DiscoverSecTools Podcast Series
SecTools Podcast Series
Claim Ownership

SecTools Podcast Series

Author: InfoSec Campus

Subscribed: 3Played: 23
Share

Description

SecTools Podcast is a series of audio podcast featuring free or opensource tool authors from Information Security industry, sharing their interesting experience on developing and maintaining amazing tools for the security community.

Hosted by Sanoop Thomas (s4n7h0)
https://infoseccampus.com
https://twitter.com/InfoSecCampus
30 Episodes
Reverse
In 2001, NJ founded the Infosec community tools portal ToolsWatch.org. And since 2011, he is co-managing & helping to improve the Black Hat Arsenal the World’s largest security event dedicated to open source tools demonstrations. NJ is also the founder of vFeed, Inc a niche startup that provides top-notch correlated vulnerability & threat intelligence feed to 100+ Worldwide customers.For more SecTools podcast episodes, visit https://infoseccampus.com
Martin Donath is the creator of Material for MkDocs, a static site from a set of Markdown files to host the documentation.For more SecTools podcast episodes, visit https://infoseccampus.com
Charlie Belmer is a security and privacy engineer at DuckDuckGo. He authored NoSQLi, an open source NoSql Injection CLI tool, for finding vulnerable websites using MongoDB. He writes about security and privacy research on his personal blog nullsweep.comFor more SecTools podcast episodes, visit https://infoseccampus.com
Guillaume Valadon is the Security Agent Team Lead at Datadog, and holds a PhD in IPv6 networking. He likes looking at data and crafting packets. In his spare time, he co-maintains Scapy and learns reversing embedded devices. Also, he still remembers what AT+MS=V34 means! Guillaume regularly gives technical presentations, classes and live demonstrations, and writes research papers for conferences and magazines.For more SecTools podcast episodes, visit https://infoseccampus.com
Vipin Pavithran is a cyber-security professor at Amrita Center for Cybersecurity Systems and Networks, Amrita Vishwa Vidyapeetham. He is the founder and chief mentor of internationally recognized student clubs - amFOSS, Team bi0s, and Team Shakti . He is also known for organizing the premiere InCTF and InCTF Junior - cyber-security contests, which were first of its kind in India when they were introduced. For more SecTools podcast episodes, visit https://infoseccampus.com
Paulino Calderon (@calderpwn) is a published author and international speaker with over 12 years of experience in network and application security. When he isn’t traveling to security conferences or consulting for Fortune 500 companies with Websec, a company he co-founded in 2011, he spends peaceful days enjoying the beach in Cozumel, Mexico. He loves open-source software and has contributed to many projects, including Nmap, Metasploit, OWASP Mobile Security Testing Guide (MSTG), OWASP Juice Shop, and OWASP IoT Goat. More SecTools podcast episode here https://infoseccampus.com/
Anastasios Stasinopoulos is a Senior Penetration Tester at Obrela Labs - Obrela Security Industries and has a professional experience over 6 years in the field of Information Security working exclusively as a Penetration Tester. Anastasios earned the Bachelor of Science (B.Sc.) degree in "Surveying & Geoinformatics Engineering" from Technological Institution of Athens, the Master of Science (M.Sc.) degree in "Security of Digital Systems" from the Department of Digital Systems of University of Piraeus and also served as Ph.D. candidate at the same department.Anastasios is the author of Commix Project, an automated tool that can be used from web developers, penetration testers or even security researchers in order to test web-based applications with the view to find bugs, errors or vulnerabilities related to command injection attacks.
Steve Springett is the Senior Security Architect at ServiceNow, Chicago. Steve educates teams on the strategy and specifics of developing secure software. He practices security at every stage of the development lifecycle by leading sessions on threat modeling, secure architecture and design, static/dynamic/component analysis, offensive research, and defensive programming techniques.Steve’s passionate about helping organizations identify and reduce risk from the use of third-party and open source components. He is an open source advocate and leads the OWASP Dependency-Track project, OWASP Software Component Verification Standard (SCVS) project, CycloneDX software bill-of-material specification, and participates in several related projects and working groups.- https://dependencytrack.org/- https://cyclonedx.org/- https://owasp.org/scvs
