Jayesh Singh Chauhan is a security professional with 12 years of experience in the security space and he is the founder of Cloud Village at DEF CON. In the past, he has been part of the security teams of PayPal, PwC, and was the Director of Product Security at Sprinklr Inc. in his last job. He currently runs his own Cloud Security Training and Consultancy firm, Cloudurance Security. He has been a trainer at conferences like Blackhat USA, Blackhat Asia, AppSec NZ, nullcon, and has trained defense...
May 25, 2025•39 min•Season 1Ep. 57
Donato is a Software Engineer and Principal Security Consultant at WithSecure, with over 12 years of experience in offensive security, security assurance, and software engineering. His background spans a wide range of cybersecurity areas, which gives him a practical and well-rounded perspective when working on securing LLM applications. Donato has conducted extensive research on generative AI security, covering topics such as multi-chain prompt injection, securing ReAct agents, and testing LLM g...
Feb 20, 2025•38 min•Season 1Ep. 56
Andre Tenreiro is a security professional with over a decade of leadership in various sectors, including IT infrastructure, cybersecurity, cloud computing, and IP networks. He has a passion for developing an open-source security tool aimed at identifying phishing domains. In 2020, Andre Tenreiro started the development of an excellent Open Source Intelligence (OSINT) security tool called, openSquat; a "domain squatting and phishing watchdog". It is a tool and service for detecting domain look-al...
Sep 15, 2024•24 min•Season 1Ep. 55
Ezz Tahoun, a distinguished cyber-security data scientist, who won AI & innovation awards at Yale, Princeton and Northwestern. He also got innovation awards from Canada’s Communications Security Establishment, Microsoft US, Trustwave US, PIA US, NATO, and more. He ran data science innovation programs and projects for OrangeCyber Defense, Forescout Technologies, Royal bank of Canada, Governments, and Huawei Technologies US. He has published 20 papers, countless articles and 15 open source pro...
Jul 15, 2024•43 min•Season 1Ep. 54
Praveen is a security enthusiast with 14+ years of experience in application security who loves to break complexity bias. His works include developing frameworks and tools for Container Security, automated Penetration Testing, SAAS Security, Automated Secure Code Analysis, Asset Discovery and Recon and also have worked on Security against Analytics Mitigated threats against Analytics through extensive Research and solution suggestions on browser security and rate limiting. Praveen and his team a...
May 29, 2024•30 min•Season 1Ep. 53
Duncan Ogilvie has started reverse engineering somewhere around 2009. He is the creator of x64dbg, an open-source x64/x32 debugger for windows, and 100+ other projects. Duncan loves to do binary analysis and Windows internals. In this episode, he shares the interesting journey with developing and maintaining x64dbg project. For more SecTools podcast episodes, visit https://infoseccampus.com
Mar 19, 2024•28 min•Season 1Ep. 52
A cybersecurity professional with expertise in mobile, web, and network penetration testing. Dimitrios holds a degree in Computer Science, majoring in Cryptography and Security, and has worked with top companies like Microsoft and Google. He is frequent speaker at prominent security conferences such as BlackHat, Nullcon, Insomni'hack, and Troopers. He is passionate about reverse engineering and was a member of one of Greece's first reverse engineering research groups. For more SecTools podcast e...
Feb 19, 2024•31 min•Season 1Ep. 51
Angelina Tsuboi is an aerospace cybersecurity instructor focusing on satellite systems. With over a decade of programming and development experience in addition to being a scientific researcher for NASA, she has been involved in various CubeSat initiatives where she participated in tasks related to command and data handling subsystems and firmware development for the Onboard Computer. Driven by her passion for teaching, Angelina finds joy in simplifying complex subjects such as aerospace, cybers...
Jan 14, 2024•31 min•Season 1Ep. 50
Gelei is a cybersecurity researcher with wide interests in system security and penetration testing. He is currently pursuing a Ph.D. in computer science from Nanyang Technological University, Singapore, where he explores security challenges in complex human-interactive systems. Gelei is also a blockchain auditor at Quantstamp, Inc., where he contributes to the audits of web3 projects and security protocols. His research interests encompass security testing, software analysis, and large language ...
May 31, 2023•35 min•Season 1Ep. 49
Abhisek Datta is an accomplished security professional with over a decade of experience in information security solution engineering, services, vulnerability research, reverse engineering and security tools development. He is an active participant of NULL Security Community, India’s largest open security community as a core team member responsible for techndnology development. He is an open source enthusiast and He authored swachalit, the automation Platform that hosts null.co.in and also contri...
