deepanshu khanna

malware analysis

digital forensics

incident response

cloud security

Defense Awarded | Author | Offensive and Defensive Security Manager | Public Speaker | DevSecOps | DFIR | Cloud Security | Threat Hunter | CSIRT | CTI

Dynamic cybersecurity leader with over a decade of experience driving enterprise-grade security, designing cloud security architecture, Networks and DevSecOps integration. Proven track record in managing complex end-to-end incident response, and executing high-impact digital forensics, threat hunting, malware analysis, etc. Recognized by the Government of India and Ministry of Home Affairs for outstanding contributions to national cybersecurity. Accomplished author of two books and 18 globally presented research papers, including at DEFCON, ToorCon, and OWASP. Demonstrated success in reducing security incidents by 80% through proactive threat intelligence, strategic planning, and advanced technical execution.

KubePwn (Part-11) - Data Exfiltration and Persistence (complete cluster access)

KubePwn (Part-11) - Data Exfiltration and Persistence (complete cluster access)
KubePwn (Part-10) - Privilege Escalation (container breakout) to Full cluster compromise

KubePwn (Part-10) - Privilege Escalation (container breakout) to Full cluster compromise
KubePwn (Part-9) - Enumerating Linux Capabilities & Identifying Escape Vectors in K8s cluster

KubePwn (Part-9) - Enumerating Linux Capabilities & Identifying Escape Vectors in K8s cluster
KubePwn (Part-8 contd..) - Digging into Privilege Misconfigurations & Escape Vectors in K8s cluster

KubePwn (Part-8 contd..) - Digging into Privilege Misconfigurations & Escape Vectors in K8s cluster
KubePwn (Part-8 contd..) - Digging into Privilege Misconfigurations & Escape Vectors in K8s cluster

KubePwn (Part-8 contd..) - Digging into Privilege Misconfigurations & Escape Vectors in K8s cluster
KubePwn (Part-8) - Digging into Privilege Misconfigurations & Escape Vectors in K8s cluster

KubePwn (Part-8) - Digging into Privilege Misconfigurations & Escape Vectors in K8s cluster
KubePwn (Part-7) - Infiltrating into K8 cluster using Remote Code Execution (RCE)

KubePwn (Part-7) - Infiltrating into K8 cluster using Remote Code Execution (RCE)
KubePwn (Part-6) - Infiltrating into K8 cluster using Server Side Template Injection

KubePwn (Part-6) - Infiltrating into K8 cluster using Server Side Template Injection
KubePwn (Part-5) - Infiltrating into K8 cluster using Malicious FIle Upload

KubePwn (Part-5) - Infiltrating into K8 cluster using Malicious FIle Upload
KubePwn (Part-4) - Infiltrating into K8 cluster using SSRF (Server-Side Request Forgery)

KubePwn (Part-4) - Infiltrating into K8 cluster using SSRF (Server-Side Request Forgery)
KubePwn (Part-3) - Infiltrating into Kubernetes Cluster: Vulnerable App enumeration and exploitation

KubePwn (Part-3) - Infiltrating into Kubernetes Cluster: Vulnerable App enumeration and exploitation
KubePwn (Part-2) - Kubernetes Red and Blue Team Lab Setup Like a Pro with a single click!!

KubePwn (Part-2) - Kubernetes Red and Blue Team Lab Setup Like a Pro with a single click!!
KubePwn - An Ultimate APT-Style Red and Blue Team Lab - Introduction & Lab Setup - from Zero to Hero

KubePwn - An Ultimate APT-Style Red and Blue Team Lab - Introduction & Lab Setup - from Zero to Hero
Malware analysis on Microsoft office documents - Threat Hunting like a pro | DFIR

Malware analysis on Microsoft office documents - Threat Hunting like a pro | DFIR
Automated Kubernetes Forensics: A Practical Threat Hunting Lab for Real-World Investigations

Automated Kubernetes Forensics: A Practical Threat Hunting Lab for Real-World Investigations
Kubernetes Forensics: A Practical Threat Hunting Lab for Real-World Investigations

Kubernetes Forensics: A Practical Threat Hunting Lab for Real-World Investigations
Prompt Injection Exploit on GitHub AI Agents – Live Technical Demonstration

Prompt Injection Exploit on GitHub AI Agents – Live Technical Demonstration
CTI Masterclass Part-II | Automating CTI & hunting APT groups | Automating CTI Lab with Docker

CTI Masterclass Part-II | Automating CTI & hunting APT groups | Automating CTI Lab with Docker
Complete Cyber Threat Intelligence (CTI) Masterclass | Learn and Hunt APT36 espionage group

Complete Cyber Threat Intelligence (CTI) Masterclass | Learn and Hunt APT36 espionage group
🧠 Memory Forensics | Hands-on Ransomware Infected machine | Real-World Memory Analysis like a Pro

🧠 Memory Forensics | Hands-on Ransomware Infected machine | Real-World Memory Analysis like a Pro
Docker forensics - in-depth threat analysis for threat hunters

Docker forensics - in-depth threat analysis for threat hunters
pe32ransomware - an amateur but interesting ransomware that connects over telegram bot | DFIR

pe32ransomware - an amateur but interesting ransomware that connects over telegram bot | DFIR
Emotet - The Malware Kingpin Exposed | Complete DFIR and malware analysis

Emotet - The Malware Kingpin Exposed | Complete DFIR and malware analysis
Designing a Bullet Proof Incident Response (IR) Playbook - Stop Incidents from Becoming Disasters

Designing a Bullet Proof Incident Response (IR) Playbook - Stop Incidents from Becoming Disasters
Medusa ransomware unlocked - complete in depth ransomware analysis and digital forensics

Medusa ransomware unlocked - complete in depth ransomware analysis and digital forensics
Agent Tesla - CVE-2017-0199 - malware analysis

Agent Tesla - CVE-2017-0199 - malware analysis
DarkGate malware - Digital Forensics and Incident Response

DarkGate malware - Digital Forensics and Incident Response
EDR bypass - throwback using direct syscalls with AES encryption

EDR bypass - throwback using direct syscalls with AES encryption
Sock puppets - OSINT and Investigation

Sock puppets - OSINT and Investigation
OSINT & Investigations - Lab Setup like a real investigator

OSINT & Investigations - Lab Setup like a real investigator