Appearances

Talks

Conference presentations, workshops, and panels on offensive security,
vulnerability research, and the mechanics of exploitation.

2025
Anatomy of Telecom Malware 2025
Full kill-chain dissection of telecom malware across RAN, core network, signaling plane, and supply chain attack surfaces. Covered network-resident implants in MME/AMF/UPF, SS7/Diameter/GTP signaling abuse, rogue eNodeB/gNodeB firmware, and SIM/USIM backdoors. Case studies include LightBasin (multi-MNO intrusion across 13+ operators) and a modified PGW binary implant surviving firmware upgrades. Detection pipelines using canary IMSIs, anomaly-based signaling telemetry, and future threats spanning ORAN xApp supply chain and AI-driven social engineering.
Slides Video
2024
Phantom in the Kernel: Exploiting Netfilter for Reliable LPE Featured
Technical walkthrough of CVE-2024-9680 analysis methodology — from fuzzing-induced discovery to a weaponized, reliable local privilege escalation exploit targeting Linux 6.x kernels.
Slides Video
Defeating ATM Disk Encryption: Where's the Money
Full attack chain against modern ATM disk encryption — bypassing cold-boot protections, extracting keys from volatile memory, and defeating FDE implementations in production cash-handling systems. Covered firmware extraction techniques, unattended key management flaws, and the physical attack surface that survives software hardening. Concluded with responsible disclosure findings and recommendations for hardened boot architectures.
Slides Video
Jackpotting the Snack Aisle: Exploiting Next-Gen Vending Machines
Security analysis of networked vending machines running embedded Linux and Windows IoT — from unauthenticated cashless payment APIs to remote code execution via unpatched telemetry agents. Demonstrated full compromise of MDB (Multi-Drop Bus) payment interfaces, manipulation of product pricing logic, and persistent implants surviving reboot cycles. Findings cover 5+ major vending platforms and responsible disclosure outcomes with vendors.
Slides Video
Weaponising JWT: Algorithm Confusion at Scale
Systematic analysis of JWT library implementations across 40+ major frameworks, revealing authentication bypass vulnerabilities in production SSO deployments.
Slides Video
2023
IoT Attack Surface: MQTT Fuzzing and Smart Home CVEs
Presentation of the IoT exploitation framework — architecture, MQTT fuzzing methodology, and the discovery pipeline that surfaced 12 critical CVEs in consumer smart home devices.
Slides
LLM Red Teaming: Guardrail Bypass at Scale
Methodology behind discovering 25+ LLM vulnerabilities with an 80% guardrail bypass rate — systematic adversarial prompting, model behaviour analysis, and responsible disclosure to AI vendors.
Slides Video
2022
2nd Place Nationally — Competitive Programming & Security Track
Top-ranked nationally and 1st at university level. Competed across algorithms, systems, and security challenges under a 24-hour competitive format.
Certificate

Invite me to speak

Available for conferences, workshops, and private briefings on offensive security, AI red teaming, and vulnerability research.

Get in touch