About Our Event
After a resounding success in 2024 – featuring over 80 participants, sold-out workshops, and an engaged community of experts – ScapyCon Automotive is back, bigger and better for 2025! Expanding into a three-day format, this year’s event kicks off with a full-day conference, followed by two intensive hands-on workshop days—pushing the boundaries of network packet manipulation across automotive, IoT, aviation, and beyond.
Join us from September 23rd to 25th, 2025 at Techbase Regensburg for an event designed to expand your skills and knowledge in utilizing Scapy, the premier Python program for packet manipulation.
Industry leaders, cybersecurity specialists, and engineers will share cutting-edge insights, while interactive training sessions will provide practical skills for real-world applications. Whether you’re a seasoned professional or just starting out, Scapy Con Automotive 2025 is your chance to connect with like-minded experts, explore the latest Scapy functionalities, and ultimately deepen your knowledge in packet analysis and cybersecurity.
Join our growing community at the forefront of network security! Apply to share your expertise as a speaker using the button on the right, or take part as a participant and experience ScapyCon 2025 firsthand.
Stay in the loop and never miss a beat! Follow us on LinkedIn for registration details and all the latest updates about the upcoming event.
When:
23.09.25 – 25.09.2025, 09:00 AM – 05:00 PM
Where:
Techbase Regensburg, Franz-Mayer-Str. 1, Regensburg
Keynote Speakers:
Philippe Biondi, Dr. Nils Weiss, Willem Melching, Falk Mayer, Jan-Peter von Hunnius, Guillaume Valadon, Tim Blazytko, Mark Fyrbiak and more!
Speakers
Philippe Biondi – Scapy Author
Philippe Biondi is the author of Scapy and numerous other security related tools. He is a co-creator of the SSTIC french-speaking conference; He is a co-author of the Security Powertools book. He published several articles in MISC magazine. He gave several talks to security conferences (Blackhat, HITB, GreHack, CansecWest, Defcon, Syscan, etc.)
Dr. Nils Weiss – Scapy Maintainer / co-founder dissecto GmbH
Dr. Weiß delved into penetration testing during his Bachelor’s and Master’s, exploring vulnerabilities in embedded systems and entire vehicles. Active in developing open-source penetration test frameworks like Scapy, he co-founded dissecto GmbH in 2022, focusing on simplifying security diagnostics and solutions for embedded systems.
Willem Melching – Independent Security Researcher
Willem Melching is an independent security researcher with over 7 years of experience, specializing in automotive security and reverse engineering. He contributed to openpilot at comma.ai, develops tools like the SecOC Key Extractor, and shares research via his blog “I CAN Hack.” He also offers car hacking training and holds a degree from TU Delft.
Falk Mayer – breachlabz co-founder
Falk co-founded BreachLabz, a Munich-based team focused on penetration testing for the automotive industry. With degrees in physics and a background in information, IoT, and automotive security, Falk specializes in testing, vulnerability management, and risk assessments, particularly in line with UN R155 and ISO/SAE 21434 compliance standards.
Jan-Peter von Hunnius – Embedded & Automotive Cybersecurity Specialist
Jan-Peter is a cybersecurity expert in IT/embedded systems and vehicle security. With over 20 years of experience, he has worked with global automotive suppliers and OEMs. A former partner at CYRES Consulting, he specializes in cybersecurity engineering processes per ISO/SAE 21434, UN R155, and ASPICE.
Guillaume Valadon – Scapy Maintainer
Guillaume has a PhD in networking and loves to look at data and to craft packets. In his spare time, he co-maintains Scapy and does some reversing engineering. Also, he still remembers what AT+MS=V34 means! Guillaume regularly gives technical presentations, classes and live demonstrations, and writes research papers for conferences and magazines. He is the editor-in-chief of the MISC Magazine, the first one dedicated to security in France.
Dr. Tim Blazytko – emproof co-founder
Tim Blazytko, co-founder of emproof and noted binary security researcher, leads a team developing cutting-edge software protection and exploit mitigation tools. His work focuses on reverse engineering, code (de)obfuscation, fuzzing, and binary vulnerability analysis. Beyond research, he actively educates professionals and students, sharing his expertise in obfuscation techniques and malware analysis to train future security experts.
Marc Fyrbiak – emproof co-founder
Marc Fyrbiak is co-founder and CPO at emproof. He received his PhD degree from Ruhr University in Bochum, under the supervision of Prof. Christof Paar. He has a BSc degree in Computer Science from TU Braunschweig and a MSc degree in IT Security from Ruhr University Bochum. Today he specialises in the reverse engineering of hardware and embedded software systems and their protection.
