Tool

BSides talks featuring Burp Suite

322 talks mention this tool across 81 BSides chapters.

Talks featuring Burp Suite

Bug Bounty Recon The Right Way

Khalil A. Lemtaffah

BSides Budabest · 2022

Technical OSINT Web AppSec Intermediary Red Talk

Open →2023-06

G1234! - Cash in the Aisles: How Gift Cards are Easily Exploited - William Caput

BSides Las Vegas

Open →2017-08

The Power of Recon

BSides Ahmedabad

Technical OSINT Vulnerability Research Web AppSec Red Talk

Open →2024-05

Exploit Development Is Dead, Long Live Exploit Development!

BSides KC · 2021

Technical Reverse Engineering Vulnerability Research Advanced Red Case Studies and Incidents Analysis Technical Deep-dives Talk

Open →2021-11

Demystifying Bug Bounties: Insights from a Decade of Experience

Yassine Aboukir

BSides Prishtina · 2023

Technical Supply Chain Security Vulnerability Research Red Talk

Open →2023-05

Hacking AAA Unreal Engine Games with Python

BSides Cape Town · 2023

Technical Reverse Engineering Vulnerability Research Red Demo Talk

Open →2023-12

Scripting Myself Out of a Job - Automating the Penetration Test with APT2 - Adam Compton

BSides Knoxville

Open →2016-06

If You Can Open The Terminal, You Can Capture The Flag: CTF For Everyone

Open →2013-06

AutoRepeater: Automated HTTP Request Repeating With Burp Suite

BSidesROC · 2018

Technical Tooling Web AppSec Demo Talk

Open →2018-04

BSidesMCR 2019: HTTP Desync Attacks: Smashing Into The Cell Next Door - James Kettle

BSides Manchester

Open →2019-09

How to Write Your First Nuclei Template

BSides Ahmedabad

Technical Vulnerability Research Web AppSec Talk

Open →2023-02

Blackhat Python

BSides Toronto · 2014

Open →2014-12

Automating Web Application Bug Hunting

Jerry Gamblin Jonathan Cran

BSidesSF · 2019

Technical OSINT Vulnerability Research Web AppSec Talk

Open →2019-03

Pentesting Hardware And IoT by Mark Carney

BSides Leeds · 2018

Open →2018-02

Wędkarstwo Dla Myśliwych - Z Phishingiem Przygody Bezpiecznika

BSides Warsaw · 2018

Open →2019-02

SWF Seeking Lazy Admin for Cross-Domain Action

BSides DC · 2014

Technical OWASP Web AppSec Talk

Open →2014-10

Client-Side to Critical

Satyam Gothi Kuldeep Pandya

BSides Ahmedabad · 2025

Technical Vulnerability Research Web AppSec Red Talk

Open →2025-05

Abusing Historical DNS Records for Fun & Profit

Mustafa Can IPEKCI

BSides Ahmedabad · 2025

Open →2025-05

Tale of Chaining Bugs for Account Takeover

BSides Ahmedabad · 2022

Technical Vulnerability Research Web AppSec Red Case Studies and Incidents Analysis Talk

Open →2023-02

2016 - James Kettle - Hunting Asynchronous Vulnerabilities

BSides Manchester

Open →2016-09

PG - Pwn All The Mobile Porn Apps - Ben Actis

BSides Las Vegas

Open →2017-08

BG - Pacu: Attack and Post-Exploitation in AWS - Spencer Gietzen

BSides Las Vegas

Open →2018-09

Bug Bounty Show

BSides Ahmedabad · 2022

Open →2023-02

2017 - Cracking The Lens: Targetting HTTP's Hidden Attack Surface

BSides Manchester

Open →2017-08

Amazon Cognito (Mis)Configurations

BSides Ahmedabad · 2021

Technical Cloud IAM Intermediary Red Talk

Open →2022-03

You can't make web app security easy, but you can make it simple

BSides DC · 2015

Technical Web AppSec Talk

Open →2015-12

Damn GraphQL - Defending and Attacking APIs - Dolev Farhi

BSides Vancouver

Open →2021-06

Pwning Cloud Contexts: From GitHub Token to Compromising an Entire GCP Organization

BSides Ahmedabad · 2024

Technical Cloud IAM Supply Chain Security Vulnerability Research Red Case Studies and Incidents Analysis Technical Deep-dives Talk

Open →2024-04

Web Application Vulnerability Scanners: An Introduction & Discussion on Their Limitations

BSides Cape Town · 2019

Technical Vulnerability Research Web AppSec Talk

Open →2019-12

Batch Firmware Analysis

Jeremy Richards

BSides Toronto · 2014

Open →2014-12

"Context Aware Content Discovery: The Natural Evolution"

Sean Yeoh Patrick Mortensen Michael Gianarakis Shubham Shah

BSides Canberra · 2021

Open →2021-04

Circumventing egress filtering by exploiting HTTP "transfer-encoding: chunked" for faster web shells

Lorenzo Grespan

BSides London · 2018

Technical Advanced Red Talk

Open →2018-06

PHP Execute After Redirect to SQL Injection

BSides Ahmedabad · 2022

Technical Vulnerability Research Web AppSec Red Demo

Open →2023-02

Journey to Command Injection: Hacking the Lenovo ix4-300d

BSidesSF · 2019

Technical Hardware Hacking Vulnerability Research Web AppSec Intermediary Red Demo

Open →2019-03

BSides LV 2022 - Wednesday - Breaking Ground Track

BSides Las Vegas

Open →2022-08

Adventures & Findings in ISP Hacking

BSidesSF · 2025

Open →2025-06

Navigating Bug Bounties: From NAs to P1s

Animesh Acharya

BSides Canberra · 2025

Career Vulnerability Research Web AppSec Red Case Studies and Incidents Analysis Talk

Open →2025-11

Mastering Android Security Research: A Guide for the Modern Security Researcher

Hahna Latonick Jacob Swinsinski

BSides Tampa · 2024

Technical Mobile Security Reverse Engineering Vulnerability Research Intermediary Red Talk

