herobgherobg

Vulncon 2025

Vulncon2025
0
Days
0
Hours
0
Minutes
0
Seconds

Schedule

Day 1
June 14, 2025
Day 2
June 15, 2025
June 14, 2025
08:00
09:15
Registration
09:15
09:30
Inaguration & Lamp Lighting
09:30
10:10
[KeyNote] The Soul of the Hacker by Vicky Ray
10:15
10:55
[Keynote] Bravery Beyond the Badge: Tackling Cybercrime in a Digitally Addicted World by Sri. Pavan N
10:55
11:15
High Tea Break
11:20
12:00
Exposing the Unseen: Malware Hunting from the Dark Corners of Memory by Monnappa K A
12:05
12:45
The Zombie ‘App-ocalypse’: Game Theory for Disrupting Dormant and Orphaned Cloud Identities by Joshua Bahirvani & Shaleen Dev P.K.
12:45
14:00
Lunch Break
14:00
14:40
eKYC Crisis: Securing Locker by Kartik Lalan
14:45
15:25
Laughing in the Face of Enterprise Security: Fun-Filled Adventures in Network Pwnage by Manish Tanwar & Karan Raheja
15:30
16:10
IoT’s Dark Secret: Uncovering Security Risks in Devices We Trust by Suhash Nayak
16:10
16:25
High Tea Break
16:25
17:05
Sacrificial Lambs of the Internet: How EPP Loopholes and Orphaned Nameservers Led to Widespread DNS Hijacking Vulnerabilities by Devansh Batham
19:00
21:45
Cocktail Network Party

ABOUT US

Shaping a safer digital future through collaboration and education, Vulncon serves as a premier platform for advancing cybersecurity, data protection, and privacy. We foster partnerships among corporates, government agencies, academia, and industry leaders to address today’s most critical challenges. Our mission is to bring together brilliant minds from diverse sectors to drive innovation and solutions. Through engaging workshops, technical briefings, and community-driven events, we inspire professionals at all levels to learn, innovate, and collaborate. With a global perspective, we are committed to building a resilient and secure digital ecosystem for the future.

vulncon
vulncon
vulncon
vulncon
vulncon
CONFERENCE: 14 th & 15 th June 2025

VENUE:

National Science Seminar Complex, IISc, Bengaluru


Our Speakers

TECHNICAL SPEAKERS

Keynote Speaker
Vicky Ray
Vicky Ray
Founder & CEO
@ RayvenX
Keynote Speaker
Sri. Pavan N
Sri. Pavan N
Assistant Commissioner of Police
@ Cyber Crime Police Station, North Division, Bangalore
Monnappa K A
Monnappa K A
Principal Security Researcher
Nithissh S
Nithissh S
Senior Security Engineer
@ Freshworks
Suhas Nayak
Suhas Nayak
Cyber Security Architect
@ Eximietas Design
Chirag Savla
Chirag Savla
Senior Cloud Security Engineer
@White Knight Labs
Raunak Parmar
Raunak Parmar
Senior Cloud Security Engineer
@White Knight Labs
Ashwath Kumar
Ashwath Kumar
Head of Security
@ Razorpay
Aditya Singh
Aditya Singh
Independent Security Researcher
Joshua Bahirvani
Joshua Bahirvani
Senior Security Researcher
@ Microsoft
Shaleen Dev P.K.
Shaleen Dev P.K.
Senior Security Researcher
@ Microsoft
Kartik Lalan
Kartik Lalan
Product Security Engineer
@ Philips Innovation Campus
Omkar Joshi
Omkar Joshi
Lead Security Engineer
@ Coupa Software
Pallavi Deshmukh
Pallavi Deshmukh
Cloud Security Manager
@ Coupa Software
Diyar Saadi
Diyar Saadi
Malware Reverse Engineer
Manish Kishan Tanwar
Manish Kishan Tanwar
Security Consultant
@ MDSec
Karan Raheja
Karan Raheja
Security Engineer
@ Salesforce
Devansh Batham
Devansh Batham
Team Lead, Technical Services
@ HackerOne
Arpit Ghiya
Arpit Ghiya
Senior DevOps Architect
@ Perforce Software
Ashish Kale
Ashish Kale
Principal Engineer, Security Operations
@ Perforce Software

GOVT. CXO SPEAKERS

VulnconChaitanya K K
Chaitanya K K
Cyber Security Leader,
@ Govt. of India
VulnconSandeep Khanna
Sandeep Khanna
Director & CISO
@ Unique Identification Authority of India (UIDAI)

