← All talks
Topic

Vulnerability Research talks at BSides

565 talks tagged Vulnerability Research from 94 chapters of BSides events worldwide.

Related topics
RedTechnicalTechnical Deep-divesTalkAdvancedCase Studies and Incidents Analysis
1:06:07
Top-Tier Bug Bounty Hunter Mindset
Yassine Aboukir
BSides Ahmedabad · 2022
CareerCareer & Soft SkillsVulnerability ResearchIntermediaryRedKeynote
Open →2023-02
1:03:19
Bug Bounty on Steroids
Hussein Daher
BSides Ahmedabad · 2023
TechnicalVulnerability ResearchWeb AppSecIntermediaryRedTalk
Open →2023-02
33:53
The Power of Recon
Orwa Atyat
BSides Ahmedabad
TechnicalOSINTVulnerability ResearchWeb AppSecRedTalk
Open →2024-05
47:57
Exploit Development Is Dead, Long Live Exploit Development!
Connor McGarr
BSides KC · 2021
TechnicalReverse EngineeringVulnerability ResearchAdvancedRedCase Studies and Incidents AnalysisTechnical Deep-divesTalk
Open →2021-11
1:09:05
Demystifying Bug Bounties: Insights from a Decade of Experience
Yassine Aboukir
BSides Prishtina · 2023
TechnicalSupply Chain SecurityVulnerability ResearchRedTalk
Open →2023-05
30:26
Web security is fun (or how I stole your Google Drive files)
Lyra Rebane
BSides Tallinn · 2024
TechnicalVulnerability ResearchWeb AppSecTalk
Open →2024-10
27:44
Hacking AAA Unreal Engine Games with Python
Ross Simpson
BSides Cape Town · 2023
TechnicalReverse EngineeringVulnerability ResearchRedDemoTalk
Open →2023-12
41:35
How to Write Your First Nuclei Template
Dhiyaneshwaran
BSides Ahmedabad
TechnicalVulnerability ResearchWeb AppSecTalk
Open →2023-02
43:49
Shellcoding basics
Max Harley
BSides Charleston · 2016
TechnicalCTFReverse EngineeringVulnerability ResearchIntermediaryRedTalk
Open →2016-11
31:58
Automating Web Application Bug Hunting
Jerry GamblinJonathan Cran
BSidesSF · 2019
TechnicalOSINTVulnerability ResearchWeb AppSecTalk
Open →2019-03
56:06
Easy LPEs and Common Software Vulnerabilities
Christopher Vella
BSides Canberra · 2021
TechnicalReverse EngineeringVulnerability ResearchTalk
Open →2021-04
35:41
AI WILL TAKE UR JOB!
Pedro Ribeiro
BSides Lisbon · 2024
CareerCareer & Soft SkillsVulnerability ResearchKeynote
Open →2024-11
48:32
DOM Based Angular Sandbox Escapes
Gareth Heyes
BSides Manchester · 2017
TechnicalVulnerability ResearchWeb AppSecAdvancedRedTechnical Deep-divesTalk
Open →2017-08
45:31
Source Code Security Audit Speed Run
Eldar Marcussen
BSides Canberra · 2019
TechnicalVulnerability ResearchWeb AppSecTalk
Open →2019-05
9:40:42
BSIDESLV 2018 - Breaking Ground - Day Two
BSides Las Vegas · 2018
TechnicalHardware HackingMobile SecurityReverse EngineeringVulnerability ResearchTalk
Open →2018-08
28:58
Introduction to Return Oriented Exploitation on ARM64
Billy Ellis
BSides Manchester · 2018
TechnicalReverse EngineeringVulnerability ResearchIntermediaryRedTalk
Open →2018-08
42:25
Client-Side to Critical
Satyam GothiKuldeep Pandya
BSides Ahmedabad · 2025
TechnicalVulnerability ResearchWeb AppSecRedTalk
Open →2025-05
1:04:53
Smashing the Stack to Building ROP Chains with Gadgets
Doug Rodgers
BSides Charlotte · 2016
TechnicalReverse EngineeringVulnerability ResearchIntroRedDemo
Open →2016-05
30:07
Local Admin in less than 60 seconds
Nikos Vourdas
BSides Budabest · 2024
TechnicalActive DirectoryKerberosVulnerability ResearchRedTechnical Deep-divesTalk
Open →2025-01
15:37
