-
Hello LuCy Nice To Meet You! - A Conclusion
On A 3 Year Open-Source Cybersecurity Project
- Denim Latić & Cynthia Wagner
-
AI And Cryptography For Evasive Malware
- Cocomelonc
-
Things Fall Apart: Allying Cybersecurity
And Diplomacy Against Authoritarian Disorder
- Luc Dockendorf
-
Identity Security Just Exploded
- Wendy Nather
-
Death By Pickle: Python's Betrayal ML
- Kadi McKean & Frithjof Hoffmann
-
From Hours To Minutes: Automating Incident
Response Triage With Open-Source Tools
- Markus Einarsson
-
Level Up Your CI/CD:
Building A Secure Pipeline With OSS
- Andoni Alonso & Paco Sanchez
-
Advanced Threat Hunting:
Staying One Step Ahead Of Adversary
- Alex Holden
-
What Does Threat Modeling
Solve For AI Security?
- Nathan Pembe
-
SPOT - Spear-Phishing Overwatching Tool
- Pauline Bourmeau (Cookie),William Robinet and Thibaut Diels & Mathieu Fourcroy
-
Unraveling Failure: Lessons From
An Avoidable Ransomware Attack
- Mihai Tutulan
-
The Spy Who Logged Me:
When Your XDR Joins The Attackers
- Melina Phillips
-
CT(C)I-Driven Detection Against
Internal And External Threats
- Ondrej Nekovar & Jan Pohl
-
Beyond The Prompt: A Framework For
Agentic AI Attack And Defense Strategies
- Jeremy Snyder
-
Mapping The Invisible: Why System Cartography
Matters For Security And Compliance
- Didier Barzin
-
What Is The Dark Web Talking About?
Dark Jargon Detection And Identification
- Laura Bernardy
-
OpenTide: From Raw Intelligence To
Structured Threat-Informed Detections
- Remi Seguy
-
Talk To A Shell:
Exploiting AI Agent In Real Time
- Parth Shukla
-
Cloud Misconfigurations:
Poke Poke, Breach
- Kat Fitzgerald
-
Trust And Traceability : Developer
Observability In The AI Powered SDLC
- Omar Rachid
-
Understanding Mobile Stalkerware
- Elouan Rigaut
-
Scaling Defence:
Finding RedVDS From A Phishing Email
- Elliot Parsons
-
How To Be Just The Right Amount
Of Paranoid (Cybersecurity Edition)
- Denim Latić
-
Magic-rs: A Memory-Safe, Libmagic-
Compatible File Type Detection Ecosystem
- Quentin Jerome
-
Building A Safe Harbor For
Cybersecurity Professionals
- Ondrej Nekovar
-
RioT – A Raspberry-Based Network
Implant For Red Team Operations
- Olivier Médoc
-
Teaming, Trust, And Threats: How Humans
Interact With Generative AI In Security
- Tailia Malloy
-
Your CTI Reports Are Useless Without Structure:
From Unstructured Threat Intel To
STIX Knowledge Graphs With LLMs And MCP Server
- Antonio Formato
-
In The Wild Cloud Exfiltration
Paths You Might Not Expect
- Tomas Kabrt
-
Managing Uninvited Guests:
Securing Open Source Dependencies
- Kadi McKean & Frithjof Hoffmann
-
Those Who Don’t Learn From CVEs
Are Doomed To Rediscover Them
- Louis Nyffenegger
-
The Agents Of Chaos:
AI Driven Malware Generation
- Arad Donenfeld
-
Not So HARMless: The Hidden World Of
Linux Packers And Detection Challenges
- Massimo Bertocchi
-
When Filenames Become Attack Surfaces:
Weaponizing NASA’s CFITSIO Extended Filename Syntax
- Adrian Denkiewicz
-
Cloud Sovereignty
- Catalin Tiganila
-
Dungeons & Dragons: The Security
Power Tool You Didn’t Know You Needed
- Klaus Agnoletti & Glen Sorensen
-
Goodbye Purple Team, Hello Purple Bots
- Patrick Mkhael & Ralph El Khoury
-
When LLMs Summarize Security Findings:
The Tradeoffs You Can’t Ignore
- Andrey Lukashenkov
-
Leaky API Keys, Log Tampering,
And Account Takeover
- Aleksa Zatezalo
-
Out Of Security Exception: What To Do
Without An Expert To Secure Your Software
- Lisi Hocke
-
Finding Meaning In /dev/null
- Paul Jung
-
Ferrari Without Fuel:
Exorcise GIGO Out Of Logs Management
- Stefano Amodio & Elliot Parsons
-
Making A Risk-Informed LLM Choice
- Jeremy Snyder
-
Infostealer Emulation:
Validating Detection Of Credential Theft
- Filipi Pires
-
The Forgotten Fingerprint: DNS Based OSINT
Techniques For Product & Service Discovery
- Rishi (@rxerium)
-
What You See Is (Not) What You Get
- Xavier Mertens
-
Turnkey Code: Enhancing Secrets
Management In Large Scale Organizations
- Diogo Lemos
-
The Whistles Go Woo Woo: SIEM Alerts,
Threat Detection And Tuning Unnecessary Noise
- Melina Phillips
-
Oh Shit I Accidentally Breached
An Organization (Or Many) Using AI
- Panagiotis Fiskilis
-
Phinding A Phisher:
Don't Let Rep Get You Rekt
- Elliot Parsons
-
From Manual Hunt To Mass Detection:
Weaponising Nuclei Against Phishing
- Rishi (@rxerium)
-
Security Impress Karaoke
- Kirils Solovjovs
-
Killing Killnet
- Alex Holden
-
Mastering Incident Response With Kanvas
- Ardit Beu
-
The High-Performance Fuel For
Social Engineering (Now In AI Flavors!)
