“Go Offensive Building Blocks” Kost · Talk (30 minutes)

Go is one of the popular options for offensive development. High level language with option to write C directly is powerful combination that attracted many offensive and malware developers in the past. During the course of here and there development for 6 years will share own experience and own bui…

“ProxyHell” Blåhaj, Johan Aikema · Talk (30 minutes)

What do you do when you get hit with a vulnerability? Knowing about and mitigating an security incident is more than just technical work: how you deal with the incident internally and externally is just as important. This talk will describe an incident from start to finish, how it was dealt with an…

“Subjective and objective code similarity measures” Vanja Svajcer · Talk (30 minutes)

To set the scene, we begin this session with an analysis of characteristics of malicious dropper VBA code employed by APT actors in South Asia. This code regularly evolves but keeps some regular features such as using VBA Forms to store the executable payload in a lightly obfuscated format.

The si…

“Come closer: digital connectedness and well-being in a pandemic and beyond” Christina · Talk (30 minutes)

The COVID-19 pandemic has led to limits in social interaction and required us to distance ourselves physically from others. In many scenarios, physical contact and real-life social interaction has been replaced by digital connections. But presently, digital media are still only crude approximations…

“Screaming into the void: All e-signatures in the world are broken!” Kirils Solovjovs · Talk (30 minutes)

E-signatures everywhere are insecure.
They have been hacked 10 years ago.
Everyone knew that but no one wanted to talk about it since there is no easy fix.

We decided to create a PoC and poke the government with it.

This is a story on what happened.

:star: PoCs included :star:

“Hunting Electronic Foxes” Aleksandar Bakalov · Talk (30 minutes)

A lecture and a practical workshop for "Fox Hunting".
A small, low-power transmitter is hidden and you try to find it.
Sound simple? It can be very challenging and a whole lot of fun.
The direction-finding skills learned in this activity can be very valuable in locating a repeater jammer, or a lo…

“Hacking the XBOX 360 with a Raspberry Pi Pico” Dile · Talk (30 minutes)

Completely defeat the console's hypervisor and run unsigned code on it

“Hardware Hacking” Vladan Nikolic · Talk (30 minutes)

A lot of attention is drawn to security of our software, but it is also equally important to ensure hardware is secured to avoid problems. Integration between IT world and world of devices which were previously used in isolation opened a door for many new problems and issues, which goes far beyond …

“From Ember to Inferno - Exchanging emails, shouldn't lead to complete disaster” november · Talk (30 minutes)

The most common vector for initial access obtained by threat actors is delivering phishing emails containing links prompting victims to download files or attaching weaponised documents thus entering the 9 circles of Hell. The security industry has taken great steps by creating "modern" solutions li…

“There once was a "we" in "web"” Kirils Solovjovs, Amelia Andersdotter · Talk (30 minutes)

"The web is not dead, it just smells that way."

“Kubernetes Security - Challenge and Opportunity” Marc Nimmerrichter · Talk (30 minutes)

For anyone in software development, there is no way around Kubernetes. Containerization has changed the way software is developed, deployed and operated. Microservices is the new paradigm. Many teams around the world discuss just now: What does containerization and Kubernetes mean to security and h…

“Internationalized Domain Names… and its possible bad uses” fladnaG · Talk (30 minutes)

Internationalized Domain Names, or IDNs, exist for a good reason : ASCII is not the only alphabet in the world. But could IDNs be exploited to lure users on bad websites?

We'll go through DNS and IDNs naming history, past exploitations of homograph attacks, some attacks I've done, and ways to prot…

“Malicious Excel 4.0 Macros” Robert Simmons · Talk (30 minutes)

A multitude of adversaries beginning around February of 2020 have been abusing an old feature of Microsoft Excel as a novel malware delivery method. The Excel 4.0 macros (XLM) feature was introduced in Excel version 4.0 way back in 1992. This style of macro predates the also commonly abused Visual …

“I want my RPC” Mato · Talk (30 minutes)

We will take you to the journey of RPC technology in Windows Internals world, and why this technology is so precious for TAs (Threat Actors) and Defenders. The story
will be told from both perspectives, the antagonists (TA) on one side, and the protagonist (Defender) on the other.

