Sagnik Haldar
Nandan Gupta
Swarup Natukula
Arif
This talk introduces a high speed, open source CLI fuzzing and intruder tool designed for AppSec professionals. It supports multithreading, payload encoding, request file handling, custom headers, charset bruteforcing, and user-defined placeholders enabling highly customizable and efficient testing workflows. Originally inspired by feedback from OSCP practitioners, the tool is built to handle complex scenarios with speed and flexibility. Attendees will explore real world use cases, advanced fuzzing techniques, and how community driven tooling can advance offensive security practices.
Sagnik Haldar
Security Researcher
Sagnik Haldar is a Security Engineer at a product based company, with a focus on application security, DevSecOps, and offensive tooling. With hands on experience in secure code reviews, security automation, and vulnerability research, he work at the intersection of development and security to protect large-scale web applications.
Nandan Gupta
Principal Application Security Engineer @ Fintech
Nandan Gupta is an Application Security Engineer with a strong passion for cybersecurity. He focuses on penetration testing, secure code reviews, and threat modeling to identify and mitigate vulnerabilities early in the development lifecycle.
Swarup Natukula
Microsoft, Senior Security Assurance Engineer
Swarup Natukula is a seasoned cybersecurity professional with over 13 years of experience in application security, threat modeling, and penetration testing. He is passionate about advocating for secure-by-default designs and defense-in-depth strategies. He is an active member in OWASP Bay Area chapter.
Arif
Seasides Research Team
Senior Security Engineer with 5+ years of experience helping companies build and ship secure products without slowing down innovation. I specialize in Web, API, and Mobile Pentesting, Cloud Security, Threat Modeling, and embedding scalable SSDLC practices. My security journey began with curiosity and evolved into real-world impact—during an audit, I uncovered a critical flaw that could’ve exposed sensitive internal data. At Poshmark, I’ve led third-party library risk assessments, performed architecture reviews for key features, and rolled out secure coding practices across engineering. My threat modeling work improved early risk detection by 40%. Outside of work, I run hands-on security workshops, organize CTFs, and speak at conferences like c0c0n and Seasides. I'm open to the chance to solve real-world security challenges. Let’s connect and build secure systems that scale.