Adrien Guinet

Adrien Guinet is currently CTO at Quarkslab.

  • Mattermost End-to-End Encryption plugin
Ange Albertini

Reverse engineer passionate for file formats.
Currently infosec engineer at Google.

  • Abusing archive-based file formats
Angèle Bossuat

R&D Engineer at Quarkslab, Cryptographer, Hippie

  • Mattermost End-to-End Encryption plugin
Antoine Cervoise

Antoine is a penetration tester at Synacktiv. He enjoys computer science, electronics and D.I.Y., beers (drinking and making) by night… and he’s fond of cigars!

  • MobSF for penetration testers
Claire Vacherot

Claire Vacherot is a senior pentester at Orange Cyberdefense. She likes to test systems and devices that interact with the real world and is particularly interested in industrial and embedded device cybersecurity. As a former software developer, she never misses a chance to write scripts and tools.

  • Building on top of Scapy: what could possibly go wrong?
Damien Cauquil

Damien Cauquil is a Security Researcher at Quarkslab who loves reverse-engineering hardware devices, firmwares and protocols.

  • Binbloom reloaded
Éric Leblond

Éric Leblond is the Co-Founder and Chief Technology Officer (CTO) of Stamus Networks and a member of the executive team at Open Network Security Foundation (OISF). Leblond has more than 15 years of experience as co-founder and technologist of cybersecurity software companies and is an active member of the security and open source communities. He has worked on the development of Suricata, the open source network threat detection engine, since 2009 and is part of the Netfilter Core team who is in charge of the Linux kernel's firewall layer. E. Leblond is a well-respected expert and speaker on all things network security.

  • [Workshop] Threat Hunting with SELKS and Suricata 6
  • Write faster Suricata signatures easier with Suricata Language Server
François Lesueur

François Lesueur is an Associate Professor at Université Bretagne Sud (Vannes, France) where he teaches network and digital security. He is particularly interested in security of distributed/federated systems and fights for an empowering security rather than an enslaving one.

  • [Workshop] MI-LXC (Mini-Internet testbed) for network security training and security tools demonstration
Hugo Vincent

I'm a pentester at Synacktiv

  • Finding Java deserialization gadgets with CodeQL
Ivan Kwiatkowski

Ivan Kwiatkowski is an OSCP and OSCE-certified penetration tester and malware analyst who has been working as a Senior Security Researcher in the Global Research & Analysis Team at Kaspersky since 2018. He maintains an open-source dissection tool for Windows executables and his research has been presented during several cybersecurity conferences. As a digital privacy activist, he operates an exit node of the Tor network. Kwiatkowski also delivers Kaspersky’s reverse-engineering training in Europe.

  • Ethics in cyberwar times

Jiska is a security researcher at Secure Mobile Networking Lab, TU Darmstadt.

  • [Workshop] FЯIDA Reverse Engineering Introduction
Jose E. Marchesi

Jose E. Marchesi is a GNU hacker and maintainer. Currently employed by Oracle as the Tech Lead of their Toolchain/Compilers team.

  • GNU poke, the extensible editor for structured binary data
Ludovic Dubost

Creator of XWiki and CEO of XWiki SAS.

XWiki SAS has been developing free software for 15 years. The XWiki software ( allows companies to better organize information. Since 2016, XWiki SAS has also created CryptPad (, an end-to-end encrypted real-time document editing software.

  • CryptPad : a zero knowledge collaboration platform
Mahé Tardy

Mahé Tardy is a Security R&D Engineer at Quarkslab specializing in Kubernetes security and enjoying any new tech a bit too much.

  • kdigger: A Context Discovery Tool for Kubernetes Penetration Testing
Mickael Benassouli

Pentester at Synacktiv

  • MobSF for penetration testers
Mickaël Salaün

Mickaël Salaün is a security researcher and open source enthusiast. He is mostly interested in Linux-based operating systems, especially from a security point of view. He has built security sandboxes before hacking into the kernel on a new LSM called Landlock, of which he is now the maintainer. He previously worked for the French national cybersecurity agency (ANSSI) on systems hardening. He is currently employed by Microsoft to work on Linux-related security projects.

  • Sandboxing your application with Landlock, illustration with the p7zip case
Paul Amicelli

Incident responder

  • DFIR-IRIS - collaborative incident response platform
Paul Rascagnères

Paul Rascagneres is a threat researcher within Volexity. As a researcher, he performs investigations to identify new threats and presents his findings as publications and at international security conferences throughout the world. He has been involved in security research for ten years, mainly focusing on malware analysis, malware hunting and more specially on advanced persistent threat (APT) campaigns and rootkit capabilities. He previously worked for several incident response teams within the private and public sectors.

