Ivan Marković

Security consultant and researcher

Long experience in designing and implementation of security solutions, mainly oriented on web, mobile and embedded applications. Author of penetration testing tools, recognized by OWASP organization and BackTrack Linux distribution. Researching work includes discovery of vulnerabilities of numeral applications and services, and for these, author received public apreciations by Microsoft Company.

Contact via Linkedin or read interesting staff on Twitter.


Makers workshop na ZINC conference: How to use proxy in security testing

This is a starter course for those jumping into the world of web application security. The OWASP Zed Attack Proxy (ZAP) is the product of an open source OWASP community project and it is used by everyone from those starting out in security, to QA testers, and to professional penetration testers alike.

Intro to IoT Security @ Maker 2018

In today's world of smart devices, we almost never arrive to pay attention to the consequences of sharing our private information and various other information that later transform us into the victims of Cyber attacks. If we want to meet this problem, the first step is to get to know the possible threats and to get acquainted with the tools that will help us in more accurately detecting possible vulnerabilities. This lecture will introduce you to all the threats defined through OWASP projects (Web, Mobile, Cloud, IoT), will discover your hardware (Bus Pirate, Raspberry Pi) and software (Kali Linux, Android) tools that you can use to test your smart devices and through the practical part, it will demonstrate real situations in which you can apply the acquired knowledge.

Security and Privacy Workshops @ Neutrinos Company

During year 2015, 2016 and 2017 NGO "Neutrinos Company" organized many Security and Privacy Workshops around Serbia (Kragujevac, Belgrade, Novi Sad). We cover basic themes like: privacy rights, ransomware and tools for protection in cyber world.

Hands on web hacking @ BalCCon 2k13

Balkan Computer Congress is concieved as a gathering of the international hacker community in organization of LUGoNS – Linux Users Group of Novi Sad, in hope of becomming a traditional annual event. The program consits of numerous presentations, workshops and lectures about information, privacy, technology, programming, free software even considering socio-political issues.

Novi Sad, Serbia, year 2013

Demonstration of system exploatation @ BISEC

The aim of the Conference is to strengthen the bonds between economy, public sector and academic circles in the field of information security and communication systems, taking into account current standards and state of the art information and communication technology in practice.

National Bank of Serbia, Belgrade, Serbia, year 2013

OWASP Evening #5

Topic: OWASP Top 10: A4: Insecure Direct Object References, A8: Failure to Restrict URL Access, A9: Insufficient Transport Layer Protection, A10: Unvalidated Redirects and Forwards

Faculty of Electrical Engineering, University of Belgrade, Serbia, year 2013

Privacy on Internet @ Z-Day

“Zeitgeist Day”, or Z-Day for short, is TZM's flagship global event which occurs each year in mid-March and features a main event with prominent Movement speakers and guests from all over the world, while working in solidarity with many other parallel events that occur the same day or weekend.  This gesture is one of global unity towards a sustainable world that works for the planet and everyone one it. 

Kragujevac, Serbia, year 2012

OWASP Evening #1

Topic: OWASP Tools, usage of OWASP tools during web application testing, development of OWASP tool.

Belgrade, Serbia, year 2012

Web security for developers @ Krojac

Web security Open Day at "Krojac" company.

Belgrade, Serbia 2011.

Banks security @ Info Security Day

Arrow Ecc Info security day, Belgrade, Serbia, year 2011

Top Ten Web Hacking Techniques @ RISK

In recent years RISK conference has become one of the leading events on computer security in Adriatic region and is attended by engineering as well as executive staff of companies from the region. Much has changed in the field of security and data protection in recent times. There are popular new technologies in the form of SaaS (Security as a Service) and services in a cloud (cloud computing), green computing, etc..

English language, Maribor, Slovenia, year 2011

E-commerce security @ eTALK

Misija konferencije je da edukuje opštu javnost po pitanju značaja digitalne ekonomije, koja predstavlja okosnicu razvoja digitlanog društva, da poveže zakonsku regulativu u oblasti ICT-a sa praktičnim stranama njene primene i predstavi inovacije i mogućnosti pristupa fondovima EU, kao i izvoznim potencijalima srpske IT industrije.

Subotica, Serbia, year 2010

E-commerce website, search option and security issues @ E-Trgovina

Najveća konferencija o e-trgovini i e-poslovanju u Srbiji namenjena privredi.

Year 2010, Palic, Serbia.

Microsoft MSFORGE

Presentation for MSFORGE group, year 2010, Belgrade, Serbia.

Microsoft Security for Developers

This was training for developers organized by Microsoft. Year 2010, Belgrade Serbia. We cover OWASP Top Ten 2010 RC1.

Attacking Windows and Web Applications @ Microsoft Sinergija

Sinergija is the largest and most influential annual conference in South Eastern Europe dedicated to information – communication technologies and their business application. Although the conference is organized by Microsoft Serbia, it not exclusively related to Microsoft technologies. It has become regional brand and synonym for everything new and relevant in the IT world in general.

I had one presentation about attacks on Windows environments trough Web applications. Year 2010, Belgrade, Serbia.

DevProTalk Forum - Security Day

DevProTalk Security Day / Web application security - Exotic threats was workshop for members of DevProTalk.com forum members. Year 2009, Belgrade Serbia

Hand on Web Hacking @ NSS

This was basic web hacking hands-on trainings on OWASP Webgoat platform. Year 2009, Belgrade, Serbia.

36th International Protection and Safety Fair

36th International Protection and Safety Fair was 2011 in Belgrade, Serbia. I had presentation about banks security and two hands-on trainings. 

B92 Reakcija: Elektronski zlocini

Jedna od retkih emisija na nasim prostorima koja se bavi elektronskim zlocinima, nije previse tehnickog karaktera vec objasnjava neupucenima kakve sve opasnosti vrebaju u digitalnom svetu. Pojavio sam se i ja negde u prici oko SPAM-a ;)

Tehnopolis @ B92

One of the first contributor in security area. Tehnopolis @ B92.

Serbia, year 2006/2007

Golden web mine

Text in magazine about new information era and its security and privacy problems. Serbian language, year 2006.

"Race Condition" and web technology

Awarded text about AJAX race conditions. I won a book about web attacks :) Serbian language, year 2006.