Open →2024-05

BSidesSF 2021 - Offensive Javascript Techniques for Red Teamers (Dylan Ayrey • Christian Frichot)

Dylan Ayrey Christian Frichot

BSidesSF · 2021

Technical Web AppSec Red Talk

Open →2021-03

BSides Rochester 2016: Jamie Geiger: Android Application Function Hooking with Xposed

BSidesROC · 2016

Open →2016-05

Building Burp Extensions

BSides Charleston · 2015

Open →2015-12

The Way of the Bounty

BSides Lisbon · 2016

Open →2016-11

Automated Security Scanning of GraphQL APIs with Burp

BSides Toronto · 2022

Technical Vulnerability Research Web AppSec Demo Talk

Open →2022-10

Attacking JSON Web Tokens

BSides Canberra · 2019

Technical Cryptography Red Talk

Open →2019-05

Hacking a Hackathon for Fun and Profit

Alexei Kojenov Alex Ivkin

BSides PDX · 2018

Technical Supply Chain Security Vulnerability Research Web AppSec Red Case Studies and Incidents Analysis Talk

Open →2018-03

Bug Bounty Show

BSides Ahmedabad · 2022

Open →2023-02

Knock Knock. Race Condition. Who's There?

BSides Cape Town · 2025

Technical Vulnerability Research Web AppSec Talk

Open →2025-12

"Open, Sesame!" Unlocking Bluetooth Padlocks With Kind Requests - Miłosz Gaczkowski & Alex Pettifer

Miłosz Gaczkowski Alex Pettifer

Technical Wireless Security Talk

Open →2024-02

Finding & Exploiting Client-Side Prototype Pollution in the Wild

BSides Ahmedabad · 2021

Technical Vulnerability Research Web AppSec Red Case Studies and Incidents Analysis Methodology Talk

Open →2022-02

Jonathan Echavarria | Pwning pwners like a n00b

Open →2016-03

CSRFT, A Toolkit for CSRF Vulnerabilities

BSides London · 2014

Technical Tooling Web AppSec Demo Talk

Open →2014-05

Security BSides Athens 2022 — Live Stream Part 2

BSides Athens · 2022

Open →2022-06

Seriously? You Want Me To Believe Cyber-Spies Want My Data

Open →2012-06

What is blockchain security? - Dylan Dubief

BSides Prishtina · 2023

Open →2023-05

Aarti Gadhia: There is no security skills shortage!

Open →2020-12

BSides Glasgow 2018 - Paul Ritchie - Hacking with Git

BSides Scotland

Open →2018-05

A Two-part Saga: Continuing the Journey of Hacking Malware C2s

Vangelis Stykas

BSides Prague · 2024

Technical Malware Analysis Vulnerability Research Web AppSec Red Case Studies and Incidents Analysis Technical Deep-dives Talk

Open →2024-04

BSidesPDX 101: Conference Organization, Capture the Flag, Contests & Events

BSides PDX · 2019

Community CTF Panel

Open →2019-11

Hacking with a Heads Up Display

David Scrobonia

BSidesSF · 2019

Technical Tooling OWASP Web AppSec Talk

Open →2019-03

Visualising TLS Fingerprints With TMAP To Hunt Malicious Domains

BSides London · 2025

Technical Cryptography Talk

Open →2025-02

BSidesMCR 2018: Burp Replicator: Automate Reproduction Of Complex Vulnerabilities by Paul Johnston

BSides Manchester

Open →2018-08

Anyone Can Hack APIs: A Crash Course For Pentesters And Bug Bounty Hunters

BSides London · 2025

Technical Vulnerability Research Web AppSec Red Talk

Open →2026-03

Run-time Tools to aid Application Security Assessments

Sasha Zivojinovic

Technical Intro Talk

Open →2014-05

Breaking Into Infosec or, How I hacked my way out of poverty - BSides Portland 2022

Open →2022-10

Red Blue Purple AI

BSides Boulder · 2024

Technical AI Security OSINT Blue Purple Red Keynote

Open →2024-09

The Art of Compromising C2 Servers

Vangelis Stykas

BSides Berlin · 2023

Technical Malware Analysis Reverse Engineering Web AppSec Advanced Red Talk

Open →2024-01

Introduction to OWASP Juice Shop

Tim Corless-Carter

BSides Manchester · 2019

Technical OWASP Vulnerability Research Web AppSec Intro Red Demo

Open →2019-09

Hook, Line, and Tinker: A Dive into Phishing Campaign Sites

BSidesSF · 2024

Technical OSINT Threat Intel Web AppSec Intermediary Case Studies and Incidents Analysis Talk

Open →2024-07

Attacking Authentication in Web Applications - Jake Miller

BSides SATX · 2018

Technical Web AppSec Red Talk

Open →2018-07

Uncommon And Advanced Techniques For Account Takeover Attacks by Ayoub Safa

Technical Vulnerability Research Web AppSec Red Case Studies and Incidents Analysis Talk

Open →2023-07

Empowering Junior Testers: Strategies For Uncovering Critical Vulns In Web Applications

Technical Web AppSec Talk

Open →2024-09

Como Hackear um Banco sem Sair do seu Quarto?

Arthur Aires Matheus Wreck Gustavo Oliveira

BSides São Paulo · 2025

Technical War Stories Reverse Engineering Vulnerability Research Web AppSec Advanced Red Talk

Open →2025-06

Jakub Kaluzny - Proprietary network protocols - risky business on the wire.

