31 MAY. 2023 · Gelei is a cybersecurity researcher with wide interests in system security and penetration testing. He is currently pursuing a Ph.D. in computer science from Nanyang Technological University, Singapore, where he explores security challenges in complex human-interactive systems. Gelei is also a blockchain auditor at Quantstamp, Inc., where he contributes to the audits of web3 projects and security protocols. His research interests encompass security testing, software analysis, and large language models. Gelei likes to apply software engineering techniques to solve real-world challenges in security domains. He is now focusing on LLM security and its security-related applications. For more SecTools podcast episodes, visit https://infoseccampus.com

23 ABR. 2023 · Abhisek Datta is an accomplished security professional with over a decade of experience in information security solution engineering, services, vulnerability research, reverse engineering and security tools development. He is an active participant of NULL Security Community, India’s largest open security community as a core team member responsible for techndnology development. He is an open source enthusiast and He authored swachalit, the automation Platform that hosts null.co.in and also contributed to several opensource projects. As a security researcher, he is credited with multiple vulnerability discovery across enterprise products with CVEs to his name such as CVE- 2015-0085, CVE-2015-1650, CVE-2015-1682, CVE-2015-2376, CVE-2015-2555, CVE-2014-4117, CVE- 2014-6113. For more SecTools podcast episodes, visit https://infoseccampus.com

20 FEB. 2023 · Tim Misiak has been working on debuggers and diagnostics for most of my professional career as a software engineer. For more than a decade, Tim has been working on the Microsoft Debugger Platform team, working on tools such as WinDbg and KD. He started the WinDbgNext project in 2016 that modernized WinDbg UI. Tim also wrote a chunk of the X86/X64 emulator used by Time Travel Debugging. Currently, Tim founded his start up augmend.io For more SecTools podcast episodes, visit https://infoseccampus.com

31 ENE. 2023 · Thomas Roccia is the Sr. Security Researcher at Microsoft, working on threat intelligence, malware analysis, incident response, and more. He also has the interest in many other topics including mentoring and teaching, open-source, hacking, 3D printing and even blockchain ecosystem. For more SecTools podcast episodes, visit https://infoseccampus.com

8 DIC. 2022 · Erlend has worked as a developer and security consultant for over 14 years, trying to build and break many different types of systems. He spends some of his free time on security research and open source tools, and is the main author behind retire.js - a free and open source scanner for JavaScript. He is also the chapter leader of the Norwegian OWASP chapter. For more SecTools podcast episodes, visit https://infoseccampus.com

21 NOV. 2022 · Jeff Foley has over 20 years of industry experience focused on applied research & development and assessment of security in critical information technology and infrastructure. He is the Project Leader for Amass, an OWASP (Open Web Application Security Project) Foundation flagship project that performs in-depth attack surface mapping and asset discovery. Jeff is also an Adjunct Lecturer teaching Penetration Testing at the SUNY (State University of New York) Polytechnic Institute. Previously, he was the US Manager for Penetration Testing & Red Teaming at National Grid, a multinational electricity and gas utility company. Prior to this, Jeff served as the Director of Penetration Testing & Security Assessment at Northrop Grumman Corporation, an American global aerospace and defense technology company. Jeff is currently working as the Vice President of Attack Surface Protection at ZeroFox. In his spare time, Jeff enjoys experimenting with new blends of coffee and giving back to the information security community. In this episode, Jeff explained his journey of developing and maintaining Amass project - an open-source tool for In-depth DNS enumeration, attack surface mapping and external asset discovery. For more SecTools podcast episodes, visit https://infoseccampus.com

10 OCT. 2022 · Anand Tiwari is an information security professional with a strong technical background working as a Technical Product Manager (PM), focusing on the more technical aspects of a cloud security product. He tries to fill it in by doing in-depth technical research and competitive analysis, given business issues, strategy, and a deep understanding of what the product should do and how the products actually work. He has authored ArcherySec—an open source-tool and has presented at BlackHat, DEF CON USA, and HITB conferences. He has successfully given workshops at many conferences such as DevOpsDays Istanbul, Boston. In this episode, Anand explained his journey of developing and maintaining ArcherySec - an open-source tool for application security orchestration and correlation. For more SecTools podcast episodes, visit https://infoseccampus.com

11 SEP. 2022 · Nicolas is a French security researcher, a proud dad of two children. He started Wapiti in 2006 when he was learning Python programming language. Nicolas is currently working in the infosec field as a programmer at CybelAngel (since 2015). Wapiti is a web-application vulnerability scanner that allows you to audit the security of your websites or web applications. It performs "black-box" scans (it does not study the source code) of the web application by crawling the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets the list of URLs, forms and their inputs, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable. In this episode, Nicolas explained his journey of developing and maintaining Wapiti project for over a decade. For more SecTools podcast episodes, visit https://infoseccampus.com

29 AGO. 2022 · unblob is an accurate, fast, and easy-to-use extraction suite. It parses unknown binary blobs for more than 30 different archive, compression, and file-system formats, extracts their content recursively, and carves out unknown chunks that have not been accounted for. unblob is free to use, licensed under MIT license, it has a command line interface and can be used as a Python library. This turns unblob into the perfect companion for extracting, analyzing, and reverse engineering firmware images. unblob was originally developed and currently maintained by ONEKEY and it is used in production in ONEKEY analysis platform. For more SecTools podcast episodes, visit https://infoseccampus.com

15 JUL. 2022 · Christian Folini is a Swiss security engineer and web application firewall expert working at netnea.com. Christian studied History and Computer Science and graduated with a PhD in Medieval History. He is the author of the ModSecurity Handbook (2ed), He also co-lead the OWASP ModSecurity Core Rule Set (CRS) project that runs on millions of servers globally. Furthermore he serves as the program chair of the Swiss Cyber Storm conference. Christian also teaches ModSecurity and Core Rule Set courses and consult companies who want to integrate ModSecurity and the Core Rule Set into their services or products, also in high security setups. For more SecTools podcast episodes, visit https://infoseccampus.com