Apr 23, 2023•34 min•Season 1Ep. 48
Tim Misiak has been working on debuggers and diagnostics for most of my professional career as a software engineer. For more than a decade, Tim has been working on the Microsoft Debugger Platform team, working on tools such as WinDbg and KD. He started the WinDbgNext project in 2016 that modernized WinDbg UI. Tim also wrote a chunk of the X86/X64 emulator used by Time Travel Debugging. Currently, Tim founded his start up augmend.io For more SecTools podcast episodes, visit https://infoseccampus....
Feb 20, 2023•41 min•Season 1Ep. 47
Thomas Roccia is the Sr. Security Researcher at Microsoft, working on threat intelligence, malware analysis, incident response, and more. He also has the interest in many other topics including mentoring and teaching, open-source, hacking, 3D printing and even blockchain ecosystem. For more SecTools podcast episodes, visit https://infoseccampus.com
Jan 31, 2023•28 min•Season 1Ep. 46
Erlend has worked as a developer and security consultant for over 14 years, trying to build and break many different types of systems. He spends some of his free time on security research and open source tools, and is the main author behind retire.js - a free and open source scanner for JavaScript. He is also the chapter leader of the Norwegian OWASP chapter. For more SecTools podcast episodes, visit https://infoseccampus.com
Dec 07, 2022•30 min•Season 1Ep. 45
Jeff Foley has over 20 years of industry experience focused on applied research & development and assessment of security in critical information technology and infrastructure. He is the Project Leader for Amass, an OWASP (Open Web Application Security Project) Foundation flagship project that performs in-depth attack surface mapping and asset discovery. Jeff is also an Adjunct Lecturer teaching Penetration Testing at the SUNY (State University of New York) Polytechnic Institute. Previously, ...
Nov 21, 2022•43 min•Season 1Ep. 44
Anand Tiwari is an information security professional with a strong technical background working as a Technical Product Manager (PM), focusing on the more technical aspects of a cloud security product. He tries to fill it in by doing in-depth technical research and competitive analysis, given business issues, strategy, and a deep understanding of what the product should do and how the products actually work. He has authored ArcherySec—an open source-tool and has presented at BlackHat, DEF CON USA...
Oct 10, 2022•33 min•Season 1Ep. 43
Nicolas is a French security researcher, a proud dad of two children. He started Wapiti in 2006 when he was learning Python programming language. Nicolas is currently working in the infosec field as a programmer at CybelAngel (since 2015). Wapiti is a web-application vulnerability scanner that allows you to audit the security of your websites or web applications. It performs "black-box" scans (it does not study the source code) of the web application by crawling the webpages of the deployed weba...
Sep 11, 2022•23 min•Season 1Ep. 42
unblob is an accurate, fast, and easy-to-use extraction suite. It parses unknown binary blobs for more than 30 different archive, compression, and file-system formats, extracts their content recursively, and carves out unknown chunks that have not been accounted for. unblob is free to use, licensed under MIT license, it has a command line interface and can be used as a Python library. This turns unblob into the perfect companion for extracting, analyzing, and reverse engineering firmware images....
Aug 29, 2022•30 min•Season 1Ep. 41
Christian Folini is a Swiss security engineer and web application firewall expert working at netnea.com. Christian studied History and Computer Science and graduated with a PhD in Medieval History. He is the author of the ModSecurity Handbook (2ed), He also co-lead the OWASP ModSecurity Core Rule Set (CRS) project that runs on millions of servers globally. Furthermore he serves as the program chair of the Swiss Cyber Storm conference. Christian also teaches ModSecurity and Core Rule Set courses ...
Jul 15, 2022•31 min•Season 1Ep. 40
Graduated in 1999 from Epita (France) as IT security engineer, Philippe endorsed many roles before creating its latest company CrowdSec. From Pentester to community builder (Magento) or even eCommerce expert (author of 4 books), or CTO, he is tech curious and loves to dive into new trends like IoT, crypto currencies or AI. But whatever the context is, his crush is and will forever be IT security, SecOps and entrepreneurship. LP or investor in several different companies, CrowdSec is not its full...
Jun 10, 2022•28 min•Season 1Ep. 39
Alexandre Dulaunoy: Alexandre Dulaunoy leads the Luxembourgian Computer Security Incident Response Team (CSIRT) CIRCL in the research and operational fields. He enjoys working on projects that blend “free information,” innovation, and direct social improvement. When not gardening binary streams, he likes facing the reality of ecosystems while gardening plants or doing photography. He enjoys it when humans use machines in unexpected ways. He also a core contributor to many open source projects su...
