Here are the talks and workshops our CFP panel have selected for 44CON 2025. The schedule is available here.

Talks

Microsoft Copilot is fast being rolled out across organisations everywhere but what does this mean for security? This is an in depth discussion on the emerging security risks associated with Copilot deployment in an organisation. We will explore the threats, the details and implications of their exploitation, what can be done to defend and secure Copilot; and we will reveal a new zero day exploit in Copilot.

Thomas Atkinson

Thomas Atkinson is an Executive Principal Security Consultant at NCC Group.

Thomas first started his AI/ML journey during his undergraduate degree at the dawn of CUDA C and has been a self-professed AI nerd ever since. He is one of three Acting Global Heads of AI/ML for NCC Group’s Technical Assurance Services and together with his other colleagues, he helped create, launch, run and deliver NCC Group’s AI/ML Security Assurance Services.

He has a strong research background and continues to be involved in both commercial AI/ML research for clients and participates as one of the global research leads at NCC Group.

Training LLMs with reinforcement learning (RL) has proven successful in many domains, yet there is limited public research on its application to computer security tasks. While any verifiable task can serve as a candidate for optimization, building effective training environments often presents significant challenges.

This presentation introduces methodologies to systematically design RL gyms tailored to security research. Practical guidance will be provided on designing robust reward functions along with strategies for developing efficient training environments. Further, detailed guidelines will be shared on effective RL model training, including considerations for distilling larger models and selecting key evaluation metrics beyond the reward function.

Kyle Avery is an offensive security researcher and developer at Outflank. He has a background in penetration testing and red teaming as a consultant and on an internal team. Kyle specializes in capability development for Windows, macOS, and Linux.

He has presented at conferences including DEF CON, Black Hat, Wild West Hackin’ Fest, and BSides.

This is our stage, set in early 2023, a nation state is prepping a campaign against several organizations – using similar TTPs.

Join us on an exhilarating journey through a massive incident response (IR) in an incredibly intricate setting. Picture this: A drone strike motivates a nation state to attack an organization and launch an InfoOps campaign. With over 30 distinct Business Units, each with its own unique IT structure. Every endpoint directly exposed to the vast expanse of the internet, boasting a class B IP range. And to top it off, varying levels of security hygiene.

But wait, there’s more! The attackers unleashed a devastating ransomware attack, which, surprise, turned out to be successful. Countless terabytes of data held hostage, with no possibility of a key.

Fear not, for we have discovered a remarkable method to exploit this ransomware and reclaim the majority of the encrypted data. Prepare to witness the magic of resourcefulness, innovation, and the art of cracking cryptography. Brace yourself for a talk that will leave you in awe!

In this talk we will do a deep dive into what the ransomware was doing (RE assembly level), why – and where it failed. We will follow though on our analysis and show how we conducted the research. At first pass we thought that there was nothing that we could do – but then we had a bold idea – what if we think outside the box? maybe we can break this?

Our analysis and research pushed us to discover several different ways that we could recover encrypted files, and our methods could be used in other cases as well.

Our analysis is technical, and will require some intro into cryptographic concepts and OS and memory structure.

Guy Barnhart-Magen

With nearly 25 years of experience in the cyber-security industry, Guy held various positions in both corporates and startups.

As the Co-Founder and CTO of the Incident Response company Profero, his focus is making incident response fast and scalable, harnessing the latest technologies and a cloud-native approach.

Most recently, he led Intel’s Predictive Threat Analysis group, which focused on securing machine learning systems and trusted execution environments. At Intel, he defined the global AI security strategy and roadmap. In addition, he spoke at dozens of events on the research he and the group have done on Security for AI systems and published several white papers on the subject.

Guy is the BSidesTLV chairman and CTF lead, a Public speaker in well-known global security events (SAS, t2, 44CON, BSidesLV, and several DefCon villages, to name a few), and the recipient of the Cisco “black belt” security ninja honor – Cisco’s highest cybersecurity advocate rank.

