The speaker’s profile picture
Aaron Kaplan

Aaron likes to be at the forefront of tech developments because he feels it's important to understand trends and tech on a deep level in order to anticipate changes and form and guide them into a positive direction which serves humanity. Less dystopia, more positive utopia, please.
In a past life, he was working at the national CERT of Austria, CERT.at. He was doing mesh networks, and medical AI.

  • NeuroCTI - a custom LLM for CTI - benchmarking, successes, failures and lessons learned (updates)
The speaker’s profile picture
Adel Karimi

Adel Karimi is a senior security engineer with a keen interest in threat detection, honeypots, and network traffic fingerprinting. He recently joined a “chatbot startup” after a decade of working on detection and response at companies such as Google, Salesforce, and Niantic. Adel is passionate about developing open-source projects like Galah and Venator, and in his free time, he enjoys capturing stunning images of the night sky.

  • Decoding Galah: an LLM powered web honeypot
The speaker’s profile picture
Aleksandr Pilgun

Aleksandr Pilgun is an independent Computer Scientist specialising on Android apps reverse engineering.

Initially, Aleksandr has got Cyber Security education. He had an intense Software Engineering experience building enterprise level web solutions before moving to Luxembourg for PhD studies.

In 2020, Aleksandr defended his doctoral thesis at the University of Luxembourg. During this research, he developed ACVTool, - an efficient instruction coverage measurement tool, and the coverage-backed shrinking technique for Android apps. He repackaged and run tons of Android apps and performed an extensive analysis for the instrumentation technique from size, performance and automated testing perspective. Aleksandr continues development of ACVTool searching to emerge his academic project closer to industry needs.

In recent years, Aleksandr was focusing on examining Android apps including technical analysis of fraudulent applications and reverse engineering. He assisted a few FinTech startups to improve their service interoperability through reverse engineering. Last year, Aleksandr moved to Portugal to enjoy sunny days and ocean views around Lisbon.

  • Reverse engineering Android apps with ACVTool
The speaker’s profile picture
Alexandre Dulaunoy

Enjoy when human are using machines in unexpected ways. I break stuff and I do stuff.

  • Empowering Cybersecurity Outreach and Learning through Collaborative Challenge Building, Sharing, and Execution
The speaker’s profile picture
Al Mochkin

Entrepreneur and Philanthropist Pioneering Global Computer Literacy and Privacy Advocacy

  • Pentests using LLMs
The speaker’s profile picture
Amine Besson

I am a contractor dedicated to developing advanced Detection and Response Systems, Detection Engineering, Threat Intelligence and Hunting, SIEM/SOAR/EDR/CDR/XDR Systems Engineering and generally everything SOC Automation related. Currently maintaining the OpenTIDE project which condenses years of lessons learned on the floor of SOCs (Internal and Managed) into a streamlined Detection Engineering ecosystem for technical teams. My latest interest lie in the junction between Detection and Response Engineering, especially developing large scale signal and entity aggregation systems.

  • Unleashing the power of purple teaming with OpenTIDE
The speaker’s profile picture
Ange Albertini

A reverse engineer since the 80s who started his Infosec career as a malware analyst decades ago.

His wide knowledge of file formats is available in his hundreds of Corkami posters and visualisations, and is essential for projects like Magika, the AI-powered file type detection at Google.
His passion for retrocomputing and funky files makes him explore the darkest corners of the files' landscape:
bypassing security with ancient techniques, analyzing parsers and breaking them with extreme files, writing tools to evade detections via mock files or polyglots such as PoC||GTFO, exploiting AES-GCM via crypto-polyglots or colliding SHA1 via Shattered.

  • Understanding file type identifiers
The speaker’s profile picture
Ankshita Maunthrooa

Ankshita is currently working as a security engineer and has previously worked as a cybersecurity consultant in the paradise island of Mauritius, helping the biggest firms around the world implement strategic cybersecurity best practices and comply with the required standards. Before joining consultancy, she has worked in cybersecurity for approximately two years as a SOC analyst.

Ankshita has presented her cyber blue teaming skills at Apres Trainings in Park City, Utah and at Developer and Google Devfest Mauritius. She recently also spoke about redefining DevSecOps at the Apres Cyber Trainings and at the Devcon24 Mauritius.

Coming from a diverse background in Information Technology, Ankshita is familiar with development and programming in Java, Python, Javascript and Solidity.

During university years, Ankshita has also represented the Google Developers Student Clubs on her campus at the University of Mauritius and was Huawei Campus Ambassador.

  • Dissecting the Threat: A Practical Approach to Reverse Engineering Malicious Code for Beginners
The speaker’s profile picture
Aurelien Thirion

As a seasoned dark web connoisseur and lead developer of the AIL project,
Aurélien enjoys exploring the complexities of the internet and analyzing it.
He is also a software engineer and analyst at CIRCL.

  • AIL Project: Secrets in Squares - QR Codes
The speaker’s profile picture
Aurimas Rudinskis

Aurimas Rudinskis is an Engineering Manager who leads the Vinted Cyber Defence team. He focuses on Threat Intelligence, security operations, and detection engineering that can automate and scale detection capabilities. Aurimas specializes in advanced threat-hunting techniques and human-driven cyber operations.

He firmly believes that cyber security is a community, and we can only succeed by helping and learning from one another.

  • Scam as a Service powered by Telegram
  • Catching Phish Using Publicly Accessible Information
The speaker’s profile picture
Axelle Apvrille
  • Reversing Flutter with Blutter and Radare2
The speaker’s profile picture
Balazs Bucsay

Balazs Bucsay is the founder & CEO of Mantra Information Security that offers a variety of consultancy services in the field of IT Security. With decades of offensive security experience, he is focusing his time mainly on research in various fields including red teaming, reverse engineering, embedded devices, firmware emulation and cloud. He gave multiple talks around the globe (Singapore, London, Melbourne, Honolulu) on different advanced topics and released several tools and papers about the latest techniques. He has multiple certifications (OSCE, OSCP, OSWP) related to penetration testing, exploit writing and other low-level topics and degrees in Mathematics and Computer Science. Balazs thinks that sharing knowledge is one of the most important things, so he always shares it with his peers. Because of his passion for technology, he starts the second shift right after work to do some research to find new vulnerabilities.

