Selected talks, workshops, and roundtables at security conferences worldwide — DNS OSINT, nuclei-based detection engineering, and AI-driven vulnerability research.
How DNS records, certificate transparency logs, and passive DNS data can be combined to map product and service exposure across entire ASNs — covering techniques refined across two years of conference talks.
Practical DNS-based OSINT for uncovering product and service exposure — record enumeration, passive DNS pivoting, and fingerprinting techniques for attack surface mapping.
Updated and extended version of the nuclei phishing detection talk — covering new template patterns, infrastructure fingerprinting improvements, and real-world results from production detection pipelines.
Roundtable discussion on AI-accelerated vulnerability discovery — how LLM-assisted fuzzing, code analysis, and automated exploitation are reshaping the threat landscape and enterprise response.
How to use DNS data to discover what software products and services an organisation is running — without touching their infrastructure. Full recording on YouTube.
The full DNS OSINT talk at DEF CON 33 Red Team Village — how attackers and defenders can use DNS records, passive DNS, and certificate transparency to fingerprint software products and map service exposure without active scanning.
DNS-based OSINT for attack surface mapping — using MX, TXT, CNAME, and NS records to infer vendor relationships, SaaS usage, and product versions from the outside.
Passive DNS enumeration for product and service discovery — walking through real examples of identifying third-party software exposure and vendor footprints from DNS data alone.
Security research briefing at UK Parliament on the current state of vulnerability research, threat intelligence, and the cyber risks facing UK organisations and critical infrastructure.
Available for speaking engagements
Open to conference talks, workshops, and security briefings.