Ang Cui

Ang Cui is an American cybersecurity researcher and entrepreneur. He is the founder and CEO of Red Balloon Security in New York City, a cybersecurity firm that develops new technologies to defend embedded systems against exploitation.

  • Ice Ice Baby: Coppin' RAM With DIY Cryo-Mechanical Robot
Christine Fossaceca

Christine Fossaceca is a senior mobile security researcher and reverse engineer Microsoft, focusing on the Defender platform within Microsoft Threat Intelligence. She spends most of her time on Android and iOS mobile device reverse engineering and forensics. Christine is an IDA Pro afficionado, but is learning to like Ghidra, too. She also enjoys using Frida to aid her in dynamic analysis, and tries not to let her dog distract her too much!

  • Handoff All Your Privacy (Again)
Colin O'Flynn

Colin O'Flynn started the ChipWhisperer project to bring power analysis & fault injection tooling to everyone, and also co-authored the Hardware Hacking Handbook.

  • Adventures of My Oven (Pinocchio) with ChipWhisperer
Damiano Melotti

Damiano Melotti (@DamianoMelotti) is a security researcher at Quarkslab. He is mostly interested in systems security, especially in mobile platforms (Android), and automated vulnerability research.

  • Dissecting the Modern Android Data Encryption Scheme
Daniel Wegemer

Security Researcher interested in enabling new features in closed source firmware. Areas of interest are: Wifi, IoT and Automotive.
Co-author of

  • Enabling Security Research on Qualcomm Wifi Chips
Erik Egsgard

Erik is a Principal Security Developer with Field Effect Software. With over 15 years experience in the computer security field he has found vulnerabilities across a wide range of software and operating systems including Windows, MacOS, iOS and Android.

  • The Hunt for Red October - One Ping Too Many

evm is a reverse engineer and member of the Principal Staff at the Johns Hopkins University Applied Physics Laboratory (JHU/APL). He started out reversing in the Windows internals & trusted computing world, and now spends more time in embedded devices. His research interest is in accelerating software RE with architecture-agnostic methods. At APL he is the editor-in-chief of the internal 'zine devoted to RE and vulnerability research. In the real world he can sometimes be seen booklegging PoC || GTFO. He contributed to Symgrate ( and created the ALLSTAR dataset for cross-architecture RE research ( Chicken farmer and Jesus freak.

  • Smashing Virtual Function Pointers on the Heights of Elbrus
Grant Skipper
  • Ice Ice Baby: Coppin' RAM With DIY Cryo-Mechanical Robot
Holger Unterbrink

Holger is a longtime security enthusiast, with more than 25 years of experience in the information security industry. He started his career as a penetration tester and is now working for Cisco Talos as technical leader in the malware and threat hunting sector. He finds new, cutting-edge security threats and analyzes their components. Holger is a frequent speaker at international security conferences such as BlackHat, HackInTheBox, Internet Security Conference, NorthSec, CiscoLive and others. He is also the author of several offensive and defensive security tools and won the IDA plugin contest with his Dynamic Data Resolver (DDR) IDA plugin in 2020.

  • Reversing NIM binaries: the easy way
Johannes Willbold

Johannes Willbold is a doctoral student at the chair for systems security at the Ruhr University Bochum in Germany. In this doctoral thesis, he focuses on the security of space and satellite systems, with a special emphasis on understanding real-world security issues by studying otherwise hard-to-access space software. His first paper on the security of onboard satellite software "Space Odyssey: An Experimental Software Security Analysis of Satellites" was recently accepted to the IEEE S&P 2023 conference. In 2022, Johannes visited the Cyber-Defence Campus in Switzerland for an extended research stay on satellite security, where he investigated the security of VSAT systems.

He is co-founder and co-chair of SpaceSec, the first academic workshop on space and satellite systems security, which is co-located with the top-tier security conference NDSS. He also participated in the Hack-A-Sat 2 finals, spoke at the CySat 2022 on the academic state of satellite security, and was recently invited to ESA for a talk on onboard satellite firmware security.

  • Cracking the final frontier: Reverse engineering and exploiting low-earth orbit satellites
John Mac

An independent security researcher in Canada who is passionate about learning and sharing knowledge on various aspects of information security. He has a keen interest in binary analysis, patch diffing, and vulnerability discovery. He is the creator of several open-source security and InfoSec tools and also blogs regularly about his research projects and experiments with Ghidra and Jupyter Notebooks. You can follow him on Twitter @clearbluejar or visit his website

  • Patch Diffing In The Dark
Luke Jenkins

Luke Jenkins is a Technical Principal Analyst on the Cyber Espionage team at Mandiant, now part of Google Cloud. In this role he tracks and analyses Advanced Persistent Threats (APTs) from nation state hackers globally. Since early January 2022, Luke has been closely monitoring Russia backed threat groups targeting Ukraine.

