Training & Workshops

Workshops Training & Workshops

Anant Shrivastava

Anant Shrivastava

Chief Researcher / Founder
Cyfinoid Research Private Limited
India

Anant Shrivastava is an information security professional with 15+ yrs of corporate experience in Network, Mobile, Application and Linux Security. Anant is an avid opensource supporter and runs multiple opensource projects prominent of them being TamerPlatform and CodeVigilant.

He contributes to multiple Open communities like null and Garage4Hackers. He has also helped establishing local chapter in his hometown null Bhopal

He has been a speaker and a trainer at a multitude of conferences such as Black Hat -USA/ASIA/EU, Defcon, Nullcon, c0c0n, Rootconf and many more).

He also participates in various communities as a cfp reviewer. Notable of them being Blackhat EU, nullcon, Rootconf by Hasgeek, recon village @ Defcon , cloud village @ defcon, Adversary Village @ defcon

His code contributions can be found on Github. He is active on Twitter and Fediverse and his talks and presentations can be found here. He writes about his experiments at his blog.

Sessions

Workshop - 13th & 14th November 2024

Attack & Defend Android Applications

16-Nov-2024    

Breaking the Pipeline: Methodologies for Attacking CI/CD Systems

Manish Gupta

Manish Gupta

Director
Cyberwarfare Labs
India

Manish Gupta is Director of CyberWarFare Labs having 6.5+ years of expertise in offensive Information Security. Previously he had worked as an operator & team lead at product based companies like Microsoft, Grab & Citrix. He specializes in Red Teaming Activities on enterprise Environment including On-premise & Multi-Cloud. His Research interest includes Real World Cyber Attack Simulation and Advanced persistent Threat (APT). Previously he has presented his research at reputed conferences like Blackhat, DEFCON, cocon, Nullcon, BSIDES Chapters, X33fcon Poland, NorthSec Canada & other corporate training etc

Sessions

Workshop - 13th & 14th November 2024

Multi-Cloud (AWS, Azure & GCP) Security

Yash Bharadwaj

Yash Bharadwaj

Co-Founder & Technical architect
Cyberwarfare Labs
India

Yash Bharadwaj, Co-Founder & Technical architect at CyberWarFare Labs with over 5.5 Years of Experience as Technologist. Highly attentive towards finding, learning and discovering new TTP's used during offensive engagements. His area of interest includes building Red / Blue team infrastructure, evading AVs & EDRs, Pwning On-Premise & Multi cloud infrastructure. Previously he has delivered hands-on red / blue / purple team trainings / talks / workshops at Blackhat, cocon, Nullcon, X33fCon Poland, NorthSec Canada, BSIDES Chapters (US & Asia Pacific), OWASP Chapters, CISO Platform, YASCON etc.

Sessions

Workshop - 13th & 14th November 2024

Multi-Cloud (AWS, Azure & GCP) Security

John Sherchan

John Sherchan

Red Team Security Researcher
CyberWarFare Labs
Nepal

John Sherchan is a Red Team Security researcher at CyberWarFare Labs, bringing over 5+ years of experience in Reverse Engineering, Malware Analysis/Development, and Source Code Reviewing, with a specialization in Windows Internals (User and Kernel Modes). Demonstrating an advanced understanding, he has successfully reversed multiple Antivirus (AV) and Endpoint Detection and Response (EDR) systems to comprehend its architecture. Committed to advancing cybersecurity, his additional interests include PWNing Active Directory, conducting Adversary emulation/simulation, writing rootkits, crafting exploits, and strategically overcoming challenges

Sessions

Workshop - 13th & 14th November 2024

Enterprise Purple Teaming: Threat Emulation & Detection

Harisuthan S

Harisuthan S

Blue Team Security Researcher
CyberWarFare Labs
India

Harisuthan is a seasoned Blue Team Security Researcher at CyberWarFare Labs, with over 3 years of dedicated experience in cyber defense. He has a deep understanding of Blue Team methodologies, including adversarial threat detection and investigation, proactive threat hunting, and conducting adversary emulation and simulation for various investigative purposes

Sessions

Workshop - 13th & 14th November 2024

Enterprise Purple Teaming: Threat Emulation & Detection

Arun Mane

Arun Mane

Founder and CEO
Amynasec Research Labs
India

Arun is a Hardware, IOT and ICS Security Researcher. His areas of interest are Hardware Security, SCADA,Automotive security, Fault Injection, RF protocols and Firmware Reverse Engineering. He also has experience in performing Security Audits for both Government and private clients. He has presented a talk at the nullcon 2016,2017,2018 Goa, GNUnify 2017, Defcamp 2017, 2018 Romania, BsidesDelhi 2017, c0c0n x 2017, EFY 2018, x33fcon2018, BlackHat USA 2018, Defcon USA 2018 Also Trainer for Practical Industrial Control Systems (ICS) hacking training, delivered in x33fcon2018, HIP 2018 and also delivered training for IoT hacking in HITB 2017, HIP 2017, BlackHat Asia 2018 and private clients in London, Australia, Sweden, Netherlands etc

