Anant Shrivastava is an information security professional with 15+ yrs of corporate experience in Network, Mobile, Application and Linux Security. Anant is an avid opensource supporter and runs multiple opensource projects prominent of them being TamerPlatform and CodeVigilant.
He contributes to multiple Open communities like null and Garage4Hackers. He has also helped establishing local chapter in his hometown null Bhopal
He has been a speaker and a trainer at a multitude of conferences such as Black Hat -USA/ASIA/EU, Defcon, Nullcon, c0c0n, Rootconf and many more).
He also participates in various communities as a cfp reviewer. Notable of them being Blackhat EU, nullcon, Rootconf by Hasgeek, recon village @ Defcon , cloud village @ defcon, Adversary Village @ defcon
His code contributions can be found on Github. He is active on Twitter and Fediverse and his talks and presentations can be found here. He writes about his experiments at his blog.
Attack & Defend Android Applications
(PANEL) - Transitioning from CTF to real world VAPT
(PANEL) - Moderator: Post-Quantum Security: Balancing Opportunities and Overcoming Challenges
We got the Shiny SBoM; what next?
Manish Gupta is Director of CyberWarFare Labs having 6.5+ years of expertise in offensive Information Security. Previously he had worked as an operator & team lead at product based companies like Microsoft, Grab & Citrix. He specializes in Red Teaming Activities on enterprise Environment including On-premise & Multi-Cloud. His Research interest includes Real World Cyber Attack Simulation and Advanced persistent Threat (APT). Previously he has presented his research at reputed conferences like Blackhat, DEFCON, cocon, Nullcon, BSIDES Chapters, X33fcon Poland, NorthSec Canada & other corporate training etc
Multi-Cloud (AWS, Azure & GCP) Security
[Yodha] RedCloud : A Multi-Cloud Hacking OS
Serverless Phishing Factory: Automate, Attack, Adapt
Yash Bharadwaj, Co-Founder & Technical architect at CyberWarFare Labs with over 5.5 Years of Experience as Technologist. Highly attentive towards finding, learning and discovering new TTP's used during offensive engagements. His area of interest includes building Red / Blue team infrastructure, evading AVs & EDRs, Pwning On-Premise & Multi cloud infrastructure. Previously he has delivered hands-on red / blue / purple team trainings / talks / workshops at Blackhat, cocon, Nullcon, X33fCon Poland, NorthSec Canada, BSIDES Chapters (US & Asia Pacific), OWASP Chapters, CISO Platform, YASCON etc.
Multi-Cloud (AWS, Azure & GCP) Security
[Yodha] RedCloud : A Multi-Cloud Hacking OS
Serverless Phishing Factory: Automate, Attack, Adapt
John Sherchan is a Red Team Security researcher at CyberWarFare Labs, bringing over 5+ years of experience in Reverse Engineering, Malware Analysis/Development, and Source Code Reviewing, with a specialization in Windows Internals (User and Kernel Modes). Demonstrating an advanced understanding, he has successfully reversed multiple Antivirus (AV) and Endpoint Detection and Response (EDR) systems to comprehend its architecture. Committed to advancing cybersecurity, his additional interests include PWNing Active Directory, conducting Adversary emulation/simulation, writing rootkits, crafting exploits, and strategically overcoming challenges
Enterprise Purple Teaming: Threat Emulation & Detection
Harisuthan is a seasoned Blue Team Security Researcher at CyberWarFare Labs, with over 3 years of dedicated experience in cyber defense. He has a deep understanding of Blue Team methodologies, including adversarial threat detection and investigation, proactive threat hunting, and conducting adversary emulation and simulation for various investigative purposes
Enterprise Purple Teaming: Threat Emulation & Detection
Hemant Sonkar presently serves as the Lead Security Consultant at Payatu, demonstrating proficiency in delivering training sessions at prominent events such as NULLCON, NULL, and various internal training programs. With an impressive three-year tenure in the field, he brings extensive expertise to the domain. His professional portfolio includes the examination of a wide range of IoT devices, spanning medical devices, home automation tools, and electric vehicles. Throughout his hardware security research endeavors, he has cultivated invaluable skills in discerning attack surfaces and vulnerabilities within real-world IoT devices.
