AJIN ABRAHAM

Security Research

Injecting Security into Web Apps at Runtime - Slide Paper Video

Automated Mobile Application Security Assessment with MobSF - Slide Video

Hacking Samsung’s Tizen: The OS of Everything - Slide Paper Video

Abusing Google Apps and Data API: Google is My C&C - Slide Paper Video

Abusing, Exploiting and Pwning with Firefox Add-ons - Slide Paper

Detecting and Exploiting XSS with Xenotix XSS Exploit Framework - Slide Paper Video

The Ultimate XSS Protection Cheat Sheet - Paper

Security Tools

CMSScan Github

Droid Application Fuzz Framework - DAFF Github

Mobile Security Framework - MobSF Github

NodeJsScan Github

OWASP Xenotix XSS Exploit Framework Github Download

Xenotix xBOT Github

Firefox Addon Exploit Suite Github

Conference Talks

BlackHat Asia Marina Bay Sands, Singapore - Mobile Security Framework (Arsenal)

Mar 22 2018

Hack In Paris, France - Injecting Security into webapps at Runtime

Jun 23 2017

PHDays, Moscow, Russia - Injecting Security into Webapps at Runtime

May 24 2017

SACON, Pune, India - Technical Architecture of RASP Technology

May 13 2017

Nullcon Goa, India - Injecting Security into Web apps with Runtime Patching and Context Learning

Mar 4 2017

ASC Mobile Safety Forum Shenzhen, China - Simplifying Mobile Application Security Assessments with MobSF

Oct 25 2016

OWASP AppSec Europe Rome, Italy - Automated Mobile Application Security Assessment with MobSF

Jun 30 2016

Nullcon Goa, India - Automated Mobile Application Security Testing with Mobile Security Framework (MobSF)

Mar 12 2016

c0c0n Kochi, India - Automated Security Analysis of Android & iOS Applications with Mobile Security Framework

Aug 21 2015

HITBSecConf Amsterdam, Netherlands - Hacking Samsung’s Tizen: The OS of Everything

May 29 2015

BlackHat Asia Marina Bay Sands, Singapore -OWASP Xenotix XSS Exploit Framework, Mobile Security Framework (Arsenal)

Mar 26 2015

Nullcon Goa, India - Hacking Tizen: The OS of Everything

Feb 7 2015

Ground Zero Summit Delhi, India - Abusing Google Apps and Data API: Google is My Command and Control Center

Nov 6 2013

Toorcon San Diego, USA - Abusing Google Apps: Google is my Command and Control Center

Oct 23 2013

BlackHat US Las Vegas, USA - OWASP Xenotix XSS Exploit Framework, Xenotix xBOT (Arsenal)

Jul 27 2013

BlackHat Europe, Amsterdam, Netherlands - OWASP Xenotix XSS Exploit Framework (Arsenal)

Mar 15 2013

Nullcon Goa, India - Detecting and Exploiting XSS Vulnerabilities and Xenotix XSS Exploitation Framework

Feb 27 2013

OWASP AppSec APAC Jeju, South Korea - Abusing, Exploiting and Pwning with Firefox Add-ons

Feb 21 2013

ClubHack Pune, India - Detecting and Exploiting XSS with OWASP Xenotix XSS Exploit Framework

