BSidesBUD
International IT Security Conference
Event Schedule
Please note that the conference schedule is subject to change
Be sure to check back often for updates and announcements!
- TALKS
- WORKSHOP
- THE LAB
- Prompt Room
- Payload Room
09:00 - 09:40Pay or Pray – The Ransomware-Game By Tobias Schrödel
This is how the computer magazine CHIP described the accomplished IT specialist and professional speaker on hacking – because Schroedel has the unique ability to explain the depths of complex IT systems, the methods of hackers and dry data protection requirements in a simple and easily understandable way, even for non-technical audiences.
His trademark: fun is never neglected – in his entertaining talks full of aha moments, humour shines through every bit and byte.
Trained IT specialist, international IT solutions and security concepts, “Computer Science Expert” in a globally operating IKT corporation – and widely known to the public through his appearances on stern TV and his successful podcast “Ich glaube, es hackt!”
Short description of the talk
TBD
Explain the talk to us
TBD
09:45 - 10:25The Most Dangerous Intern is an LLM: Abusing AI Agents Through Text By Daniel Sanchez
I’m Daniel Sanchez, born and raised in Mexico City. I studied telecommunications and started hacking when I was 15. It all began with video games, finding logic errors on old websites. Then I started using Vulnhub and reading their write-ups. From there, I won my first CTF and got my first job as a penetration tester.
I decided to talk about things i like to research and learn, because they say if you can explain something, you’ve learned it well.
Short description of the talk
Companies are integrating AI agents that not only generate text but also perform real-world actions: reading files, calling internal APIs, modifying records, handling tickets, automating processes, and making operational decisions.
This, introduces a critical risk: a permissioned language model is, in practice, a privileged user controlled by text.
In this talk, we’ll explore how AI agents can be manipulated through advanced prompt injection, hidden instructions in documents, and abuse of connected functions. I’ll demonstrate a vulnerable lab where the agent can be tricked into reading sensitive files, exfiltrating information, or performing unauthorized actions.
We’ll see how an attacker can pivot through the agent into internal systems without exploiting traditional vulnerabilities, and what controls should be implemented to protect these new automated command interpreters.
Explain the talk to us
In this talk, we will explore how AI agents can be compromised through advanced prompt injection, contextual manipulation, hidden instructions, and tool abuse—without relying on traditional vulnerabilities like RCE, SQLi, or XSS.
I will demonstrate a purposely vulnerable AI-agent lab environment where an attacker can:
read arbitrary files, access internal resources, pivot through corporate systems, and exfiltrate sensitive data simply by crafting malicious input.
We will break down how agents make decisions, how tool-calling works internally, how retrieval and orchestration layers interact, and why current security controls are insufficient.
I will try to teach the attendees the following:
real-world attacker models for AI agents,
exploitation paths that combine LLM reasoning + tool execution,
how “harmless text” turns into operational damage,
and the security patterns required to defend against this new class of threats.
If your organization believes an AI assistant is “just a chatbot,” this talk will be uncomfortable—and necessary.
I would like to show a lab that the attendees can participate by asking some prompts and trying to access files to be more immersive also i have some slides and the lab for this talk but i need to polish them. specially the lab so it wont be so easy or adding some levels to it i am still working on them.
Sources to understand the topic for newbies
My talk goes along the lines of these blog posts.
https://www.darkreading.com/application-security/ai-agents-access-everything-zero-click-exploit
https://fdzdev.medium.com/security-vulnerabilities-in-autonomous-ai-agents-26f905b2dc36
https://developer.nvidia.com/blog/from-assistant-to-adversary-exploiting-agentic-ai-developer-tools/
10:30 - 10:50How parsing log messages can improve security By Peter Czanik
I gained IT and infosec experience while running many of the university servers. I turned my teaching skills, gained as a PhD student, into writing technical blogs and talking at conferences.
- Engineer working now as an open source evangelist and technical product manager
- Lead the development of syslog-ng open source edition, and contribute to sudo development
- Experienced in open source community outreach, work with distributions to maintain the syslog-ng package, follow bug trackers, help users
- Accomplished blog writer and conference presenter with a proven track record of creating engaging content and delivering impactful presentations (All Things Open, FOSDEM, Pass the SALT, EuroBSDCon, and others).
In my free time I am interested in non-x86 architectures, and work on one of my PPC or ARM machines. I am an IBM Champion for POWER.
Short description of the talk
Do you want to detect threats real-time and easily search logs to find relevant information? By default, incoming log messages are treated in log management apps as one long string. While this is good enough if you just want to store logs, you need more structured information if you also want to act on log messages. Applications like syslog-ng also let you parse log messages. While parsing structured logs like JSON is easy, unstructured logs need a lot of work. This is where the sequence app can help you: if you have enough logs to analyze, it can automatically generate parser rules for syslog-ng and LogStash.
Explain the talk to us
In his talk, Peter explains why parsing log messages is important, how you can use the resulting name-value pairs and shows you a tool that can greatly reduce the time and effort needed to create parser rules.
Without additional parsing, log management apps treat the message part of a log message as one long string. While this might be valid in some use cases, many log messages look like almost complete English sentences with some variables in them. Just think about SSH login messages: they include the username, the source IP and port, and the login method embedded in a sentence. You might want to create an alert for such messages (for example, if a root user logs in). However, if the whole message is a single string, you cannot do that.
Message parsing and creating name-value pairs from log messages give you a lot more flexibility when it comes to filtering or templating. For example, you can send an alert to Slack when someone logged in as a root user through SSH, or you can forward two important fields from an extremely long log message to save network bandwidth and disk space. You can use it to hide sensitive information and send only what is required to various destinations.
PatternDB in syslog-ng can find important information in unstructured log messages, like the above-mentioned SSH login message, and create name-value pairs from the information it finds. PatternDB rules are easier to write than regular expressions and also need less resources to run. They can work on a Raspberry Pi or a Turris Omnia without any noticeable load. There are various parsers for structured log messages as well, like the CSV, JSON and XML parsers. You can also combine these and build really complex parsers, if needed.
Sequence-RTG allows you to automatically generate parser rules for syslog-ng and LogStash. While creating parser rules from scratch is a painful process, sequence can do the heavy lifting for you if you have enough log messages to analyze. Of course, you might need to rename some of the name-value pairs, but that is still a lot easier than creating rules from scratch…
10:50 - 11:05Coffee Break By Mr. Caffeine
11:05 - 11:25Aether: Engineering a Cross-Architecture Linux Injector By Lora Vega
Hey, I’m Lora. I build tools that live in other people’s memory space. I’m a Linux security researcher and the developer of Aether, a 32/64-bit process injection framework. My recent work involves weaponizing Rust’s safety features to create more stable and undetectable C++ hybrids. I’m here to show you how process injection is evolving on Linux and why the future of offensive tooling is polyglot.
Short description of the talk
Linux injection is architecture-locked and easily flagged. This session introduces Aether, a tool utilizing ptrace and PLT hooking for seamless 32/64-bit function interception. We explore a “Polyglot” approach by wrapping a C++ core in a Rust-based FFI tunnel. This hybrid architecture increases stability and complicates reverse engineering by fragmenting the call stack. Attendees will learn Linux runtime code modification, modern PLT hooking, and how to “oxidize” legacy tools to stay ahead of evolving detection engines.
Explain the talk to us
The current landscape of Linux process injection is dominated by aging techniques that are increasingly visible to modern Endpoint Detection and Response (EDR) systems. While tools leveraging LD_PRELOAD or basic shellcode injection remain functional, they often fall victim to heuristic scanners that flag predictable memory allocation patterns and standard C library calls.
This presentation introduces Aether, a framework designed to bypass these limitations by utilizing low-level primitive operations, specifically ptrace and Procedure Linkage Table (PLT) hooking, to achieve cross-architecture code execution. By operating at the binary level rather than relying on high-level environment variables, Aether provides a robust foundation for runtime code modification in both 32-bit and 64-bit environments.
The technical core of the talk focuses on the orchestration of ptrace for non-cooperative process attachment. We will examine the mechanics of capturing a running process’s execution state, manipulating registers to redirect control flow, and the precise use of PTRACE_POKETEXT to inject our “parasite” shared library. A significant portion of the deep dive is dedicated to PLT Hooking, a technique that allows Aether to intercept specific function calls by overwriting entries in the Global Offset Table (GOT). This method ensures that our injected code remains synchronized with the host process’s legitimate activities, allowing for stealthy monitoring or modification of data without crashing the target, a common failure point in traditional “fire-and-forget” injectors.
The research then pivots to the “Oxidation” of the framework: the integration of Rust via a Foreign Function Interface (FFI) tunnel. We explore the hypothesis that mixing programming languages can act as a form of binary-level obfuscation. By wrapping our performance-critical C++ injection engine in a Rust-based daemon, we fragment the call stack and generate machine code signatures that differ significantly from “pure” C++ malware. This section of the presentation will provide a comparative analysis of memory signatures, demonstrating how Rust’s unique binary structure and its “safety-first” memory management can be weaponized to evade modern heuristics and complicate the work of a reverse engineer attempting to trace the hybrid execution flow.
Finally, the session concludes with a series of high-stakes demonstrations. We will first show a baseline “Legacy” injection being detected by standard Linux audit tools, followed by the successful deployment of the Oxidized Aether framework. The demo will highlight the tool’s dedicated monitoring daemon, which maintains the health of the injected parasite and ensures persistence even through host process fluctuations. Attendees will be provided with a technical roadmap for porting their own offensive tools to this hybrid architecture, along with access to the Aether source code to further the community’s research into polyglot exploitation.
Sources:
- Linux System Calls: Man7.org: Ptrace(2) — The official documentation for the primary tool used for process attachment and memory manipulation.
- The “Why”: MITRE ATT&CK: Process Injection (T1055) — Explains how adversaries use these techniques to hide in legitimate processes.
- Binary Internals: The 101 Guide to ELF, PLT, and GOT — A breakdown of how Linux executables handle dynamic linking and how function calls can be hijacked.
- Rust Interoperability: The Rust FFI Guide — Explains the mechanics of how Rust code calls C/C++ functions and manages cross-language memory.
- Hands-on Tutorial: The “Playing with Ptrace” Series — A classic guide for beginners to write their first debugger/injector in C.
- Security Context: EDR Evasion Basics — An overview of how security software detects common injection patterns and why hybrid (Polyglot) binaries help bypass them.
11:30 - 12:10Prompt, Pwn, Profit: A $40k Deep Dive into AI Agent Vulnerabilities By Vasyl S
I’m a security researcher from Ukraine. Yes—we’re still here, and we’re still doing security research.
I speak Hungarian as well (it is my second language) I studied cybersecurity and computer science starting in 2010 and hold a Master’s degree in the field. I have nearly 15 years of experience as a software developer, working close to real-world systems, production environments, and the mistakes that ship with them.
Since the beginning of the war, my focus shifted from pure engineering to offensive security. I began volunteering on the cyber front, which later led me to bug bounty hunting as a practical way to apply real-world exploitation skills at scale. As the AI race accelerated, my attention moved to a new frontier: hacking AI agents. I focus on breaking security models in AI-powered developer tools.
Short description of the talk
Over the past year, I made $30,000+ by breaking some of the most trusted AI coding agents. From Claude Code, Google Gemini, OpenAI Codex to GitHub Copilot and others, I exploited 25+ vulnerabilities by exploiting weaknesses in input handling, tool usage, and sandbox enforcement. This session is a practical deep dive into how AI agents fail — and how those failures lead directly to remote code execution.
Explain the talk to us
AI coding assistants like Claude Code, GitHub Copilot, and Google Gemini can now run commands, read files, and browse the web on your behalf. This power comes with risk.
