkWidow: Customizable Dropper Tool Targeting Windows-
-
Soumyanil Biswas
-
Dec 12-
Blackhat(Arsenal)-
Tool demo-
Damn Vulnerable Browser Extension (DVBE) - Knowing the risks of your Browser Supplements-
-
Abhinav Khanna, Krishna Chaganti
-
Dec 12-
Blackhat(Arsenal)-
Tool demo-
Cloud Offensive Breach and Risk Assessment (COBRA)-
-
Harsha Koushik, Anand Tiwari
-
Dec 11-
Blackhat-
Talk-
The CVSS Deception: How We’ve Been Misled on Vulnerability Severity-
-
Ankur Sand -
Dec 11-
Blackhat(Arsenal)-
Tool demo-
SCAGoat - Exploiting Damn Vulnerable SCA Application-
-
Hare Krishna Rai, Gaurav Joshi, K v Prashant
- Dec 11- Blackhat(Arsenal)- Tool demo- Open Source Tool to Shift Left Security Testing by Leveraging AI- Shivam Rawat, Shivansh Agrawal
-
Dec 11-
Blackhat(Arsenal)-
Tool demo-
findmytakeover - find dangling domains in a multi cloud environment-
-
Aniruddha Biyani
-
Dec 11-
Blackhat(Arsenal)-
Tool demo-
Android BugBazaar: Your mobile appsec playground to Explore, Exploit, Excel-
-
Amit Parjapat, Vedant Wayal
-
Dec 11-
Blackhat(Arsenal)-
Tool demo-
Agneyastra - Firebase Misconfiguration Detection Toolkit-
-
Bhavarth Karmarkar, Devang Solanki
-
Dec 11-
Blackhat(Arsenal)-
Tool demo-
Active Directory Cyber Deception using Huginn-
-
Rohan Durve, Paul Laine
-
Nov 21-
Securityfest-
Talk-
Wheels of Wonder-
-
Hrishikesh Somchatwar -
Nov 21-
Securityfest-
Talk-
UnRegister Me - Advanced Techniques for hunting and securing user registration vulnerabilities-
-
Priyank Nigam
- Nov 21- Deepsec- Talk- Hacking with Physics v2.0- Hrishikesh Somchatwar
-
Nov 21-
Securityfest-
Talk-
Breaking Container Boundary Using Side Channel Attack-
-
Adhokshaj Mishra
- Nov 16- C0c0n- Talk- Who is holding the Marauders map?- Maya R Nair
- Nov 16- C0c0n- Panel- When Falcon Strikes Back: The Defender’s Dilemma- Burgess Cooper, Shivkumar Pandey, A Shiju Rawther, Padnya Manwar, Kishan Kendre
-
Nov 16-
C0c0n-
Talk-
We got the Shiny SBoM; what next?-
-
Anant Shrivastava
- Nov 16- C0c0n- Panel- Transitioning from CTF to real world VAPT- Aseem Jakhar, Akhilesh Variar, Dhruv Bisani, Anant Shrivastava
-
Nov 16-
C0c0n-
Talk-
The subtle art of checkmating CISOs-
-
Sunil Varkey
- Nov 16- C0c0n- Talk- The Stealth Code Conspiracy: Unmasking Hidden Threats in CI/CD Pipelines- Arpith Rajagopal, Suchith Narayan
- Nov 16- C0c0n- Talk- Serverless Phishing Factory: Automate, Attack, Adapt- Yash Bharadwaj, Manish Gupta
- Nov 16- C0c0n- Talk- Ride on the House - Exploiting Public Transport Ticketing Systems for Free Rides- Rakesh Seal, Diptisha Samanta
- Nov 16- C0c0n- Panel- Post-Quantum Security: Balancing Opportunities and Overcoming Challenges- Anant Shrivastava, Sapan Talwar, Ajit Hatti, Sridhar Govardhan, Abhilasha Vyas
- Nov 16- C0c0n- Talk- Old Bugs, New Tricks: How N-Day Vulnerabilities Are Fueling Today’s Threat Landscape- Dharani Sanjaiy
- Nov 16- C0c0n- Talk- KEY NOTE- Navin Kumar Singh
- Nov 16- C0c0n- Talk- Hacking the Non-Windows Frontier: Thick Client Pentesting on Linux & Mac- Ajay Sk
