Hacker, security researcher and mathematician with a strong bias towards software security and reverse engineering.

Specialized in software protection research and development (obfuscation, cryptography, mixed boolean-arithmetic algebra, inverse mappings, etc.) from a dual attack-and-defense perspective, both in academia and industry. Experienced malware analyst in the antivirus sector and security engineer in the gaming industry.

Founder of Fura Labs, a boutique security firm and consultancy focused on software protection research and education. Speaker and trainer at several international security conferences.

Haroon Meer is the founder of Thinkst, the company behind the well loved Thinkst Canary. Haroon has contributed to several books on information security and has published a number of papers and tools on various topics related to the field. Over the past decade (or two) he has delivered research, talks and keynotes at conferences around the world.

Jacob is the Head of Labs at Thinkst Applied Research. Prior to that he managed the HW/FW/VMM security team at AWS, and was a Program Manager at DARPA's Information Innovation Office (I2O). At DARPA he managed a cyber security R&D portfolio including the Configuration Security, Transparent Computing, and Cyber Fault-tolerant Attack Recovery programs. Starting his career at Assured Information Security, he led the Computer Architectures group performing bespoke research into low-level systems security and programming languages. Jacob has been a speaker and keynote speaker at conferences around the world, from BlackHat USA, to SysCan, to TROOPERS and many more. When not in front of the computer, he enjoys trail running, volunteering as a firefighter/EMT, and hiking with his family.

John McIntosh (@clearbluejar), is a security researcher at Clearseclabs. His area of expertise lies within reverse engineering and offensive security, where he demonstrates proficiency in binary analysis, patch diffing, and vulnerability discovery. Notably, John has developed multiple open-source security tools for vulnerability research, all of which are accessible on his GitHub page. Additionally, his website, https://clearbluejar.github.io/, features detailed write-ups on reversing recent CVEs and building RE tooling with Ghidra. Boasting over a decade of experience in offensive security, John is a distinguished presenter and educator at prominent security conferences internationally. He maintains a fervent commitment to sharing his latest research, acquiring fresh perspectives on binary analysis, and engaging in collaborative efforts with fellow security enthusiasts.

Jonathan Andersson is the manager of Trend Micro's Advanced Security Research Group under ZDI/Trend Micro Research since 2010. He has 33 years of professional experience in fields including software development, electronic design, FPGA & PCB design, reverse engineering, and information security. He currently specializes in hardware, firmware, and RF signal reverse engineering. He has presented his original research globally to top-tier infosec conferences as well as by invitation to CERN and DARPA. He holds 15 US patents and is the creator of the Capture the Signal contest, an RF blind signal analysis contest for hackers and radio enthusiasts.

Connor Ford is a Senior Hardware Vulnerability Researcher and a member of Trend Micro's Advanced Security Research team. His main areas of interest are firmware reverse engineering and vulnerability research, particularly involving real time operating systems. He started his professional career as a software developer and then transitioned over to the embedded cyber security space, which is where he plans to stay. Before joining Trend Micro he competed in multiple Pwn2Owns where he exploited a variety of embedded systems including EV chargers, routers and printers.

Joshua "jduck" Drake is the Principal Security Researcher at Delphos Labs. He is a software developer, vulnerability researcher, reverse engineer, author, and public speaker with over 15 years of professional experience. He focused a majority of his career in the software space where he discovered, analyzed, and/or developed exploits for hundreds of security problems. jduck spent a decade focused on Android security (2011 to 2021). During that time, he took the lead on authoring the "Android Hacker's Handbook" and bringing the "Stagefright Vulnerabilities" to the public eye. Nowadays, jduck is researching the application of AI to reverse engineering and vulnerability discovery within binaries. When time permits, he likes to participate in Capture the Flag events and spend time with his family and friends.

Marion has been a Senior Security Engineer working on building threat detection solutions based on machine learning and AI. She also held an offensive security research position at Intel and different roles in the threat detection industry, as a malware reverse engineer and incident responder. Marion is the founder of BlackHoodie, a hacker bootcamp for women, which is established as a global initiative to attract more diverse talent to the security industry.

Tobias Scharnowski is an embedded systems security researcher at CISPA. He focuses on automated firmware security analysis techniques. Besides academia, he is a CTF RE/pwning veteran and repeat Pwn2Own participant. At Pwn2Own, he demonstrated RCE on 13 targets in the automotive and industrial automation domains. This included an exploit of the core DNP3 implementation, the protocol that powers the US electric grid.
https://twitter.com/scepticCTF
https://github.com/fuzzware-fuzzer

Marius Muench is an assistant professor at the University of Birmingham. His research interests cover (in-)security of embedded systems, binary & microarchitectural exploitation, and defenses. He obtained his PhD from Sorbonne University in cooperation with EURECOM and worked as postdoctoral researcher at the Vrije Universiteit Amsterdam. He developed and maintains avatar2, a framework for analyzing embedded systems firmware, and FirmWire, an emulation and fuzzing platform for cellular basebands. Throughout his career, Marius publicly shared his findings and presented at venues such as Black Hat, REcon, and Hardwear.io.
https://twitter.com/nsinusr
https://www.linkedin.com/in/marius-muench-801aa580
https://github.com/FirmWire/FirmWire
https://github.com/avatartwo/avatar2?ref=ringzer0.training

Willem Melching (https://twitter.com/PD0WM) is an independent security researcher. He has over 7 years of experience working on automotive security and reverse engineering. During his time at comma.ai he worked an aftermarket ADAS device and providing open source tools to help the community reverse and interact with a wide variety of cars. Check out his blog (https://icanhack.nl/blog) for recent work.

Prior to working full time on OpenSecurityTraining2 (ost2.fyi), Xeno worked at Apple designing architectural support for firmware security, and code auditing firmware security implementations. A lot of what he did revolved around adding secure boot support to the main and peripheral processors (e.g. the Broadcom Bluetooth chip.) He led the efforts to bring secure boot to Macs, first with T2-based Macs, and then with the massive architectural change of Apple Silicon Macs. Once the M1 Macs shipped, he left Apple to pursue the project he felt would be most impactful: creating free deep-technical online training material and growing the newly created OpenSecurityTraining 501(c)(3) nonprofit.