Susam Pal

Email Blog GitHub LinkedIn Twitter

Professional Work

Since 2017 Walmart Labs Senior Architect Information Security Development
2016–2017 Oracle Principal Engineer Database Security Development
2008–2015 RSA Principal Engineer RSA NetWitness Development
2005–2008 Infosys Technical Specialist Finacle e-Banking Cryptography

Open Source Work

2019–2019 MinTOTP Author Minimal TOTP generator in Python
2018–2018 Pylava Maintainer Community maintained fork of Pylama, code linter for Python
2018–2019 TeXMe Author Self-rendering Markdown + LaTeX documents
2018–2019 Slimv Contributor Improved support for Screen and tmux (#66), ECL (#87), Clojure 1.5+ (#88), and Clojure on Unix/Linux (#89 and #90)
2018–2018 GitPR Author Reference guide on GitHub fork and pull request workflow
2015–2019 Uncap Author Keyboard remapper to map Caps Lock to Escape
2012–2019 MathBin Author Math pastebin with LaTeX and Markdown support
2010–2017 Vimer Author Vim tool to open files in existing instance of GVim/MacVim
2008–2019 QuickQWERTY Author Touch typing tutor that runs in a web browser
2007–2008 Apache Nutch Contributor Authentication schemes (#559), live recrawl (#601), DoS attack mitigation (#044), and URL filtering (#612)
2007–2008 WASC Script Mapping Contributor Automatic creation a comprehensive list of all XSS attack vectors across major web browsers
2006–2008 OSVDB Contributor Analysis of security advisories

Publications

2010
CGI Script Source Code Disclosure in Apache for Windows
Digit Fast Track to Ethical Hacking, Volume 05, Issue 06A, Jun 2010 (PDF)
2009 RSA SecurBook for VMware View
RSA Security Inc., Dec 2009 (PDF)
2009 RSA SecurBook for Microsoft SharePoint
RSA Security Inc., May 2009 (PDF)

Talks

2019
A Tour of Matplotlib: From Bar Charts to XKCD-Style Plots
PyCon UK 2019, Cardiff City Hall, Cardiff, UK (Video)
2018
From Pylama to Pylava: Building a Community Mantained Fork of Pylama
PyCon UK 2018, Cardiff City Hall, Cardiff, UK (Video)
2006
OWASP Top Ten Security Vulnerabilities
OWASP Meetup, InfyCity, Bangalore, India (Video)

Security Advisories

2007 HomestayFinder XSS in Wikipedia Mirror (FD)
2007 Google Re-authentication Bypass (FD)
2007 Orkut Server Side Session Management Error (FD)
2006 Apache CGI Script Source Code Disclosure (CVE-2006-4110) (BID 19447) (Bugtraq)
2006 Community Architect Guestbook XSS (CVE-2006-2003) (Bugtraq)
2006 SQL Injection in incredibleindia.org (Bugtraq)