Buy a ticket


Michael Ossmann

Speaker: Michael Ossmann is a wireless security researcher who makes hardware for hackers. Best known for the open source HackRF, Ubertooth, and Daisho projects, he founded Great Scott Gadgets in an effort to put exciting, new tools into the hands of innovative people.

Welcome to the Physical Layer

Rodrigo Rubira Branco

Rodrigo Rubira Branco (BSDaemon) works as Principal Security Researcher at Intel Corporation in the Security Center of Excellence where he leads the Client Core Team. He is the Founder of the Dissect || PE Malware Analysis Project. Held positions as Director of Vulnerability & Malware Research at Qualys and as Chief Security Research at Check Point where he founded the Vulnerability Discovery Team (VDT) and released dozens of vulnerabilities in many important software. In 2011 he was honored as one of the top contributors to Adobe Vulnerabilities in the past 12 months. Previous to that, he worked as Senior Vulnerability Researcher in COSEINC, as Principal Security Researcher at Scanit and as Staff Software Engineer in the IBM Advanced Linux Response Team (ALRT) also working in the IBM Toolchain (Debugging) Team for PowerPC Architecture. He is a member of the RISE Security Group and is the organizer of Hackers to Hackers Conference (H2HC), the oldest and biggest security research conference in Latin America. He is an active contributor to open-source projects (like ebizzy, linux kernel, others). Accepted speaker in lots of security and open-source related events as H2HC, Black Hat, Hack in The Box, XCon, OLS, Defcon, Hackito, Zero Nights, Troopers and many others.

DPTrace: Dual Purpose Trace for Exploitability Analysis of Program Crashes

Rohit Mothe

Rohit Mothe is part of the Intel Security Center of Excellence, working for the Core Client team and directly contributing in finding vulnerabilities across a variety of client platforms including the Manageability Engine. He was previously working as a Vulnerability Researcher for iDefense labs-VeriSign and has quite a few years of experience finding ,exploiting and disclosing software bugs in and across a variety of software vendors including Microsoft, Adobe, IBM, Apple, etc. He has previously spoken at Qualys Security Conference (2015) and was featured as one of the MSRC Top 100 contributors in 2015. In the little spare time he manages to get, he alternates between playing around with nearly half decade old jailbreak techniques on old iOS devices and, in fits of borderline-obsessive desperation, trying to understand the state-of-the-art in iOS exploitation.

DPTrace: Dual Purpose Trace for Exploitability Analysis of Program Crashes


Mahdi BRAIK and Thomas DEBIZE are French security enthusiasts and work as infosec auditors at Wavestone, a French management and IT consulting company. They work on all kinds of security audits, penetration tests and incident responses through the company CERT. They both developed a specific interest in Hadoop technologies few years ago: as they got to know how immature this ecosystem was, they decided to hunt for vulnerabilities in it. That said, they both like to git push new infosec tools (check and write some blog posts, either in the corporate blog or in infosec­specialized french magazines.

Hadoop safari – Hunting for vulnerabilities

Enrique Nissim

Enrique Nissim has worked as a Security Consultant and Exploit Writer for Intel Corporation, Core Security and ZConsulting. He has discovered dozens of vulnerabilities in known products and presented new techniques of Kernel Exploitation at security conferences.

I know where your page lives: Derandomizing the latest Windows 10 Kernel

Matthias Deeg

Matthias is interested in information technology – especially IT security – since his early days and has a great interest in seeing whether security assumptions in soft-, firm- or hardware hold true when taking a closer look. Matthias successfully studied computer science at the university of Ulm and holds the following IT security certifications: CISSP, CISA, OSCP, OSCE.
Since 2007 he works as IT security consultant for the IT security company SySS GmbH and is also head of R&D.
Matthias was speaker at the Chaos Communication Congress in 2009 and 2010 (lightning talks and a workshop), at the BSidesVienna security conference in 2014 and 2015 (talks) and at the DeepSec security conference in 2015 (talk). In the last years, he also published several IT security papers and security advisories.

