Speakers
b0t – We’ll Do It Live: Experiments in Self-Modifying Code
Bronwen “Corvus” Aker – Keeping Things Local – Making Your Own Private LLM
cesi0 – Revenge of the Sol Stealers
Daryll Strauss – Covert Regional Communication with Meshtastic
Jack Baker – WINE for Video Game Hackers
Joe Rozner – Introduction to Fault Injection
Josh “savant” Brashars – Reverse Engineering Toys into Robots
m0zy – Microarchitectural Side Channel Attacks
machinist – Boo Boo Runs Wild: Guerilla Open-Source Manufacturing
Sam Bowne – Securing AI Systems
Vincent Benzoni – Quantum Conundrums: Conquering Quomputing Challenges
wasabi – Amped up for (Learning) Radio
We’ll Do It Live: Experiments in Self-Modifying Code
b0t
In the 1990s-2010, code self-modification was considered a must-have feature for malware to evade anti-virus products. After finding many much easier ways to evade anti-virus, the need for this fairly complex feature died out.
As with all things computer related, we have come full circle to relying on self-modification as a great way to avoid detection. We’ll cover an example of a custom metamorphic code mutation engine. We will also explore additional limits of what is possible with code self-modification. We will answer the question of how feasible it might be to write code that can learn how to achieve a goal.
b0t is a virtual machine enthusiast and helped create and run a free, public malware archive called VX-Underground from its inception. b0t also produced a hacking magazine called VX-Underground Black Mass. He has 7 years of professional security research experience.
(^Top)
Keeping Things Local – Making Your Own Private LLM
Bronwen “Corvus” Aker
Ever wanted your own private version of ChatGPT? LLMs offer powerful capabilities, but not everyone is comfortable sending their data over the internet to Microsoft, OpenAI, or Anthropic. Fortunately, open-source tools make it possible to set up and customize a local, secure LLM on your own terms. From installation to customization, this talk will guide you through the process step by step, with demos to illustrate each stage. It’s time to build your own mini-Jarvis and start getting things done, efficiently, securely, and privately.
Corvus, aka Bronwen Aker (M.S. Cybersecurity, GSEC, GCIH, GCFE). likes to describe herself as a “constantly evolving geek.” She has worked with computers since the dark ages when she was introduced to FORTRAN and bubble cards. These days, Bronwen works for Black Hills Information Security (BHIS) as a member of the Continuous Pen Testing team (ANTISOC), an AI researcher, and technical editor. When not working, she spends time playing with her dogs, LLMs, and studying data science.
(^Top)
cesi0
You just joined the Discord of your favorite influencer and you got a private message from them! It’s your lucky day — they send over a link to receive a free airdrop of crypto tokens, just link your wallet. You click the url, follow the instructions, and just like that, your crypto wallet is drained. You’ve just been targeted by an impersonator and the link they sent is to a crypto drainer. We’ll be going over some common tactics used by threat actors as well as deep diving into few samples of malware actively deployed. As a treat, we’ll even dive into the op-sec failures of a particular actor and how I was able to track down their location.
Threat Hunter. Incident Responder. Security Engineer. All around degen. All of these titles fit cesi0 as a 15 year veteran of the security industry. cesi0 has performed forensics, malware reverse-engineering, threat detection, red teaming, and responded to all sorts of incidents. Returning to LayerOne for his 11th year, cesi0 brings extensive experience in all things relating to threat hunting and analysis.
(^Top)
Covert Regional Communication with Meshtastic
Daryll Strauss
Meshtastic uses inexpensive LORA radios to create ad hoc mesh messaging networks that don’t require centralized organizations or companies to operate. This makes them ideal for regional communications, and when configured properly, provides secure anonymous communications. Whether you want to chat with friends, share data among devices in the region, or want to perform highly covert communication in a group, this talk will give you all the information you need.
This presentation will discuss the fundamentals of LORA radio and mesh networking, the capabilities of Meshtastic, the hardware choices for running Meshtastic, how to configure Meshtastic for secure communications, an examination of additional threats to covert communication and what configuration options/techniques can be used to mitigate them.
I’ve been a technologist in Media and Entertainment for the last 30 years building visual effects studios and technology. My most recent work is focused on zero trust security architectures.
(^Top)
Jack Baker
WINE, the Windows compatibility layer for Linux, has had a significant upsurge in the past few years, particularly amongst PC gamers. This has created a unique landscape for video game hackers, much of which isn’t well understood by most developers. In this talk, we’ll explore WINE internals and how both hackers and defenders can take advantage of them.
Topics include Windows/Linux operating system internals, anti-debugging tricks, and general video game hacking.
Jack is a hobby video game hacker turned professional reverse engineer. In his day job, he’s the game security lead of an indie studio.
