AJIN ABRAHAM

Security Research

Injecting Security into Web Apps at Runtime - Slide Paper Video

Automated Mobile Application Security Assessment with MobSF - Slide Paper Video

Hacking Samsung’s Tizen: The OS of Everything - Slide Paper Video

Abusing Google Apps and Data API: Google is My C&C - Slide Paper Video

Abusing, Exploiting and Pwning with Firefox Add-ons - Slide Paper

Detecting and Exploiting XSS with Xenotix XSS Exploit Framework - Slide Paper Video

The Ultimate XSS Protection Cheat Sheet - Paper

Security Tools

CMSScan Github

Droid Application Fuzz Framework - DAFF Github

Mobile Security Framework - MobSF Github

nodejsscan Github

OWASP Xenotix XSS Exploit Framework Github

Xenotix xBOT Github

Firefox Addon Exploit Suite Github

Conference Talks

Defcon 28 Demo Labs, USA - Mobile App Security Testing with MobSF

Aug 7 2020

BlackHat Arsenal, USA - Mobile App Security Testing with MobSF

Aug 5 2020

BlackHat Asia Marina Bay Sands, Singapore - Mobile Security Framework (Arsenal)

Mar 22 2018

Hack In Paris, France - Injecting Security into webapps at Runtime

Jun 23 2017

PHDays, Moscow, Russia - Injecting Security into Webapps at Runtime

May 24 2017

SACON, Pune, India - Technical Architecture of RASP Technology

May 13 2017

Nullcon Goa, India - Injecting Security into Web apps with Runtime Patching and Context Learning

Mar 4 2017

ASC Mobile Safety Forum Shenzhen, China - Simplifying Mobile Application Security Assessments with MobSF

Oct 25 2016

OWASP AppSec Europe Rome, Italy - Automated Mobile Application Security Assessment with MobSF

Jun 30 2016

Nullcon Goa, India - Automated Mobile Application Security Testing with Mobile Security Framework (MobSF)

Mar 12 2016

c0c0n Kochi, India - Automated Security Analysis of Android & iOS Applications with Mobile Security Framework

Aug 21 2015

HITBSecConf Amsterdam, Netherlands - Hacking Samsung’s Tizen: The OS of Everything

May 29 2015

BlackHat Asia Marina Bay Sands, Singapore -OWASP Xenotix XSS Exploit Framework, Mobile Security Framework (Arsenal)

Mar 26 2015

Nullcon Goa, India - Hacking Tizen: The OS of Everything

Feb 7 2015

Ground Zero Summit Delhi, India - Abusing Google Apps and Data API: Google is My Command and Control Center

Nov 6 2013

Toorcon San Diego, USA - Abusing Google Apps: Google is my Command and Control Center

Oct 23 2013

BlackHat US Las Vegas, USA - OWASP Xenotix XSS Exploit Framework, Xenotix xBOT (Arsenal)

Jul 27 2013

BlackHat Europe, Amsterdam, Netherlands - OWASP Xenotix XSS Exploit Framework (Arsenal)

Mar 15 2013

Nullcon Goa, India - Detecting and Exploiting XSS Vulnerabilities and Xenotix XSS Exploitation Framework

Feb 27 2013

OWASP AppSec APAC Jeju, South Korea - Abusing, Exploiting and Pwning with Firefox Add-ons

Feb 21 2013

ClubHack Pune, India - Detecting and Exploiting XSS with OWASP Xenotix XSS Exploit Framework

