< NULLCON 2025 - GOA />

About the Speaker

GO BACK
img
Vaibhav Lakhani
Cyber Security Consultant Kroll Global Solutions LLP

< Talk Title />

Drawing parallels between iOS and macOS Pentesting with DVMA

< Talk Category />

iOS and macOS Track

< Talk Abstract />

This presentation will explore the unique challenges of securing macOS thick client applications, while drawing on valuable insights from the iOS penetration testing space.

Covering the methodologies and tools relevant to iOS and macOS platforms, focusing on the specific vulnerabilities that macOS applications might encounter. Attendees can expect to learn about:

• macOS secure coding best practices
• Effective reverse engineering techniques
• Automation tools specifically designed for the macOS environment

To support the above objectives, I'll be sharing a macOS intentionally vulnerable thick client application. The aim is to equip beginners, seasoned pentesters and developers with practical insights that can boost their macOS Thick Client application testing skills.

This talk will provide useful takeaways for anyone looking to enhance their understanding of macOS application security.

< Speaker Bio />

Currently working as Consultant in Offensive Security at Kroll, my expertise lies in the realm of cybersecurity, where I specialize in penetration testing. I'm honored to have been recognized among the top 15 Hackers by NCIIPC and have received acknowledgments and bounties from diverse organizations through various Bug Bounty programs. My qualifications include certifications as an Offsec Certified Professional (OSCP), Certified Red Team Operator (CRTO), CREST Registered Penetration Tester (CRT), CREST Practitioner Security Analyst (CPSA), Certified Ethical Hacker (CEH) and an eLearnSecurity Junior Penetration Tester (eJPT)

Beyond my role, I'm also an instructor on Udemy, where I share my cybersecurity knowledge and have delivered informative talks at colleges throughout India, contributing to the broader awareness and understanding of cybersecurity in the educational community. My dedication to this field drives me to continuously expand my knowledge and make a positive impact in the world of cybersecurity.