He started as a software developer for several security startups and spent eight years in the IDF. After completing his Electrical Engineering and Applied Mathematics degrees, he focused on security research in real-world applications.

He joined NDS (later acquired by Cisco). He led the Anti-Hacking, Cryptography, and Supply Chain Security Groups (~25 people in USA and Israel).

This talk presents a practical methodology and toolset, developed through two years of pentesting enterprise GenAI and LLM application use cases, for testing the security of LLM applications and GenAI features in real-world, time-constrained assessments. Rather than focusing on unsafe conversations or vague “AI risk”, we focus on concrete cybersecurity outcomes, exfiltration, XSS, DoS, and social engineering, through prompt injection.

Donato has over a decade of experience in software engineering and penetration testing. He spent the past few years working on, testing and securing LLM applications and agentic workflows. He developed Reversec’s Secure GenAI offering, has a Youtube channel on LLM security (https://www.youtube.com/@donatocapitella) and is the lead author of spikee, an opensource tool for prompt injection testing.

    As CI/CD pipelines become integral to modern software development through systems like Azure DevOps or GitHub Actions, and tools such as Terraform and Ansible, their compromise can have devastating effects, from infrastructure breaches to mass malware distribution.

    Originally, CI/CD pipelines were managed and accessed only by a limited group of administrators or integration engineers. However, with the widespread adoption of Infrastructure as Code, it has become increasingly common for companies to open controlled access to their pipelines—sometimes even to external clients. This shift supports use cases such as self-service sandbox environments, client-controlled infrastructure provisioning, or dynamic testbed deployments in multi-tenant platforms. While these scenarios offer flexibility and scalability, they also introduce new risks and potential attack vectors, making it critical to rethink pipeline security under this broader exposure model.

    In this talk, we will demonstrate how an attacker can exploit seemingly limited permissions—such as those of a standard contributor account—to fully compromise a CI/CD pipeline and the underlying infrastructure. By chaining misconfigurations, abusing legitimate features, and bypassing common restrictions, we’ll show how limited access can quickly escalate into full control.
    In the second phase of the talk, we’ll look at the defensive side: how a company can effectively secure its pipelines in a context where access is no longer limited to internal teams.

    Hugo Ferreira dos santos: Passionate about programming, I began my career as a developer and private tutor in C/C++ before transitioning into offensive cybersecurity. For the past five years, I have worked as an offensive security auditor at Deloitte Cyber, where I conduct a wide range of penetration tests and technical audits. I am also responsible for designing and developing Pentest and Red Team infrastructure using Infrastructure as Code, with a strong focus on automation and operational efficiency.

    This dual role – combining offensive security with infrastructure development – naturally led me to specialize in the security of CI/CD workflows. Through numerous audits and penetration tests for a wide range of clients across various environments, I have developed a deep and critical expertise in pipeline security, particularly within platforms such as Azure DevOps and GitHub Actions.

    Luc-Marie Coustillière: I’ve been working in offensive cybersecurity for 10+ years. In recent years I’ve specialized in RedTeam missions, internal and cloud pentests. In addition to offensive missions, I’m responsible for the design of my team’s pentest and RedTeam infrastructure as code.

    Since the early 2010s, social network-based influence technologies have grown almost exponentially.
    Since the U.S. Army’s early OEV system in 2011, a number of companies specializing in this field have emerged.
    The most (in)famous cases are Bell Pottinger, Cambridge Analytica, AggregateIQ and, more recently, Team Jorge.
    Since with Ukrainia and Middle East (Israël, Gaza, Lebanon, Iran) the development and the use of influence tools and techniques on social networks has literally exploded.

