{"$schema": "https://c3voc.de/schedule/schema.json", "generator": {"name": "pretalx", "version": "2026.1.1"}, "schedule": {"url": "https://event.sec-t.org/sec-t-2025/schedule/", "version": "0.8", "base_url": "https://event.sec-t.org", "conference": {"acronym": "sec-t-2025", "title": "SEC-T 2025", "start": "2025-09-10", "end": "2025-09-12", "daysCount": 3, "timeslot_duration": "00:05", "time_zone_name": "Europe/Stockholm", "colors": {"primary": "#9e3333"}, "rooms": [{"name": "Main hall", "slug": "4729-main-hall", "guid": "95fb7a11-3924-50d2-9a79-88e4c941e631", "description": "The big room where presentations are held. Also called M\u00e4sshallen.", "capacity": null}, {"name": "Hardware Hacking Village", "slug": "4777-hardware-hacking-village", "guid": "9296f48f-07d9-59dc-aab3-886a2dd21695", "description": "HHV, Hardware Hacking Village, located beyond the community area, three floors up", "capacity": 60}, {"name": "Community Area", "slug": "4778-community-area", "guid": "0b28a60b-c02d-5405-9997-9d673be0f6ad", "description": "\"Poseidon\", a conference room in the Community Area", "capacity": 20}, {"name": "Club SEC-T", "slug": "4787-club-sec-t", "guid": "408b5b1e-871c-5ee1-b043-b8d0a49d7480", "description": "\"Riddarsalen\", a big room you reach if you take the stairs from the entrance but go higher up than the Main hall level", "capacity": null}], "tracks": [], "days": [{"index": 1, "date": "2025-09-10", "day_start": "2025-09-10T04:00:00+02:00", "day_end": "2025-09-11T03:59:00+02:00", "rooms": {"Main hall": [{"guid": "e251b9fd-5f9d-5eeb-8e23-d2943be5b558", "code": "3QUA7S", "id": 79956, "logo": null, "date": "2025-09-10T13:00:00+02:00", "start": "13:00", "duration": "00:15", "room": "Main hall", "slug": "sec-t-2025-79956-welcome-to-community-day", "url": "https://event.sec-t.org/sec-t-2025/talk/3QUA7S/", "title": "Welcome to Community Day", "subtitle": "", "track": null, "type": "Small talk", "language": "en", "abstract": "A warm welcome to Community Event, a free event open for anyone, with lots of breaks to mingle and maybe grab a drink.\r\n\r\n```\r\n  /$$$$$$  /$$$$$$$$  /$$$$$$  /$$$$$$$$\r\n /$$__  $$| $$_____/ /$$__  $$|__  $$__/\r\n| $$  \\__/| $$      | $$  \\__/   | $$   \r\n|  $$$$$$ | $$$$$   | $$ /$$$$$$ | $$   \r\n \\____  $$| $$__/   | $$|______/ | $$   \r\n /$$  \\ $$| $$      | $$    $$   | $$   \r\n|  $$$$$$/| $$$$$$$$|  $$$$$$/   | $$   \r\n \\______/ |________/ \\______/    |__/                 \r\n```", "description": null, "recording_license": "", "do_not_record": false, "persons": [], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/3QUA7S/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/3QUA7S/", "attachments": []}, {"guid": "b2e7ead8-d79d-5d22-b007-17bfc8d3b85b", "code": "B7ZYQ8", "id": 75420, "logo": null, "date": "2025-09-10T13:15:00+02:00", "start": "13:15", "duration": "00:45", "room": "Main hall", "slug": "sec-t-2025-75420-llm-security-literacy", "url": "https://event.sec-t.org/sec-t-2025/talk/B7ZYQ8/", "title": "LLM Security Literacy", "subtitle": "", "track": null, "type": "Full talk", "language": "en", "abstract": "AI literacy now commands attention across many organisations in the EU. Article 4\u2014AI Literacy\u2014of the EU AI Act, mandates a baseline level of knowledge for all AI users in scope.\r\nThis session distils several landmark realisations in LLM security, grounded primarily in Anthropic\u2019s published security research.\r\n\r\nWe conclude with two case studies: rapid prototypes of novel LLM application architectures, as food for thought. Each prototype is analysed from a security-first perspective, while demonstrating the capabilities - and shortcomings - of today\u2019s strongest agentic software-engineering models.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "D7QDB3", "name": "krister hedfors", "avatar": "https://event.sec-t.org/media/avatars/D7QDB3_4FXfZms.webp", "biography": "Professional background includes two decades of penetration testing and cyber resilience. Third year and counting of LLM capability exploration from a hacker's perspective, as basis for a foundational understanding of how today's strongest LLM:s can be leveraged - both offensively and defensively - in the Cyber Security domain.\r\n\r\nI do lots of lecturing nowadays, AI literacy education and workshops tailored for developers, engineers, digital users or leadership, in global corporations.", "public_name": "krister hedfors", "guid": "642a6c49-8ea0-5fe7-9c45-89e56a87cb3d", "url": "https://event.sec-t.org/sec-t-2025/speaker/D7QDB3/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/B7ZYQ8/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/B7ZYQ8/", "attachments": []}, {"guid": "80691687-d56d-5300-a049-f2b6d2f88316", "code": "N8SPBQ", "id": 61948, "logo": null, "date": "2025-09-10T14:20:00+02:00", "start": "14:20", "duration": "00:30", "room": "Main hall", "slug": "sec-t-2025-61948-practical-aws-antiforensics", "url": "https://event.sec-t.org/sec-t-2025/talk/N8SPBQ/", "title": "Practical AWS Antiforensics", "subtitle": "", "track": null, "type": "Small talk", "language": "en", "abstract": "Antiforensics refers to a set of techniques, tools, or practices used to hinder, mislead, or obstruct digital forensic investigations. This opens opportunities for attackers to intentionally disable or tamper with logs, use short-lived compute resources like AWS Lambda to carry out malicious actions, and store payloads in less-monitored services like object storage or serverless APIs. Effective cloud forensic readiness requires proactive measures such as enabling comprehensive logging (e.g., CloudTrail, VPC Flow Logs), enforcing strict IAM policies, and integrating tamper-evident storage solutions to preserve the integrity of evidence.\r\n\r\nIn this demo driven technical presentation I\u2019ll begin by introducing the audience on how log collection, security detection and digital forensics is executed in AWS Environments, like what services are needed to ship data to a SIEM, what are the delays we can take advantage of, how Guardduty works and how SOC teams are getting non-cloud-specific logs from servers using SSM. Then I will demonstrate how an attacker can leverage common known blindspots, like the share responsibility model lack of visibility and the internal delays between log generation and log collection, to execute antiforensics techniques with the objective of hindering an investigator\u2019s ability to recover, analyze, or attribute activity related to cloud-based attacks.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "WJWN3S", "name": "Santi Abastante", "avatar": "https://event.sec-t.org/media/avatars/WJWN3S_6vTFBNt.webp", "biography": "Former Police Officer from Argentina, now a Cloud Incident Responder and Security Engineer with over 10 years of IT experience. A Digital Nomad an international speaker, I've presented on Cloud Security and Incident Response at Ekoparty, FIRST, Virus Bulletin (three times), Hack.Lu, and various BSides events worldwide. I hold a Bachelor's degree in Information Security and an MBA (Master in Business Administration).", "public_name": "Santi Abastante", "guid": "fc3538ca-826f-541c-89db-c6dd78b0e04b", "url": "https://event.sec-t.org/sec-t-2025/speaker/WJWN3S/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/N8SPBQ/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/N8SPBQ/", "attachments": []}, {"guid": "39253631-b5ae-5f02-b047-801c99c934bb", "code": "TJGL3H", "id": 78958, "logo": null, "date": "2025-09-10T15:10:00+02:00", "start": "15:10", "duration": "00:30", "room": "Main hall", "slug": "sec-t-2025-78958-attacking-and-defending-github-actions", "url": "https://event.sec-t.org/sec-t-2025/talk/TJGL3H/", "title": "Attacking and defending GitHub Actions", "subtitle": "", "track": null, "type": "Small talk", "language": "en", "abstract": "GitHub Actions are the perfect tool for automating all aspects of your software workflows and deployment processes.\r\nAs Actions have access to source code, this makes them a prime target for (supply-chain) attacks.\r\nLearn how to exploit and fix old vulnerabilities, what new vulnerabilities to be aware of, and how to reduce the impact should your Actions get exploited.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "KVMDWJ", "name": "Simon Gerst", "avatar": "https://event.sec-t.org/media/avatars/KVMDWJ_2kycKR4.webp", "biography": "Simon Gerst is a security researcher at Asymmetric Research who uses static analysis to scale bug discovery, formal methods to uncover subtle flaws, and plain source code reading. Before that, he worked on bounded model checking of V8 for his master's thesis. He enjoys breaking insecure GitHub Actions and has found issues in repositories from GitHub, Microsoft, and others. In his free time, he plays piano\u2014especially Rachmaninoff\u2014and competes in CTFs.", "public_name": "Simon Gerst", "guid": "bae2b2f2-cb97-5434-9d37-21c3a9862b4d", "url": "https://event.sec-t.org/sec-t-2025/speaker/KVMDWJ/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/TJGL3H/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/TJGL3H/", "attachments": []}, {"guid": "29ce775b-aca2-5fca-93f7-e3c502919739", "code": "FWGJCR", "id": 67818, "logo": null, "date": "2025-09-10T16:00:00+02:00", "start": "16:00", "duration": "00:45", "room": "Main hall", "slug": "sec-t-2025-67818-the-voices-of-confession", "url": "https://event.sec-t.org/sec-t-2025/talk/FWGJCR/", "title": "The Voices Of Confession", "subtitle": "", "track": null, "type": "Full talk", "language": "en", "abstract": "As long as we can communicate securely, everything will be fine.\r\n\r\nIn this talk I will present how one can build an entire decentralised and distributed encrypted network to carry data, voice, text and more - all based on the sanctum project I presented at SEC-t last year.