Tale of Chaining Bugs for Account Takeover
Harsh Bothra
BSides Ahmedabad · 2022
TechnicalVulnerability ResearchWeb AppSecRedCase Studies and Incidents AnalysisTalk
Open →2023-02
5:44
Yassine Aboukir: Bug Bounty, Authentication Vulnerabilities, and Hacker Collaboration
Yassine Aboukir
BSides Ahmedabad · 2023
CareerVulnerability ResearchWeb AppSecRedTalk
Open →2023-02
1:22:46
Hacking Minds with Ansh Bhawanani
Ansh Bhawanani
BSides Noida · 2024
CareerCareer & Soft SkillsVulnerability ResearchTalk
Open →2024-12
39:30
Pwning Cloud Contexts: From GitHub Token to Compromising an Entire GCP Organization
Ayoub Fathi
BSides Ahmedabad · 2024
TechnicalCloud IAMSupply Chain SecurityVulnerability ResearchRedCase Studies and Incidents AnalysisTechnical Deep-divesTalk
Open →2024-04
30:48
Fighting Secrets In Source Code With TruffleHog
Dylan Ayrey
BSidesSF · 2018
TechnicalToolingDevSecOpsSupply Chain SecurityVulnerability ResearchTalk
Open →2018-04
42:33
Web Application Vulnerability Scanners: An Introduction & Discussion on Their Limitations
Robert Feeney
BSides Cape Town · 2019
TechnicalVulnerability ResearchWeb AppSecTalk
Open →2019-12
39:34
What the DLL? Finding and Exploiting DLL Preloading Vulnerabilities
Chris Le Roy
BSides Cape Town · 2016
TechnicalReverse EngineeringVulnerability ResearchRedDemoTalk
Open →2016-12
7:47:16
BsidesLV 2025 - Ground Floor - Monday
BSides Las Vegas · 2025
TechnicalCloud IAMOSINTVulnerability ResearchRedTalk
Open →2025-08
50:11
No Code Execution? No Problem! — Living The Age of Virtualization-Based Security
Connor McGarr
BSides KC · 2022
TechnicalReverse EngineeringVulnerability ResearchAdvancedRedTechnical Deep-divesTalk
Open →2022-10
23:07
Time Traveling Exploitation: Remote Code Execution in a 10,000 Day Old Game Protocol
Riley Kidd
BSides Canberra · 2025
TechnicalReverse EngineeringVulnerability ResearchAdvancedRedDemoTalk
Open →2025-12
8:30
PHP Execute After Redirect to SQL Injection
Kuldeep Pandya
BSides Ahmedabad · 2022
TechnicalVulnerability ResearchWeb AppSecRedDemo
Open →2023-02
25:39
Journey to Command Injection: Hacking the Lenovo ix4-300d
Rick Ramgattie
BSidesSF · 2019
TechnicalHardware HackingVulnerability ResearchWeb AppSecIntermediaryRedDemo
Open →2019-03
6:51
Playing with Fake Emails for Fun and Profit
Sayaan Alam
BSides Ahmedabad · 2022
TechnicalVulnerability ResearchWeb AppSecRedCase Studies and Incidents AnalysisTalk
Open →2023-02
33:56
How to Sink a UBoot: Understanding Bootloader Attack Surface
Keith Makan
BSides Cape Town · 2023
TechnicalHardware HackingReverse EngineeringVulnerability ResearchTalk
Open →2023-12
47:43
Lightning fast CTF solving - Automatic Exploit Generation & Side Channel Analysis
Christopher Roberts
BSides DC 2018
TechnicalCTFReverse EngineeringVulnerability ResearchAdvancedRedTalk
Open →2018-11
36:18
Macabre Stories of a Hacker in the Public Health Sector (Chile)
Philippe Delteil
BSides Cape Town · 2019
War StoriesDFIRPrivacyVulnerability ResearchBlueCase Studies and Incidents AnalysisTalk
Open →2019-12
56:10
Continuous Integration: Stalking Vulnerabilities with Puma Scan
Eric Johnson
BSides Iowa · 2017
TechnicalDevSecOpsVulnerability ResearchCase Studies and Incidents AnalysisTalk
Open →2017-04
20:12
Attack of the Graph: Visual Tools for Cyber Analysis
Christian Miles
BSides Vancouver · 2021