Hack the IoT: A practical guide to IoT Security
Pugal Selvan began his journey in binary exploitation and reverse engineering through CTFs and is now a Security Researcher at Payatu, where he specializes in firmware analysis and reversing of many IoT and embedded devices. Recently, his curiosity has led him to explore hardware attacks, an area he is passionate about. By day, Pugal serves as a dedicated Security Consultant, and by night, he delves into the world of hardware hacking, continually expanding his knowledge and skills in the field.
Hack the IoT: A practical guide to IoT Security
Giuseppe Trotta (aka ohpe), is a seasoned security researcher and trainer with deep expertise in phishing, social engineering, and post-exploitation automation. As a core member of the MuraenaTeam, Giuseppe has been at the forefront of developing innovative tools that have significantly advanced the field of phishing exploitation. His groundbreaking work on Muraena and NecroBrowser has revolutionized how security professionals approach session hijacking and post-exploitation tasks.
With a strong commitment to education, Giuseppe has delivered numerous training sessions at private events and organizations, where he is known for his in-depth, hands-on approach. His training methodologies are unique, focusing on practical, real-world scenarios that prepare participants to face modern phishing threats head-on. Giuseppe's sessions are designed to be interactive, providing attendees with the knowledge and skills needed to enhance their red teaming capabilities and fortify their defenses against increasingly sophisticated phishing attacks.
Hook, Line, and Sinker: Exploring the Phishing Abyss
Nikhil Joshi is an AI Security Researcher. He is currently working on implementations of ML in offensive and defensive security products. He has orchestrated methodologies to pen-test Machine Learning applications against ML-specific vulnerabilities and loves to explore new ways to hack ML-powered applications. Parallelly Nikhils research is focused on security implications in Deep Learning applications such as Adversarial Learning, Model stealing attacks, Data poisoning, etc. Nikhil is an active member of local Data Science and Security groups and has delivered multiple talks and workshops. He has spoken at HITB Amsterdam, PhDays Russia, and IEEE conferences. And trainer at the nullcon and Troopers. Being an Applied Mathematics enthusiast, recent advances in Machine Learning and its applications in security, behavioral science, and telecom are of major interest to Nikhil.
ML for Security and Security for ML
Product Security Engineer @ Security Centre of Excellence – Philips Innovation Campus. He is M.Tech. in CS with Specialization in Information & Network Security. He conducts frequent talks and workshops on Info Sec topics @ several places including C0C0N, DEFCON BHV, Bsides Delhi & Bangalore Chapter, OWASP, Null A'bad & Bangalore Chapter, DroidCon-IN. Kartik loves to write technical Blogs in his leisure time.
Bypassing Enterprise Protection Solutions and Windows 11 OS Hardening Controls
Hackers highway: Uncovering vulnerabilities hidden behind every car's license plate
Sr. Security Engineer with Philips and is part of the Security Centre of Excellence team. Aravind's primary areas of expertise are web/thick client application penetration testing, hardened system security, network security, and windows active directory security. He has helped to fix severe issues in IMS(Internet Management Software) solutions through responsible disclosures. Aravind pursued his master's in Cyber Security Systems and Networks from Amrita Vishwa Vidyapeetham, Coimbatore. He is an Offensive Security Certified Professional (OSCP) and has published several research papers on security in IEEE and Springer.
