Alexandre Bartel

Alexandre Bartel is a research associate in software engineering at the University of Luxembourg in the Interdisciplinary Centre for Security, Reliability and Trust's Serval Team. His research is in the area of software engineering and computer security.

  • DOS Software Security: Is there Anyone Left to Patch a 25-year old Vulnerability?
Alyssa Herrera

Alyssa Herrera is a full-time bug bounty hacker, working to protect countless organizations including the U.S. Department of Defense (DoD), Sony, Zendesk, Adobe, and Twitter. She got her start when she was in middle school, teaching herself how to gain administrative access to play games on her school computers. At age 16, Alyssa Herrera discovered Bug Bounties and HackerOne — and she hasn't looked back since. She is currently a top ranked hacker on multiple bug bounty platforms and has discovered 161 valid vulnerabilities on the HackerOne platform alone to date. Alyssa attends live hacking events across the globe, where she has the opportunity to work with small groups of hackers to find vulnerabilities in organizations such as Verizon Media and Airbnb. As Alyssa paves her own path, she is motivated to give back to the community by sharing the knowledge she has gained and become a role model for other aspiring female hackers.

  • Piercing the Veil: Server Side Request Forgery attacks on Internal Networks.
Andreia Gaita

Andreia Gaita is a freelance cross-platform games and tools developer, recently shifting her focus to security work. For the past 18 years, she has been involved in the development of game engines, applications, open source tools and libraries, and has been an engineering manager and tech lead at companies like GitHub, Unity, and Xamarin. She hails from the sunny city of Lisbon, Portugal, and currently lives in Copenhagen, Denmark, where she bikes a lot (when it's warm).

  • Exploiting bug report systems in the game industry
Ange Albertini

File formats enthusiast.

  • Hash collisions exploitations
  • Kill MD5 - demystifying hash collisions
Antonin Beaujeant

Antonin Beaujeant is a professional penetration tester and researcher. His primary focus is web app and network penetration test but he also enjoy spending time on hardware, reverse and CTF in general.

  • AppSec 101: Understanding and exploiting buffer overflows
Ari Eitan

Ari Eitan is the VP Research of Intezer Labs, a security researcher and Incident Response professional. Ari served as the head of IDF Incident Response team and has vast experience in dealing with Nation-sponsored cyber attacks, specializing in Malware Analysis, Reverse Engineering and Forensics. He has spoken at a variety of security conferences and trainings, including the first BsidesTLV, Kaspersky SAS, and for government organizations and international agencies.

  • The Red Square - Mapping the connections inside Russia's APT Ecosystem
Axelle Apvrille

Axelle Apvrille is principal security researcher at Fortinet. She specifically looks into mobile malware and smart devices (not always that smart...). She is the lead organizer of Ph0wn CTF, a Capture The Flag dedicated to smart devices.

  • Smartphone apps: let's talk about privacy
  • Junior CTF Install Party
Benoit Sevens

Benoit started his career in the Belgian Defence as a cyber security analyst, where he specialized in malware analysis and got in contact with malware from a very large spectrum. He recently joined Atos Luxembourg, where he is active as an incident handler for the European Commission.

Benoit's passion lies in reverse engineering and operating system internals. Staring at IDA Pro and glaring at WinDbg is what makes his day (and evening).

Benoit is a holder of several InfoSec certifications, such as OSCE and GXPN. He is an active blogger on all sorts of computer security subjects.

  • Repacking the unpacker: Applying Time Travel Debugging to malware analysis
Celine Massompierre

Celine is an Incident Handler working at Excellium-services. Hunger to learn new things, she also enjoy sharing her discovery.

  • IOCs are dead, long live the IOCs!
Chris Kubecka

Chris Kubecka is the founder and CEO of HypaSec. Previous Group Leader for AOC, tasked with setting up digital security after the world’s most devastating cyber warfare attack so far, the 2012 Shamoon attacks. Previously, establishing and leading the network and security operations, UK/EU GDPR Privacy Group, joint international intelligence team and Information Protection Group for Aramco Overseas covering EMEA (outside KSA) and South America, part of Saudi Aramco. USAF veteran of multiple humanitarian and combat missions as air crew with degrees in information technology and computer science. Based in northern Europe, is a member of the Cyber Senate, Artificial Intelligence, subject matter expert panellist and advisor for the European Council of Foreign Relations regarding post Brexit digital security and cyber warfare. An advisor and subject matter expert to several governments and industries on cyber security and incident response for cyber warfare, and recognized expertise in financial, oil and gas, water and nuclear industry digital security.

