Jeff Foley has 20 years of experience focused on applied research & development, security assessment, and attack surface management. He is the Founder and Project Leader for Amass, an OWASP (Open Web Application Security Project) Foundation Flagship Project that performs in-depth attack surface mapping and asset discovery. Jeff is currently the Vice President for Attack Surface Protection at …

Anand Tiwari is an information security professional with a strong technical background working as a Technical Product Manager (PM), focusing on the more technical aspects of a cloud security product. He tries to fill it in by doing in-depth technical research and competitive analysis, given business issues, strategy, and a deep understanding of what the product should do and how the products …

Nicolas is a French security researcher, a proud dad of two children. He started Wapiti in 2006 when he was learning Python programming language. Nicolas is currently working in the infosec field as a programmer at CybelAngel (since 2015). Wapiti is a web-application vulnerability scanner that allows you to audit the security of your websites or web applications. It performs …

unblob is an accurate, fast, and easy-to-use extraction suite. It parses unknown binary blobs for more than 30 different archive, compression, and file-system formats, extracts their content recursively, and carves out unknown chunks that have not been accounted for. unblob is free to use, licensed under MIT license, it has a command line interface and can be used as a Python library. This turns …

Christian Folini is a Swiss security engineer and web application firewall expert working at netnea.com. Christian studied History and Computer Science and graduated with a PhD in Medieval History. He is the author of the ModSecurity Handbook (2ed), He also co-lead the OWASP ModSecurity Core Rule Set (CRS) project that runs on millions of servers globally. Furthermore he serves as the program …

Graduated in 1999 from Epita (France) as IT security engineer, Philippe endorsed many roles before creating its latest company CrowdSec. From Pentester to community builder (Magento) or even eCommerce expert (author of 4 books), or CTO, he is tech curious and loves to dive into new trends like IoT, crypto currencies or AI. But whatever the context is, his crush is and will forever be IT security, …

Alexandre Dulaunoy leads the Luxembourgian Computer Security Incident Response Team (CSIRT) CIRCL in the research and operational fields. He enjoys working on projects that blend “free information,” innovation, and direct social improvement. When not gardening binary streams, he likes facing the reality of ecosystems while gardening plants or doing photography. He enjoys it when humans use …

Ai Ho (mostly known as j3ssie) is a self-taught security engineer with a computer science background who loves automation. He got Interested in responsible disclosure/bug bounty nearly three years ago and have been building some of my own tools to do it. He wrote Osmedeus, Jaeles and Metabigor to help his bug bounty efforts and made these projects open source for the community. Osmedeus- …

Ruslan Habalov has a computer science background with a focus on code analysis and is interested in scalable solutions to challenging security problems. His security research covered an exploitable remote code execution bug in PHP used against a popular platform in a bug-bounty context as well as side-channel attacks against browsers. As a machine learning enthusiast he’s looking for options …

Jack Baker is a professional security researcher and amateur video game hacker. Jack has spoken at a handful of conferences including DEF CON on subjects relating to reverse engineering and vulnerability research. Jack started his infosec career as a software developer in the fintech space before realizing that breaking things is less stressful than defending them. Since then, Jack has had the …