Dec 1 2012


-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBFW1AgoBEADKG8CUkCr+ntGeGlFKYriVAilDUbDxCD7yDHhqjkM8s9mJyy7M
7FsQWhw7P7//r1hCEMKIZOsuCTC39StHC1yTL+iBsU18QhyzNK5D7HGJBtoExD75
isG/Ajb5WsKSRd1mty5Xw/qHXTVRzxbKnAQ3GX8y2fgi/OrY3iHQYrgrrMvN2E8x
dti1q/iBNDwDEGcLPLalJFiyB/nu3UB8RFrFk2sv9bAq0oGvg+0yoWTNfnC4jB7h
a3PSVc9YqPYVMCihKrn6zLi5y4c4oKJs4GeI/uDWA9Q7R0ug3O7H2vx6FOd5bCVd
ZwiY/EHgxheuTbrKk5mcfMhgzokbDet4fabYINMWjxWRz3GiTJQ01FueiFtaQQx6
zLacloJzkcoTapWOxqzdGrrgwk2AedF9N+BqyHJFOpCZuetu1OArllQ7cfQDHaO3
dhpDgBxYpmRQX5DzARvfvL3YNes76Ain60pOmsGEowzw71Q0lCcKf+gDvYsvQbm9
pBf6T3DmOFQwIBer8oEmoFriziu4u6Gzk2SbVWzSbI7Zde7SFJ8/yO8YzlldgwfL
tAcrHk0Zs7CrkLAsYQ+ekdiSh6c5Pnc40GKojt9caSqgXM2Klu2ImOhGVWmGyAwW
A2/QbJU1M1JUvlvjgZHnxZxzqWxBHkSpge+Pzvv/XPc6w23I2HRmUcCrMQARAQAB
tB9BSklOIEFCUkFIQU0gPGFqaW4yNUBnbWFpbC5jb20+iQI9BBMBCgAnBQJVtQIK
AhsDBQkHhh+ABQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJEE+OS9jmsmwzRI4Q
ALAZ3CjQDr19qQ1H3xy2om1xH32M+xAUHPnpbobTO17urnwfMWqRTxpLO0HWPfe/
AEwSnrsJgG8ZhTzix++hxs3/j4WYc0FdqsiB1Jq0u7FAJrdaj9CeE1HNDOneC0hD
9D5hbz+gQbQRV/yW4mmYEtEawg0AYQ/cGWhsdqnqsnHx+W/lsLM1xG61O9kiOxL7
80oRdmPKbHABptb19W+P01ikJ3/7btg9imtAbdfHWIEBQDlm+VqWl1ZIzinPy9jk
f9h3eSYi4le44ciBsMaS4tBB23LI3uXlXW7ocKEqxfQOn13USnxEYMGasEjqDhRT
bccGLqwLsG1/xB/U9B97FhqoBI042AOD02z/lqMmWtWXF3BeaV04+vcp8shly1Id
RhDWbQ006hr5eD82KtPi7QAvdfW8WjFrT2zLR6ZCQXHF+91A1yxInwQ9y/L9Ps9P
4UAI6XFViySSXM2ih2OtPo8A1zBfZXjxoRZm/h2klRWuBhvNaLPE50glgE8dr1oT
vnizRptAOft+RAkIr8xSS16HonWhJeTRNc+6yiKayJzNjRQyHjm3hEcK5JBAKjfW
dyPmme3DLnN1FY9PFqIUiHgHsZkreNQ6HSdUN4535BoAQrOKnwcN4lYHF/3U0+oz
w1X1x67BAEmVWcuTPhJXh5IxlosKhaKdrSxQ0uu8wadFuQINBFW1AgoBEAC65Aw/
WLmVJhOrkRjUyzvMP50lbrSdcSX77EaufEc7MaJxicwvFu4mimpFBdpiOkRoaDvk
pWOnteHGbdIUmzaBaeIbk1AVsTdTh3Ph/MrCTHEzlQXXVf/uAtZcdSOrZ7Fl8Q0x
oi0LQyxocrvmBXGzUDWZidLf676NUDVArDCvIec4e0D1CpKW7GpWvcziIJVRPYwJ
G7xGo047dz3NqcrtGno737yL75zi20oY3MC1fPEX7fxq+JalOfjfLtYFIVn4JAmx
Tld3mOia00FnX7VLN7sw1ASDzxc9tq2jj913H0Rx6dUotO1lyVrpWjEB/Fhx4MXk
USVPipB4iZcBixWBLi0MNlBflDbISS39laqbcS64hOSuRs62ZSRvdJCVw78g5/Du
msl6JAtxEvIpAS/dk+2QqUqG5Aqx0DzzZbUbG3ckO125+vXfuV0FJ0aBD0sI6qEt
PHnUNaizRuazwG6uDFvpBgkfr6QcOXv7pcJq2mo48IxYk9NjLPMI9kdTJm/9cyjx
xhwlmqTfn2uz9f0hdRfNJaG2ohd2A+t7AWK81z8iUfGqJYRk9qdsTPXQmlbUf14V
QN0BK1FQsu7t3UZRGKhAmzfnSy3LkmxQGlZC/rUW+B8jOxbElfMQx0h+XkJKnCRZ
1JVPuFUSPrvehv5raNGwE+yV5zfAlqKVp6wgkQARAQABiQIlBBgBCgAPBQJVtQIK
AhsMBQkHhh+AAAoJEE+OS9jmsmwzfv4P/2yNmCL3dn01lRVlttRK8Cb+Ti4AmO66
V3+0+GcjJhSwTEnLiVq2T4H/0kl0p7IrHp3pQ0NBD/Gm5o/tvYUnuCZCuDm6KDRg
Ghh+FvNmFlSuZsIW4XJkFOIVSfP3klASPY10NYb5HaomSJdLMnzY6js58xRTTByJ
aJjDDf4pHXjrhmbuyPMrebDwJJKfs8bp0ECo+I5KTpygl0fJL1yqFqUareXSpy5x
4hkfLOnv51Q5Jns21OXW0OWjjLqtRWnnSFxehNr6KxoEoX2PQer223dS6i2FIU1a
q5J9GKwevS8cc0a0PJe9/HvVLC68YoE6P3qbuQbWBODS85IvMMsYSjmitFvQFg2B
La3ZLIdertsR3FGR8RK3KEtrivRKR+K40v1L9cAZToo0CjNr3onleBavRODz0Q0B
2fY6PsdmDieJ36qxIVBZavqxc3PulvOY7pzH1n6EmsBNryf+3aOk7BPnXscQiZP4
lPkO0qidn0xy9swYDIE5D37KEK63Bte+caaaM2uBQeWEXuxkgoYGZp96KDPVb1SL
MTDw7AfuxC5mBxBBZs/2afBaf8lEEnvPu4KcPp/iOiNLLXa+NYZGhLLK0tV7qYAq
Cy5Oiezhzl5MoLz9CEb9XLUeXg6an/69op8OvrRrh+v0rEFcrRLR3ITggQQrd9Cs
l2fXTAQ/uPkP
=ob6b
-----END PGP PUBLIC KEY BLOCK-----