Mar 21, 2022•29 min•Season 1Ep. 38
Ai Ho (mostly known as j3ssie) is a self-taught security engineer with a computer science background who loves automation. He got Interested in responsible disclosure/bug bounty nearly three years ago and have been building some of my own tools to do it. He wrote Osmedeus, Jaeles and Metabigor to help his bug bounty efforts and made these projects open source for the community. For more SecTools podcast episodes, visit https://infoseccampus.com...
Jan 17, 2022•23 min•Season 1Ep. 37
Ruslan Habalov has a computer science background with a focus on code analysis and is interested in scalable solutions to challenging security problems. His security research covered an exploitable remote code execution bug in PHP used against a popular platform in a bug-bounty context as well as side-channel attacks against browsers. As a machine learning enthusiast he's looking for options to unite the best of both worlds. He is currently working as a Senior Security Engineer at Google. Ruslan...
Dec 21, 2021•25 min•Season 1Ep. 36
Jack Baker is a professional security researcher and amateur video game hacker. Jack has spoken at a handful of conferences including DEF CON on subjects relating to reverse engineering and vulnerability research. Jack started his infosec career as a software developer in the fintech space before realizing that breaking things is less stressful than defending them. Since then, Jack has had the opportunity to hack banks, airplanes, and spacecrafts. Jack is the author of Cetus and WAIL, a set of t...
Nov 19, 2021•30 min•Season 1Ep. 35
Lukas Rist authored several open source honeypot projects. After spending a couple of years studying mathmatics and physics, Lukas ventured out to work with Bing and Microsoft Research on making the web a safer place, got payed by DARPA to hunt hackers and taught students in Taiwan open source security. His passion for security and open source got nurtured by The Honeynet Project which lead to a five year stint with Norman Shark, Blue Coat, and Symantec, working on large scale malware analysis a...
Oct 14, 2021•38 min•Season 1Ep. 34
Joxean Koret has been working for the past 15 years in many different computing areas. He started as a database software developer and DBA for a number of different RDBMS. Eventually he turned towards reverse engineering and applied this DB insights to discover dozens of vulnerabilities in major database products, especially Oracle. He also worked in areas like malware analysis, anti-malware software development and developing IDA Pro at Hex-Rays. He is currently a senior security engineer. Joxe...
Aug 17, 2021•31 min•Season 1Ep. 33
Chris Em (also known as Cookie Engineer) has almost 2 decades of experience in IT and security industry. He specializes in multiple domains including web intelligence, network security and forensics. During spare time, Chris is working on the Web of Knowledge with his project called the [Tholian Network]( https://tholian.network ), which aims to automate the Semantic Web whilst using a unique distributed peer-to-peer Network Architecture combined with (co-)evolutionary adaptive AI methodologies ...
Jul 27, 2021•29 min•Season 1Ep. 32
Marc Ochsenmeier is the author of Pestudio on winitor.com. Pestudio is a unique tool that allows you to perform an initial assessment of a malware without even infecting a lab system or studying its code. Marc has initially worked as software developer with a focus on Windows hardening security. He also has a vast expertise in penetration testing and forensics area. For more SecTools podcast episodes, visit https://infoseccampus.com
Jun 30, 2021•36 min•Season 1Ep. 31
In 2001, NJ founded the Infosec community tools portal ToolsWatch.org. And since 2011, he is co-managing & helping to improve the Black Hat Arsenal the World’s largest security event dedicated to open source tools demonstrations. NJ is also the founder of vFeed, Inc a niche startup that provides top-notch correlated vulnerability & threat intelligence feed to 100+ Worldwide customers. For more SecTools podcast episodes, visit https://infoseccampus.com...
Apr 06, 2021•40 min•Season 1Ep. 30
Martin Donath is the creator of Material for MkDocs, a static site from a set of Markdown files to host the documentation. For more SecTools podcast episodes, visit https://infoseccampus.com
Mar 28, 2021•38 min•Season 1Ep. 29
Charlie Belmer is a security and privacy engineer at DuckDuckGo. He authored NoSQLi, an open source NoSql Injection CLI tool, for finding vulnerable websites using MongoDB. He writes about security and privacy research on his personal blog nullsweep.com For more SecTools podcast episodes, visit https://infoseccampus.com
Feb 15, 2021•28 min•Season 1Ep. 28
