2.0 -//Pentabarf//Schedule//EN PUBLISH RPTFZ7@@cfp.bsidesvienna.at -RPTFZ7 The Great Train Robbery - Hacking Like It's 1855 en en 20251122T093500 20251122T103500 1.00000

The Great Train Robbery - Hacking Like It's 1855

This talk is first and foremost an excuse for me to retell the story of The Great Train Robbery and to share my love for Michael Crichton’s book. But because I work in security, I could not stop myself from reading this book and asking myself: “How would this work?”, “Does this apply to today’s environments?” and most importantly, “I want to try this myself!”. As a result, this talk shares the story of The Great Train Robbery, enriched by my adventures and research into replicating multiple hacks. We will explore duplicating keys, cracking safes, physical recon and many more fun hacks that still today have a surprising resemblance to their Victorian era counterparts. PUBLIC CONFIRMED Talk https://cfp.bsidesvienna.at/bsidesvienna-0x7e9-2025/talk/RPTFZ7/ Track 1 Paul Zenker PUBLISH BRVR3G@@cfp.bsidesvienna.at -BRVR3G The TPM and You - How (and why) to actually make use of your TPM en en 20251122T104000 20251122T112500 0.04500

The TPM and You - How (and why) to actually make use of your TPM

PUBLIC CONFIRMED Talk https://cfp.bsidesvienna.at/bsidesvienna-0x7e9-2025/talk/BRVR3G/ Track 1 Mathias Tausig PUBLISH 3QNUWE@@cfp.bsidesvienna.at -3QNUWE Physical security assesments- what could possibly go wrong? en en 20251122T113000 20251122T120000 0.03000

Physical security assesments- what could possibly go wrong?

PUBLIC CONFIRMED Short Talk https://cfp.bsidesvienna.at/bsidesvienna-0x7e9-2025/talk/3QNUWE/ Track 1 Gabor Szivos Darius Beckert PUBLISH 9ZRUAL@@cfp.bsidesvienna.at -9ZRUAL How To Breach: From Unconventional Initial Access Vectors To Modern Lateral Movement en en 20251122T130500 20251122T140500 1.00000

How To Breach: From Unconventional Initial Access Vectors To Modern Lateral Movement

PUBLIC CONFIRMED Talk https://cfp.bsidesvienna.at/bsidesvienna-0x7e9-2025/talk/9ZRUAL/ Track 1 Benjamin Floriani P'atrick Pong<br>atz PUBLISH JFE9UX@@cfp.bsidesvienna.at -JFE9UX How to rob a bank using a payment terminal en en 20251122T141000 20251122T151000 1.00000

How to rob a bank using a payment terminal

PUBLIC CONFIRMED Talk https://cfp.bsidesvienna.at/bsidesvienna-0x7e9-2025/talk/JFE9UX/ Track 1 Marcin Ochab PUBLISH GZGG9U@@cfp.bsidesvienna.at -GZGG9U Sandworms in the Supply Chain: Surviving Shai-Hulud and Other Open-Source Nightmares en en 20251122T151500 20251122T160000 0.04500

Sandworms in the Supply Chain: Surviving Shai-Hulud and Other Open-Source Nightmares

The open source supply chain is both our greatest strength and our weakest link. In the past year, npm has faced a series of high-impact malware campaigns, culminating in the discovery of Shai-Hulud—a worm that exploited package trust to propagate at scale. This session provides a deep dive into how these attacks unfold, why traditional defenses often fail, and what actionable steps teams can take to secure their dependencies. Attendees will leave with a clear understanding of current threat trends, detection techniques, and a practical roadmap for hardening their own pipelines, from package validation to runtime safeguards and incident response planning. PUBLIC CONFIRMED Talk https://cfp.bsidesvienna.at/bsidesvienna-0x7e9-2025/talk/GZGG9U/ Track 1 Ondrej Fitzek PUBLISH EEEHHR@@cfp.bsidesvienna.at -EEEHHR z/OS for GenZ - Hack the Mainframe en en 20251122T160500 20251122T170500 1.00000