Luke earned a bachelor's degree in Computer Forensics from the University of South Wales.

  • GRU’s toolkit: A deep dive into the disruptive arsenal
Mathilde Venault

Mathilde Venault is a security researcher at CrowdStrike, specializing in the Windows operating system. Her work focuses on malware analysis and EDR detection capabilities improvements, and she also likes spending her spare time reverse engineering undocumented Windows mechanisms. Mathilde has spoken at multiple conferences such as Black Hat USA and c0c0n, and has published articles sharing her findings. As a typical French, she's always up to share a meal with some bread and cheese.

  • Press Play to Restart: Under the Hood of the Windows Restart Manager
Maxime Rossi Bellom

Maxime Rossi Bellom (@max_r_b) is a Security Researcher and R&D Leader working at Quarkslab, focusing on the hardware and low level software security of mobiles devices and embedded systems. He loves playing with secure boot, and security chips embedded in smartphones.
His latest notable work was on the Titan M chip of Google, and was presented in multiple conferences including Black Hat USA, Troopers, and Black Hat Europe.

  • Dissecting the Modern Android Data Encryption Scheme
Michael Harbison

Mr. Harbison has been a part of the security community for over 20 years. He has experience in both the public and private sectors, working in cyber threat intelligence and serving as a subject matter expert to multiple US federal agencies. He holds several technical certifications, is a certified forensic examiner, and has a Bachelor of Science degree in Computer Forensics.

Since age twelve, Mr. Harbison has been studying code and continues that today as a Distinguished Engineer for Palo Alto Networks' Unit 42. He strives to understand his work at the deepest level, and has a strong desire to bring awareness to the growing threats in cyberspace and to educate the public on ways to improve security practices.

  • Hello 1994: Abusing Windows Explorer via Component Object Model in 2023
Moritz Schloegel

Moritz Schloegel is a binary security researcher at the CISPA Helmholtz Center for Information Security. He is currently in the last year of his PhD and focuses on automated finding, understanding, and exploitation of bugs. Furthermore, he possesses a deep passion for exploring the complexities of (de-)obfuscation, emphasizing automated deobfuscation attacks and their countermeasures.

  • Unchained Skies: A Deep Dive into Reverse Engineering and Exploitation of Drones
Natalie Silvanovich

Natalie Silvanovich leads Google Project Zero's North American team. Her current research focus is messaging applications and video conferencing. Previously, she worked in mobile security on the Android Security Team at Google and as a team lead of the Security Research Group at BlackBerry, where her work included finding security issues in mobile software and improving the security of mobile platforms. Outside of work, Natalie enjoys applying her hacking and reverse engineering skills to unusual targets and has spoken at several conferences on the subject of Tamagotchi hacking.

  • How to Hack Shannon Baseband (from a Phone)
Nick Gregory

Nick is a software engineer at Google working on macOS and Linux endpoint security systems. He was previously a senior threat researcher at Capsule8 (acquired by Sophos), focusing on Linux server defense. His background is primarily in low-level systems and kernel exploitation research. Nick is also a Hacker in Residence and former student of NYU Tandon School of Engineering’s OSIRIS Lab.

  • Be Kind, Please Rewind: Adventures in creating a macOS record/replay debugger
Nico Schiller

Nico Schiller is a PhD student and security researcher at CISPA Helmholtz Center for Information Security, specializing in analysis, reversing engineering, and exploitation of consumer drones. He has a keen interest in fuzzing and wireless physical layer analysis, and his research aims to identify and address vulnerabilities in drone technology to improve overall security

  • Unchained Skies: A Deep Dive into Reverse Engineering and Exploitation of Drones
Nika Korchok Wakulich

Nika Korchok Wakulich (ic3qu33n) is a Security Consultant at Leviathan Security Group where she works on a range of penetration testing engagements, with a focus on hardware and embedded security. Outside of work, she combines her artistic practice (woodcut prints, painting, drawing, etc.) with her independent security research on passion projects in different areas of security. A few of her current favorites are hardware&firmware RE, DOS malware, bootkits, and writing vx/art demos in x86 asm. When she isn’t making art, reverse engineering or making art as a part of her reverse engineering process, she enjoys learning languages and skateboarding.
You can find her on Instagram as @nikaroxanne, and on Mastodon/Discord/etc. as @ic3qu33n

