Workshop: Arduino for total Newbies

Even total newbies can learn to make way cool electronic projects with
Arduino. It’s fun and easy. Itinerary: Intro to Arduino, Everything
about Electronics, Learn to Solder, free Arduino software, Program
Arduinos, Read schematics, Make a TV-B-Gone on a Solderless Breadboard,
Target Practice.

This workshop is free and open for non-ticket holders as well. Hardware needed may be purchased on site.

This workshop requires pre-registration at: https://blackhoodie.re/SecT2025/

Introduction to Linux Malware Reverse Engineering
Teachers: Marion Marschalek (@pinkflawd)

Topic: Ever wanted to know what a Linux malware looks like from the inside? Wonder no more, we’ll grab our scalpels and teach you autopsy in this class. We’ll go from 0 to hey ransomware! in just one day. This training is very busy, from file formats, loaders and process execution, disassemblers and debuggers, to hey this is encrypting files isn’t it. But don’t worry, we’ll arm you with all the necessary skills! The target will be x86-64 Linux ELF executables.

Prerequisites: Bring a laptop with IDAPro Free installed, class materials will be hosted on github.

What is BlackHoodie?
BlackHoodie is a free, women only reverse engineering workshop and community. More information can be found here: https://www.blackhoodie.re/about/

Beginners can now create off-grid, encrypted mesh networks for cheap, with applications in emergency communication, sensor monitoring, and more! These mesh networks have been popping up in cities all over the world, and this class will go over everything a beginner needs to run or build their own nodes. If you've ever wanted to legally create off-grid, encrypted mesh networks that can span over a hundred miles, you can get started with Meshtastic for around $50. This class will serve as a beginner user's guide to Meshtastic, covering everything from hardware basics to advanced software configuration. We will use custom Meshtastic nodes to see real-world results in Las Vegas and explore attacks against mesh networks. Attendees will learn to run their own Meshtastic nodes, select antenna options, and configure software!

This workshop is free and open for non-ticket holders as well. Hardware needed may be purchased on site.

A warm welcome to Community Event, a free event open for anyone, with lots of breaks to mingle and maybe grab a drink.

  /$$$$$$  /$$$$$$$$  /$$$$$$  /$$$$$$$$
 /$$__  $$| $$_____/ /$$__  $$|__  $$__/
| $$  \__/| $$      | $$  \__/   | $$   
|  $$$$$$ | $$$$$   | $$ /$$$$$$ | $$   
 \____  $$| $$__/   | $$|______/ | $$   
 /$$  \ $$| $$      | $$    $$   | $$   
|  $$$$$$/| $$$$$$$$|  $$$$$$/   | $$   
 \______/ |________/ \______/    |__/                 

AI literacy now commands attention across many organisations in the EU. Article 4—AI Literacy—of the EU AI Act, mandates a baseline level of knowledge for all AI users in scope.
This session distils several landmark realisations in LLM security, grounded primarily in Anthropic’s published security research.

We conclude with two case studies: rapid prototypes of novel LLM application architectures, as food for thought. Each prototype is analysed from a security-first perspective, while demonstrating the capabilities - and shortcomings - of today’s strongest agentic software-engineering models.

Antiforensics refers to a set of techniques, tools, or practices used to hinder, mislead, or obstruct digital forensic investigations. This opens opportunities for attackers to intentionally disable or tamper with logs, use short-lived compute resources like AWS Lambda to carry out malicious actions, and store payloads in less-monitored services like object storage or serverless APIs. Effective cloud forensic readiness requires proactive measures such as enabling comprehensive logging (e.g., CloudTrail, VPC Flow Logs), enforcing strict IAM policies, and integrating tamper-evident storage solutions to preserve the integrity of evidence.

In this demo driven technical presentation I’ll begin by introducing the audience on how log collection, security detection and digital forensics is executed in AWS Environments, like what services are needed to ship data to a SIEM, what are the delays we can take advantage of, how Guardduty works and how SOC teams are getting non-cloud-specific logs from servers using SSM. Then I will demonstrate how an attacker can leverage common known blindspots, like the share responsibility model lack of visibility and the internal delays between log generation and log collection, to execute antiforensics techniques with the objective of hindering an investigator’s ability to recover, analyze, or attribute activity related to cloud-based attacks.