z/OS for GenZ - Hack the Mainframe

For over 60 years, mainframes have been the backbone of mission-critical systems, yet they face significant challenges today. A growing skill gap is emerging as experienced system programmers retire, compounded by the high barrier to entry and domain-specific knowledge required. New talent is scarce due to limited and expensive learning resources, and knowledge sharing is often restricted. Security testing is critical concern. There is a lack of objective-based penetration testing a knowledge deficit among security professionals adequately assess the vulnerabilities, leaving these essential systems exposed to potential threats. This talk will address these issues, emphasizing the need for bridging the skill gap, promoting knowledge sharing, and enhancing security measures. The session will conclude with a live hacking demonstration, showcasing real-time vulnerabilities and underscoring the importance of robust security practices. Join us to explore the future of mainframe computing and its indispensable role in our digital infrastructure. PUBLIC CONFIRMED Talk https://cfp.bsidesvienna.at/bsidesvienna-0x7e9-2025/talk/EEEHHR/ Track 1 Jonathan Prince PUBLISH NELYW3@@cfp.bsidesvienna.at -NELYW3 From Vienna to Vegas: Lessons from DEF CON CTF with KuK Hofhackerei en en 20251122T171000 20251122T181000 1.00000

From Vienna to Vegas: Lessons from DEF CON CTF with KuK Hofhackerei

PUBLIC CONFIRMED Talk https://cfp.bsidesvienna.at/bsidesvienna-0x7e9-2025/talk/NELYW3/ Track 1 Manuel Reinsperger Jonas Konrad PUBLISH ALANTS@@cfp.bsidesvienna.at -ALANTS The OWASP Top 10 Looks Different From the Trenches en en 20251122T093500 20251122T100500 0.03000

The OWASP Top 10 Looks Different From the Trenches

PUBLIC CONFIRMED Short Talk https://cfp.bsidesvienna.at/bsidesvienna-0x7e9-2025/talk/ALANTS/ Track 2 Fabian Funder PUBLISH HT3LTA@@cfp.bsidesvienna.at -HT3LTA Hunting Bad Snakes en en 20251122T101000 20251122T104000 0.03000

Hunting Bad Snakes

PUBLIC CONFIRMED Short Talk https://cfp.bsidesvienna.at/bsidesvienna-0x7e9-2025/talk/HT3LTA/ Track 2 Kamil Mańkowski PUBLISH WCHVWJ@@cfp.bsidesvienna.at -WCHVWJ How to open nondestructive a lock with some handy tools? en en 20251122T104500 20251122T111500 0.03000

How to open nondestructive a lock with some handy tools?

First, we have also a workshop and some locks, for more fun. To visit the talk is not mandatory for the workshop. OpenLocks is an austrian association for improving physical security since 2010. We are lock pickers and do it for sports and hold yearly lock picking competitions. In this talk, we talk about the locks, the pins, the tools and some preventions made by manufacturers. So, after this talk, you will know, how the most locks work and how you could pick them. There are also other methods to open a lock, but this could damage the lock and/or isn't unsportsmanlike. PUBLIC CONFIRMED Short Talk https://cfp.bsidesvienna.at/bsidesvienna-0x7e9-2025/talk/WCHVWJ/ Track 2 deac Ben PUBLISH YX33SP@@cfp.bsidesvienna.at -YX33SP StealthCup: Red Team Evasion Attempts vs. Modern EDR/IDS/SIEM in a Multi-Stage IT/OT CTF en en 20251122T112000 20251122T115000 0.03000

StealthCup: Red Team Evasion Attempts vs. Modern EDR/IDS/SIEM in a Multi-Stage IT/OT CTF