CXO SPEAKERS

VulnconAaditya Uthappa
Aaditya Uthappa
Co-Founder & COO
@ Accorian
VulnconAbhinav Chourasia
Abhinav Chourasia
Director, Security Engineering
@ Tekion Corp.
VulnconAmit Pal Singh (Retd)
Lt Cdr Amit Pal Singh (Retd)
Deputy General Manager Cybersecurity
@ Siemens Healthineers
VulnconAmol Naik
Amol Naik
Head of Security
@ Atlas Consolidated
VulnconAnant Shrivastava
Anant Shrivastava
Founder & Chief Researcher
@ Cyfinoid Research
VulnconAnkit Agarwal
Ankit Agarwal
Vice President, Global Systems and Cyber Security
@ Encora Inc.
VulnconAnkur Bhargava
Ankur Bhargava
Head of Product Security
@ PhonePe
VulnconAshwath Kumar
Ashwath Kumar
Head of Security
@ Razorpay
VulnconAshwini Siddhi
Ashwini Siddhi
Women Tech Leader
VulnconDhawal Shrivastava
Dhawal Shrivastava
Senior Security Program Manager
@ Microsoft
VulnconDipendu Biswas
Dipendu Biswas
Director
@ Tarisa Technologies
VulnconDivakar Prayaga
Divakar Prayaga
Cyber Executive Leader, Startup Mentor & Advisor
@ T-Hub & NASSCOM
VulnconDonavan Cheah
Donavan Cheah
Senior Cybersecurity Consultant
@ Thales
VulnconGagan K. Mathur
Gagan K. Mathur
Program Manager
@ Shell
VulnconHilal Ahmad Lone
Hilal Ahmad Lone
CISO & VP
@ Liminal Custody
VulnconJason Joseph
Jason Joseph
CISO
@ mPokket
VulnconJayesh Singh Chauhan
Jayesh Singh Chauhan
CEO & Founder
@ Cloudurance Security and Cloud Village
VulnconKamal Sharma
Kamal Sharma
Co-Founder
@ AuthenticOne
VulnconKrishna Pandey
Krishna Pandey
Senior Director
@ Xerox Cybersecurity
VulnconManikant R Singh
Manikant R Singh
Cyber Security Leader
@ Reputed NBFC
VulnconMohan Sekar
Mohan Sekar
Sr. Director, Product Security
@ Cloud Software Group
VulnconMuslim Koser
Muslim Koser
Vice President, Engineering - EASM
@ Fortinet
VulnconNantha Ram Ramalingam
Nantha Ram Ramalingam
Global Head – Cybersecurity Engineering & Automation
VulnconNaseem Halder
Naseem Halder
CISO
@ Navi Group
VulnconNavaneethan M
Navaneethan M
Chairman, CXOCywayz
VulnconNavdeep Aggarwal
Navdeep Aggarwal
Product Security Leader
@ GE Healthcare
VulnconNeelu Tripathy
Neelu Tripathy
Senior Security Architect
@ Adobe
VulnconNikhil Agarwal
Nikhil Agarwal
Co-Founder
@ FutureGPT
VulnconNikhil Prabhakar
Nikhil Prabhakar
Founder
@ PodArmor
VulnconPragatheesh
Pragatheesh
Cyber Security Leader, Global GCC
VulnconPrajal Kulkarni
Prajal Kulkarni
CISO
@ Groww
VulnconPraveen Dixit
Praveen Dixit
Global Head & Field CISO
@ Securelayer7
VulnconPraveen Nettimi
Praveen Nettimi
Founder & CEO
@ AtyaSecure
VulnconRam Kumar G
Ram Kumar G
Cyber Security & Risk Leader
@ Global Automotive Company
VulnconRavi Rajput
Ravi Rajput
Chief Security Officer
@ NeoTech Solutions
VulnconRex Pushparaj
Rex Pushparaj
Founder & CEO
@ Rex Cyber Solutions
VulnconSai Lakshmi Sathyanarayana
Sai Lakshmi Sathyanarayana
Cyber Security Leader, EY Global Delivery Services
VulnconSanil Nadkarni
Sanil Nadkarni
CISO
@ Cummins
VulnconSanjeev Jaiswal
Sanjeev Jaiswal
Security Architect
@ Flipkart
VulnconShashank
Shashank
Co-founder & CEO
@ CredShields
VulnconShivakumar Dhakshinamoorthy
Shivakumar Dhakshinamoorthy
Head Enterprise Service Delivery
@ Lenovo
VulnconShubham Mittal
Shubham Mittal
CEO & Co-Founder
@ RedHunt Labs
VulnconSudhir Goel
Sudhir Goel
Founder & President
@ Cyber Vigilance Group
VulnconSyed Shahrukh Ahmad
Syed Shahrukh Ahmad
Co-Founder
@ CloudSEK
VulnconVandana Verma
Vandana Verma
Security Relations Leader
@ Snyk
VulnconVishal Kalro
Vishal Kalro
CISO & DPO
@ Quantiphi