\r\n\r\nFrom peer-to-peer and end-to-end encrypted tunnels between laptops, desktops and phones to full on group voice-calls and chatting between these devices, using only sanctum and its underlying protocol.\r\n\r\nI will deep dive into said protocol, how it works, what the tradeoffs are and how to put this up yourself in a safe and secure way.\r\n\r\nSo put on your hacker hat, and let's hack.", "description": null, "recording_license": "", "do_not_record": true, "persons": [{"code": "MEBCJK", "name": "joris", "avatar": null, "biography": null, "public_name": "joris", "guid": "c7bb38d9-0fdb-5a66-a2d0-af151dc73f71", "url": "https://event.sec-t.org/sec-t-2025/speaker/MEBCJK/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/FWGJCR/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/FWGJCR/", "attachments": []}], "Hardware Hacking Village": [{"guid": "d967af49-6c15-5e57-b6c4-158afacbd13f", "code": "KCEQL7", "id": 81056, "logo": null, "date": "2025-09-10T09:00:00+02:00", "start": "09:00", "duration": "03:30", "room": "Hardware Hacking Village", "slug": "sec-t-2025-81056-workshop-arduino-for-total-newbies", "url": "https://event.sec-t.org/sec-t-2025/talk/KCEQL7/", "title": "Workshop: Arduino for total Newbies", "subtitle": "", "track": null, "type": "Workshop", "language": "en", "abstract": "Workshop: Arduino for total Newbies\r\n\r\nEven total newbies can learn to make way cool electronic projects with\r\nArduino. It\u2019s fun and easy. Itinerary: Intro to Arduino, Everything\r\nabout Electronics, Learn to Solder, free Arduino software, Program\r\nArduinos, Read schematics, Make a TV-B-Gone on a Solderless Breadboard,\r\nTarget Practice.\r\n\r\nThis workshop is free and open for non-ticket holders as well. Hardware needed may be purchased on site.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "VKYBYY", "name": "Mitch Altman", "avatar": null, "biography": null, "public_name": "Mitch Altman", "guid": "306ad1a0-495a-556b-87d7-5910ee567093", "url": "https://event.sec-t.org/sec-t-2025/speaker/VKYBYY/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/KCEQL7/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/KCEQL7/", "attachments": []}, {"guid": "37ea6e15-21ec-5e24-8a06-9f973c75d4cb", "code": "J998RJ", "id": 81048, "logo": null, "date": "2025-09-10T12:45:00+02:00", "start": "12:45", "duration": "01:45", "room": "Hardware Hacking Village", "slug": "sec-t-2025-81048-workshop-build-your-own-meshtastic-node-off-grid-encrypted-lora-meshnets-for-beginners", "url": "https://event.sec-t.org/sec-t-2025/talk/J998RJ/", "title": "Workshop: Build Your Own Meshtastic Node: Off-Grid, Encrypted LoRa Meshnets for Beginners!", "subtitle": "", "track": null, "type": "Workshop", "language": "en", "abstract": "Beginners can now create off-grid, encrypted mesh networks for cheap, with applications in emergency communication, sensor monitoring, and more! These mesh networks have been popping up in cities all over the world, and this class will go over everything a beginner needs to run or build their own nodes. If you've ever wanted to legally create off-grid, encrypted mesh networks that can span over a hundred miles, you can get started with Meshtastic for around $50. This class will serve as a beginner user's guide to Meshtastic, covering everything from hardware basics to advanced software configuration. We will use custom Meshtastic nodes to see real-world results in Las Vegas and explore attacks against mesh networks. Attendees will learn to run their own Meshtastic nodes, select antenna options, and configure software!\r\n\r\nThis workshop is free and open for non-ticket holders as well. Hardware needed may be purchased on site.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "J3THSF", "name": "Kody Kinzie", "avatar": null, "biography": null, "public_name": "Kody Kinzie", "guid": "fd0edb55-5de2-513a-8855-3a1f03148de8", "url": "https://event.sec-t.org/sec-t-2025/speaker/J3THSF/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/J998RJ/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/J998RJ/", "attachments": []}, {"guid": "30622d1a-4b7f-51be-8215-7d7d95e3f0c9", "code": "CYRXH7", "id": 81057, "logo": null, "date": "2025-09-10T14:45:00+02:00", "start": "14:45", "duration": "02:30", "room": "Hardware Hacking Village", "slug": "sec-t-2025-81057-workshop-sec-t-music-synthesizer-badge-learn-to-solder", "url": "https://event.sec-t.org/sec-t-2025/talk/CYRXH7/", "title": "Workshop: SEC-T Music Synthesizer Badge / Learn to Solder", "subtitle": "", "track": null, "type": "Workshop", "language": "en", "abstract": "SEC-T 0x10sion Music Synthesizer Badge kit\r\n\r\nYou can buy the kit at the SEC-T shop.\r\n\r\nAnyone can learn to solder! And anyone can learn to make music, sound\r\n(and noise!) with computer chips! All participants will easily learn\r\nall of this by making their SEC-T Music Synthesizer Badge from the open\r\nhardware kit. This workshop is for everyone -- even total beginners.\r\n\r\nCode: https://github.com/SEC-T/badge-2024\r\n\r\nThis workshop is free and open for non-conference ticket holders as well. Hardware needed may be purchased on site.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "VKYBYY", "name": "Mitch Altman", "avatar": null, "biography": null, "public_name": "Mitch Altman", "guid": "306ad1a0-495a-556b-87d7-5910ee567093", "url": "https://event.sec-t.org/sec-t-2025/speaker/VKYBYY/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/CYRXH7/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/CYRXH7/", "attachments": []}], "Community Area": [{"guid": "813f3a05-71a0-557a-b90d-3154abfda329", "code": "XCDVCK", "id": 81046, "logo": null, "date": "2025-09-10T09:00:00+02:00", "start": "09:00", "duration": "08:00", "room": "Community Area", "slug": "sec-t-2025-81046-workshop-introduction-to-linux-malware-reverse-engineering", "url": "https://event.sec-t.org/sec-t-2025/talk/XCDVCK/", "title": "Workshop: Introduction to Linux Malware Reverse Engineering", "subtitle": "", "track": null, "type": "Workshop", "language": "en", "abstract": "This workshop requires pre-registration at: https://blackhoodie.re/SecT2025/\r\n\r\nIntroduction to Linux Malware Reverse Engineering\r\nTeachers: Marion Marschalek (@pinkflawd)\r\n\r\nTopic: Ever wanted to know what a Linux malware looks like from the inside? Wonder no more, we\u2019ll grab our scalpels and teach you autopsy in this class. We\u2019ll go from 0 to hey ransomware! in just one day. This training is very busy, from file formats, loaders and process execution, disassemblers and debuggers, to hey this is encrypting files isn\u2019t it. But don\u2019t worry, we\u2019ll arm you with all the necessary skills! The target will be x86-64 Linux ELF executables.\r\n\r\nPrerequisites: Bring a laptop with IDAPro Free installed, class materials will be hosted on github.\r\n\r\nWhat is BlackHoodie?\r\nBlackHoodie is a free, women only reverse engineering workshop and community. More information can be found here: https://www.blackhoodie.re/about/", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "DCBHVE", "name": "Marion Marschalek", "avatar": null, "biography": null, "public_name": "Marion Marschalek", "guid": "493a2911-701b-55d8-b999-9b1e5226309f", "url": "https://event.sec-t.org/sec-t-2025/speaker/DCBHVE/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/XCDVCK/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/XCDVCK/", "attachments": []}]}}, {"index": 2, "date": "2025-09-11", "day_start": "2025-09-11T04:00:00+02:00", "day_end": "2025-09-12T03:59:00+02:00", "rooms": {"Main hall": [{"guid": "6a4d91e2-759a-58e1-9ed1-531f722fcef8", "code": "M9FMDP", "id": 79955, "logo": null, "date": "2025-09-11T09:00:00+02:00", "start": "09:00", "duration": "00:15", "room": "Main hall", "slug": "sec-t-2025-79955-welcome-to-sec-t", "url": "https://event.sec-t.org/sec-t-2025/talk/M9FMDP/", "title": "Welcome to SEC-T", "subtitle": "", "track": null, "type": "Small talk", "language": "en", "abstract": "A warm welcome and introduction talk about SEC-T by the SEC-T organizers.\r\n\r\n```\r\n   _____ ______ _____   _______ \r\n  / ____|  ____/ ____| |__   __|\r\n | (___ | |__ | |   ______| |   \r\n  \\___ \\|  __|| |  |______| |   \r\n  ____) | |___| |____     | |   \r\n |_____/|______\\_____|    |_|                             \r\n```", "description": null, "recording_license": "", "do_not_record": false, "persons": [], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/M9FMDP/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/M9FMDP/", "attachments": []}, {"guid": "bf19443a-d885-5aea-b8a2-2a75318324c2", "code": "QG9GNT", "id": 78081, "logo": null, "date": "2025-09-11T09:15:00+02:00", "start": "09:15", "duration": "00:30", "room": "Main hall", "slug": "sec-t-2025-78081-cyber-defence-under-fire-strategic-insights-from-ukraine-s-frontline", "url": "https://event.sec-t.org/sec-t-2025/talk/QG9GNT/", "title": "CYBER DEFENCE UNDER FIRE: Strategic insights from Ukraine's frontline", "subtitle": "", "track": null, "type": "Small talk", "language": "en", "abstract": "As Ukraine endures a relentless wave of cyber-attacks during the ongoing conflict, the country\u2019s cyber defense strategies have been put to the ultimate test. This presentation shares lessons from Ukraine\u2019s frontline defense, focusing on the broader strategic impact of cyber warfare, including the significant cyber attack on Kyivstar. The talk will provide valuable insights for those seeking to understand the role of cybersecurity in modern warfare.", "description": null, "recording_license": "", "do_not_record": true, "persons": [{"code": "KPQ7AQ", "name": "Yurii Shaposhnikov", "avatar": null, "biography": "Mr. Shaposhnikov", "public_name": "Yurii Shaposhnikov", "guid": "dd8c7d10-1db2-5f77-8826-5a76d34433b3", "url": "https://event.sec-t.org/sec-t-2025/speaker/KPQ7AQ/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/QG9GNT/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/QG9GNT/", "attachments": []}, {"guid": "5bf22107-9475-5729-87f2-d956436126dc", "code": "DS3EAC", "id": 78876, "logo": null, "date": "2025-09-11T09:45:00+02:00", "start": "09:45", "duration": "00:30", "room": "Main hall", "slug": "sec-t-2025-78876-unicode-as-low-level-attack-primitive", "url": "https://event.sec-t.org/sec-t-2025/talk/DS3EAC/", "title": "Unicode as low-level attack primitive", "subtitle": "", "track": null, "type": "Small talk", "language": "en", "abstract": "Whether it is for applications, operating systems, databases, etc. anything that reads, writes, manipulates data must be using an encoding. On modern days, it will mostly always be UTF-8 by default, sometimes UTF-16, both are Unicode standards. Security auditors and researchers often manipulate data or protocols, but what about manipulating the underlying encoding?