  • Defeating Encryption By Using Unicorn Engine
The speaker’s profile picture
Benjamin Bannier

Benjamin works as a Senior Open Source Developer at Corelight where he spends most of his time maintaining and evolving Spicy and its integration into the Zeek ecosystem. He previously worked on containerization and workload orchestration with Apache Mesos, and distributed columnar data stores. He holds a PhD in Physics from Stony Brook University.

  • Spicy — Generating Robust Parsers for Protocols & File Formats
The speaker’s profile picture
Cédric Bonhomme

Computer security expert, pianist, runner, photographer, thinker, and intellectual (non-practicing).
Cédric Bonhomme is a computer scientist, intensely interested in computer security and privacy.
From 2010 to 2017, he served as an R&D Engineer at a public research center, focusing on Multi-Agent Systems and Cybersecurity.
Since 2017, he has been part of CIRCL, where he contributes to CSIRT activities and open-source software projects.

  • Vulnerability Lookup
The speaker’s profile picture
Chris Horsley

Chris Horsley is the CTO and co-founder at Cosive, a consultancy specialising in cyber threat intelligence and security operations. At Cosive, Chris leads the company's threat intelligence sharing and MISP initiatives and is a frequent speaker and trainer at industry conferences and meetups on these topics. Prior to co-founding Cosive, Chris spent many years in the international CSIRT community including working as an incident responder for both AusCERT and JPCERT/CC, the Japanese national CSIRT.

  • Running circles around threat actor tooling using Javascript data visualisation
The speaker’s profile picture
Christian Kreibich

Christian is the technical lead of the Zeek project, and an engineer at Corelight. He previously spent 5 years heading the networking group at Lastline, and prior to that spent 5 years as a research scientist at the International Computer Science Institute in Berkeley. He has served on the advisory board of the Open Information Security Foundation, and holds a PhD from the University of Cambridge's Systems Research Group. He still rides skateboards, which recently earned him a busted rotator cuff.

  • New features in the Zeek Network Monitor
The speaker’s profile picture
Christophe Vandeplas

Beyond his role as a cybersecurity consultant, Christophe actively serves as a Belgian Cyber Reservist and contributes significantly to open-source projects. He is the founder of the MISP Threat Sharing Platform. His contributions to the community also include the creation of MISP-maltego and pystemon, the development of the sysdiagnose framework, as well as his previous involvement in organizing the FOSDEM conference.
When not immersed in the world of cybersecurity, Christophe enjoys outdoor pursuits such as hiking, climbing, mountaineering, and sailing, finding solace in the beauty of nature.

  • iOS Compromise Detection using open source tools
The speaker’s profile picture
Claire Vacherot

Claire Vacherot is a pentester and researcher at Orange Cyberdefense France. She likes to test systems and devices that interact with the real world and her activity consists in switching between penetration testing industrial systems and playing with industrial network protocols. Sometimes, she also speaks about all of this at conferences such as GreHack, Defcon or Pass the Salt. As a former software developer, she never misses a chance to write scripts and tools.

  • Trying Gateway Bugs: Breaking industrial protocol translation devices before the research begins
The speaker’s profile picture
Claus Cramon Houmann

Infosec Librarian.

  • A quick monologue on global inefficiency
The speaker’s profile picture
cocomelonc

Cybersecurity enthusiast, author, speaker and mathematician. Author of popular books:
MD MZ Malware Development book (2022)
MALWILD: Malware in the Wild book (2023)
Author and tech reviewer at Packt
Author of Malware Development for Ethical Hackers book by Packt (2024)
Co founder of MSSP Research LAB, author of many cybersecurity blogs, HVCK magazine
Malpedia contributor
Speaker at BlackHat, DEFCON, Security BSides, Arab Security Conference, Hack.lu, Standoff, etc conferences

  • Malware and Hunting for Persistence: How Adversaries Exploit Your Windows?
  • Malware Development and Persistence
The speaker’s profile picture
Cruciani David

Security researcher at CIRCL since 2021.
The one that make jokes on Alexandre age.

  • Flowintel - flow your management
The speaker’s profile picture
David Durvaux

David Durvaux is active in the incident response field for more than a decade. He has work on many IT security incidents and especially on computer forensics aspects. Since 2015 he is actively preparing the FIRST CTF. David presented in numerous conferences including hack.lu.

  • Empowering Cybersecurity Outreach and Learning through Collaborative Challenge Building, Sharing, and Execution
  • iOS Compromise Detection using open source tools
  • Making IOT great again
The speaker’s profile picture
David Szili

David Szili is a principal consultant at Alzette Information Security, an information security consulting company based in Europe. He has more than ten years of professional experience in various areas like penetration testing, red teaming, security monitoring, security architecture design, incident response, digital forensics, and software development. David has two master's degrees, one in computer engineering and one in networks and telecommunication, and he has a bachelor's degree in electrical engineering. He holds several IT security certifications, such as GSE, GSEC, GCFE, GCED, GCIA, GCIH, GCFR, GMON, GCTD, GCDA, GPEN, GNFA, GPYC, GMOB, GMLE, GAWN, CCSK, OSCP, OSWP, CAWASP, CRTP, BTL1, and CEH.
He is also a certified instructor at SANS Institute, teaching FOR572: Advanced Network Forensics and FOR509: Enterprise Cloud Forensics and Incident Response, and he is the lead author of SANS DFIR NetWars. David regularly speaks at international conferences like BruCON, Hack.lu, Hacktivity, x33fcon, Nuit du Hack, BSides London, BSides Munich, BSides Stuttgart, BSidesLjubljana, BSidesBUD, BSides Luxembourg, Pass the SALT, Black Alps, Security Session, Future Soldier, SANS @Night Talks, Meetups, and he is a former member of the organizer team of the Security BSides Luxembourg conference.