Natasha Alkhatib – Product Cybersecurity Leader at Symbio
Natasha Alkhatib is a cybersecurity leader specializing in automotive networks, intrusion detection, and deep learning. She holds a PhD in Cybersecurity and Deep Learning from the Polytechnic Institute of Paris and currently leads a cybersecurity team at Symbio. Her research focuses on AI-driven solutions for automotive cybersecurity.
Ben Gardiner – Senior Cybersecurity Research Engineer at NMFTA
Ben Gardiner is a Senior Cybersecurity Research Engineer at NMFTA (National Motor Freight Traffic Association) , specializing in hardware and low-level software security. With over a decade of embedded systems experience, Ben speaks globally on topics from reverse engineering to automotive cybersecurity and volunteers with DEF CON’s Hardware and Car Hacking Villages. He holds a M.Sc. in Applied Math & Stats from Queen’s University.
Francis Hoogendijk – Forensic Scientist at NFI
Francis Hoogendijk is a forensic scientist at the Netherlands Forensic Institute, specialized in vehicle forensics. His work focuses on reverse engineering and applying both hard- and software techniques to access vehicle systems to recover relevant digital traces. He has a MSc degree in Automotive Technology from Eindhoven University of Technology.
Lukas Magel – Penetration Tester at ETAS
Lukas Magel is a penetration tester with the pentesting team at ETAS. His work focuses on the automotive and embedded domain with more than four years of experience. Practically, this can mean anything from desoldering components from a PCB to programming Python tooling or an FPGA. He holds a MSc degree in computer science with a focus on IT security and electrical engineering.
Peter Heller – PhD Researcher at OTH Regensburg
Peter Heller is a PhD researcher in machine learning and embedded systems security at OTH Regensburg. His work focuses on developing host-based intrusion detection systems using anomaly detection techniques tailored for networked industrial devices. His research bridges AI, embedded computing, and cybersecurity, aiming to improve threat detection in critical environments.
Keynotes &Talks
From Packet Crafting to Cybersecurity: A Practical Journey into Automotive IDS with Scapy and Deep Learning – Natasha Alkhatib
This talk explores how Scapy was extended to generate a custom SOME/IP dataset – filling a critical gap in automotive Ethernet research. By simulating realistic in-vehicle communication, including spoofing and flooding attacks, the project enabled the training of deep learning models for intrusion detection. Attendees will learn how this reproducible approach supports the development and evaluation of IDS solutions tailored to modern vehicle networks, showcasing Scapy’s versatility and the promise of AI in automotive cybersecurity.
Blind Wireless Seed Key Unlock – Ben Gardiner
This talk reveals a newly discovered wireless vulnerability (CVE-2024-12054) in J2497 trailer equipment, enabling a replay-style seed-key attack via forced ECU resets. Ben Gardiner presents background on J2497 (PLC4TRUCKS), prior wireless CVEs, discovery methods, and mitigations. Attendees will gain insight into the vulnerability’s mechanics, its impact on trailer telematics, and strategies for assessing and securing affected systems.
Inside Automotive Firmware Attacks: How Hackers Break In, and How to Stop Them – Dr. Tim Blazytko
Modern cars run decades-old firmware vulnerable to attack. This talk reveals how hackers reverse-engineer ECUs to steal IP, unlock features, and exploit systems via CAN-FD or telematics. Real cases highlight common methods and weaknesses. We’ll also cover practical defenses like binary rewriting, obfuscation, and control-flow integrity—even without source code. Attendees will leave with insights into attack tactics and concrete strategies to harden firmware and meet security standards.
Vehicle Forensics – Francis Hoogendijk
This talk covers the field of modern vehicle forensics. People leave traces, both physical and digital, wherever they go. This niche field within digital forensics covers the acquisition, extraction and analysis of digital traces from modern vehicle systems in the context of criminal investigations. Tools like Scapy are essential in this field, which will be covered with some examples to highlight current challenges. Attendees will gain insight into how cybersecurity research is reproduced and applied to fight crime.
A (very) technical introduction to JTAG and ARM debugging interfaces – Lukas Magel
Common debugging tools (like Lauterbach or OpenOCD) normally abstract away all low-level logic of a debug interface. While this behavior can be convenient for regular use, it makes pin-pointing errors or issues in the debug connection difficult. Additionally, gaining low-level access to a debug interface provides more fine-grained control over the target for security-related tasks, such as enumeration, password brute-forcing, or scripting in general. This talk introduces the physical and logical architecture of JTAG-based ARM debug interfaces. It showcases the logical architecture at the example of the nRF52 debug port architecture and the corresponding debug port glitch attack.