Villages

Solder & Spark Badge Village

Dive into the electrifying world of electronics at Vulncon 2025’s Soldering a Badge Village, hosted by the innovative IoTSRG crew! This isn’t just a workshop—it’s a thrilling, hands-on adventure where you’ll craft your very own electronic badge from scratch. Perfect for curious newbies and gadget geeks alike, this one-day extravaganza promises a dynamic blend of fun and learning. You’ll master the art of soldering—both classic techniques and cutting-edge Surface Mount Technology (SMT)—while assembling a circuit that powers up with a battery and switch. No experience? No problem! We’ve got you covered with everything you need: soldering irons, solder paste, tweezers, flux, and a badge kit loaded with a PCB, components, and more. Kick off the morning with a crash course in soldering wizardry, roll up your sleeves for afternoon badge-building action, and wrap up the evening with final tweaks, testing, and a lively Q&A. Whether you’re sparking a new passion for electronics or leveling up your hobby game, this village is your gateway to a shockingly good time!
By Mohammed Saqeeb Shariff, Karthik Ekanathan
Read More
vulncon
Mohammed Saqeeb Shariff
Consultant @ SISA
vulncon
Karthik Ekanathan
QE engineer @ Crestron

Secure Code Village

Secure coding is no longer an afterthought—it is a necessity. As organizations strive to build secure applications, security must be integrated at every stage of development. Secure Code Village (https://securecodevillage.com/ ) proposed one-day, hands-on experience at VULNCON 2025, dedicated to empowering developers, security engineers, and DevSecOps teams with practical skills and knowledge to build secure software from the ground up.

This initiative aims to provide attendees with a unique learning opportunity through interactive workshops, Code Capture The Flag (Code CTF) challenges, and live demonstrations. By incorporating Secure Software Development Lifecycle (Secure SDLC), DevSecOps automation, and shifting left in security, the Secure Code Village will equip participants with the skills needed to proactively identify and mitigate security risks in their code. This session aligns with Vulncon's mission to advance cybersecurity awareness and best practices.

By Gaurav Bhosale, Hare Krishna Rai
Read More
vulncon
Gaurav Bhosale
Founder @ Secure Code Village
vulncon
Hare Krishna Rai
Security Engineer @ Okta

Workshops

Cloud Breach Tactics: Enumeration to Initial Access

The most valuable findings in modern penetration tests start with effective cloud enumeration. This workshop teaches techniques to discover cloud resources and gain initial access into AWS, GCP, and Azure environments. You'll learn methods used in professional cloud penetration testing and red team assessments. Whether you're a pentester, offensive security consultant, or bug bounty hunter, you'll gain the edge to discover high-impact vulnerabilities that others miss.

Most companies now use cloud services, creating a unique attack surface with its own security challenges. This workshop shows you how to find and exploit weaknesses in cloud environments.

In this 4-hour hands-on session, you will learn:

  • Enumerating Cloud Footprint
  • Public Resource Discovery
  • Exposed Secrets (and where to find them)
  • From Discovery to Access

The workshop includes real-world demonstrations and hands-on exercises. You'll get practical experience with the discussed tools and methods.

We'll end with an exciting Capture The Flag (CTF) challenge to apply everything you've learned during the workshop.

Ideal Audience:

This workshop is best for individuals aiming to break into cloud environments, including:

  • Pentesters Specializing in Cloud Security
  • Offensive Security Engineers
  • Cloud Security Consultants
  • Security Engineers
  • Bug Hunters

What to Expect:

  • Hands-on labs
  • Slides
  • CTF & Fun

What Not to Expect:

  • Mitigation against these attacks
  • Mastering cloud platforms - truly mastering multi-cloud takes time

Requirements:

Attendees need internet connectivity and personal laptops during the workshop. Prerequisites to setup before workshop will be shared a week before workshop.