PUBLIC CONFIRMED Short Talk https://cfp.bsidesvienna.at/bsidesvienna-0x7e9-2025/talk/YX33SP/ Track 2 Manuel Kern PUBLISH V8FYY7@@cfp.bsidesvienna.at -V8FYY7 how malicious code pwned a secure coding CTF en en 20251122T134000 20251122T135500 0.01500

how malicious code pwned a secure coding CTF

The Amazon AppSec CTF 2025 featured three secure coding challenges where 30 finalists were tasked with patching vulnerabilities like path traversal and command injections in different systems. A backend validation system would test submitted fixes and award flags for properly secured code. This presentation will walk through the Capture The Flag structure, demonstrate the specific exploitation techniques which were used, and discuss the broader implications. We'll examine why validation systems in security competitions need the same scrutiny as the challenges themselves, explore the ethical boundaries of exploiting competition infrastructure, and reveal why Amazon paused the finals mid-competition (oops). PUBLIC CONFIRMED Short Talk https://cfp.bsidesvienna.at/bsidesvienna-0x7e9-2025/talk/V8FYY7/ Track 2 Markus PUBLISH FYN3TX@@cfp.bsidesvienna.at -FYN3TX Self Pwning en en 20251122T141000 20251122T151000 1.00000

Self Pwning

Mental health challenges are increasingly recognized as critical issues in the cybersecurity community, yet they are often overlooked and under-discussed. This session explores imposter syndrome, burnout, stress, and anxiety, examining how these challenges manifest in high-pressure technical environments and affect both personal well-being and professional performance. Attendees will gain practical coping strategies and tools for managing each challenge, along with actionable techniques to build resilience, maintain balance, and reduce stress. The session also highlights resources, support systems, and ongoing strategies to foster a healthier work environment. Through real-world examples, research insights, and evidence-based approaches, participants will leave equipped to cultivate sustainable careers and thrive in cybersecurity. PUBLIC CONFIRMED Talk https://cfp.bsidesvienna.at/bsidesvienna-0x7e9-2025/talk/FYN3TX/ Track 2 Sam Macdonald PUBLISH VCQATE@@cfp.bsidesvienna.at -VCQATE How I built a C2 framework from scratch and why you should(n't) do the same. en en 20251122T151500 20251122T160000 0.04500

How I built a C2 framework from scratch and why you should(n't) do the same.

C2 frameworks are highly complex pieces of software, consisting of multiple architectural layers, components and features. At the bare minimum, modern C2s have at least a client and server component, as well as some sort of agent/implant/payload. The server handles connections and requests from agents that are executed on target systems, allowing operators to - as the name suggests - *command* and *control* them remotely from a client user interface. In addition to front- and backend development, data management and a lot of difficult design decisions, C2 developers are required to balance functionality with operational security and configurability, so that their programs can be easily customized or extended to slip past security controls or the watchful eyes of blue teamers. In this talk, I want to take you on a journey of how I turned the idea and vision of building a custom command and control framework into reality. I will cover the up’s and down’s, the successes and failures, the reality checks and the rewarding lessons learned that come with such a project, all with the goal of answering the question: Should or should you not try to build your own C2? Agenda: - What are Command & Control frameworks? How do they work? - Design choices: Language, Architecture, Communication - Framework features and how to implement them (Beaconing, C2 profiles, Sleep obfuscation, Modules, Evasion and more) - Risk, Reward & Lessons Learned: Why should(n’t) you build a C2? Conquest: https://github.com/jakobfriedl/conquest/ PUBLIC CONFIRMED Short Talk https://cfp.bsidesvienna.at/bsidesvienna-0x7e9-2025/talk/VCQATE/ Track 2 Jakob Friedl PUBLISH 3URMQS@@cfp.bsidesvienna.at -3URMQS Living Under the Land on Linux en en 20251122T160500 20251122T170500 1.00000

