/dev/home

Ramblings of a computer enthusiast.

Security Trainings

Pentesting the Modern Application Stack conducted at the following conferences:

  • Nullcon (India) 2019
  • Troopers (Germany) 2019/2018
  • HITB GSEC (Singapore)
  • OWASP Appsec EU (UK) 2018
  • Brucon (Belgium) 2017

Security Research

  • How we hacked Distributed Configuration Management Systems - [Troopers 2017]   Video
  • NoPo - The NoSQL HoneyPot Framework - [c0c0n 2015]   Talk Link
  • Pentesting NoSQL Databases using NoSQL Exploitation Framework - [Hack in Paris 2014]   Video
  • Exploiting NoSQL like Never Before - [Hack in the Box 2014]   Slides

Security Tools & Repos

  • NoSQL Exploitation Framework - A NoSQL Database Security Scanner - Download
  • NoSQL Honeypot - A NoSQL based Honeypot. - Download
  • Garfield - A scanner for Distributed Configuration Management Systems. - Download
  • Thanos - Infrastructure setup using Terraform and Docker. - Repo
  • Python Security Bootcamp - Download

Upcoming Trainings

Conferences Presented @

  • Troopers 2017 - Talk Info
  • PHDays 2017 - Talk Info
  • Insomnihack 2017 - Talk Info
  • Hack in Paris 2014
  • Hack in the Box Amsterdam 2014
  • 44C0N London 2014