Please find details for all talks here.

Two Days of Trainings (17./18. November)

Workshop 1 Workshop 2 Workshop 3 Workshop 4 Workshop 5
Crypto Attacks (closed)
Juraj Somorovsky & Tibor Jager (Ruhr University Bochum)
Hacking Web Applications – Case Studies of Award-winning Bugs in Google, Yahoo, Mozilla and more
Dawid Czagan (Silesia Security Lab)
Practical Firmware Reversing and Exploit Development for AVR-based Embedded Devices (closed)
Alexander Bolshev (Digital Security) & Boris Ryutin (ZORSecurity)
Pentesting and Securing IPv6 Networks (closed)
Marc Heuse
PowerShell for Penetration Testers
Nikhil Mittal (Independent)
Workshop 6 Workshop 7 Workshop 8 Workshop 9
Social Engineering and Security Awareness
Stefan Schumacher (Magdeburger Institut für Sicherheitsforschung)
Training: Developing and Using Threat Intelligence (closed)
John Bambenek (Fidelis Cybersecurity & SANS Internet Storm Center)
Secure Web Development (closed)
Marcus Niemietz (3curity GmbH)
Practical Incident Handling (closed)
Felix Schallock (TIBITS Consulting GmbH)

All Trainings cover two days (from 09:30 to 18:30 every day) and include Lunch and two Coffee Breaks.

Two Days of Conference (19./20. November)

Throughout the conference you will get the opportunity of meeting experts at the Hacker's Lounge to discuss security issues and see demonstrations.

Conference, day 1 - Thu, 19 Nov
Left Pirouette Right Pirouette
08:00 Registration opens
09:10   Can societies manage the SIGINT monster?
Duncan Campbell (IPTV Ltd)
10:00 Hacking Cookies in Modern Web Applications and Browsers
Dawid Czagan (Silesia Security Lab)
A Death in Athens: The inherent Vulnerability of “lawful Intercept” Programs.
James Bamford (Author and Journalist)
10:50 Coffee Break
11:10 How to Break XML Encryption – Automatically
Juraj Somorovsky (Ruhr University Bochum)
Yes, Now YOU Can Patch That Vulnerability Too!
Mitja Kolsek (ACROS d.o.o.)
12:00 File Format Fuzzing in Android - Giving a Stagefright to the Android Installer
Alexandru Blanda (Intel Corporation)
Bridging the Air-Gap: Data Exfiltration from Air-Gap Networks
Mordechai Guri & Yisroel Mirsky (Ben-Gurion University of the Negev)
12:50 Lunch
14:00 Building a Better Honeypot Network
Josh Pyorre (OpenDNS)
Cyber Cyber Cyber Warfare: Mistakes from the MoDs
Raoul Chiesa (Security Brokers / ITU / APWG.EU / ISECOM / UNICRI / AIIC / CLUSIT / OWASP)
14:50 Advanced SOHO Router Exploitation
Lyon Yang (Vantage Point Security)
OSINT Barn Cat: Mining Malware for Intelligence at Scale
John Bambenek (Fidelis Cybersecurity & SANS Internet Storm Center)
15:40 Coffee Break
16:00 Chw00t: How To Break Out from Various Chroot Solutions
Balazs Bucsay (IT-Security Expert / Freelancer)
Deactivating Endpoint Protection Software in an Unauthorized Manner
Matthias Deeg (SySS GmbH)
16:50 50 Shades of WAF - Exemplified at Barracuda & Sucuri
Ashar Javed (Hyundai AutoEver Europe GmbH)
Temet Nosce - Know thy Endpoint Through and Through; Processes to Data
Thomas Fischer (Digital Guardian / Security B-Sides London)
17:40 Cryptography Tools, Identity Vectors for "Djihadists"
Julie Gommes (Econocom-Osiatis / Security and Governance Consultant)
The German Data Privacy Laws and IT Security
Stefan Schumacher (Magdeburger Institut für Sicherheitsforschung)
20:00 Speaker's Dinner
Conference, day 2 - Fri, 20 Nov
Left Pirouette Right Pirouette
09:00 illusoryTLS: Nobody But Us. Impersonate,Tamper and Exploit
Alfonso De Gregorio (secYOUre)
Have We Penetrated Yet??
Johnny Deutsch (Ernst & Young)
09:50 A Case Study on the Security of Application Whitelisting
René Freingruber (SEC Consult )
Continuous Intrusion: Why CI Tools Are an Attacker's Best Friends.
Nikhil Mittal (Independent)
10:40 Coffee Break
11:00 Cryptographic Enforcement of Segregation of Duty within Work-Flows
Thomas Maus (IT-Security Expert / Self-employed)
DDoS: Barbarians at the Gate(way)
Dave Lewis (Akamai Technologies)
11:50 Legal Responses Against Cyber Incidents
Oscar Serrano (Undisclosed)
Revisiting SOHO Router Attacks
Jose Antonio Rodriguez Garcia, Ivan Sanz de Castro, Álvaro Folgado Rueda (Independent Researchers)
12:40 Lunch
14:00 Extending a Legacy Platform Providing a Minimalistic, Secure Single-Sign-On-Library
Bernhard Göschlberger, MSc MLBT BSc & Sebastian Göttfert, BSc (Research Studios Austria FG)
Visualizing Wi-Fi Packets the Hacker's Way
Milan Gabor (Viris)
14:50 ZigBee Smart Homes - A Hacker's Open House
Tobias Zillner, Florian Eichelberger (Cognosec GmbH)
Remote Browser-Based Fingerprinting of Local Network Devices
Manfred Kaiser (Josef Ressel Zentrum TARGET)
15:40 Coffee Break
16:00 Not so Smart: On Smart TV Apps
Marcus Niemietz (3curity GmbH)
L. Aaron Kaplan (
16:50 Measuring the Tor Network
Jens Kubieziel (
HackingTeam - How They Infected Your Android Device By 0days
Attila Marosi (SophosLabs - Senior Threat Researcher)
17:40 Agile Security: The Good, The Bad, and mostly the Ugly
Daniel Liber (CyberArk)
HORNET: High-speed Onion Routing at the Network Layer
Chen Chen (Carnegie Mellon University / ETH Zurich)
18:20 Closing Ceremony
21:00 - Screening "A Good American" @ Burgkino
22:30 - Party & Networking at Metalab, Rathausstrasse 6, 1010 Wien