This talk breaks down the four main ways these agents fail:
“Safe” Commands Aren’t Safe: Agents let some commands run without asking you first. I found ways to abuse these—like using find or man in unexpected ways—to run any code I wanted.
Attacking CI/CD Pipelines: Many teams run AI agents in GitHub Actions. I’ll show how malicious code in a repository can hijack these automated systems.
Dangerous Tool Combinations: Agents can fetch websites and read files. I’ll show how attackers can trick agents into leaking sensitive data or executing hidden instructions embedded in web pages and code repositories. Or achieve RCE in the user machine.
Escaping Project Folders: When you tell an agent “only work in this folder,” it should stay there. I found multiple ways agents would happily read your SSH keys or system files anyway.
Sources:
https://flatt.tech/research/posts/pwning-claude-code-in-8-different-ways/ – is a quite good demo of similar vulnerabilities which I was found last year. Also the top researcher of this topic and his blog post.
12:15 - 12:55From Chaos to Clarity: Unsupervised ML and LLM for Identity Threat Detection By Dor Yardeni & Eric Saraga
Dor Yardeni is the Director of Security Research at Varonis, leading the team behind the detection engine that protects thousands of customers. With over a decade of experience in cybersecurity, Dor specializes in red teaming, incident response, and detection engineering. Passionate about data-driven research and machine learning, Dor has built advanced threat detection models, investigated ransomware attacks for global enterprises, and reported vulnerabilities in critical infrastructure systems.
TBD
Short description of the talk
Detecting account takeover and Entra ID attacks at scale is tough. Endless identity signals require approaches that can learn patterns effectively.
Join us for a deep dive into building a scalable detection pipeline:
- The challenge of covering endless attack scenarios
- How we leveraged unsupervised anomaly detection at scale
- How we layered LLMs on top of ML to boost precision and deliver clear, human-readable explanations
- Real-world case studies
This session will equip you with practical insights and proven strategies for detecting identity attacks —at scale
12:55 - 13:55Lunch Break By Miss Protein
13:55 - 14:35Prompts to Production: Building Effective Security Automation For Everyone By Jozsef Ottucsak
Jozsef Ottucsak is a seasoned Product Security Architect with over a decade of experience in secure software development lifecycle (SDLC) initiatives for on-premise, hybrid, and cloud-native applications.
Currently serving as a Staff Product Security Architect at Diligent, he specializes in enabling developers to build secure products by establishing security requirements, designing secure-by-design processes, and providing technical guidance.
Short description of the talk
Security teams today face an impossible equation: expanding attack surfaces, always increasing work volume, and chronic talent shortages. While automation has long been the promise, the reality often involves fragile scripts that break when APIs change and complex tools that require specialized expertise to maintain. Large Language Models (LLMs) are reshaping this landscape, offering new ways to automate security tasks across the entire complexity spectrum.
This talk takes a practical journey through automation approaches using LLMs, from simple no-code solutions to sophisticated agentic workflows. We’ll start with no-code interfaces where natural language prompts become powerful security assistants—perfect for analysts who need quick answers without writing code. Then we’ll progress to low-code solutions using agentic IDEs like Claude Code adding structured workflows while still maintaining accessibility. Finally, we’ll explore full agentic workflows where autonomous AI systems coordinate multi-step security operations, from vulnerability triage to incident response orchestration.
Drawing from hands-on experience building and deploying these systems, we’ll examine the trade-offs at each level: when simplicity beats sophistication, where guardrails become critical, and how to match the right approach to your team’s capabilities and risk tolerance. We’ll cover real-world use cases including automated vulnerability assessment, security review automation, and SAST rule writing — highlighting both success stories and hard-won lessons about limitations, failure modes, and where human oversight remains non-negotiable.
Attendees will walk away with a practical framework for evaluating automation opportunities in their security programs and concrete examples they can adapt, whether they’re just starting with AI-assisted workflows or ready to deploy autonomous agents at scale.
Explain the talk to us
Here is a high level outline of the talk structure. The goal is to include as many hands-on examples as possible which would be shared with the audience through a Github repo.
- The Mess We’re In: Capacity vs. Velocity
- The Imbalance: Why having 1 security pro for every 50-100 developers is a losing game in an AI-native world where code velocity has tripled.
- The Build vs. Buy Trap: Why $100k+ enterprise “solutions” rarely fit your actual process, and why the alternative—fragile, custom-built scripts—usually dies from maintenance exhaustion.
- The Semantic Shift: How moving from rigid API-based scripting to LLM-driven intent allows us to actually tackle the “too much work, too little time” problem.
- The Spectrum of Implementation (And When to Stop)
- Level 1: Managed Flexibility (No-Code)
– Why a simple chat interface is often better than a full automation for ad-hoc investigations.
– Recognizing “automation overkill” and tasks that don’t need a persistent workflow. - Level 2: The Hybrid Approach (Low-Code/Augmented)
– Mixing deterministic code with LLM “reasoning” to handle messy data without losing accuracy.
– Practical examples: High-speed SAST rule generation and cutting through the noise in vulnerability triage. - Level 3: Autonomous Cycles (Agentic Frameworks)
– What happens when you let agents run multi-step loops (OODA) independently.
– Defining “delegated authority” and deciding where the human-in-the-loop is mandatory.
- The Engineering Reality and Constraints
- Infrastructure and Sovereignty: The brutal trade-offs between commercial API performance and the high “GPU tax” of self-hosting open-weight models like Llama or Mistral.
- The New Maintenance Debt: Who patches the agent? Dealing with model drift, identity management, and sandboxing your own security tools.
- Reliability vs. Cost: Hard data on token-burn rates, execution latency, and why some automation ideas are financially impossible at scale.
- Field Notes: A total lack of bullshit on what worked in our production runs and the failure modes that sent us back to the drawing board.
Why This Is Useful for Attendees
Reality Check: A look at the real operational costs and risks of AI automation, helping you manage expectations (and budgets) with leadership.
Tactical Roadmap: A clear guide on categorizing security tasks so you don’t waste time over-engineering simple problems.
Technical Primer: Acts as a ground-up entry-level technical intro to LLM tech, context windows, and agentic reasoning for security practitioners.
14:40 - 15:25What an Exploitable CVE Really Means By Hector Eryx Parades
Eryx is an enthusiast in Cybersecurity and OpenSource. Currently working as Staff Security Engineer at Lyft he leads the vulnerability management program, handling the strategy to identify and fix code, infrastructure and endpoint vulnerabilities at scale.
His career includes roles in backend/frontend development, consulting, software architecture, and management. He loves sharing knowledge in the academy and at community events, locally or globally.
His academic background includes a BSc from Instituto Politecnico Nacional (Mexico) and an MSc from the University of Southampton (UK). During his free time he enjoys doing a good BBQ, drinking craft beers or organizing tech events.
Short description of the talk
Most published CVEs never become meaningful risks—but the security industry still treats every new disclosure as a fire to put out. This talk explores what makes a vulnerability truly exploitable by examining the economics of offensive research, the limitations of CVSS, EPSS and other scoring systems, and the real-world conditions required for exploitation. Attendees will learn how attackers prioritize n-days, how AI accelerates exploit development, and why exploitability depends far more on environment and business value than on scores alone.
Explain the talk to us
Most organizations drown in CVE alerts while real threats slip through. This talk cuts through the noise by examining the economics of vulnerability research and exploitation to help security teams prioritize what actually matters.
We’ll explore why vulnerability researchers choose certain targets, how the exploit marketplace operates, and why scores alone fail to measure real risk. Through red team perspectives, the attendees will see examples how attackers determine efficient attack paths and why most CVEs never get weaponized.
The core focus is bridging offensive and defensive perspectives. The attendee will discover how to enrich an asset inventory with business context, how to perform static analysis on dynamic threat data, and build prioritization frameworks that consider both exploitability AND business impact.
Attendees will leave with actionable insights hon how to: identify which CVEs deserve immediate attention, map technical vulnerabilities to business risk, and communicate security priorities to leadership. With number of vulnerabilities increasing year over year, this practical approach might help security teams to move from reactive patching to strategic risk management.
Key Takeaways:
A modern perspective on risk aligned with today’s offensive economy and AI-driven capabilities.
A practical model to determine whether a CVE exploitation is doable on an environment, not just theoretically possible.
How to combine exploit intelligence with asset value to prioritize remediation.
Techniques for enriching asset inventories and identifying material business impact.
Sources:
https://en.wikipedia.org/wiki/Common_Vulnerability_Scoring_System#Example_4
https://orca.security/resources/blog/epss-scoring-system-explained/
https://www.packetlabs.net/posts/large-language-models-weaponized-for-practical-exploitation/
https://www.linkedin.com/posts/alevsk_the-smartest-security-people-i-know-dont-activity-7410122109651222528-ueWh/
15:30 - 16:10Concrete Evidence: Two Races, One RCE By Adrian Tiron
Adrian Tiron is the Co-Founder and Principal Pentester/Red Teamer at FORTBRIDGE, bringing over 20 years of hands-on experience in cybersecurity. Throughout his career, Adrian has worked with top-tier companies across the UK, US, and Europe, helping them identify and remediate complex security issues across web applications, APIs, cloud environments, and internal networks. His expertise spans offensive security, red teaming, and adversary emulation. As an active security researcher and blog author, Adrian has discovered and responsibly disclosed multiple critical vulnerabilities in both open-source projects and commercial platforms. His research has been featured at multiple BSides conferences, and most recently at BlueHat IL, organized by Microsoft in Israel. Adrian is known for delivering highly technical, practical content drawn from real-world assessments, and is passionate about pushing the boundaries of modern application security.
Short description of the talk
Concrete CMS, a popular open-source content management system, contains a critical flaw in its file upload functionality that can be exploited in two distinct ways. This talk demonstrates how a single upload can lead to a Server-Side Request Forgery (SSRF), allowing access to internal cloud resources, and a double race condition that enables Remote Code Execution (RCE) via a malicious backdoor. We’ll walk through the exploitation process, show how existing protections can be bypassed, and highlight practical steps to secure file upload mechanisms in real-world applications.
Explain the talk to us
While pentesting Concrete CMS, I discovered that its file upload functionality introduces what is effectively an SSRF-by-design weakness. I’ll begin by demonstrating how this feature can be abused to pivot into the internal network, then show how it can be leveraged in cloud deployments to compromise an AWS account by extracting IAM credentials. Finally, I’ll walk through how these primitives can be chained to achieve Remote Code Execution (RCE) — the holy grail of exploitation.
This presentation uncovers a critical vulnerability in Concrete CMS, a widely used open-source content management system. The core issue is a double race condition in the file upload pipeline, which allows attackers to bypass validation controls and upload malicious files. I’ll present a deep technical analysis of the root cause, explain the exploitation mechanics in detail, and demonstrate the real-world impact of successfully winning the race conditions.
The talk concludes with practical mitigation and remediation strategies, providing concrete guidance for developers and administrators to harden their Concrete CMS deployments against these attack vectors.
16:10 - 16:25Tea Break By Mr. T
16:25 - 17:05Adaptive AI Malware: A New Class of Self-Evolving Runtime Threats By Chen Siri
Chen Shiri is a cyber security researcher, hacker, known for his research on low-level security and isolation mechanisms. His research has revealed significant flaws within widely-used services and prominent vendors. In addition to its research on Accenture, he published research with early examples of weaknesses in microservices and container-based web apps.
Short description of the talk
This talk introduces Adaptive AI Malware, a new class of malicious software that fundamentally changes how attacks behave at runtime. Unlike traditional polymorphic or fileless malware, Adaptive AI Malware continuously modifies its own execution logic in memory while running, reacting to its environment, defensive controls, and execution outcomes.