  • Zeek and Destroy with Python and Machine Learning Workshop (Part 2/2)
  • Zeek and Destroy with Python and Machine Learning Workshop (Part 1/2)
The speaker’s profile picture
Deborah Servili

The female quota of the CIRCL team, and part-time Human IoC Parser

  • Sharing IoC - Wrong Answers Only
The speaker’s profile picture
Didier Barzin

Hi there, I'm Didier, a technology and information security enthusiast. I started my career as an information security Ninja, defending information systems against cyber threats using my Jedi skills. However, I also have another side to me that comes out at night, that of a benevolent hacker. I love using my skills to support the values of open source and firmly believe in them.

I believe that technology can be used to improve people's lives, but this can only be done if we work together and share our knowledge. That's why I'm also a strong advocate of collaboration and openness in the tech industry.

May the source code be with you!

  • Mercator - Mapping the information system
The speaker’s profile picture
Didier Stevens

Didier Stevens (SANS ISC Handler, ...) is a Senior Analyst working at NVISO. Didier has developed and published more than 100 tools, several of them popular in the security community.You can find his open source security tools on his IT security related blog http://blog.DidierStevens.com

  • CSIRT and the Chocolate Factory
  • XOR Cryptanalysis
The speaker’s profile picture
Dimitrios Valsamaras

Dimitrios is a cybersecurity professional specializing in mobile, web, and network penetration testing. He holds a degree in Computer Science with a focus on Cryptography and Security and has collaborated with top companies such as Microsoft and Google. A frequent speaker at prominent security conferences, he is passionate about reverse engineering and was a member of one of Greece's pioneering reverse engineering research groups.

  • Keys to the City: The Dark Trade-Off Between Revenue and Privacy in Monetizing SDKs
The speaker’s profile picture
Dominiek Madou
  • The Heist: get your hands on the goods!
  • The Heist: get your hands on the goods!
  • The Heist: get your hands on the goods!
  • The Heist: get your hands on the goods!
  • The Heist: get your hands on the goods!
  • The Heist: get your hands on the goods!
  • The Heist: get your hands on the goods!
  • The Heist: get your hands on the goods!
The speaker’s profile picture
Efstratios Chatzoglou

Efstratios Chatzoglou received the M.Sc. degree in Security of Information and Communication Systems from the University of the Aegean, Samos, Greece. He has worked for more than 3 years in the field of cybersecurity. Currently, he is a Penetration Tester with Memorandum, and a PhD candidate at the University of the Aegean. He has identified more than 25 different CVE IDs from well-known vendors, like ASUS, MediaTek, Netgear, Huawei, LiteSpeed, etc. The most recent one is the CVE-2023-23349 from Kaspersky. He has published more than 15 research papers in well-known conferences and academic journals.

  • I Need Access: Exploit Password Management Software To Obtain Credential From Memory
The speaker’s profile picture
Eloïse Brocas

Eloïse Brocas is a security researcher and reverse engineer at Quarkslab She has a strong interest in creating tooling that support security analysts in their day-to-day tasks, some of these tools have been open-sourced like Pyrrha.

  • Exploring Firmwares: Tools and Techniques for (New) Cartographers
The speaker’s profile picture
Eric Leblond

Éric Leblond is the co-founder and chief technology officer (CTO) of Stamus Networks and a member of the board of directors at Open Network Security Foundation (OISF). Éric has more than 15 years of experience as co-founder and technologist of cybersecurity software companies and is an active member of the security and open-source communities. He has worked on the development of Suricata – the open-source network threat detection engine – since 2009 and is part of the Netfilter Core team, responsible for the Linux kernel's firewall layer. Eric is also the lead developer of the Suricata Language Server, a real-time syntax checking and autocomplete app for Suricata rule writers. Eric is a well-respected expert and speaker on network security.

  • From protocol analysis to actionable algorithmic and signature detection with Suricata
The speaker’s profile picture
Estelle

Estelle is a Threat Intelligence Researcher at Flare. Having recently completed a master at University of Montreal, she is a criminology student who lost her way into cybercrime. Now she is playing with lines of codes to help computers make sense of the cyber threat landscape.

  • The Ouroboros of Cybercrime: Witnessing Threat Actors go from Pwn to Pwn'd
The speaker’s profile picture
Eva Szilagyi

Eva Szilagyi is a principal consultant at Alzette Information Security, an information security consulting company based in Europe. She has more than ten years of professional experience in various areas like penetration testing, security source code review, vulnerability management, digital forensics, IT auditing, telecommunication networks, and security research. Eva has two master's degrees in electrical engineering and in networks and telecommunication. She holds several IT security certifications, such as GSEC, GICSP, GCFE, GCIH, GCFA, GMON, GRID, GSSP-JAVA, GWAPT, GDSA, GCDA, GMOB, GMLE, CDP, CCSK, eCIR, eWPT, and eJPT.
Eva regularly speaks at international conferences like BruCON, Hack.lu, Nuit du Hack, Hacktivity, Black Alps, BlackHoodie, BSides London, BSides Munich, BSidesBUD, BSides Stuttgart, Pass the SALT, Security Session, SANS @Night Talks, and she is a former member of the organizer team of the Security BSides Luxembourg conference.

  • Zeek and Destroy with Python and Machine Learning Workshop (Part 2/2)
  • Zeek and Destroy with Python and Machine Learning Workshop (Part 1/2)
The speaker’s profile picture
fukami

fukami works for the OpenSSF in Brussels and supports public, private and community partners to make technology more secure.

  • How I Learned to Stop Worrying and Love the NLF
The speaker’s profile picture
Golo Mühr

Golo is a malware reverse engineer and threat researcher with IBM X-Force, where he spends his time digging into the dark arts of cybercrime. With a passion for tracking threats he's developed expertise in analyzing and reporting on a wide variety of maliciousness, ranging from banking trojans and botnets to high-profile ransomware and nation state actors. He is dedicated to sharing his research to help others stay ahead of emerging threats.