Sessions

Workshop - 13th & 14th November 2024

Reversing and Exploitation of Vehicles

Hemant Sonkar

Hemant Sonkar

Lead Security Consultant
Payatu Security Consulting Pvt. Ltd.
India

Hemant Sonkar presently serves as the Lead Security Consultant at Payatu, demonstrating proficiency in delivering training sessions at prominent events such as NULLCON, NULL, and various internal training programs. With an impressive three-year tenure in the field, he brings extensive expertise to the domain. His professional portfolio includes the examination of a wide range of IoT devices, spanning medical devices, home automation tools, and electric vehicles. Throughout his hardware security research endeavors, he has cultivated invaluable skills in discerning attack surfaces and vulnerabilities within real-world IoT devices.

Sessions

Workshop - 13th & 14th November 2024

Hack the IoT: A practical guide to IoT Security

Pugal Selvan

Pugal Selvan

Associate Security Researcher
Payatu Security Consulting Pvt. Ltd.
India

Pugal Selvan began his journey in binary exploitation and reverse engineering through CTFs and is now a Security Researcher at Payatu, where he specializes in firmware analysis and reversing of many IoT and embedded devices. Recently, his curiosity has led him to explore hardware attacks, an area he is passionate about. By day, Pugal serves as a dedicated Security Consultant, and by night, he delves into the world of hardware hacking, continually expanding his knowledge and skills in the field.

Sessions

Workshop - 13th & 14th November 2024

Hack the IoT: A practical guide to IoT Security

Giuseppe Trotta

Giuseppe Trotta

Security Engineer and Trainer
Persistent Security Industries
Italy

Giuseppe Trotta (aka ohpe), is a seasoned security researcher and trainer with deep expertise in phishing, social engineering, and post-exploitation automation. As a core member of the MuraenaTeam, Giuseppe has been at the forefront of developing innovative tools that have significantly advanced the field of phishing exploitation. His groundbreaking work on Muraena and NecroBrowser has revolutionized how security professionals approach session hijacking and post-exploitation tasks.

With a strong commitment to education, Giuseppe has delivered numerous training sessions at private events and organizations, where he is known for his in-depth, hands-on approach. His training methodologies are unique, focusing on practical, real-world scenarios that prepare participants to face modern phishing threats head-on. Giuseppe's sessions are designed to be interactive, providing attendees with the knowledge and skills needed to enhance their red teaming capabilities and fortify their defenses against increasingly sophisticated phishing attacks.

Sessions

Workshop - 13th & 14th November 2024

Hook, Line, and Sinker: Exploring the Phishing Abyss

Nikhil Joshi

Nikhil Joshi

Data scientist
Brillio
India

Nikhil Joshi is an AI Security Researcher. He is currently working on implementations of ML in offensive and defensive security products. He has orchestrated methodologies to pen-test Machine Learning applications against ML-specific vulnerabilities and loves to explore new ways to hack ML-powered applications. Parallelly Nikhils research is focused on security implications in Deep Learning applications such as Adversarial Learning, Model stealing attacks, Data poisoning, etc. Nikhil is an active member of local Data Science and Security groups and has delivered multiple talks and workshops. He has spoken at HITB Amsterdam, PhDays Russia, and IEEE conferences. And trainer at the nullcon and Troopers. Being an Applied Mathematics enthusiast, recent advances in Machine Learning and its applications in security, behavioral science, and telecom are of major interest to Nikhil.

Sessions

Workshop - 13th & 14th November 2024

ML for Security and Security for ML

Kartik Lalan

Kartik Lalan

Sr. Security Engineer
PIC (Independent)
India

Product Security Engineer @ Security Centre of Excellence – Philips Innovation Campus. He is M.Tech. in CS with Specialization in Information & Network Security. He conducts frequent talks and workshops on Info Sec topics @ several places including C0C0N, DEFCON BHV, Bsides Delhi & Bangalore Chapter, OWASP, Null A'bad & Bangalore Chapter, DroidCon-IN. Kartik loves to write technical Blogs in his leisure time.