  • The Road to Hell is Paved with Bad Passwords
Damien Cauquil

Damien is a senior security researcher who joined Digital Security in 2015 as head of research and development. He discovered how wireless protocols can be fun to hack and quickly developed BtleJuice, one of the first Bluetooth Low Energy MitM framework, and BtleJack, a BLE swiss-army knife released in 2018.

Damien presented at various security conferences including DEF CON, Hack In Paris, Chaos Communication Camp, Chaos Communication Congress, BruCon,, anda dozen times at Nuit du Hack, one of the oldest French hacking conference.

  • Hacking Bluetooth Low Energy devices with Btlejack
  • Defeating Bluetooth Low Energy 5 PRNG for fun and jamming
Daniil Yugoslavskiy

Daniil is responsible for Threat Detection in Cindicator Security Operations Center (SOC) in Saint Petersburg, Russia. Before that, he was leading Threat Detection team at Tieto SOC in Czech Republic. Daniil spent more than six years in Practical Computer Security and Network Monitoring domains.
He holds OSCP, CCNP Security, GCFA and GNFA certifications. He had talks at x33fcon, Positive Hack Days, Security BSides, CONFidence, Amsterdam FIRST Technical Colloquium, EU MITRE ATT&CK community workshops, Code Europe, presenting Intelligence-Driven Defence approach implementation and MITRE ATT&CK operationalization.
Daniil is also a member of GIAC Advisory Board and creator of Atomic Threat Coverage project.

David Szili

David Szili is managing partner and CTO of Alzette Information Security, a consulting company based in Luxembourg. David is also an instructor at SANS Institute, teaching FOR572: Advanced Network Forensics. He has more than eight years of professional experience in penetration testing, red teaming, vulnerability assessment, vulnerability management, security monitoring, security architecture design, incident response, digital forensics and software development.

David has master's degrees in computer engineering and in networks and telecommunication and a bachelor's degree in electrical engineering. He holds several IT security certifications such as GSEC, GCED, GCIA, GCIH, GMON, GCDA, GNFA, GPYC, GMOB, CCSK, OSCP, OSWP, and CEH. David speaks on a regular basis at international conferences like BruCON,, Nuit du Hack, Hacktivity, x33fcon, Black Alps, BSidesLjubljana, BSides Munich, BSidesBUD, Pass the SALT, Security Session and he is a member of the organizer team of BSides Luxembourg. He occasionally blogs about information security at

  • Introduction to Osquery
Desiree Sacher

Desiree is a Security Architect for a Security Operation Center in the financial industry. But through her career she worked in engineering positions for different security products, until in 2014 she finally became a Security Analyst. She now draws all of her experience from these jobs and her connection into the Infosec scene into creating efficient SOCs. Desiree is also a certified GCIA Forensic Analyst, Network Forensic and Cyber Threat Intelligence Analyst.

  • Fingerpointing False Positives: How to better integrate Continuous Improvement into Security Monitoring
Didier Stevens

Didier Stevens (Microsoft MVP Consumer Security, SANS ISC Handler, Wireshark Certified Network Analyst, ...) is a Senior Analyst working at NVISO ( Didier has developed and published more than 100 tools, several of them popular in the security community.

You can find his open source security tools on his IT security related blog

  • Malicious RTF Document Analysis
Elmar Nabigaev

Elmar is a head of threat intelligence and incident response division at Positive Technologies. He have over 10 years of infosec experience responding to incidents, doing threat hunting and producing threat intelligence. He is a contributor to Volatility and Cuckoo sandbox projects. He is also a frequent speaker at conferences such as PHDays, e-forensics Russia and many others. He’s passionate about all “blue team” things and spends his time researching and inventing new ways of finding bad guys and developing cool infosecurity tools.

  • Effectiveness in simplicity: The Taskmasters APT

Emilien Le Jamtel is a French security analyst, versatile member of CERT-EU since 4 years. With a strong background in offense, he is now playing defense as responsible for the monitoring and threat hunting activities in CERT-EU. In both professional and personal life, he is fond of games and difficult challenges and he probably forgot to answer your emails.

  • Who contains the containers
Eva Szilagyi

Eva Szilagyi is managing partner and CEO of Alzette Information Security, a consulting company based in Luxembourg. She has more than eight years of professional experience in penetration testing, security source code review, vulnerability management, digital forensics, IT auditing, telecommunication networks, and security research.