Nishant Sharma leads R&D at Pentester Academy and Attack Defense. He has 8+ years of experience in the information security field including 6+ years in WiFi security research and development. He has conducted classroom trainings in Blackhat USA, HITB Amsterdam/Singapore, RootCon, OWASP NZ Day. He has presented research and conducted workshops at Blackhat USA/Asia, DEF CON China, HITB, RootCon, Packet Hacking Village, Wireless Village, IoT village, and Demo labs (DEFCON USA). Prior to joining Pentester Academy, he worked as a firmware developer at Mojo Networks where he contributed in developing new features for the enterprise-grade WiFi APs and maintaining the state of art WiFi Intrusion Prevention System (WIPS). He has a Master’s degree in Information Security from IIIT Delhi. He has also published peer-reviewed academic research on HMAC security. His areas of interest include WiFi and IoT security, Linux security. PA Toolkit: https://github.com/pentesteracademy/patoolkit VoIPShark: https://github.com/pentesteracademy/voipshark BLE Mystique: https://github.com/pentesteracademy/blemystique
Emily Wenger is a PhD student at the University of Chicago studying machine learning security and privacy. She’s particularly interested in understanding and preventing the unintended uses/abuses of facial recognition technology. Emily and team has built Fawkes, a system that helps individuals inoculate their images against unauthorized facial recognition models. Fawkes achieves this by helping users add imperceptible pixel-level changes (we call them "cloaks") to their own photos before releasing them. When used to train facial recognition models, these "cloaked" images produce functional models that consistently cause normal images of the user to be misidentified. * More about Fawkes http://sandlab.cs.uchicago.edu/fawkes/ * Full Research Paper - http://people.cs.uchicago.edu/~ravenben/publications/pdf/fawkes-usenix20.pdf* Fawkes - http://sandlab.cs.uchicago.edu/fawkes/ * Source Code - https://github.com/Shawn-Shan/fawkes
Isaac Evans is the leader of r2c (https://r2c.dev/), a small startup working on giving security tools directly to developers. Previously, he conducted research into binary exploitation bypasses for techniques like control-flow integrity and novel hardware defenses on new architectures like RISC-V as a researcher at the US Defense Department under a SFS program and at MIT Lincoln Laboratory. Isaac received his BS/MS degrees in EECS from MIT. Other interests include next-generation programming languages, secure-by-design frameworks, software-defined radio, and the intersection of cryptography and public policy.Isaac spoke about semgrem and its capabilities in this episode. - Source code: https://github.com/returntocorp/semgrep- Test in your browser: https://semgrep.live/
Kai Jern (xwings), is Lab Director of The ShepherdLab, of JD Security. His research topic mainly on embedded device, hardware security, blockchain security, reverse engineering and various security topics. He presented his findings in different international security conferences like Defcon, HITB, Codegate, QCon, KCon, Brucon, H2HC and etc. He conducted hardware Hacking course in various places around the globe. He is also the owner of hackersbadge.com, actively involved in Unicorn (https://unicorn-engine.org) development and founder of Qiling Framework (https://qiling.io)
H.D Moore founded the Metasploit Project in early 2003 and later the project was aquired by Rapid7. He spent the last 20 years conducting security assessments, building security products, and pushing the status quo through research, with leadership roles at Digital Defense, BreakingPoint Systems, Rapid7, and Atredis Partners. HD founded Critical Research to address a long-standing need for better network discovery tools. Currently, his research is focused on asset discovery.Metasploit Project - https://www.metasploit.com/
Brian leads the digital forensics team at Basis Technology, which builds software for incident response, digital forensics, and custom mission needs. He is the author of the book File System Forensic Analysis and developer of several open source digital forensics analysis tools, including The Sleuth Kit and Autopsy. Brian has a Ph.D. in computer science from Purdue University and worked previously for @stake as a research scientist and the technical lead for their digital forensics lab and incident response team. Brian is the chair person for the Open Source Digital Forensics Conference (OSDFCon) and has been on the committees of many conferences, workshops and technical working groups. Autopsy - https://www.autopsy.com/ The Sleuth Kit - http://sleuthkit.org/ Open Source Digital Forensics Conference https://www.osdfcon.org/