Of Mice and Keyboards: On the Security of Modern Wireless Desktop Sets

Gerhard Klostermeier

Gerhard is interested in all things concerning IT security – especially when it comes to hardware or radio protocols. He successfully studied IT security at Aalen University and is working at SySS GmbH since 2014 as IT security consultant and penetration tester. Gerhard was speaker at GPN 2013 – a conference organized by the Chaos Computer Club (CCC) in Karlsruhe – where he talked about hacking RFID-based student cards. He is also author of the Mifare Classic Tool Android app.

Of Mice and Keyboards: On the Security of Modern Wireless Desktop Sets

Angel Villegas

Angel is a Research Engineer within the Talos Security Intelligence and Research Group at Cisco. In this role he is responsible for in­depth analysis of malware. Angel has worked previously as a malware analyst, vulnerability researcher, and software developer. His background is in Computer Science with a Bachelor’s from Cornell University and a Master’s from Johns Hopkins University.

FIRST: Changing How You Reverse Engineer

Ayoub Elaassal

Ayoub is a pentester working for Wavestone, a consulting firm based in France. He got interested in Mainframe security in 2014 when, during an audit, he noticed the big security gap between this platform and standard systems like Windows and Unix. A gap that does not make much sense because z/OS has been around for a while and is used by most major companies to perform critical business operations: wire transfer, claim refunds, bookings, etc. If you want to test some of the tools showcased during the talk, you can check out his tools: or blog

CICS Breakdown: Hack your way to transaction city

Patrick Wardle

Patrick Wardle is the Director of Research at Synack, where he leads cyber R&D efforts. Having worked at NASA and the NSA, and well as presented at many security conferences, he is intimately familiar with aliens, spies, and talking nerdy. Currently, Patrick’s focus is on automated vulnerability discovery, and the emerging threats of OS X and mobile malware. In his personal time, Patrick collects OS X malware and writes free OS X security tools. Both can be found on his personal website:

Poking on Macs Recovery OS and Local OS Update Process

Ilia Safonov

Ilia Safonov was graduated from Moscow Engineering Physics Institute/University (MEPhI) in 1994 as engineer-physicist in automatics and electronics. Further he obtained PhD in computer science in 1997. Since 1998 Ilia is an associate professor of MEPhI, where he is doing a lecturing and research in computer graphics and computer vision. Last 15 years Ilia was working in research divisions of such companies as Samsung, Nokia and Intel mainly in an image/signal processing and a machine learning areas. Currently in Intel he is in charge of development of automatic solution for testing of firmware security features.

Excite project: all the truth about symbolic execution for BIOS security

Alex Matrosov

Alex has more than a decade of experience focused on reverse engineering advanced malware, firmware security, and modern exploitation techniques. Currently he holds the position of Principal Security Researcher at Intel Security Center of Excellence (SeCoE) where leading BIOS security for Client Platforms. Before this role, he spent over six years at Intel Advanced Threat Research team and ESET where he was the Senior Security Researcher. He is a co-author of the numerous research papers include the book “Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats”. Alex is frequently invited to speak at practical security conferences, such as REcon, Ekoparty, H2HC, Zeronigths, BlackHat and DEFCON. Also he is awarded by Hex-Rays for open-source plugin HexRaysCodeXplorer which is developed and supported since 2013 by REhint’s team.

Excite project: all the truth about symbolic execution for BIOS security

The UEFI Firmware Rootkits: Myths and Reality

You’re off the hook: blinding security software

Aleksandr Ermolov

Researcher, reverse engineer, and information security expert. A staff member of Digital Security. My passion includes low-level design, analysis of system software, BIOS, and other firmware. I love to research undocumented technologies.

Safeguarding Rootkits: Intel BootGuard

Roman Bazhin

Information security expert at Digital Security. Roman reverses, fuzzes, analyzes undocumented network protocols, hustles with software, and plays hardcore CTF.

JETPLOW is dead. Long live the JETPLOW!

Maxim Malyutin

Programmer who has occasionally ended up dealing with information security. Key interests include- UEFI, SMM, and other depths of Intel architecture. Maxim firmly believes that he will one day make the computer revere itself instead of him with just a couple of Python scripts. He currently works at Digital Security.

JETPLOW is dead. Long live the JETPLOW!

