Take a Picture of Your App Code – Android MRI Interpreter

Magnetic Resonance Imaging (MRI), a medical device, allows tomographic imaging of human organs and measurement of blood flow. Using these features, modern doctors can easily detect diseases without having to perform open surgery as in the past. If it were possible to perform tomography on the app’s code through a simple procedure, such as taking […]

Hunting for Amazon Cognito Security Misconfigurations

Amazon Cognito is an AWS service that’s becoming increasingly popular in modern apps as it provides a complete solution for authentication, authorization, and user management. However, its implementation can easily be misconfigured leaving the door open for various cyber attacks. In this talk, we’ll go over some of these security misconfigurations and how to test […]

NVMe: New Vulnerabilities Made Easy

NVMe technology is part of every Could Service Provider, and nowadays, Cloud Services are perhaps the most important cornerstone of modern computing. For this technology to work effectively, there’s a need for a reliable communication standard between the different services and their storage, and that’s exactly where NVMe comes to play. In this session, we’ll […]

Windows Kernel Security: A Deep Dive into Two Exploits Demonstrated at Pwn2Own

Windows kernel exploitation is a fascinating and challenging field of research that draws the attention of security researchers and attackers alike. The Windows kernel and its drivers are a vast and complex code base that offers many opportunities for discovering and exploiting vulnerabilities that can lead to system compromise and security mechanisms bypasses. This talk […]

From Unknown Parameter to Root: A Story of Unexpected Intrusion Testing Results

In the past thirteen years, SAP still has an endless stream of vulnerabilities patched, some of which are not known to the world, however, they are hidden threats that could lead to disasters. This time we would like to tell a story. A story where everything starts from a classical pentest against a SAP System […]

CLOSING KEYNOTE: The Modern Hacker – From Insight to Impact

PRESENTATION SLIDES In the ever-evolving landscape of cybersecurity, the role of hackers is often misunderstood. Yes, we break into systems. But we equally desire to improve the world of technology. Since I started 20 years ago, companies’ attitude towards ethical hackers have flipped from hostility to embrace. Our attitude towards “the company” has evolved less, […]

TECH KEYNOTE: The Modern CISO: Hacking Management While Defending the Fort

KEYNOTE SLIDES In the ever-evolving landscape of cybersecurity, the role of a Chief Information Security Officer (CISO) is often misunderstood. Some may believe that if you can’t keep up with technical developments, you become management. But the reality is a bit different. This keynote will explore how a successful CISO combines deep technical knowledge with […]