    In this talk, we will consider the use-case of sockpuppet master activities, which consist in creating hundreds or even thousands of avatars, in organizing them into communities and implement influence operations (Cambridge Anaytica, team Jorge) i a few clicks. On-purpose software is used to automate these operations (e.g. Ripon software, AIMS…) and organize these avatar populations into communities.
    The goal of the talk is to show how these community management techniques (social networks) can be used in a different way to communicate/disseminate relatively large volumes (up to a few hundreds of Mb) of multi-level encrypted information to a limited number of actors. To a certain extent, this can be compared to a Dark Post-type function, with a number of much
    more powerful potentialities.
    The idea is to dynamically encode a single encrypted content, based on communities of avatars that can be permanently reconfigured.
    This unique encrypted content is then decrypted by each actor in a different way, depending on the K_i key he or she holds (multi-level
    communication). Each actor must retrieve the structure of the associated graph to extract the file (gefx file), extract the encrypted
    file and, finally, decrypt the content of the file intended for them. The power of this approach lies in the following features:

    • A large volume of encrypted data can be communicated with a demonstrably high level of security (detection, extraction, cryptanalysis).
      In this way, all steganography techniques (to which our technique is similar, except for the nature of the cover-media) are largely surpassed.
    • As community reconfiguration can be extremely rapid, these communications can be replayed frequently and regularly.

    Beyond the use-case under consideration (sockpuppet master activity), these techniques can be used more widely for classic and legitimate
    legitimate secure communications. As the desire to control encryption grows every day, its free use is increasingly under threat. This calls
    for high-performance resources (throughput, security) offering both COMSEC and TRANSEC.

    Éric Filiol is a senior expert and consultant in information and systems security and intelligence for more than 35 years. He spent 22 years in the French Army. He holds an engineering degree in Cryptology, a PhD in Applied Mathematics and Computer Science and a Habilitation to Conduct Research (HDR) in Computer Security as well as several NATO certifications in intelligence. He is still deeply involved in R&D (mathematics, programming, information security).

    He is editor-in-chief of the research journal in Computer Virology and Hacking Techniques published by Springer.

    He regularly gives talks in the field of security (Black Hat, CCC, CanSecWest…).

      Replik8s is a modern open-source Kubernetes auditing and investigation tool. It is designed to address the common limitations of traditional security tools, which rely on narrow data collection and predefined logic. RepliK8s allows cloning Kubernetes clusters and serving back exact replicas of the original data, as well as conducting analysis through a tool-agnostic query language. This versatility makes it particularly valuable for purple teams, enabling both exploratory investigation and precise identification of misconfigurations and vulnerabilities.

      During the talk, we will present RepliK8s and the philosophy guiding its development, as well as demonstrate its application in various security auditing and incident investigation scenarios. Get ready to put your skills to the test!

      Xavier is a Principal Security Engineer at Latacora, a retained security team for startups, and was previously a Managing Consultant at NCC Group. He has experience in both academia and the private sector, having worked as a developer, security researcher, and consultant. Xavier currently focuses most of his time on infrastructure and cloud security.

      Xavier is the former maintainer of Scout Suite, a widely recognized open-source tool for multi-cloud security auditing. He has shared his expertise through talks and trainings at numerous conferences.

      Like a lot of things in containerization, networking is built of a number of layers and abstractions based on existing technologies, with more seemingly being added all the time. As admins we know that abstractions are great for end users, they simplify stuff. But as hackers we know that’s precisely the place you want to poke at. What if assumptions were made that can lead to abuse!

      In this talk we’ll get into the details of how Kubernetes based network stacks work and detail specific places that are vulnerable to attack. We’ll start with the low level aspects of Linux networking that have been re-purposed for container stacks, looking at how those settings can leave clusters exposed to attacks, then talk about some higher level HTTP API concerns like the fact that every cluster is SSRF as a service, and demonstrate tools that allow for port-scanning via the Kubernetes API server.

      We’ll also talk about how Kubernetes cluster network security operates and focus on how those controls can be rendered useless by users making mistakes, or by attackers deliberately exploiting configuration errors.

      Lastly we’ll take a look at the unpatchable-4 CVEs in Kubernetes, all of which are related to networking and show how they could be exploited to hijack traffic.