SEC-T 0x10sion Music Synthesizer Badge kit

You can buy the kit at the SEC-T shop.

Anyone can learn to solder! And anyone can learn to make music, sound
(and noise!) with computer chips! All participants will easily learn
all of this by making their SEC-T Music Synthesizer Badge from the open
hardware kit. This workshop is for everyone -- even total beginners.

Code: https://github.com/SEC-T/badge-2024

This workshop is free and open for non-conference ticket holders as well. Hardware needed may be purchased on site.

GitHub Actions are the perfect tool for automating all aspects of your software workflows and deployment processes.
As Actions have access to source code, this makes them a prime target for (supply-chain) attacks.
Learn how to exploit and fix old vulnerabilities, what new vulnerabilities to be aware of, and how to reduce the impact should your Actions get exploited.

As long as we can communicate securely, everything will be fine.

In this talk I will present how one can build an entire decentralised and distributed encrypted network to carry data, voice, text and more - all based on the sanctum project I presented at SEC-t last year.

From peer-to-peer and end-to-end encrypted tunnels between laptops, desktops and phones to full on group voice-calls and chatting between these devices, using only sanctum and its underlying protocol.

I will deep dive into said protocol, how it works, what the tradeoffs are and how to put this up yourself in a safe and secure way.

So put on your hacker hat, and let's hack.

A warm welcome and introduction talk about SEC-T by the SEC-T organizers.

   _____ ______ _____   _______ 
  / ____|  ____/ ____| |__   __|
 | (___ | |__ | |   ______| |   
  \___ \|  __|| |  |______| |   
  ____) | |___| |____     | |   
 |_____/|______\_____|    |_|                             

As Ukraine endures a relentless wave of cyber-attacks during the ongoing conflict, the country’s cyber defense strategies have been put to the ultimate test. This presentation shares lessons from Ukraine’s frontline defense, focusing on the broader strategic impact of cyber warfare, including the significant cyber attack on Kyivstar. The talk will provide valuable insights for those seeking to understand the role of cybersecurity in modern warfare.

In this workshop, we'll upgrade a cute cat lamp with programmable LED hardware, walk through flashing it with WLED to give it custom animations, and then reflashing it to turn it into a sneaky WiFi hacking device. Workshop will involve beginner-level soldering and assembly skills. Great for cat-lovers and those looking to get into DIY IoT projects. Soldering and assembly tools will be provided, and hardware kits needed may purchased on-site.

The workshop is free for all conference attendees (not including hardware).

Whether it is for applications, operating systems, databases, etc. anything that reads, writes, manipulates data must be using an encoding. On modern days, it will mostly always be UTF-8 by default, sometimes UTF-16, both are Unicode standards. Security auditors and researchers often manipulate data or protocols, but what about manipulating the underlying encoding?

Unicode has become the one encoding to rule them all, replacing hundreds of old standards. At first glance, it could feel like a simplification. It is not. All those old encodings where ultra-basic while Unicode is overwhelmingly complex beyond what you can imagine until reading the specifications.

Over the years, the lack of awareness about Unicode and its complexity have led to a lot of issues and implementation errors. The version 16.0 of the Unicode Standard is 1140 pages long, and there are over 60 UAX (Unicode Standard Annexes), UTS (Unicode Technical Standards), UTR (Unicode Technical Reports), each of which is comparable to an IETF RFC. During the last 3 years, I have analysed about 15 programming languages, none of which is fully implementing 100% of the Unicode standard.

Any piece of software around you is probably using Unicode, but none of them have complete implementation of it and all of them a probably different. What could go wrong?

SEC-T 0x10sion Music Synthesizer Badge kit

You can buy the kit at the SEC-T shop.

Anyone can learn to solder! And anyone can learn to make music, sound
(and noise!) with computer chips! All participants will easily learn
all of this by making their SEC-T Music Synthesizer Badge from the open
hardware kit. This workshop is for everyone -- even total beginners.