  • [Workshop] Malware analysis with Ghidra & x64dbg
Peter Czanik

Peter is an engineer working as open source evangelist at Balabit (a One Identity business), the company that developed syslog-ng. He assists distributions to maintain the syslog-ng package, follows bug trackers, helps users and talks regularly about sudo and syslog-ng at conferences (SCALE, All Things Open, FOSDEM, LOADays, and others). In his limited free time he is interested in non-x86 architectures, and works on one of his PPC or ARM machines.Note to recruiters to save time for both of us: even with 20+ years of Linux & FreeBSD sysadmin/engineer/architect/whatever experience I am NOT looking for my next sysadmin job. Peter is an engineer working as open source evangelist at Balabit (a One Identity business), the company that developed syslog-ng. He assists distributions to maintain the syslog-ng package, follows bug trackers, helps users and talks regularly about sudo and syslog-ng at conferences (SCALE, All Things Open, FOSDEM, LOADays, and others). In his limited free time he is interested in non-x86 architectures, and works on one of his PPC or ARM machines.

  • Sudo logs for Blue Teamers
Philippe Teuwen

Philippe Teuwen (@doegox) is Security Researcher at Quarkslab.
He’s one of the libnfc and Proxmark3 RDV4 maintainers and gave about 20+ workshops on RFID & NFC security and privacy issues at Troopers,, Brucon, RFIDsec, Hackito Ergo Sum, RMLL, etc. along with talks on other security topics such as Wi-Fi Protected Setup, eBanking, eVoting, reverse-engineering, Side-channel and fault injection, White-Box cryptanalysis etc.

He’s in the editorial team of the International Journal of PoC/GTFO and makes hardware-oriented CTFs.

  • [Workshop] RFID/NFC: Rise of Proxmark3, hands on
Pierre Milioni

Security Ninja @ Synacktiv

  • Dissecting NTLM EPA & building a MitM proxy
Romain Thomas

Romain Thomas is a security engineer working on mobile applications and obfuscated code.

Author of LIEF, a library to parse and manipulate executable file formats (ELF, PE, Mach-O),
he enjoys going back and forth between reverse engineering and tool development to see which part of the process can be automated.

Romain is also interested in iOS, whitebox cryptography and reverse engineering app protocols.
He contributed in the past to the Triton project, especially on de-obfuscation based on symbolic execution.

  • The Poor Man's Obfuscator
Sébastien Dudek

Sébastien Dudek is a security researcher at Trend Micro and is also the founder of the PentHertz consulting company specialized in wireless and hardware security. He has been particularly passionate about flaws in radio-communication systems and published research on mobile security (baseband fuzzing, interception, mapping, etc.), and on data, transmission using the power-line (Power-Line Communication, HomePlug AV) like domestic PLC plugs, as well as electric cars and charging stations. He also focuses on practical attacks with various technologies such as Wi-Fi, RFID, and other systems that involve wireless communications.

  • Use of Machine and Deep Learning on RF Signals
Solal Jacob

Solal Jacob is an incident responder but also a contributor and developer of open source tools. He is the creator of DFF (Digital Forensics Framework), and other tools related to forensics and memory analysis.

  • TAPIR : Trustable Artifact Parser for Incident Response
Théo Letailleur

Théo Letailleur is an incident response analyst. He worked at Airbus Cybersecurity CSIRT for 4 years where DFIR-IRIS was born and will join the incident response team at Synacktiv. Théo is interested in software reverse-engineering and malware analysis.

  • DFIR-IRIS - collaborative incident response platform
Timothée Ravier

Timothée Ravier is a Linux system and security engineer interested in safe programming languages and container focused operating systems.

He is currently working at Red Hat as a CoreOS engineer. He also created and maintains Fedora Kinoite, a variant of Fedora Silverblue with the KDE Plasma desktop and is packaging KDE applications in Flatpaks for Flathub and Fedora.

  • Building operating systems optimized for containers, from IoT to desktops and servers
Xavier Mertens

Xavier Mertens is a freelance security consultant based in Belgium. With 12+ years of experience in information security, his job focuses on protecting his customers' assets by providing services like incident handling, investigations, log management, security visualization, OSINT). Xavier is also a Senior Handler at the SANS Internet Storm Center, SANS FOR610 instructor, a security blogger and co-organizer of the BruCON security conference.

  • Improve your Malware Recipes with Cyberchef
Yves Rutschle

After studying electronics and computer architecture, Yves spent a decade developing embedded software, first in a small business, then at Airbus. He then moved on to the Airbus A350 design office to work on its security. There, he practiced supplier management, systems engineering, and security requirements for systems with critical, safety-related impacts. Since then he has worked on various topics related to security, from governance to formal proofs of security properties, in several industrial domains such as aeronautics, railway and automotive.

Unsatisfied with the lack of coding in the professional life of a security architect, he finds any excuse he can to develop new tools.

  • Dataflow tabular charts -- a presentation tool for security architects
  • sslh -- an applicative-level protocol multiplexer