Sessions

Workshop - 13th & 14th November 2024

Bypassing Enterprise Protection Solutions and Windows 11 OS Hardening Controls

Aravind C Ajayan

Aravind C Ajayan

Sr. Security Engineer
PIC (Independent)
India

Sr. Security Engineer with Philips and is part of the Security Centre of Excellence team. Aravind's primary areas of expertise are web/thick client application penetration testing, hardened system security, network security, and windows active directory security. He has helped to fix severe issues in IMS(Internet Management Software) solutions through responsible disclosures. Aravind pursued his master's in Cyber Security Systems and Networks from Amrita Vishwa Vidyapeetham, Coimbatore. He is an Offensive Security Certified Professional (OSCP) and has published several research papers on security in IEEE and Springer.

Sessions

Workshop - 13th & 14th November 2024

Bypassing Enterprise Protection Solutions and Windows 11 OS Hardening Controls

David Baptiste

David Baptiste

IT-Security Analyst & Researcher
ERNW - Ennor Rey Netzwerke GmbH
Germany

Dr. BapƟste David is an IT security specialist at ERNW, specialized in Windows operaƟng system. His research is mainly focused on malware analysis, reverse engineering, security of the Windows operaƟng system plaƞorm, kernel development and vulnerabiliƟes research. He also worked for couple of anƟvirus compagnies. He has given special courses and trainings in different universiƟes in Europe. Also, he gives regularly talks on different conferences including Black Hat USA, Defcon, Troopers, Zero Night, Cocon, EICAR, ECCWS…

Sessions

Workshop - 13th & 14th November 2024

Exploiting with Precision: Windbg Debugging Essentials for Security Professionals

16-Nov-2024    

Kernel Lockdown: Reducing BSOD Risks by Restricting Third-Party Access?

Attack & Defend Android Applications

Attack & Defend Android Applications

Android is becoming increasingly present in all aspects of our lives, from phones and televisions to fridges and point of sale devices. As the use of Android continues to grow, so do concerns about security and privacy. This has led to a greater need for security assessments and the secure operation of the Android application ecosystem.

Multi-Cloud (AWS, Azure & GCP) Security [24 Edition]

Multi-Cloud (AWS, Azure & GCP) Security [24 Edition]

CyberWarFare Labs workshop on "Multi-Cloud Security" aims to provide the trainees with the insights of the offensive / defensive techniques used by the Red & Blue Teams in an Enterprise Cloud Infrastructure. Learn from the creators of the renowned CWL RedCloud OS, a cloud adversary simulation VM, how to perform enterprise offensive / defensive operations.

Enterprise Purple Teaming: Threat Emulation & Detection

Enterprise Purple Teaming: Threat Emulation & Detection

Adversaries are continually evolving and developing more sophisticated attacks, making it crucial for professionals in this field to be adept at both defensive and offensive strategies for effective detection. This comprehensive training program immerses participants in realistic cyber attack simulations and includes hands-on exercises in detection and response.

Hack the IoT: A practical guide to IoT Security

Hack the IoT: A practical guide to IoT Security

The great power of the Internet of Things comes with the great responsibility of security. Being the hottest technology, the developments and innovations are happening at a stellar speed, but the security of IoT is yet to catch up. Since the safety and security repercussions are serious and at times life-threatening, there is no way you can afford to neglect the security of IoT products...

Hook, Line, and Sinker: Exploring the Phishing Abyss

Hook, Line, and Sinker: Exploring the Phishing Abyss

This workshop is designed to advance participants from a basic understanding of phishing and social engineering to mastering sophisticated techniques for security awareness, red teaming, and security control testing. Over two days of hands-on training, participants will journey through the full spectrum of phishing techniques, from beginner to expert level.

ML for Security and Security for ML

ML for Security and Security for ML

AI is undergoing exponential growth these days. Businesses, Academia, and tech enthusiasts are hyped about trying out Deep learning to solve their problems. Professionals, researchers, and students are driven to taste the potential of this new tech. Just like every other technology, AI comes with awesome applications topped with some serious implications.

Bypassing Enterprise Protection Solutions and Windows 11 OS Hardening Controls

Bypassing Enterprise Protection Solutions and Windows 11 OS Hardening Controls

With growing usage of desktop applications in various segments like aviation, healthcare, public infrastructure, logistics, finance, education, hospitality and many more in the form of kiosk / un-attended systems in public, it opens scope of information & network security...

Exploiting with Precision: Windbg Debugging Essentials for Security Professionals

Exploiting with Precision: Windbg Debugging Essentials for Security Professionals

With growing usage of desktop applications in various segments like aviation, healthcare, public infrastructure, logistics, finance, education, hospitality and many more in the form of kiosk / un-attended systems in public, it opens scope of information & network security...