Safety not Guaranteed
Application Security Clinic
Riyaz Walikar is a web application pentester, security evangelist and researcher. He has been active in the security community for the better part of the last 10 years. He has been actively involved with the Bangalore OWASP and null chapters for the last 7 years and is one of the OWASP and null Bangalore chapter leads. He is actively involved with Vulnerability Research in popular web applications and network aware services and has disclosed multiple security issues in popular software like Apache Archiva, Openfire, Joomla!, EJabberd, .NET Script Injection Bypass and has found vulnerabilities with popular web applications like Facebook, Twitter, Google, Cisco, Symantec, Mozilla, PayPal, Ebay, Apigee, Yahoo, Adobe, Tumblr, Pinterest etc. and for which he is on the Hall of Fame for most of these services.
He has also been a speaker and trainer at many security conferences including OWASP AppsecUSA 2012, BlackHat Abu Dhabi 2012, Las Vegas 2015, EU 2015, nullcon 2012, 2013, 2014, 2015, 2016 and 2017, DefCon Las Vegas 2016 and c0c0n 2011, 2013, 2015 and 2016.
Some of the trainings/workshops by Riyaz:
Secure Web Programming 2-day training at HackerRank Bangalore 2017
Xtreme Web Hacking at NULLCON Goa 2012, 2013, 2014, 2015, 2016
Cloud Security for Devs & Ops – NULLCON 2017
Ninja Level Infrastructure Monitoring – DefCon 2016
Xtreme Web Hacking (CTF Style) – c0c0n 2015, 2016
Some of the talks given Riyaz:
Poking Servers with Facebook – AppsecUSA 2012, BlackHat Abu Dhabi 2012, c0c0n 2013
A Pentester’s Methodology to Discover and Exploit Windows Privilege Escalation flaws – c0c0n 2015, nullcon 2016
Esoteric XSS Payloads – c0c0n 2016
The Whys and Hows of Cyber Attacks – SAP Security Summit 2016