< NULLCON 2023 - GOA />

Schedule

CFP CTF Training Live Bug Hunting Schedule Speakers CXO Panel Track Sponsors Registration Resume Clinic Venue Recordings

Training

*All timings mentioned are in IST

DATE	TIMING	HOTEL NAME	TRAINING NAME
Batch 1 ( 20th - 22nd Sep 2023 )	9:00am to 5:00pm	Bogmallo Beach Resort (https://www.bogmallobeachresort.com/)	StealthOps: Red Team Tradecraft Targeting Enterprise Security Controls by Yash Bharadwaj , Manish Gupta
			Hacking Android & iOS Apps by Example by Abhishek J M
			Rapid Threat Model Prototyping (RTMP) - a better, faster way to Do Threat Modeling in Agile by Geoffrey Hill
			Securing DevSecOps - A Hands-on Experience by Karan Shah
		The Flora Grand ( https://www.thefloragrand.com/)	Advanced Infrastructure Security Assessment by Prashant Mahajan
		The Flora Grand ( https://www.thefloragrand.com/)	Hacking Modern Web & Desktop Apps: Master the Future of Attack Vectors by Abraham Aranguren , Anirudh Anand
		The HQ ( https://thehq.in/ )	Windows Kernel Exploitation Foundation & Advanced by Ashfaq Ansari, Krishnakant Patil
			Offensive Payment Security by Timur Yunusov
			The Kubernetes Crusade: Workshop on Defending & Attacking Kubernetes by Divyanshu Shukla , Ravi Mishra
Batch 2 ( 25th - 27th Sep 2023 )	9:00am to 5:00pm	Bogmallo Beach Resort, Goa	Breaking and Pwning Apps and Servers on AWS and Google Cloud by Riyaz Walikar , Pranav Sivvam
			ML for Security and Security for ML by Nikhil Joshi
			Practical IoT Hacking by Himanshu Chauhan , Abhinav Thakur , Hemant Sonkar
			Reverse-Engineering and Fuzzing Custom Network Protocol by Munawwar Hussain Shelia
			Web Application Security - Build, Break, and Learn by Riddhi Shree

23rd September 2023

*All timings mentioned are in IST

Venue: BITS Pilani, Goa

START	END	Auditorium ( Keynote & Technical Track)	DLT 09 (CXO Track)	DLT 10 (BountyCraft Track)	D104 (Winja CTF)	D103 (Live Bug Hunting)
8:00	9:15	Registration
9:30	10:00	Opening Note
10:00	10:45	[Keynote] Multiplying Threat Intelligence by John Lambert
10:45	11:00	Coffee Break
11:00	11:45	Hacking Mitsubishi PLC Without Access To Firmware by Anton Dorfman			Winja CTF	Live Bug Hunting
11:45	12:30	Smashing the State Machine: The True Potential of Web Race Conditions by James Kettle	[Panel] Inside the Investor's Mind: A fireside chat of Entrepreneur-VC (Aap ki Adalat)	The Curious Case Of The Rogue SOAR by Jaden Furtado and Mukesh Kumar
12:30	13:00	How I hacked your bank account: A detailed look at UPI Security by Nemo	[Panel] Data Protection Law and its potential implications for the industry	Lens of Deceit: Unmasking and Altering Camera Sunglasses' Footage by Daniel Schwendner
13:00	14:15	Lunch Break
14:15	15:00	Securing CI/CD pipelines - Exploring vulnerabilities in Workflows by Siddharth Muralee	[Panel] Weaponization of AI with special reference to Gen-AI		Winja CTF	Live Bug Hunting
15:00	15:45	Android-SigMorph: Covert communication exploiting android signing schemes Ayan Saha and Achute Sharma	[Panel] Threat Intel sharing in OT Community and Industry		Winja CTF	Live Bug Hunting
15:45	16:00	Coffee Break
16:00	16:45	Uncovering Azure's Silent Threats: A Journey Into Cloud Vulnerabilities by Nitesh Surana	Journey in setting up OT SOC by Ramandeep Walia	Critical Information Infrastructure(CII) Protection: Challenges and Opportunities- How can the Nullcon Community Contribute	Winja CTF	Live Bug Hunting
16:45	17:30	MITM on PSTN -- novel methods for intercepting phone calls by Kirils Solovjovs	[Panel] Shifting Left with Security and the Evolution of your DevSecOps Team’s Journey to Excellence		Winja CTF	Live Bug Hunting
19:30	22:00	[Invite Only] Networking Dinner Party
END OF DAY 1

24th September 2023

*All timings mentioned are in IST

Venue: BITS Pilani, Goa

START	END	Auditorium ( Keynote & Technical Tracks)	DLT 09 (CXO Track)	DLT 10 (iOS and macOS Track)	D104 (Developer Track)	D102 (Workshop)
9:00	10:00	Registration
10:00	10:45	[Opening Panel] Cyber Operations, Doctrine and Geo-Politics
10:45	11:00	Coffee Break
11:00	11:45	Reverse Engineering RGB Keyboard Backlights With Linux Kernel Drivers by Rishit Bansal	[Panel] C4CII - Securing Use of Cloud in Critical Information Infrastructure		Resume & Career Clinic (10:20 am to 11:45 am IST)	[Workshop] Identifying And Detecting Active Directory Attacks by Sudeep Kumar Das Live Bug Hunting [D103]
11:45	12:30	Unlocking any door in 21st century. Immersion in biometric security by Timur Yunusov and Aleksandra Murzina	[Panel] Intelligence-led Defense: Leveraging Threat Intelligence in the age of AI	Jailbreaking the Apple HomePod - Fun with checkm8 & smart speakers by Tihmstar and Linus Henze	Secure Your Angular app using JWT and GraphQL by Ankit sharma
12:30	13:00	The Convergence Of eBPF, Buildroot, And QEMU For Automated Linux Malware Analysis Nikhil Hegde	[Panel] Adversary Simulation and Incident Response Impact	Deconstructing The Beast: A Deep Dive Into JIT Compilation Attacks In iOS by Shubham Sharma	(In)Secure Host Key Verification - Are SSHFP DNS Records The 'Next Big Thing'? By Sebastian Neef
13:00	14:15	Lunch Break
14:15	15:00	Cracking With Automated USB Fuzz by Conna and Subba Bachina	[Panel] A Cyber-Physical System For India with Security, Privacy, and Equity	Self-Signed, Why Not! Exploiting Insecure Certificate Validation In iOS And macOS by Aapo Oksman	Your App Is Probably A Spyware...Or Is It? by Gaurav Gogia and Pandurang Patil	ARM-ing For Android: Unraveling The Mysteries Of Native Library Reverse Engineering by Ravi Rajput and Chandresh Gupta Live Bug Hunting [D103]
15:00	15:45	IoT Hacking 101: Reverse Engineering the Xiaomi Ecosystem by Dennis Giese		Null Community - Global Meetup	Secure Coding: Fix From The Root by Gopika Subramanian and Saddam Hussain
15:45	16:00	Coffee Break
16:00	16:45				Open Bar at the Playground by Samuel Mertenat
16:45	17:30	Closing Note
END OF DAY 2