TechnicalThreat IntelThreat ModelingVulnerability ResearchTalk
Open →2021-06
26:43
Pwning Android Apps at Scale
SparshShashank
BSides Ahmedabad
ResearchTechnicalMobile SecuritySupply Chain SecurityVulnerability ResearchAdvancedRedCase Studies and Incidents Analysis+2
Open →2023-02
52:48
Navigating Bug Bounties: From NAs to P1s
Animesh Acharya
BSides Canberra · 2025
CareerVulnerability ResearchWeb AppSecRedCase Studies and Incidents AnalysisTalk
Open →2025-11
47:39
Mastering Android Security Research: A Guide for the Modern Security Researcher
Hahna LatonickJacob Swinsinski
BSides Tampa · 2024
TechnicalMobile SecurityReverse EngineeringVulnerability ResearchIntermediaryRedTalk
Open →2024-05
47:29
Easy Ways to Bypass Antivirus Systems
Craig Young
BSides London · 2014
TechnicalMalware AnalysisReverse EngineeringVulnerability ResearchRedDemoTalk
Open →2014-05
42:23
Not All Vulnerabilities Are The Same
Shubham Shah
BSides Canberra · 2025
ResearchVulnerability ResearchWeb AppSecKeynote
Open →2025-12
30:55
ByteSweep: A Free Software IoT Security Analysis Platform
Matt Brown
BSides Las Vegas · 2019
TechnicalToolingIoTReverse EngineeringVulnerability ResearchDemoTalk
Open →2019-10
25:38
Race Against the Machine: Rapid Exploit Development via LLMs
Matthew Deluca
BSides Augusta · 2023
ResearchTechnicalAI SecurityVulnerability ResearchEmpirical ResearchTechnical Deep-divesTalk
Open →2023-10
48:57
Walkthrough of an N-day Android GPU driver vulnerability
Angus
BSides Canberra · 2025
TechnicalHardware HackingMobile SecurityVulnerability ResearchAdvancedRedTalk
Open →2026-03
54:48
Malware Analysis — Red Team Edition
Uriel Kosayev
BSides Las Vegas · 2022
TechnicalMalware AnalysisVulnerability ResearchAdvancedRedDemoTalk
Open →2022-09
41:32
The Dark Side of DeFi
Rudra SinghArbaz Hussain
BSides Ahmedabad · 2022
TechnicalSmart Contract SecurityVulnerability ResearchWeb AppSecIntermediaryTechnical Deep-divesTalk
Open →2023-02
40:34
Exploiting Alpine Linux: From vulnerability discovery to code execution
Ariel Zelivansky
BSides DC · 2017
TechnicalContainer SecurityVulnerability ResearchTechnical Deep-divesTalk
Open →2017-10
26:03
Automated Security Scanning of GraphQL APIs with Burp
Jared Meit
BSides Toronto · 2022
TechnicalVulnerability ResearchWeb AppSecDemoTalk
Open →2022-10
39:46
Exploit Prediction Scoring System (EPSS) - The User Guide - Chris Madden
Chris Madden
BSides Dublin · 2024
TechnicalThreat IntelVulnerability ResearchEmpirical ResearchMethodologyTalk
Open →2024-06
18:17
Living With Kodi And A Hole In Your Network
Yevgen Goncharuk
BSides Lisbon · 2018
TechnicalIoTMalware AnalysisVulnerability ResearchTalk
Open →2018-12
23:03
Return-Oriented Exploitation on ARM
Tamás Tokics
BSides Budabest · 2019
TechnicalReverse EngineeringVulnerability ResearchAdvancedRedTechnical Deep-divesDemoTalk
Open →2019-06
38:31
The Next Generation of Web Exploits: From Cache Poisoning to Multi-Layer Fingerprinting
Steve Sprecher
Bsides CT · 2025
TechnicalVulnerability ResearchWeb AppSecEmpirical ResearchTechnical Deep-divesTalk
Open →2025-12
19:06
Hacking a Hackathon for Fun and Profit
Alexei KojenovAlex Ivkin
BSides PDX · 2018
TechnicalSupply Chain SecurityVulnerability ResearchWeb AppSecRedCase Studies and Incidents AnalysisTalk
Open →2018-03
41:34
Knock Knock. Race Condition. Who's There?