\r\n\r\nUnicode has become the one encoding to rule them all, replacing hundreds of old standards. At first glance, it could feel like a simplification. It is not. All those old encodings where ultra-basic while Unicode is overwhelmingly complex beyond what you can imagine until reading the specifications.\r\n\r\nOver the years, the lack of awareness about Unicode and its complexity have led to a lot of issues and implementation errors. The version 16.0 of the Unicode Standard is 1140 pages long, and there are over 60 UAX (Unicode Standard Annexes), UTS (Unicode Technical Standards), UTR (Unicode Technical Reports), each of which is comparable to an IETF RFC. During the last 3 years, I have analysed about 15 programming languages, none of which is fully implementing 100% of the Unicode standard.\r\n\r\nAny piece of software around you is probably using Unicode, but none of them have complete implementation of it and all of them a probably different. What could go wrong?", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "HMBXFF", "name": "noraj", "avatar": "https://event.sec-t.org/media/avatars/HMBXFF_AAB1WDN.webp", "biography": "I'm a pentester & security researcher, so I'm mostly focus on offensive security. Outside penetration tests (where I enjoy web the most), I spent a lot of time in R&D, where a majority of this time investment was spent on one topic: Unicode. So Unicode is, by far, the topic I know best.\r\n\r\nSome people may know me for my Github activity: writing tools, contributing to open-source software a lot as well as security resources, maintaining packages at [BlackArch](https://blackarch.org/), etc.", "public_name": "noraj", "guid": "7edba8f3-f58c-582b-ad80-a6dad9e3aa59", "url": "https://event.sec-t.org/sec-t-2025/speaker/HMBXFF/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/DS3EAC/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/DS3EAC/", "attachments": []}, {"guid": "15d9c196-5e69-5bc4-a887-db3e990f91e9", "code": "ZDRKV9", "id": 65257, "logo": null, "date": "2025-09-11T10:45:00+02:00", "start": "10:45", "duration": "00:45", "room": "Main hall", "slug": "sec-t-2025-65257-adware-as-a-service", "url": "https://event.sec-t.org/sec-t-2025/talk/ZDRKV9/", "title": "Adware As a Service", "subtitle": "", "track": null, "type": "Full talk", "language": "en", "abstract": "In the run up to Google\u2019s plans to dump 3rd party cookies, marketing firms (a $1.7 TRILLION dollar industry) were sent into a complete panic. These firms relied heavily on 3rd party cookies in order to better attribute CPM (cost per 1000 clicks) and how many of those clicks turned into sales. So advertisers could better study human behavior and trends in order to more effectively sell products. \r\n\r\nAs a former Security Engineer at the Largest Independent Digital Marketing firm in the world, I had a unique view into the evils that these companies were developing in order to not only maintain a few into consumer trends but to increase these views, increase the invasiveness of these techniques, and increase the cooperation between all levels of the industry from display point (streaming service), device point (iPhone, TV), location points (via ISP), to sales point. \r\n\r\nThis talk is a peek under the curtain for the server side data harvesting that agencies have developed, and how they\u2019ve managed to twist this further invasion into so-called consumer protection and increased privacy.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "A8V7XF", "name": "Sean \"4dw@r3\" Juroviesky", "avatar": "https://event.sec-t.org/media/avatars/A8V7XF_R8EPNRV.webp", "biography": "Sean Juroviesky is a dedicated security and risk management expert with extensive experience navigating complex environments. Sean excels at developing a comprehensive understanding of intricate systems and crafting strategic roadmaps to revitalize security programs. By identifying high-risk areas and optimizing the use of existing resources, Sean removes barriers between teams to enhance communication and coordination, driving effective security outcomes. Beyond their professional pursuits, Sea", "public_name": "Sean \"4dw@r3\" Juroviesky", "guid": "5f3fc4f7-f91a-57e3-85dd-db964a8c5269", "url": "https://event.sec-t.org/sec-t-2025/speaker/A8V7XF/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/ZDRKV9/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/ZDRKV9/", "attachments": []}, {"guid": "4fadf33f-bcc6-52a7-96d6-011b466462ec", "code": "3NPMEZ", "id": 66489, "logo": null, "date": "2025-09-11T11:30:00+02:00", "start": "11:30", "duration": "00:30", "room": "Main hall", "slug": "sec-t-2025-66489-i-know-who-your-users-are-abusing-user-enumeration-for-osint-and-bug-bounty", "url": "https://event.sec-t.org/sec-t-2025/talk/3NPMEZ/", "title": "I know who your users are - abusing user enumeration for OSINT and Bug Bounty", "subtitle": "", "track": null, "type": "Small talk", "language": "en", "abstract": "If you\u2019re used to seeing user enumeration marked as informational or excluded from bug bounty program scopes, you\u2019re not alone. User enumeration is one of those findings that\u2019s hard to prove as impactful, but also hard to get rid of.\r\n\r\nThis talk will dive into user enumeration and demonstrate its real impact, something that might make clients reconsider the severity of this finding.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "8ZKRA9", "name": "Anton Linn\u00e9", "avatar": "https://event.sec-t.org/media/avatars/8ZKRA9_GVojqg7.webp", "biography": "Anton Linn\u00e9 (@safts0ppa ) is a freelance IT security researcher and penetration tester with over a decade of experience, mostly digging into application security and recon. Enjoys automating things.", "public_name": "Anton Linn\u00e9", "guid": "7d98803e-2782-5824-817c-4bbde6382f0f", "url": "https://event.sec-t.org/sec-t-2025/speaker/8ZKRA9/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/3NPMEZ/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/3NPMEZ/", "attachments": []}, {"guid": "bc392134-1167-5b74-8828-272ed45f9951", "code": "UCPFRS", "id": 63277, "logo": null, "date": "2025-09-11T13:00:00+02:00", "start": "13:00", "duration": "00:45", "room": "Main hall", "slug": "sec-t-2025-63277-inside-google-s-discovery-remediation-of-a-critical-cpu-vulnerability", "url": "https://event.sec-t.org/sec-t-2025/talk/UCPFRS/", "title": "Inside Google's Discovery & Remediation of a Critical CPU Vulnerability", "subtitle": "", "track": null, "type": "Full talk", "language": "en", "abstract": "Just as Vulnerability Research is an important area of focus at Google, so is Vulnerability Response to critical and complex security vulnerabilities.\r\n\r\nThese responses not only safeguards the security of Google's products and users but also extends its reach to millions of devices connected to the Internet, in certain instances, including the case I'm going to share here in details.\r\n\r\nIn this talk, I'd like to go through a recent incident at Google, including technical details, in which I was the global lead. The incident involves the discovery by a Google's security researcher of a critical CPU vulnerability (Reptar) and the extensive remediation efforts across all of Google's products and systems.\r\n\r\nThe incident presented a confluence of intriguing technical challenges and unique operational complexities. I plan to elaborate on the strategies employed by Google to address these challenges effectively, emphasizing the time constraints and pressures under which we operated.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "WRVCDC", "name": "Yousif Hussin", "avatar": "https://event.sec-t.org/media/avatars/WRVCDC_EhXbekJ.webp", "biography": "I'm a Security Engineer at Google, currently specializing in researching, identifying and remediating critical vulnerabilities in Google's systems & products. I'm also part of the team managing Google's Bughunter Vulnerability Rewards Program.\r\n\r\nI've been working in the cybersecurity space since 2007. I've worked at Apple, Meta, Microsoft and now Google.", "public_name": "Yousif Hussin", "guid": "37a9e5dd-fc5b-5422-a798-729a208d65c3", "url": "https://event.sec-t.org/sec-t-2025/speaker/WRVCDC/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/UCPFRS/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/UCPFRS/", "attachments": []}, {"guid": "c68dd6c2-3767-5df7-acac-3166ced1fea5", "code": "QKTYVQ", "id": 79078, "logo": null, "date": "2025-09-11T13:45:00+02:00", "start": "13:45", "duration": "00:30", "room": "Main hall", "slug": "sec-t-2025-79078-offensive-security-with-machine-learning-applications-and-a-blockchain-case-study", "url": "https://event.sec-t.org/sec-t-2025/talk/QKTYVQ/", "title": "Offensive Security with Machine Learning: Applications and a Blockchain Case Study", "subtitle": "", "track": null, "type": "Small talk", "language": "en", "abstract": "Offensive security adopts an attacker's mindset and techniques to strengthen defenses. The field has evolved to incorporate more complex tooling and increased automation and, recently, large language models (LLMs). While early AI lacked rigor for security professionals, recent autonomous agents now outperform humans in CTF competitions.