Samandeep Singh
@samanl33t - Hacker with a knack for Adventure
I'm Saman, a security professional with over a decade of experience in offensive security consulting, security research & trainings. More
I'm available for >
Security Assessments
Targeted Vulnerability Research
Custom (Offensive) Security Trainings
About
I'm Saman, a security professional with over a decade of experience in offensive security consulting, security research & trainings.
I am interested in wide range of technical topics ranging from Application security to Reverse Engineering and low-level security research. I have published some security advisories and delivered multiple workshops/trainings across different local and global events. Some of my public work can be found hereI am also the Co-organizer for BSides SingaporeOther than technology and security, I'm also interested and always up for a discussion on following topics:- Travel & Photography
- Adventure Sports
- Philosophy
- Science, Health & longevity
Showcase
Nature & Landscape
Travel & Street
Projects
JadX-xVision-Plugin - Plugin for JadX - Java Decompiler, that allows integration with LLMs for support during reverse engineering
Sikh History AI - LLM + Vector DB powered tool to learn about Sikh History interactively.
Xtreme Vulnerable Web Application (XVWA) co-authored with @s4n7h0
Security Advisories
| Reference | Vulnerability |
|---|---|
| CVE-2021-27224, CVE-2021-27362 | IrfanView WPG.DLL - Denial Of Service / Code Execution |
| CVE-2018-2660, CVE-2018-2661 | Oracle Financial Services Analytical Applications 7.3.5.x / 8.0.x XXE Injection / XSS |
| CVE-2017-1495, CVE-2017-1468, CVE-2017-1383, CVE-2017-146 | IBM Infosphere Information Server / Datastage 11.5 - Command Execution / Bypass |
| - | RSA Enterprise Compromise Assessment Tool (ECAT) 4.1.0.1 - XXE Injection |
| OSVDB-ID: 118128 | MooPlayer 1.3.0 – ‘m3u’ SEH Buffer Overflow Crash POC |
| OSVDB-ID: 110445, 110446, 110447 | Air Transfer iPhone 1.3.9 - Multiple Vulnerabilities |
| OSVDB-ID: 107243 | Binatone DT 850W Wireless Router - Multiple vulnerabilities |
| EDB-ID:30361 | Beetel TC1-450 Wireless Router - Multiple vulnerabilities |
| OSVDB-ID:100355,100356,100357 | TPLINK WR740N Wireless Router - Multiple vulnerabilities |
Talks & Workshops
| Event | Topic |
|---|---|
| Disobey 2023 - Finland | Smart Contract Bug Hunting 101 – Ethereum Edition |
| STANDCON 2022 - Singapore | Linux x86_64 Reverse Engineering for Beginners |
| Null Chapter 2020 (January) - Chandigarh | Gibson 101 – Quick Introduction to hacking Mainframes in 2020 |
| DevSecCon 2019 - Singapore | Burp Suite Extension Development with @s4n7h0 |
| Null Chapter 2014 (November) - Chandigarh | ASP .NET Secure Coding – Attacks & Defenses |
| Null Chapter 2014 (October) - Chandigarh | XSS & SQLi – Steal & Pwn |
OR
Drop me a message