15+ talks. 13+ years. Mostly offensive web security, bug bounty, and security research:
Do you like using loyalty cards when you shop? After all, they promise discounts on selected items. But what happens when a pharmacy chain forces an ethical hacker to sign up for one? In this talk, you will see how a simple loyalty card opened the door to finding critical vulnerabilities.
Explore the journey of transforming rendering trouble into a critical security vulnerability. This talk will unravel how combining creative offensive techniques, strategic exploit chaining, and leveraging third-party services beyond the edge can lead to significant breakthroughs in application security defenses. Attendees will gain practical insights into using automation and DAST tools to uncover similar issues in real-world scenarios. This short talk promises valuable takeaways for penetration testers and eye-opening lessons for those dedicated to securing web applications and sensitive internal data.
Have you ever wondered what happens in international waters? It’s not just the waves that can be unpredictable, especially when an ethical hacker decides to spend a vacation on board. Cruising the high seas with curiosity and little to do, just a laptop, the majestic Norwegian fjords as the backdrop, and time on his hands, what possibly could go wrong?
We will explore how traditional Captchas work and look at their evolution into the modern solutions we encounter daily. Let’s compare a variety of vendors and the unique features they offer. But the question remains: are these CAPTCHAs sufficient in protecting your web applications against attackers and bots? And what about artificial intelligence?
What would you do if you found random keys without knowing whom they belong to or where they grant access? A red team exercise applied in a real-world, social experiment with a twist.
Novel attack vector affecting WordPress websites. This talk will focus on the research from the beginning, explaining the motivation and exploration phase. A new scanner tool will be released, along with the Docker container for local testing. Lastly, you will get a chance to see the redacted results from the bug bounty hunting, recon process, and struggle with triage of the reports. TBU, currently still a 0day :)
An introduction into the KARMA attack, exploiting the behavior of some Wi-Fi devices, where vulnerable clients broadcast a “preferred network list” (PNL), which contains the SSIDs of access points to which they have previously connected. We will revisit the old technique, current defenses applied by vendors and build a custom access point using Raspberry Pi & Python.
An intensive, hands-on security workshop covering real-world web application attacks and defenses. Participants explore the OWASP Top 10, practice exploitation with Burp Suite and OWASP Juice Shop, and learn secure code review, phishing techniques, and common attack workflows. The training also provides insight into data breaches, bug bounty methods, and modern attacker tooling.
Most of the security-oriented people already know about the risks of WPE/WPA/WPA2 attacks and how to crack (in)secured Wi-Fi passwords, stuff we won’t talk about. Instead, this talk will be focused on the JavaScript client-side attacks. XSS is overrated and CSRF is dead (SameSite cookie), but malicious actors are infecting hundreds of thousands of SOHO routers and turning them into powerful botnets almost daily. How hard is getting a foothold into the internal network with just a few JavaScript lines and why nobody is talking about it?
An intensive, hands-on security workshop covering real-world web application attacks and defenses. Participants explore the OWASP Top 10, practice exploitation with Burp Suite and OWASP Juice Shop, and learn secure code review, phishing techniques, and common attack workflows.
A practical introduction to bug bounty hunting focused on efficiency, mindset, and methodology. The talk covers major platforms, learning resources, automation, and open-source tools, with real-world tips on reconnaissance, reporting, and avoiding common mistakes—showing how to hunt smarter, improve skills faster, and maximize results without burnout.
An introductory ethical hacking talk showcasing real-world attack and defense concepts through live demonstrations. The session highlights common web vulnerabilities, attacker workflows, and tooling, offering a practical glimpse into how modern web applications are tested—serving as a foundation for the follow-up hands-on workshop.
In this talk, you will see how easy it is to use PowerShell on Windows 7 to bypass antivirus software and completely take control of a limited-privilege user’s web browser.
From this talk, you will gain a comprehensive overview of security tools from the Kali Linux and Android ecosystems. We will demonstrate the practical use of a modified Google Nexus 7 tablet together with a customized smartphone. You will see how easy it is for an attacker to test and evaluate network security from a mobile device, break authentication mechanisms, map and exploit running network services, perform man-in-the-middle attacks, or leave behind a portable miniature computer such as a Raspberry Pi that can be easily accessed later.