      Rory is a senior researcher and advocate for Datadog who has extensive experience with Cyber security and Cloud native computing.

      In addition to his work as a security reviewer and architect on containerization technologies like Kubernetes and Docker he has presented at Kubecon EU and NA, as well as a number of other cloud native and security conferences. He is one of the main authors of the CIS benchmarks for Docker and Kubernetes, a published author on the topic of Cloud Native Security and member of Kubernetes SIG-Security.

      When he’s not working, Rory can generally be found out walking and enjoying the scenery of the Scottish highlands.

      The talk focuses on how a customer loader can be written, and used in Linux; apart from its various uses in defense evasion and other possible attack vectors. The talk will start from basic ELF loader, how Linux kernel handles loading of different executable files, and how a new loader can be written and configured so that it can be used seamlessly. The consequences of such a loader will also be analyzed, and discussed in context of security monitoring.

      The following topics will be covered in the following tentative order:

      1. Introduction
      2. Loaders (and linkers)
      3. How does kernel load executables
        • Statically linked ELF
        • Dynamically linked ELF
        • Script files
      4. Introduction to binfmt
      5. Writing loaders and linkers
        • Writing binfmt loader for custom format
        • Writing a custom dynamic linker
      6. Defense evasion
        • Using binfmt
        • Using dynamic linker
      7. Limitations
      8. Detections and countermeasures

      Adhokshaj Mishra works as Staff Detection Engineer specializing in Linux platform. His interest lies in the offensive and defensive side of Linux malware research. He has been working on container specific attacks, and detections in his professional career. In his free time, he mostly researches new offensive techniques in malware as well as applied cryptography. He loves speaking in security meetups and conferences; and has presented in various Null and OWASP chapter meetups, apart from other security events.

      Ian Perry is Head of Sales Engineering at Searchlight Cyber. With more than two decades of experience in networks and cybersecurity, throughout his career Ian has fulfilled technical roles at major corporations from Solutions Architect, to Systems Engineer. As a consultant he worked with multinational organizations including Unilever, PWC, Alliance, Eircom 3 Mobile and Vodafone, before taking on senior roles at cybersecurity companies including Symantec, Zscaler, and Air Eye. He joined Searchlight Cyber in 2025, where he leads a team of Sales Engineers that are responsible for understanding and meeting the technical requirements of prospective customers, to ensure that Searchlight’s solutions are enabling them to overcome their cybersecurity challenges.

      As the use of AI for static malware classification continues to grow, it has never been more critical for attackers to understand these systems. This session demystifies how static ML models evaluate binaries and how attackers can systematically break their assumptions. Using Cobalt Strike’s Artifact Kit, we’ll demonstrate how to generate payloads that evade detection by manipulating static features. From injecting misleading byte-level features to reshaping PE metadata, this talk provides a roadmap for red teams and researchers to understand, exploit, and defend against the limits of static AI-powered detection.

      Steve has leveraged his expertise throughout his career to develop and contribute to offensive security tools, collaborating with diverse technical teams. In previous roles, Steve has implemented novel methods assessing machine learning models and spearheaded the development of counter-artificial intelligence capabilities, paving the way for more advanced research and development. Since joining Fortra, Steve has contributed to the research and development of novel features of Cobalt Strike, and continues to explore the integration of intelligent technologies into the framework.

      To date, researchers have identified more than 10,000 encrypted messages spanning the last five centuries. Deciphering these messages is an active area of research. Two powerful algorithmic approaches have proven especially useful in cracking historical ciphers: Hill Climbing and Simulated Annealing.

      In this talk, Klaus Schmeh, co-author of Codebreaking: A Practical Guide, will explain how Hill Climbing and Simulated Annealing work and share a variety of real-world examples.