The malware does not rely on static payloads or predefined attack chains. Instead, it dynamically alters behavior during execution, resulting in non-deterministic attack paths that evade signature-based detection, sandbox analysis, and behavior baselining.
Through original research and live demonstrations, this session shows why existing malware classification and detection models fail against adaptive AI-driven threats, and what defenders must change to detect and respond to this emerging malware category.
Explain the talk to us
This talk presents original research on Adaptive AI Malware, a new malware category that uses AI-driven decision making to evolve its execution logic dynamically during runtime. Rather than shipping a fixed attack chain, the malware adapts continuously based on environmental feedback, security controls, and execution success or failure.
The session explains how the malware works, how it built, presentation a PoC and how it was made, why it breaks current detection assumptions, and what new defensive models are required to address malware that no longer behaves deterministically.
Detailed Description:
Current malware detection and analysis techniques are built around the assumption that malicious code, even when obfuscated or polymorphic, follows a finite and analyzable execution model. This research demonstrates that assumption is no longer valid.
Adaptive AI Malware represents a new class of malware that evolves its behavior during execution, rather than before execution. Instead of embedding a complete attack chain, the malware operates as a runtime decision engine that dynamically modifies its logic entirely in memory. Execution paths are not predetermined, artifacts are ephemeral, and behavior varies between runs even on identical systems.
The talk begins by establishing clear technical boundaries between traditional malware categories- polymorphic, metamorphic, and fileless – and adaptive runtime malware. While earlier techniques focus on mutating code structure or payload representation to evade static detection, adaptive AI malware mutates execution intent itself, continuously altering what logic is executed next while the process is already running.
The session then walks through the internal architecture of adaptive runtime malware while presenting a demo and how it was created, focusing on runtime logic regeneration, memory-only execution paths, and feedback-driven behavior changes. Attendees will see how environmental signals- such as endpoint protections, execution failures, permission boundaries, and monitoring artifacts can directly influence how the malware evolves while running.
Rather than following a fixed attack graph, the malware continuously evaluates its environment and adjusts behavior accordingly, resulting in non-deterministic execution paths that break traditional assumptions used by sandboxes, replay analysis, and behavior-based detection systems.
From a defensive perspective, the research demonstrates why signature-based detection, sandboxing, replay analysis, and behavioral baselining become unreliable when execution logic is transient and constantly changing in memory. Traditional incident response and forensic approaches also degrade when post-execution artifacts no longer reflect the actual malicious behavior that occurred during runtime.
17:10 - 17:30Evaluating the Security of AI-Generated Code By Klein András
I am an ethical hacker at MultiContact Consulting. I am interested in how systems work internally and at their boundaries, with a background in troubleshooting, automation, and security. In my free time, I spend most of my time doing CTF challenges, lock picking, OSINT investigations, and building small home labs to learn new tools and techniques. I enjoy breaking down complex problems and sharing practical security knowledge.
Short description of the talk
AI coding assistants are now deeply embedded in everyday software development workflows. While they dramatically increase developer velocity, security is often treated as an afterthought. This talk asks a simple but critical question: which AI model produces the most secure code?
In this 20-minute light talk, I present an empirical comparison of multiple popular AI models generating the same full-stack application from an identical prompt. Each generated codebase is then evaluated using static analysis tools and manual secure code review to identify and quantify vulnerabilities. In a second round, the same models are asked to secure their own code, allowing us to measure improvement, self-correction capability, and the emergence of new flaws.
The session concludes with practical, field-tested guidance on how developers and security professionals can use AI assistants more safely, without blind trust.
Explain the talk to us
During my day-to-day work as a penetration tester, I increasingly encounter codebases where large parts of the implementation were generated or heavily assisted by AI coding tools. While this approach undeniably accelerates development, it has also led to a recurring pattern: the presence of basic, well-known security flaws that should have been avoided by default. This observation raised a fundamental question for me, not whether AI can write code, but how well it understands secure software design.
Existing research shows that AI-generated code contains security vulnerabilities in roughly 20–40% of cases. However, most studies focus on a single model or a narrow problem space. This talk expands on that work by comparing multiple widely used AI models under identical conditions, using the same prompt, the same application scope, and the same evaluation methodology.
The experiment consists of two rounds. In the first round, each model is tasked with generating a full-stack CRUD application, including backend logic, authentication, APIs, and a frontend. The resulting codebases are analyzed using static analysis tools and manual secure code review, with vulnerabilities categorized using CWE classifications and severity levels. In the second round, the same models are asked to review and harden their own code, allowing us to measure how effectively they recognize and fix their own mistakes, and whether they introduce new ones in the process.
Rather than ranking vendors or promoting specific tools, the goal of this talk is to provide evidence-based insights into the strengths and limitations of AI-assisted development from a security perspective. Hopefully, the audience will leave with a clearer understanding of where AI helps, where it fails, and how to integrate these tools responsibly into secure development workflows.
17:35 - 18:15AI You Ready? – Inside AI Red Teaming By Maor Tal
Maor Tal is a red team and offensive security practitioner with over a decade of experience in penetration testing and adversary simulation. His work focuses on offensive AI and real-world attack techniques against modern systems. Maor has presented his research and hands-on work at OWASP Israel, Black Hat, BSides TLV, and other security conferences, and designs practical challenges and training that emphasize attacker mindset and real-world impact.
Short description of the talk
This session will teach attendees how to approach and assess AI and LLM-based systems from a security and red team perspective. The session covers how these systems are built, what attack surfaces to look for, and how common safety mechanisms and guardrails actually work and fail in practice. Drawing on real-world red team experience, the talk explains how to identify weaknesses such as prompt injection, data exposure, bypass common guardrails, and insecure integrations. Attendees will learn how to think critically about AI security, what questions to ask during assessments, and how to start red teaming AI systems safely and responsibly.
Explain the talk to us
The session is a technical, practitioner-led introduction to assessing and red teaming LLM-based systems using the same methodology applied to any new attack surface: understanding the architecture, mapping trust boundaries, enumerating inputs and outputs, and validating where security assumptions break down.
The talk begins by deconstructing a typical “LLM application” into its core building blocks. This includes an introduction to what LLMs are and how they operate, how prompt injection works at a technical level, and how attackers can leverage prompt manipulation in real-world scenarios. From there, the session explores the surrounding components that turn a model into an application: UI and API gateways, orchestration layers (agents and tools), system prompts and policy logic, retrieval mechanisms (RAG and vector databases), memory and session state, and external connectors. Each component is analyzed as an attack surface, with concrete examples demonstrating common weaknesses and real guardrail bypass techniques.
Building on this foundation, the talk introduces a threat modeling approach tailored specifically for AI systems. Attendees will learn how to reason about who controls which inputs, what the model is permitted to see and do, where sensitive data may flow, and which components convert model output into real execution or privileged actions.
09:45 - 10:25Hacking & Defense Tips that A.I will Not Teach You By Yossi Sassi
Yossi Sassi is an InfoSec researcher & friendly hacker. Sassi has accumulated extensive experience in information security for ~30 years, in Red-Blue team assessments, conducting DF/IR investigations and more, including Fortune100 accounts. Co-Founder of 10Root Cyber Security, forensics hacker @ TandemTrace (AI Threat Hunting), Advisory @ Terra Security (AI-Powered Pentest) and Ex-member of Javelin Networks – a unique defense solution for Active Directory (acquired by Symantec).
Worked for Microsoft 8+ years as Technology Group Manager and coded support tools for Windows Server. Sassi spoke at TED and TEDx events, and was awarded 4 Peace and friendship awards
Short description of the talk
By now it is clear that GenAI is here to stay and improve over time. Yet there are many limitations, when it comes to Professional content for Cyber Security – it may be fast but not accurate, lacks training data in many scenarios (blue/red/purple) and much more. Join me for a session full of hands-on demos and tips resulting from 3 decades of offensive & defensive Cyber Security tips that A.I will not tell you about!
Explain the talk to us
This is a talk with practical best practices, from a seasoned 30+ years InfoSec veteran & Red-team trainer doing Blue/Purple team/DFIR, and experienced in talking worldwide.
It will be non-stop demos of practical advice for Red/Purple/Blue teams, how creative bypass techniques and tools – from using PowerShell wisely (tips for day to day) through undetected bypass techniques and up to tools to better protect your attack surface in networks.
Spoke at the Hack Summit 25′, MS Tech Summit 2025, Craft 2025, BSidesBUD 25’, HackCon 2025, BSidesBUD 2024, T2 helsinki 2024, HackCon 24’, DeepSec Vienna 2023, Hacktivity 23’, DevOpsDays Vilnius 23’, bSides Krakow 23’, x33fcon 23’, Craft 2023 closing keynote, NullCon 2023, HackCon 2023, SEC-T 2022, Reversim 2022 keynote, SecurityFest 2022, Hack In Paris 2022, SecurityWeekly, Colombia 4.0 keynote, Brazil’s national Cyber Security conference, Bsides TLV (2019, 2020, 2021), OSDF Con 2021, MTB/MGB (microsoft), FIRST event(s), TED / TEDx and more.
Released dozens of open-source tools on github to the public.
Sources:
It is good to be familiarized with A.I concepts (LLMs, AI Tools, MCP etc.) and have a basic to solid understanding of Windows operating system internals & PowerShell.
10:30 - 10:50Fishing for Phishing: Detecting Malicious Websites at Scale with Nuclei By Rishi
Rishi is a results-driven cyber security professional based in London, with over five years of corporate IT experience spanning vulnerability research, threat intelligence, risk management and IT support. With a strong technical foundation and a strategic mindset, Rishi excels in identifying, analysing, and mitigating complex cyber threats across diverse digital environments.
He currently specialises in vulnerability research, actively investigating zero-day threats and assessing emerging CVEs to identify potential risks before they can be exploited. He also contributes to the design and implementation of proactive detection and defence strategies. In the realm of threat intelligence, his focus lies in uncovering and analysing adversarial tactics, techniques, and procedures, empowering organisations to anticipate and respond to the ever-evolving cyber threat landscape.
Rishi also plays a key role in enterprise risk management, translating technical risk into business impact and guiding stakeholders in prioritising remediation efforts through data-driven insights.
Beyond his core responsibilities, Rishi has a strong professional interest in attack surface management (ASM) and open-source intelligence (OSINT). He is particularly focused on minimising external exposure by identifying unknown assets, misconfigurations, and weak entry points that adversaries could exploit. His passion for OSINT complements this, as he regularly explores publicly accessible data to uncover hidden threats, monitor digital footprints, and support incident response and brand protection initiatives.
With a blend of technical rigour and an investigative mindset, Rishi is committed to advancing cyber resilience through proactive discovery, continuous monitoring, and adversary-informed defence.
Short description of the talk
Phishing remains the dominant attack vector, yet detecting malicious sites at scale continues to challenge security teams. This talk demonstrates how open-source automation can transform phishing detection from a manual, reactive process into a scalable, proactive capability.
I developed and contributed 120+ phishing detection templates to the Nuclei project, enabling security teams worldwide to identify phishing sites impersonating major brands across thousands of hosts in seconds. In this session, I want to share this technique with attendees, covering the detection methodology, template creation, and practical applications for threat intelligence and OSINT research.
A live demonstration will showcase the approach in action, and attendees will leave with the knowledge to build their own detection capabilities using freely available tools.
Explain the talk to us
Scaling Phishing Detection with Open-Source Automation
Phishing attacks remain one of the most persistent and effective methods attackers use to compromise individuals and organisations. Despite significant investment in security tooling, detecting malicious phishing sites at scale continues to be a challenging problem for security teams. Traditional approaches often rely on manual analysis, reactive blocklists, or expensive commercial solutions that struggle to keep pace with the sheer volume and sophistication of modern phishing campaigns.
