Speakers

Philippe Biondi – Scapy Author

Philippe Biondi is the author of Scapy and numerous other security related tools. He is a co-creator of the SSTIC french-speaking conference; He is a co-author of the Security Powertools book. He published several articles in MISC magazine. He gave several talks to security conferences (Blackhat, HITB, GreHack, CansecWest, Defcon, Syscan, etc.)

Dr. Nils Weiss – Scapy Maintainer / co-founder dissecto GmbH

Dr. Weiß delved into penetration testing during his Bachelor’s and Master’s, exploring vulnerabilities in embedded systems and entire vehicles. Active in developing open-source penetration test frameworks like Scapy, he co-founded dissecto GmbH in 2022, focusing on simplifying security diagnostics and solutions for embedded systems.

Willem Melching – Independent Security Researcher

Willem Melching is an independent security researcher with over 7 years of experience, specializing in automotive security and reverse engineering. He contributed to openpilot at comma.ai, develops tools like the SecOC Key Extractor, and shares research via his blog “I CAN Hack.” He also offers car hacking training and holds a degree from TU Delft.

Falk Mayer – breachlabz co-founder

Falk co-founded BreachLabz, a Munich-based team focused on penetration testing for the automotive industry. With degrees in physics and a background in information, IoT, and automotive security, Falk specializes in testing, vulnerability management, and risk assessments, particularly in line with UN R155 and ISO/SAE 21434 compliance standards.

Jan-Peter von Hunnius – Embedded & Automotive Cybersecurity Specialist

Jan-Peter is a cybersecurity expert in IT/embedded systems and vehicle security. With over 20 years of experience, he has worked with global automotive suppliers and OEMs. A former partner at CYRES Consulting, he specializes in cybersecurity engineering processes per ISO/SAE 21434, UN R155, and ASPICE.

Guillaume Valadon – Scapy Maintainer

Guillaume has a PhD in networking and loves to look at data and to craft packets. In his spare time, he co-maintains Scapy and does some reversing engineering. Also, he still remembers what AT+MS=V34 means! Guillaume regularly gives technical presentations, classes and live demonstrations, and writes research papers for conferences and magazines. He is the editor-in-chief of the MISC Magazine, the first one dedicated to security in France.

Tim Blazytko – emproof co-founder

Tim Blazytko, co-founder of emproof and noted binary security researcher, leads a team developing cutting-edge software protection and exploit mitigation tools. His work focuses on reverse engineering, code (de)obfuscation, fuzzing, and binary vulnerability analysis. Beyond research, he actively educates professionals and students, sharing his expertise in obfuscation techniques and malware analysis to train future security experts.

Marc Fyrbiak – emproof co-founder

Marc Fyrbiak is co-founder and CPO at emproof. He received his PhD degree from Ruhr University in Bochum, under the supervision of Prof. Christof Paar. He has a BSc degree in Computer Science from TU Braunschweig and a MSc degree in IT Security from Ruhr University Bochum. Today he specialises in the reverse engineering of hardware and embedded software systems and their protection.

Natasha Alkhatib – Product Cybersecurity Leader at Symbio

Natasha Alkhatib is a cybersecurity leader specializing in automotive networks, intrusion detection, and deep learning. She holds a PhD in Cybersecurity and Deep Learning from the Polytechnic Institute of Paris and currently leads a cybersecurity team at Symbio. Her research focuses on AI-driven solutions for automotive cybersecurity.

Interested in becoming a speaker? Apply via this link.

Workshops

Getting Started with Automotive Ethernet Security Testing (dissecto)

Step into the realm of modern automotive networking with this hands-on workshop focused on Ethernet based ECU security testing. Ideal for engineers and security professionals alike, the session covers foundational methods for discovering IP addresses, configuring VLANs, and capturing network traffic using tools like Scapy, Wireshark, and tcpdump. Participants will explore how to conduct TCP and TLS scans with tools like nmap and testssl.sh, test the robustness of TLS certificates using Frankencert, and analyze diagnostic communication via DoIP and UDS protocols. With a strong focus on practical skills, you’ll learn how to identify and mitigate vulnerabilities in ECUs, understand and manipulate Some/IP and AutoSAR traffic, and build a testing workflow that enhances the cybersecurity posture of today’s connected vehicles.

Advanced Hacking Techniques (Willem Melching)

Dive into the world of car hacking with this immersive two-day workshop designed for both beginners and experienced professionals. Participants will explore key automotive security concepts through a mix of theory and hand-on exercises using real ECUs and simulated networks. Learn how to analyze vehicle communication protocols, reverse engineer firmware, and perform attacks and mitigations on vehicle systems. From CAN bus spoofing to firmware extraction and Ghidra analysis, you’ll gain practical skills with open-source tools and real world scenarios – making this the ideal launchpad for anyone looking to start or strenghten their journey in automotive cybersecurity.

Firmware Reverse Engineering (emproof)

Uncover the inner workings of embedded systems with this deep-dive workshop focused on firmware reverse engineering. Whether you’re a security researcher, developer, or curious hacker, you’ll gain essential knowledge of machine code, assembly, and common firmware file formats like ELF. Through hands-on exercises and guided analysis, you’ll learn to navigate binaries using tools like Ghidra, extract critical routines, and identify cryptographic operations within real-world firmware. This workshop also covers exploit mitigations, anti-reverse-engineering techniques, and obfuscation methods, helping you understand how modern firmware defends itself—and how those defenses can be unraveled. By the end, you’ll have a practical toolkit for analyzing closed-source firmware and uncovering the vulnerabilities hidden inside.

IPv6 & TLS Workshop (Guillaume Valadon)

In this hands-on workshop, you will learn how to use Scapy to interact with IPv6 and TLS,  discover what these packets look like on the network, and manipulate the corresponding Scapy objects to interact with real implementations. Regarding TLS, you will manipulate X.509 certificates to look for relevant information and modify their contents. You will also learn how to decrypt TLS sessions using keys retrieved from Linux processes. Together we will explore IPv6 security and understand how Scapy can be used to perform practical attacks.