Ali Abbasi

Ali Abbasi is a Ph.D. candidate in Distributed and Embedded System Security group at University of Twente, Netherlands since November 2013. His research interest involves Embedded Systems Security mostly related to Industrial Control Systems, Critical Infrastructure Protection, and Real-Time Operating Systems Security. He received his master degree in Computer Science from Tsinghua University, Beijing, China in 2013. He was working there on Programable Logic Controller (PLC) security in Network Security Lab, Microprocessor and SoC Technology R&D center with the National 863 High Tech Program grant from Ministry of Industry and Information Technology of China. He is currently involved in CRISALIS European Union project (FP7) related to Critical Infrastructure Protection at University of Twente. In the same time, he is involved in Project AVATAR for on the fly detection and containment of unknown malware and Advanced Persistent Threats. Before that Ali was working as Head of Vulnerability Analysis and Penetration Testing Group at National Computer Security Incident Response Team at the Sharif University of Technology in Tehran, Iran.

Defeating Pin Control in Programmable Logic Controllers

Majid Hashemi

Majid Hashemi is a Research & Development Engineer at Quarkslab, France. In his role as a researcher at Quarkslab, he is dedicated to reverse engineering and analyzing embedded devices. Majid’s foremost curiosity is for low-level programming and reverse engineering the dark corners of the operating system. In the past, Majid was mostly involved in analyzing critical infrastructures and radio communications equipment.

Defeating Pin Control in Programmable Logic Controllers

Eugene Rodionov

Eugene Rodionov graduated with honours from the Information Security faculty of the Moscow Engineer-Physics Institute (State University) in 2009 and successfully defended his PhD thesis in 2012. He has worked over the past eight years for several companies, performing software development and malware analysis. He currently works at ESET, where he is involved into internal research projects and also performs in-depth analysis of complex threats. His interests include kernel-mode programming, anti-rootkit technologies and reverse engineering. Eugene has spoken at security conferences such as Black Hat, REcon, Zeronights and has co-authored numerous research papers.

The UEFI Firmware Rootkits: Myths and Reality

Mariano Graziano

Mariano Graziano is a security researcher for Cisco Talos. He got a Ph.D. from Eurecom (France) and he is currently mainly interested in automated malware analysis and memory forensics. He loves pasta and pizza (possibly not together). He is Italian.

Dissecting complex code-reuse attacks with ROPMEMU

Ivan Novikov

Lead information security expert in Wallarm, CEO. Engaged in web application security since 2004, author of multiple researches. Awarded for finding vulnerabilities in Google, Facebook, Twitter, Nokia, and Yandex several times. Spoke at international conferences, such as BlackHat US, HITB AMS, ZeroNights, PHDays. Currently, actively develops the web application attack detection algorithms which are used in Wallarm WAF to protect complex highload projects.

Hacking ElasticSearch

Sen Nie

Sen Nie is a security researcher of Keen Lab, Tencent and also a Ph.D candidate in SJTU, China. Currently his research is mainly focused on carhacking area, before that he has many years’ research experiences on program analysis, like symbolic execution, smart fuzzing and other vulnerability detection technologies. He has also found several vulnerabilities in Android Kernel such as CVE-2014-8299/CVE-2015-6637.

Gateway Internals of Tesla Motors

Ling Liu

A security researcher focus on car networking security at Keen Lab, specializes in reverse engineering, vulnerability discovery, vulnerability research and advanced exploitation techniques. Formerly a security researcher focused on vulnerability discovery of QEMU and XEN. A CTF player.

Gateway Internals of Tesla Motors

Michael Stepankin

Michael is a penetration tester at Positive Technologies by day and a bug bounty hunter by night. He is passionate about web application security and he also likes programming. Michael has worked previously as a malware analyst at Kaspersky Lab and has a solid background in malware reverse engineering and incident response.

Advanced Web Application Fuzzing

Nikita Abdullin

Nikita is a security analyst at Riscure, performing software and hardware security evaluations. Nikita’s primary focus is on payment security, mobile security and Host Card Emulation. He has over 7 years of experience in payment technologies, being responsible for security and performance of payment card processing systems. His expertise includes subjects such as embedded security, virtualization security, database security and in-vitro debugging of large-scale mission-critical software across multiple platforms and architectures.