Miroslav Stampar is an IT Security Advisor - Expert at Croatian Government's CERT, part of the Information Systems Security Bureau (ZSIS). Born in 1982., writing and breaking computer code for as long as I can remember. A PhD candidate with Master's Degree in Computer Science at Faculty of Electrical Engineering and Computing (FER), University of Zagreb, Croatia.Hacker, challenge solver, occasional CTF-er and an author of sqlmap, open source project for automated detection and exploitation of SQL injection vulnerabilities, along with numerous other offensive and defensive information security tools (e.g. Maltrail, DSSS, DSXS, DSVW, tsusen, etc.). Also, Croatian Chapter Lead for The Honeynet Project.SQLmap was initially by Daniele Bellucci in 2006, the project was soon taken over by Bernardo Damele who developed and promoted it. Later in 2009, Miroslav Stampar answered a call for developers and joined the project.
Joakim Kennedy is a Threat Intelligence Manager for Anomali. His job involves analyzing malware, tracking threat actors and numerous other responsibilities around threat intelligence. He often leads efforts around the Anomali Threat Research Team’s reports and blogs. His tool the “Go Reverse Engineering Toolkit” (https://go-re.tk/) was presented at Black Hat Arsenal 2019 and he has been a featured speaker at multiple BSides and other industry events.
Giovanni is a senior cyber security expert and manager based in Paris, old Italian Backtrack Linux ambassador/staff and ex DEFT Linux developer, now is the Tsurugi Linux core developer. DFIR instructor in his free time, he has spoken in several security conferences and he is passionate of many other topics like cyber-threat intelligence investigations, OSINT and interpersonal communication.
SecTools Podcast Series Episode 13 with Ajin AbrahamAjin Abraham is a Security Engineer with 8+ years of experience in Application Security including 4 years of Security Research. He is passionate on developing new and unique security tools. Some of his contributions to Hacker's arsenal include OWASP Xenotix XSS Exploit Framework, Mobile Security Framework (MobSF), Xenotix xBOT, NodeJsScan etc to name a few. He has been invited to speak at multiple security conferences including ClubHack, Nullcon, OWASP AppSec Eu, OWASP AppSec AsiaPac, BlackHat Europe, Hackmiami, Confidence, BlackHat US, BlackHat Asia, ToorCon, Ground Zero Summit, Hack In Paris, Hack In the Box, c0c0n and PHDays.
Mohammed A. “secfigo” Imran is the Founder and CTO of Eracorp Technologies/Practical DevSecOps and a seasoned security professional with 8 years of experience in helping organisations with their Information Security Programs. He has a diverse background in R&D, consulting and product-based industries with a passion to solve complex security programs. Imran is the founder of Null Singapore, the largest information security community in Singapore where he has organised more than 60 events & workshops to spread security awareness.He was also nominated as a community star for being the go-to person in the community whose contribution and knowledge sharing has helped many professionals in the security industry. He is usually seen speaking and giving trainings in conferences like Blackhat, DevSecCon, AppSec, All Day DevOps, Nullcon and many other international conferences.
Aseem Jakhar is the Director, research at Payatu Software Labs payatu.com a boutique security testing company. He is a renowned security researcher with extensive experience in system programming, security research and consulting. He is well known in the hacking and security community as the founder of null - The open security community, registered not-for-profit organization http://null.co.in and also the founder of nullcon security conference nullcon.net and hardwear.io security conference http://hardwear.io He currently spends his time researching on IoT security and hacking things. He is an active speaker and trainer at security conferences like AusCERT, Black Hat, Brucon, Defcon, Hack.lu, Hack in Paris, PHDays and many more. He has authored various open source projects including Linux thread injection kit – Jugaad and Indroid which demonstrate a stealthy in-memory malware infection technique, DIVA (Damn Insecure and Vulnerable App) for Android which gamifies Android App vulnerabilities and Expliot - Internet of Things Exploitation framework.
loading
Comments 
Download from Google Play
Download from App Store