This talk presents a fundamentally different approach: leveraging open-source automation to transform phishing detection from a slow, manual process into something genuinely scalable and proactive.
The Problem with Current Approaches
Most security teams encounter phishing detection as a reactive exercise. A user reports a suspicious email, an analyst investigates the link, and if confirmed malicious, the URL gets added to a blocklist. This workflow has obvious limitations. It depends entirely on someone spotting the phish in the first place, it scales poorly when you’re dealing with hundreds or thousands of potential targets, and it often means the damage is already done by the time detection occurs.
Commercial threat intelligence feeds help, but they come with their own constraints. Cost is one factor, but more importantly, they often lack the specificity needed to detect phishing sites targeting particular brands or industries. A generic phishing feed might miss a highly targeted campaign impersonating a niche software vendor or a regional financial institution.
The Open-Source Solution
The approach I developed centres on the Nuclei scanning engine from Project Discovery. Nuclei allows security researchers to write detection templates in YAML format, which can then be executed against any number of targets simultaneously. What makes this powerful for phishing detection is the ability to codify specific indicators that identify when a site is impersonating a particular brand.
Over the course of my research, I developed and contributed over 120 phishing detection templates to the Nuclei project. Each template targets a specific brand or service, looking for the telltale signs of impersonation. These might include specific HTML structures, favicon hashes, login form patterns, or combinations of visual and technical indicators that distinguish a legitimate site from a phishing clone.
The key insight here is that phishing kits often reuse the same underlying code and assets. Attackers frequently clone legitimate login pages, which means the resulting phishing sites share structural similarities that can be fingerprinted. By identifying these patterns and encoding them into detection templates, we can scan thousands of hosts in seconds and surface potential phishing infrastructure before it causes harm.
Practical Applications
This technique has genuine utility across several domains. For threat intelligence teams, it enables proactive hunting for brand impersonation across newly registered domains, certificate transparency logs, or suspicious infrastructure flagged by other sources. Rather than waiting for reports, teams can actively search for phishing sites targeting their organisation or clients.
For OSINT researchers, the methodology provides a structured approach to identifying and documenting phishing campaigns. The templates serve as living documentation of attacker techniques, and the scan results can feed into broader intelligence analysis about threat actor infrastructure and tactics.
For security operations teams, integrating these scans into existing workflows means faster identification of active threats. When combined with domain monitoring services or passive DNS data, it becomes possible to detect phishing sites within hours of their creation rather than days or weeks.
What Attendees Will Learn
The session covers the complete detection methodology, from identifying the indicators that make a phishing site detectable through to writing effective Nuclei templates that minimise false positives whilst maintaining detection coverage. I walk through the practical considerations of template design, including how to balance specificity against resilience to minor variations in phishing kit deployment.
A live demonstration shows the approach working against real infrastructure, illustrating how quickly scans can execute and how results can be triaged and actioned. This isn’t theoretical; it’s a technique I use regularly in my own research and one that security teams can implement immediately using freely available tools.
Attendees will leave with concrete knowledge they can apply directly. The Nuclei project is open source, the phishing templates are publicly available, and the methodology requires no commercial tooling or expensive infrastructure. Anyone with basic command-line familiarity can begin building their own detection capabilities the same day.
Why This Matters
The broader goal here is democratising access to effective phishing detection. Large enterprises might have the budget for sophisticated commercial solutions, but smaller organisations, researchers, and the broader security community deserve access to capable tooling as well. By contributing these templates to an open-source project, the detection capability becomes available to everyone, and the community can collectively improve and extend the coverage over time.
Phishing isn’t going away. Attackers will continue to refine their techniques and target new brands. But by building scalable, automated detection into our workflows, we can shift the balance back towards defenders and make it meaningfully harder for phishing campaigns to succeed at scale.
Resources
For those wanting to explore this further, the full methodology and background is documented in the Project Discovery blog post: https://projectdiscovery.io/blog/phishing-templates
All 120+ phishing detection templates are available in the nuclei-templates repository under the OSINT phishing folder: https://github.com/projectdiscovery/nuclei-templates/tree/main/http/osint/phishing
Sources:
I have put together a blog post to explain what this project is about and how one can operationalise the detection of phishing websites:
https://projectdiscovery.io/blog/phishing-templates
10:50 - 11:05Coffee Break By Mr. Caffeine
11:05 - 11:25From VDP to CVE: Hungary’s first organization authorized to assign CVE IDs By Balázs Pózner
Balazs Pozner is the CEO and Founder of Hackrate, a Budapest-based crowdsourced security testing platform. He holds a degree in security and safety engineering and began his career on the security team at Erste Bank. He later worked as an information security consultant at KPMG, Quadron, and Deloitte, where he conducted security audits, served as an outsourced information security officer, and performed penetration testing.
In 2020, Balazs founded Hackrate to help organizations collaborate more effectively with ethical hackers. Under his leadership, the company recently became Hungary’s first authorized CVE Numbering Authority (CNA). Balazs is committed to strengthening coordinated vulnerability disclosure in Hungary.
Short description of the talk
How can ethical hackers and organizations work together to improve security? This talk introduces the role of Vulnerability Disclosure Programs (VDPs) and explains how Hungary’s first CNA now enables local ethical hackers and companies to participate in global vulnerability reporting. It outlines the process of going from a submitted bug to a published CVE.
Explain the talk to us
In 2026, Hackrate became the first Hungarian organization to be authorized as a CVE Numbering Authority (CNA). This talk will provide a process-focused overview of how CVE assignment fits into coordinated vulnerability disclosure and why this is important for Hungary’s ethical hacker community.
The presentation begins by explaining what a Vulnerability Disclosure Program (VDP) is and why it’s essential. A VDP offers a structured, documented way for ethical hackers to report vulnerabilities and for organizations. It reduces legal uncertainty, encourages collaboration, and helps ensure that bugs are fixed rather than hidden.
Next, I’ll walk through a typical VDP workflow: from report submission and triage, through vendor remediation, to coordinated disclosure. At each stage, clarity and trust are essential. But a missing step remained in many cases: assigning a CVE. Without a local CNA, Hungarian researchers or companies had to request CVEs through foreign organizations or wait for MITRE.
Now, with CNA status, Hackrate can directly assign CVE IDs (if they fall within scope and both the researcher and affected company agree). I’ll explain what a CNA means in practice. To make this concrete, I’ll walk through a simplified example.
The final part of the talk focuses on community benefit: how this development empowers local researchers to get proper recognition, helps companies handle disclosures more professionally, and builds trust in the Hungarian cybersecurity ecosystem. My goal is to share practical insights, not promote any product or service. This talk is intended for both experienced defenders and newer researchers who want to better understand the VDP-to-CVE pipeline and how to participate in it.
11:30 - 12:10The Time Machine v3.0: Digging Through the Past to Hack the Future By Arjun Chaudhary & Anmol K Sachan
Arjun is a lead penetration tester by day and a bug bounty hunter by night. Breaking things professionally is his passion, and finding creative ways to exploit systems is what keeps him up at night.
He spends his days testing web applications, mobile apps, infrastructure, and cloud environments, hunting for vulnerabilities. His bug bounty work has uncovered critical flaws in major platforms, and he’s built custom security tools to make exploitation and testing more efficient. As a tool smith, he enjoys creating utilities that solve real problems in offensive security.
Arjun believes the best way to defend systems is to understand how attackers think and operate. Whether it’s chaining obscure attack vectors, reversing mobile applications, or automating complex exploitation workflows, he loves the technical challenges that come with the work.
When he’s not pen testing or chasing bounties, you’ll find him competing in CTFs, building new security tools, or experimenting with techniques that push the boundaries of what’s possible.
Anmol is a Senior Security Consultant at NetSPI with a strong focus on Web, API, AI/ML, and Network penetration testing, as well as Attack Surface Management and offensive security automation. Over the years, he has contributed to the security of 50+ organizations through VDPs, uncovered multiple CVEs, and helped strengthen the cybersecurity community by co-founding initiatives like the CIA Conference and OWASP Chandigarh. As an enthusiastic open-source builder, Anmol has created tools such as WayBackLister, ThreatTracer, and The Time Machine, which together have earned over 1K+ stars on GitHub. His work blends red teaming excellence with a passion for crafting tools that drive impactful security assessments.
Anmol has presented his work at major security events such as multiple BSides Conferences, Defcon LA, and more.
Short description of the talk
TheTimeMachine is an offensive OSINT and bug bounty recon suite that revives forgotten endpoints from the past using the Wayback Machine. Designed for red teamers, CTF players, and bounty hunters, it automates historical data mining, subdomain extraction, parameter harvesting, and endpoint fuzzing for vulnerabilities like XSS, open redirect, LFI, and SQLi. The suite also integrates a powerful JWT analysis engine to extract, decode, and highlight juicy fields from tokens hidden in archived URLs. TheTimeMachine also hunts leaked archives and even verifies whether archived snapshots are still live. With colorful terminal output, modular CLI tools, and support for custom wordlists, this tool resurrects the buried past to exploit the forgotten future. Dead links don’t die here‚ they just get reconned harder.
Explain the talk to us
Modern reconnaissance tools focus almost exclusively on live assets, leaving a massive blind spot in historical attack surfaces. Yet, archived content often reveals forgotten parameters, deprecated endpoints, exposed tokens, and legacy vulnerabilities that remain exploitable today. This session introduces TheTimeMachine, an offensive security suite designed to leverage the Internet Archive (Wayback Machine) as a powerful source for temporal OSINT exploitation.
The presentation will walk attendees through the lifecycle of resurrecting old attack vectors: fetching and filtering archived URLs, extracting subdomains and parameters, exposing JWT tokens, and fuzzing endpoints for XSS, SQLi, LFI, and other injection points. We will demonstrate how expired snapshots and legacy files (e.g., .zip, .sql, .pdf) often contain sensitive information overlooked by traditional scanners.
Unlike conventional recon workflows, TheTimeMachine integrates multiple modules into a single CLI with both automation and interactive navigation, making it suitable for red teamers, bug bounty hunters, and security researchers. Real-world case studies will be shared where archived data led to impactful findings, showcasing how attackers exploit the “forgotten web.”
By the end of the session, attendees will understand how to operationalize temporal OSINT within their own workflows, build custom wordlists and fuzzing payloads against legacy content, and integrate this approach into broader red team or penetration testing engagements. The key takeaway: history doesn’t disappear online—it lingers in archives, and learning to weaponize it gives security professionals an edge against adversaries who already do.
12:15 - 12:55Fast & Furious? How Cars Became Computers on Wheels (and Everything Got Complicated) By Annika Wagenbauer
Annika Wägenbauer is an international cybersecurity expert, known for her inspiring, practical and unconventional talks. She blends technical expertise with interdisciplinary insights, making complex topics accessible, relatable and relevant to diverse audiences.
With Cybersecurity Redefined, Annika did more than start a company – she launched a movement. Her mission is to rethink cybersecurity, make it understandable and design it to be truly accessible – for organizations, society and everyone. She shows that IT can be meaningful, impactful and deeply human.
Annika is actively involved in European and global forums, including the World Economic Forum, the EU CyberNet Community, and the European Energy-ISAC. She currently serves as Chair in the leadership team of the International Nuclear Security Education Network at the IAEA.
Her academic background spans international security, international law and European politics and economics. Having lived, studied, and worked in nine countries and speaking eight languages, she brings a global, multicultural perspective. Her experience in the German automotive industry, at a research institute, and in a boutique consultancy positions her as an effective bridge between business, policy and academia.
In keynotes and panels, Annika emphasizes the human side of cybersecurity, the value of diversity in tech and the integration of ethics and legal philosophy into security and digital innovation. She actively promotes the visibility and participation of women in cybersecurity through roles with the European Women4Cyber Foundation, She@ISACA and her own team.