Ross Simpson
BSides Cape Town · 2025
TechnicalVulnerability ResearchWeb AppSecTalk
Open →2025-12
48:31
Bypassing Huawei's Fingerprint Authentication by Exploiting the TrustZone
Nick Stephens
BSides DC · 2018
TechnicalHardware HackingMobile SecurityVulnerability ResearchAdvancedRedCase Studies and Incidents AnalysisTechnical Deep-dives+2
Open →2018-11
45:11
Deep Dive into Clouded Waters: Penetration Testing and Security in DigitalOcean
Bleon Proko
BSides Prishtina · 2023
TechnicalCloud IAMVulnerability ResearchTalk
Open →2023-05
47:03
Pasten: Capture the Flag
Danny GranderYuval Ofir
BSides TLV · 2019
TechnicalCTFReverse EngineeringVulnerability ResearchAdvancedRedTalk
Open →2019-11
25:14
From Firmware to Exploit
Michael Messner
BSides Las Vegas · 2023
TechnicalToolingFirmware SecurityIoTReverse EngineeringVulnerability ResearchIntermediaryTechnical Deep-dives+1
Open →2023-10
42:30
Crash all the Flying Things! — Exploiting and Defending Aircraft Collision Avoidance
Joe Greenwood
BSides London · 2015
TechnicalHardware HackingThreat ModelingVulnerability ResearchAdvancedRedTechnical Deep-divesTalk
Open →2015-07
26:29
Finding & Exploiting Client-Side Prototype Pollution in the Wild
BSides Ahmedabad · 2021
TechnicalVulnerability ResearchWeb AppSecRedCase Studies and Incidents AnalysisMethodologyTalk
Open →2022-02
55:20
Responsible Vulnerability Disclosure
Stoyan KolevLyubomir VanyovVladimir Dimitrov
BSides Sofia · 2022
Vulnerability ResearchPanel
Open →2022-04
42:25
Bypassing AppLocker Protection by Manipulating Its Cache
Grzegorz Tworek
BSides Prishtina · 2023
TechnicalReverse EngineeringVulnerability ResearchRedTechnical Deep-divesTalk
Open →2023-05
55:11
Mastering Bug Bounty: The Secrets of hunting bugs by Devansh Chauhan
Devansh Chauhan
BSides Noida · 2024
CareerVulnerability ResearchWeb AppSecIntroTalk
Open →2024-11
1:04:18
Java Serialization Attacks
Robert Seacord
BSides Peru · 2017
TechnicalVulnerability ResearchWeb AppSecTechnical Deep-divesTalk
Open →2017-07
39:36
Subdomain Takeovers
Simon Gurney
BSides Newcastle · 2022
TechnicalVulnerability ResearchWeb AppSecRedTalk
Open →2022-09
30:03
Beyond Quick Cash: Rethinking Bug Bounties for Greater Impact
Jayson GraceFarah Hawa
BSidesSF · 2024
CommunityVulnerability ResearchTalk
Open →2024-07
18:35
Supercharge Your Workflow: Using WhiteRabbitNeo for AI-Powered Analysis
Bailey Williams
BSides Charm · 2025
TechnicalAI SecurityDevSecOpsVulnerability ResearchRedTalk
Open →2025-05
26:24
Game Hacking for Security Professionals
Max HarleyNick Powers
BSides Charleston · 2024
TechnicalReverse EngineeringVulnerability ResearchRedDemoTalk
Open →2024-11
43:04
How to fuzz?