- Nov 16- C0c0n- Talk- Breach of the borderless: Cyber threat actors targeting India’s cyberspace- Abhijith B R
- Nov 16- C0c0n- Talk- Active Directory Deception Strategies- Madhukar Raina, Sayan Mitra
- Nov 16- C0c0n- Talk- Access for Sale: Inside the World of Ransomware Affiliates and Initial Access Brokers- Nihar Sawant, Jaydev Joshi
- Nov 16- C0c0n- Talk- Invisible Invaders: Bypassing Email Security with Legitimate Tools- Dhruv Bisani
- Nov 15- C0c0n- Panel- The Pager Attack: A Wake-Up Call for Global Cyber Defense Strategies- Aseem Jakhar, M Nagarajan, Tarun Wig, Philip Varughese Vayarakunnil, Nikhil Shrivastava
- Nov 15- C0c0n- Talk- Remote Whispers of Mobile Sim- Vipin Kumar
-
Nov 15-
C0c0n-
Talk-
PCI 4.0, Javascript Security for product security teams-
-
Anand Kumar Ganesan, Mohammad Arif
-
Nov 15-
C0c0n-
Talk-
Know your Enemies: Deep Dive into Ransomware Threat Groups-
-
Niranjan Jayanand
- Nov 15- C0c0n- Panel- Intelligence led security- Midhun Babu, Sameer Ratolikar, M v Sheshadri, A Shiju Rawther, Maya R Nair, Balakrishnan A
-
Nov 15-
C0c0n-
Talk-
Hackers highway: Uncovering vulnerabilities hidden behind every car’s license plate-
-
Kartik Lalan
-
Nov 15-
C0c0n-
Talk-
GenAI and Autonomous Security in the Age of Zero Trust-
-
Philip Varughese Vayarakunnil
-
Nov 15-
C0c0n-
Talk-
CISO’s take on BYOAI-
-
Venugopal Parameswara
- Nov 15- C0c0n- Talk- Breaking the Defences: In-Depth Analysis of EDR and AV Tampering Techniques- Adrip Mukherjee, Vinay Kumar
- Nov 15- C0c0n- Talk- Automated Security Engineer Co-Pilot: Leveraging Large Language Models for Enhanced Code Security- Ashwath Kumar, Hariprasad Pujari
-
Nov 15-
C0c0n-
Talk-
[Yodha] SCAGoat - Software Composition Analysis (SCA) Vulnerability Exploration Tool-
-
Gaurav Joshi, Hare Krishna Rai
-
Nov 15-
C0c0n-
Talk-
[Yodha] RedCloud : A Multi-Cloud Hacking OS-
-
Yash Bharadwaj, Manish Gupta
-
Nov 15-
C0c0n-
Talk-
[Yodha] Nightingale: Docker for Pentesters-
-
Raja Nagori
- Nov 06- Blackalps- Talk- IDAT Loader: The Malware’s Camouflaged Weapon- Niranjan Jayanand
-
Oct 29-
Blackhat-
Talk-
Hacking Deepfake Image Detection System with White and Black Box Attacks-
-
Sagar Bhure
-
Oct 23-
Blackhat(Arsenal)-
Tool demo-
R0fuzz: A Collaborative Fuzzer-
-
Season Cherian, Vishnu Dev, Vivek N J
-
Oct 23-
Blackhat-
Talk-
Guardians of the OAuth Galaxy: Defending Your Organization from OAuth Application Attacks-
-
Shruti Ranjit, Mangatas Tondang
-
Oct 23-
Blackhat(Arsenal)-
Tool demo-
eBPFShield: Unleashing the Power of eBPF for OS Kernel Exploitation and Security-
-
Sagar Bhure
-
Oct 23-
Blackhat(Arsenal)-
Tool demo-
DarkWidow: Customizable Dropper Tool Targeting Windows-
-
Soumyanil Biswas
- Oct 23- Blackhat(Arsenal)- Tool demo- Cyber Arsenal47- Simardeep Singh
-
Oct 02-
Virusbulletin-
Talk-
From code to crime: exploring threats in GitHub Codespaces-
-
Nitesh Surana, Jaromir Horejsi -
Oct 02-
Virusbulletin-
Talk-
