Please find details for all talks here.

Two Days of Trainings (15./16. November)

Workshop 1 Workshop 2 Workshop 3 Workshop 4 Workshop 5 Workshop 6 Workshop 7 Workshop A Workshop B
Online-Onsite Training: Hacking JavaScript Desktop apps: Master the Future of Attack Vector
Abraham Aranguren (7ASecurity)
Mobile Security Testing Guide Hands-On (Hybrid edition)
Sven Schleier (WithSecure)
Mobile Network Security
James Bart Stidham (Telecom Experts LLC)
Black Belt Pentesting / Bug Hunting Millionaire: Mastering Web Attacks with Full-Stack Exploitation
Dawid Czagan (Silesia Security Lab)
Network Threat Hunting & Incident Response
Michael Meixner, CISSP (Computerforensic & more GmbH)
Deep Dive Into Malicious Office Documents For Offensive Security Professionals
Didier Stevens (NVISO)
Practical Secure Code Review
Seth Law, Ken Johnson (Redpoint Security, Inc.)
[Video Courses + Online Support] Web Hacking Expert: Full-Stack Exploitation Mastery
Dawid Czagan (Silesia Security Lab)
[Video Courses + Online Support] Web Hacking Secrets: How to Hack Legally and Earn Thousands of Dollars at HackerOne
Dawid Czagan (Silesia Security Lab)

All Trainings cover two days (from 09:30 to 18:30 every day) and include Lunch and two Coffee Breaks.

Two Days of Conference (17./18. November)

Throughout the conference you will get the opportunity of meeting experts at the Hacker's Lounge to discuss security issues and see demonstrations.

Conference, day 1 - Thu, 17 Nov
Track 1 Track 2 (ROOTS)
08:00 Registration opens
10:00 We Are Sorry That Your Mouse Is Admin - Windows Privilege Escalation Through The Razer Co-installer
Oliver Schwarz (SySS GmbH)
Wireless Keystroke Injection As An Attack Vector During Physical Assessments
Simonovi Sergei (Scientific Cyber Security Association / Caucasus University)
10:50 Coffee Break
11:10 GitHub Actions Security Landscape
Ronen Slavin (Cycode)
The Need For a Human Touch In Cyber Security
Erlend Andreas Gjære (Secure Practice)
12:00 Auditing Closed Source Trusted Applications for Qualcomm Secure Execution Environment (QSEE)
Hector Marco & Fernando Vano (Cyber Intelligence S.L.)
Automatic Recovery Of Cyber Physical Systems Applications Against Known Attacks
Dr M Taimoor Khan (University of Greenwich)
12:50 Lunch
14:00 Communicative Incident Response
Hauke Gierow, Paul Gärtner (PIABO)
Iran: A Top Tier Threat Actor
Steph Shample (Middle East Institute)
Working In Warzones In Theory And In Practice
Enno Lenze (Berlin Story)
15:40 Coffee Break
16:00 Identification of the Location in the 5G Network
Giorgi Akhalaia (Caucasus University, Scientific Cyber Security Association)
OPSEC - The Discipline Of The Grey Man
Robert Sell (Trace Labs)
16:50 A Survey Of Secure In-vehicle Communication
Miltos D. Grammatikakis (Hellenic Mediterranean University)
End-to-end Health Data Privacy Using Secure 5G Data Channels
Dr. Razvan Bocu (Transilvania University of Brasov, Romania, Department of Mathematics and Computer Science)
17:40 Towards The Automation Of Highly Targeted Phishing Attacks With Adversarial Artificial Intelligence
Francesco Morano and Enrico Frumento (Cefriel - Polytechnic of Milan)
Post-quantum Verkle Signature Scheme
Maksim Iavich (Caucasus University, Scientific Cyber Security Association)
20:00 Speaker's Dinner
Conference, day 2 - Fri, 18 Nov
Track 1 Track 2 (ROOTS)
09:00 Machine Learning Use In OSINT
Giorgi Iashvili (Caucasus University, Scientific Cyber Security Association)
Attacking Developer Environment Through Drive-by Localhost Attacks
Joseph Beeton (Contrast Security)
09:50 Industrial-Security vs. IT-Security - What we can learn from each other?
Michael Walser (sematicon AG)
Malware And Exfiltration : A Telegram Story
Godwin Attigah (Google)
10:40 Coffee Break
11:00 Detecting The Unknowns – Mobile Network Operators Cyber Resilience In Responding To Zero-day Exploit
Imran Saleem (Mobileum)
Signature-based Detection Using Network Timing
Josh Pyorre (Cisco Talos, Pyosec)
11:50 The Story Continues: Hacking Some More "Secure" Portable Storage Devices
Matthias Deeg (SySS GmbH)
Vanquish: Analysis Everywhere With Smartphones
Hiroyuki Kakara (Trend Micro Incorporated)
12:40 Lunch
14:00 Hey You! Get Off my Satellite!
Paul Coggin (nou Systems, Inc)
Cypher Query Injection - The New "SQL Injection" We Aren't Aware Of
Noy Pearl (Moon Active)
14:50 Practical Mobile App Attacks By Example
Abraham Aranguren (7ASecurity)
Anticipating Damage Control: Communicating About Cybersecurity Within And Outside Organizations
Prof. Matthieu J. Guitton, PhD, FRAI (Université Laval (Quebec City, QC, Canada))
15:40 Coffee Break
16:00 Faking At Level 1 - How Digital Twins Save Your PLCs
Thomas Weber (CyberDanube / Security Reseracher)
Hacker To Honcho
Darren Jones & Julian Botham (Valencia Risk)
16:50 Protecting Your Web Application/API With CrowdSec
Klaus Agnoletti (CrowdSec)
Melting the DNS Iceberg - Taking Over Your Infrastructure Kaminsky Style
Dipl.-Ing. Timo Longin BSc (SEC Consult Unternehmensberatung GmbH)
17:40 Your Phishing Assessment Is Bad & You Should Feel Bad
Alexander Riepl (
18:20 Closing Ceremony
18:30 - .:.
19:00 - T.B.A.