Ivan Marković
Security consultant and researcher
Long experience in designing and implementation of security solutions, mainly oriented on web, mobile and embedded applications. Author of penetration testing tools, recognized by OWASP organization and BackTrack Linux distribution. Researching work includes discovery of vulnerabilities of numeral applications and services, and for these, author received public apreciations by Microsoft Company.
Intro to IoT Security @ Maker 2018
In today's world of smart devices, we almost never arrive to pay attention to the consequences of sharing our private information and various other information that later transform us into the victims of Cyber attacks. If we want to meet this problem, the first step is to get to know the possible threats and to get acquainted with the tools that will help us in more accurately detecting possible vulnerabilities. This lecture will introduce you to all the threats defined through OWASP projects (Web, Mobile, Cloud, IoT), will discover your hardware (Bus Pirate, Raspberry Pi) and software (Kali Linux, Android) tools that you can use to test your smart devices and through the practical part, it will demonstrate real situations in which you can apply the acquired knowledge.
OWASP Risk Assessment Calculator
Discovering vulnerabilities is important, but being able to estimate the associated risk to the business is just as important. This Risk Rating Calculator is based on OWASP's Risk Rating Methodology.
metaMAMA - MetaData Extractor
I want to show how simple it is to find META data with few lines of code. Also sometimes during pentests you need to make tools because so many limitations and this is the great way to learn some basics.
Useful GDPR resources
The General Data Protection Regulation (GDPR) strengthens the right of individuals in the European Union (EU) to control their personal data and requires organizations to bolster their privacy and data protection measures. It applies to organizations established in the European Union (EU) as well as organizations-wherever they are located-that offer goods and services to the EU or monitor the behavior of individuals in the EU. Enforcement of the regulation begins May 25, 2018. The following questions are meant to assist organizations by identifying technologies and steps that can be implemented to simplify their GDPR compliance efforts.
Laboratory
- Phishing campaign takedown
- Privacy Wars live from Serbia
- Red Flag Fraud Game
- Dodaci za bezbedno surfovanje Internetom
- Risk 2016
- SSL Monitor Web servisa Republike Srbije
- War Game @ Balkan Computer Congress
- Printer Security PIN Hardware Bruteforcer
- WMAT - Web Mail Auth Tool
- DFF (Default files and folders) Scanner
- Http Parameter Contamination
- Overview of Serbian banks security vulnerabilities
- Serbian banks owned by public documents
- Security Researcher Acknowledgments for Microsoft Online Services
- dotCMS Multiple Cross-Site Scripting Vulnerabilities
- Security and Privacy Workshops @ Neutrinos Company
- Hands on web hacking @ BalCCon 2k13
- Demonstration of system exploatation @ BISEC
- OWASP Evening #5
- Privacy on Internet @ Z-Day