Arming WinRAR: deep dive into APTs exploiting WinRAR’s 0-day vulnerability - a SideCopy case study-
-
Sathwik RAM Prakki
-
Sep 26-
Rootcon-
Talk-
How to have visibility and security OF CICD ecosystem-
-
Pramod Rana
-
Sep 20-
44con-
Talk-
Unveiling the ghosts of mobile networks: When will old bugs die?-
-
Altaf Shaik
-
Aug 30-
Hitbsecconf-
Talk-
Exploiting the In-Vehicle Browser: A Novel Attack Vector in Autonomous Vehicles-
-
Ravi Rajput
-
Aug 29-
Hitbsecconf-
Tool demo-
Mantis-
-
Bharath Kumar, Akshay Jain
-
Aug 29-
Hitbsecconf-
Tool demo-
eBPFShield-
-
Sagar Bhure
-
Aug 29-
Hitbsecconf-
Talk-
COMMSEC: CoralRaider Targets Victims Data and Social Media Accounts-
-
Chetan Raghuprasad, Joey Chen
-
Aug 29-
Hitbsecconf-
Tool demo-
CICDGuard-
-
Pramod Rana
- Aug 29- Hitbsecconf- Tool demo- AI Assisted Code Reviewer- Rajanish Pathak, Hardik Mehta
-
Aug 15-
Usenix-
Talk-
TYGR: Type Inference on Stripped Binaries using Graph Neural Networks-
-
Aravind Machiry, Adam Doupe, Chang Zhu, Yibo Liu, Ruoyu Wang, Tiffany Bao, Yan Shoshitaishvili, Ati Bajaj, Wil Gibbs, Ziyang Li, Anton Xue, Rajeev Alur, Hanjun Dai, Mayur Naik
-
Aug 14-
Usenix-
Talk-
Shesha: Multi-head Microarchitectural Leakage Discovery in new-generation Intel Processors-
-
Anirban Chakraborty, Nimish Mishra, Debdeep Mukhopadhyay
-
Aug 10-
Defcon-
Talk-
Techniques for Creating Process Injection Attacks with Advanced Return-Oriented Programming-
-
Shiva Shashank, Bramwell Brizendine
-
Aug 10-
Defcon(Adversary Village)-
Talk-
Sneaky Extensions: The MV3 Escape Artists-
-
Vivek Ramachandran, Shourya Pratap Singh
-
Aug 10-
Defcon-
Talk-
Compromising an Electronic Logging Device and Creating a Truck2Truck Worm-
-
Rik Chatterjee, Jake Jepson
- Aug 10- Defcon(Makers Community)- Panel- Color Blasted Badge Making: How Hard Could It Be ?- Abhinav Panda, Hamster, Bradan Lane
-
Aug 09-
Defcon(Bug Bounty Village)-
Talk-
Reflections on a Decade in Bug Bounties: Experiences and Major Takeaways-
-
Nikhil Shrivastava, Charles Waterhouse
- Aug 09- Defcon(Adversary Village)- Panel- Formidable Adversaries: Responding to Breaches, Ransomware, and State-Sponsored Threat Actors- Abhijith B R, Nikhil Mittal, Adam Pennington, Ken Kato, Ashley Stryker
-
Aug 09-
Defcon-
Talk-
Breaking Secure Web Gateways (SWG) for Fun and Profit-
-
Vivek Ramachandran, Jeswin Mathai
-
Aug 09-
Defcon-
Talk-
Breaking Secure Web Gateways (SWG) for Fun and Profit-
-
Vivek Ramachandran, Jeswin Mathai
-
Aug 08-
Blackhat(Arsenal)-
Tool demo-
Open Source LLM Security-
-
Ankita Gupta 1, Ankush Jain
-
Aug 08-
Blackhat(Arsenal)-
Tool demo-
Octopii v2-
-
Owais Shaikh
-
Aug 08-
Blackhat(Arsenal)-
Tool demo-
ICSGoat: A Damn Vulnerable ICS Infrastructure-
-
Shantanu Kale, Divya Nain
-
Aug 08-
Blackhat(Arsenal)-
Tool demo-
Cloud Offensive Breach and Risk Assessment (COBRA)-
-
Anand Tiwari, Harsha Koushik
-
Aug 08-
Blackhat(Arsenal)-
Tool demo-
Active Directory Cyber Deception using Huginn-
-
Rohan Durve, Paul Laine