OEM SecOC Strategies: The Devil’s in the Freshness – Jan-Peter von Hunnius
This talk dives into how different automotive OEMs implement Secure Onboard Communication (SecOC) — and what that means for creative testing. Jan-Peter von Hunnius compares how various manufacturers calculate, transmit, and evaluate freshness values and MACs, including the trade-offs between single and multiple counters. He’ll also explore recent shifts in OEM key distribution strategies and what they reveal about real-world priorities (and blind spots). Attendees will walk away with a technical roadmap for testing SecOC across implementations — plus insight into the broader industry trends and cybersecurity gaps that still offer plenty of room for experimentation.
Reality meets Risk Analysis: Dynamic TARA for Modern Vehicle Safety – Falk Mayer
Why do so many Threat and Risk Assessments (TARAs) fail to keep up with real-world threats? In this talk, Falk Mayer explores the limitations of static TARA models and makes the case for a dynamic approach — one that incorporates live test results to reassess risks as new insights emerge. Using practical examples, including a seed-key attack path once considered harmless, Falk shows how dynamic data can shift feasibility ratings, reprioritize testing, and reshape security architectures. A call for smarter, adaptive risk management in automotive cybersecurity.
MOTRA Testbed for OT Applications – Peter Heller
The increasing interconnection between IT and OT is leading to growing cyber-threats for critical industrial systems. As more and more cross-system protocols such as OPC UA and numerous services are being integrated into modern embedded devices, new security-related challenges are emerging. This presentation discusses the problems of complex OT architectures using the example of OPC UA and then presents a container-based testbed for reproducible attacks. Participants will gain insights into industrial applications, the design of vulnerability-specific tests, and the handling of virtual systems in the testbed.
Workshops
Getting Started with Automotive Ethernet Security Testing (dissecto)
Step into the realm of modern automotive networking with this hands-on workshop focused on Ethernet based ECU security testing. Ideal for engineers and security professionals alike, the session covers foundational methods for discovering IP addresses, configuring VLANs, and capturing network traffic using tools like Scapy, Wireshark, and tcpdump. Participants will explore how to conduct TCP and TLS scans with tools like nmap and testssl.sh, test the robustness of TLS certificates using Frankencert, and analyze diagnostic communication via DoIP and UDS protocols. With a strong focus on practical skills, you’ll learn how to identify and mitigate vulnerabilities in ECUs, understand and manipulate Some/IP and AutoSAR traffic, and build a testing workflow that enhances the cybersecurity posture of today’s connected vehicles.
Advanced Hacking Techniques (Willem Melching)
Dive into the world of car hacking with this immersive two-day workshop designed for both beginners and experienced professionals. Participants will explore key automotive security concepts through a mix of theory and hand-on exercises using real ECUs and simulated networks. Learn how to analyze vehicle communication protocols, reverse engineer firmware, and perform attacks and mitigations on vehicle systems. From CAN bus spoofing to firmware extraction and Ghidra analysis, you’ll gain practical skills with open-source tools and real world scenarios – making this the ideal launchpad for anyone looking to start or strenghten their journey in automotive cybersecurity.
Firmware Reverse Engineering (emproof)
Uncover the inner workings of embedded systems with this deep-dive workshop focused on firmware reverse engineering. Whether you’re a security researcher, developer, or curious hacker, you’ll gain essential knowledge of machine code, assembly, and common firmware file formats like ELF. Through hands-on exercises and guided analysis, you’ll learn to navigate binaries using tools like Ghidra, extract critical routines, and identify cryptographic operations within real-world firmware. This workshop also covers exploit mitigations, anti-reverse-engineering techniques, and obfuscation methods, helping you understand how modern firmware defends itself—and how those defenses can be unraveled. By the end, you’ll have a practical toolkit for analyzing closed-source firmware and uncovering the vulnerabilities hidden inside.
IPv6 & TLS Workshop (Guillaume Valadon)
In this hands-on workshop, you will learn how to use Scapy to interact with IPv6 and TLS, discover what these packets look like on the network, and manipulate the corresponding Scapy objects to interact with real implementations. Regarding TLS, you will manipulate X.509 certificates to look for relevant information and modify their contents. You will also learn how to decrypt TLS sessions using keys retrieved from Linux processes. Together we will explore IPv6 security and understand how Scapy can be used to perform practical attacks.
About Scapy
Scapy, a Python program, revolutionizes network packet manipulation by offering extensive capabilities including packet sending, sniffing, dissecting, and forging. This multifaceted tool empowers users to construct bespoke solutions for network probing, scanning, and security testing. Unlike conventional networking tools, Scapy boasts an interactive interface enabling users to craft, decode, and interpret packets with unparalleled flexibility. Its domain-specific language simplifies packet description and manipulation, epitomized by its ability to describe packets in just a few lines of code. Scapy’s unique approach diverges from traditional tools by providing raw, uninterpreted data, facilitating nuanced analysis and eliminating biases inherent in interpreted results.