  • Portrait of the artist as a young vx-er: This painting is an MBR bootkit
Olivia Lucca Fraser

Olivia Lucca Fraser is a Staff Research Engineer on Tenable's Zero Day team, and holds a Masters in Computer Science from Dalhousie University. Her thesis developed a method of applying genetic programming to the evolution of ROP chain payloads, breeding them to performing subtle tasks like data classification. She has been an active participant in DARPA's AIMEE and ReMath initiatives, and a PI on the latter. She lives in

  • A Backdoor Lockpick
Pavel Yosifovich

Pavel is a developer, trainer, and author, specializing in Windows and low-level software development.
He's a co-author of "Windows Internals, 7th ed. part 1", and the author of "Windows Kernel Programming" and "Windows 10 System Programming". He's also a Pluralsight author and has written several open-source tools that provide insight into Windows.
He can be reached via

  • Writing a Kernel Driver in an hour
Pete Markowsky

Pete is a well-known member of the information security community. His background is primarily in low-level systems, exploitation, and building tools to monitor operating systems. He is currently working at Google on their Security Endpoints Agents.

  • Be Kind, Please Rewind: Adventures in creating a macOS record/replay debugger
Simon Scannell

Simon is a self-taught Vulnerability Researcher at Google who is passionate about playing CTF, traveling, and sports. He has come up with ways to find 0days in some of the most popular web applications such as WordPress, MyBB, and Magento2. He has also developed exploits for the Linux Kernel and Counter-Strike: Global Offensive.

  • You have become the very thing you swore to destroy: Remotely exploiting an Antivirus engine
Tal Lossos

Tal Lossos is a Security Researcher at CyberArk Labs with years of experience in kernel module development with a deep interest in OS internals and currently focuses on bug hunting in the Linux kernel. In his recent works, Tal discovered multiple vulnerabilities in drivers causing elevation of privilege.

  • NVMe: New Vulnerabilities Made easy
Tim Blazytko

Tim Blazytko is a well-known binary security researcher and co-founder of emproof. After working on novel methods for code deobfuscation, fuzzing and root cause analysis during his PhD, Tim now builds code obfuscation schemes tailored to embedded devices. Moreover, he gives trainings on reverse engineering & code deobfuscation, analyzes malware and performs security audits.

  • Unveiling Secrets in Binaries using Code Detection Strategies
Travis Goodspeed

Travis Goodspeed is a reverse engineer from East Tennessee. After years as a bum and years as a corporate sellout, he's happily reverse engineering microcontrollers in Knoxville, driving a fleet of Studebakers and knowing all the best dogs by name at his corner bar. Greetz to Ruger, Riley, Josie, Molly, and Maggie!

  • Recent Experiments with Mask ROMs
Vitor Ventura

Vitor Ventura is a Cisco Talos security researcher and manager of the EMEA and Asia Outreach team. As a researcher, he investigated and published various articles on emerging threats. Most of the day Vitor is hunting for threats, reversing them but also looking for their geopolitical and/or economic context. Vitor has been a speaker in conferences, like VirusBulletin, NorthSec, Recon, Defcon’s Crypto and Privacy Village, among others.
Prior to that he was IBM X-Force IRIS European manager where he was lead responder on several high profile organizations affected by the WannaCry and NotPetya infections. Before that he did penetration testing at IBM X-Force Red, where Vitor led flagship projects like Connected Car assessments and ICS security assessments, custom mobile devices among other IoT security projects. Vitor holds a Bsc in Computer Science and multiple security related certifications like GREM (GIAC Reverse Engineer Malware), CISM (Certified Information Security Manager).

  • Reversing NIM binaries: the easy way
Willy R. Vasquez

Willy R. Vasquez is a PhD student at The University of Texas at Austin working on cryptography and systems security. His research currently focuses on the security of hardware video decoders and building out zero-knowledge proof technologies. His research interests lie in privacy, systems security, cryptosystems, and formal methods.

  • The Most Dangerous Codec in the World: Finding and Exploiting Vulnerabilities in H.264 Decoders
Yuanzhe Wu

Yuanzhe Wu (Hans) has received a Master of Science in Mechanical Engineering degree with specialization in robotics and control from Columbia University in 2019. He has 5 years of experience in embedded device security analysis and is RBS's leading hardware and firmware reverse engineering expert. Mr. Wu was the engineering lead for the cold-boot robot work as well as in recent work examining root-of-trust for Siemens PLC secure boot implementations.

  • Ice Ice Baby: Coppin' RAM With DIY Cryo-Mechanical Robot