\r\n\r\nIn this talk, we explore how recent advancements in AI can be leveraged in the offensive workflow.\r\nFirst, we examine techniques to enable adversarial use of LLMs. Second, we focus on recent advancements of offensive use of AI throughout the cyber kill chain. To ground these ideas, we conclude by presenting a case study on automating exploit generation for blockchain. Smart contracts, which underpin the decentralized finance ecosystem and collectively govern billions of dollars, are particularly vulnerable due to their immutable and open characteristics. We present our early work on agentic use of AI to aid smart contract auditors in their existing vulnerability detection workflow.\r\n\r\nThis talk aims to show how you, as a security practitioner, can begin leveraging AI methods to scale your existing workflows while also grounding your understanding of the evolving capabilities that adversaries have at their disposal.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "NX8L8R", "name": "Vivi Andersson", "avatar": null, "biography": "Vivi is a ML & application security researcher at KTH with a special interest in Go, blockchain software and the software supply chain.", "public_name": "Vivi Andersson", "guid": "bbeb46d0-2d0a-5c6d-93e0-716949ebc249", "url": "https://event.sec-t.org/sec-t-2025/speaker/NX8L8R/"}, {"code": "KDBSPP", "name": "Sofia Bobadilla", "avatar": null, "biography": null, "public_name": "Sofia Bobadilla", "guid": "f7c552f3-3275-5b36-bc55-0820d955b6ad", "url": "https://event.sec-t.org/sec-t-2025/speaker/KDBSPP/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/QKTYVQ/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/QKTYVQ/", "attachments": []}, {"guid": "0b01316a-4fcb-5e98-a7a7-56b3f808f8a0", "code": "JAVP9M", "id": 65294, "logo": null, "date": "2025-09-11T14:45:00+02:00", "start": "14:45", "duration": "00:45", "room": "Main hall", "slug": "sec-t-2025-65294-ignition-under-fire-exploring-cybersecurity-attack-vectors-in-rocket-propulsion", "url": "https://event.sec-t.org/sec-t-2025/talk/JAVP9M/", "title": "Ignition Under Fire: Exploring Cybersecurity Attack Vectors in Rocket Propulsion", "subtitle": "", "track": null, "type": "Full talk", "language": "en", "abstract": "The increasing reliance on digital systems in modern rocketry, from design and manufacturing to launch operations and in-flight control, introduces significant cybersecurity vulnerabilities. This presentation, \"Ignition Under Fire,\" explores the diverse attack vectors targeting rocket propulsion systems, examining potential consequences ranging from mission delays and data breaches to catastrophic failures. We will analyze the complex interplay of software, hardware, and network components within propulsion systems, identifying key weaknesses susceptible to exploitation. The presentation will delve into specific attack scenarios, software manipulation, sensor spoofing, and network intrusion, highlighting the potential impact on critical parameters like thrust, fuel flow, and combustion stability. Furthermore, we will discuss the unique challenges in securing these complex systems. We will explore how a Zero Trust architecture can be implemented to enhance security by enforcing strict access control, micro-segmentation, and continuous authentication and authorization throughout the propulsion system.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "W7MEAV", "name": "Paul Coggin", "avatar": "https://event.sec-t.org/media/avatars/W7MEAV_0YBV0Mo.webp", "biography": "Paul is a Cyber SME at nou Systems, Inc. His expertise includes space systems, service provider, and ICS/SCADA network infrastructure attacks and defenses, as well as large complex network design and implementation. He has a BS in Math\\Computer Science, a MS in Space Systems, a MS in Systems Management, a MS in Information Assurance and Security and a MS in Computer Information Systems. In addition, he holds numerous industry network and security certifications.", "public_name": "Paul Coggin", "guid": "af6bf47b-2945-5b7c-8307-186e857942ab", "url": "https://event.sec-t.org/sec-t-2025/speaker/W7MEAV/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/JAVP9M/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/JAVP9M/", "attachments": []}, {"guid": "5448790b-f491-5f94-a159-9ae6fc30f062", "code": "VMZMWD", "id": 78609, "logo": null, "date": "2025-09-11T15:30:00+02:00", "start": "15:30", "duration": "00:30", "room": "Main hall", "slug": "sec-t-2025-78609-applied-detections-bypass", "url": "https://event.sec-t.org/sec-t-2025/talk/VMZMWD/", "title": "Applied Detections Bypass", "subtitle": "", "track": null, "type": "Small talk", "language": "en", "abstract": "Red Teams and Blue Teams thrive when they grow through iterative progress. However, I've historically witnessed Red Teams strive for logarithmic growth when caught by the Blue Team. This ultimately slows progress leaving a vast swath of median capabilities unexplored.\r\n\r\nThis talk is an interactive journey through open source detections, where we will bypass detections in a collaborative and iterative fashion. Attendees will gain a framework for leveling-up their Security programs, and hopefully pick up a few technical tricks along the way. Audience participation is highly encouraged.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "BNZPJK", "name": "int0x80", "avatar": "https://event.sec-t.org/media/avatars/BNZPJK_72WeChR.webp", "biography": "int eighty (he/him) is a computer crime enthusiast, and the rapper in Dual Core. Occasional memes and hacking content on Bluesky, GitHub, Mastodon, and X as @int0x80.\r\n\r\nPhoto: @wafflesweekly (IG)", "public_name": "int0x80", "guid": "ec9a560a-9eb6-5157-ba6e-8e4bceef45cd", "url": "https://event.sec-t.org/sec-t-2025/speaker/BNZPJK/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/VMZMWD/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/VMZMWD/", "attachments": []}, {"guid": "9b183979-d4c7-51f2-8c66-e49971cb837f", "code": "XFGJYK", "id": 64107, "logo": null, "date": "2025-09-11T16:15:00+02:00", "start": "16:15", "duration": "00:45", "room": "Main hall", "slug": "sec-t-2025-64107-how-to-bug-hotel-rooms-v2-0", "url": "https://event.sec-t.org/sec-t-2025/talk/XFGJYK/", "title": "How to bug hotel rooms v2.0", "subtitle": "", "track": null, "type": "Full talk", "language": "en", "abstract": "Do you travel with expensive stuff? Do you like feeling safe about leaving your expensive stuff in your hotel room? Have you ever had anything stolen out of your room, or discovered someone has gained access to your room while you weren't there? .. what about .. other rooms? Maybe not EXACTLY a hotel room? I've presented on securing hotel rooms in the past, but adding home assistant, zwave devices, co2 sensors and millimeter wave radar it's become a whole new game - a VERY interesting one! With graphs and remote access!", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "YHZHRV", "name": "Dan Tentler", "avatar": "https://event.sec-t.org/media/avatars/YHZHRV_PY0Bzpq.webp", "biography": "Dan is the Executive Founder of Phobos Group, a boutique information security services and products company specializing in custom tailored assessment and engineering work. Having been on both red and blue teams, Dan brings a wealth of defensive and adversarial knowledge to bear on offensive, defensive or architectural concerns. Dan has spent time at Twitter, British Telecom, Websense, Anonymizer, Intuit and Sempra Energy, to name a few!", "public_name": "Dan Tentler", "guid": "1eb22925-35fd-5f16-ae83-699294c5de0e", "url": "https://event.sec-t.org/sec-t-2025/speaker/YHZHRV/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/XFGJYK/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/XFGJYK/", "attachments": []}, {"guid": "85c1b3fd-18ac-5ca5-aa85-5b2c7a080a4d", "code": "AQU8CM", "id": 80656, "logo": null, "date": "2025-09-11T17:30:00+02:00", "start": "17:30", "duration": "01:00", "room": "Main hall", "slug": "sec-t-2025-80656-lightning-talks-dinner-wraps", "url": "https://event.sec-t.org/sec-t-2025/talk/AQU8CM/", "title": "Lightning talks & dinner wraps", "subtitle": "", "track": null, "type": "Full talk", "language": "en", "abstract": "During SEC-T each year we take one hour out of the schedule to allow lightning speakers to do brief presentations on stage. A smaller dinner is served in the form of wraps.\r\n\r\n- **Jesper**: Hello from SecurityFest\r\n- **Erik:** Life as an IPv4 address - Insights from a worldwide honeypot network\r\n- **Alfred:** goSnoop: Using the Linux Kernel and eBPF for Syscall and DNS Monitoring\r\n- **kdk:** Bypassable fingerprinting: lessons learned from a queer social network\r\n- **Mikael B\u00e5\u00e5th:** Vide coding for veterans\r\n- **Astrid:** This is (not) a printer on the Internet\r\n- **Ignacio Navarro:** Insert coin: Hacking Arcades for Fun \r\n- Your talk here?\r\n\r\nIf you wish to hold a lightning talk (_maximum_ 15 minutes), send us at email at cfp@sec-t.org. Please include a sentence or two what the talk is about, and a rough time estimate to make planning easier!