Kamil Frankowicz
BSides Warsaw · 2016
TechnicalVulnerability ResearchTechnical Deep-divesTalk
Open →2016-10
42:15
Adventures in Asymmetric Warfare: Fighting the AV Vendors
Will Schroeder
BSides DC · 2014
TechnicalMalware AnalysisReverse EngineeringVulnerability ResearchAdvancedRedTechnical Deep-divesTalk
Open →2014-10
3:30:16
BSides Noida : Day - 1
Fardeen AhmadSourav KumarKavisha ShethPhilippe Humeau
BSides Noida · 2021
TechnicalCloud IAMVulnerability ResearchWeb AppSecTalk
Open →2021-08
54:50
Well well well, if it isn't the consequences of my own actions
Justin Steven
BSides Canberra · 2025
TechnicalCryptographySupply Chain SecurityVulnerability ResearchAdvancedCase Studies and Incidents AnalysisTechnical Deep-divesTalk
Open →2025-12
43:40
Diaphora: a new FOSS program diffing tool
Joxean Koret
BSides Lisbon · 2015
TechnicalReverse EngineeringVulnerability ResearchIntermediaryBlueTechnical Deep-divesTalk
Open →2015-07
59:52
Testy bezpieczeństwa infrastruktury w przerwie na herbatę. Czy to możliwe?
Krystian Działowy
BSides Warsaw · 2024
TechnicalNetwork SecurityVulnerability ResearchDemoTalk
Open →2024-07
56:32
Static Code Analysis, from Source to Sink
Paul Johnston
BSides Manchester · 2015
TechnicalVulnerability ResearchWeb AppSecTalk
Open →2015-09
35:30
Hacking Companies For Internet Glory While Not Dying In A Sarlacc Pit
Andy Gill
BSides Leeds · 2019
TechnicalOSINTVulnerability ResearchWeb AppSecRedTalk
Open →2019-01
30:48
A Two-part Saga: Continuing the Journey of Hacking Malware C2s
Vangelis Stykas
BSides Prague · 2024
TechnicalMalware AnalysisVulnerability ResearchWeb AppSecRedCase Studies and Incidents AnalysisTechnical Deep-divesTalk
Open →2024-04
19:23
Ding Dong The EDR is DEAD
Ayman Sagy
BSides Canberra · 2025
TechnicalReverse EngineeringVulnerability ResearchAdvancedRedTechnical Deep-divesTalk
Open →2025-12
47:14
Breaking COMposure: Journey to Hunting Windows COM Vulnerabilities
ByungHyun Kang
BSides Canberra · 2025
TechnicalVulnerability ResearchAdvancedRedTalk
Open →2025-12
48:29
Your Critical System IS (NOT?) Vulnerable: CSAF, VEX, SBOM and the Future of Advisories
Allan FriedmanJens Wiesner
BSides Las Vegas · 2021
PolicyTechnicalSupply Chain SecurityVulnerability ResearchTalk
Open →2021-08
22:50
BADPDF: Stealing Windows Credentials via PDF Files
Ido SolomonAdi Ikan
BSidesSF · 2019
TechnicalNetwork SecurityVulnerability ResearchWeb AppSecRedTechnical Deep-divesTalk
Open →2019-03
40:53
Hardware Hacking: DVRs and Dildos
Ken Munro
BSides Scotland 2017
TechnicalHardware HackingIoTReverse EngineeringVulnerability ResearchAdvancedRedKeynote
Open →2017-11
25:34
Attacking GraphQL: A Guide for Penetration Testers
Keith Makan
BSides Cape Town · 2025
TechnicalVulnerability ResearchWeb AppSecRedTalk
Open →2025-02
46:32
Anyone Can Hack APIs: A Crash Course For Pentesters And Bug Bounty Hunters
Alex Olsen
BSides London · 2025