Eva has master's degrees in electrical engineering and in networks and telecommunication. She holds several IT security certifications such as GSEC, GICSP, GMON, GSSP-JAVA, GWAPT, GMOB, CCSK, eWPT, and eJPT. Eva speaks on a regular basis at international conferences like BruCON,, Nuit du Hack, Hacktivity, Black Alps, BSides Munich, BSidesBUD, Pass the SALT, Security Session and she is a member of the organizer team of BSides Luxembourg.

  • Java Web Application Secure Coding Workshop
Eve Matringe

Registered attorney at the luxemburgish Bar, PhD in Law.

  • The regulation (EU) 2019/796 of 17 May 2019 concerning restrictive measures against cyber-attacks threatening the Union or its Member States
Eyal Itkin

Eyal Itkin is a vulnerability researcher in the Malware and Vulnerability Research group at Check Point Software Technologies. Eyal has an extensive background in security research, that includes years of experience in embedded network devices and protocols, bug bounties from all popular interpreter languages, and an award by Microsoft for his CFG enhancement white paper. When not breaking RDP or FAX, he loves bouldering, swimming, and thinking about the next target for his research.

  • Say Cheese - How I Ransomwared your DSLR Camera
Geethna T K

Geethna is a second-year undergraduate pursuing Computer Science and Engineering. She has been in security for the past 2 years. Her interest lies in Reversing and Exploitation. She is an active member of team bi0s (India) and has been participating in many CTFs throughout the year. She has attended many conferences and also has given a talk at the CysInfo meetup.
She is a part of the girls only CTF team “TeamShakti”. She is also a part of the BlackHoodie community and the international women only CTF team “Blckpwny”.

  • Intro to Dark Arts: Getting Started with CTFs
Gerhard Klostermeier

Gerhard is interested in all things concerning IT security – especially
when it comes to hardware or radio protocols. He successfully studied IT
security at Aalen University and is working at SySS GmbH since 2014 as
IT security consultant and penetration tester. He is also head of the
hardware security team.

Gerhard was speaker at different IT security conferences like GPN,
Ruxcon, and DeepSec, where he talked about hacking RFID-based student
cards or the security of wireless desktop sets. He is also author of the
Mifare Classic Tool Android app.

  • New Tales of Wireless Input Devices
  • Jobfair
  • CTF Prizes
  • Call for Failure (CfF 0x0)
  • Power Point Karaoke
  • Cinema
  • Cinema

Harlo Holmes is the Director of Newsroom Digital Security at Freedom of the Press Foundation. She strives to help individual journalists in various media organizations become confident and effective in securing their communications within their newsrooms, with their sources, and with the public at large. She is a media scholar, software programmer, and activist; and contributes regularly to the open source mobile security collective The Guardian Project.

  • Tiplines Today
Ioana Andrada
  • Who contains the containers
Itay Cohen

Itay Cohen (aka Megabeets) is a Security Researcher and a Reverse Engineer in the Malware and Vulnerability Research group at Check Point. Itay has years of extensive background in malware reverse engineering and many other security-related topics. He is the author of, a security blog focused on making advanced security topics accessible for free.

On his free time, Itay loves to participate in CTF competitions and to contribute to open-source projects. He is a core developer of the open-source reverse engineering framework radare2 and the maintainer of Cutter, radare2's official GUI.

  • The Red Square - Mapping the connections inside Russia's APT Ecosystem
Kostiantyn Korsun

As former deputy head of Cybercrime Division at Security Service of Ukraine (colonel ret.), Kostyantyn Korsun was one of the founders and the first head of CERT-UA. After resigning from the service, Kos acted as Regional Director for Ukraine Research Office of iSIGHT Partners, international cyber threat intelligence company. Then he cooperated with Symantec Corp. as an official vendor of Threat Intelligence service. Currently a CEO and Co-Founder of Berezhs Security LLC., a company that provides services in Penetration Testing, Security Awareness Programs, Software Security Assessment, Bug Bounty Program, Social Engineering Assessment, Application Security Programs. Mr. Korsun is an active member of the local cyber community in Ukraine promoting cybersecurity ideas within Ukrainian society.

  • Hacktivism as a defense technique in a cyberwar. #FRD Lessons for Ukraine
Marcus Bakker

Marcus Bakker is a passionate IT Security professional with over eight years of experience in offensive IT Security and Cyber Defence. Marcus is the co-creator of the DeTT&CT framework and co-author of the TaHiTI threat hunting methodology.

