-
Hacking - 30+ Years Ago
- Walter Belgers
-
Anti-Forensics - You Are Doing It Wrong
(Believe Me, I'm An IR Consultant)
- Stephan Berger
-
Confessions Of A Linux Drama Queen: Incident
Response When Hackers Try To Steal Your Spotlight
- Melina Phillips
-
Containing The Threat:
Analyzing Cryptomining Campaigns
- Bogdan Trufanda & Mihai Vasilescu
-
LOLBlue : Living Off The Land
With Blue Team Tools
- Maxence Fossat & Antoine C
-
B.o.D.: Bytes Over DNS
- Didier Stevens
-
Red Team Story: Offline SCCM
Backup Secrets Decryption
- Martino
-
Detection Coverage
In Today's Blue Team World
- Claus
-
Fearless File Identification
- Quentin Jerome
-
Hunting For Linux Extended File Attributes
- Xavier Mertens
-
Incident Reporting Made Easy,
Using Draugnet
- Andras Klody
-
From Buzzword To Battlefield:
The Cybersecurity Challenges Of Smart Cities
- Marina Bochenkova
-
Fake Jobs, Real Malware. Uncovering How
Cybercriminals Are Exploiting The Employment Market
- Ionuț Baltariu
-
intelmq.ai - Adding ML Model Support To Intelmq
- Aaron Kaplan and Sebastian Wagner & Jürgen Brandl
-
No Way To Enable SSH Access To Your New Router?
The Vendor Might Have Something To Hide
- Stanislav Dashevskyi & Francesco La Spina
-
Oops, I Hacked It Again:
Tales And Disclosures
- Ignacio Navarro
-
OverLAPS: Overriding LAPS Logic
- Antoine Goichot
-
Phishing Detection
Using Various Parts Of DNS Ecosystem
- Piotr Białczak & Michał Hałoń
-
RomCom Exploits Firefox And
Windows Zero Days In The Wild
- Damien Schaeffer
-
From Achilles To NIS2: Slovakian Lessons On
Proactive Cybersecurity And Vulnerability Disclosure
- Michal Rampášek & Alexander Valach
-
Tracking And Documenting Threat Actors
Using MISP - A Slightly Different Approach
- Csaba Barta
-
A Pragmatic Approach
To Build A Threat Landscape
- Thomas Patzke
-
Exploring Threats
Leveraging Blockchains
- Paul Rascagneres
-
Reversing A Pay Phone
For Fun But No Profit
- Inbar Raz
-
Slipping Through The Cracks:
How Malicious Emails Evade Detection
- Elyssa Boulila
-
Silent Killers: Unmasking A Large-Scale
Legacy Driver Exploitation Campaign
- Jiří Vinopal
-
Smack My LLM Up!
- Jindrich Karasek
-
Malware Investigation Pipeline:
From Honeypot To Threat Intel
- Andreia-Irina Ocanoaia
-
May The World Ever Again
Experience Such A Christmas Night!
- Christophe Vandeplas
-
Nmap Scanning, Fast And Slow
- Luc Gommans
-
Port Mimic: It's A Trap!
(And So Is Every Other Port)
- Jürgen Brandl
-
RANGE42: An Open Source Cyber Range
- Benjamin Collas
-
Meet Plum, The Challenge
Of Your Own ASR For Free
- Paul Jung
-
Open Source Is A Virus
- Philippe Ombredanne & Prabhu Subramanian
-
Security Monitoring And Response
In Large Linux Environments
- Hilko Bengen & Hendrik Schmidt
-
Digic8 Oracle
- Laurent Clevy
-
The “S” In IoT:
Tales From Inside The IoT Industry
- Will Moffat
-
The Parking Chronicles:
A DIY Guide To Agents Detection
- David Sopas
-
What Malware Leaves Behind:
Analysing Forensic Traces Of Ransomware
- Ankshita Maunthrooa
-
Integrating Zeek With Third-Party Applications
- Christian Kreibich
-
The Cloud Journey 2013-2025
Of The European Commission
- Claus
-
Kaitai Struct:
A Tool For Dealing With Binary Formats
- Petr Pucil & Mikhail Yakshin
-
Utilman & CMD
- Didier Stevens
-
101: How To Break IPS & SIEM
- Nicol Dankova
-
A Quick Retrospective Of A Student
Discovering Programming & Other Failures
- Sami Mokaddem
-
All Your CCTV’s Are Belong To Us
- Xavier Mertens
-
Phish Perfect: How I Broke The Thing
While Trying To Protect It
- Melina Phillips
-
Analysing The 1991 Lips
Eloctro Mechatronic Lock
- Walter Belgers
-
Suricata Lua Support
- Eric Leblond