TechnicalVulnerability ResearchWeb AppSecRedTalk
Open →2026-03
58:15
Modern Linux Kernel Mitigations
Ray VeldkampMatthew Kurz
BSides Canberra · 2023
TechnicalVulnerability ResearchBlueTechnical Deep-divesTalk
Open →2023-10
20:37
From MS08-067 to EternalBlue
Denis Isakov
BSides Manchester · 2017
TechnicalReverse EngineeringVulnerability ResearchAdvancedRedCase Studies and Incidents AnalysisTechnical Deep-divesTalk
Open →2017-08
55:50
Practical Serialization Attacks
Nicky Bloor
BSides Manchester · 2017
TechnicalReverse EngineeringVulnerability ResearchWeb AppSecAdvancedRedCase Studies and Incidents AnalysisTechnical Deep-dives+1
Open →2017-08
26:09
Life of a Bug: An Insight on the GitHub Bounty Program
Jeffrey GuerraCaitlin Buckshaw
BSidesSF · 2023
TechnicalVulnerability ResearchBlueCase Studies and Incidents AnalysisTalk
Open →2023-05
43:53
Pwning Electric Motorcycles
Mitchell MaraschPersephone Karnstein
BSides Seattle · 2026
ResearchTechnicalHardware HackingReverse EngineeringVulnerability ResearchAdvancedRedCase Studies and Incidents Analysis+2
Open →2026-03
28:29
You Don't See Me: Abusing Whitelists to Hide and Run Malware
Michael Spaling
BSides Las Vegas · 2016
TechnicalMalware AnalysisVulnerability ResearchRedTalk
Open →2016-08
4:47
STÖK Fredrik Interview
BSides Ahmedabad · 2020
CareerVulnerability ResearchTalk
Open →2020-02
53:01
Hidden Networks Pivoting: Redefining DNS Rebinding Attack
Tomer ZaitNimrod Levy
BSides Las Vegas · 2019
TechnicalNetwork SecurityVulnerability ResearchWeb AppSecAdvancedRedTalk
Open →2019-10
26:54
Introduction to OWASP Juice Shop
Tim Corless-Carter
BSides Manchester · 2019
TechnicalOWASPVulnerability ResearchWeb AppSecIntroRedDemo
Open →2019-09
41:37
Getting Things Fixed: Security Wins and Fails
Scott Piper
BSides SLC · 2025
War StoriesCloud IAMVulnerability ResearchKeynote
Open →2025-06
14:18
EmailShell: A War Story On Leveraging Server Side Template Injection (SSTI) To Hack Into GCP
Phillip
BSides London · 2025
TechnicalVulnerability ResearchWeb AppSecRedCase Studies and Incidents AnalysisTalk
Open →2026-03
17:33
SniffAir – An Open-Source Framework for Wireless Security Assessments
Steven DarracottMatthew Eidelberg
BSides Las Vegas · 2017
TechnicalToolingVulnerability ResearchWireless SecurityDemoTalk
Open →2017-08
39:58
Dirty Stream Attack: Turning Android Share Targets into Attack Vectors
Dimitrios Valsamaras
BSides Lisbon · 2023
TechnicalMobile SecurityVulnerability ResearchRedTalk
Open →2024-02
49:30
Infrastructure as RCE: How to abuse Terraform to elevate access
Mike McCabe
BSides NYC · 2023
TechnicalCloud IAMDevSecOpsVulnerability ResearchRedTalk
Open →2023-06
32:33
L0ss sans C St0 - PAMdemonium! Privileged Access Management
BSides Perth · 2023
TechnicalActive DirectoryCryptographyVulnerability ResearchAdvancedRedTalk
Open →2023-08
View all 565 talks tagged Vulnerability Research →