\r\n\r\n---\r\n\r\n```\r\n ____  _____ ____    _____ \r\n/ ___|| ____/ ___|  |_   _|\r\n\\___ \\|  _|| |   _____| |  \r\n ___) | |__| |__|_____| |  \r\n|____/|_____\\____|    |_|  \r\n```", "description": null, "recording_license": "", "do_not_record": false, "persons": [], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/AQU8CM/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/AQU8CM/", "attachments": []}], "Hardware Hacking Village": [{"guid": "b0ee6c76-3d42-59e5-a380-ee119867371a", "code": "YPRM3V", "id": 81054, "logo": null, "date": "2025-09-11T09:30:00+02:00", "start": "09:30", "duration": "00:45", "room": "Hardware Hacking Village", "slug": "sec-t-2025-81054-workshop-make-your-very-own-evil-iot-cat-lamp-with-wled", "url": "https://event.sec-t.org/sec-t-2025/talk/YPRM3V/", "title": "Workshop: Make your very own evil IoT Cat Lamp with WLED!", "subtitle": "", "track": null, "type": "Workshop", "language": "en", "abstract": "In this workshop, we'll upgrade a cute cat lamp with programmable LED hardware, walk through flashing it with WLED to give it custom animations, and then reflashing it to turn it into a sneaky WiFi hacking device. Workshop will involve beginner-level soldering and assembly skills. Great for cat-lovers and those looking to get into DIY IoT projects. Soldering and assembly tools will be provided, and hardware kits needed may purchased on-site.\r\n\r\nThe workshop is free for all conference attendees (not including hardware).", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "DABFWA", "name": "Michael Raymond", "avatar": null, "biography": null, "public_name": "Michael Raymond", "guid": "e56c6339-1c34-5ed6-aeda-51763a10251e", "url": "https://event.sec-t.org/sec-t-2025/speaker/DABFWA/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/YPRM3V/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/YPRM3V/", "attachments": []}, {"guid": "325cdfba-ff9f-510d-969e-163be7c3f1cf", "code": "UDQK8V", "id": 81058, "logo": null, "date": "2025-09-11T10:30:00+02:00", "start": "10:30", "duration": "02:15", "room": "Hardware Hacking Village", "slug": "sec-t-2025-81058-workshop-sec-t-music-synthesizer-badge-learn-to-solder", "url": "https://event.sec-t.org/sec-t-2025/talk/UDQK8V/", "title": "Workshop: SEC-T Music Synthesizer Badge / Learn to Solder", "subtitle": "", "track": null, "type": "Workshop", "language": "en", "abstract": "SEC-T 0x10sion Music Synthesizer Badge kit\r\n\r\nYou can buy the kit at the SEC-T shop.\r\n\r\nAnyone can learn to solder! And anyone can learn to make music, sound\r\n(and noise!) with computer chips! All participants will easily learn\r\nall of this by making their SEC-T Music Synthesizer Badge from the open\r\nhardware kit. This workshop is for everyone -- even total beginners.\r\n\r\nCode: https://github.com/SEC-T/badge-2024\r\n\r\nThe workshop is free for all conference attendees (not including hardware).", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "VKYBYY", "name": "Mitch Altman", "avatar": null, "biography": null, "public_name": "Mitch Altman", "guid": "306ad1a0-495a-556b-87d7-5910ee567093", "url": "https://event.sec-t.org/sec-t-2025/speaker/VKYBYY/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/UDQK8V/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/UDQK8V/", "attachments": []}, {"guid": "fddd31af-2469-59e5-8424-cc39e4b19d3e", "code": "L98W77", "id": 81049, "logo": null, "date": "2025-09-11T13:00:00+02:00", "start": "13:00", "duration": "01:45", "room": "Hardware Hacking Village", "slug": "sec-t-2025-81049-workshop-build-your-own-meshtastic-node-off-grid-encrypted-lora-meshnets-for-beginners", "url": "https://event.sec-t.org/sec-t-2025/talk/L98W77/", "title": "Workshop: Build Your Own Meshtastic Node: Off-Grid, Encrypted LoRa Meshnets for Beginners!", "subtitle": "", "track": null, "type": "Workshop", "language": "en", "abstract": "Beginners can now create off-grid, encrypted mesh networks for cheap, with applications in emergency communication, sensor monitoring, and more! These mesh networks have been popping up in cities all over the world, and this class will go over everything a beginner needs to run or build their own nodes. If you've ever wanted to legally create off-grid, encrypted mesh networks that can span over a hundred miles, you can get started with Meshtastic for around $50. This class will serve as a beginner user's guide to Meshtastic, covering everything from hardware basics to advanced software configuration. We will use custom Meshtastic nodes to see real-world results in Las Vegas and explore attacks against mesh networks. Attendees will learn to run their own Meshtastic nodes, select antenna options, and configure software!\r\n\r\nThe workshop is free for all conference attendees (not including hardware).", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "J3THSF", "name": "Kody Kinzie", "avatar": null, "biography": null, "public_name": "Kody Kinzie", "guid": "fd0edb55-5de2-513a-8855-3a1f03148de8", "url": "https://event.sec-t.org/sec-t-2025/speaker/J3THSF/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/L98W77/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/L98W77/", "attachments": []}, {"guid": "0a536b7e-3aeb-549f-8070-c40900d5ead1", "code": "3TYWA8", "id": 81059, "logo": null, "date": "2025-09-11T15:00:00+02:00", "start": "15:00", "duration": "01:30", "room": "Hardware Hacking Village", "slug": "sec-t-2025-81059-workshop-tv-b-gone-learn-to-solder", "url": "https://event.sec-t.org/sec-t-2025/talk/3TYWA8/", "title": "Workshop: TV-B-Gone / Learn to Solder", "subtitle": "", "track": null, "type": "Workshop", "language": "en", "abstract": "Workshop: TV-B-Gone / Learn to Solder\r\n\r\nAnyone can learn to solder! And a fun way to do learn is by making\r\nthis wonderful little device that encourages you to turn\r\noff TVs in public places! It works on a huge percentage of all TVs in\r\nthe world. Airports, bars, schools, waiting rooms\u2026 Works from 50 meters\r\naway!\r\n\r\nThe workshop is free for all conference attendees (not including hardware).", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "VKYBYY", "name": "Mitch Altman", "avatar": null, "biography": null, "public_name": "Mitch Altman", "guid": "306ad1a0-495a-556b-87d7-5910ee567093", "url": "https://event.sec-t.org/sec-t-2025/speaker/VKYBYY/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/3TYWA8/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/3TYWA8/", "attachments": []}, {"guid": "c8287135-70ec-56b8-96b7-13137c7e96e0", "code": "CJZCLL", "id": 81051, "logo": null, "date": "2025-09-11T16:45:00+02:00", "start": "16:45", "duration": "01:45", "room": "Hardware Hacking Village", "slug": "sec-t-2025-81051-workshop-meshtastic-for-hackers-set-up-configure-deploy-nodes-for-advanced-use", "url": "https://event.sec-t.org/sec-t-2025/talk/CJZCLL/", "title": "Workshop: Meshtastic for Hackers: Set up, Configure, & Deploy Nodes for Advanced Use", "subtitle": "", "track": null, "type": "Workshop", "language": "en", "abstract": "Meshtastic is a long range, encrypted, off-grid mesh protocol that features many powerful modules, configurations, and settings. For beginners just getting started, it can be confusing to dive into these features! In this workshop, we'll explore the exciting modules that make Meshtastic more fun and useful. We'll cover how to customize the encryption, add hardware like GPS and sensors, and change the default transmission settings to adapt to specific environments. Attendees will learn to customize their Meshtastic nodes for any situation using the built in modules and settings. We'll also explore attacks against Meshtastic, and how to get involved in your local area! What to bring: Computer with Google Chrome, iOS or Android smartphone. What you get: 1 Bluetooth Nugget+ LoRa Backpack + weather sensor\r\n\r\nThe workshop is free for all conference attendees (not including hardware).", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "J3THSF", "name": "Kody Kinzie", "avatar": null, "biography": null, "public_name": "Kody Kinzie", "guid": "fd0edb55-5de2-513a-8855-3a1f03148de8", "url": "https://event.sec-t.org/sec-t-2025/speaker/J3THSF/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/CJZCLL/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/CJZCLL/", "attachments": []}], "Club SEC-T": [{"guid": "adf5414c-fee5-533f-a661-162bc6693791", "code": "EVJ3ZK", "id": 81149, "logo": null, "date": "2025-09-11T12:30:00+02:00", "start": "12:30", "duration": "07:00", "room": "Club SEC-T", "slug": "sec-t-2025-81149-karategamers-retro-arcade", "url": "https://event.sec-t.org/sec-t-2025/talk/EVJ3ZK/", "title": "Karategamers Retro Arcade", "subtitle": "", "track": null, "type": "Recreation", "language": "en", "abstract": "Play retro games, chill, hang out, and listen to low volume music DJ:ed by Syntax Error.\r\n\r\n```\r\n _  __               _                                           \r\n| |/ /__ _ _ __ __ _| |_ ___  __ _  __ _ _ __ ___   ___ _ __ ___ \r\n| ' // _` | '__/ _` | __/ _ \\/ _` |/ _` | '_ ` _ \\ / _ \\ '__/ __|\r\n| . \\ (_| | | | (_| | ||  __/ (_| | (_| | | | | | |  __/ |  \\__ \\\r\n|_|\\_\\__,_|_|  \\__,_|\\__\\___|\\__, |\\__,_|_| |_| |_|\\___|_|  |___/\r\n                             |___/                               \r\n```", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "QU7HNW", "name": "Weyland", "avatar": null, "biography": "Main organizer of Club SEC-T, Syntax Error, and a lot of other great stuff!", "public_name": "Weyland", "guid": "63901764-b32c-5427-8bed-f023d5c97874", "url": "https://event.sec-t.org/sec-t-2025/speaker/QU7HNW/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/EVJ3ZK/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/EVJ3ZK/", "attachments": []}, {"guid": "5f72a9b0-9197-58c4-962c-7b89f3146cdc", "code": "LPPTHF", "id": 81239, "logo": null, "date": "2025-09-11T19:30:00+02:00", "start": "19:30", "duration": "00:30", "room": "Club SEC-T", "slug": "sec-t-2025-81239-club-sec-t-opens-for-the-public", "url": "https://event.sec-t.org/sec-t-2025/talk/LPPTHF/", "title": "Club SEC-T opens for the public", "subtitle": "", "track": null, "type": "Performance", "language": "en", "abstract": "The official party for SEC-T starts, and opens for non-ticket holders.