{"code":"VA3RKU","speakers":[{"code":"GQ3TFF","name":"David De Maya Merras","biography":"Cybersecurity Analyst focused on Offensive Security. I spend my time between terminals looking for the next challenge. That means that I have jumped between different topics on this huge Cyber Security world (Incident Response, Forensics, Threat Hunting, Pentesting & Red Teaming) but between us I like the feeling of getting a reverse shell ;). However this time I am comming up with:\r\n\r\n- Offensive AI: Red Teaming Machine Learning Systems\r\n\r\nHappy Hacking!","avatar":"http://cfp.bsidesvienna.at/media/avatars/2026-06-11_00-12_d0lhCaV.png"}],"title":"Offensive AI: Red Teaming Machine Learning Systems","submission_type":{"en":"Medium Talk"},"track":{"en":"Kreativraum 3.1 (Track 3 - 50 pax - Women4Cyber/Rookie)"},"state":"confirmed","abstract":"This talk explores offensive security techniques against ML and LLM systems, from adversarial inputs and data poisoning to prompt injection and model extraction, with a live local demonstration of indirect prompt injection against a self-hosted model. The attendees will learn about the risks of deploying AI systems without proper security measures.","description":"This talk introduces the Offensive AI Framework, an open, structured knowledge base mapped to OWASP ML Top 10, OWASP LLM Top 10, and Google's SAIF. There will be a public repository where all the information related to the frameworks will be matched between the frameworks. Attendees will learn how ML models are trained and where that process introduces risk, how the major AI vulnerability frameworks are organized, and see practical exploitation of real vulnerabilities including data poisoning, prompt injection, and model fingerprinting. The session closes with a fully local live demo, no internet required, showing how reconnaissance leads to successful exploitation through indirect prompt injection (I will have a recorded video of the exploitation just in case as well).\r\n\r\n[Offensive-AI Framework](https://github.com/hardsoftsecurity/Offensive-AI)","duration":45,"slot_count":1,"do_not_record":false,"is_featured":false,"content_locale":"en","slot":{"room":{"en":"Kreativraum 3.1 (Track 3 - Women4Cyber/Rookie)"},"start":"2026-06-27T13:35:00+02:00","end":"2026-06-27T14:20:00+02:00"},"image":"http://cfp.bsidesvienna.at/media/bsidesvienna-0x7ea/submissions/VA3RKU/offensive-ai_ftNLjx8.png","resources":[]}