About Our Event

Following the success of previous editions, ScapyCon returns in 2026 with a refined and more integrated format. Bringing together a growing community of cybersecurity professionals, researchers, and engineers, the event continues to focus on practical knowledge sharing and real-world applications of network packet manipulation.

Taking place on September 15–16 at TechBase Regensburg, ScapyCon 2026 combines morning talks and presentations with interactive afternoon sessions, including workshops, demos, and discussions. This structure creates more space for hands-on exchange, collaboration, and deeper technical exploration across domains such as automotive, IoT, aerospace and beyond.

Participants can expect insights into current challenges and developments in cybersecurity, along with hands-on engagement with tools and techniques. The evening event at Degginger Regensburg on September 15 offers a dedicated setting to connect with peers and continue discussions beyond the sessions.

Join ScapyCon 2026 to exchange ideas, explore new approaches, and be part of an evolving, practice-driven cybersecurity ecosystem.

Stay in the loop and never miss a beat! Follow us on LinkedIn for registration details and all the latest updates about the upcoming event.

When:

15.09.26 – 16.09.26, 09:00 AM – 05:00 PM

Where:

Techbase Regensburg, Franz-Mayer-Str. 1, Regensburg

Keynote Speakers:

Dr. Enrico Pozzobon, Reinhard Kugler, Dr. Friedrich Wiemer and more!

Conference Website
Ticket Shop

Speakers

Dr. Enrico Pozzobon – Senior Manager @dissecto

Enrico has worked as an automotive penetration tester since 2016. Together with Dr. Nils Weiss, he built the automotive security research lab at the OTH Regensburg and later founded dissecto. He has worked with several automotive manufacturers and insurance companies to find vulnerabilities and build exploit demonstrations. His special field of expertise is side-channel attacks and voltage glitching.

Dr. Nils Weiss – Scapy Maintainer / Senior Manager @dissecto

Nils delved into penetration testing during his Bachelor’s and Master’s, exploring vulnerabilities in embedded systems and entire vehicles. Active in developing open-source penetration test frameworks like Scapy, he co-founded dissecto GmbH in 2022, focusing on simplifying security diagnostics and solutions for embedded systems.

Reinhard Kugler – Security Consultant @SBA Research

Reinhard’s focus relies on security testing of IT and industrial cyber-physical systems. Based on his prior experience in cyber defense, he works with companies to develop security capabilities and secure products. Reinhard is an experienced instructor and develops tailored security trainings. His mission is to apply research methods (combinatorial security testing) to industrial applications, like automotive, embedded or cloud.

Dr. Friedrich Wiemer – Security Researcher @Robert Bosch

Friedrich Wiemer is a security researcher at Robert Bosch GmbH working on in-vehicle network security. He (co-)drives the CANsec and CAN FD Adaptation Layer specifications in the CiA working groups and contributes to the Automotive MACsec and MKA profiles of Open Alliance TC17.

Ben Gardiner – Sen. Cybersecurity Research Engineer @NMFTA

Ben is a Senior Cybersecurity Research Engineer contractor at the National Motor Freight Traffic Association, Inc. (NMFTA)™. He specializes in hardware and low-level software security, with over ten years of professional experience in embedded systems design and a master’s degree in Applied Math and Stats from Queen’s University. He has presented his research at numerous global events, including DEF CON, Hack in Paris, and the Cybertruck Challenge.

Antonio Vasquez Blanco – Cybersecurity Researcher @Tarlogic

Industrial Engineer turned Security Researcher, now part of the Innovation Department at Tarlogic. Passionate about electronics, reverse engineering (especially bare-metal), radio frequency, and everything low-level. Author and contributor to projects like BlueSpy, BSAM, UsbBluetooth and Ghidra Findcrypt, Ghidra SVD, Ghidra DTB…

Keynotes &Talks

From Garage Testing to CI Pipelines: Towards automated Security Testing of Automotive Containers – Reinhard Kugler

Linux and containers are now a common deployment technique in modern automotive ECUs, including Infotainment systems and HPCs. The security testing and prototyping still remain a challenge and companies still are adapting to modern software development and building practices like CI/CD. The main goal to moving from ad-hoc testing approaches to fully automated Dynamic Application Security Testing (DAST) is accompanied by several challenges:

  • Support for automotive environments such as CAN in IT build environments (CI)
  • Integration of testing tools with the system under test (SUT)
  • Automation of test cases to provide repeatable and cost effective testing

This talk outlines the integration of automotive applications into automated build systems for automotive software and explores practical testing approaches such as smart fuzzing, automation with Scapy  and combinatorial testing.

