Events
Here are some of our presentations and talks that we have delivered across different conferences over the years. We will also update this page regularly with other security related resources and research so be sure to Bookmark this page.
YASCON 2021 – Hacking Single Page Applications (SPAs)
In this talk we covered how to best pentest or find bugs in Single Page Applications when traditional tooling just doesn’t work. We covered various challenges that we face when pentesting SPAs and also provided some alternative tools that can help you with SPA testing. We also shared information related to our methodology that we use when we pentest SPA applications at Wise Fox Security. Hope you find this talk useful and learn something new from it.
Mystikcon 2021 – Building your first DevSecOps Pipeline
This year at Mystikcon 2021 we covered how to build your first DevSecOps pipeline with Open Source tooling. We covered various concepts and buzzwords related to DevSecOps in this talk. We also demonstrated a pipeline that we created in GitLab and tools that we embedded in this pipeline to catch various security issues. Hope you learn something new from this talk 🙂
Cyber Security Summit 2021 – Cyberdome Kozhikode
Cyberdome Kozhikode organized year 2021’s Cyber Security Conference Cyber Security Summit 2021 (https://cyberdomekkdsummit.kerala.gov…) virtually on the theme 2R real-time and real attack on Feb 27th and 28th. It was a unique event to keep the cybersecurity community connected across the globe.
AppSec NZ 2021 – Going Above & Beyond
While the OWASP Top 10 is a great baseline for WebApp security, I’d like to cover some of the attacks that aren’t addressed there. These attacks are gaining lots of attention so it’s time to shed some light on: HTTP Request Smuggling; JavaScript…
Android Application Pentesting – Mystikcon 2020
I had the opportunity to present at Mystikcon in December 2020 on Android Application Pentesting. In this talk I cover all the basic components of Android app and then talked about Static and Dynamic Analysis (with demos).
Web App Attacks of the Modern World
This talk was presented at OWASP NZ Day 2020. It was great fun presenting at this awesome conference again.
OWASP NZ Day 2018 – Enough with XSS, let’s talk about something else?
My talk on web application vulnerabilities and how to fix them. This talk covered IDOR, SSRF, XXE and Cryptojacking vulnerabilities.
OWASP NZ Day 2019: Reverse Engineering Mobile Apps – Why, What, and the How’s
My talk on why Reverse Engineering mobile apps is important for an organisation, what can you discover while reversing an application and how can you improve the security of your applications.