Shaping a safer digital future through collaboration and education, Vulncon serves as a premier platform for advancing cybersecurity, data protection, and privacy. We foster partnerships among corporates, government agencies, academia, and industry leaders to address today’s most critical challenges. Our mission is to bring together brilliant minds from diverse sectors to drive innovation and solutions. Through engaging workshops, technical briefings, and community-driven events, we inspire professionals at all levels to learn, innovate, and collaborate. With a global perspective, we are committed to building a resilient and secure digital ecosystem for the future.
Secure coding is no longer an afterthought—it is a necessity. As organizations strive to build secure applications, security must be integrated at every stage of development. Secure Code Village (https://securecodevillage.com/ ) proposed one-day, hands-on experience at VULNCON 2025, dedicated to empowering developers, security engineers, and DevSecOps teams with practical skills and knowledge to build secure software from the ground up.
This initiative aims to provide attendees with a unique learning opportunity through interactive workshops, Code Capture The Flag (Code CTF) challenges, and live demonstrations. By incorporating Secure Software Development Lifecycle (Secure SDLC), DevSecOps automation, and shifting left in security, the Secure Code Village will equip participants with the skills needed to proactively identify and mitigate security risks in their code. This session aligns with Vulncon's mission to advance cybersecurity awareness and best practices.
The most valuable findings in modern penetration tests start with effective cloud enumeration. This workshop teaches techniques to discover cloud resources and gain initial access into AWS, GCP, and Azure environments. You'll learn methods used in professional cloud penetration testing and red team assessments. Whether you're a pentester, offensive security consultant, or bug bounty hunter, you'll gain the edge to discover high-impact vulnerabilities that others miss.
Most companies now use cloud services, creating a unique attack surface with its own security challenges. This workshop shows you how to find and exploit weaknesses in cloud environments.
In this 4-hour hands-on session, you will learn:
The workshop includes real-world demonstrations and hands-on exercises. You'll get practical experience with the discussed tools and methods.
We'll end with an exciting Capture The Flag (CTF) challenge to apply everything you've learned during the workshop.
This workshop is best for individuals aiming to break into cloud environments, including:
Attendees need internet connectivity and personal laptops during the workshop. Prerequisites to setup before workshop will be shared a week before workshop.
In today's rapidly evolving threat landscape, traditional security monitoring is no longer sufficient. Modern threat hunting requires a data-driven approach that leverages advanced analytics, algorithms, and security intelligence. This session will provide an in-depth look at how cybersecurity teams can proactively detect threats by applying Jupyter Notebooks, Python-based analytics, and Outlier Detection techniques using Numpy and Pandas.
Join us for a technical deep dive into real-world threat hunting scenarios, where we will explore:
We will also walk through live demonstrations and interactive case studies that showcase how to detect stealthy threats hidden within massive datasets.
Attendees need internet connectivity and personal laptops during the workshop. Prerequisites to setup before workshop will be shared a week before workshop.
The ability to perform dynamic instrumentation and peek into processes is close to a superpower when it comes to debugging and reverse engineering applications.
Frida is a world-class scriptable dynamic binary instrumentation toolkit for dynamic analysis and reverse-engineering. FRida lets you inject snippets of JavaScript or your own library into native apps on Windows, macOS, GNU/Linux, iOS, Android, and QNX. FRida also provides you with some simple tools built on top of the Frida API. Simply put, if you want to be a Thor when debugging or reverse engineering black-box apps, Frida is your Mjölnir.
This training is for attendees who would like to get up to speed with FRida and perform dynamic instrumentation in Linux/Android environment. You'll learn to use FRida to peek into black-box binaries on Linux, apps on Android and subvert the protection mechanisms.
The workshop will begin with an introduction to Frida, highlighting its core functionalities and its application in various contexts. We will then delve into several practical use cases, showcasing how Frida can be employed to perform security testing. We will cover some advanced concepts such as writing custom Frida scripts, memory manipulation and RASP hooking.
By the end of the workshop, attendees will gain a comprehensive understanding of Frida's capabilities and be equipped with practical knowledge to leverage advanced dynamic instrumentation for security testing, research and application analysis.
This workshop will begin by explaining the goals and objectives of a Kubernetes Breach & Attack Simulation (BAS) program. It will cover fundamental terms and address why BAS is crucial for Kubernetes environments and how to implement it effectively.
It will delve into Kubernetes architecture, explaining the roles of various components within its ecosystem. Next, it will include Threat Modeling of Kubernetes cluster components to explain its attack surface. This section will also feature a Kubernetes attack matrix (mapped on MITRE) to illustrate various potential attack vectors.
To provide an understanding of how to initiate and mature a Kubernetes BAS program, We will discuss a K8s BAS Maturity Matrix. This will help participants learn how to start from scratch and gradually enhance their defenses within a Kubernetes environment.
The workshop will then explore how to conduct atomic testing for a Kubernetes BAS program and progress towards micro and full emulation. This section will also explain the necessary architecture for this setup.
Finally, we will provide a live demo of an end-to-end attack simulation on a Kubernetes cluster. Using a Python-coded scenario, this demo will showcase how to execute a MITRE ATT&CK-mapped attack (Full Emulation plan), step-by-step, on a K8s cluster.
The aim is to not only simulate a realistic attack but also to identify potential detection gaps and areas for improvement in the current defense strategies.
Meet Globally Respected Security Experts and Tap into Their Knowledge and Insights.
Experience Practical Training on Advanced Security Techniques.
Showcase Your Solutions to India's Corporate and Government Markets in Our Exclusive Exhibit Space.
Showcase your hacking skills, solve challenges, and climb the leaderboard in this ultimate cybersecurity competition!
Experience high-level insights from the top security executives. Explore strategies, emerging threats, and current trends shaping the cybersecurity industry.
Interactive spaces where cybersecurity enthusiasts can dig into hands-on hacking, tool testing, and real-time demos. These interactive workshops encourage skill-building, collaboration, and community-driven innovation.
Speaking at #VULNCON24 was an amazing experience, filled with insights on vulnerabilities and defense strategies. The IISc Bangalore venue brought a nostalgic campus vibe, and the sessions were highly informative with unmatched networking opportunities. Can’t wait for #VULNCON25!
Attending Vulncon 2024 in Bengaluru was unforgettable. The city’s energy and the passion of its people were inspiring. After my panel, many students approached me to discuss my cybersecurity journey, which was truly touching. Vulncon’s first in-person event connected the Indian cybersecurity community to the global landscape, showcasing its potential.
Vulncon experience as a panelist was sublime. The management team did a great job in making me feel at home.
I recently attended Vulncon security conference and was thoroughly impressed. The event was well-organized, with insightful sessions, knowledgeable speakers, and excellent networking opportunities. I left with actionable strategies and look forward to future conferences. Thank you for an impactful experience!
Subscribe now to unlock latest updates, insider tips, and special offers directly to your inbox.
Don't miss out—become a part of our vibrant community today!
We respect your privacy! Your information is safe with us. Read our Privacy Policy to learn more.