Annika has received multiple awards for her academic achievements and her start-up. She is also a mother of two young daughters, showing that career and family can go hand in hand. In short, she drives change beyond her company, giving cybersecurity a new face: female, empathetic and forward-thinking.
Short description of the talk
Join Annika Wägenbauer for this uniquely interactive talk exploring the world of cybersecurity in the automotive industry. From her journey at Porsche to tackling phishing attacks, she’ll show why cyber is becoming critical for modern vehicles. Test your instincts in a live quiz featuring real-life automotive incidents – remote car takeovers, mysterious malfunctions and more – and decide: cyberattack, technical fault or just bad luck? Learn how cars evolved into computers on wheels and why understanding the human side of cybersecurity matters more than ever.
Explain the talk to us
In this interactive talk/mini workshop, I’ll take participants on a journey through the rapidly evolving world of automotive cybersecurity. I’ll start by sharing my own path – from working in the German automotive industry at Porsche to facing real-world cyber challenges – showing why cybersecurity has become a critical issue for modern vehicles.
The session is hands-on and engaging. I’ll present real-life automotive incidents (from cars being taken over remotely to mysterious malfunctions) and challenge the audience to decide: was it a cyberattack, a technical fault or just bad luck? Through this quiz, participants will see firsthand how complex, connected systems can fail and how human intuition, ethics and awareness are essential in navigating these risks.
My goal is to make cybersecurity tangible and relevant. Attendees will leave with a clear understanding of why cars are no longer just mechanical machines but computers on wheels, why security matters at every level and how human decisions (not “just” tech) can make all the difference. This session is ideal for tech enthusiasts with a sweet spot for sports cars or anyone curious about the intersection of technology, safety and real-world impact.
12:55 - 13:55Lunch Break By Miss Protein
13:55 - 14:35Lessons learned from USB Linux Kernel Fuzzing in Automotive Infotainment By Danilo Erazo
Danilo Erazo is Security Researcher at PCA Cybersecurity from November 2025. He has experience in developing electronic devices, pentesting, software development, reverse engineering and hardware hacking. He has reported critical vulnerabilities to KIA Corporation, Suzuki, MiccAuto, KIA Ecuador, Realtek Semiconductor Corp and many Latin American Banks. He is part of the DEFCON CHV. Danilo is the organizer of the Car Hacking Villa at Ekoparty (Argentina) and at HackGDL (Mexico), he is the founder of the conference PWNORDIE in Ecuador. He has been a speaker at Secure Our Streets 2025, DEFCON33, DEFCON32, Recon 2025, Hardwear USA 2025, Ekoparty 2023, 2024, 2025, Bsides Colombia 2024, 2025, SAS 2025, etc. He also shares content about Hardware Hacking and Pentesting in his YouTube Channel @revers3everything
Short description of the talk
Automotive infotainment systems rely on customized Linux kernels that are often years behind mainline, heavily stripped down, and maintained through selective backporting. USB remains one of the most exposed physical attack surfaces, yet its real world exploitability in embedded automotive environments is still poorly understood.
This talk presents a hands on study of fuzzing the Linux USB kernel stack in automotive infotainment systems using syzkaller. We describe the setup of a raw USB gadget using a Raspberry Pi 5 and the deployment of syzkaller in isolated, reproducible, and code-coverage-enabled modes against real vehicle head units. In parallel, we analyze known USB Drivers CVEs which are very interesting.
Through various real world demos across different vehicle models, we show what actually crashes, what does not, and why many upstream USB kernel vulnerabilities fail to reproduce on embedded automotive kernels. The talk concludes with practical lessons on fuzzing effectiveness, kernel version assumptions, vendor backporting, and realistic assessment of USB attack surfaces in modern vehicles.
Explain the talk to us
I sent the Slides of the talk in PDF format to “[email protected]” with the title “BSIdes talk: Lessons learned from USB Linux Kernel Fuzzing in Automotive Infotainment”. Anyway, here is the explanation of my talk:
USB is a deceptively simple interface and one of the most misunderstood attack surfaces in automotive infotainment systems. While Linux kernel USB vulnerabilities frequently appear in upstream advisories, reproducing them on real head units often yields unexpected results: no crashes, no logs, and no visible impact.
In this talk, we walk through a research driven methodology for fuzzing the Linux USB kernel stack in automotive environments and explain why theory often diverges from practice.
We begin with the motivation behind targeting USB in automotive systems, discussing realistic threat models, physical access assumptions, and why USB remains relevant despite increasing hardening. We then break down the Linux USB kernel stack, focusing on host-side enumeration, descriptor parsing, class drivers, and where fuzzing is most effective.
Next, we introduce syzkaller as a kernel fuzzing framework and explain how it can be adapted for embedded automotive targets. A significant portion of the talk covers the hardware and software setup, including how to configure a Raspberry Pi 5 as a raw USB gadget capable of emulating malicious USB devices for fuzzing campaigns.
The core of the talk focuses on fuzzing real automotive infotainment systems:
Using syzkaller manager in isolated mode to safely test head units
Demonstrating live fuzzing sessions against a first vehicle model
Running syzkaller in reproducible mode to validate crashes (or the lack thereof) across multiple car models
Enabling KCOV-based code coverage to understand which USB code paths are actually reachable in vendor kernels
Multiple video demos showcase fuzzing campaigns across different vehicle models, highlighting differences in kernel configuration, USB stack exposure, and crash behavior.
We conclude with results and lessons learned, addressing questions such as:
Why many upstream USB kernel bugs do not reproduce on automotive kernels
How stripped-down drivers and missing subsystems change the attack surface
What backporting really means for vulnerability research
When USB fuzzing is worth the effort and when it is not
Finally, This talk is aimed at automotive security researchers, kernel hackers, and embedded security practitioners who want a realistic, experience backed understanding of USB fuzzing in vehicles and in cellphones as well, not just theory, but what actually works in the field and I will show my results, conclusions and lessons learned in this interesting research.
Sources:
All about syzkaller fuzzer:
https://github.com/google/syzkaller/tree/master
External fuzzing of USB drivers with syzkaller:
https://www.youtube.com/watch?v=VC3m2Mbk9-Y&list=PL0xCSYnG_iTuHE6Epx8P7Jnw4YxN5Hk5r&index=65
Paper with CVEs in USB kernel drivers with FUzzUSB:
https://lifeasageek.github.io/papers/kyungtae-fuzzusb.pdf
14:40 - 15:00How is eBPF powerful with XDR? By David Papp
David Papp is a serial entrepreneur and cybersecurity leader. He’s the CEO & Founder of Gen0Sec, building a next-generation AI-powered XDR platform, and Co-Founder of OpenShield, securing AI/LLM applications. Previously, he co-founded Recart (scaled to handle massive e-commerce traffic) and led engineering at Bitpanda. With 13+ years in tech spanning infrastructure, data engineering, and security, David combines deep technical expertise with a founder’s vision. Angel investor and FinOps Foundation member.
Short description of the talk
Discover how eBPF transforms Extended Detection & Response from the kernel up. This talk explores real-world implementations of XDP-based packet filtering, JA4+ fingerprinting, and mandatory access control—demonstrating 10-100x performance gains over traditional userspace security solutions. Live demos from Gen0Sec’s open-source Synapse and Jailer projects show kernel-native threat detection and process jailing in action.
Explain the talk to us
Traditional XDR solutions operate in userspace, copying packets across kernel boundaries and adding latency at every inspection point. What if we could detect and block threats before they ever leave the kernel?
This talk demonstrates the power of eBPF for building next-generation XDR platforms through two open-source projects:
Synapse — An eBPF-powered reverse proxy and firewall featuring:
XDP packet filtering at kernel level with sub-millisecond response times
Complete JA4+ fingerprinting suite (JA4, JA4H, JA4T, JA4L, JA4S, JA4X) for advanced threat identification
TCP SYN fingerprinting for behavioral analysis
Dynamic access rules updated in real-time via BPF maps
Wirefilter expression engine for complex threat detection
Jailer — An eBPF-based mandatory access control (MAC) system providing:
Process jailing using BPF task_storage maps
Role-based policies enforcing file access, network operations, and exec controls
Jail inheritance across fork/exec boundaries
Daemonless mode for minimal attack surface
Key Takeaways:
Why kernel-native security delivers 10-100x performance vs. userspace alternatives
Practical patterns for XDP packet filtering and LSM hooks
How to build dynamic, updateable security policies with BPF maps
Combining network-level XDR with process-level MAC for defense in depth
Live Demos: Watch real attacks get blocked at kernel level—path traversal, command injection, and reverse shells stopped before they execute.
15:05 - 15:25The Unexpected Side of AI: Extreme Cost Risk on Hyperscalers By Zsolt Balogh
Balogh Zsolt is a technology and information security leader based in Budapest, currently leading TechOps at Liferay (IT, Information Security, and AI Innovations). He focuses on building resilient, scalable programs for modern SaaS and cloud environments—spanning security governance, incident readiness, and operational risk management.
Recognized as Hungary’s “Information Security Leader of the Year,” Zsolt is known for connecting executive decision-making with hands-on engineering reality. His recent work centers on practical AI adoption and the risks that come with it, including hyperscaler cost attacks and “bill shock” incidents where spend can escalate faster than controls and billing signals can react.
As a speaker, he delivers candid, story-driven sessions with concrete takeaways—guardrails, checklists, and decision frameworks that teams can apply immediately.
Short description of the talk
AI introduces a new kind of security incident on hyperscalers: cost can explode faster than billing data, alerts, or existing guardrails can react. A single “low-risk” PoC project—especially with an over-privileged service account and a leaked token—can ramp to six-figure spend before you even see it. The talk shares an incident-driven playbook and practical controls to limit AI spend blast radius (service enablement restrictions, least-privilege IAM, quotas, budgets/anomaly detection, and a cost-incident runbook).
Explain the talk to us
This year we had a $600k incident where a leaked service account key of a PoC project was used by Chinese website to resell our tokens. In my presentation, I’ll quickly walk through the audience how it unfolded and what we have learned: it looks like hyperscalers release new models without quota controls and you really need to be on top of your game to be able to prevent such incidents. During our investigations, we have found single individuals having more than $100k spend on their test project.
15:30 - 16:10Ignition Under Fire – Exploring Cybersecurity Attack Vectors in Rocket Propulsion By Paul Coggin
Paul Coggin is a recognized cybersecurity expert at nou Systems, Inc., specializing in solving complex problems at the convergence of space, digital energy, telecommunications, cyber-physics, and cybersecurity. His expertise spans space systems, service provider networks, ICS/SCADA infrastructures, and digital energy. With extensive experience in network architecture, vulnerability analysis, and penetration testing, Paul has led security assessments for critical infrastructure across various sectors, including aerospace, energy, service provider, financial and tactical networks. A frequent speaker and instructor at international conferences, he shares insights on advanced cybersecurity topics. Paul holds multiple advanced degrees—BS in Mathematics/Computer Science, MS in Space Systems, MS in Systems Management, MS in Information Assurance and Security, and MS in Computer Information Systems—along with numerous industry-recognized certifications.
Short description of the talk
The increasing reliance on digital systems in modern rocketry, from design and manufacturing to launch operations and in-flight control, introduces significant cybersecurity vulnerabilities. Presentation, “Ignition Under Fire,” by Paul Coggin, explores the diverse attack vectors targeting rocket propulsion systems, examining potential consequences ranging from mission delays and data breaches to catastrophic failures. We will analyze the complex interplay of software, hardware, and network components within propulsion systems, identifying key weaknesses susceptible to exploitation. The presentation will delve into specific attack scenarios, software manipulation, sensor spoofing, and network intrusion, highlighting the potential impact on critical rocket equation parameters like delta V, thrust, fuel flow, and combustion stability. Furthermore, we will discuss the unique challenges in securing these complex systems. We will explore how a Zero Trust architecture can be implemented to enhance security by enforcing strict access control, micro-segmentation, and continuous authentication and authorization throughout the propulsion system.