  • DeTT&CT: Mapping your Blue Team to MITRE ATT&CK

Marion Marschalek is a former Malware Analyst and Reverse Engineer who recently started work at Intel in order to conquer the field of low level security research, where she nowadays spends an unusual amount of time looking at compiler source code. She has spoken at all the conferences and such, and seen all the things, and is one of the happiest hackers out there. Also, she runs a free reverse engineering bootcamp for women, because the world needs more researcherettes.

  • The Glitch In The Matrix


  • Leveraging KVM as a debugging platform
Matthias Deeg

Matthias is interested in information technology - especially IT security - since his early days and has a great interest in seeing whether security assumptions in soft-, firm- or hardware hold true when taking a closer look. Matthias successfully studied computer science at the university of Ulm and holds the following IT security certifications: CISSP, CISA, OSCP, OSCE.

Since 2007 he works as IT security consultant for the IT security company SySS GmbH and is head of R&D.

His research results concerning different IT security topics were presented on different international IT security conferences (Chaos Communication Congress, DeepSec, Hacktivity, ZeroNights, PHDays, Ruxcon,, BSidesVienna). He also published several IT security papers and security advisories.

  • New Tales of Wireless Input Devices
Miriam Wiesner

Miriam Wiesner works as a Program Manager for Microsoft Defender ATP. Besides MDATP, she has a focus on Secure Infrastructure, Windows Event Logs, Active Directory Security, Just Enough Administration & PowerShell and many more.
In her spare time, she enjoys writing articles for her private blog also as developing tools to help the community and speaks on international conferences and events.
She’s a life-long learner, always excited about new technologies and empowering others.

  • What the log?! So many events, so little time…
Patrice Auffret

Patrice Auffret (AKA GomoR) is a senior security expert specialized in network protocols hacking, network discovery and big data analytics. He is author of multiple Perl modules to craft network packets and analyze responses (Net::Frame framework, SinFP3 OS fingerprinting suite or the OSPF Attack Shell). He writes articles in French security magazine MISC and speaks at various security conferences including IT Underground 2007, SSTIC 2008, 2012, EuSecWest 2012, ekoparty 2012, SSTIC 2016 and 2016, TROOPERS 2017. He created his own company ONYPHE in 2017 specialized in collecting open-source and cyber threat intelligence information (OSINT & CTI).

  • Learn to use ONYPHE to have a view on your Internet exposed devices
Patrick Ventuzelo

Patrick Ventuzelo is a french security researcher specializing in Vulnerability research, Reverse engineering, Security tool development, and Program analysis. Patrick is the author of Octopus, one of the first Open-source security analysis tool that support WebAssembly and multiple Blockchain Smart Contract to help researchers perform Analysis on closed-source bytecode.

Previously, Patrick was working for Quoscient GmbH, P1 Security, the French Department Of Defense and Airbus D&S Cybersecurity.

Patrick has been Speaker and Trainer at various international security conferences (FIRST, Northsec, BlackAlps,, Toorcon, REcon Montreal/Brussels, SSTIC)

  • Reversing WebAssembly Module 101

Being a professional analyst and linguist, hardware hacking is a way to escape and
investigate low level stuff.

  • Snarf it! Firmware extraction and analysis with open source tools.
Quentin JEROME

Quentin has been working as incident handler since five years. He is not expert in anything, he just knows how to do several things (programming, reversing, digital forensics ...). He is interested in several topics in IT security ranging from threat detection to bug hunting but what he likes above all is to develop his own tools even though sometimes he reinvent the wheel, just because it is nice to understand how a wheel is made.

  • Introduction to WHIDS an Open Source Endpoint Detection System for Windows
Rascagneres Paul

Paul is a security researcher within Talos, Cisco’s threat intelligence and research organization. As a researcher, he performs investigations to identify new threats and presents his findings as publications and at international security conferences throughout the world. He has been involved in security research for 7 years, mainly focusing on malware analysis, malware hunting and more specially on Advanced Persistence Threat campaigns and rootkit capabilities. He previously worked for several incident response team within the private and public sectors.

  • DNS On Fire
Ruben Bouman

Ruben Bouman is an IT Security professional and co-owner of Sirius Security. He has been working for several organisations in the Dutch financial sector for over twelve years and is experienced in cyber defence and incident response. Ruben is the co-creator of the DeTT&CT framework.