      Klaus Schmeh

      Klaus Schmeh has published 20 books, 300 articles, 1,500 blog posts, and 30 research papers about encryption technology, which makes him the most-published cryptology author in the world. While most of his publications are in German, his 2023 book “Codebreaking: A Practical Guide” is in English..
      As his main profession of security consultant at a German IT company, Klaus utilizes his special skill in explaining complex technical topics, often using self-drawn cartoons, animations, Lego brick models and self-written songs. Klaus is an excellent speaker and frequent lecturer, having hosted presentations at more than 250 conferences in Europe, Asia, and the USA. His presentations at DEFCON, RSA Conference (U.S. edition), TrusTech, NSA Crypto History Symposium, HOPE, Dragon Con, HistoCrypt, and other major events were enthusiastically received because of their clarity and because of Klaus’ engaging presentation style.
      Klaus gave successful presentations at the 44CON in 2017, 2018, 2019, and 2022.

      image.png
      Nick Selby

      Nick Selby is the founder and Managing Partner of EPSD, with a career spanning cybersecurity, law enforcement, and technology leadership. He has held key executive roles at Evertas, Trail of Bits, 451 Research (now S&P Global Intelligence), and Paxos Trust. Nick recently retired from 15 years of law enforcement, during which he served as both paid and reserve Texas police detective specializing in investigations of child sexual abuse material and online investigations. 
      From 2018 to 2020, he served as Director of Cyber Intelligence and Investigations at the NYPD.

      Nick serves on the board of directors of the National Child Protection Task Force, and the advisory board of Sightline Security.

      He is co-author of several books, including Cyber Attack Survival ManualBlackhatonomics: An Inside Look at the Economics of Cybercrime, and In Context: Understanding Police Killings of Unarmed Civilians; he was technical editor of Investigating Internet Crimes: An Introduction to Solving Crimes in Cyberspace.

      This presentation delivers a first-hand debrief on a sophisticated, multi-layered social engineering operation executed by a criminal network. The attackers leveraged covert legitimacy scaffolding—including a highly-rated restaurant, a verifiable hospital affiliation, and an online front with a sizable social media presence, to isolate and prey on those they perceive as high-value targets.

      Their primary vector was a bespoke botanical agent engineered to induce paradoxical, near-lethal physiological effects, disabling motor function while accelerating cardiovascular stress.

      This session dissects the cell’s operational playbook and analyzes the real-time countermeasures improvised during the assault, culminating in a self-directed exfiltration protocol when institutional and diplomatic channels proved unreliable.

      Emmanuel Silas

      Emmanuel (Manni) Silas is a cybersecurity analyst and founder of stealth startup focused on AI-driven vulnerability management. He has advised UK and multinational government entities, and high-growth startups on adversarial risk. With a professional background spanning Cloud Security, Cyber Forensics, and Digital Threat Intelligence, and drawing on foundational training in criminal investigation, he brings a multidisciplinary edge to field-based incident analysis. His experience was recently tested in a real-world encounter in another continent, resulting in the intelligence at the center of this session.

      This talk explores the reverse engineering of the proprietary DUOX PLUS intercom system, focusing on its digital signaling, identification methods, and security weaknesses. Using hardware tools like oscilloscopes, logic analyzers and breadboards we demonstrate MITM attacks, spoofing, and signal manipulation. Attendees will gain hands-on insights into decoding and interacting with closed digital protocols, exposing vulnerabilities in real-world access control systems.

      The DUOX PLUS system is a digital, non-polarized two-wire intercom and video entry system, which is widely used in residential and commercial security installations in Europe and Asia. While proprietary and closed-source, its extensive deployment raises critical security questions about its robustness against interception and spoofing.

      This talk details an ongoing effort to reverse engineer the DUOX PLUS protocol by analyzing its electrical characteristics, digital signaling, and communication structure. Through oscilloscope probing and logic analysis, we uncover how the system transmits and authenticates calls, video streams, and access control signals.

      We demonstrate how a custom hardware interface built from off-the-shelf components can inject, modify, and intercept DUOX PLUS signals in real-time. This research explores Man-in-the-Middle (MITM) attacks, device impersonation, and potential replay attacks, with an emphasis on identifying vulnerabilities in the protocol’s security mechanisms.