Bypassing Enterprise Protection Solutions and Windows 11 OS Hardening Controls
Dr. BapƟste David is an IT security specialist at ERNW, specialized in Windows operaƟng system. His research is mainly focused on malware analysis, reverse engineering, security of the Windows operaƟng system plaƞorm, kernel development and vulnerabiliƟes research. He also worked for couple of anƟvirus compagnies. He has given special courses and trainings in different universiƟes in Europe. Also, he gives regularly talks on different conferences including Black Hat USA, Defcon, Troopers, Zero Night, Cocon, EICAR, ECCWS…
Exploiting with Precision: Windbg Debugging Essentials for Security Professionals
Kernel Lockdown: Reducing BSOD Risks by Restricting Third-Party Access?talk
Anant Shrivastava is an information security professional with 15+ yrs of corporate experience in Network, Mobile, Application and Linux Security. Anant is an avid opensource supporter and runs multiple opensource projects prominent of them being TamerPlatform and CodeVigilant.
He contributes to multiple Open communities like null and Garage4Hackers. He has also helped establishing local chapter in his hometown null Bhopal
He has been a speaker and a trainer at a multitude of conferences such as Black Hat -USA/ASIA/EU, Defcon, Nullcon, c0c0n, Rootconf and many more).
He also participates in various communities as a cfp reviewer. Notable of them being Blackhat EU, nullcon, Rootconf by Hasgeek, recon village @ Defcon , cloud village @ defcon, Adversary Village @ defcon
His code contributions can be found on Github. He is active on Twitter and Fediverse and his talks and presentations can be found here. He writes about his experiments at his blog.
Attack & Defend Android Applications
(PANEL) - Transitioning from CTF to real world VAPT
(PANEL) - Moderator: Post-Quantum Security: Balancing Opportunities and Overcoming Challenges
We got the Shiny SBoM; what next?
Manish Gupta is Director of CyberWarFare Labs having 6.5+ years of expertise in offensive Information Security. Previously he had worked as an operator & team lead at product based companies like Microsoft, Grab & Citrix. He specializes in Red Teaming Activities on enterprise Environment including On-premise & Multi-Cloud. His Research interest includes Real World Cyber Attack Simulation and Advanced persistent Threat (APT). Previously he has presented his research at reputed conferences like Blackhat, DEFCON, cocon, Nullcon, BSIDES Chapters, X33fcon Poland, NorthSec Canada & other corporate training etc
Multi-Cloud (AWS, Azure & GCP) Security
[Yodha] RedCloud : A Multi-Cloud Hacking OS
Serverless Phishing Factory: Automate, Attack, Adapt
Yash Bharadwaj, Co-Founder & Technical architect at CyberWarFare Labs with over 5.5 Years of Experience as Technologist. Highly attentive towards finding, learning and discovering new TTP's used during offensive engagements. His area of interest includes building Red / Blue team infrastructure, evading AVs & EDRs, Pwning On-Premise & Multi cloud infrastructure. Previously he has delivered hands-on red / blue / purple team trainings / talks / workshops at Blackhat, cocon, Nullcon, X33fCon Poland, NorthSec Canada, BSIDES Chapters (US & Asia Pacific), OWASP Chapters, CISO Platform, YASCON etc.
Multi-Cloud (AWS, Azure & GCP) Security
[Yodha] RedCloud : A Multi-Cloud Hacking OS
Serverless Phishing Factory: Automate, Attack, Adapt
John Sherchan is a Red Team Security researcher at CyberWarFare Labs, bringing over 5+ years of experience in Reverse Engineering, Malware Analysis/Development, and Source Code Reviewing, with a specialization in Windows Internals (User and Kernel Modes). Demonstrating an advanced understanding, he has successfully reversed multiple Antivirus (AV) and Endpoint Detection and Response (EDR) systems to comprehend its architecture. Committed to advancing cybersecurity, his additional interests include PWNing Active Directory, conducting Adversary emulation/simulation, writing rootkits, crafting exploits, and strategically overcoming challenges
Enterprise Purple Teaming: Threat Emulation & Detection
Harisuthan is a seasoned Blue Team Security Researcher at CyberWarFare Labs, with over 3 years of dedicated experience in cyber defense. He has a deep understanding of Blue Team methodologies, including adversarial threat detection and investigation, proactive threat hunting, and conducting adversary emulation and simulation for various investigative purposes
Enterprise Purple Teaming: Threat Emulation & Detection
Hemant Sonkar presently serves as the Lead Security Consultant at Payatu, demonstrating proficiency in delivering training sessions at prominent events such as NULLCON, NULL, and various internal training programs. With an impressive three-year tenure in the field, he brings extensive expertise to the domain. His professional portfolio includes the examination of a wide range of IoT devices, spanning medical devices, home automation tools, and electric vehicles. Throughout his hardware security research endeavors, he has cultivated invaluable skills in discerning attack surfaces and vulnerabilities within real-world IoT devices.