Explain the talk to us
Link to copy of presentation for review.
https://drive.google.com/file/d/1YApYqNsHVFEZ3id0qSl5DoFYluhp8j9i/view?usp=share_link
Sources:
The presentation at the g-drive link provided provides detailed source references.
16:10 - 16:25Tea Break By Mr. T
16:25 - 17:05How Can I Steal Your Data with Azure Private Endpoints By Otto Gudszent
I’m a techy guy who love new technologies, learns how these things work… Over the years of IT experience help me map relevant cloud technologies to our customer’s IT and business needs.
I have worked in many different roles, thanks to it, I can work well with different areas. I like cross-role tasks that require strong knowledge from network to system or application operation
🕵️My current focus is on Azure Core solutions, including Networking, Private Endpoints, Azure Policy, and Automation. I am now expanding my knowledge to include cybersecurity.
🏆Recognized as a Microsoft Most Valuable Professional (MVP) in the Microsoft Azure category since 2023.
Short description of the talk
Azure Private Endpoints are a powerful tool for enhancing network security when implemented correctly. However, like any technology, they can be exploited for malicious purposes if not properly managed.
In this session, I’ll showcase how attackers might misuse private endpoints and, more importantly, provide precise solutions to protect your systems against these vulnerabilities. Additionally, I will share my knowledge about Azure Cloud networking, including the most critical aspects to check before going into production and much more.
Takeaways:
• Gain a deeper understanding of what happens under the network hood.
• Learn proper solutions to defend your infrastructure effectively.
• Private Endpoint and DNS relation
• Automation with Azure policy
Explain the talk to us
No marketing slides here,just pure networking and how packets actually move. While Private Link is pitched as a “secure perimeter” tool, it’s really just a way to poke holes in your VNet that the Azure Portal tries to hide. In this session, we’re going deep into the Azure Virtual Network and the Microsoft Global Backbone to see how “private” these connections really are. We will look at what happens at the network interface level, which can be a massive pain point.
We’ll start by dissecting the InterfaceEndpoint next-hop type. I’ll show you how Azure injects /32 host routes into your VNet that effectively “ghost” past your central firewalls and appliances. If you think your UDRs are catching all internal traffic, you’re in for a surprise these backbone-level routes often take priority, creating invisible lanes for lateral movement.
What we’ll cover:
• The Routing Hijack: How the /32 host route overrides your security stack, allowing traffic to bypass Firewalls.
• Backbone: Exploiting Private Link Service (PLS) aliases to map internal resources across different tenants via the Microsoft backbone.
• The Policy Gap: Why NSGs are often blind to Private Link traffic by default and how to fix the “Network Policies” toggle that everyone forgets.
• Stealth Exfiltration: Using an attacker-owned endpoint to tunnel data out of a locked-down VNet without ever hitting the public internet.
• Service Endpoints: Why it is so dangerous to use these services.
This is a no-fluff session for anyone who wants to see how the backbone really functions and why “private” doesn’t always mean “secure.” Depending on the requirements, we can dive into level 200, 300, or even 400, but that is usually too much.
I can present this in English or Hungarian, whichever you choose.
17:10 - 17:30Crash One – A StarBucks Story (CVE-2025-24277) By Csaba Fitzl & Gergely Kálmán
I graduated in 2006 as a computer engineer, then worked for 6 years as a network engineer, troubleshooting and designing large networks. Following that, for 8 years I enjoyed being a blue and red teamer focusing on network forensics, malware analysis, adversary simulation, and defense bypasses. I was the lead content developer of the “macOS Exploitation and Penetration Testing” training at OffSec. Currently I’m working for Kandji doing vulnerability research and improving EDR detections. In the last 6 years my primary focus is Apple’s macOS and doing Apple vulnerability research as a side hobby. I gave talks and workshops at various international IT security conferences, including Hacktivity, BlackHat, Troopers, SecurityFest, DEFCON, and Objective By The Sea.
Coder / hacker / freelancer / entrepreneur. I love to break stuff. Currently running my own consultancy firm.
Short description of the talk
On a cold, sunny autumn day, we sat down with Gergely in a Starbucks to barinstorm a few ideas for vulnerablity research. We quickly found out that we both identified a vulnerability which we both thought was not possible to exploit. While we talked through it, we realized that it might be possible, and that is when our journey started in developing an exploit. We will walk through the entire exploit development process, and how we managed to overcome each obstacle one by one. In our talk we will cover sandbox extensions, XPC calls, reverse XPC calls, ACL inheritance and file system race conditions. This was all needed to gain LPE and escape the sandbox using a vulnerability in osanalyticshelper, which is now identified as CVE-2025-24277.
Explain the talk to us
Detailed outline:
Part 1: Intro to osanalyticshelper, and the vulnerablity. The basic vulnerability was that a process running as root, wrote a file (crash log) into a user controllable location. We will cover why we thought it was not exploitable when trying to exploit it, and also by reading the process’ sandbox profile.
Part 2: We will take another look at the sandbox profile, and discuss sandbox extensions. We will review what are they, and why it enabled us to start working on the exploit itself. We will walk through how could we get osanalyticshelper to apply the sandbox extension we supplied to it by using XPC calls to the process and how that also allowed us to control the target file name being written.
Part 3: Although the sandbox extensions enabled us writing files in other places, the process deleted the created files if it could not make a reverse XPC call to our process. We had to overcome that next by setting up a custom XPC service and answer the call.
Part 4: Now that we could finally create a file, its location was still fixed but we still had to drop it to our location of choice (/etc/sudoers.d in our case) with the permissions of our choice. This is where ACL inheritance came handy and for ultimate destination control we also had to win a file system rename operation to achieve full LPE.
Part 5: In the last part we will cover under which condition this vulnerablity enabled us escaping the sandbox, and how using the fseek system call allowed us writing to a file from the sandbox without the quarantine flag being applied.
17:35 - 18:15Click. Plug. Compromise: A case study of a malware-infected camera By Diyar Saadi
Diyar Saadi Ali is a cybersecurity expert specializing in cybercrime investigations, SOC operations, and malware analysis. A certified MITRE ATT&CK Contributor and CVE discoverer (including CVE-2024-25400 and CVE-2024-25399), Diyar helps organizations defend against evolving digital threats. They have spoken at major international events including BlackHat MEA in Saudi Arabia, DeepSec in Vienna, COSAC in Ireland, VulnCon in India, and Arab Cyber Security Conference in Egypt. Diyar’s expertise and global experience continue to inspire and lead in the cybersecurity community.
Short description of the talk
Digital forensics plays a critical role in malware analysis by revealing execution traces, persistence mechanisms, and attacker behavior that may not be visible through static or dynamic malware analysis alone. This talk focuses on forensic artifacts from a malware analyst’s standpoint, emphasizing how Windows artifacts can be used to reconstruct attacker activity, validate malware execution, and correlate events across the system.
The session begins with a brief overview of digital and computer forensics, followed by an explanation of the forensic investigation lifecycle as it applies specifically to malware analysis. Core forensic artifacts such as registry keys, event logs, file system metadata, and execution traces are introduced with an emphasis on their evidentiary value during incident response and post-compromise investigations.
Attendees will gain deep insight into execution artifacts including Prefetch, UserAssist, BAM, AmCache, PCA, PowerShell history, Windows Defender logs, Scheduled Tasks, Startup entries, and USB device history. The talk also covers registry-based persistence mechanisms, Windows Event Logs including EID 4688, EID 4104, and Microsoft Office alert events, as well as Sysmon telemetry with practical guidance on installation, configuration, and monitoring.
The session concludes with a demonstration of modern forensic tools such as Artifast Suite, OSForensics, Registry Explorer, and FTK Imager, highlighting real-world case analysis from prefetch data, pagefile artifacts, and USN Journal entries. Attendees will leave with actionable knowledge to efficiently collect, analyze, and interpret forensic artifacts in support of malware investigations.
Explain the talk to us
This talk explores the pivotal role of digital forensics in modern malware analysis, emphasizing how forensic artifacts can uncover attacker activity, persistence mechanisms, and system modifications that are often invisible through conventional static or dynamic malware analysis. By combining forensic insight with malware investigation, analysts can reconstruct the sequence of malicious events, validate malware execution, and correlate activity across a compromised system.
The session begins with a concise overview of digital and computer forensics principles, framing the discussion within the context of malware investigations. The forensic investigation lifecycle—spanning acquisition, preservation, analysis, and reporting—is discussed specifically as it applies to analyzing malware infections. Attendees will gain an understanding of how forensic methodology complements traditional malware analysis by revealing hidden execution traces and persistence techniques.
Core Windows forensic artifacts are introduced, with technical emphasis on their evidentiary value. These include registry keys, event logs, file system metadata, execution traces, and system telemetry. The talk covers execution artifacts such as Prefetch files, UserAssist data, BAM (Background Activity Monitor), AmCache, PCA logs, PowerShell history, Windows Defender logs, Scheduled Tasks, Startup entries, and USB device history. Additionally, registry-based persistence mechanisms and critical Windows Event Log entries—EID 4688 (process creation), EID 4104 (PowerShell script execution), and Microsoft Office alert events—are explored in detail. The discussion also extends to Sysmon telemetry, with practical guidance on installation, configuration, and monitoring for malware activity detection.
To translate theory into practice, the session includes demonstrations using modern forensic tools such as Artifast Suite, OSForensics, Registry Explorer, and FTK Imager. Real-world case analysis is illustrated through artifacts like Prefetch files, pagefile remnants, and USN Journal entries, showing how these can be leveraged to reconstruct attacker activity and support post-compromise investigations.
Attendees will leave with actionable knowledge, including the ability to efficiently collect, analyze, and interpret Windows forensic artifacts to validate malware execution, trace attacker behavior, and enhance incident response. This talk is particularly valuable for malware analysts, incident responders, and forensic practitioners seeking to bridge the gap between malware analysis and system-level forensic investigation.
Sources:
Digital Forensics Fundamentals
These resources introduce the basic principles of digital and computer forensics:
Books:
Guide to Computer Forensics and Investigations by Bill Nelson, Amelia Phillips, and Christopher Steuart – covers the forensic investigation lifecycle, evidence handling, and analysis.
Computer Forensics: Investigating Network Intrusions and Cybercrime by EC-Council – focuses on practical investigation methodology.
Online resources:
SANS Digital Forensics and Incident Response (DFIR) Reading Room: https://www.sans.org/white-papers/digital-forensics/
Free whitepapers and tutorials covering forensic basics and Windows-specific investigations.
NIST Special Publication 800-101: Guidelines on Mobile Device Forensics (also contains relevant sections on evidence handling for Windows systems)
- Windows Forensic Artifacts
To understand how Windows logs and system metadata reveal attacker activity:
Books:
Windows Forensic Analysis Toolkit by Harlan Carvey – considered a must-read for Windows forensic artifacts, including Prefetch, AmCache, UserAssist, Registry, and Event Logs.
The Art of Memory Forensics by Michael Hale Ligh, Andrew Case, Jamie Levy, and AAron Walters – focuses on volatile memory but also touches on persistent artifacts useful in malware investigations.
Online resources:
Harlan Carvey’s blog (Windows Incident Response): http://windowsir.blogspot.com/
SANS FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics course materials (especially Windows artifact guides)
- Malware Analysis Basics
To understand the behavior and persistence mechanisms of malware:
Books:
Practical Malware Analysis by Michael Sikorski and Andrew Honig – a hands-on guide to analyzing malware in both static and dynamic ways, with sections relevant to artifacts left on Windows systems.