      Attendees will gain practical insights into reverse engineering closed digital protocols, learning how to decode, manipulate, and simulate proprietary communication systems. By presenting these findings, we aim to highlight the need for better cryptographic protection in digital intercom systems and encourage vendors to adopt more robust security measures.

      Kirils Solovjovs is Latvia’s leading white-hat hacker and IT policy activist, known for uncovering and responsibly disclosing critical security vulnerabilities in national and international systems. An expert in penetration testing, network flow analysis, and reverse engineering, he is also a lifelong command-line enthusiast. Kirils started programming at age 7 and by grade 9 was spending his lunch breaks writing machine code directly in a hex editor. He uses bash daily for hacking, automation, and large-scale data processing and is sometimes contracted by major online education providers to proofread their bash certification exams. He currently is the lead researcher at Possible Security.

      For better or worse, large language models now power a significant number of capabilities across the internet and within corporate systems – from chatbots to code assistants.
      Yet, as their usage is still relatively new compared with other monolithic systems, we continue to see real-world examples where misconfigurations and untrusted input lead to system compromise and abuse.
      While there is an overlap between the playbooks for LLM security and conventional penetration testing, there is also a whole new landscape of technologies, approaches and tools that anyone looking to test real-world LLM systems needs to become familiar with. During this talk, and following workshop, participants will be guided from the core fundamentals of LLM security to orchestrating their own attacks against deployed LLM systems.

      During this talk we will cover:

      • Fundamentals of generative AI
      • Fundamentals of AI red teaming
      • Core concepts and terminology
      • Threat landscape and real-world harm scenarios
      • A taxonomy of attacks on LLMs
      • Human creativity and manipulation techniques
      • Automation
      • Defence techniques

      This talk is ideal for people who:

      • Are new to penetration testing and want to explore new technologies they’re likely to see in modern environments.
      • Are experienced in penetration testing but new to LLM security
      • Work for an organisation that is using or considering deploying LLM systems
      • Plan to deploy their own LLM system and want to understand how it can be hardened

      James Stevenson is a security researcher with a decade of experience in offensive security, covering everything from penetration testing to vulnerability research. His current work explores how AI and machine learning can be used to speed up and automate vulnerability discovery, as well as how these technologies can be applied in offensive security, especially against large language models and agent-based systems.

      He is also a PhD candidate working at the intersection of machine learning and computer science. His research focuses on detecting and predicting extremist content online, and understanding how extremist groups use AI to enact harms.

      Workshops

      Do you want to break through the ceiling and land that elusive executive role in cybersecurity? This workshop is your acceleration point. Designed for professionals ready to level up, this session delivers the tactical roadmap to move up faster in your current organization or even step into the Chief Information Security Officer (CISO) role.

      In the first hour, you’ll learn exactly how cybersecurity professionals break into executive leadership — and how you can, too. We’ll decode the unwritten rules behind promotion decisions, examine proven career paths (and common pitfalls), and equip you with tools to build your personal advancement plan. You’ll uncover what hiring managers look for, how to reframe your experience for leadership, and why technical skills alone won’t earn you a seat at the table.

      Next, we shift from personal growth to organizational mastery. You’ll get hands-on with strategic planning tools such as governance frameworks and OWASP’s Threat and Safeguard Matrix (TASM). You’ll walk away knowing how to build a three-year cyber strategy that speaks the language of the boardroom and aligns with business outcomes, because real leaders don’t just protect the company, they move it forward.

      In the final hour, we move from theory to transformation. You’ll complete a 10-point leadership self-assessment covering the capabilities CISOs are expected to master, including board communication, organizational influence, regulatory awareness, strategic prioritization, and team development. You’ll receive an executive traits chart that visualizes your executive maturity across the domains that drive promotion. You’ll know where you stand, where to grow, and get matched to curated podcast episodes, exercises, and career moves that close your gaps. This isn’t generic coaching; it’s your blueprint for becoming the boss.