Code: https://github.com/SEC-T/badge-2024

The workshop is free for all conference attendees (not including hardware).

In the run up to Google’s plans to dump 3rd party cookies, marketing firms (a $1.7 TRILLION dollar industry) were sent into a complete panic. These firms relied heavily on 3rd party cookies in order to better attribute CPM (cost per 1000 clicks) and how many of those clicks turned into sales. So advertisers could better study human behavior and trends in order to more effectively sell products.

As a former Security Engineer at the Largest Independent Digital Marketing firm in the world, I had a unique view into the evils that these companies were developing in order to not only maintain a few into consumer trends but to increase these views, increase the invasiveness of these techniques, and increase the cooperation between all levels of the industry from display point (streaming service), device point (iPhone, TV), location points (via ISP), to sales point.

This talk is a peek under the curtain for the server side data harvesting that agencies have developed, and how they’ve managed to twist this further invasion into so-called consumer protection and increased privacy.

If you’re used to seeing user enumeration marked as informational or excluded from bug bounty program scopes, you’re not alone. User enumeration is one of those findings that’s hard to prove as impactful, but also hard to get rid of.

This talk will dive into user enumeration and demonstrate its real impact, something that might make clients reconsider the severity of this finding.

Play retro games, chill, hang out, and listen to low volume music DJ:ed by Syntax Error.

 _  __               _                                           
| |/ /__ _ _ __ __ _| |_ ___  __ _  __ _ _ __ ___   ___ _ __ ___ 
| ' // _` | '__/ _` | __/ _ \/ _` |/ _` | '_ ` _ \ / _ \ '__/ __|
| . \ (_| | | | (_| | ||  __/ (_| | (_| | | | | | |  __/ |  \__ \
|_|\_\__,_|_|  \__,_|\__\___|\__, |\__,_|_| |_| |_|\___|_|  |___/
                             |___/                               

Just as Vulnerability Research is an important area of focus at Google, so is Vulnerability Response to critical and complex security vulnerabilities.

These responses not only safeguards the security of Google's products and users but also extends its reach to millions of devices connected to the Internet, in certain instances, including the case I'm going to share here in details.

In this talk, I'd like to go through a recent incident at Google, including technical details, in which I was the global lead. The incident involves the discovery by a Google's security researcher of a critical CPU vulnerability (Reptar) and the extensive remediation efforts across all of Google's products and systems.

The incident presented a confluence of intriguing technical challenges and unique operational complexities. I plan to elaborate on the strategies employed by Google to address these challenges effectively, emphasizing the time constraints and pressures under which we operated.

Beginners can now create off-grid, encrypted mesh networks for cheap, with applications in emergency communication, sensor monitoring, and more! These mesh networks have been popping up in cities all over the world, and this class will go over everything a beginner needs to run or build their own nodes. If you've ever wanted to legally create off-grid, encrypted mesh networks that can span over a hundred miles, you can get started with Meshtastic for around $50. This class will serve as a beginner user's guide to Meshtastic, covering everything from hardware basics to advanced software configuration. We will use custom Meshtastic nodes to see real-world results in Las Vegas and explore attacks against mesh networks. Attendees will learn to run their own Meshtastic nodes, select antenna options, and configure software!

The workshop is free for all conference attendees (not including hardware).

Offensive security adopts an attacker's mindset and techniques to strengthen defenses. The field has evolved to incorporate more complex tooling and increased automation and, recently, large language models (LLMs). While early AI lacked rigor for security professionals, recent autonomous agents now outperform humans in CTF competitions.

In this talk, we explore how recent advancements in AI can be leveraged in the offensive workflow.
First, we examine techniques to enable adversarial use of LLMs. Second, we focus on recent advancements of offensive use of AI throughout the cyber kill chain. To ground these ideas, we conclude by presenting a case study on automating exploit generation for blockchain. Smart contracts, which underpin the decentralized finance ecosystem and collectively govern billions of dollars, are particularly vulnerable due to their immutable and open characteristics. We present our early work on agentic use of AI to aid smart contract auditors in their existing vulnerability detection workflow.