BSides London · 2015

Technical Advanced Red Talk

Open →2015-07

Training Citizen Cyber Warriors on the Michigan Cyber Range

Open →2013-06

BSides DC 2016 - Beyond Automated Testing

Zachary Meyers Andrew McNicol

BSides DC · 2016

Open →2016-10

BSidesMCR 2019: Fun With Frida! - James Williams

BSides Manchester

Open →2019-09

Doppelgänger Devices: Investigating Fake iPhones & Security Implications

BSides Joburg · 2024

Technical Supply Chain Security Demo Talk

Open →2024-08

Discord OSINT: Using the Power of Empathy

BSides Philly · 2025

Open →2025-02

Hardware Hacking Workshop

Jilles Vandermeulen

BSides Pakistan · 2020

Technical Hardware Hacking IoT Reverse Engineering Intro Workshop

Open →2020-11

The Hunt For The Red DA by Neil Lines

BSides Scotland

Open →2017-04

Project Ava - Can Machine Learning Be Used To Complement Web Penetration Testing? - Matt Lewis

BSides Cymru Wales · 2019

Open →2019-10

Matriux Leandros: An Open Source Penetration Testing and Forensic Distribution

Prajwal Panchmahalkar

BSides Las Vegas · 2013

Technical DFIR Tooling Talk

Open →2017-01

BSides DC 2014 - Fighting Back Against SSL Interception (or How SSL Should Work)

Open →2014-10

CG - Pentesting with Docker - Tom Steele

BSides Las Vegas

Open →2016-12

Fighting Fraud in the Trenches

BSides Las Vegas · 2018

Technical Threat Intel Web AppSec Talk

Open →2018-09

Concrete Steps to Create a Security Culture

Arkadiy Tetelman

BSidesSF · 2019

Community Career & Soft Skills Intro Talk

Open →2019-03

Exploiting SNI SSRF To Access The AWS IMDSv2 - Oliver Morton

Open →2024-09

The Tales of a Bug Bounty Hunter

BSidesSF · 2016

Technical Web AppSec Advanced Red Talk

Open →2016-04

BSidesIOWA 2015 Track1: Intro to WebApp Testing with Mutillidae by Andrew Freeborn

Open →2015-04

Look Ma, No Exploits! — The Recon-ng Framework

BSides Augusta · 2013

Technical OSINT Tooling Red Demo Talk

Open →2013-09

The Pentester Blueprint: A Guide to Becoming a Pentester

BSides SATX · 2020

Career Intro Talk

Open →2020-08

Hacking Mobile Apps with Frida

BSides Charleston · 2018

Open →2018-11

Pwn2Own Stories - Ben McBride

BSides Albuquerque

War Stories Reverse Engineering Vulnerability Research Red Case Studies and Incidents Analysis Talk

Open →2024-08

BG - SECSMASH: Using Security Products to own the Enterprise - Kevin Dick & Steven Flores

BSides Las Vegas

Open →2017-08

Tim Tomes - {JWT}.{Misuse}.&Abuse

BSides Augusta · 2023

Technical Cryptography Web AppSec Red Talk

Open →2023-10

A Practical Approach In Exploit Development For Embedded Devices

Open →2017-04

Certpinning, OpenSSL and Memory Patching

Isak van der Walt

BSides Joburg · 2024

Technical Advanced Technical Deep-dives Talk

Open →2024-08

Ferris Bueller's Guide to Abuse Domain Permutations

Rob Ragan Kelly Albrink

BSidesSF · 2019

Technical OSINT Social Engineering Threat Intel Case Studies and Incidents Analysis Empirical Research Talk

Open →2019-03

Justin Clarke - Practical Crypto Attacks Against Web Applications

BSides London · 2014

Technical Cryptography Web AppSec Talk

Open →2014-07

The Bucket List: Experiences Operating S3 Honeypots

BSidesSF · 2018

Research Cloud IAM Threat Intel Blue Case Studies and Incidents Analysis Technical Deep-dives Talk

Open →2018-04

Geoffrey Chisnall

BSides Joburg · 2025

Open →2025-09

Forging Chains: The Java Blacksmith

Fabian Yamaguchi David Baker Effendi

BSides Cape Town · 2023

Technical Reverse Engineering Vulnerability Research Advanced Red Technical Deep-dives Talk

Open →2023-12

21st Century War Stories

BSides Manchester · 2016

War Stories OSINT Social Engineering Threat Intel Red Case Studies and Incidents Analysis Talk

Open →2016-09

Having fun while analyzing mobile applications

Álvaro Felipe Melchor

BSides Lisbon · 2017

Technical Mobile Security Reverse Engineering Talk

Open →2017-11

How to Get Started in Cybesecurity - john Stoner

Open →2019-07

Introducing The OWASP Nettacker Project

BSides Athens · 2020

Technical Tooling OWASP Demo Talk

Open →2020-06

Introduction To Ethical Hacking

Brandon S. Keath

BSides Delaware · 2018

Open →2018-11

2016 - Ian Trump - Basic Malware Analysis – dispelling Malware FUD

BSides Manchester

Open →2016-09

PG - Burpsuite Team Collaborator: Enabling Collaborative App Testing - Tanner Barnes

BSides Las Vegas

Open →2019-10

BSides Berlin 2023: Jorge Gimenez - Phishing techniques for challenging environments

Open →2024-01

XXE and the Cloud: the Sky IS Falling

Clint Kehr Mark Schmidt

BSides NoVa · 2021

Technical Cloud IAM Web AppSec Red Demo Talk

Open →2021-06

Tim Tomes - Recon-ng and Beyond

BSides Augusta · 2015

Technical OSINT Web AppSec Red Talk

Open →2015-09

Exploiting Firebase Apps with Baserunner

BSides Joburg · 2025

Technical Cloud IAM Red Demo Talk

Open →2025-08

Take Down Cyberthreat Dwell Time With Optimum Security

BSides Vancouver · 2021

Technical Detection Engineering Threat Intel Blue Talk

Open →2021-06

Intro to API Hacking

BSides Dallas/Fort Worth · 2022

Technical OWASP Web AppSec Intro Red Talk

Open →2022-11

Persistence Pays: From Flames To Firewalls

BSides London · 2025

Career Vulnerability Research Intro Talk

Open →2026-03

Hacking Mobile Apps With Frida

BSides Belfast · 2018

Technical Mobile Security Reverse Engineering Intro Red Talk

Open →2018-10

How To Get Away With Hacking by Liam Follin

BSides Leeds · 2023

Career Career & Soft Skills Web AppSec Intro Talk

Open →2023-07

Penetration Testing Using Windows Features - Niall Caffrey

Open →2024-03

Pentest Deep Dive: Anatomy Of A Weaponized Remote Code Execution Flaw

BSides Lisbon · 2019

Technical Red Talk

Open →2019-12

Burping for Joy and Financial Gain

BSides Augusta · 2017

Technical Web AppSec Talk

Open →2017-09

When a Security Architect Writes an Application

BSides Charleston · 2014

Technical Web AppSec Talk

Open →2014-11

Locks on the Wire

Eldar Marcussen

BSides Canberra · 2023

Technical Network Security Physical Security Reverse Engineering Red Technical Deep-dives Talk