  • APT28: Following bear tracks back to the cave
The speaker’s profile picture
Guillaume Ginis

I'm an engineer in electronics.
I worked for multiple years in the railway domain, mainly ensuring safety.
I then changed to the defense domain where I switched from safety to cybersecurity and as I wanted to develop my skills and go further on that topic, I finally joined a research center in Belgium as senior researcher.
I'm now working on multiple project with a focus on red teaming and how to make it easier.

  • Cyrus - The story of no cloud
The speaker’s profile picture
Hilko Bengen

Hilko works in the CSIRT for a transportation and logistics company. He feels most comfortable when thinking about problems that touch systems programming, operations and IT security. For more than 25 years, he has learned to take free and open source software for granted, and he is still amazed when he hears how others have found his contributions useful.

  • Detection And Response for Linux without EDR
The speaker’s profile picture
hoseok Lee

The team leader of EQST Lab in SK Shieldus,
Executive Manager of the Ransomware Response Center (KARA-Korean Anti Ransomware Alliance)

  • Researching on new vulnerabilities and Identifying of Cybersecurity Trends
  • Managing Cybersecurity Consulting Projects
  • Delivered Various presentations on attack threats and ransomware trends
  • https://x.com/EQSTLab
  • https://www.skshieldus.com/eng/business/insight.do
  • Chrome V8 exploitation training for beginners
The speaker’s profile picture
Hugo Bertin

Hugo Bertin is a Visiting Student in the SeRBER research group at KAUST, Saudi Arabia. He got his master degree in CS from the University of Rennes, France. During this degree he realised different internships at the IRISA research lab, in France, where he could work on isolation units in the cloud under the supervision of Prof. David Bromberg and Ass. Prof. Djob Mvondo. He also studied software engineering and cyber-security as an exchange student at Newcastle University, UK.

He is interested in the network and system aspects inherent to distributed systems, which often involve a trade-off between security and performance. He is currently working on EGaming Security under the supervision of Prof. Marc Dacier and Prof. David Bromberg. The research project aims to investigate the security aspects leveraged by the gaming industry, which has experienced unprecedented growth and is expected to continue to shape tomorrow's virtual worlds. This comes with new challenges to enhance security, mainly to prevent cheating. From a technical point of view, Hugo is investigating synchronization and security mechanisms in game engines such as Unreal Engine.

  • Disconnecting games with a single packet: an Unreal untold story
The speaker’s profile picture
Inbar Raz

Inbar has been teaching and lecturing about Internet Security and Reverse Engineering for nearly as long as he has been doing that himself. He started programming at the age of 9 and Reverse Engineering at the age of 14. He spent most of his career in the Internet and Data Security field, and the only reason he's not in jail right now is because he chose the right side of the law at an early age.

Inbar specializes in an outside-the-box approach to analyzing security and finding vulnerabilities, using his extensive experience of close to 30 years. Nowadays, Inbar is the VP of Research at Zenity, the leading platform for securing and monitoring Low-Code/No-Code development.

  • The good, the bad, and the ugly: Microsoft Copilot
The speaker’s profile picture
Jacob Torrey

Jacob is the Head of Labs at Thinkst Applied Research. Prior to that he managed the HW/FW/VMM security team at AWS, and was a Program Manager at DARPA's Information Innovation Office (I2O). At DARPA he managed a cyber security R&D portfolio including the Configuration Security, Transparent Computing, and Cyber Fault-tolerant Attack Recovery programs. Starting his career at Assured Information Security, he led the Computer Architectures group performing bespoke research into low-level systems security and programming languages. Jacob has been a speaker and keynote at conferences around the world, from BlackHat USA, to SysCan, to TROOPERS and many more.

  • From 0 to millions: Protecting against AitM phishing at scale
The speaker’s profile picture
James Atack

James worked in systems and networks for a decade before finally succumbing to the destiny of nominative determinism. After briefly flirting with pentesting he got a job as a security architect in the financial sector. He then became Head of the CERT team for a number of years but his hair had already fallen out at that point. He joined ONYPHE in 2023 as Deputy CTO and now dreams in Perl.

  • The XE Files - Trust No Router
The speaker’s profile picture
James Garratt

James Garratt is a Senior Security Consultant at Cosive, with over 20 years of experience spanning IT operations, software engineering, and security. Based in Melbourne, Australia, he specializes in cloud engineering and security, providing expert consulting to enhance organizations' infrastructure. Prior to joining Cosive, James held technical leadership roles at Connexity, Inc. and Experian, where he led engineering teams in deploying scalable, cloud-native solutions. His broad expertise across IT operations, systems administration, software development, and security makes him a versatile professional in the evolving field of cybersecurity.

  • MISP Kickstart
The speaker’s profile picture
Jeroen Pinoy

I am a computer scientist with a background in software testing (automation), incident handling and threat intelligence sharing.

  • Nothing to see here! On the awareness of and preparedness and defenses against cloaking malicious web content delivery
The speaker’s profile picture
Jindrich Karasek

Jindřich is a Senior Cyber Threat Researcher. His research work focuses on the domains of cognitive warfare, cyber espionage, and cyber threat intelligence. You might also recognise him as the security data scientist known as 4n6strider.

  • The Web of cognitive warfare
The speaker’s profile picture
Joon Kim

About Author

Joon Kim is the founder and CEO of Naru Security Inc. He is also an adjunct professor at SungKyunKwan University, teaching network security. He graduated from the University of Alberta in Canada, majoring in Computer Engineering. Joon Kim started his career at the Korea Internet and Security Agency as a Security Incident Responder at the national CERT/CC. Additionally, he has been a national joint incident response team member and has served as a cyber security advisor for the Korea Cyber Command and the National Police Agency. Joon Kim's contributions to the cyber security industry and governments have been recognized with several awards, including the 2008 FIRST Best Practice award, the 2018 Cyber Safety Award from the National Police Agency, the 2019 Ministry of Commerce Industry and Energy Minister's Commendation, and the 2019 and 2022 Army Chief of Staff Award.