- Aug 07- Blackhat(Arsenal)- Tool demo- TrafficWardenX: OpenWRT Security & Monitoring- Sampad Adhikary, Tripti Sharma
-
Aug 07-
Blackhat-
Talk-
The Hack@DAC Story: Learnings from Organizing the World’s Largest Hardware Hacking Competition-
-
Arun Kanuparthi, Hareesh Khattri, Jeyavijayan Jv Rajendran, Jason Fung, Ahmad Reza Sadeghi
-
Aug 07-
Blackhat(Arsenal)-
Tool demo-
RedCloud OS : Cloud Adversary Simulation Operating System-
-
Manish Gupta, Yash Bharadwaj
-
Aug 07-
Blackhat(Arsenal)-
Tool demo-
Hacking generative AI with PyRIT-
-
Raja Sekhar Rao Dheekonda
-
Aug 07-
Blackhat(Arsenal)-
Tool demo-
DarkWidow: Dropper/PostExploitation Tool targeting Windows-
-
Soumyanil Biswas, Chirag Savla
-
Aug 07-
Blackhat(Arsenal)-
Tool demo-
BucketLoot - An Automated S3 Bucket Inspector-
-
Kunal Aggarwal, Umair Nehri
-
Jun 27-
Troopers-
Talk-
The Hidden Dangers Lurking in Your Pocket – Pwning Apple Wallet ecosystem and its apps-
-
Priyank Nigam
-
May 09-
Rsac-
Talk-
The Good, the Bad, and the Bounty: 10 Years of Buying Bugs at Microsoft-
-
Aanchal Gupta, Katie Moussouris
-
May 08-
Rsac-
Talk-
How to CTF Infra - Beyond the Challenges and Flags-
-
Jayesh Chauhan, Max Gartman
-
May 08-
Blackhat-
Talk-
Cloud and Platform Agnostic Security Posture Management (xSPM)-
-
Sunil Arora, Parthasarthi Chakraborty
-
May 07-
Rsac-
Talk-
Anatomy of a Vulnerability Response - A View from the Inside-
-
Mohit Arora, Richard Tonry
-
May 07-
Rsac-
Talk-
A Proven Approach on Automated Security Architectural Pattern Validation-
-
Sunil Arora, Parthasarathi Chakraborty
-
May 06-
Rsac-
Talk-
Headspace’s Privacy Operations Center and Vault-
-
Shobhit Mehta, Puneet Thapliyal
-
Apr 19-
Blackhat(Arsenal)-
Tool demo-
vet: Policy Driven vetting of Open Source Software Components-
-
Abhisek Datta
-
Apr 19-
Blackhat(Arsenal)-
Tool demo-
Monitoring and Detecting Leaks with GitAlerts-
-
Nikhil Mittal 1
-
Apr 19-
Blackhat(Arsenal)-
Tool demo-
Malware clustering using unsupervised ML : CalMal-
-
Himanshu Anand
- Apr 19- Blackhat- Panel- Locknote: Conclusions and Key Takeaways- Anant Shrivastava, Vitaly Kamluk, Ty Miller, Jeff Moss, Pamela O'shea
-
Apr 19-
Blackhat(Arsenal)-
Tool demo-
GearGoat : Car Vulnerabilities Simulator-
-
Nishant Sharma, Pranjal Soni, Sanjeev Mahunta
-
Apr 19-
Blackhat-
Talk-
Faults in Our Bus: Novel Bus Fault Attack to Break Trusted Execution Environments in Embedded Systems-
-
Anirban Chakraborty, Nimish Mishra, Debdeep Mukhopadhyay
-
Apr 19-
Blackhat-
Talk-
China’s Military Cyber Operations: Has the Strategic Support Force Come of Age?-
-
Pukhraj Singh
-
Apr 19-
Blackhat(Arsenal)-
Tool demo-
BucketLoot - An Automated S3 Bucket Inspector-
-
Umair Nehri
-
Apr 19-
Blackhat(Arsenal)-
Tool demo-
AWSDefenderGPT: Leveraging OpenAI to Secure AWS Cloud-
-
Sherin Stephen, Nishant Sharma, Rishappreet Singh Moonga
-
Apr 19-
Blackhat(Arsenal)-
Tool demo-
AutoFix: Automated Vulnerability Remediation Using Static Analysis and LLMs-
-
Asankhaya Sharma
-
Apr 18-
Blackhat-
Talk-