Open →2024-01

The Dynamic World of Bug Bounty Hunting Through My Personal Journey by Chan Nyein Wai

BSides Myanmar · 2024

Open →2025-01

OWASP Honeypot Threat Intelligence Project

BSides London · 2025

Research OWASP Web AppSec Technical Deep-dives Talk

Open →2025-02

Robert Coccaro - Remote Browser Isolation - Stop Browser Betrayal During OSINT Investigations

BSides Augusta · 2022

Open →2022-10

Attacking .NET Web Services

BSides Charleston · 2022

Open →2022-11

I Spy With My Little Eye

Mike Polydorou Vangelis Stykas

BSides Cymru Wales · 2019

Technical IoT Vulnerability Research Web AppSec Red Talk

Open →2019-10

Bypassing Next Generation 2FA & MFA Implementation

Muhammad Shahmeer

Open →2024-06

2016 - Andrew Pannell - 50 Million downloads and all I got was malware

BSides Manchester

Open →2016-09

Making your website vulnerable for fun and security awareness

BSides Oslo · 2019

Community Technical Web AppSec Talk

Open →2019-06

It's not stalking, it's investigating

Robert Bui Moore

BSides Belfast · 2017

Open →2017-10

Bsides Orlando - Joey Belans - Hacking Like It's 1999

Open →2013-04

PG - Breaking The Giants With Logic

BSides Las Vegas

Open →2021-08

SOC Analyst's Arsenal: Essential Tools, Tips & Tricks For Effective Investigations

BSides Munich · 2023

Technical DFIR Detection Engineering Tooling Intermediary Blue Talk

Open →2023-10

2017 - Security Testing As Part Of The Release Pipeline by David Brownhill and Craig Scott Angell

BSides Manchester

Open →2017-08

Attacking the Front-End: Modern-Day Client-Side Security

BSides Sydney · 2023

Technical Reverse Engineering Web AppSec Intermediary Talk

Open →2023-09

Securing Fast and Furious DevOps Pipelines

Abdessamad Temmar

BSides Las Vegas · 2019

Technical DevSecOps Supply Chain Security Blue Talk

Open →2019-10

Boston BSides - Pentesting for Fun and Profit by William Reyor

Open →2016-07

APIcalypse Now: Hunting APIs to Profit

Open →2025-03

The Anatomy of Web Client Attacks

BSides Charlotte · 2015

Technical Web AppSec Intermediary Red Talk

Open →2015-06

Ghost in the Droid - Josh Wright

Open →2017-05

Breaking the Barrier: Exploring Modern WAFs

BSides Cape Town · 2025

Technical Vulnerability Research Web AppSec Red Talk

Open →2025-03

BSidesSF 2018 - From Bounties to Bureaucracy (Brian Gorenc)

Open →2018-04

BSides Lisbon · 2017

Open →2017-11

Reversing Bytecode into Bounties: Uncovering Vulnerabilities in Jira and Confluence Plugins

Giuliana De Bellis Jamal Hopwood

BSides Canberra · 2025

Technical Reverse Engineering Vulnerability Research Web AppSec Intermediary Red Talk

Open →2025-12

What's Inside The Open Directory From 96 Different Threat Actors?

BSides London · 2025

Research Case Studies and Incidents Analysis Empirical Research Talk

Open →2025-02

I Love my BFF (Brute Force Framework) - Kirk Hayes

BSides Las Vegas

Open →2016-09

InfoSec, Just Doing It

BSides SLC · 2015

Career Career & Soft Skills Intro Talk

Open →2015-04

BSidesSLC 2015 - Hey Guys, I'm a Pentester! - Metacortex

BSides SLC · 2015

Career Intro Talk

Open →2015-04

Attacking OWASP: Exploiting the Top 10

BSides Augusta · 2015

Technical OWASP Talk

Open →2015-09

The Single-Packet Shovel: Digging For Desync-Powered Request Tunnelling - Thomas Stacey

Open →2025-09

Leaking Kakao: How I Found A 1-Click Exploit In Korea's Biggest Chat App

BSides Munich · 2025

Technical Mobile Security Vulnerability Research Web AppSec Red Talk

Open →2024-11

HTTP and De-Sync Attacks

BSides Dallas/Fort Worth · 2021

Technical Vulnerability Research Web AppSec Red Technical Deep-dives Talk

Open →2021-11

Terribly Layered Security

Connor du Plooy Andre Lopes

BSides Joburg · 2024

Technical Cryptography Mobile Security Web AppSec Demo Talk

Open →2024-07

BSidesIOWA 2015 Track1: Integrating Vuln Scanning into the SDLC by Eric Johnson

Open →2015-04

G1234! - SSO Wars: The Token Menace - Alvaro Munoz & Oleksandr Mirosh

BSides Las Vegas

Open →2019-10

Stalking the Stalkers

Vangelis Stykas Felipe Solferini

BSides Sofia · 2023

Research Technical Malware Analysis Privacy Vulnerability Research Advanced Case Studies and Incidents Analysis Technical Deep-dives+1

Open →2023-03

Introduction to AWS Serverless Exploitation

Sankalp Paranjpe

BSides Mumbai · 2024

Technical Intro Red Talk

Open →2025-03

CookieMonstruo: Hijacking The Social Login

Martin Von Knobloch

BSides Munich · 2017

Technical Web AppSec Red Talk

Open →2017-04

Evil Neighbour Attacks On SaaS Platforms Cloudflare, Bitbucket, Etc by Yash Kadakia