  • Open source Intelligence and Command line based BGP Hijacking Detection
The speaker’s profile picture
Julien

Julien Terriac a French senior security researcher with a strong background of pentesting with a special taste for Windows authentication, Active Directory inner working and reverse engineering. He developed several offensive tools to automate such as ProtonPack (custom mimikatz), Lycos (share hunter), ExploitPack (privilege escalation framework), IAMBuster (AD auditing framework).

He led the R&D department at XMCO for 5 years before joining Datadog as the Team Lead for Adversary Simulation Engineering (ASE) where his team aims at building offensive tools and frameworks that will automate the simulation of real life attacks against Datadog.

  • Hands-on Kubernetes security with KubeHound (purple teaming)
  • Hands-on Kubernetes security with KubeHound (purple teaming)
  • KubeHound: Identifying attack paths in Kubernetes clusters at scale with no hustle
The speaker’s profile picture
Koen Van Impe

Threat intelligence. Incident response. Security operations.

  • MISP playbooks, Proving the Value of Cyber Threat Intelligence and ICS-CSIRT.io
The speaker’s profile picture
Krzysztof Zając

Senior Threat Analysis Specialist at CERT PL, currently working on automated vulnerability discovery techniques. Before becoming a security specialist, he's been a software engineer for more than ten years. Teaches offensive security at the University of Warsaw. Formerly a CTF player, playing with the p4 CTF team. Likes cats and bad puns.

  • Artemis: how CERT PL improves the security of the Polish internet
  • Scanning with the Artemis security scanner
The speaker’s profile picture
Lorenzo Nicolodi

I am a passionate cybersecurity researcher who has spent the last 18 years learning and sharing as much as possible about this fascinating field.

During these years, I have been fortunate enough to work on multiple aspects of the cybersecurity world, including digital forensics, incident response, cryptography, penetration testing, reverse engineering, research and development, and threat intelligence.

  • Lucky leaks: 400+ mln files are worth a thousand words
  • Cryptography: from zero to dont-shoot-yourself-in-the-foot
The speaker’s profile picture
Lukáš Kršek

Lukáš Kršek is the country manager for the AMER region, focusing on business development and sales in that area. He uses both his economics background as well as love for travelling and studying cultures to seek and connect people around the world.

  • Future of websites without DDoS
The speaker’s profile picture
Lukas Vytautas Dagilis

Lukas V. Dagilis is a professionally trained artist, turned Cyber Security expert. At NRD Cyber Security, he works as a Technical Product Manager at the CyberSOC department - the largest MSSP in Lithuania. His job functions include continuous process improvement, data engineering and analysis, JIRA owner, EU-funded CTI project manager, CTI program lead, and more.

  • You just got a CTI program funded - now what?
The speaker’s profile picture
Marc Durvaux

Marc spent his career in the R&D for telecommunication and space systems (mobile networks, optical communications, xDSL...) while working for major companies such as Alcatel and Philips. He held different R&D management positions and retired as CTO of Thales-Alenia Space Belgium. Since them, he is very busy as a volunteer but keeps some free time to tinker with sensors, signal processing and IoT. He is also an expert for EU's European Innovation Council. Marc is graduated in physics from UCLouvain and holds a PhD in electronics and telecommunication from INP Grenoble. He is author or co-author of several patents.

  • Making IOT great again
The speaker’s profile picture
Mathieu LE CLEACH

Mathieu is a member of CERT-EU's Digital Forensics and Incident Response team. He has two hats: respond to security incidents, including significant ones, and engineer CERT-EU's detection strategy. He was a speaker at the 36th Annual FIRST Conference.

  • A New (free) Internet Listener in Town
  • Sigma Unleashed: A Realistic Implementation
The speaker’s profile picture
Michael Hamm

Michael Hamm has worked for more than 10 years as Ingénieur-Sécurité in the field of classical Computer and Network Security (Firewall, VPN, AntiVirus) at the research center “CRP Henri Tudor” in Luxembourg. Since 2010, he has been working as an operator and analyst at CIRCL – Computer Incident Response Center Luxembourg where he is working on forensic examinations and incident response

  • Luks Full Disk Encryption Upside-Down
The speaker’s profile picture
Miguel

Miguel Hernández, Sr. Threat Research Engineer at Sysdig, is a lifelong learner with a passion for innovation. Over the past decade, Miguel has honed his expertise in security research, leaving his mark at prominent tech companies and fostering a spirit of collaboration through personal open-source initiatives. Miguel has been a featured speaker at cybersecurity conferences such as HITB, HIP, CCN-CERT, RootedCon, TheStandoff, Bsides Barcelona, and Codemotion, among others.

  • Insights from Modern Botnets
The speaker’s profile picture
Mihai Carabas

Mihai Carabas is a profesor at University POLITEHNICA Bucharest in the area of systems, networking, grid and cloud computing. He is leading the national QKD project RoNaQCI part or EuroQCI which is architecting and building the national QKD network together with advanced use-cases and trainings.

  • QKD - is it worth it?
The speaker’s profile picture
Nicol Dankova

CyberBattleground Warchief @ Henkel & Desperate Coffee Drinker @ Tomas Bata University in Zlin

  • How much time we had for IPv6 preparation?
The speaker’s profile picture
Paul Gerste

Paul Gerste (@pspaul95, @pspaul@infosec.exchange) is a vulnerability researcher on Sonar's R&D team. He has a proven talent for finding security issues, demonstrated by his two successful Pwn2Own participations and discoveries in popular applications like Proton Mail, Visual Studio Code, and Rocket.Chat. When Paul is not at work, he enjoys playing CTFs with team FluxFingers and organizing Hack.lu CTF.