The Hack@DAC Story: Learnings from Organizing the World’s Largest Hardware Hacking Competition-
-
Arun Kanuparthi, Hareesh Khattri, Jeyavijayan Jv Rajendran, Jason Fung, Ahmad Reza Sadeghi
-
Apr 18-
Blackhat(Arsenal)-
Tool demo-
Secure Local Vault - Git Based Secret Manager-
-
Sriram Krishnan, Shibly Meeran
-
Apr 18-
Blackhat(Arsenal)-
Tool demo-
RedCloud OS : Cloud Adversary Simulation Operating System-
-
Manish Gupta, Yash Bharadwaj
-
Apr 18-
Blackhat(Arsenal)-
Tool demo-
R0fuzz-
-
Season Cherian, Vishnu Dev
-
Apr 18-
Blackhat(Arsenal)-
Tool demo-
Nightingale: Docker for Pentesters-
-
Raja Nagori
-
Apr 18-
Blackhat(Arsenal)-
Tool demo-
MORF - Mobile Reconnaissance Framework-
-
Amrudesh Balakrishnan, Abhishek Jm, Himanshu Das
-
Apr 18-
Blackhat(Arsenal)-
Tool demo-
Mantis - Asset Discovery at Scale-
-
Ankur Bhargava, Prateek Thakare, Saddam Hussain
-
Apr 18-
Blackhat(Arsenal)-
Tool demo-
Genzai - The IoT Security Toolkit-
-
Umair Nehri
-
Apr 18-
Blackhat(Arsenal)-
Tool demo-
findmytakeover - find dangling domains in a multi cloud environment-
-
Aniruddha Biyani
-
Apr 18-
Blackhat(Arsenal)-
Tool demo-
eBPFShield: Unleashing the Power of eBPF for OS Kernel Exploitation and Security-
-
Sagar Bhure
- Apr 18- Blackhat(Arsenal)- Tool demo- DetectiveSQ: A Extension Auditing Framework Version 2- Govind Krishna, Xian Xiang Chang
-
Apr 18-
Blackhat(Arsenal)-
Tool demo-
DarkWidow: Dropper/PostExploitation Tool (or can be used in both situations) targeting Windows-
-
Soumyanil Biswas
-
Apr 18-
Blackhat(Arsenal)-
Tool demo-
Damn Vulnerable Browser Extension (DVBE) - Unfold the risks for your Browser Supplements-
-
Abhinav Khanna
-
Apr 18-
Blackhat(Arsenal)-
Tool demo-
Catching adversaries on Azure - Deception on Cloud-
-
Subhash Popuri
-
Apr 18-
Blackhat-
Talk-
Breaking Managed Identity Barriers In Azure Services-
-
Nitesh Surana, David Fiser
-
Apr 18-
Blackhat(Arsenal)-
Tool demo-
BinderAPI Scanner & BASS-
-
Krishnaprasad Subramaniam, Jeffrey Gaor, Valen Sai, Eric Tee Hock Nian
-
Apr 18-
Blackhat(Arsenal)-
Tool demo-
APKDeepLens - Android security insights in full spectrum-
-
Atul Singh, Deepanshu Gajbhiye
-
Mar 21-
Cansecwest-
Talk-
Rolling in the Dough: How Microsoft Identified and Remidiated a Baker’s Dozen of Security Threats in the Windows DNS Server-
-
Arif Hussain, George Hughey
- Mar 12- Nullcon- Talk- Secure Web Gateways are dead. What’s next?- Vivek Ramachandran
-
Mar 11-
Nullcon-
Talk-
Hacking Trains-
-
Jaden Furtado
-
Mar 11-
Nullcon-
Talk-
Achilles Heel In Secure Boot: Breaking RSA Authentication And Bitstream Recovery From Zynq-7000 SoC-
-
Arpan Jati
2023
-
Sep 28-
Rootcon-
Talk-
Azure Illuminati: Unveiling the Mysteries of Cloud Exploitation-
-
Raunak Parmar
-
Aug 11-
Defcon-
Talk-
Getting a Migraine - uncovering a unique SIP bypass on macOS-
-
Anurag Bohra, Jonathan Bar Or, Michael Pearse
2018
-
Aug 10-
Defcon(Recon Village)-
Talk-
Building visualisation platforms for OSINT data using open source solutions-
-
Bharath Kumar, Madhu Akula