BSides London · 2023

Open →2023-05

Masande Mtintsilana - Junk Hacking to skill up

BSides Cape Town

Open →2017-12

Connected Chaos: Uncovering Router Vulnerabilities Via Cloud API Connections

Vangelis Stykas

BSides London · 2024

Technical Cloud IAM Network Security Vulnerability Research Red Talk

Open →2024-02

Exploiting Vulnerabilities in Cookie-Based Authentication

BSides Berlin · 2021

Technical Cryptography Web AppSec Red Talk

Open →2021-09

PG - I’m a hunter! Cyber Intelligence in the New(ish) Frontier - Yasmine Johnston-Ison

BSides Las Vegas

Open →2019-10

Front end Security

Martin Stoynov Spas Genov

BSides Sofia · 2022

Technical Web AppSec Red Talk

Open →2022-04

Tim Tomes - Web Application Authorization: Taming the Perfect Storm

BSides Augusta · 2025

Technical OWASP Web AppSec Talk

Open →2025-10

Security in Continuous Integration and Continuous Development

Yiannis Koukouras

BSides Athens · 2017

Open →2017-10

Low Hanging Blue Fruit: Defending With Open-Source Tools

BSides TLV · 2019

Technical Blue Talk

Open →2019-11

Between You and Me and the Network Security Boundary

Patrick Fussell

BSides DC · 2017

Technical Red Talk

Open →2017-10

Adventures With Internet Telephony Appliances - Darren Martyn

BSides Basingstoke

Open →2024-09

Pentesting on steroids using performance monitoring

BSides Lisbon · 2022

Technical Web AppSec Red Demo Talk

Open →2022-12

A Hitchhackers Guide to the IoT: Security from a FMCG Perspective

Jerome de las Alas

BSides Charleston · 2022

Technical Hardware Hacking IoT Vulnerability Research Talk

Open →2022-11

Introduction to CTF - For All!

Matthew Haynes Daniel Card

BSides Leeds · 2020

Technical CTF Intro Blue Red Demo Talk

Open →2020-07

A Look At TR-06FAIL And Other CPE Configuration Disasters by Darren Martyn

BSides Scotland

Open →2017-04

Start Hacking APIs

BSides Edmonton · 2023

Technical Vulnerability Research Web AppSec Red Talk

Open →2023-11

Click here for free TV! Chaining bugs to takeover Wind Vision account

Leonidas Tsaousis

BSides Athens · 2021

Technical Mobile Security Vulnerability Research Red Case Studies and Incidents Analysis Technical Deep-dives Demo Talk

Open →2021-07

Kettle of Fish in a Barrel: Cloud Automation for Subdomain Takeovers

BSides Philly · 2020

Technical Cloud IAM OSINT Vulnerability Research Case Studies and Incidents Analysis Methodology Talk

Open →2020-12

Passwords are dead? Long live WebAuthn!

BSides KC · 2021

Technical Cryptography Web AppSec Intro Demo Talk

Open →2021-11

Andrii Kudiurov

BSides Ukraine · 2018

Technical OWASP Web AppSec Intro Blue Talk

Open →2018-05

Attacking & Defending Android Apps Training

BSides Athens · 2021

Technical OWASP Workshop

Open →2021-06

Where and how to implement Security in Software Development

Radostina Kondakova Jordan Popov

BSides Sofia · 2022

Technical DevSecOps Threat Modeling Web AppSec Methodology Talk

Open →2022-04

Cryptography Pitfalls

Open →2016-06

0-day Research Disassembled

BSides DC · 2019

Research Advanced Red Case Studies and Incidents Analysis Technical Deep-dives Talk

Open →2019-10

Hacking the OWASP Top 10: An Intro to Web Application Security

BSides Denver · 2020

Technical OWASP Web AppSec Intro Talk

Open →2020-10

Atomic Honeypot – A MySQL Honeypot That Fights Back

Alexander Rubin

BSides SLC · 2025

Technical Vulnerability Research Web AppSec Advanced Red Talk

Open →2025-06

Building A Secure Development Lifecycle On A Shoestring Budget

BSides SLC · 2016

Technical DevSecOps Talk

Open →2016-05

API Security Testing Automation: A story of shifting left

BSides Athens · 2022

Technical Web AppSec Talk

Open →2022-06

Intro to HTTP and De-Sync Attacks

BSides SATX · 2021

Technical Web AppSec Intro Talk

Open →2021-06

Bypassing Browser-Based MFA for Outlook Web Application

BSides Toronto · 2023

Technical Cloud IAM Red Talk

Open →2023-11

Web Application Penetration Testing on a Budget: Building an In-House Program

Harshal Chandorkar Natalia Wadden

BSides Toronto · 2017

Technical Vulnerability Research Web AppSec Talk

Open →2018-01

Mike Erman & Alex Gonzalez - Stealing the Network via Cisco Anyconnect VPNs

Mike Erman Alex Gonzalez

BSides Augusta · 2019

Open →2019-10

TryHackingMy Way From Cyber Sales to Cyber SOC

R4ck4tt4ck Michael Rack

BSides London 2025

Career Career & Soft Skills Detection Engineering Intro Blue Talk

Open →2026-03

Psst, Come Check Out My Lair!! #notacreeper

BSides SLC · 2015

Open →2015-04

Red Teaming Reimagined: War Stories, AI, and Innovation at Scale

BSides Prishtina · 2026

Technical AI Security Mobile Security Vulnerability Research Web AppSec Red Keynote

Open →2026-02

BSides Canberra · 2025

Technical CTF Intro Talk

Open →2025-12

What the Function: A Deep Dive into Azure Function App Security

BSides PDX · 2024

Technical Cloud IAM Talk

Open →2024-11

DevSecOps Process Management

BSides Augusta · 2022

Technical DevSecOps Talk

Open →2022-10

Presentation -- Hacking the IoT: A case study

BSides Asheville

Open →2018-05

Navigating the Modern Battlefront of JWT Security

BSides Sofia · 2024

Technical Cryptography Web AppSec Technical Deep-dives Talk

Open →2024-04

The Hacker Evolution: What have we become?