  • SQL Injection Isn't Dead: Smuggling Queries at the Protocol Level
The speaker’s profile picture
Pauline Bourmeau (Cookie)

Pauline's focus gravitates towards offensive cybersecurity, artificial intelligence, and programming culture. She has a background with experience in various fields including linguistics, criminology, cybersecurity, computer engineering, and education. By blending together approaches from humanities and deep technical insight, she provides a unique lens on cyber threats and their evolution. She provides these days AI developments and trainings, to make AI accessible to all. She is the founder of the Defcon group Paris and a French vice-champion para-climber.

  • Learn anything - reload
  • Using LLM locally
  • NLP deep-dive: Transformers for Text Mining and Text Generation in Cybersecurity
The speaker’s profile picture
Pedro Umbelino

Pedro Umbelino currently holds the position of Principal Research Scientist at Bitsight Technologies and brings over a decade of experience in dedicated security research.
⁤His eclectic curiosity has led to the uncovering of vulnerabilities spanning a gamut of technologies, highlighting critical issues in multiple devices and software, ranging from your everyday smartphone to household smart vacuums, from the intricacies of HTTP servers to the nuances of NFC radio frequencies, from vehicle GPS trackers to protocol-level denial of service attacks.
Pedro is committed to advancing cybersecurity knowledge and has shared his findings at prominent conferences, including Bsides Lisbon, DEF CON, Hack.lu and RSA.

  • Blowing up Gas Stations for fun and profit
The speaker’s profile picture
Peter Manev

Peter Manev is the co-founder and chief strategy officer (CSO) of Stamus Networks and a member of the executive team at Open Information Security Foundation (OISF). Peter has over 15 years of experience in the IT industry, including enterprise-level IT security practice. He is a passionate user, developer, and explorer of innovative open-source security software. He is responsible for training as well as quality assurance and testing on the development team of Suricata – the open-source threat detection engine. Peter is also the lead developer of SELKS, the popular turnkey open-source implementation of Suricata. Peter is a regular speaker and educator on open-source security, threat hunting, and network security.

Peter has been involved with Suricata IDS/IPS/NSM from its very early days in 2009 as QA and training lead. He is currently a Suricata executive council member. Peter has 15 years of experience in the IT industry, including as an enterprise-level IT security practitioner.

SELKS maintainer - turn-key Suricata-based IDS/IPS/NSM. A frequent contributor to and user of innovative open source security software, Peter maintains several online repositories for Suricata-related information: https://github.com/pevma , https://github.com/orgs/StamusNetworks/repositories and https://twitter.com/pevma.

Peter Manev is a co-author of the The Security Analyst’s Guide to Suricata book written with Eric Leblond.

Additionally, Peter is one of the founders of Stamus Networks, a company providing commercial and open-source network detection and response solutions based on Suricata. Peter often engages in private or public training events in the area of advanced deployment and threat hunting at conferences, workshops or live-fire cyber exercises such as Crossed Swords, Locked Shields, DeepSec, Troopers, DefCon, Suricon, SharkFest, RSA, Flocon, MIT Lincoln Lab and others

  • From protocol analysis to actionable algorithmic and signature detection with Suricata
The speaker’s profile picture
Philippe Caturegli

Philippe has over 20 years of experience in Information Security. Prior to founding Seralys, Philippe was a Senior Manager within the Information & Technology Risk practice at Deloitte Luxembourg where he led a team in charge of Security & Privacy engagements. In his previous work experience, Philippe held several roles within the information system security department of a global pharmaceutical company in London. While working with a heterogeneous network of over 100,000 users across the world and strict regulatory requirements, Philippe gained hands-on experience with various security technologies (VPN, Network and Application Firewalls, IDS, IPS, Host Intrusion Prevention, etc.).

  • Internal Domain Name Collision 2.0
The speaker’s profile picture
Quentin JEROME

Writing Open-Source software at CIRCL

  • Latest Updates on Kunai
The speaker’s profile picture
Raphaël Vinot

Formerly member of CIRCL, I moved to France but didn't go that far in spirit as I'm still part of the developers and maintainers for a whole bunch of tools there. Some say it is too many, we disagree.

  • Lookyloo, Pandora, and all the bells and whistles to go with them.
The speaker’s profile picture
Rascagneres

Paul Rascagneres is a principal threat researcher at Volexity. He performs investigations to identify new threats, and he has presented his findings in several publications and at international security conferences.

  • It Has Been [0] Days Since the Last Edge-Device Security Incident
The speaker’s profile picture
Remi Seguy

I work in Cyber Security for 25 years . At the European Commission I lead the Threat Hunting and Detection Engineering team. Anytime I apply "Sharing is caring" principle and I support and participate to several open source projects. OpenTIDE is the framework developed by the team to support our work and has been opensourced in March 2024

  • Unleashing the power of purple teaming with OpenTIDE
The speaker’s profile picture
Roman Graf

Roman is a Manager in Deloitte’s Consulting group in Austria and a Teamlead of the Pentesting- and Red-Teaming group. He joined Deloitte’s Cyber service line in Vienna in 2021 with a focus on Cyber Security. He has more than 15 years of experience in the IT Security industry. Roman has a strong penetration testing and cyber security background and experience with artificial intelligence.

From 2020 till 2021, prior to joining Deloitte, Roman worked as a consultant, pentester and DevSecOps engineer for a big consulting company. From 2009 till 2020 he was working as a pentester and researcher for one of the leading European Research Institutes, where he was responsible for penetration testing, threat modelling and AI application for security domain. He was also tasked with the planning, preparation and presentation of individual workshops for different target groups.

  • Analysis and Forecasting of Exploits with AI
The speaker’s profile picture
Saâd Kadhi

An engineer by training, Saâd has more than 25 years of cybersecurity experience. Thriving in action, Saâd successfully dealt with several major incidents and large-scale cyber crises during his long-standing career.

Leading CERT-EU since 2019, he reshaped the Cybersecurity Service for the European Union institutions, bodies, offices and agencies into a highly regarded and equally trusted inter-institutional provider of cybersecurity services to all the European Union entities.

