In this talk, we delve into the realm of application logic vulnerabilities, with a particular focus on scrutinizing application behavior and intricacies of business logic. In today’s intricate and interconnected digital landscape, where traditional security measures often fall short in addressing emerging threats, this discussion takes an unconventional approach. By meticulously dissecting application behavior, studying business logic intricacies, and thoroughly analyzing documentation, we aim to uncover unusual vulnerabilities. Through a series of in-depth explorations, this talk sheds light on the significance of understanding and addressing these often overlooked vulnerabilities. The findings underscore the need for developers, security professionals, and stakeholders to expand their perspectives beyond traditional security paradigms, embracing a more holistic approach to fortify digital systems against novel and intricate attack vectors.

Speaker's Bio

My Name is Nikhil Shrivastava AKA niksthehacker. I am an ethical hacker and bug bounty hunter. I have helped over 200 companies to uncover 1000+ Security Vulnerabilities such as Google, Microsoft, Tesla, Mozilla, Salesforce, eBay, Federal Agencies, and many more. I am the #1 hacker in India at Synack Red Team. I was awarded "Synack Legend Hacker" Status in 2021. I have also been interviewed by Defcon Red Team Village, Synack, and Indian media such as the Times of India, Economic Times, Indian Express, etc. I was also MSRC (Microsoft Security Response Center) Top 100 Hackers in 2016. I am the founder of Security BSides Ahmedabad, an international hacking conference hosted each year in Ahmedabad, India.