Dec 1 2012


-----BEGIN PGP PUBLIC KEY BLOCK-----

xsFNBF3mht8BEADcmw+MZKE47a5y034H/1BCjREdOXOCYoqyoZ/9rxmqZGWV
26WhTCFWGjpl2u9E9QqC23rv0XZPLndS8RNK8LgXLe2xTn99zjihCEn58drj
87A5EbgZvNOHh9GVofSUk7kfZO1HFWDu0//6c17sO8XGIA5zRBUaX53e2CtB
OoR32mZa5CZFNsacQeT/Y+qoOzvE/GSIauekfsv1+x/4+/ndBi1742unFKIS
RWslttKbLSPmE4SsfRcJLZ4+wdpH8m3vJMXUOc/zGLsbij0LdHTL2zidTkGN
ohQe7Es7szqbabs9s1kLvjuPUFpP+gE4CvyIeCOk/5YAxHKIxIiy0x/WWnmv
Xca18dwK4JxCuLQDZnmvItkO47djoyTgAXLnzHawzpBOGOV9Nw/qHG8Ppf+7
MGk/woQJAvrFw9JCan6CatTYF3AwYaSFimAcHuxN5iqmxxJBxm5MlHFmNiYK
Sg6h5okQ06VHoUYE8eQ/ofALINBOw5ZecUOAv3Lvc2Qvxssinp5tPerOy2IH
8OM/iRNvuiP5M7Dk/V/Oo58wMZMoj9aP/OlNd4tPqWuQNRiCi5ZIx4FglGAD
zvKM6szF3jVmZ8trzMDAN80G7Bm8K8psDibu2Awh5Dsk9KXK9b79Qf9BuYUS
+J/XIP2ElxmrdEu3y2MeiAyCRE1jB50sIBajgwARAQABzR9BamluIEFicmFo
YW0gPGFqaW4yNUBnbWFpbC5jb20+wsF1BBABCAAfBQJd5obfBgsJBwgDAgQV
CAoCAxYCAQIZAQIbAwIeAQAKCRDIiImrMhLsX9v2D/4wxGJf1TGwhAU5Iz6M
8MmXn+ctbYDC7UQW0buNb41uyz/M2cCaYI8ZCcaUVh5VjcTkcl+g0I08dGQP
nl/uuWtAuH0OJdI/Rx/bOhmArvUoJcc9tHVqEyEhOJkXY+1+c9Q5O0W5yVWk
1JUtzVtMqnxxDMh9cnQh/3Y9hkRRnzL0e8ki4jIoRozaB4EHsejSEAF6QKWO
cUTx0Hqh+oNkKmHo8d85Btmil/GCJzEbpK4L8hZfrqdK9ZWg27Ot09TILq6/
oXl2zcvasmOgMkx0T2hinv2ESpuQ/Oe2lSnt5UlTpeEG3sEN4dF/eOzGC5eB
DmbzfakWh0NU2jpPm2efU/ehoJ1fKT25GFumKI876pR1wPWFZ3cgL2lHb6H4
Jnu5F5QjTq3NXBLM5JOCRJQzxyc8kRO3r+Le7zETmMfrI/ARQ9ZudMFjemMJ
uZHvwNSAGisLkC/EKEoOmn/1cvyVPQD1vGfRytt32YO/NmIVS4eUmrChRnl7
YcU16Iq8BlPmQGen7JaDCtvJSi6fCd9w5MFxN9k48r0M9tc3syDtKXaPnrze
MxPPuPumIdgz3mBF8/JDoHuUydG5fBfnthrbrp5+vLnvwuls+gh6GGMlnuU3
gesbcmSRCdv7gimVDrbtGAQZv8U/dEolgR36GzSp/wgKrI1K9w+dnI8CKrbq
wvH1zs7BTQRd5obfARAAtxY2ekBvcxT7uEpFKJJ19y6XYgxg+7xJlAfSc7Ox
9BnEMd/bYtHvwaFkeI08ai5FHhoSKv2HrSTguHCgjQBgHwW3aliT57nCABrO
PK9VqWicbVOVnZ8tIARPNzyDxvdRidvDuuUeuzJk5R9IrTBCHOdrVegdEyG+
Dgpl4ksPP2lVOd+UxTiqOp/bTvw0o6BMX2cahtDe9WiEiDjEVicbNvF20ccj
pDlqExMA2emdKwtb0Nain5QJT49Pz+viaUSh/3XlchzytdrxGBk5/hbKJJVi
FyuZBMaDMxDkvK1KT4vMbHRVcWHx5D4zumQVRRqNjXgWwohhyr0nDlRsaUWs
nWK1YO/nzvvvT6h5TQtX7xLbXUjOpxpXMhRaEGHIMf1Q9c3cDV/vi4jA4N+1
hi008ESu7esZHmCP8juYMYy2jwTQ9eIBnqfnP2R3PbrDkDBxFvrRjgBDCt0t
XJpwYLJq8IIgJG2YEpRljR7iDuKrvMedmc7f4DNWyiFqnkcYwh1UnGpgkOQf
hNUs4D5BpwN3UZimRXiZEhvTk0P4Z90k6pgEiUDCm81MRj88+0bbkiOZJa4O
0QLjfNXuTqw2U4e9+G2UEFob6iT1FmO5cCHcPpeiUArfx3eEmyxrReXRzdgD
Y31U+GdwuN+dNmBtZ0qkktfVOMhDEe3ut/iEhNDFFkkAEQEAAcLBXwQYAQgA
CQUCXeaG3wIbDAAKCRDIiImrMhLsX1gjEACxRQE8yPfLwlHlBQPAxM3xVNQa
FLyDifAJDZsqQLugTt9e9WalzODp0IcvbLda2vSSq2hy91sOf+NjdV75O+7h
Nm1j8JH/XTMAnas4RupM3TkLeKmR8wc6GjL/InnuSYUew0jCQUMoRYiBpgwq
wkYyUqI6d3BxXJMoKbsVjxwuOhkluY644rHpqsfFl8c4i6cSYwPmEqgXFDek
fH6SALMFWBhIP7XMr5aKFWBC49hR5vJ4FoiRENoVbnc5OCXr4DxEZiIjEe1P
GkWvbZrxCdzYgq8TEgxh0WZImqTYOGiLFK5tXPP/+GprKvgSPmgmXcGhv3zx
7kt6+CBVEcUS08OmLk1nkQuMWbVlpqQU4xXBQXoMRFKNAnxdnKjOHnb3DGlw
eDWzF3BWwQC+TZhXkLCuCqxEa3gRUmLGg5YCIjd+YOwmMiVFwM5XXrjAaOux
UVDVBH9PnKrahOUbycCg6TZjUKnw2sJbgZlzR8A9ZZWDgtBXeDuPRJcn+/++
gwUFIoN/6rUruu+OOzkDsLYh4JY+6H9qSOBhVyMGqr9VFxfb4mUgbPRKEAWj
H1Ffv4Xd+6/DyamSmgDVLXqI/tPDTIHdDzGJ4Vit7jB+6pBZUs6hn4JZwmH0
X7UhgSlDFiulQCvbM2r9F/9Ihp8yAeWfbxl//vHwGCOu4moxo1ROrcPN4w==
=VtHO
-----END PGP PUBLIC KEY BLOCK-----