Before that, Saâd built and managed the CSIRT of a French multinational food products corporation covering more than 120.000 employees worldwide and worked at the CERT of one of the major banking groups to fight against cybercrime and respond to cyberattacks. He also created CERT-BDF, the CSIRT of Banque de France, making it one of the most advanced central bank CSIRTs.

Saâd is regularly invited to share his insights and present in various forums and events.

  • Tales of the Future Past
The speaker’s profile picture
Sami Mokaddem

Sami Mokaddem is a software developer who has been contributing to the open-source community since 2016 in the fields of information sharing and leak detection. He is working for CIRCL and is part of the MISP core team where he develops and maintains the software as well as its related tools.

  • Running Exercises with SkillAegis
  • Integrating New Tools in Your Workflows Within Minutes in MISP
The speaker’s profile picture
Samira Chaychi

Samira CHAYCHI holds a PhD from the University of Luxembourg, specializing in computer science. Additionally, she possesses a master's degree in Information and Computer Science, specializing in Reliable Software & Intelligent Systems, with expertise in RDF streaming data processing using asynchronous iterative routing frameworks. Furthermore, she pursued studies in Computer Simulation in Science, specializing in Financial Mathematics. She is also the co-founder of LuxQuantum, contributing her expertise to the advancement of quantum technologies.

  • Quantum Cybersecurity - Pioneering a Secure Future
The speaker’s profile picture
Santi Abastante

Ex-Police Officer and Cloud Incident Responder with 10+ years of IT experience. During the course of my career, I’ve worn many different hats, being able to intervene in incidents of multiple magnitudes in both the private and public sector, from bank robberies to cybersecurity breaches to confidential information leaks.

  • Dredge: An Open Source Framework for Cloud Incident Response
The speaker’s profile picture
Saumil Shah

Saumil is an internationally recognised speaker and instructor, having regularly presented at conferences like Blackhat, RSA, CanSecWest, PacSec, EUSecWest, Hack.lu, Hack-in-the-Box, Deepsec and others. He has authored two books titled "Web Hacking: Attacks and Defense" and "The Anti-Virus Book".

Saumil graduated with an M.S. in Computer Science from Purdue University, USA and a B.E. in Computer Engineering from Gujarat University. He spends his leisure time breaking software, flying kites, traveling around the world, and taking pictures.

  • ROP on ARM64 - a hands-on tutorial
The speaker’s profile picture
Shanna Daly

Shanna Daly has over 20 years experience across the information security industry. Shanna’s expertise has been called upon during countless data breach investigations, giving her an in-depth understanding of the security implementations that work, and the ones that don’t. Shanna continues to share her knowledge with the industry and has built and managed consulting teams of industry experts responding to all types of intrusions and breaches.

  • MISP Kickstart
The speaker’s profile picture
Sharif Shahini

Sharif Shahani is a physicist and materials scientist with a robust foundation in academic research and entrepreneurial ventures. Holding a PhD in Physics from the University of Luxembourg and two MSc degrees in Physics and Materials Science & Engineering from Sorbonne University and Sharif University of Technology, Sharif has a diverse and rich educational background. His extensive academic journey has equipped him with expertise in graphene-based 2D materials, optics, quantum materials, and nanotechnology. As the co-founder of LuxQuantum, Sharif leads efforts to advance quantum cryptography technologies. His work focuses on bridging the gap in quantum technologies, aiming to enhance their interoperability.

  • Quantum Cybersecurity - Pioneering a Secure Future
The speaker’s profile picture
Shihao Xue

SHIHAO XUE is Engineer of CATARC Automotive Data of China Co., Ltd.He mainly engages in research on communication protocols for automotive components, focusing on vehicle protocol technologies such as Ethernet and CAN networks.
In recent years, he has supported key industry enterprises in conducting research related to communication software testing.

  • Cyber Threats to Advanced Intelligent Connected Vehicle Systems
The speaker’s profile picture
Shing-Li Hung

Shing-Li (Yuki) Hung is currently a cybersecurity researcher at CyCraft and he is graduated from National Tsing Hua University, Taiwan. His research primarily focuses on the analysis of dark web intelligence, applying deep learning models within the cybersecurity field. He has also conducted visiting research at the National Institute of Information and Communications Technology (NICT) in Japan. Yuki's research findings have been presented at prestigious platforms such as HITCON and PyCon TW. Additionally, he is a co-author for the cybersecurity resource website https://sectools.tw.

  • Automating Dark Web CTI Reports ​ with RAG Insight for MISP Sharing
The speaker’s profile picture
Simon Geusebroek

Pentester @Synacktiv, I like as much trying to enter into your computers than into your facilities.

I'm a physical intrusion specialist, and more specifically like the technical aspect of it, as opposed to the social engineering side which I use as a second resort. I'm particularly happy when I manage to demonstrate how the creative use of low cost items may allow to easily circumvent seemingly secure systems: this usually lead people to look at their locks differently, which I consider as one of the goals of my pentester job.

While also doing physical intrusion into offices, industrial sites are often more challenging and have a neat "urbex" feeling where you never know what awaits you behind that closed door. A huge difference however is that this activity is not only legal, but also helps to improve the security ecosystem.

  • Back to the failure - Did your physical security really evolve in the last 40 years?
The speaker’s profile picture
Simon Petitjean

Cybersecurity Director at PwC Luxembourg
Offensive Security & Red Team Leader
Trainer | Speaker | Sworn Judicial Expert

  • Hacking EV Charging Points, for fun... and fixing the firmware
The speaker’s profile picture
Stanislav Dashevskyi

Stanislav Dashevskyi is a Security Researcher at Forescout. He received his PhD from the International Doctorate School in Information and Communication Technologies (ICT) at the University of Trento (Italy) in 2017. His main research interests are open source software, software security, and vulnerability analysis.