Hack the IoT: A practical guide to IoT Security
Pugal Selvan began his journey in binary exploitation and reverse engineering through CTFs and is now a Security Researcher at Payatu, where he specializes in firmware analysis and reversing of many IoT and embedded devices. Recently, his curiosity has led him to explore hardware attacks, an area he is passionate about. By day, Pugal serves as a dedicated Security Consultant, and by night, he delves into the world of hardware hacking, continually expanding his knowledge and skills in the field.
Hack the IoT: A practical guide to IoT Security
Giuseppe Trotta (aka ohpe), is a seasoned security researcher and trainer with deep expertise in phishing, social engineering, and post-exploitation automation. As a core member of the MuraenaTeam, Giuseppe has been at the forefront of developing innovative tools that have significantly advanced the field of phishing exploitation. His groundbreaking work on Muraena and NecroBrowser has revolutionized how security professionals approach session hijacking and post-exploitation tasks.
With a strong commitment to education, Giuseppe has delivered numerous training sessions at private events and organizations, where he is known for his in-depth, hands-on approach. His training methodologies are unique, focusing on practical, real-world scenarios that prepare participants to face modern phishing threats head-on. Giuseppe's sessions are designed to be interactive, providing attendees with the knowledge and skills needed to enhance their red teaming capabilities and fortify their defenses against increasingly sophisticated phishing attacks.
Hook, Line, and Sinker: Exploring the Phishing Abyss
Nikhil Joshi is an AI Security Researcher. He is currently working on implementations of ML in offensive and defensive security products. He has orchestrated methodologies to pen-test Machine Learning applications against ML-specific vulnerabilities and loves to explore new ways to hack ML-powered applications. Parallelly Nikhils research is focused on security implications in Deep Learning applications such as Adversarial Learning, Model stealing attacks, Data poisoning, etc. Nikhil is an active member of local Data Science and Security groups and has delivered multiple talks and workshops. He has spoken at HITB Amsterdam, PhDays Russia, and IEEE conferences. And trainer at the nullcon and Troopers. Being an Applied Mathematics enthusiast, recent advances in Machine Learning and its applications in security, behavioral science, and telecom are of major interest to Nikhil.
ML for Security and Security for ML
Product Security Engineer @ Security Centre of Excellence – Philips Innovation Campus. He is M.Tech. in CS with Specialization in Information & Network Security. He conducts frequent talks and workshops on Info Sec topics @ several places including C0C0N, DEFCON BHV, Bsides Delhi & Bangalore Chapter, OWASP, Null A'bad & Bangalore Chapter, DroidCon-IN. Kartik loves to write technical Blogs in his leisure time.
Bypassing Enterprise Protection Solutions and Windows 11 OS Hardening Controls
Hackers highway: Uncovering vulnerabilities hidden behind every car's license plate
Sr. Security Engineer with Philips and is part of the Security Centre of Excellence team. Aravind's primary areas of expertise are web/thick client application penetration testing, hardened system security, network security, and windows active directory security. He has helped to fix severe issues in IMS(Internet Management Software) solutions through responsible disclosures. Aravind pursued his master's in Cyber Security Systems and Networks from Amrita Vishwa Vidyapeetham, Coimbatore. He is an Offensive Security Certified Professional (OSCP) and has published several research papers on security in IEEE and Springer.