Online resources:
Malware Traffic Analysis: https://www.malware-traffic-analysis.net/
– free labs and PCAP files for practice.
Hybrid Analysis & VirusTotal – for observing malware samples and execution patterns.
- Windows Event Logs and Sysmon
Understanding system telemetry and process activity:
Microsoft Docs: Windows Security Logging
– official guidance on Event IDs and audit logging.
SwiftOnSecurity blog: https://www.swiftonscurity.com/
– practical Sysmon guides and examples for forensic investigations.
Sysmon Tool: https://learn.microsoft.com/en-us/sysinternals/downloads/sysmon
- Practical Tools
Hands-on practice with forensic tools enhances learning:
Free / Trial Tools:
FTK Imager – disk imaging and forensic artifact exploration.
OSForensics – registry and file system artifact analysis.
Registry Explorer – in-depth registry analysis.
Artifast Suite – specialized forensic artifact examination (commercial, trial available).
Tutorials:
Forensic Focus: https://www.forensicfocus.com/
– guides, tool reviews, and case studies.
SANS DFIR Blog: https://digital-forensics.sans.org/blog
- Hands-On Labs
REMnux – Linux-based toolkit for malware analysis and forensic investigation.
Flare VM – Windows-focused virtual machine preconfigured for malware analysis and forensic practice.
Practical labs in Practical Malware Analysis book or SANS FOR508 course.
- Workshop room
09:00 - 11:00Unveiling the obscurity – Decrypting agent-server communications By Jorge E.
Jorge is a Pentester at NATO Communications and Information Agency. He has a degree in Mathematics and a Master’s in Cybersecurity. He has worked as a pentester for several years and has spoken at several conferences in his home country (Spain), such as RootedCON, Jornadas CCN, Hackplayers and Euskalhack. His main objective is to share as much as possible with the community about his researches or findings.
Short description of the workshop
Usually, as a pentester or a defender, when it comes to agent-server communications, we always struggle to intercept the data shared between peers. Sometimes, vendors include MITM support or provide an option to disable encryption. However, this is not as common as one might expect. Security by obscurity is still a thing and cannot be easily defeated. Nevertheless, as pentesters, finding workarounds is our job — and that’s the goal of this workshop.
During the workshop, attendees will:
– Get a clear overview of the different encryption mechanisms used in the wild (HTTP, HTTPs, TCP, TLS over TCP, mutual TLS).
– Learn how to circumvent each of them based on the characteristics of the binary and the protocols used:
– Is the binary using HTTP or TPC?
– Is it a Golang compiled?
– Can we use our own self-signed certificate?
– If not, do we have access to the legitimate CA?
– Use Frida to dig deeper into more complex situations like mutual TLS.
– Learn by practicing with custom binaries per protocol.
– Obtain a mindmap for each scenario to speed up their tests – Intercept fast, test faster!
– Apply this mindmap for facing a real world tool like Sliver (C2 framework).
If time permits, an extra binary will be launched at the end of the workshop as a miniCTF challenge.
Explain the workshop to us
The workshop is divided in two main sections: theory and practice.
Theory covers a clear overview of the different encryption mechanisms used in the wild (HTTP, HTTPs, TCP, TLS over TCP, mutual TLS). Tools that can be used based on the challenge faced: Burp for HTTP and HTTPs, MITM Proxy for TCP and TLS over TCP. Frida + API Monitor for mutual TLS.
Practice covers hands-on examples of custom binaries. We will see how to intercept the traffic of all the provided examples and how it can be modified too (MITM Proxy + scripts or Frida hooking + scripts). We will also cover an edge case when targetting Golang binaries (patching the binary to avoid precompiled certificate validation + complexity of hooking Golang binaries with Frida). Finally, I will provide a mindmap which will be used to intercept Sliver communications. This example is quite good to summarize the workshop. We will face a real word tool, we will see the limitations we have (Golang binary = extremely complex to hook with Frida/any debugger) and the options available to intercept it easily (If we have access to the CA, we can intercept the traffic).
Theory is a pain, but it’s necessary to establish a foundation for practice. Based on my experience, it´s quite complex to keep everybody focused while doing such a technical training (no matter the complexity of the topic). As such, I like providing all the information covered in the slides so I can focus on solving the exercises there. This way, they can see how I struggle with issues, my process of thinking and even my mistakes. If someone wants to do it during the workshop, we can do it together. Otherwise, they can just follow along and review the notes (slides) afterwards. Preferably, the second option is best, as we are time‑restricted.
If time permits and participants are interested, I have prepared a crafted binary (TLS over TCP with payload encryption) for a small CTF.
Sources:
This post is a great example of what is going to be covered during the talk but not limited to: https://infosecwriteups.com/intercepting-thick-client-tcp-and-tls-traffic-72fab07fffe7
10:50 - 11:05Coffee Break By Mr. Caffeine
11:00 - 13:00Unpacking the Bundle: Weaponizing Webpack & Source By José Emiliano Perez Garduño
Emiliano Pérez is a Security Consultant specializing in Web Application Security. With a focus on client-side vulnerabilities and secure code development, Emiliano has spent years analyzing how modern development stacks introduce new attack surfaces.
Passionate about bridging the gap between DevOps and OffSec, he regularly contributes to the community through talks and sharing knowledge on how to detect and remediate issues.
Short description of the talk
This workshop explores the overlooked attack surface of modern JavaScript bundlers (Webpack, Vite, Parcel) and demonstrates how they frequently become a goldmine for sensitive information disclosure. While developers focus on server-side security, the “build pipeline” often suffers from Insecure Design (OWASP A04:2021). By failing to segregate development artifacts from production environments, organizations expose source maps (.map files) and unminified bundles to the public internet.
Explain the talk to us
Modern Single Page Applications (SPAs) rely heavily on bundlers like Webpack, Vite, and Parcel to package dependencies and business logic. However, the transition from development to production often fails to strip critical metadata, leading to massive information disclosure. In this workshop, I will dissect the internal structure of JavaScript bundles and the associated Source Map standard. We will look specifically at how the devtool configuration in webpack.config.js impacts the final artifact and why developers frequently leave full source recovery enabled by mistake so that attendants now how to perform this techniques on their own engagements using a live demo.
From a technical perspective, we will analyze the JSON structure of .map files, specifically targeting the sourcesContent field, which usually holds the original, unminified source code. I will demonstrate how to automate the retrieval of these maps even when they are not explicitly linked via the //# sourceMappingURL comment, using heuristic analysis of the main bundle. Once the source tree is reconstructed, we will use static analysis (AST parsing) to hunt for high-entropy strings (secrets) and internal API routes that represents a significant risk.
Finally, I will share a custom script that can aid in the rapid identification of these leaks during red team engagements, ensuring attendees leave with practical tools to secure their environments and development pipelines.
Sources:
Web Application Penetration Testing, JavaScript, WebPack, Sensitive information disclosure
12:55 - 13:55Lunch Break By Miss Protein
14:00 - 16:00Knight Moves in Kernel Space: A Chess Match Against EDR By Aryan Jogia
Aryan is a senior security researcher specializing in the intricate dance of offensive evasion and defensive bypass. With nearly six years of focused experience, including a tenure with the Government of India, he dissects modern AV and EDR systems by targeting their core architectural assumptions on Windows and nix platforms. His deep work in malware development and low-level programming fuels the creation of advanced tooling for red team engagements, where he has successfully navigated fortified environments. An avid contributor to the community, Aryan has shared his findings at venues including WildWest Hackin’ Fest, The Hack Summit, and CarolinaCon, and has led technical training sessions at BSides events. His research extends to pioneering fuzzing implementations and automation, constantly pushing the boundaries of what’s possible in security research.
Short description of the workshop
Abstract: “The Adversary’s Blueprint: Dismantling Windows Security from Hook to Kernel”
Modern security tools are fortresses built on Windows’ own architecture. This advanced talk provides the blueprint to dismantle them. We move past basic concepts to dissect the critical differences between AVs and EDRs, then map the Windows user/kernel ecosystem that forms our battlefield.
The core is a live technical deep dive into a complete evasion chain. Learn to blind telemetry via ETW Patching, execute stealthy operations with Module Stomping and Call Stack Spoofing, craft direct system calls using Hells & Halos Gate, and seize ultimate control through BYOVD attacks.
This is the red team playbook for blue team defenders. You will gain a foundational understanding of the Windows internals that enable these bypasses, equipping you to build truly resilient defences.
Explain the workshop to us
Abstract: “The Adversary’s Blueprint: Dismantling Windows Security from Hook to Kernel”
Modern security tools promise a fortress—but what if the blueprint to bypass them is hidden in Windows’ own architecture? This talk isn’t about scanning for vulnerabilities; it’s an advanced masterclass in weaponizing the OS against itself. We move beyond theory into the gritty reality of modern offensive security.
We begin by dissecting the core of AV and EDRs, exposing the critical differences that define today’s detection landscape. Then, we dive into the Windows ecosystem, mapping the user/kernel divide and API interactions that form the battlefield. The core of our journey is a live, technical deep dive into the art of complete evasion. We’ll systematically dismantle detection layers: learn to blind telemetry via ETW Patching, execute ghost operations with Module Stomping and Call Stack Spoofing, craft direct system calls using Hells & Halos Gate, and ultimately seize kernel control with BYOVD attacks.
This is a red team perspective for blue team defenders. You’ll leave not just with a checklist of techniques, but with a fundamental understanding of the Windows internals that make them possible. We provide the adversary’s playbook so you can build better defenses. Join us to see the endpoint security model taken apart—and learn what truly makes it resilient.
Course Outline
Course Outline:
1. What are AV and EDRs ?
a. What is an AV?
b. How does an AV work ? – General Overview
c. What is an EDR ?
d. How does an EDR work ? – General Overview
e. But how are they different ?
2. Prerequisites
3. The Windows Ecosystem
a. Windows OS architecture
b. Let’s Interface – Windows API Overview
c. Windows OS architecture : User/Kernel Mode
4. Detection Techniques
a. Getting Hooked! – Hooking Overview
i. Import Address Table (IAT) Hooking
ii. Inline Hooking
5. Bypassing AV and EDRs
a. ETW Bypassing
b. Hell’s Gate
c. Halo’s Gate
d. Module Stomping
e. Call Stack Spoofing
f. BYOVD
6. POC
7. Conclusion
8. References
Key Takeaways:
1. Modern EDR evasion targets Windows architecture, not just scans.
2. Master the attack chain: from memory tricks (Module Stomping) to kernel attacks (BYOVD).
3. Learn to bypass hooks via direct syscalls (Hells/Halos Gate) and blind logs (ETW Patching).
4. Use this red team playbook to build stronger, behavior-focused blue team defenses.
- Hack the planet
08:45 - 09:00Opening Ceremony By Lilla Szervátiusz
09:00 - 12:55Hack Center / Cyber Islands / WLWYB By The Community
12:55 - 13:55Lunch Break By Miss Protein
13:55 - 18:15Hack Center / Cyber Islands / WLWYB By The Community
18:15 - 18:25Closing Notes By Attila Marosi
Recent News
What is Happening Lately
🔐 Dive into #BSidesBUD2026’s line-up and talks
BSidesBUD 2026 — Speaker Announcement
Tobias SchrödelComedy hacker
This is how the computer magazine CHIP described the accomplished IT specialist and professional speaker on hacking – because Schroedel has the unique ability to explain the depths of complex IT systems, the methods of hackers and dry data protection requirements in a simple and easily understandable way, even for non-technical audiences.
His trademark: fun is never neglected – in his entertaining talks full of aha moments, humour shines through every bit and byte.
