Ange Albertini

File formats enthusiast - author of Corkami.
Currently Infosec Engineer at Google.

  • Generating Weird Files
Benoit Forgette

Passionate about how systems work since my childhood and with an initial education in computer science, I gradually moved to the security of these systems and the electronic part of these equipments.Today, I work as a Cybersecurity Engineer in software and hardware reverse engineering at Digital Sécurity, where my daily work consists in disassembling equipments sent by our clients, then inspecting all their attack surfaces (hardware, radio, software, cloud). Then, we help our clients to find the best way to protect their systems and their equipments.

In this work, the part that seems to me the most interesting is the automation/instrumentation/hijacking part. It is fascinating to see how much it is possible to hijack a piece of equipment from its original purpose. This is even more impressive when we talk about physical equipment which has an impact on its environment.

  • Hook as you want it
Clément Oudot

Contributor to LemonLDAP::NG, LDAP Tool Box, LDAP Synchronization Connector, FusionIAM, Identity Solutions Manager by Worteks.

But also musician and singer (KPTN),actor DonJon Legacy, Improv Improcité.

  • Hosting Identity in the Cloud with free softwares
Damien Cauquil (R&D Engineer at Quarkslab)

Damien Cauquil is a security consultant at Quarkslab, specialized in embedded security and hardware/software reverse-engineering. He spoke at various cybersecurity conferences including DEFCON, BruCON, CCC and LeHack. He is also the author of some opensource tools such as Btlejack or Btlejuice.

  • Meet Piotr, a firmware emulation tool for trainers and researchers
Eloi Benoist-Vanderbeken

Eloi (@elvanderb) is one of the Synacktiv's reverse-engineering team tech lead.

  • Jailbreak detection mechanisms and how to bypass them
Geoffroy Couprie

R&D and security at Clever Cloud. I mess with Rust, parsers and cryptography

  • Biscuit: pubkey signed token with offline attenuation and Datalog authz policies
Harpreet Singh

Harpreet is the author of "Hands-On: Web Penetration Testing with Metasploit" and "Hands-On: Red Team Tactics" published by Packt Publishing who has more than 8 years of experience in the field of Ethical Hacking, Penetration Testing, vulnerability research & Red Teaming. He is also a certified CRTP (Certified Red Team Professional), OSCP (Offensive Security Certified Professional) & OSWP (Offensive Security Wireless Professional). Over the years of his experience, Harpreet has acquired the Offensive skill set as well as the Defensive skill set. He is a professional who specializes in Wireless & network exploitation including but not limited to Mobile exploitation, Web Application exploitation and he has also performed few Red Team Engagements in Banks & Financial Groups.

  • Revisiting the Art of Encoder-Fu for novel shellcode obfuscation techniques
Magno Logan

Magno Logan works as an Information Security Specialist for Trend Micro. He specializes in Cloud, Container and Application Security Research, Threat Modelling and Red Teaming. He has been tapped as a resource speaker for numerous security conferences around the globe. He is also a member of the CNCF SIG-Security team.

  • ATT&CKing Kubernetes: A technical deep dive into the new ATT&CK for Containers
Michael Hamm

Since 2010, Michael has worked as an operator and analyst at CIRCL – Computer Incident Response Center Luxembourg where he is working on forensic examinations and incident response.

  • Forensics Low Level - Having fun with Linux onboard tools
Nicolas Mattiocco

Nicolas is an information security expert since 13 years and was involved in various security consulting engagements, from penetration tests to global risk assessments and security operations implementation. Today, he is currently working as a red teamer and in automating security operations at a large scale with PatrOwl solutions.

  • PatrowlHears and Survival tips for prioritizing threats
Nils Amiet

Nils is a Senior Security Engineer on Kudelski Security’s research team performing research on various topics including privacy, authentication, big data analytics, and internet scanning. He also writes blog posts on various topics for Kudelski’s research blog. Nils likes open source software and has presented his research at DEF CON and Black Hat Arsenal. He was part of creating a massively distributed system for breaking RSA public keys.

  • ORAMFS: Achieving Storage-Agnostic Privacy
Peter Czanik, One Identity

Peter is an engineer working as open source evangelist at Balabit (a One Identity business), the company that developed syslog-ng. He assists distributions to maintain the syslog-ng package, follows bug trackers, helps users and talks regularly about sudo and syslog-ng at conferences (SCALE, All Things Open, FOSDEM, LOADays, and others). In his limited free time he is interested in non-x86 architectures, and works on one of his PPC or ARM machines.

  • Security alerting made easy using Python
Thomas Rokicki

I'm a french PhD Student in IRISA Rennes, in the SPICY team. I currently work on micro-architectural attacks, particularly based on JavaScript.

  • In Search of Lost Time: A Review of JavaScript Timers in Browsers
Timothée Ravier

Timothée Ravier is a Linux system and security engineer interested in safe programming languages and container focused operating systems. He is currently working at Red Hat as a CoreOS engineer. He created and maintains Fedora Kinoite, an rpm-ostree based variant of Fedora with the KDE Plasma desktop and is packaging KDE applications in Flatpaks for Flathub and Fedora.

  • Fedora CoreOS, a container focused OS to securely deploy and run applications
Tommaso Gagliardoni (Tech Lead Cryptography, Kudelski Security)

Tommaso Gagliardoni is a cryptographer, privacy hacktivist, and quantum security expert. He works as a researcher and innovation leader at Swiss-American cybersecurity company Kudelski Security. Tommaso published many influential peer-reviewed papers in the areas of cryptography, quantum computing, security, and privacy, and spoke at many international conferences in these fields. He obtained an M.Sc. in Mathematics at the University of Perugia, Italy, and a PhD at the Technical University of Darmstadt, Germany, with a dissertation on the quantum security of cryptographic primitives. Before joining Kudelski Security, he worked in the Security and Privacy group at IBM Research Zurich.

  • ORAMFS: Achieving Storage-Agnostic Privacy

Expert in Android security and reverse engineering, Esther Onfroy a.k.a U039b is a French hacktivist, speaker and co-founder of Defensive Lab Agency, Exodus Privacy, Echap, PiRanhaLysis and Pithus. She actively works with journalists, academics, NGOs and private companies. She helps them better understand and respond to today's cybersecurity threats on mobile devices.

  • Pithus: let's open the Android pandora's box
Xavier Mertens

Xavier Mertens is a freelance security consultant based in Belgium. With 12+ years of experience in information security, his job focuses on protecting his customers' assets by providing services like incident handling, investigations, log management, security visualization, OSINT). Xavier is also a Senior Handler at the SANS Internet Storm Center, SANS FOR610 instructor, a security blogger and co-organizer of the BruCON security conference.

  • Home-Made Distributed Blocklist
Yashdeep Saini

Loves to play with system internals and low level exploitation ideas with couple of years of experience with Appsec/Prodsec/Redteaming/VAPT.

  • Revisiting the Art of Encoder-Fu for novel shellcode obfuscation techniques