Foundational Security from Ethernet to CAN: Prototyping CANsec and FDAL with Scapy – Dr. Friedrich Wiemer

MACsec has become the foundational link-layer security for automotive Ethernet. CAN and CAN FD, which still carry most safety-critical in-vehicle traffic, have no comparable foundation. We close this gap by extending MACsec downward: reuse MACsec for CANsec — the Layer 2 security protocol for CAN XL under specification in CiA 613-2. To make CANsec available on CAN FD as well, we additionally developed the CAN FD Adaptation Layer (FDAL). It extends the same Layer 2 trust foundation to the billions of CAN FD nodes already deployed today.

Scapy accompanied this work end-to-end. Building on the existing CAN XL functionality in the Linux kernel, we integrated it in Scapy, and implemented CANsec and FDAL as additional layers, developed alongside our specification work to validate real-world functionality. The same code base produced CANsec test vectors shared with silicon and stack vendors, and powered a proof-of-concept Ethernet application over CANsec protected CAN FD.

Autopsy of Modern Connected Cars – Dr. Enrico Pozzobon

While automotive security has moved forward, the forensic reality of these systems remains a “black box.” Based on a FIA study, this talk presents the technical challenges found in performing independent audits on three modern electric vehicles to extract the ground truth behind their data-handling practices.

We will detail the specific methodologies and hardware/software toolkit required to achieve:

  • Network Interception: Building Man-in-the-Middle (MITM) setups for Automotive Ethernet and USB links. We will discuss intercepting telemetry and mapping hidden endpoints in environments protected by TLS and mTLS.
  • Storage Forensics: A deep dive into extraction strategies, ranging from “in-situ” eMMC dumping to the invasive desoldering and reballing required for UFS memories. We also cover the recovery of forensic artifacts from encrypted NVMe storage and gateway-managed SD logs.
  • Software Reversing: Practical analysis of the infotainment stack, including decompiling Android Automotive (GAS) applications and reverse engineering native QNX and Linux binaries to trace how sensor data is repackaged for the cloud.

Unlocking Hidden Bluetooth Capabilities with Scapy – Antonio Vasquez Blanco

Bluetooth security research lacks support for advanced capabilities comparable to monitor mode in WiFi adapters. Beyond the standardized interfaces of Bluetooth controllers lies a layer of vendor-specific functionality where powerful features exist but are typically inaccessible through conventional tooling.

Starting from real-world Bluetooth security research and existing tooling gaps, this talk explores direct controller interaction over USB, the discovery of vendor specific HCI commands, and how reverse engineering efforts can be turned into practical tooling by extending Scapy. Along the way, we unlock capabilities such as MAC spoofing and low level protocol access, features that are normally hidden from the operating system and standard Bluetooth stacks.

Interactive Sessions

Truck Hacking Workshop – Ben Gardiner

This four-hour TCAT training course introduces you to the TCAT platform and its role in vehicle cybersecurity workflows. Through a fast-paced combination of instruction and integrated hands-on labs, participants complete practical exercises in UDS and J1939 diagnostics, controller application enumeration, and vehicle data-flow analysis using simulators.

Requirements: Windows or Linux PC, no admin/root required, but must support Standard USB serial driver allowed (ACM) and standard USB ethernet driver allowed (CDC). Must have a terminal emulator (e.g. putty, teraterm, screen, or picocom) and an ssh client installed. PC must have a modern web browser.

About Scapy

Scapy, a Python program, revolutionizes network packet manipulation by offering extensive capabilities including packet sending, sniffing, dissecting, and forging. This multifaceted tool empowers users to construct bespoke solutions for network probing, scanning, and security testing. Unlike conventional networking tools, Scapy boasts an interactive interface enabling users to craft, decode, and interpret packets with unparalleled flexibility. Its domain-specific language simplifies packet description and manipulation, epitomized by its ability to describe packets in just a few lines of code. Scapy’s unique approach diverges from traditional tools by providing raw, uninterpreted data, facilitating nuanced analysis and eliminating biases inherent in interpreted results.