\r\n\r\nClub SEC-T is -free- to attend for anyone 18 years or older, whether you're a conference guest or just want a ridiculously geeky Thursday night and don't even know what SEC-T is!\r\nThis also means, as a conference guest, you're free to invite your non-ticket-holding friends.\r\n\r\nOfficial Facebook event: https://www.facebook.com/events/2110818196113594", "description": null, "recording_license": "", "do_not_record": false, "persons": [], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/LPPTHF/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/LPPTHF/", "attachments": []}, {"guid": "cf2f6903-0c7d-541e-b74f-7e1184221aa3", "code": "NVYJQX", "id": 81153, "logo": null, "date": "2025-09-11T20:00:00+02:00", "start": "20:00", "duration": "01:30", "room": "Club SEC-T", "slug": "sec-t-2025-81153-weyland-s-quiz", "url": "https://event.sec-t.org/sec-t-2025/talk/NVYJQX/", "title": "Weyland's Quiz", "subtitle": "", "track": null, "type": "Contest", "language": "en", "abstract": "Join us for another quiz with great music and visual clues! Some questions are more security related than others but all of it is fun! It's a though one so feel free to use your favorite search engine or other means to win.\r\n\r\nCreated by Weyland.\r\n\r\n```\r\n  ____ _       _       ____  _____ ____    _____ \r\n / ___| |_   _| |__   / ___|| ____/ ___|  |_   _|\r\n| |   | | | | | '_ \\  \\___ \\|  _|| |   _____| |  \r\n| |___| | |_| | |_) |  ___) | |__| |__|_____| |  \r\n \\____|_|\\__,_|_.__/  |____/|_____\\____|    |_|  \r\n```", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "QU7HNW", "name": "Weyland", "avatar": null, "biography": "Main organizer of Club SEC-T, Syntax Error, and a lot of other great stuff!", "public_name": "Weyland", "guid": "63901764-b32c-5427-8bed-f023d5c97874", "url": "https://event.sec-t.org/sec-t-2025/speaker/QU7HNW/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/NVYJQX/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/NVYJQX/", "attachments": []}, {"guid": "d9c3e37d-aad9-52f0-8bd0-ace11c3c5b5e", "code": "YYGZCB", "id": 81154, "logo": null, "date": "2025-09-11T21:30:00+02:00", "start": "21:30", "duration": "01:00", "room": "Club SEC-T", "slug": "sec-t-2025-81154-artist", "url": "https://event.sec-t.org/sec-t-2025/talk/YYGZCB/", "title": "Artist", "subtitle": "", "track": null, "type": "Performance", "language": "en", "abstract": "** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance **", "description": null, "recording_license": "", "do_not_record": false, "persons": [], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/YYGZCB/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/YYGZCB/", "attachments": []}, {"guid": "8680e26c-3ea4-5064-943f-759a55b0365c", "code": "8DLCGT", "id": 81156, "logo": null, "date": "2025-09-11T22:30:00+02:00", "start": "22:30", "duration": "02:30", "room": "Club SEC-T", "slug": "sec-t-2025-81156-syntax-error-djs", "url": "https://event.sec-t.org/sec-t-2025/talk/8DLCGT/", "title": "Syntax Error DJs", "subtitle": "", "track": null, "type": "Performance", "language": "en", "abstract": "** Syntax Error DJs are putting on a Party ** Syntax Error DJs are putting on a Party ** Syntax Error DJs are putting on a Party ** Syntax Error DJs are putting on a Party ** Syntax Error DJs are putting on a Party ** Syntax Error DJs are putting on a Party ** Syntax Error DJs are putting on a Party **", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "QU7HNW", "name": "Weyland", "avatar": null, "biography": "Main organizer of Club SEC-T, Syntax Error, and a lot of other great stuff!", "public_name": "Weyland", "guid": "63901764-b32c-5427-8bed-f023d5c97874", "url": "https://event.sec-t.org/sec-t-2025/speaker/QU7HNW/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/8DLCGT/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/8DLCGT/", "attachments": []}]}}, {"index": 3, "date": "2025-09-12", "day_start": "2025-09-12T04:00:00+02:00", "day_end": "2025-09-13T03:59:00+02:00", "rooms": {"Main hall": [{"guid": "9fea5f10-ca55-524d-aed7-f85a7309fff5", "code": "SNZ8XW", "id": 79616, "logo": null, "date": "2025-09-12T09:00:00+02:00", "start": "09:00", "duration": "00:45", "room": "Main hall", "slug": "sec-t-2025-79616-gotcha-how-to-track-down-a-drone-operator-in-the-heart-of-war", "url": "https://event.sec-t.org/sec-t-2025/talk/SNZ8XW/", "title": "Gotcha! \u2013 How to Track Down a Drone Operator in the Heart of War", "subtitle": "", "track": null, "type": "Full talk", "language": "en", "abstract": "Armed conflict accelerates technological development while exposing our blind spots in threat awareness. Even seemingly harmless diagnostic data from drones can be weaponized\u2014with potentially deadly consequences.\r\n\r\nThis talk will include a live demonstration of advanced techniques used to intercept and locate drone operators in real-world war zones. Using the example of a three-day military operation in Ukraine, we\u2019ll walk through how RF weaknesses can be exploited to detect and counter drone threats, and how custom tools can be built to track operators in the field.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "HSECCY", "name": "Micha\u0142 K\u0142aput", "avatar": "https://event.sec-t.org/media/avatars/HSECCY_et2qq30.webp", "biography": "Bio", "public_name": "Micha\u0142 K\u0142aput", "guid": "7c8eb8f2-26f2-50af-b35f-d523311beabb", "url": "https://event.sec-t.org/sec-t-2025/speaker/HSECCY/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/SNZ8XW/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/SNZ8XW/", "attachments": []}, {"guid": "64a5c5b8-25b3-518b-a3ff-9166c8339e6e", "code": "SGBNCS", "id": 74422, "logo": null, "date": "2025-09-12T10:00:00+02:00", "start": "10:00", "duration": "00:45", "room": "Main hall", "slug": "sec-t-2025-74422-a-game-of-ssdlc-mistake-bingo", "url": "https://event.sec-t.org/sec-t-2025/talk/SGBNCS/", "title": "A Game of SSDLC Mistake Bingo", "subtitle": "", "track": null, "type": "Full talk", "language": "en", "abstract": "In this talk, we peel back the curtain on the Secure Software Development Lifecycle (SSDLC) and explore some real war stories. Rather than focusing on idealized process models or textbook solutions, this session highlights some messy, funny, and sometimes frustrating real-world scenarios AppSec professionals face every day. Each phase of the OWASP SAMM framework becomes a round of mistake bingo, revealing lessons learned along the way. You\u2019ll laugh, you\u2019ll cringe, and you\u2019ll likely recognize more than a few of these examples from your own experience.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "QU9NMF", "name": "Hendrik Noben", "avatar": "https://event.sec-t.org/media/avatars/QU9NMF_ReIAUma.webp", "biography": "Hendrik Noben is the co-founder of Resilix, focusing on cyber incident management and practical security assessments that lead to strategic guidance. As trusted advisor, provinding a pragmatic and people-aware approach to modern security challenges. Hendrik brings a hands-on background as a penetration tester and security architect. He is also the (co-)founder of BSides Limburg, a community-driven security event in Belgium.", "public_name": "Hendrik Noben", "guid": "810a545e-728c-595f-9e62-0a29dea6d3a1", "url": "https://event.sec-t.org/sec-t-2025/speaker/QU9NMF/"}, {"code": "B7Z7VZ", "name": "Stephan Van Dyck", "avatar": "https://event.sec-t.org/media/avatars/B7Z7VZ_oG4mYPM.webp", "biography": "12+ experience in cybersecurity with a main focus on the blue side. I have worked on multiple IR and ransomware cases.", "public_name": "Stephan Van Dyck", "guid": "331c4aaf-6510-54f7-b920-351f61b8ef23", "url": "https://event.sec-t.org/sec-t-2025/speaker/B7Z7VZ/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/SGBNCS/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/SGBNCS/", "attachments": []}, {"guid": "10785d9f-f331-5ba2-99e5-6877ba26ba01", "code": "SVBXCR", "id": 69136, "logo": null, "date": "2025-09-12T11:15:00+02:00", "start": "11:15", "duration": "00:45", "room": "Main hall", "slug": "sec-t-2025-69136-oops-i-hacked-it-again-tales-and-disclosures", "url": "https://event.sec-t.org/sec-t-2025/talk/SVBXCR/", "title": "Oops, I Hacked It Again: Tales and disclosures", "subtitle": "", "track": null, "type": "Full talk", "language": "en", "abstract": "Breaking into supermarket systems, ticketing platforms, and more. I\u2019ll share some of my latest hacking stories, showing how I found the vulnerabilities, reported them, and collaborated with the companies. We\u2019ll dive into tools, the challenges of disclosure, the importance of being \u201cethical\u201d, lessons learned and how these experiences help improve security and build trust between hackers and organizations.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "YD8QMS", "name": "Ignacio Navarro", "avatar": "https://event.sec-t.org/media/avatars/YD8QMS_WrPxiui.webp", "biography": "Ignacio Navarro, an Ethical Hacker and Security Researcher from Cordoba, Argentina. With around 6 years in the cybersecurity game, he's currently working as an Application Security. Their interests include code analysis, web application security, and cloud security. o\r\nSpeaker at DEFCON, H2HC, Troopers, LeHACK, NorthSec, TyphoonCon, Security Fest, SASCON, 8.8 among others.