This talk aims to show how you, as a security practitioner, can begin leveraging AI methods to scale your existing workflows while also grounding your understanding of the evolving capabilities that adversaries have at their disposal.

The increasing reliance on digital systems in modern rocketry, from design and manufacturing to launch operations and in-flight control, introduces significant cybersecurity vulnerabilities. This presentation, "Ignition Under Fire," explores the diverse attack vectors targeting rocket propulsion systems, examining potential consequences ranging from mission delays and data breaches to catastrophic failures. We will analyze the complex interplay of software, hardware, and network components within propulsion systems, identifying key weaknesses susceptible to exploitation. The presentation will delve into specific attack scenarios, software manipulation, sensor spoofing, and network intrusion, highlighting the potential impact on critical parameters like thrust, fuel flow, and combustion stability. Furthermore, we will discuss the unique challenges in securing these complex systems. We will explore how a Zero Trust architecture can be implemented to enhance security by enforcing strict access control, micro-segmentation, and continuous authentication and authorization throughout the propulsion system.

Workshop: TV-B-Gone / Learn to Solder

Anyone can learn to solder! And a fun way to do learn is by making
this wonderful little device that encourages you to turn
off TVs in public places! It works on a huge percentage of all TVs in
the world. Airports, bars, schools, waiting rooms… Works from 50 meters
away!

The workshop is free for all conference attendees (not including hardware).

Red Teams and Blue Teams thrive when they grow through iterative progress. However, I've historically witnessed Red Teams strive for logarithmic growth when caught by the Blue Team. This ultimately slows progress leaving a vast swath of median capabilities unexplored.

This talk is an interactive journey through open source detections, where we will bypass detections in a collaborative and iterative fashion. Attendees will gain a framework for leveling-up their Security programs, and hopefully pick up a few technical tricks along the way. Audience participation is highly encouraged.

Do you travel with expensive stuff? Do you like feeling safe about leaving your expensive stuff in your hotel room? Have you ever had anything stolen out of your room, or discovered someone has gained access to your room while you weren't there? .. what about .. other rooms? Maybe not EXACTLY a hotel room? I've presented on securing hotel rooms in the past, but adding home assistant, zwave devices, co2 sensors and millimeter wave radar it's become a whole new game - a VERY interesting one! With graphs and remote access!

Meshtastic is a long range, encrypted, off-grid mesh protocol that features many powerful modules, configurations, and settings. For beginners just getting started, it can be confusing to dive into these features! In this workshop, we'll explore the exciting modules that make Meshtastic more fun and useful. We'll cover how to customize the encryption, add hardware like GPS and sensors, and change the default transmission settings to adapt to specific environments. Attendees will learn to customize their Meshtastic nodes for any situation using the built in modules and settings. We'll also explore attacks against Meshtastic, and how to get involved in your local area! What to bring: Computer with Google Chrome, iOS or Android smartphone. What you get: 1 Bluetooth Nugget+ LoRa Backpack + weather sensor

The workshop is free for all conference attendees (not including hardware).

During SEC-T each year we take one hour out of the schedule to allow lightning speakers to do brief presentations on stage. A smaller dinner is served in the form of wraps.

• Jesper: Hello from SecurityFest
• Erik: Life as an IPv4 address - Insights from a worldwide honeypot network
• Alfred: goSnoop: Using the Linux Kernel and eBPF for Syscall and DNS Monitoring
• kdk: Bypassable fingerprinting: lessons learned from a queer social network
• Mikael Bååth: Vide coding for veterans
• Astrid: This is (not) a printer on the Internet
• Ignacio Navarro: Insert coin: Hacking Arcades for Fun
• Your talk here?

If you wish to hold a lightning talk (maximum 15 minutes), send us at email at cfp@sec-t.org. Please include a sentence or two what the talk is about, and a rough time estimate to make planning easier!

 ____  _____ ____    _____ 
/ ___|| ____/ ___|  |_   _|
\___ \|  _|| |   _____| |  
 ___) | |__| |__|_____| |  
|____/|_____\____|    |_|  

The official party for SEC-T starts, and opens for non-ticket holders.