      G. Mark Hardy is founder and president of National Security Corporation, providing cyber security expertise to government, military, and commercial clients for over 35 years.  A retired U.S. Navy Captain, he was entrusted with nine command tours throughout his career.  A co-host of the CISO Tradecraft podcast, Mr. Hardy has presented at hundreds of events world-wide providing thought leadership over a range of security fields.  A graduate of Northwestern University, he holds a BS in computer science, a BA in mathematics, a master’s in business administration, a master’s in strategic studies, and holds the CISSP, CISM, GSLC, and CISA certifications.

      Replik8s is a modern open-source Kubernetes auditing and investigation tool. It is designed to address the common limitations of traditional security tools, which rely on narrow data collection and predefined logic. RepliK8s allows cloning Kubernetes clusters and serving back exact replicas of the original data, as well as conducting analysis through a tool-agnostic query language. This versatility makes it particularly valuable for purple teams, enabling both exploratory investigation and precise identification of misconfigurations and vulnerabilities.

      During the workshop, you’ll dive into the quirky world of Clojure, master data wrangling with Meander, and wield RepliK8s to claim the title of ultimate Kubernetes sleuth.

      Xavier is a Principal Security Engineer at Latacora, a retained security team for startups, and was previously a Managing Consultant at NCC Group. He has experience in both academia and the private sector, having worked as a developer, security researcher, and consultant. Xavier currently focuses most of his time on infrastructure and cloud security.

      Xavier is the former maintainer of Scout Suite, a widely recognized open-source tool for multi-cloud security auditing. He has shared his expertise through talks and trainings at numerous conferences.

      This workshop follows Rory’s talk.

      In the workshop we’ll explore container & Kubernetes network security with hands-on examples. We’ll start by taking a look at how container networks are fundamentally constructed from namespaces and bridges, then build up how Docker and Kubernetes handle networking and how the assumptions made and functionality provided can be abused.

      • Some of the specific areas we’ll explore in the workshop :-
      • Routing traffic via Kubernetes nodes to gain unauthorized access to pods
      • Using the API server proxy to access any destination address including filter bypass to hit localhost endpoints
      • SSRF via Validating Admission Webhooks + profiling endpoints
      • Hijacking traffic intended for external destinations in multi-tenant clusters
      • Bypassing network policies using host networking containers

      Requirements

      Students should have a laptop with a web browser that does not have strict filtering in place (e.g. no white-list only corporate proxies) and an SSH client or browser will be needed for the practical labs. Students should be familiar with how to connect to an SSH server using key-based login (key will be provided in the workshop)

      Rory is a senior researcher and advocate for Datadog who has extensive experience with Cyber security and Cloud native computing.

      In addition to his work as a security reviewer and architect on containerization technologies like Kubernetes and Docker he has presented at Kubecon EU and NA, as well as a number of other cloud native and security conferences. He is one of the main authors of the CIS benchmarks for Docker and Kubernetes, a published author on the topic of Cloud Native Security and member of Kubernetes SIG-Security.

      When he’s not working, Rory can generally be found out walking and enjoying the scenery of the Scottish highlands.

      To date, researchers have identified more than 10,000 encrypted messages spanning the last five centuries. Deciphering these messages is an active area of research. Two powerful algorithmic approaches have proven especially useful in cracking historical ciphers: Hill Climbing and Simulated Annealing.
      In this workshop, participants will dive into the world of historical cryptography by decoding authentic 19th-century encrypted ads from the UK.

