SecTools Podcast Series

SecTools #49

Conversations with Gelei Deng about PentestGPT.

Gelei Deng Sanoop Thomas 31 May, 2023

Gelei is a cybersecurity researcher with wide interests in system security and penetration testing. He is currently pursuing a Ph.D. in computer science from Nanyang Technological University, Singapore, where he explores security challenges in complex human-interactive systems. Gelei is also a blockchain auditor at Quantstamp, Inc., where he contributes to the audits of web3 projects and security …

SecTools #48

Conversations with Abhisek Datta about null swachalit, opensource software security, and VET.

Abhisek Datta Sanoop Thomas 23 Apr, 2023

Abhisek Datta is an accomplished security professional with over a decade of experience in information security solution engineering, services, vulnerability research, reverse engineering and security tools development.

He is an active participant of NULL Security Community, India’s largest open security community as a core team member responsible for technology development. He is an open source …

SecTools #47

Conversations with Tim Misiak about WinDbg, Time Travel Debugging and more.

Tim Misiak Sanoop Thomas 20 Feb, 2023

Tim Misiak has been working on debuggers and diagnostics for most of my professional career as a software engineer. For more than a decade, Tim has been working on the Microsoft Debugger Platform team, working on tools such as WinDbg and KD. He started the WinDbgNext project in 2016 that modernized WinDbg UI. Tim also wrote a chunk of the X86/X64 emulator used by Time Travel Debugging. Currently, …

SecTools #46

Conversations with Thomas Roccia about Unprotect Project, MSTICpy and IATelligence.

Thomas Roccia Sanoop Thomas 31 Jan, 2023

Thomas Roccia is the Sr. Security Researcher at Microsoft, working on threat intelligence, malware analysis, incident response, and more. He also has the interest in many other topics including mentoring and teaching, open-source, hacking, 3D printing and even blockchain ecosystem.

Thomas initiated Unprotected project back in 2015 as a database for Search Evasion Techniques and expanded it to a …

SecTools #45

Conversations with Erlend Oftedal about retire.js.

Erlend Oftedal Sanoop Thomas 07 Dec, 2022

Erlend has worked as a developer and security consultant for over 14 years, trying to build and break many different types of systems. He spends some of his free time on security research and open source tools, and is the main author behind retire.js - a free and open source scanner for JavaScript. He is also the chapter leader of the Norwegian OWASP chapter.

  • Retire.js - …

SecTools #44

Conversations with Jeff Foley about OWASP Amass project.

Jeff Foley Sanoop Thomas 21 Nov, 2022

Jeff Foley has 20 years of experience focused on applied research & development, security assessment, and attack surface management. He is the Founder and Project Leader for Amass, an OWASP (Open Web Application Security Project) Foundation Flagship Project that performs in-depth attack surface mapping and asset discovery. Jeff is currently the Vice President for Attack Surface Protection at …

SecTools #43

Conversations with Anand Tiwari about ArcherySec.

Anand Tiwari Sanoop Thomas 10 Oct, 2022

Anand Tiwari is an information security professional with a strong technical background working as a Technical Product Manager (PM), focusing on the more technical aspects of a cloud security product. He tries to fill it in by doing in-depth technical research and competitive analysis, given business issues, strategy, and a deep understanding of what the product should do and how the products …

SecTools #42

Conversations with Nicolas Surribas about Wapiti Project.

Nicolas Surribas Sanoop Thomas 11 Sep, 2022

Nicolas is a French security researcher, a proud dad of two children. He started Wapiti in 2006 when he was learning Python programming language. Nicolas is currently working in the infosec field as a programmer at CybelAngel (since 2015).

Wapiti is a web-application vulnerability scanner that allows you to audit the security of your websites or web applications. It performs …

SecTools #41

Conversations with ONEKEY Team (Marton Illes, Quentin Kaiser, László Vaskó and Florian Lukavsky) about Unblob Project.

Marton Illes Quentin Kaiser László Vaskó Florian Lukavsky Sanoop Thomas 29 Aug, 2022

unblob is an accurate, fast, and easy-to-use extraction suite. It parses unknown binary blobs for more than 30 different archive, compression, and file-system formats, extracts their content recursively, and carves out unknown chunks that have not been accounted for.

unblob is free to use, licensed under MIT license, it has a command line interface and can be used as a Python library. This turns …

SecTools #40

Conversations with Christian Folini about OWASP ModSecurity Core Rule Set (CRS).

Christian Folini Sanoop Thomas 15 Jul, 2022

Christian Folini is a Swiss security engineer and web application firewall expert working at Christian studied History and Computer Science and graduated with a PhD in Medieval History.

He is the author of the ModSecurity Handbook (2ed), He also co-lead the OWASP ModSecurity Core Rule Set (CRS) project that runs on millions of servers globally. Furthermore he serves as the program …