\r\n@Ignavarro1", "public_name": "Ignacio Navarro", "guid": "bc75df0f-3535-5811-b1cd-d4aa32129adb", "url": "https://event.sec-t.org/sec-t-2025/speaker/YD8QMS/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/SVBXCR/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/SVBXCR/", "attachments": []}, {"guid": "bf789fda-b3ea-502b-b1b9-566f43237b8d", "code": "R7HVLL", "id": 74909, "logo": null, "date": "2025-09-12T13:00:00+02:00", "start": "13:00", "duration": "00:45", "room": "Main hall", "slug": "sec-t-2025-74909-llm-x-mcp-x-kali-building-breaking-ai-agents", "url": "https://event.sec-t.org/sec-t-2025/talk/R7HVLL/", "title": "LLM x MCP x KALI - Building & Breaking AI Agents", "subtitle": "", "track": null, "type": "Full talk", "language": "en", "abstract": "In June 2025 XBOW became the first AI Agent to reach #1 on Hacker1 USA ranking. But how does a hacking agent work? Can you build your own? Can it collect bug bounties while you drink Martinis on the beach?\r\n\r\nHacking is about curiosity, building and breaking things. In this session we explore how we can integrate Large Langue Models (LLMs) with Model Context Protocols (MCPs) to automate & orchestrate complex attacks\r\n\r\nThen we look into how secure are AI agents and how can they be hacked", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "NMPYC3", "name": "Andrei Agape", "avatar": "https://event.sec-t.org/media/avatars/NMPYC3_U6hkWXx.webp", "biography": "Ten years of XP as developer & security consultant. OSCP/CRTP/CARTP/CISSP. Previous speaker at OWASP/Disobey. Passionate about Web/API hacking. Weak spot for reverse engineering & automation", "public_name": "Andrei Agape", "guid": "a2ac04e4-f3dd-556f-9b1f-cdf71b98f0bf", "url": "https://event.sec-t.org/sec-t-2025/speaker/NMPYC3/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/R7HVLL/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/R7HVLL/", "attachments": []}, {"guid": "82900cf8-54e0-58d9-b1cf-3d519ae3b1c9", "code": "WWWX7Q", "id": 68519, "logo": null, "date": "2025-09-12T13:55:00+02:00", "start": "13:55", "duration": "00:30", "room": "Main hall", "slug": "sec-t-2025-68519-breaking-entra-real-world-cloud-identity-attacks-you-can-recreate", "url": "https://event.sec-t.org/sec-t-2025/talk/WWWX7Q/", "title": "Breaking Entra: Real-World Cloud Identity Attacks You Can Recreate", "subtitle": "", "track": null, "type": "Small talk", "language": "en", "abstract": "Identity has become the new perimeter and in Microsoft Entra ID (formerly Azure Active Directory), it\u2019s also the easiest one to break. Misconfigured apps, over-scoped permissions, and weak conditional access open the door to attackers who know where to look. \r\n\r\nIn this talk, we\u2019ll walk through real-world Entra ID misconfigurations that led to privilege escalation and domain-wide compromise all of which have been reproduced in EntraGoat, a new open-source lab that simulates these attack paths in a CTF-style environment. \r\n\r\nYou\u2019ll see step-by-step demos of how attackers exploit these flaws, how defenders can detect them, and how you can use the lab to train, teach, or test in your own environment. Whether you\u2019re red team, blue team, or just Entra-curious, you\u2019ll walk away with practical techniques and a tool to keep practicing.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "ZDZ9AQ", "name": "Tomer Nahum", "avatar": "https://event.sec-t.org/media/avatars/ZDZ9AQ_8LsVhYY.webp", "biography": "Tomer Nahum is a Security Researcher at Semperis, where he works to find new attacks, and how to defend against them, in on-prem identity stacks such as Active Directory, as well as cloud identity systems. Tomer was awarded Most Valuable Researcher (MVR) in 2023 by Microsoft Security Response Center (MSRC).", "public_name": "Tomer Nahum", "guid": "65c4927a-649c-5e6d-b0b4-2181b73d6e1a", "url": "https://event.sec-t.org/sec-t-2025/speaker/ZDZ9AQ/"}, {"code": "GM7YRP", "name": "Jonathan Elkabas", "avatar": "https://event.sec-t.org/media/avatars/GM7YRP_vRaQZM1.webp", "biography": "Hey! I'm a security researcher at Semperis, where I spend my days wrangling digital identities, taming identity providers (IdPs), and keeping non-human accounts from getting too ambitious. I build Indicators of Attack, Compromise, and Exposure focused on Active Directory, Okta and Microsoft Entra ID, working closely with product and engineering teams to make enterprise identity security a little smarter - and a lot harder to break.", "public_name": "Jonathan Elkabas", "guid": "4344071f-be64-5554-b817-78551dd7a2e2", "url": "https://event.sec-t.org/sec-t-2025/speaker/GM7YRP/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/WWWX7Q/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/WWWX7Q/", "attachments": []}, {"guid": "69c01bbf-c40e-5a67-a290-37350c531f63", "code": "XVLLAY", "id": 66325, "logo": null, "date": "2025-09-12T14:30:00+02:00", "start": "14:30", "duration": "00:30", "room": "Main hall", "slug": "sec-t-2025-66325-offensive-siem-when-the-blue-team-switches-perspective", "url": "https://event.sec-t.org/sec-t-2025/talk/XVLLAY/", "title": "Offensive SIEM: When the Blue Team Switches Perspective", "subtitle": "", "track": null, "type": "Small talk", "language": "en", "abstract": "Traditional SIEM solutions focus on detecting attacks\u2014but what if we flipped the script? Instead of waiting for adversaries to act, defenders can use SIEM proactively to identify local privilege escalation risks before they\u2019re exploited. By analyzing Sysmon and Windows event logs, blue teams can uncover hidden misconfigurations in services, scheduled tasks, DLL loads, and centralized application deployments that could allow an attacker to escalate privileges to SYSTEM. In some cases, this approach might even reveal new CVEs lurking in your environment. This talk will showcase practical techniques for leveraging SIEM as an offensive discovery tool, helping defenders think like attackers to strengthen security from within.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "H7MCBV", "name": "Erkan Ekici", "avatar": null, "biography": "Cybersecurity Professional | Blue Team Specialist | Police officer \r\n\r\nSince childhood, I dreamed of becoming either a police officer or a hacker. I chose law enforcement, developing investigative skills that now fuel my cybersecurity career. Specializing in Windows Client security, I conduct security assessments, security research, enhance defenses, incident response and protect against other threats.", "public_name": "Erkan Ekici", "guid": "fe129657-730e-57e2-8a19-0a326115a842", "url": "https://event.sec-t.org/sec-t-2025/speaker/H7MCBV/"}, {"code": "XWXGWC", "name": "Shanti Lindstr\u00f6m", "avatar": null, "biography": "Veteran cybersecurity professional with 17 years of experience. Started with 8 years in offensive security, discovering multiple Microsoft vulnerabilities that earned official CVEs. Leveraged this offensive mindset to transition into 9 years of defensive security work. This unique career progression provides exceptional insight into both attacker techniques and defensive strategies, creating a comprehensive security perspective few professionals possess.", "public_name": "Shanti Lindstr\u00f6m", "guid": "68c8d6fb-5603-5877-958e-fcdacf49dba1", "url": "https://event.sec-t.org/sec-t-2025/speaker/XWXGWC/"}], "links": [{"title": "Vulnerability found in EPSON printer drivers", "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-42598", "type": "related"}, {"title": "EPSON Security Notifications", "url": "https://www.epson.co.uk/en_GB/faq/KA-01993/contents?loc=en-us", "type": "related"}], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/XVLLAY/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/XVLLAY/", "attachments": []}, {"guid": "1cbdbd0b-14e4-5d6a-bcc4-c21795001bac", "code": "HMMVQP", "id": 74995, "logo": null, "date": "2025-09-12T15:30:00+02:00", "start": "15:30", "duration": "00:45", "room": "Main hall", "slug": "sec-t-2025-74995-crowdsourcing-bluetooth-identity-to-understand-bluetooth-vulnerability", "url": "https://event.sec-t.org/sec-t-2025/talk/HMMVQP/", "title": "Crowdsourcing Bluetooth identity, to understand Bluetooth vulnerability", "subtitle": "", "track": null, "type": "Full talk", "language": "en", "abstract": "Bluetooth vulnerability assessment is still in the dark ages. We still don't have a good handle on all the devices that are affected by the exploitable-over-the-air vulnerabilities that we disclosed in Texas Instruments and Silicon Labs firmware back in 2020. But we've been chipping away at the problem!\r\n\r\nWe released \"Blue2thprinting\" in 2023 as our starting point towards something akin to nmap OS fingerprinting, but with a focus on learning what we could about the specific Bluetooth chip or firmware versions, to identify known-vulnerable versions. We delved into the thousands of pages of Bluetooth specs to extract bits and pieces, packets and profiles, that had interesting information to share about what a device is. \r\n\r\nBut even as we continue to add new types of data to enrich our understanding of what devices are, and whether they're vulnerable to known CVEs, there's just *so much* that's still unknown! In this talk we'll discuss the updates to Blue2thprinting to allow for P2P researcher data sharing and crowdsourcing, and how that can help broaden the global knowledge of Bluetooth vulnerability applicability. And we'll also highlight the ridiculous number of tantalizing known unknowns; and encourage you to join the BlueCrew on our Journey Into Mystery!", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "97VVUB", "name": "Xeno Kovah", "avatar": "https://event.sec-t.org/media/avatars/97VVUB_6TUmKY3.webp", "biography": "Xeno spends ~75% of his time working on his 501(c)(3) non-profit OpenSecurityTraining2 (https://ost2.fyi), where he and others publish commercial-grade training for free, to make more awesome engineers, faster. The other 25% of his time is spent on consulting and research, primarily in the Bluetooth firmware security space. This talk is about some of that research.", "public_name": "Xeno Kovah", "guid": "a91f23aa-568a-5607-a29c-67b202a1ea38", "url": "https://event.sec-t.org/sec-t-2025/speaker/97VVUB/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/HMMVQP/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/HMMVQP/", "attachments": []}, {"guid": "f7b6fe05-ceea-5a73-8c16-107b9196b96c", "code": "BZUDJB", "id": 75181, "logo": null, "date": "2025-09-12T16:15:00+02:00", "start": "16:15", "duration": "00:30", "room": "Main hall", "slug": "sec-t-2025-75181-build-your-first-threat-emulation-plan", "url": "https://event.sec-t.org/sec-t-2025/talk/BZUDJB/", "title": "Build Your First Threat Emulation Plan", "subtitle": "", "track": null, "type": "Small talk", "language": "en", "abstract": "Ever wondered how to start your first red teaming engagement? This session will teach real-world methodologies for collecting, analyzing, and applying threat intelligence in offensive security engagements. Participants will gain hands-on experience in extracting TTPs from threat reports, building adversary emulation plans, and using tools like the MITRE ATT&CK Navigator to plan intelligence-driven red team operations. Attendees will also receive custom worksheets and templates to support their future assessments.