Blackhoodie is a free, women only reverse engineering workshop and community. This FREE 1 day class introduces students to security relevant aspects of compiler internals, and with guided examples enables students to perform their own code modifications through a compiler.

Phishing has evolved to bypass MFA using reverse proxies, while traditional defenses like blocklists are aging and evaded. This talk introduces Cloned Site Canarytoken, which alerts you to phishing attempts before credentials are entered, with real-world attack insights and response strategies.

This talk examines EVSE security through an analysis of 8 EV chargers and findings from Pwn2Own Automotive 2024 and 2025. It covers typical charger design, common attack surfaces, and the process of researching an EV charger from scratch, including a successfully exploited vulnerability.

It has been a decade and a half since FX famously quipped that by quality level, "we’d be better off defending our networks with Microsoft Word than a Checkpoint firewall."

Security products are still pretty terrible - but why? From usability to vulnerability counts - we still fare pretty poorly. This keynote examines why this keeps happening and plots a path to a different world.

The Linux Kernel underpins billions of modern computers and devices ranging across almost every industry. Arguably, its ubiquity places it firmly into the category of critical infrastructure. But, is it secure? In this presentation, Josh will explore this question in detail. He compares and contrasts the security investments being made within the Linux Kernel developer ecosystem with a typical software development life cycle used in a professional development organization. Additionally, he will share a case study of a public and widely exposed security issue that remains unfixed. Finally, he will make recommendations that can reduce the risk posed by running the Linux Kernel.

At this very moment you are enveloped in the warm glowing warming glow of dozens to hundreds of Bluetooth devices. Aren’t you curious what all those little critters are?! In this workshop we’ll use the Blue2thprinting tools to poke at these apparitions and get a sense of what they are and what they want from us!

Note: this workshop will require you to run a prepared Linux VMware VM, and plug in USB Bluetooth dongles for sending and receiving packets. Come with VMware installed, and a machine you're willing to plug USB devices into.

In this workshop, we will provide an introduction to state-of-the-art approaches for modern binary (de)obfuscation. After a brief lecture on the fundamental ideas, we will walk through practical examples. We will use symbolic execution to retrieve the obfuscated expression from the compiled binary and attempt to simplify it, and finally, we will leverage program synthesis to reason about and successfully recover the semantics of the obfuscated code.

This workshop introduces students to security relevant aspects of compiler internals, and with guided examples enables students to perform their own code modifications through a compiler. We will use a pre-setup environment with which we can analyze source code through different compilation stages and by the end of the workshop students will be able to inject code at an early compiler stage. Students will gain understanding of the security relevancy of a build chain.

In this workshop we will cover the basics of reverse engineering automotive firmware. An ECU firmware can consist of millions of lines of code which would take a long time to fully reverse engineer. Tips and tricks will be taught to quickly identify parts of the firmware that are of interest.

Fuzz testing is a powerful technique for uncovering vulnerabilities, but applying it to deeply embedded, bare-metal, or real-time operating system (RTOS) firmware presents unique challenges compared to traditional Linux-based systems. This hands-on, 90-minute workshop will guide participants through the process of analyzing and fuzz testing deeply embedded firmware using a modern technique called firmware rehosting.

Unlock the power of automated reverse engineering with Ghidra’s command line tools in this hands-on workshop. Designed for developers and security analysts, this session will guide you through the process of setting up a productive development environment using the Ghidra Python VSCode Devcontainer Skeleton. You’ll learn how to automate tasks, script analyses, and integrate Ghidra’s powerful decompilation and disassembly features into your workflow, all from the command line.