- Glen Sorensen
-
Building A "Mythos-Ready" Security Program
- Catalin Tiganila
-
Comprehensive Framework For Analyzing And
Detecting Malicious Browser Extensions
- Van Nguyen
-
The Challenges Of AI-As-A-Service Logging
- Jeremy Snyder
-
Spreading Malware With USB Keys:
Does It Still Work ?
- Didier Barzin & Mathieu Vajou
-
Curating Secure Software:
The Art Of Selecting Safe Dependencies
- Kadi McKean & Frithjof Hoffmann
-
Why I Go To The Dark Web Every Day
- Alex Holden
-
Kunai: Open-Source Threat Detection On Linux
- Quentin Jerome
-
AI In Cybersecurity:
How Can We Make Best Use Of It?
- Diana Waithanji
-
Forensic Challenges In Real-World
Cases Of Digital Manipulation
- Thiago Vieira
-
Spyware: The Invisible Threat
- Julien Vander Straeten
-
Confound And Delay: Honeypot Chronicles
From The Digital Battlefield
- Kat Fitzgerald
-
Turbocharged SOC: DetectFlow
And Other Innovative Open Source Tools
- Andrii Bezverkhyi
-
The Agent Had A Plan—So Did I:
Top Attacks On OWASP Agentic AI Systems
- Parth Shukla & Nagarjun Rallapalli
-
500 Incidents Later:
Real-World Cyber Defense
- Federico
-
From Phishing To Mitigation:
An Early-Career Incident Response
- Chris Beckman
-
Ransom-ISAC LOCK STAR Initiative
- Ellis Stannard
-
Panel Discussion: The Future Of Detection Engineering
- Diana Waithanji,Ondrej Nekovar and Remi Seguy & Andrii Bezverkhyi
-
Building The Ultimate AI Firewall: Inside
SovereignShield, IntentShield, And LogicShield
- Mattijs Moens
-
Third Party Risk Management
- Jyoti Upadhyay & Parveen Rajpurohit
-
Building Vs. Buying:
A Tale Of Developing An In-House SCA Tool
- Diogo Lemos
-
How Secure Is Secure Code Generation?
Putting The LLMs To The Test
- Melissa Tessa
-
MISP Workbench
- Luciano Righetti
-
From CLI To Platform: Building NetCarapace,
A Secure And Open Source URL Checking Ecosystem
- Cédric Renzi
-
Startup Security 2020:
Aged Like Wine Or Milk?
- Guillaume Ross
-
Security For AI: AIDR Bastion As Open Source
LLM Firewall / AI Prompts Reverse Proxy
- Andrii Bezverkhyi
-
Agnoletti & Trump:
Gaming Playing To Win At Cyber
- Klaus Agnoletti & Ian Thornton-Trump
-
XCTDH Cross-Chain Transaction Data Hiding:
Cyber Espionage And OPSEC Encounters
- Ellis Stannard
-
Every Guardrail Everywhere All At Once:
Designing And Testing Guardrails For LLM Applications
- Donato Capitella
-
What's Old Is New: Exploiting Classic
Vulnerabilities In GraphQL APIs
- Aleksa Zatezalo
-
Digital Risks, Threat Models, And Empathy:
Trainings That Empower
- Łukasz Król
-
Building Secure AI: Making Threat
Modeling A Core Part Of Development
- Diana Waithanji
-
Weaponizing PDF Files: Advanced
Exploitation Techniques For Red Teams
- Filipi Pires
-
Exploiting The Past: How Linguistic Redundancy
Weaponizes The Quantum Search Landscape
- Alessio Di Santo & Gabriella Lanziani
-
The Always-On Purple Team: Going Full
Spectrum With AI-Powered Red Ops
- Jeroen Vandeleur
-
CTF Prize Ceremony (and Raffles If Any Etc.)
- BSides.LU Orga
-
AI Security Village:
Open Village/Q&A
- Parth Shukla & Nagarjun Rallapalli