BSides Charleston · 2016

Open →2016-11

MFA: A Golden Attack Vector

BSides Newcastle · 2022

Technical Vulnerability Research Web AppSec Red Talk

Open →2022-09

Building CTFs To Teach Non-Security Folks

Community Technical CTF Career & Soft Skills Intro Talk

Open →2020-11

Mallet — an Intercepting Proxy for Arbitrary Protocols

BSides Cape Town · 2018

Technical Tooling Network Security Reverse Engineering Web AppSec Red Talk

Open →2019-02

BSides Charleston · 2015

Technical Hardware Hacking Network Security Red Demo Talk

Open →2015-12

Vulnerability Regression Testing with Nuclei Framework

Domagoj Vratarić

Technical Detection Engineering DevSecOps Vulnerability Research Case Studies and Incidents Analysis Talk

Open →2025-03

BSidesWLG 2017 - Josh Brodie - Ethics in penetration testing

BSides Wellington

Open →2018-02

Autonomous Discovery of Logic-based API Vulnerabilities

Taha Biyikli Dvir Lazar

BSides Las Vegas · 2025

Research Technical AI Security Vulnerability Research Web AppSec Advanced Technical Deep-dives Talk

Open →2025-12

Rudder Nonsense: Steering Smart Rowers Off Course

BSides PDX · 2024

Technical Red Demo Talk

Open →2024-11

Beginning Pentesting Android Applications

BSides Boulder · 2020

Technical Intro Talk

Open →2020-11

ChatGPT ASST. Hacking: Pentesting Roku Apps for Fun & Profit

BSides Mumbai · 2024

Open →2025-03

0 to 100 with Mobile Application Pentesting

BSides KC · 2019

Technical Mobile Security Talk

Open →2019-06

The Pentester Blueprint: A Guide to Becoming a Pentester

BSides Delhi · 2020

Career Career & Soft Skills Intro Talk

Open →2020-11

Speaking to a City of Amazon Echoes

BSides PDX · 2018

Technical Red Talk

Open →2018-03

Robust Defense for the Rest of Us

BSides Las Vegas · 2017

Technical Detection Engineering Network Security Threat Modeling Blue Talk

Open →2017-08

Hop The Fences, Steal The Cars

Ciarán McNally

BSides Dublin · 2021

Technical Threat Intel Vulnerability Research Web AppSec Red Case Studies and Incidents Analysis Talk

Open →2021-05

From Cockroaches to Marble Floors: What Happens when You Turn On the Lights?

Daniel Tobin Paul Karayan

BSidesSF · 2020

Open →2020-03

What Are We Missing in Web Applications?

Mirza Burhan Baig

BSides SLC · 2021

Technical Vulnerability Research Web AppSec Red Talk

Open →2021-12

BSides Glasgow 2018 - Paul Johnston - Replicator: Helping Developers to Replicate Pen Test Findings

BSides Scotland

Open →2018-05

BSIDESKyiv 2018 - ALEX RESHETNYK JS - SECURING THE HIPSTER STACK

Open →2018-05

BSidesIA 2017 Track2: Want to break JavaScript and APIs in web apps? – Andrew Freeborn

Open →2017-04

Building AppSec In

BSides SLC · 2015

Technical OWASP Web AppSec Talk

Open →2015-04

Defrauding Merchants Like It's Y2K by Yuk Fai Chan and Craig Barretto at BSides Toronto 2022

Open →2022-11

Password Sprays: Still a Concern?

Michael Berardi

BSides Greenville · 2020

Open →2020-06

Welcome to the Jungle: Pen Testing AWS

Technical Cloud IAM Vulnerability Research Red Talk

Open →2023-09

Cookie Monster: Exfiltrating Data and More, Byte by Tasty Byte

Eric Kuehn Mic Whitehorn-Gillam

BSides Las Vegas · 2022

Technical DFIR Network Security Web AppSec Red Demo Talk

Open →2022-09

Richard Appleby

BSides Canberra · 2025

Open →2025-12

Nintendon't Look at my GitHub: DMCA Dodging and Other Shenanigans

James Martindale

BSides PDX 2025

Open →2025-12

Federal Bug Bounty Programs

BSides SLC · 2017

Technical War Stories Vulnerability Research Web AppSec Red Talk

Open →2017-06

Faces in the Fog – Unconventional User Enumeration

BSides SLC · 2025

Technical Web AppSec Red Talk

Open →2025-06

BSides Delaware · 2020

Open →2020-12

Health Platform Pwnage - You Are Now Diabetic

BSides KC · 2019

Technical Red Talk

Open →2019-06

Purple-teaming outbound HTTPS

BSides PDX · 2023

Technical Purple Demo Talk

Open →2023-10

PwnSpoof by Daniel Oates-Lee

Daniel Oates-Lee

BSides Dublin · 2022

Open →2022-05

Extracting Secrets from IoT Devices - Isaiah Davis-Stober

Isaiah Davis-Stober

BSides KC · 2026

Open →2025-06

Breaking and Fixing .NET Web Apps

BSides Edmonton · 2020

Technical Web AppSec Red Talk

Open →2020-09

Pentesting Android Apps: Harsh Modi

BSides Edmonton · 2023

Technical Red Talk

Open →2023-11

Show me the traffic! Intercepting and testing encrypted mobile application traffic

BSides Athens · 2021

Technical Mobile Security Reverse Engineering Red Demo Talk

Open →2021-07

IoT Devices and why they desperately need help

Christian Halbert Issa Hafiri

BSidesROC · 2018

Open →2018-04

2015 - Iain Smart - Burping Up Data What Your Apps Reveal About You

BSides Manchester

Open →2015-10

Cookie Monsters in your Browsers: Cookie Exfiltration for Hungry Hackers

Andrew Gomez Antero Guy

BSides Augusta · 2025

Technical Web AppSec Advanced Red Talk

Open →2025-10

BSides Knoxville 2018 (Second Track, KEC, afternoon sessions)