Club SEC-T is -free- to attend for anyone 18 years or older, whether you're a conference guest or just want a ridiculously geeky Thursday night and don't even know what SEC-T is!
This also means, as a conference guest, you're free to invite your non-ticket-holding friends.

Official Facebook event: https://www.facebook.com/events/2110818196113594

Join us for another quiz with great music and visual clues! Some questions are more security related than others but all of it is fun! It's a though one so feel free to use your favorite search engine or other means to win.

Created by Weyland.

  ____ _       _       ____  _____ ____    _____ 
 / ___| |_   _| |__   / ___|| ____/ ___|  |_   _|
| |   | | | | | '_ \  \___ \|  _|| |   _____| |  
| |___| | |_| | |_) |  ___) | |__| |__|_____| |  
 \____|_|\__,_|_.__/  |____/|_____\____|    |_|  

** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance ** Live Artist Performance **

** Syntax Error DJs are putting on a Party ** Syntax Error DJs are putting on a Party ** Syntax Error DJs are putting on a Party ** Syntax Error DJs are putting on a Party ** Syntax Error DJs are putting on a Party ** Syntax Error DJs are putting on a Party ** Syntax Error DJs are putting on a Party **

Armed conflict accelerates technological development while exposing our blind spots in threat awareness. Even seemingly harmless diagnostic data from drones can be weaponized—with potentially deadly consequences.

This talk will include a live demonstration of advanced techniques used to intercept and locate drone operators in real-world war zones. Using the example of a three-day military operation in Ukraine, we’ll walk through how RF weaknesses can be exploited to detect and counter drone threats, and how custom tools can be built to track operators in the field.

** Karategamers Retro Arcade ** Karategamers Retro Arcade ** Karategamers Retro Arcade ** Karategamers Retro Arcade ** Karategamers Retro Arcade ** Karategamers Retro Arcade ** Karategamers Retro Arcade ** Karategamers Retro Arcade ** Karategamers Retro Arcade ** Karategamers Retro Arcade ** Karategamers Retro Arcade ** Karategamers Retro Arcade **

In this workshop, you’ll learn to write Bad USB scripts to hack computers using a cute, cat-shaped hacking tool called the USB Nugget. You’ll learn to write scripts to get computers of any operating system to do your bidding in seconds, and also how to automate nearly any desired action remotely. If you want to learn about simple scripting and HID attacks this workshop is for you!

The USB Nugget kit may be purchased at the workshop.

In this talk, we peel back the curtain on the Secure Software Development Lifecycle (SSDLC) and explore some real war stories. Rather than focusing on idealized process models or textbook solutions, this session highlights some messy, funny, and sometimes frustrating real-world scenarios AppSec professionals face every day. Each phase of the OWASP SAMM framework becomes a round of mistake bingo, revealing lessons learned along the way. You’ll laugh, you’ll cringe, and you’ll likely recognize more than a few of these examples from your own experience.

Workshop: TV-B-Gone / Learn to Solder

Anyone can learn to solder! And a fun way to do learn is by making
this wonderful little device that encourages you to turn
off TVs in public places! It works on a huge percentage of all TVs in
the world. Airports, bars, schools, waiting rooms… Works from 50 meters
away!

The training is free for all conference attendees. Needed hardware may be purchased at the workshop.

Breaking into supermarket systems, ticketing platforms, and more. I’ll share some of my latest hacking stories, showing how I found the vulnerabilities, reported them, and collaborated with the companies. We’ll dive into tools, the challenges of disclosure, the importance of being “ethical”, lessons learned and how these experiences help improve security and build trust between hackers and organizations.

Beginners can now create off-grid, encrypted mesh networks for cheap, with applications in emergency communication, sensor monitoring, and more! These mesh networks have been popping up in cities all over the world, and this class will go over everything a beginner needs to run or build their own nodes. If you've ever wanted to legally create off-grid, encrypted mesh networks that can span over a hundred miles, you can get started with Meshtastic. This class will serve as a beginner user's guide to Meshtastic, covering everything from hardware basics to advanced software configuration. We will use custom Meshtastic nodes to see real-world results in Las Vegas and explore attacks against mesh networks. Attendees will learn to run their own Meshtastic nodes, select antenna options, and configure software!