Breaking Crypto for Dummies

Alexander Bolshev

Alexander is a Security Consultant at IOActive, Ph.D. His major research interests include distributed system security, hardware hacking, mobile apps, SCADA and a bit of everything else.

How to circumvent AD converter, part 3, or tools for attacking converting analog data to digital

Alexey Rossovsky

Independent researcher

Stories about hacking low-cost phones

Alexander Evstigneev

4 years of IT experience Vast experience as a system administrator. Good experience with Cisco equipment. I work as a security auditor at Digital Securoty starting from March 2016.

Cisco Smart Install. Pentester’s opportunities

Dmitry Kuznetzov

IT experience: 12+ years Incredible experience as a system administrator. Much interested in cybersecurity. ZeroNights 2014 – 29th place, ZeroNights 2015 – 10th place, NEOQUEST-2016 – 43rd place

Cisco Smart Install. Pentester’s opportunities

Yuri Drozdov

Yuri Drozdov is a vulnerability researcher, who previously worked as a programmer in a financial company. He has found his purpose in researching vulnerabilities in applied and system software.

The approach to developing LPE exploits on Windows 10 with allowances to the latest security updates

Ludmila Drozdova

Ludmila Drozdova has been long working as an independent researcher, mostly specializing on internal Windows architecture.

The approach to developing LPE exploits on Windows 10 with allowances to the latest security updates

Mikhail Sosonkin

Mikhail Sosonkin is a Security Researcher at SYNACK where he digs into the security aspects of low level systems. He enjoys automating aspects of reverse engineering and fuzzing in order to better understand application internals. Mikhail has a CS degree from NYU, where he has also taught Application Security, and a Software Engineering masters from Oxford University. Being a builder and a hacker at heart, his interests are in vulnerability analysis, automation, malware and reverse engineering.

Automating iOS blackbox security scanning

Max Moroz

Max Moroz is a member of Google Chrome Security Team and a graduate of the Information Security Department of National Research Nuclear University MEPhI (Moscow Engineering Physics Institute). He is also the founder of BalalaikaCr3w CTF team and two-times winner of Russian students contest on information security. Besides primary activity, he participates in CTF competitions and bug bounty programs.

Modern fuzzing of C/C++ Projects

Mikhail Yakshin

The main Linux-developer of the Swiss company Whitebox Labs produces open-source software and hardware for managed eco-systems (reef aquariums, terrariums, aquaponic and hydroponic systems) using reverse engineering of third-party proprietary protocols.

Reverse engineering of binary data files using Kaitai Struct

Ksenia Gnitko

I’ am involved in designing of biometric authentication systems and apps for neurointerfaces. I work as an analyst in the Education of Future LLC, and also cooperate with Moscow Polytechnic University. I develop the design and engineering education.

Neurotechnology for Security

Mikhail Egorov

Mikhail Egorov is an independent security researcher, bug hunter, conference speaker. His main interests lay in web application security, mobile security, practical cryptography and reverse engineering. Acknowledged by Adobe, Oracle, Red Hat for finding vulnerabilities in their products. Had talks on Hack In The Box, Zero Nights, and PHDays security conferences. Mikhail graduated from Moscow State Technical University n.a. Bauman with master degree in information security. Has about ten years of working experience in information security and programming. Recently, he works for Ingram Micro as the application security engineer.

Entity provider selection confusion attacks in JAX-RS applications.

Or Safran

Or Safran has been a malware researcher at IBM Trusteer for two years and holds a Bachelor of Science degree in computer software engineering.

Diving into Malware’s Furtive Plumbing

Omer Yair

Omer Yair has been malware researcher at IBM Trusteer for the past two years, focusing on financial malware families. In the past he has worked for six years at Algotec, developing medical imaging software. In his free time he revives historical photographic processes.

Diving into Malware’s Furtive Plumbing

Natalia Kukanova

Natalia Kukanova is the Head of infrastructure security group at Yandex.

20% of investment and 80% of profit. How to implement security requirements and maintain internal freedom

Igor Gotz

Igor Gotz is an infrastructure security engineer at Yandex.