  • Ghosts'n'gadgets: common buffer overflows that still haunt our networks
The speaker’s profile picture
Stephan Berger

Stephan Berger has over a decade of experience in cybersecurity. Currently working with the Swiss-based company InfoGuard, Stephan investigates breaches and hacked networks as Head of Investigation of the Incident Response team. An avid Twitter user under the handle @malmoeb, he actively shares insights on cybersecurity trends and developments. Stephan also authors the blog DFIR.ch, where he provides in-depth analysis and commentary on digital forensics and incident response. Stephan has spoken at numerous conferences, sharing his expertise with audiences worldwide.

  • The Gist of Hundreds of Incident Response Cases
  • In-Depth Study of Linux Rootkits: Evolution, Detection, and Defense
The speaker’s profile picture
Stijn Tomme

Trying to combine fun with some security related stuff

  • The Heist: get your hands on the goods!
  • The Heist: get your hands on the goods!
  • The Heist: get your hands on the goods!
  • The Heist: get your hands on the goods!
  • The Heist: get your hands on the goods!
  • The Heist: get your hands on the goods!
  • The Heist: get your hands on the goods!
  • The Heist: get your hands on the goods!
The speaker’s profile picture
Stuart Beck
  • The Ouroboros of Cybercrime: Witnessing Threat Actors go from Pwn to Pwn'd
The speaker’s profile picture
Thomas Chopitea

Thomas has been a DFIR practitioner for 10+ years. He's currently a Security Engineer in the DFIR team at Google who loves running towards the proverbial cyber fires. He enjoys detective work and poking malware with a long stick, and has given talks about DFIR, malware analysis, and threat intelligence at many conferences throughout Europe and the US.

  • DFIQ - Codifying digital forensic intelligence
The speaker’s profile picture
Thomas Patzke

Thomas has 18 years experience in information security and has done lots of stuff in this area, from offensive to defensive security topics. Now he is doing incident response, threat hunting and threat intelligence at the Evonik Cyber Defense Team. Furthermore, he is co-founder of the Sigma project and maintains the open source toolchain (pySigma/Sigma CLI).

  • Lessons Learned from (almost) 8 Years of Sigma Development
  • Operationalization of Sigma Rules with Processing Pipelines
The speaker’s profile picture
Trey Darley

Trey Darley works at Accenture Security in Brussels, where he is setting up a security testing lab of sorts, and trying to do some good for the world. Trey has been a long-standing member of the FIRST community, and has served a variety of volunteer roles, including a term on the FIRST board, during which he co-founded the FIRST standards committee. Trey is well known for his work on open cybersecurity standards like STIX/TAXII and others. He's also been aligned with the Langsec faction for many years. Trey's patron saints are Grace Hopper and Paul Erdös.

  • Any sufficiently advanced technology is indistinguishable from 01 January 1970
The speaker’s profile picture
Tristan MADANI

Tristan is a dedicated and motivated professional committed to delivering positive results and fostering continuous improvement in his work. Over the years, he has accumulated extensive experience in both Offensive (Red Teaming, Penetration Testing, Vulnerability Research) and Defensive Security (Threat Hunting, Incident Response, Digital Forensics, Malware Reverse Engineering), as well as systems and networks. Additionally, Tristan finds fulfillment in sharing his knowledge through Cyber Security Training, recognizing the value of collaboration and ongoing learning in this dynamic field.

  • Introducing the ACTOR Model: Adversary Simulation is dead, long live Adversary Simulation!
  • Phantom DLL Hijacking in Powershell.exe (aka Backdooring Powershell for Fun and Profit)
  • Predictive Analytics for Adversary Techniques in the MITRE ATT&CK Framework using Rule Mining
The speaker’s profile picture
Vic Huang

Vic Huang
Independent researcher / Security engineer
Member @ UCCU Hacker
Working on Web/Mobile/ICS/Privacy domain
He shared his research on several cybersecurity conference such as HITB,CODE BLUE,Ekoparty,ROOTCON,REDxBLUE pill,HITCON, CYBERSEC,DEFCON.

  • Securing the Stars: Comprehensive Analysis of Modern Satellite Vulnerabilities and Emerging Attack Surfaces
The speaker’s profile picture
Vladimir Kropotov

Vladimir Kropotov is an Advisor and Sr. Researcher with the Trend Micro Forward-Looking Threat Research team. Active for over 20 years in information security projects and research, he previously built and led incident response teams at Fortune 500 companies and was head of the Incident Response Team at Positive Technologies. He holds a master's degree in applied mathematics and information security. He also participates in various projects for leading financial, industrial, and telecom companies. His main interests lie in network traffic analysis, incident response, and botnet and cybercrime investigations.

  • IoT hacks humans - unexpected angles of Human Process Compromise
The speaker’s profile picture
William Robinet

William manages the technical team behind AS197692 at Conostix S.A. in Luxembourg. He’s been working in cybersecurity using free and opensource software on a daily basis for more than 25 years. Recently, he presented his ASN.1 templating tool at Pass the SALT 2023 in Lille. He contributed to the cleanup and enhancement efforts done on ssldump lately. He particularly enjoys tinkering with open (and not so open) hardware. Currently he likes playing around with new tools in the current ML scene, building, hopefully, useful systems for fun and, maybe, profit. When not behind an intelligent wannabe machine, he's doing analog music with his band of humans.

  • Exploring OpenSSH: Hands-On Workshop for Beginners
  • NLP deep-dive: Transformers for Text Mining and Text Generation in Cybersecurity
The speaker’s profile picture
Yuqiao Ning

YUQIAO NING is the Technical Director of CATARC Automotive Data of China Co., Ltd. He has extensive experience in computer systems and software security research. In his current role, he is primarily responsible for pioneering research in automotive penetration technology and the development of automated detection tools.His work focuses on analyzing security risks within automotive open-source software, with a particular emphasis on understanding the critical intersection of automotive security vulnerabilities and functional safety. He has played a pivotal role in organizing numerous automotive information security attack and defense challenges, contributing significantly to the advancement of safer and more secure automotive technologies.Furthermore, He has played an instrumental role in shaping national automotive information security standards, contributing to the drafting of several key national standards.

  • Cyber Threats to Advanced Intelligent Connected Vehicle Systems