“The Neverending Story… an APT real case!” Sandra Bardón · Talk (30 minutes)

How many of you have been involved in an incident response of an APT? Have you had the feeling that continuously this is the neverending story, like an infinite loop?
Sometimes, in United Nations we have faced some interesting challenges. So, in this talk, you will see a real case of an APT in UN,…

“Lockpicking Intro” Zoz · Talk (30 minutes)

Lock picking Intro

“Opening” jelena · Talk (30 minutes)

Opening event

“Closing session” jelena · Talk (30 minutes)

Closing event

“From ULX3S to modular ULX4M” Goran · Talk (30 minutes)

A powerful ECP5 board for open source FPGA development

The ULX3S is a fully open source, compact, robust and affordable FPGA board equipped with a balanced spectrum of extra components and expansions. Although primarily developed as a teaching tool for mastering the principles of digital circuit de…

“Internet under sanctions: then and now” Jelena Cosic · Talk (30 minutes)

I would like to give a historical perspective on the impact
of sanctions on the development of Internet in Serbia. I would then
compare those experiences with the current demands for the exclusion
of Russia from the global Internet and how organisations such as RIPE
NCC (which I work for)/ICANN/Int…

“Malware Analysis Workshop” Robert Simmons · Talk (30 minutes)

This workshop has four short modules. The first covers the very basics of lab setup: sourcing malware samples, handling malware samples, and tools for basic analysis. The tools you will learn across the workshop are Binary Ninja for disassembly and decompilation, x64dbg for debugging, and Burp Suit…

“The journey to becoming an IT security expert” Hetti · Talk (30 minutes)

Often (young) people want to become IT Security professionals. I want to give insight how my path looked like becoming an IT Security professional and what my opinions are in regards to becoming one. Additionally I want to give useful tips for their journey.

“Reviving the TIM-011 (plus Workshop)” Zarko Zivanov · Talk (30 minutes)

TIM-011 is an ex-Yugoslav computer made in Mihajlo Pupin Institute. The machine itself is a clone of SB180 (CP/M project published in BYTE in 1985), with added graphics and keyboard. Currently, there is only one System diskette preserved, all other software is lost in time. Talk is intended to be a…

“Meteo Sondes Hunting and Hacking” Aleksandar Bakalov · Talk (30 minutes)

Twice a day, every day of the year, weather balloons are released simultaneously from almost 900 locations worldwide!
Each of them carries a small piece of electronic art called a 'radio sonde'.
After the fall sonde transmits telemetry for a couple of hours and it is for grabs ... if you can find …

“Decoding the patterns of bad communication” Daisy Hilbrands · Talk (30 minutes)

Let us have a discussion about what bad communication is and how to avoid it in the future - especially when you interact with others.
There are five common patterns we fall into, when we are communicating badly. This workshop will give you the tools to recognise these anti-patterns in yourself an…

“Masters in Information Security at Faculty of Technical Sciences” Stevan Gostojic · Talk (30 minutes)

This year, Faculty of Technical Sciences in Novi Sad introduced a multidisciplinary 1-year masters study program in information security. More info about the study program is available at https://www.ftn.uns.ac.rs/1546190821/information-security. In this short talk, we will present the study progra…

“Surveillance required - Network effect of surveillance apps” Aleksej · Talk (30 minutes)

In this 30 minute talk I talk about difference between optional and required loss of privacy in everyday digital communications. I start with brief history of how the surveillance has gotten worse and how the requirement of using these surveillance technologies became absolute necessity over time, …

“USB - How does it even work?” MacLemon · Talk (30 minutes)

The quantum state of USB.

“Lightning Talks” Orga BalCCon · Talk (30 minutes)


“Malware Analysis Workshop 1” Robert Simmons · Talk (30 minutes)

This workshop has four short modules. The first covers the very basics of lab setup: sourcing malware samples, handling malware samples, and tools for basic analysis. The tools you will learn across the workshop are Binary Ninja for disassembly and decompilation, x64dbg for debugging, and Burp Suit…

“Karaoke Party” MacLemon · Talk (30 minutes)

What happens at Karaoke Party, stays at Karaoke Party. Schlager only after midnight.

“Rakia Leaks - workshop” Orga BalCCon · Talk (30 minutes)

Rakija connecting people!

Rakia is one of the most popular alcoholic drink in Serbia. It is usually served before lunch and dinner and is drunk along with appetizers. It is mandatory to drink with roasted pig, lamb, or dried meat. It is a very important part of the Albanian and Serbian cultures and…

“Party (dj DJura)” Orga BalCCon · Talk (30 minutes)


“After Party” Orga BalCCon · Talk (30 minutes)

After Party