20% of investment and 80% of profit. How to implement security requirements and maintain internal freedom

Ekaterina Pukhareva

Lead information security specialist, QIWI.

Enterprise Vulnerability Management

Alexander Leonov

Information security analyst,

Enterprise Vulnerability Management

Alexey Karyabkin

Programmer, independent researcher interested in practical and network security, analysis of malicious files, automation of processes and tools for threat response. Cybersecurity specialist since 2009, currently works in information security monitoring.

Monitoring and analysis of emails or a primitive tool to detect a cyber attack

Pavel Grachev

Has been working in cybersecurity since 2010& Examines malicious software , cyber attacks and methods of their detection. Independent researcher.

Monitoring and analysis of emails or a primitive tool to detect a cyber attack

Igor Bulatenko

Created cybersecurity systems, then moved to the side of defenders and uses the same. Current position—Lead information security expert, QIWI.

Fear and rage of two-factor authentication

Teymur Kheirkhabarov

Engaged in paper and practical cybersecurity for over 5 years. Software programmer of C# and Python Participated in a number of CTF. Teaching experience includes courses “Information and Analytic Security Systems” and “Secure information systems” at Siberian State Aerospace University (SibSAU) named after academician M.F. Reshetnev. Employed by Kaspersky Lab. Position: Analyst of Cyber Security Monitrong Center.

A threat hunter himself

Sergey Soldatov

Experienced (13+ years) professional in paper and practical cybersecurity, software programmer of C/C++, Python and Perl. Speaker at some technical and non-technical conferences, including Hack in the Box, Positive Hack Days, ZeroNights. Has CISA and CISSP certificates. Employed by Kaspersky Lab. Position: Head of Cyber Security Monitrong Center.

A threat hunter himself

Boris Savkov

Boris holds a bachelor degree in Computational Mathematics and Cybernetics from Lomonosov Moscow State University (2015). Currently, he is a student of the second year of the Master Programme. In his spare time he lectures at cybersecurity courses. Boris has participated in the communities and CTF teams, such as DC4919; Bushwhackers; BalalaikaCr3w. Currently, he participates in Evil Dwarfs; Automatic Process Control System security; OWASP Russia; jbfc.

Searching for vulnerabilities in the Computer-Aided Process Control System (CAPCS) with blackbox analysis under tight deadlines

Igor Kirillov

Security researcher at Digital Security.


Andrey Kovalev

Andrey Kovalev is a security analyst in Yandex LLC. A postgraduate of Bauman Moscow State Technical University at Information security’s faculty. He researches the malicious code and it’s detection methods. Likes reverse engineering, IDA Pro and asm.

You are not the same as…

Anton Lopanitzyn

More known as Bo0oM, Anton is an expert in information security of web-
applications in the company named ONSEC. Bughunter and researcher, he enjoys writing his blog in spare time. Anton is currently working on transferring his skills to Wallarm.

A blow under the belt. How to avoid WAF/IPS/DLP

Georgy Zaytzev

Graduated from Information Security and Cryptography Department, Tomsk State University. Employed by Dr.Web. Position: Computer Virus Analyst/Software Engineer.

Reversing golang

Denis Kolegov

Denis Kolegov (Ph.D. in Technical Sciences) is a Senior Researcher at the Application Security Department, Positive Technologies, and an Associate Professor at the Information Security and Cryptography Department, National Research Tomsk State University. Denis worked as a Security Pen Test Engineer at F5 Networks from 2012 to 2015.

F5 BIG-IP vulnerabilities: detection and remedying

Alexander Antukh

Security enthusiast, OWASP honorary member, part of Board of OWASP Poland. In the past organized such communities as Defcon Moscow and OWASP Russia. Currently responsible for product security at Opera Software.


Pawel Rzepa

Security engineer in SoftServe Poland. Currently developing a custom fuzzer for testing security devices. He has a wide experience in security field gained as a pentester in EY GSS, security auditor in Credit Agricole or Threat Analyst in IBM SOC. He’s also an active OWASP organisation member supporting Wroclaw security community.


Taras Ivashchenko

OWASP Russia chapter leader. Product security team lead in Yandex. Also known as oxdef and as author of web browser extension CSP Tester. In the past he was active contributor in w3af project.