Trained IT specialist, international IT solutions and security concepts, "Computer Science Expert" in a globally operating IKT corporation – and widely known to the public through his appearances on stern TV and his successful podcast "Ich glaube, es hackt!"
Tobias SchrödelComedy hacker
This is how the computer magazine CHIP described the accomplished IT specialist and professional speaker on hacking – because Schroedel has the unique ability to explain the depths of complex IT systems, the methods of hackers and dry data protection requirements in a simple and easily understandable way, even for non-technical audiences.
His trademark: fun is never neglected – in his entertaining talks full of aha moments, humour shines through every bit and byte.
Trained IT specialist, international IT solutions and security concepts, "Computer Science Expert" in a globally operating IKT corporation – and widely known to the public through his appearances on stern TV and his successful podcast "Ich glaube, es hackt!"
Zsolt BaloghVP of TechOps
I am a results-oriented leader passionate about driving innovation, operational excellence, and empowering teams to deliver exceptional results. My focus spans DevSecOps, Information Security, IT, and Support Operations, where I excel in building high-performing global teams, streamlining processes, and fostering cultures of continuous improvement.
With a strong background in SaaS transformation, security maturity, and leveraging technologies like Generative AI, I thrive at the intersection of technology and people. My leadership approach emphasizes collaboration, innovation, and aligning operational goals with strategic business objectives.
Beyond my professional work, I am deeply committed to social impact, leading initiatives that support education, community development, and meaningful partnerships with NGOs.
Zsolt BaloghVP of TechOps
I am a results-oriented leader passionate about driving innovation, operational excellence, and empowering teams to deliver exceptional results. My focus spans DevSecOps, Information Security, IT, and Support Operations, where I excel in building high-performing global teams, streamlining processes, and fostering cultures of continuous improvement.
With a strong background in SaaS transformation, security maturity, and leveraging technologies like Generative AI, I thrive at the intersection of technology and people. My leadership approach emphasizes collaboration, innovation, and aligning operational goals with strategic business objectives.
Beyond my professional work, I am deeply committed to social impact, leading initiatives that support education, community development, and meaningful partnerships with NGOs.
Adrian TironFounder @FORTBRIDGE - Senior-Only Penetration Testing & Red Teaming
I founded FORTBRIDGE on a simple principle: every client deserves senior consultants, not juniors supervised by seniors.
Every FORTBRIDGE engagement is led by consultants with 10-20 years of hands-on offensive security experience. No juniors. No outsourcing. No bait-and-switch. You speak directly with the person testing your systems.
We're CREST and DESC accredited, and our team holds OSCP, OSEP, OSWE, CRTO, CRTL, and cloud security certifications across AWS, Azure, and GCP. Our research has been featured in The Guardian, MarketWatch, The Register, and other major outlets.
I specialise in web application security, API testing, cloud security architecture, and red teaming. With almost two decades in offensive security, I've spoken at BlueHat, BSides, PTS, OWASP, and DSO conferences across Europe and Asia.
Our services:
- Web & API Penetration Testing
- Mobile Application Security
- Cloud Security Assessment (AWS/Azure/GCP)
- Red Teaming & Adversary Simulation
- Security Architecture Review
- LLM & AI Security Testing
Ready to secure your systems? Visit fortbridge.co.uk
Adrian TironFounder @FORTBRIDGE - Senior-Only Penetration Testing & Red Teaming
I founded FORTBRIDGE on a simple principle: every client deserves senior consultants, not juniors supervised by seniors.
Every FORTBRIDGE engagement is led by consultants with 10-20 years of hands-on offensive security experience. No juniors. No outsourcing. No bait-and-switch. You speak directly with the person testing your systems.
We're CREST and DESC accredited, and our team holds OSCP, OSEP, OSWE, CRTO, CRTL, and cloud security certifications across AWS, Azure, and GCP. Our research has been featured in The Guardian, MarketWatch, The Register, and other major outlets.
I specialise in web application security, API testing, cloud security architecture, and red teaming. With almost two decades in offensive security, I've spoken at BlueHat, BSides, PTS, OWASP, and DSO conferences across Europe and Asia.
Our services:
- Web & API Penetration Testing
- Mobile Application Security
- Cloud Security Assessment (AWS/Azure/GCP)
- Red Teaming & Adversary Simulation
- Security Architecture Review
- LLM & AI Security Testing
Ready to secure your systems? Visit fortbridge.co.uk
Arjun ChaudharyChapter Leader OWASP Chandigarh | Security Researcher | Penetration Tester
I am a dedicated and certified Cybersecurity Professional with extensive experience in web security research, Vulnerability Assessment and Penetration Testing (VAPT), and bug bounty programs. My background includes leading VAPT initiatives, conducting comprehensive security risk assessments, and providing remediation guidance to improve the security posture of various organizations. With a Master’s degree in Cybersecurity and hands-on experience with tools such as BurpSuite, Wireshark, and Nmap, I bring a thorough understanding of application, infrastructure, and cloud security.
As a proactive and self-motivated individual, I am committed to staying at the forefront of cybersecurity advancements. I have developed specialized tools for exploiting and mitigating vulnerabilities and collaborated with cross-functional teams to implement effective security controls. My passion for cybersecurity drives me to continuously learn and adapt to emerging threats and technologies.
I am enthusiastic about contributing to innovative security solutions and engaging with the broader security community to address complex cyber threats. I believe that the future of cybersecurity lies in our ability to innovate and adapt, and I am dedicated to making a meaningful impact in this field.
Arjun ChaudharyChapter Leader OWASP Chandigarh | Security Researcher | Penetration Tester
I am a dedicated and certified Cybersecurity Professional with extensive experience in web security research, Vulnerability Assessment and Penetration Testing (VAPT), and bug bounty programs. My background includes leading VAPT initiatives, conducting comprehensive security risk assessments, and providing remediation guidance to improve the security posture of various organizations. With a Master’s degree in Cybersecurity and hands-on experience with tools such as BurpSuite, Wireshark, and Nmap, I bring a thorough understanding of application, infrastructure, and cloud security.
As a proactive and self-motivated individual, I am committed to staying at the forefront of cybersecurity advancements. I have developed specialized tools for exploiting and mitigating vulnerabilities and collaborated with cross-functional teams to implement effective security controls. My passion for cybersecurity drives me to continuously learn and adapt to emerging threats and technologies.
I am enthusiastic about contributing to innovative security solutions and engaging with the broader security community to address complex cyber threats. I believe that the future of cybersecurity lies in our ability to innovate and adapt, and I am dedicated to making a meaningful impact in this field.
Diyar SaadiComputer Security Researcher
Diyar Saadi Ali is a formidable force in the realm of cybersecurity, renowned for their expertise in cybercrime investigations and their role as a certified SOC and malware analyst. With a laser-focused mission to decode and combat digital threats, Diyar approaches the complex world of cybersecurity with precision and unwavering dedication. At the core of their professional journey lies real-time security event monitoring . a task Diyar executes with exceptional vigilance and expertise. As a respected MITRE ATT&CK Contributor, they have made invaluable contributions to the global cybersecurity community, sharing insights and strategies that help organizations bolster their defenses against evolving cyber threats. Diyar’s impact is further amplified by their role as the discoverer and owner of critical Common Vulnerabilities and Exposures (CVEs), including CVE-2024-25400 and CVE-2024-25399. These achievements underscore their commitment to identifying and addressing systemic vulnerabilities that could otherwise threaten digital ecosystems. Currently, Diyar is making waves on the international stage as a speaker at prestigious cybersecurity events such as Arab Cyber Security in Cairo, DeepSec in Vienna, and SulyCon in Sulaymaniyah, Iraq. They’ve also actively participated in GISEC in the UAE, showcasing their commitment to staying at the forefront of industry trends and challenges. With a wealth of experience, an impressive track record of contributions, and a dedication to advancing cybersecurity knowledge, Diyar Saadi Ali continues to inspire and lead in the ever-evolving digital landscape.
Diyar SaadiComputer Security Researcher
Diyar Saadi Ali is a formidable force in the realm of cybersecurity, renowned for their expertise in cybercrime investigations and their role as a certified SOC and malware analyst. With a laser-focused mission to decode and combat digital threats, Diyar approaches the complex world of cybersecurity with precision and unwavering dedication. At the core of their professional journey lies real-time security event monitoring . a task Diyar executes with exceptional vigilance and expertise. As a respected MITRE ATT&CK Contributor, they have made invaluable contributions to the global cybersecurity community, sharing insights and strategies that help organizations bolster their defenses against evolving cyber threats. Diyar’s impact is further amplified by their role as the discoverer and owner of critical Common Vulnerabilities and Exposures (CVEs), including CVE-2024-25400 and CVE-2024-25399. These achievements underscore their commitment to identifying and addressing systemic vulnerabilities that could otherwise threaten digital ecosystems. Currently, Diyar is making waves on the international stage as a speaker at prestigious cybersecurity events such as Arab Cyber Security in Cairo, DeepSec in Vienna, and SulyCon in Sulaymaniyah, Iraq. They’ve also actively participated in GISEC in the UAE, showcasing their commitment to staying at the forefront of industry trends and challenges. With a wealth of experience, an impressive track record of contributions, and a dedication to advancing cybersecurity knowledge, Diyar Saadi Ali continues to inspire and lead in the ever-evolving digital landscape.
József OttucsakProduct Security Architect | AI/ML Security Expert
CISSP and OSCP certified Product Security Architect & MBA with 10+ years of experience bridging the gap between complex technical architecture and business strategy.
I transform security from a cost center into a business accelerator by automating toil and empowering developers. From ground-zero compliance to securing AI-native agentic workflows, I build "secure-by-design" frameworks that scale.
How I drive impact:
• AI Security & Governance: Leading security strategy for AI-native development and agentic workflows aligned with ISO 42001.
• Scalable AppSec Programs: Established and matured security for 60+ product portfolios, including global Security Champion programs.
• High-ROI Automation: Recovered thousands of engineering hours by building agentic security workflows and CI/CD pipelines.
• Strategic Compliance: Bridging the gap between technical implementation and ISO 27001, SOC 2, and FedRAMP requirements.
Core Expertise: Building Product Security Programs | Security Automation | Secure-by-Design Architecture | AI/ML Security | Full-Stack Security Engineer from IoT to Public Cloud
Frequent public speaker on product security and emerging technologies.
Let’s chat about meaningful collaborations or the next big challenge in security leadership!
József OttucsakProduct Security Architect | AI/ML Security Expert
CISSP and OSCP certified Product Security Architect & MBA with 10+ years of experience bridging the gap between complex technical architecture and business strategy.
I transform security from a cost center into a business accelerator by automating toil and empowering developers. From ground-zero compliance to securing AI-native agentic workflows, I build "secure-by-design" frameworks that scale.
How I drive impact:
• AI Security & Governance: Leading security strategy for AI-native development and agentic workflows aligned with ISO 42001.
• Scalable AppSec Programs: Established and matured security for 60+ product portfolios, including global Security Champion programs.
• High-ROI Automation: Recovered thousands of engineering hours by building agentic security workflows and CI/CD pipelines.
• Strategic Compliance: Bridging the gap between technical implementation and ISO 27001, SOC 2, and FedRAMP requirements.
Core Expertise: Building Product Security Programs | Security Automation | Secure-by-Design Architecture | AI/ML Security | Full-Stack Security Engineer from IoT to Public Cloud
Frequent public speaker on product security and emerging technologies.
Let’s chat about meaningful collaborations or the next big challenge in security leadership!
About The Event
Security BSides is the first grass roots, DIY, open security conference in the world! It is a great combination of two event styles: structured anchor events and grass-roots geocentric events. “ It is no failure to fall short of realizing all that we might dream.The failure is to fall short of dreaming all that we might …
Read More