  • DeTT&CT: Mapping your Blue Team to MITRE ATT&CK
Saad Kadhi

With more than 20 years of experience in operational cybersecurity, Saâd is the head of CERT-EU and the leader of TheHive Project. He devoted the last eleven years of his professional life to incident response, digital forensics and what the cool kids call now cyber threat intelligence. Before joining CERT-EU, he built a CSIRT for a large multinational company, worked at CERT Société Générale and created CERT-BDF, the cyberdefence team of Banque de France, the French national central bank. A convinced retromodernist with a knack for individualistic altruism, he gave trainings, workshops and spoke at conferences such as, the FIRST conference, BSides Lisbon and NorthSec. He is also one of the organisers of the Botconf conference.

  • Disturbance: on the Sorry State of Cybersecurity and Potential Cures
  • Practical Incident Response, With Automation and Collaboration Inside
Sebastien Tricaud

Lead developer of Faup and other opensource tools.

  • Faup workshop, parse and investigate URLs!
Shruti Dixit
  • Intro to Dark Arts: Getting Started with CTFs
Solal jacob

Solal is currently a researcher at the LED (research and Exploration in intrusion Detection Laboratory) at the ANSSI (French National Network & Cybersecurity agency), where he work on finding new ways to detect attacks. Before that Solal worked 10 years at ArxSys a company he founded, where he was core developer of DFF , an open-source digital forensics framework. He also conduct forensics investigation, do incident response missions, and trained people on these subjects.

  • Memory forensics analysis of Cisco IOS XR 32 bits routers with 'Amnesic-Sherpa'

Sowmya is a third-year undergraduate in Computer Science and Engineering from Amrita Vishwa Vidyapeetham, Kerala. She is part of Team Bi0s(A top CTF team in India according to CTFtime) and Team Shakti(A women only CTF team) and is working in security field for the past 2 years. She is currently working on Cryptography and is an active CTF player. She has attended many conferences like BlackHat, Nullcon etc.

  • Intro to Dark Arts: Getting Started with CTFs
Stijn Tomme

40 years old, been messing around in IT security for about 15 years.

  • Open the safe and get cured.
  • Open the safe and get cured.
  • Open the safe and get cured.
  • Open the safe and get cured.
  • Open the safe and get cured.
  • Open the safe and get cured.
  • Open the safe and get cured.
  • Open the safe and get cured.
Takahiro Haruyama

Takahiro Haruyama is a principal threat researcher with Carbon Black's Threat Analysis Unit, with over ten years of extensive experience and knowledge in malware analysis and digital forensics. He previously worked on reverse-engineering cyber espionage malware with Symantec's threat intelligence team. He has spoken at several famous conferences including REcon, HITB, HITCON, SECURE, DFRWS EU, SANS DFIR Summit, FIRST and BlackHat Briefings USA/Europe/Asia.

  • Defeating APT10 Compiler-level Obfuscations
Thomas Fischer

Thomas has over 30 years of experience in the IT industry ranging from software development to infrastructure & network operations and architecture to settle in information security. He has an extensive security background covering roles from incident responder to security architect at fortune 500 companies, vendors and consulting organisations. He is currently security advocate and threat researcher focused on advising companies on understanding their data protection activities against malicious parties not just for external threats but also compliance instigated.

Thomas is also an active participant in the InfoSec community not only as a member but also as director of Security BSides London, ISSA UK chapter board member and speaker at events like SANS DFIR EMEA, DeepSec, Shmoocon, Troopers and various BSides events.

  • Beyond Windows Forensics with Built-in Microsoft Tooling
Thomas Patzke

Thomas Patzke has more than 13 years of experience in the area of information security, currently works as blue teamer and threat hunter at thyssenkrupp CERT and still owns no certification. He likes to create and contribute to open source security tools and is one of the creators of Sigma.

  • Sigma Workshop
Trammell Hudson

I like to take things apart.

  • spispy: opensource SPI flash emulation
Warren Mercer
  • DNS On Fire

Zoz is a robotics interface designer and rapid prototyping specialist. As
co-host of the Discovery Channel show 'Prototype This!' he pioneered urban
pizza delivery with robotic vehicles, including the first autonomous
crossing of an active highway bridge in the USA, and airborne delivery of
life preservers at sea from an autonomous aircraft. He, for one, welcomes
our new robot chauffeurs, and would only mess with them out of tough love.

  • Sensor & Logic Attack Surface of Driverless Vehicles
アドリアン ヘンドリック - Hendrik Adrian - @MalwareMustDie
  • Fileless Malware Infection and Linux Process Injection in Linux OS