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "MGQNZP", "name": "Fredrik Sandstr\u00f6m", "avatar": "https://event.sec-t.org/media/avatars/MGQNZP_Bsd8MDq.webp", "biography": "Head of Cybersecurity \u2013 Basalt AB\r\n\r\nFredrik Sandstr\u00f6m, M.Sc., is Head of Cyber Security at Basalt, based in Stockholm, Sweden. With a decade of experience in penetration testing, Fredrik delivers advanced security assessments\u2014including penetration testing, red teaming, and threat emulation\u2014for clients in sectors like banking, insurance, and automotive. (GXPN, GCPN, GRTP, CBBH)\r\n\r\nHe has also delivered talks at major conferences such as Sec-T, BSidesLV, and DEFCON Red Team Village.", "public_name": "Fredrik Sandstr\u00f6m", "guid": "8d077b08-a743-5db4-b846-9564d210177b", "url": "https://event.sec-t.org/sec-t-2025/speaker/MGQNZP/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/BZUDJB/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/BZUDJB/", "attachments": []}], "Hardware Hacking Village": [{"guid": "cf60c952-a5ee-5d2f-a8d9-8c59a4fb3e97", "code": "YSE7YV", "id": 81062, "logo": null, "date": "2025-09-12T09:00:00+02:00", "start": "09:00", "duration": "01:45", "room": "Hardware Hacking Village", "slug": "sec-t-2025-81062-workshop-learn-badusb-hacking-with-the-usb-nugget", "url": "https://event.sec-t.org/sec-t-2025/talk/YSE7YV/", "title": "Workshop: Learn BadUSB Hacking With the USB Nugget", "subtitle": "", "track": null, "type": "Workshop", "language": "en", "abstract": "In this workshop, you\u2019ll learn to write Bad USB scripts to hack computers using a cute, cat-shaped hacking tool called the USB Nugget. You\u2019ll learn to write scripts to get computers of any operating system to do your bidding in seconds, and also how to automate nearly any desired action remotely. If you want to learn about simple scripting and HID attacks this workshop is for you! \r\n\r\nThe USB Nugget kit may be purchased at the workshop.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "DABFWA", "name": "Michael Raymond", "avatar": null, "biography": null, "public_name": "Michael Raymond", "guid": "e56c6339-1c34-5ed6-aeda-51763a10251e", "url": "https://event.sec-t.org/sec-t-2025/speaker/DABFWA/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/YSE7YV/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/YSE7YV/", "attachments": []}, {"guid": "baf8a0d0-6a23-5aea-b33a-e846ea99c9c2", "code": "GWJSRD", "id": 81060, "logo": null, "date": "2025-09-12T11:00:00+02:00", "start": "11:00", "duration": "01:30", "room": "Hardware Hacking Village", "slug": "sec-t-2025-81060-workshop-tv-b-gone-learn-to-solder", "url": "https://event.sec-t.org/sec-t-2025/talk/GWJSRD/", "title": "Workshop: TV-B-Gone / Learn to Solder", "subtitle": "", "track": null, "type": "Workshop", "language": "en", "abstract": "Workshop: TV-B-Gone / Learn to Solder\r\n\r\nAnyone can learn to solder! And a fun way to do learn is by making\r\nthis wonderful little device that encourages you to turn\r\noff TVs in public places! It works on a huge percentage of all TVs in\r\nthe world. Airports, bars, schools, waiting rooms\u2026 Works from 50 meters\r\naway!\r\n\r\nThe training is free for all conference attendees. Needed hardware may be purchased at the workshop.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "VKYBYY", "name": "Mitch Altman", "avatar": null, "biography": null, "public_name": "Mitch Altman", "guid": "306ad1a0-495a-556b-87d7-5910ee567093", "url": "https://event.sec-t.org/sec-t-2025/speaker/VKYBYY/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/GWJSRD/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/GWJSRD/", "attachments": []}, {"guid": "18e10aa4-9565-5b41-b1a6-7b7b710d8fd8", "code": "DFCKUX", "id": 81050, "logo": null, "date": "2025-09-12T12:45:00+02:00", "start": "12:45", "duration": "01:45", "room": "Hardware Hacking Village", "slug": "sec-t-2025-81050-workshop-build-your-own-meshtastic-node-off-grid-encrypted-lora-meshnets-for-beginners", "url": "https://event.sec-t.org/sec-t-2025/talk/DFCKUX/", "title": "Workshop: Build Your Own Meshtastic Node: Off-Grid, Encrypted LoRa Meshnets for Beginners!", "subtitle": "", "track": null, "type": "Workshop", "language": "en", "abstract": "Beginners can now create off-grid, encrypted mesh networks for cheap, with applications in emergency communication, sensor monitoring, and more! These mesh networks have been popping up in cities all over the world, and this class will go over everything a beginner needs to run or build their own nodes. If you've ever wanted to legally create off-grid, encrypted mesh networks that can span over a hundred miles, you can get started with Meshtastic. This class will serve as a beginner user's guide to Meshtastic, covering everything from hardware basics to advanced software configuration. We will use custom Meshtastic nodes to see real-world results in Las Vegas and explore attacks against mesh networks. Attendees will learn to run their own Meshtastic nodes, select antenna options, and configure software!\r\n\r\nNeeded hardware may be purchased at the workshop.", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "J3THSF", "name": "Kody Kinzie", "avatar": null, "biography": null, "public_name": "Kody Kinzie", "guid": "fd0edb55-5de2-513a-8855-3a1f03148de8", "url": "https://event.sec-t.org/sec-t-2025/speaker/J3THSF/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/DFCKUX/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/DFCKUX/", "attachments": []}, {"guid": "632691cf-3eed-57be-8956-97d76fbf5930", "code": "Z7HXLK", "id": 81052, "logo": null, "date": "2025-09-12T14:45:00+02:00", "start": "14:45", "duration": "01:45", "room": "Hardware Hacking Village", "slug": "sec-t-2025-81052-workshop-meshtastic-for-hackers-set-up-configure-deploy-nodes-for-advanced-use", "url": "https://event.sec-t.org/sec-t-2025/talk/Z7HXLK/", "title": "Workshop: Meshtastic for Hackers: Set up, Configure, & Deploy Nodes for Advanced Use", "subtitle": "", "track": null, "type": "Workshop", "language": "en", "abstract": "Meshtastic is a long range, encrypted, off-grid mesh protocol that features many powerful modules, configurations, and settings. For beginners just getting started, it can be confusing to dive into these features! In this workshop, we'll explore the exciting modules that make Meshtastic more fun and useful. We'll cover how to customize the encryption, add hardware like GPS and sensors, and change the default transmission settings to adapt to specific environments. Attendees will learn to customize their Meshtastic nodes for any situation using the built in modules and settings. We'll also explore attacks against Meshtastic, and how to get involved in your local area! What to bring: Computer with Google Chrome, iOS or Android smartphone. What you get: 1 Bluetooth Nugget+ LoRa Backpack + weather sensor (can be purchased at the workshop).", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "J3THSF", "name": "Kody Kinzie", "avatar": null, "biography": null, "public_name": "Kody Kinzie", "guid": "fd0edb55-5de2-513a-8855-3a1f03148de8", "url": "https://event.sec-t.org/sec-t-2025/speaker/J3THSF/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/Z7HXLK/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/Z7HXLK/", "attachments": []}], "Club SEC-T": [{"guid": "90ec1889-4ffe-5729-a21e-55dcda6e2cf4", "code": "SDBQJY", "id": 81157, "logo": null, "date": "2025-09-12T09:00:00+02:00", "start": "09:00", "duration": "03:00", "room": "Club SEC-T", "slug": "sec-t-2025-81157-karategamers-retro-arcade", "url": "https://event.sec-t.org/sec-t-2025/talk/SDBQJY/", "title": "Karategamers Retro Arcade", "subtitle": "", "track": null, "type": "Recreation", "language": "en", "abstract": "** Karategamers Retro Arcade ** Karategamers Retro Arcade ** Karategamers Retro Arcade ** Karategamers Retro Arcade ** Karategamers Retro Arcade ** Karategamers Retro Arcade ** Karategamers Retro Arcade ** Karategamers Retro Arcade ** Karategamers Retro Arcade ** Karategamers Retro Arcade ** Karategamers Retro Arcade ** Karategamers Retro Arcade **", "description": null, "recording_license": "", "do_not_record": false, "persons": [{"code": "QU7HNW", "name": "Weyland", "avatar": null, "biography": "Main organizer of Club SEC-T, Syntax Error, and a lot of other great stuff!", "public_name": "Weyland", "guid": "63901764-b32c-5427-8bed-f023d5c97874", "url": "https://event.sec-t.org/sec-t-2025/speaker/QU7HNW/"}], "links": [], "feedback_url": "https://event.sec-t.org/sec-t-2025/talk/SDBQJY/feedback/", "origin_url": "https://event.sec-t.org/sec-t-2025/talk/SDBQJY/", "attachments": []}]}}]}}}