By Chandrapal Badshah, Mohit Singh
Read More
vulncon
Chandrapal Badshah
Independent Security Consultant
vulncon
Mohit Singh
Cloud Security Engineer @ Meesho

Threat Hunting and Detection - How Modern Data-Driven Threat Hunting is Done

In today's rapidly evolving threat landscape, traditional security monitoring is no longer sufficient. Modern threat hunting requires a data-driven approach that leverages advanced analytics, algorithms, and security intelligence. This session will provide an in-depth look at how cybersecurity teams can proactively detect threats by applying Jupyter Notebooks, Python-based analytics, and Outlier Detection techniques using Numpy and Pandas.

Join us for a technical deep dive into real-world threat hunting scenarios, where we will explore:

  • The fundamentals of data-driven threat hunting.
  • How to leverage Jupyter Notebooks for security analysis.
  • Outlier detection algorithms to identify anomalies in security logs.
  • Hands-on techniques using Numpy & Pandas for large-scale data analysis.

We will also walk through live demonstrations and interactive case studies that showcase how to detect stealthy threats hidden within massive datasets.

Key Takeaways:

  • Understanding modern threat hunting methodologies.
  • Using Jupyter Notebooks for security research and detection.
  • Implementing Outlier Detection for anomaly-based threat detection.
  • Practical data analysis techniques with Numpy & Pandas.
  • Real-world demos and case studies of threat hunting in action.

Requirements:

Attendees need internet connectivity and personal laptops during the workshop. Prerequisites to setup before workshop will be shared a week before workshop.

By Archan Choudhary
Read More
vulncon
Archan Choudhary
Founder & CEO @ BlackPerl DFIR

Dynamic Instrumentation on Linux/Android using Frida

The ability to perform dynamic instrumentation and peek into processes is close to a superpower when it comes to debugging and reverse engineering applications.

Frida is a world-class scriptable dynamic binary instrumentation toolkit for dynamic analysis and reverse-engineering. FRida lets you inject snippets of JavaScript or your own library into native apps on Windows, macOS, GNU/Linux, iOS, Android, and QNX. FRida also provides you with some simple tools built on top of the Frida API. Simply put, if you want to be a Thor when debugging or reverse engineering black-box apps, Frida is your Mjölnir.

This training is for attendees who would like to get up to speed with FRida and perform dynamic instrumentation in Linux/Android environment. You'll learn to use FRida to peek into black-box binaries on Linux, apps on Android and subvert the protection mechanisms.

The workshop will begin with an introduction to Frida, highlighting its core functionalities and its application in various contexts. We will then delve into several practical use cases, showcasing how Frida can be employed to perform security testing. We will cover some advanced concepts such as writing custom Frida scripts, memory manipulation and RASP hooking.

By the end of the workshop, attendees will gain a comprehensive understanding of Frida's capabilities and be equipped with practical knowledge to leverage advanced dynamic instrumentation for security testing, research and application analysis.

This is a workshop for you if your answer is yes to any of the following questions:
  1. This is a workshop for you if your answer is yes to any of the following questions:
  2. Have your ever wanted to peek inside a black box process on your OS and didn’t know the right tools to use?
  3. Were you tasked with pentesting thick-client apps, binaries or Android apps with no docs and wanted to understand the inner workings?
  4. Did you ever play a desktop game and wondered if you could control the outcome in your favour by fiddling with the game at runtime?
  5. Have you ever wanted to subvert an Android application’s security by bypassing black-box security mechanisms such as encryption/RASP?
By Bharat Kumar, Prateek Thakare
Read More
vulncon
Bharat Kumar
Security Engineer @ PhonePe
vulncon
Prateek Thakare
Security Engineer @ PhonePe

Building a Kubernetes Breach & Attack Simulation Program From Scratch: A Hands-On Practical Guide

This workshop will begin by explaining the goals and objectives of a Kubernetes Breach & Attack Simulation (BAS) program. It will cover fundamental terms and address why BAS is crucial for Kubernetes environments and how to implement it effectively.

It will delve into Kubernetes architecture, explaining the roles of various components within its ecosystem. Next, it will include Threat Modeling of Kubernetes cluster components to explain its attack surface. This section will also feature a Kubernetes attack matrix (mapped on MITRE) to illustrate various potential attack vectors.

To provide an understanding of how to initiate and mature a Kubernetes BAS program, We will discuss a K8s BAS Maturity Matrix. This will help participants learn how to start from scratch and gradually enhance their defenses within a Kubernetes environment.

The workshop will then explore how to conduct atomic testing for a Kubernetes BAS program and progress towards micro and full emulation. This section will also explain the necessary architecture for this setup.

