---

Burp Suite is the de facto standard for Web application pentesting. Nearly everybody uses this tool, but few people really master it. Some of the under-used features are related to automation, usually for multi-step workflows and dynamic data (think CSRF tokens and JWT-based authentication). I aim to solve that by mixing theory and practice, as done during the renowned 4-day course I offer, titled "Mastering Burp Suite Pro". After introducing session handling rules (concepts, terminology et limitations), we'll cover session management for Web apps (when authentication relied on cookies) and for APIs (where headers like "Authorization" are used instead of cookies). We will also cover some scenarios that can't be solved using only built-in features (for example, extracting a CSRF token from a response and later using it in a JSON request). For that, we'll use extensions like ATOR, Stepper, reShaper or TokenJar.

Requirements:

• Laptop with a supported OS (Windows, Mac or Linux).
• Basic understanding of Burp Pro and its GUI.

Perks:

• Burp Pro installers and a temporary license are provided.

---

This workshop introduces participants to the fundamentals of automotive security through hands-on exploration of the Controller Area Network (CAN bus) and Unified Diagnostic Services (UDS). They provide an entry point to understanding in-vehicle communications, but remains only the foundation of a much broader ecosystem of protocols and potential security weaknesses present in modern platforms. By working with simulated ECUs traffic and interactive challenges, participants will learn how to sniff, analyze, and inject messages.

This workshop will cover the following topics:

• How cars communicate: CAN bus basics and architecture overview.
• Introduction to UDS: diagnostic requests, responses, and service IDs.
• How to capture and interpret CAN and UDS traffic.
• How to identify common signals (e.g., speed, doors, lights) from logs.
• How to inject and replay CAN/UDS messages to trigger actions in a simulated environment.
• Common vulnerabilities: replay attacks, message fuzzing, weak authentication in UDS services.
• Best practices and limitations.
• Newer standards and industry challenges.

Requirements:

• A laptop.
• Basic understanding of networking concepts (helpful, but not required).
• Basic python programming.
• Docker, Docker-Compose, Git, Python3.

---

Infosec is a serious industry now. Professional ethics and robust methodologies are critical to stand out in a field crowded with newcomers. Exegol delivers battle-ready, customizable setups made for professionals. In this 90-minute workshop, you'll get your hands on Exegol and learn to use it confidently, enabling you to deploy it daily and perform with greater speed, security, and efficiency in your work.

Requirements:

• A laptop.

---

This workshop will introduce you to ICS environment security. The main objective will be to discover a few protocols used in this world. A large part of this workshop will be on practical challenges. The players will have to complete each challenge to get the flag.

During the workshop, the following topics will be discussed:

• Introduction to ICS security.
• Differences between ICS network vs IT network.
• Security solutions used in these environments.
• Protocols presentations, as :
• Modbus RTU / Modbus TCP/IP.
• OPCUA.
• S7comm.

Requirements:

• Linux laptop/VM.
• A basic understanding of Python.

---

In this workshop, you will get hands-on experience compromising an Active Directory domain in a realistic internal pentest scenario. Each participant will have their own lab with multiple paths and challenges designed for all skill levels, from beginner-friendly steps to advanced techniques for experienced attendees. The ultimate goal is to become Domain Admin. You will practice real-world Active Directory attack techniques, learn how to choose the right approach at each stage, and gain practical experience in a realistic lab. There will be no slides, only practice. This workshop is open to everyone, whether you are new to Active Directory security or looking to sharpen your skills.

Requirements:

• To get the most out of the workshop and avoid wasting time setting up, come prepared with either an Exegol container ready to go or have the essential tools installed, such as NetExec, Impacket, etc.

---

GO FIGUR is the result of a 2-year investigation into a commercial disinformation network selling fake medicines. This network had the good taste to have made every possible OpSec (Operational Security) mistake, illustrating numerous OSINT, GEOINT, IMINT, SOCMINT and even FININT techniques. This conference offers a RETEX of this investigation, as well as a series of short exercises in digital investigation and OSINT techniques... And many more of the same, some of which are even part of a challenge ;)

---

Guided workshop on understanding and attacking speech recognition models. The workshop is designed for all levels with several exercises and examples.