Needed hardware may be purchased at the workshop.

In June 2025 XBOW became the first AI Agent to reach #1 on Hacker1 USA ranking. But how does a hacking agent work? Can you build your own? Can it collect bug bounties while you drink Martinis on the beach?

Hacking is about curiosity, building and breaking things. In this session we explore how we can integrate Large Langue Models (LLMs) with Model Context Protocols (MCPs) to automate & orchestrate complex attacks

Then we look into how secure are AI agents and how can they be hacked

Identity has become the new perimeter and in Microsoft Entra ID (formerly Azure Active Directory), it’s also the easiest one to break. Misconfigured apps, over-scoped permissions, and weak conditional access open the door to attackers who know where to look.

In this talk, we’ll walk through real-world Entra ID misconfigurations that led to privilege escalation and domain-wide compromise all of which have been reproduced in EntraGoat, a new open-source lab that simulates these attack paths in a CTF-style environment.

You’ll see step-by-step demos of how attackers exploit these flaws, how defenders can detect them, and how you can use the lab to train, teach, or test in your own environment. Whether you’re red team, blue team, or just Entra-curious, you’ll walk away with practical techniques and a tool to keep practicing.

Traditional SIEM solutions focus on detecting attacks—but what if we flipped the script? Instead of waiting for adversaries to act, defenders can use SIEM proactively to identify local privilege escalation risks before they’re exploited. By analyzing Sysmon and Windows event logs, blue teams can uncover hidden misconfigurations in services, scheduled tasks, DLL loads, and centralized application deployments that could allow an attacker to escalate privileges to SYSTEM. In some cases, this approach might even reveal new CVEs lurking in your environment. This talk will showcase practical techniques for leveraging SIEM as an offensive discovery tool, helping defenders think like attackers to strengthen security from within.

Meshtastic is a long range, encrypted, off-grid mesh protocol that features many powerful modules, configurations, and settings. For beginners just getting started, it can be confusing to dive into these features! In this workshop, we'll explore the exciting modules that make Meshtastic more fun and useful. We'll cover how to customize the encryption, add hardware like GPS and sensors, and change the default transmission settings to adapt to specific environments. Attendees will learn to customize their Meshtastic nodes for any situation using the built in modules and settings. We'll also explore attacks against Meshtastic, and how to get involved in your local area! What to bring: Computer with Google Chrome, iOS or Android smartphone. What you get: 1 Bluetooth Nugget+ LoRa Backpack + weather sensor (can be purchased at the workshop).

Bluetooth vulnerability assessment is still in the dark ages. We still don't have a good handle on all the devices that are affected by the exploitable-over-the-air vulnerabilities that we disclosed in Texas Instruments and Silicon Labs firmware back in 2020. But we've been chipping away at the problem!

We released "Blue2thprinting" in 2023 as our starting point towards something akin to nmap OS fingerprinting, but with a focus on learning what we could about the specific Bluetooth chip or firmware versions, to identify known-vulnerable versions. We delved into the thousands of pages of Bluetooth specs to extract bits and pieces, packets and profiles, that had interesting information to share about what a device is.

But even as we continue to add new types of data to enrich our understanding of what devices are, and whether they're vulnerable to known CVEs, there's just so much that's still unknown! In this talk we'll discuss the updates to Blue2thprinting to allow for P2P researcher data sharing and crowdsourcing, and how that can help broaden the global knowledge of Bluetooth vulnerability applicability. And we'll also highlight the ridiculous number of tantalizing known unknowns; and encourage you to join the BlueCrew on our Journey Into Mystery!

Ever wondered how to start your first red teaming engagement? This session will teach real-world methodologies for collecting, analyzing, and applying threat intelligence in offensive security engagements. Participants will gain hands-on experience in extracting TTPs from threat reports, building adversary emulation plans, and using tools like the MITRE ATT&CK Navigator to plan intelligence-driven red team operations. Attendees will also receive custom worksheets and templates to support their future assessments.