      Klaus Schmeh

      Klaus Schmeh has published 20 books, 300 articles, 1,500 blog posts, and 30 research papers about encryption technology, which makes him the most-published cryptology author in the world. While most of his publications are in German, his 2023 book “Codebreaking: A Practical Guide” is in English..
      As his main profession of security consultant at a German IT company, Klaus utilizes his special skill in explaining complex technical topics, often using self-drawn cartoons, animations, Lego brick models and self-written songs. Klaus is an excellent speaker and frequent lecturer, having hosted presentations at more than 250 conferences in Europe, Asia, and the USA. His presentations at DEFCON, RSA Conference (U.S. edition), TrusTech, NSA Crypto History Symposium, HOPE, Dragon Con, HistoCrypt, and other major events were enthusiastically received because of their clarity and because of Klaus’ engaging presentation style.
      Klaus gave successful presentations at the 44CON in 2017, 2018, 2019, and 2022.

      Bash isn’t just an interface to your daily laptop – it’s a weapon. In this hands-on workshop, we’ll push bash beyond its typical use, leveraging it for hacking, data processing, automation, and real-world security applications. Whether you’re crafting exploits, analyzing massive datasets, or automating reconnaissance, this session will equip you with the skills to turn bash into your ultimate hacking tool.

      • Master advanced bash scripting techniques for automation, and hacking.
      • Process terabytes of leaked password data and uncover real-world security insights.
      • Use bash to manipulate and extract intelligence from logs, network traffic, and system artifacts.
      • Generate graphs, automate reports, and convert file format entirely from the command line.
      • Learn how to replace GUI-based tools with bash scripts for speed and stealth.

      By the end of this workshop, you’ll be able to:

      • Automate and accelerate security tasks with powerful one-liners and scripts.
      • Use bash to analyze, manipulate, and exploit data in security research.
      • Apply bash in unconventional ways, from image processing to document forensics.

      Requirements

      People should come with their laptops, and have network access.

      Kirils Solovjovs is Latvia’s leading white-hat hacker and IT policy activist, known for uncovering and responsibly disclosing critical security vulnerabilities in national and international systems. An expert in penetration testing, network flow analysis, and reverse engineering, he is also a lifelong command-line enthusiast. Kirils started programming at age 7 and by grade 9 was spending his lunch breaks writing machine code directly in a hex editor. He uses bash daily for hacking, automation, and large-scale data processing and is sometimes contracted by major online education providers to proofread their bash certification exams. He currently is the lead researcher at Possible Security.

      For better or worse, large language models now power a significant number of capabilities across the internet and within corporate systems – from chatbots to code assistants.
      Yet, as their usage is still relatively new compared with other monolithic systems, we continue to see real-world examples where misconfigurations and untrusted input lead to system compromise and abuse.
      While there is an overlap between the playbooks for LLM security and conventional penetration testing, there is also a whole new landscape of technologies, approaches and tools that anyone looking to test real-world LLM systems needs to become familiar with. During this talk/workshop participants will be guided from the core fundamentals of LLM security to orchestrating their own attacks against deployed LLM systems.


      We will put the newly acquired knowledge from the talki to the test in a series of controlled simulation environments. These will include both conventional and agent-based LLM tools, where participants will be challenged to apply and extend the techniques covered during the talk in order to exploit the target systems.

      This workshop is ideal for people who:

      • Are new to penetration testing and want to explore new technologies they’re likely to see in modern environments.
      • Are experienced in penetration testing but new to LLM security
      • Work for an organisation that is using or considering deploying LLM systems
      • Plan to deploy their own LLM system and want to understand how it can be hardened

      By the end of the session participants will:

      • Possess a strong understanding of the different types of threats and harms that can arise from LLM systems
      • Understand techniques for both manual and automated prompt-injection attacks
      • Leave with a playbook they can use to orchestrate their own LLM red-teaming engagements
      • Understand the core defences against LLM hacking and prompt injection

      James Stevenson is a security researcher with a decade of experience in offensive security, covering everything from penetration testing to vulnerability research. His current work explores how AI and machine learning can be used to speed up and automate vulnerability discovery, as well as how these technologies can be applied in offensive security, especially against large language models and agent-based systems.

      He is also a PhD candidate working at the intersection of machine learning and computer science. His research focuses on detecting and predicting extremist content online, and understanding how extremist groups use AI to enact harms.

      Buy your ticket Schedule