Living Under the Land on Linux

In a sense, Linux ops are just a series of commands sent to some shell we've got calling back to us. That all just boils down to running a bunch of programs (except when it doesn't), but under the hood we're just running a bunch of code to do things which turns out to be just a convenient way to make system calls which themselves are just a handy way to ask the Linux kernel to do things for us. Unjust application of layers of abstraction has, in one Red Teamer's opinion, made Linux seem way more complicated than necessary. In this talk we'll distill Linux operations down to a handful of system calls and a bit of syntax to make them happen and build on that to give ourselves flexibility to operate with ease in the somewhat unpredictable modern landscape of minimal containers, hardened distributions, and so on. The slides can be found at https://t.co/hiZ2Ddj5c0 PUBLIC CONFIRMED Talk https://cfp.bsidesvienna.at/bsidesvienna-0x7e9-2025/talk/3URMQS/ Track 2 Stuart McMurray PUBLISH TQTFXR@@cfp.bsidesvienna.at -TQTFXR Hacking with AI, how to have some fun en en 20251122T093500 20251122T113500 2.00000

Hacking with AI, how to have some fun

In this workshop, we will go through the general notions of using LLMs for automation, with a focus on offensive security tasks. Given current scientific evaluations and building from personal experience, we will walk through several techniques, starting from simple text completion and building up to a full multi-agent framework (including information on what will still not work with the current iterations of those). In the end, the goal is to understand what something like this can be used for, how you can build it yourself and why we don't need to fear the terminator coming just now. Please bring: - Laptop with Python installed and an internet connection (venue has WIFI) Optional but good: - Your own API key for an LLM Provider (recommendation is to use OpenRouter, especially since there are some free models available via that) - A problem you want to apply the experiments to (the more difficult the problem, the less help I will be able to give you when something goes wrong, but you can directly apply your newfound skills) PUBLIC CONFIRMED Workshop https://cfp.bsidesvienna.at/bsidesvienna-0x7e9-2025/talk/TQTFXR/ Workshop Room Manuel Reinsperger PUBLISH E9KQW8@@cfp.bsidesvienna.at -E9KQW8 I want to open a lock. en en 20251122T130500 20251122T150500 2.00000

I want to open a lock.

OpenLocks is an Austrian association for improving physical security since 2010. We are lock pickers and do it for sports and hold yearly lock picking competitions. We will explain how to rake and pick locks with our provided tools. If you have already tools, of course you can use them. And if you have already a lock, which you cannot open, you can ask us about it. But we cannot guaranty, that we are able to open it or could explain, how to open it. There are also other methods to open a lock, but this could damage the lock and/or isn't unsportsmanlike. PUBLIC CONFIRMED Workshop https://cfp.bsidesvienna.at/bsidesvienna-0x7e9-2025/talk/E9KQW8/ Workshop Room deac Ben PUBLISH 7SNWWX@@cfp.bsidesvienna.at -7SNWWX Essential Security Configurations and How To Exploit Them en en 20251122T151000 20251122T171000 2.00000

Essential Security Configurations and How To Exploit Them

Attendees need to bring their own laptop (BYOL) with a modern internet browser in order to participate in this interactive workshop. No prior knowledge is required. In this hands-on workshop, participants will dive into fundamental security configurations that form the backbone of enterprise defenses. We will cover key topics such as SMB signing, client hardening, and the secure use of common network protocols. Attendees will not only gain a solid understanding of why these settings matter, but also see how misconfigurations can be abused in real-world attack scenarios. In our dedicated lab environment, we will work together to apply and test effective remediations, ensuring that every highlighted vulnerability is paired with a practical and reliable solution. By the end of the session, attendees will walk away with skills to both recognize and securely configure these essential controls in their own environments. PUBLIC CONFIRMED Workshop https://cfp.bsidesvienna.at/bsidesvienna-0x7e9-2025/talk/7SNWWX/ Workshop Room Benjamin Floriani P'atrick Pong<br>atz