-
The Beauty Of Vibe Coding
- Andras Iklody
-
The CVE-Search Design Failure(s)
- Alexandre Dulaunoy & Cédric Bonhomme
-
BurningPanda
- Ben (@polygonben)
-
The Heavy Shadow Of Imposter Syndrome
- Tammy Harper
-
Nightmare On NTLM Street: Legacy’s Revenge
- Marina Bochenkova
-
Compromising Threat Actor Communications
- Ben (@polygonben)
-
Instrumenting Software Builds To Detect
Stealth Backdoors And Other Curiosities
- Hilko Bengen
-
Attacking The Developer Environment
Through Drive-by Localhost Attacks
- Joseph Beeton
-
One Day At The Internet Storm Center
- Xavier Mertens
-
Field Guide To Physical Attacks
Against Full-disk Encryption
- Edouard D'hoedt & Hayk Gevorgyan
-
My Other ClassLoader Is Your ClassLoader:
Creating Evil Twin Instances Of A Class
- Dimitrios Valsamaras
-
Building A Pipeline To Analyse IOS Devices At Scale
- David Durvaux & Christophe Vandeplas
-
ICRC's Trust And Safety: Armed Conflict
- Vitaly Savenkov
-
OpenTIDE: When TI Made Actionable
Drives Your Threat Detection
- Remi Seguy
-
These Hackers Fucking Suck
- Ben (@polygonben)
-
Tools To Streamline Creation
Of Technical Presentations
- Kirils Solovjovs
-
Decrypting IIS Backdoor Traffic
- Didier Stevens
-
5 Years Collecting CyberSecurity Tools
- Jonathan Scoupreman
-
Revisiting Widevine L3:
DRM As A Playground For Hackers
- Felipe Custodio Romero
-
The Human Factor:
Psychological Safety In Cybersecurity Frontlines
- Cris Brafman Kittner
-
Livewire:
Remote Command Execution Through Unmarshalling
- Rémi Matasse & Pierre Martin
-
2038 Is Gonna Be Epoch!
- Trey Darley & Pedro Umbelino
-
Wyse Management Subversion:
Taking Over Dell's Wyse Management Suite
- Alain Mowat
-
What's New In Suricata 8:
Enhanced Detection And Performance
- Peter Manev & Eric Leblond
-
How To Better Identify (Weaponized)
File Formats With Ftguess
- Philippe Lagadec
-
Hacking For Hoodies: MISP Edition
- Jeroen Pinoy
-
Breaking Android IPC: A Deep Dive Into AIDL Fuzzing
- Rajanish Pathak & Hardik Kamlesh Mehta
-
Palo Alto GlobalProtect:
Remote Full Compromise Exploit Chain
- Maxime Escourbiac
-
Audit And Retrospective Of An
Automotive Application: Carplay
- Etienne Charron & Khadim
-
From YAML To Root:
CI/CD Pipeline Attacks And Countermeasures
- Hugo
-
Persōna Theory: Infiltration And
Deception Of Emerging Threat Groups
- Tammy Harper
-
Russian-speaking Underground:- Changes In
- Vladimir Kropotov
-
Lethal Language Models:
From Bit Flip To RCE In Ollama
- Paul Gerste
-
Exploiting Legit APIs For Covert C2:
A New Perspective On Cloud-based Malware Operations
- Cocomelonc
-
Fake Likes, Real Risks:
Mapping Fake Social Activity Shops in Europe
- Sviatlana Höhn & Anastasia "Asya" Sergeeva
-
Bugs In The Human Code: Help Timo
- Paul Hirtz
-
Reverse Engineering, For Real
- Henri Ahola
-
4-Byte Hell:
When Unicode Enters The Stage
- Jonas Hess
-
Pwn2Own: Hacking IoT Devices
- Adam
-
Threat Actor Tripping On The Finish Line
- Rasmus
-
Revisiting RAND’s Lost Monte Carlo Simulations:
Sharla Perrine, Paul Baran, And
The True Business Case For The Internet
- Trey Darley
-
Automotive Security Analyzer For Exploitability Risks:
An Automated And Attack Graph-Based Evaluation Of On-Board Networks
- Martin Salfer
-
DCOM Turns 20: Revisiting A Legacy
Interface In The Modern Threatscape
- Julien Bedel
-
Beyond Post-quantum Stereotypes
- Antoine Gicquel & Benjamin Sepe
-
CLI Ambush
- William Robinet
-
THAT PICTURE IS A LIE:
SMUGGLING BINARIES WITH STYLE
- Harpreet Singh
-
Breaking The Signal:
Red Teaming Mobile Networks In 2025
- Ali Abdollahi
-
French Stealer Ecosystem:
The Resurgence Skid Gangs In Cybercrime Space
- 0xSeeker