Finally, we will provide a live demo of an end-to-end attack simulation on a Kubernetes cluster. Using a Python-coded scenario, this demo will showcase how to execute a MITRE ATT&CK-mapped attack (Full Emulation plan), step-by-step, on a K8s cluster.

The aim is to not only simulate a realistic attack but also to identify potential detection gaps and areas for improvement in the current defense strategies.

By Monty Shyama
Read More
vulncon
Monty Shyama
Threat Detection Engineer @ CRED

Our Sponsors

T-Shirt

Lanyard

Workshop

Goodie Bag

CTF Sponsor

Exhibitors

Community Partners

Bios Meetup
Future GPT
IoT SRG
Null
The Hackers Meetup
BSides Ahmedabad
BSides Mumbai
Cocon
CYBE CSA Bangalore

Student Pass [Last Minute Sale]

student
4,399
3,899

Price excluding taxes

Includes

  • 2-Days Conference Access
  • Workshop / Village
  • Lunch/High Tea
  • Attendee Goodies
  • CXO Panels
  • Offline CTF

Individual Pass [Last Minute Sale]

individual
4,999
4,699

Price excluding taxes

Includes

  • 2-Days Conference Access
  • Workshop / Village
  • Lunch/High Tea
  • Attendee Goodies
  • CXO Panels
  • Offline CTF

Corporate Pass [Last Minute Sale]

corporate
6,999Sold Out

Price excluding taxes

Includes

  • 2-Days Conference Access
  • Workshop / Village
  • Lunch/High Tea
  • Attendee Goodies
  • Network Cocktail Party
  • CXO Panels
  • Offline CTF

HIGHLIGHTS FROM VULNCON

Technical Talks
1

Technical Talks

Meet Globally Respected Security Experts and Tap into Their Knowledge and Insights.

Training
2

Training

Experience Practical Training on Advanced Security Techniques.

Exhibition
3

Exhibition

Showcase Your Solutions to India's Corporate and Government Markets in Our Exclusive Exhibit Space.

CTF (Capture The Flag)
4

CTF (Capture The Flag)

Showcase your hacking skills, solve challenges, and climb the leaderboard in this ultimate cybersecurity competition!

CxO Panel Discussions
5

CxO Panel Discussions

Experience high-level insights from the top security executives. Explore strategies, emerging threats, and current trends shaping the cybersecurity industry.

Villages
6

Villages

Interactive spaces where cybersecurity enthusiasts can dig into hands-on hacking, tool testing, and real-time demos. These interactive workshops encourage skill-building, collaboration, and community-driven innovation.

Testimonials

Kamal Sharma, VP & CISO @ ASM Technologies

Speaking at #VULNCON24 was an amazing experience, filled with insights on vulnerabilities and defense strategies. The IISc Bangalore venue brought a nostalgic campus vibe, and the sessions were highly informative with unmatched networking opportunities. Can’t wait for #VULNCON25!

Kamal Sharma, VP & CISO @ ASM Technologies
Donavan Cheah, Sr Cybersecurity Consultant @ Thales

Attending Vulncon 2024 in Bengaluru was unforgettable. The city’s energy and the passion of its people were inspiring. After my panel, many students approached me to discuss my cybersecurity journey, which was truly touching. Vulncon’s first in-person event connected the Indian cybersecurity community to the global landscape, showcasing its potential.

Donavan Cheah, Sr Cybersecurity Consultant @ Thales
Jayesh Chauhan, CISO @ CoinSwitch

Vulncon experience as a panelist was sublime. The management team did a great job in making me feel at home.

Jayesh Chauhan, CISO @ CoinSwitch
Manikant R Singh, Vice president & CISO @ DMI finance

I recently attended Vulncon security conference and was thoroughly impressed. The event was well-organized, with insightful sessions, knowledgeable speakers, and excellent networking opportunities. I left with actionable strategies and look forward to future conferences. Thank you for an impactful experience!

Manikant R Singh, Vice president & CISO @ DMI finance

Event Gallery

Featured Gallery Image
Gallery Image 2
Gallery Image 3
Gallery Image 4
Gallery Image 5
Gallery Image Small 1
Gallery Image Small 2
Gallery Image Small 3
Gallery Image Small 4
Gallery Image Large
After Movie

Watch Vulncon 2024 Aftermovie

Subscribe to Our Newsletter

Subscribe now to unlock latest updates, insider tips, and special offers directly to your inbox.

Don't miss out—become a part of our vibrant community today!

We respect your privacy! Your information is safe with us. Read our Privacy Policy to learn more.