During this workshop, we will cover the following topics:

• Understanding how speech recognition works.
• Understanding Whisper flow (OpenAI).
• Setting up adversarial attacks and implementation.
• Optimization and obfuscation via psychoacoustics methods.

Requirements:

• A laptop.
• Jupyter Notebook

Optional but recommended:

• Microphone.
• Headphone / earphone
• PyTorch / whisper preinstalled

---

The Ledger Donjon will bring to you its mid-cost transportable laser bench in order to present how an fault injection attack on a secure memory as performed in their Hardware Lab.

After a presentation of the principles of hardware fault injections and a practical example of attack performed last year, you will be able to see this attack live!

The target is an ATECC 608A configured to have a protected slot that can be unlocked thanks to perturbations induced by Laser. We will present the methodology to perform the attack, and will let attendees to manipulate the bench.

As key takeways, you will get an awareness of existing hardware fault injection attacks, get the principles and the methodology to perform it, and actually see a bench performing this attack.

---

In this sessions you'll learn and see how to analyse and exploit hardware via exposed interfaces. You'll probe, connect, and exploit 5 real devices using dirt-cheap tools. No prior soldering needed—just curiosity and a laptop.

---

In this workshop you will learn how to obfuscate your payloads with a custom VM. This will help to evade signature detections and make reverse engineering more difficult. The format will be a hands-on workshop and participants will walk away with new tooling they can try out in the field right away! In this workshop we will leverage the RISC-V architecture and the LLVM ecosystem to build a simple obfuscation pipeline. The VM interpreter code is small and once it is loaded, you do not need to allocate additional executable pages to execute arbitrary payloads.

Covered topics:

• Introduction to VM-based obfuscation.
• Basics of the RISC-V architecture.
• Compiling payloads for the RISC-V architecture.
• Obfuscating the VM interpreter for evasion.
• VM Hardening to complicate reversing the payloads
• Building a basic C2 framework (as time allows)

Requirements:

• The bulk of the work will be done in a GitHub Codespace (Linux), which makes it easy for participants to get started. However, the final payloads need to be executed in a Windows VM (which you have to prepare beforehand).

---

An organization's IT infrastructure is usually protected by a Security Information and Event Management system (SIEM), which collects and analyzes information on machines and network activities to detect malicious behavior. Usually, rules are defined manually by an operator, who determines which actions are authorized and which are prohibited. This work can be long and tedious, and an oversight from the operator could still allow an attacker to compromise at least part of the infrastructure. The growing professionalism of cyberattacks is leading to the development of new intrusion detection methods, using more sophisticated algorithms such as those proposed in the field of Machine & Deep Learning. Today, the use of artificial intelligence is often limited to the use of language models, enriching alerts with a more human explanation, and to data analysis, but often in an opaque way. However, research is very active in this field, and several intrusion detection methods using artificial intelligence models have been developed by researchers, even though they have a too high false alarm rate to be used as such in real infrastructures without a human double-check. In this workshop, we would like to present these new advances in artificial intelligence applied to cybersecurity to an interested audience, through the use case of a simulated hydroelectric dam, whose control system is equipped with an intrusion detection system (IDS).

Participants will be able to:

• Follow a brief introduction to Machine Learning & Deep Learning, and its applicability to cybersecurity.
• Deploy an artificial intelligence-based IDS to verify the legitimacy of the behavior of an embedded target acting as an industrial controller.
• Attack the embedded target, either with the attack set provided, or with their own attacks.
• See alerts raised in real time by the IDS.

---

Come discover heavy client pentesting video game hacking with Cheat Engine! A practical and fun overview of the tool's features, from the basics to some lesser-known features! On the agenda: memory value search, code filter, LUA, and autoassembler!

Requirements:

• A Windows OS/VM

Feel free to get a head start

• Download the tool in advance from its website, cheatengine.org
• Try out the tutorial included with the tool
• Read the slides of my talk on game hacking