Tejeswara Sunkugari
Security Researcher
SquareX
Tejeswar Reddy is a security researcher at SquareX, CSE graduate of the prestigious IIT, he has developed adversarial simulation toolkits that recreate sophisticated browser-based attacks--from social engineering to phishing and malicious extensions.
Speaker sessions
Copycat - Identity Stealer Extension
Modern enterprises face escalating threats from sophisticated browser-based identity attacks that operate within legitimate authenticated sessions, bypassing traditional security controls like EDRs, SASE, and firewalls. This hands-on session equips blue team defenders with practical experience defending against ten real-world browser-based identity attack vectors using the open-source "Copycat" identity attack simulator extension.
- 13:00
- Thu
- 04 Dec
Stage:
Arsenal 1
Sessions Type:
Demo
Angry Magpie: DLP Bypass Simulator
This session demonstrates critical vulnerabilities in enterprise Data Loss Prevention (DLP) systems through Angry Magpie, an open-source toolkit that exposes how attackers can bypass endpoint DLP solutions using browser-based techniques. We'll explore the fundamental architectural limitations of current DLP implementations, which fail to provide adequate protection in browser environments. The presentation will showcase four primary "Data Splicing" attack techniques: data sharding, ciphering, transcoding, and channel smuggling. Through live demonstrations against leading DLP solutions, attendees will witness how easily these protections can be circumvented and learn practical countermeasures for strengthening their organization's data security posture.
- 16:20
- Thu
- 04 Dec
Stage:
Arsenal 1
Sessions Type:
Demo