Bypassing Enterprise Protection Solutions and Windows 11 OS Hardening Controls
Dr. BapƟste David is an IT security specialist at ERNW, specialized in Windows operaƟng system. His research is mainly focused on malware analysis, reverse engineering, security of the Windows operaƟng system plaƞorm, kernel development and vulnerabiliƟes research. He also worked for couple of anƟvirus compagnies. He has given special courses and trainings in different universiƟes in Europe. Also, he gives regularly talks on different conferences including Black Hat USA, Defcon, Troopers, Zero Night, Cocon, EICAR, ECCWS…
Exploiting with Precision: Windbg Debugging Essentials for Security Professionals
Kernel Lockdown: Reducing BSOD Risks by Restricting Third-Party Access?talk
Sunil Varkey has over 29 years of cybersecurity leadership experience with large global corporations in banking, telecoms, ITES, software, and manufacturing domains in the Middle East, US and India.
Sunil was earlier Global CISO and Fellow at Wipro, CISO of Idea Cellular, MD at HSBC, and he is also CTO for Symantec and Forescout. Currently is engaged as a Cyber consultant and advisor in the Middle East.
Academically, he holds a Bachelor’s degree in Electronics Engineering with an MBA, along with over 10 security certifications. He also holds security patents in US & EU.
He has published and presented various articles and sessions globally related to information security.
Opening Note
Opening Note
The subtle art of checkmating CISOs
Len Noe, a Technical Evangelist, White Hat Hacker, and Transhuman at CyberArk Software, is a dynamic and influential speaker on the international security circuit. With an impressive track record of delivering impactful presentations in over 60 countries and at renowned security conferences worldwide, Noe's expertise leaves a lasting impression. Notably, he has graced the stage at the prestigious World Conference in The Hague, C.E.R.T. EU, and has been invited to address multiple governments.
Len is the author of Human Hacked: My life and lessons as the worlds first augmented ethical hacker. With his first book Len exposes the subculture of Transhumans and the capabilities available to this new breed of human, along with the cyber security risks they pose.
Len is a co-host of the Cyber Cognition Podcast and a thought leader in the field of Transhumanism. With his upcoming book, he shares a captivating narrative of his personal evolution, solidifying his position as one of the world's foremost authorities in this transformative movement. As a futurist, Len's insights and expertise are highly sought after.
Len's passion for the Transhuman/Human+ movement is unparalleled, and he actively employs microchip implants to pioneer advancements in cyber security and enhance the human experience. His groundbreaking research has garnered global recognition, appearing in multiple global news outlets, while his regular appearances on top-tier security podcasts showcase his ongoing contributions to the field.
With a rich history as a Black/Grey Hat Hacker, Noe's extensive practical experience has shaped his skills. Over the course of 30 years, he has honed his expertise in web development, system engineering/administration, architecture, and coding. For the past ten years, Len has devoted his focus to information security from an attacker's perspective Actively engaging with the Texas information security communities and organizations like the Autism Society, Len continuously demonstrates his commitment to making a positive impact beyond the realm of technology.
[KEYNOTE] The tomorrow threats, today
[KEYNOTE] The tomorrow threats, today
Product Security Engineer @ Security Centre of Excellence – Philips Innovation Campus. He is M.Tech. in CS with Specialization in Information & Network Security. He conducts frequent talks and workshops on Info Sec topics @ several places including C0C0N, DEFCON BHV, Bsides Delhi & Bangalore Chapter, OWASP, Null A'bad & Bangalore Chapter, DroidCon-IN. Kartik loves to write technical Blogs in his leisure time.
Bypassing Enterprise Protection Solutions and Windows 11 OS Hardening Controls
Hackers highway: Uncovering vulnerabilities hidden behind every car's license plate
CISO's take on BYOAI
GenAI and Autonomous Security in the Age of Zero Trust
(PANEL) - The Pager Attack: A Wake-Up Call for Global Cyber Defense Strategies
(PANEL) - Moderator: Intelligence led security