Explore Project Dusseldorf, a versatile out-of-band application security platform, in this 39-minute conference talk from Nullcon Goa 2025. Learn how this internal Microsoft tool helps red teams and application security teams detect vulnerabilities like SSRF, XXE, SSTI, XSS, and even generic RCEs. Discover how the platform catches and analyzes network requests while using a built-in rule engine to craft automated responses with predefined payloads. The speaker announces the open-sourcing of this tool and demonstrates how to leverage it for finding vulnerabilities in your targets at cloud scale.