BSides Knoxville · 2018

Technical OSINT Intermediary Red Talk

Open →2018-05

Automated Pentesting with AI: From Recon to Reporting

BSides Edmonton · 2025

Technical Red Demo Talk

Open →2025-10

BSIDESKyiv 2018 - STANISLAV BRESLAVSKYI REVISITING SUPPLY CHAIN ATTACK

Open →2018-05

Twice The Pride, Double The Fall: Why 2FA Isn't The Cure We Thought It Was by Boglarka Ronto

BSides Scotland

Open →2017-04

Domain Name Stupidity

BSides Bristol · 2025

Technical DFIR Network Security Advanced Red Technical Deep-dives Talk

Open →2024-01

LightBulb Framework: Shedding Light on the Dark Side of WAFs and Filters

BSides Athens · 2017

Technical Web AppSec Talk

Open →2017-10

Attack of the Clones! How AI can boost your API Security!

Technical Web AppSec Talk

Open →2024-06

BSides Edmonton 2023 Keynote: Alissa Knight

BSides Edmonton · 2023

Open →2023-10

BSides Iowa 2018: "Better Burping – Improving Efficiency with Plugins and DIY"

Open →2018-04

Under the Hood of Ransomware.live: Building an Open-Source Ransomware Observatory

Julien Mousqueton

BSides Bournemouth · 2025

Research Technical Malware Analysis OSINT Threat Intel Intermediary Case Studies and Incidents Analysis Empirical Research+1

Open →2025-09

Pwning into Power System Center

BSides Budabest · 2023

Technical Red Case Studies and Incidents Analysis Technical Deep-dives Talk

Open →2025-03

No more alert(1) - Gr4y R0se

Technical Web AppSec Red Demo Talk

Open →2025-02

Pen Testing for NOT Dummies

BSides NYC · 2023

Technical Red Talk

Open →2023-06

Decoder Improved: An Improved Burp Suite Decoder

BSidesROC · 2017

Tooling Web AppSec Demo Talk

Open →2018-01

API Security From The Lens Of An AppSec Engineer by Abhinav Khanna

Technical OWASP Web AppSec Talk

Open →2022-08

BSides Toronto 2019 Jamie Baxter

Open →2019-10

PW - Are your secrets safe - How mobile applications are leaking millions of credentials

BSides Las Vegas

Open →2023-10

I Know What You Did Last Summer… I'm Still Hacking Your Small Business

BSides KC · 2022

Technical Red Case Studies and Incidents Analysis Talk

Open →2022-10

Injecting Automation into Pentesting

BSides Vancouver · 2022

Technical Tooling DevSecOps Vulnerability Research Web AppSec Talk

Open →2022-07

Securely storing & transmitting information on mobile/IoT devices

BSides Islamabad · 2020

Open →2020-11

Chris Dorman - Open Source and Leaked Malware

BSides Belfast · 2017

Open →2017-10

Mobile Penetration Testing Hybrid

BSides Tampa · 2021

Open →2021-04

BsidesRDU 2018 07 - When it rains it pours - Sam Granger

Open →2018-10

The Dark Side of GraphQL

BSides SLC · 2023

Open →2023-06

Embedding Web Apps in MITMProxy Scripts

BSides Las Vegas · 2015

Open →2016-12

Penetration Testing Experience and How to Get It

BSides Las Vegas

Career Career & Soft Skills Intro Talk

Open →2024-09

Phillip Wylie - The Pentester Blueprint: A Guide to Becoming a Pentester

Career Career & Soft Skills Intro Talk

Open →2020-11

Cookie Monster: Tasty Tasty Bytes

BSides Charleston · 2018

Open →2018-11

Web Hacking 101: Hands-on with Burp Suite

BSides Philly · 2018

Technical Web AppSec Intro Workshop

Open →2018-11

Rahul Raghavan: The Clutter That's Choking AppSec

Open →2020-12

Occupy Burp Suite: Informing the 99% of What the 1%'ers Are Knowingly Taking Advantage of

James Lester Joseph Tartaro

BSides Las Vegas · 2012

Community Technical Tooling Web AppSec Talk

Open →2017-03

The Need for Speed: Exploiting Race Conditions in Web Applications

Harriet Schofield

BSides Bournemouth · 2025

Technical Vulnerability Research Web AppSec Red Case Studies and Incidents Analysis Technical Deep-dives Talk

Open →2025-09

Ochaun Marshall: Samurai Web Training Framework 5.0

Ochaun Marshall

BSides Calgary · 2021

Open →2021-12

BSidesROC 2023 Hacking and Defending APIs - Robert Wagner

Open →2024-09

Write Your Damn Report

BSides Lancashire · 2026

Career Technical Talk

Open →2024-05

How to Review a Mobile (Android) App

James Kinninger

BSides Greenville · 2020

Open →2020-06

ATGP - Underground Wi-Fi Hacking for Web Pentesters - Greg Foss

BSides Las Vegas

Open →2016-12

Gitdigger: Creating Useful Wordlists From Public GitHub Repositories

BSides Las Vegas · 2013

Technical Tooling OSINT Vulnerability Research Talk

Open →2017-01

Martin Holste - Beyond Math Practical Security Analytics

BSides Augusta · 2016

Open →2016-09

Examining Access Control Vulnerabilities in GraphQL: A Field Case Study

Technical OWASP Web AppSec Red Case Studies and Incidents Analysis Talk

Open →2025-03

From Hardware to Zero-Day by Pietro Oliva at BSides Toronto 2020

Open →2021-11

Asynchronous Intelligence Gathering with Python

BSides Denver · 2020

Technical OSINT Tooling Web AppSec Red Talk

Open →2020-10

BSidesGVL 2020 - Kevin Johnson - "Removing the Cobwebs: Upgrading Our Web App Testing"

BSides Greenville · 2020

Technical Web AppSec Talk

Open →2020-06

OfCORS! How To Do Cross Origin Resource Sharing (Im)Properly

BSides Bristol · 2025

Technical Web AppSec Talk

Open →2025-01

The Security Hitchhiker's Guide to API Security

Timothy De Block

BSides Augusta · 2023

Technical Web AppSec Talk

Open →2023-10

Using Large Language Models To Augment AppSec Testing

BSides Newcastle · 2025

Technical AI Security Detection Engineering Web AppSec Intermediary Talk

Open →2025-01

Video Games, Quality Assurance, and Business Logic - Paul Hardin

BSides Albuquerque

Open →2024-08

This one weird trick will secure your web server

BSides Augusta · 2016

Technical Web AppSec Intro Blue Talk

Open →2016-09

Behind Enemy Lines: Engaging and Disrupting Ransomware Web Panels

Vangelis Stykas

BSides Amsterdam · 2025

Technical Malware Analysis Threat Intel Web AppSec Advanced Red Case Studies and Incidents Analysis Technical Deep-dives+1

Open →2026-01

XSS is dead – Browser Security Features that Eliminate Bug Classes

BSides Las Vegas · 2025

Technical Web AppSec Blue Case Studies and Incidents Analysis Technical Deep-dives Talk

Open →2025-12

Who Scans the Scanner? Exploiting Trend Micro Mobile Security

BSides Las Vegas · 2025

Technical Mobile Security Reverse Engineering Vulnerability Research Advanced Red Technical Deep-dives Talk

Open →2025-12

Hunter Hardman - Adventures in RAT dev

BSides Augusta · 2016

Open →2016-09

Offensive Wfuzz for Web Bug Hunters

BSides Barcelona · 2019

Technical Tooling Web AppSec Red Demo Talk

Open →2022-01

Stop Committing Your Secrets: Git Hooks To The Rescue!

Technical Supply Chain Security Talk

Open →2023-03

Wrangle Your Defense Using Offensive Tactics

Bsides CT · 2019

Technical Blue Talk

Open →2019-11

The Need for Speed: Exploiting Race Conditions in Web Applications - Harriet Schofield

Harriet Schofield

BSides Belfast · 2025

Technical Web AppSec Red Demo Talk

Open →2025-12

GraphQL Security: Penetration Testing and Automated Vulnerability Detection

BSides Calgary · 2022

Technical Vulnerability Research Web AppSec Intermediary Red Technical Deep-dives Demo Talk

Open →2022-12

Examining Access Control Vulnerabilities in GraphQL — A Feeld Case Study

BSides Bournemouth · 2025

Technical Vulnerability Research Web AppSec Intermediary Red Case Studies and Incidents Analysis Technical Deep-dives Talk

Open →2025-09

Dynamic Web Scanning at Massive Scale

BSidesSF · 2012

Technical DevSecOps Web AppSec Talk

Open →2017-11

How to Find a Companys BreakPoint

Open →2017-08

Capture The Fun - Gamified Learning by Andras Borbely

BSides Cheltenham · 2022

Career CTF Career & Soft Skills Intro Talk

Open →2022-07

Curiosity of a Hacker: The Power of Asking “What If?”

BSides Göteborg · 2026

Open →2026-03

What Will Go Wrong When ZAP Is Driven By GenAI

Gerald Benischke

BSides Newcastle · 2025

Technical AI Security Tooling Web AppSec Technical Deep-dives Demo Talk

Open →2025-11

Writing Our Own DNS Tunneling Protocol, And Other AWS Misadventures, All In A Pen Test

BSides Basingstoke

Open →2024-09

Do Scanners Suck? I Have The Receipts - Thomas Ballin

BSides Leeds · 2026

Open →2025-08

Imperial Stout: Building Bolder BurpSuite Functionality

BSides Greenville 2020

Technical Tooling Web AppSec Red Demo Talk

Open →2020-06

Industrial Scale Hardware Hacking - Anthony Clark

BSides Albuquerque · 2024

Technical Hardware Hacking IoT Reverse Engineering Red Methodology Talk

Open →2024-08

Vesta Admin Takeover - Exploiting Reduced Seed Entropy In Bash $RANDOM - Adrian Tiron

BSides Basingstoke · 2025

Technical Cryptography Talk

Open →2025-09

These Are NOT the Vulnerabilities You Are Looking For: Hiding Vulnerabilities in Containers

BSides Seattle · 2026

Technical Container Security Vulnerability Research Red Demo Talk

Open →2026-03

Vesta Admin Takeover — Exploiting Reduced Seed Entropy in Bash $RANDOM

BSides Exeter · 2026

Technical Cryptography Vulnerability Research Web AppSec Advanced Red Talk

Open →2026-05

The HMAC Trap: Security or Illusion?

BSides Las Vegas · 2025

Technical Cryptography Red Talk

Open →2025-12

Breaking the Guest List: Hacking Invitation Systems for Fun and Profit

BSides Las Vegas · 2025

Technical Threat Modeling Web AppSec Red Case Studies and Incidents Analysis Talk

Open →2025-12

Get your head in the clouds by Sean Verity

Open →2024-02

Salman, Khwaja: Story of Implementation of SecDevOps in Fin Tech Organization and beyond

BSides Calgary · 2021

Open →2021-12

BG - The Savage Curtain 0 Tushar Dalvi & Tony Trummer

BSides Las Vegas

Open →2016-12

PG - How I Learnt Hacking in High School - Lokesh Pidawekar

BSides Las Vegas

Open →2016-12

Vaccinating Android

Milan Gabor Danijel Grah

BSides Las Vegas · 2014

Research Technical Mobile Security Reverse Engineering Vulnerability Research Advanced Red Demo+1

Open →2016-12

BSides Calgary · 2022

Technical Vulnerability Research Web AppSec Talk

Open →2022-12

Bsides Asheville Information Security Conference 2015

BSides Asheville

Open →2018-04

Flex Seal Your CI/CD Pipeline

Ochaun Marshall

BSides Columbus · 2020

Technical Cloud IAM DevSecOps Blue Talk

Open →2020-08

Building the Flight Deck: Tools and Technologies for a Robust AppSec Program

Chris Koehnecke

BSides Albuquerque

Open →2024-08