(^Top)
Introduction to Fault Injection
Joe Rozner
Fault injection has long been one of the primary methods for bypassing security controls and gaining code execution on secure chips. In recent years the cost of tooling, available information, and examples of attacks have exploded making it much more approachable. We’ll explore the basics of fault injection, how it’s used, available tooling, look at some real world examples, and provide resources to learn and gain more hands on experience.
After years leading the offensive security program at Yahoo Joe co-founded Based Security where he can continue to yell about how terrible we are at identity and access control and maybe do something about it. Shout out to red team gang
(^Top)
Reverse Engineering Toys into Robots
Josh “savant” Brashars
I reverse engineered a life-sized animatronic Yoda holiday decoration and jammed in microcontrollers, sketchy SBCs, hoverboard parts, and more than a few zip ties.
Whether you’re reverse engineering a piece of electronics, or breaking into the transportation network for a municipality, the processes is the same. This talk will walk through my workflow of identifying the goal (make a robot) and working backwards to a functional attack plan. I will demonstrate Robo YoYo’s karaoke mode, utilizing voice cloning + deep fake tech, YoYo’s agentic chatbot personality and not-at-all tiresome speech structure, YoYo’s scratch built autonomous sled, enabling him to rove and dance (Automotive/Smart vehicle security), reverse engineering the control systems to drive the animatronics, OSINT techniques for datasheets, and hunting for non-destructive entry.
Former Red Team @ Apple, Amazon, Salesforce, Yahoo! Paranoids, Rivian Automotive, and more. Lifetime @dc949.
(^Top)
Microarchitectural Side Channel Attacks
m0zy
Processors are optimized for speed, efficiency, and parallelism — but these same design choices have introduced subtle and powerful security risks. Microarchitectural side channel attacks exploit the invisible behaviors of silicon: leaking sensitive data not through software flaws, but through the way hardware internally manages caching, speculation, prediction, and resource sharing. This talk will explore the current state of microarchitectural attacks and how they bypass traditional security boundaries. If you’re interested in breaking systems at a layer most people ignore — or want to think like an attacker operating below the OS — this talk is for you.
m0zy is a Principal Security Researcher with over a decade of experience in embedded systems and low-level software security. She specializes in building and breaking autonomous vehicles, cyber-physical systems, and IoT devices, bringing expertise in reverse engineering, vulnerability research, and exploit development.
(^Top)
Boo Boo Runs Wild: Guerilla Open-Source Manufacturing
machinist
Last year, a bear broke into my kitchen window when my whole family was home. Luckily and without incident, she spooked and ran off before meaningful damage was done. I suppose this explains the industrial-grade electric fences some neighbors have in front of their doors. However, I’ve lived in the local mountains for many years, and this strikes me as unusual bear behavior. No bear arms in my kitchen, please!
Considering this problem deeply, I realized there are some CAD designs on the intertubes that could be useful in this regard. Using the dual magic of computers and caffeine, we’ll play with FreeCAD to manifest these designs into reality with a RepRap. I will explain some nuances of the processes regarding Geometric Dimensioning & Tolerancing, measurement, polymer choice, and slicer setup.
Using this toolchain, you too can make an infinite variety of custom hardware widgets to improve your life, whether it’s organizing the spice rack or keeping the bears away.
You may remember me from previous LayerOne talks such as “3D printing our way to Skynet” and “Swords to Plowshares”. I tend to talk about Computer-Aided-Design, and my background is a lifetime of hardware. I currently work with hardware that goes to space.
(^Top)
Sam Bowne
Everyone is deploying chatbots and many other AI systems now, but few understand the security risks they cause. To understand the risks, you need to understand how AI systems operate–especially Large Language Models. These systems are not actually intelligent, but perform intelligence simulation, giving the appearance of knowledge without actually understanding anything they are saying. When you see how words are encoded, embedded, and transformed, you’ll understand what LLMs are doing and why they hallucinate.
Several attacks and defenses are demonstrated, including prompt injection, evasion, poisoning, and deep neural rejection. This talk also covers security guidelines from OWASP, NIST, and the UK Government.
A CTF game is introduced so you can practice setting up AI systems, attacking, and defending them yourself. The game, with other materials including tutorials, slides, and videos will be available at samsclass.info after the talk for anyone to use.
Sam Bowne has been teaching computer networking and security classes at City College San Francisco since 2000. He has given talks and hands-on trainings at DEF CON, DEF CON China, Black Hat USA, HOPE, BSidesSF, BSidesLV, RSA, and many other conferences and colleges. He founded Infosec Decoded, Inc., and does corporate training and consulting for several Fortune 100 companies, on topics including Incident Response and Secure Coding.
(^Top)
Quantum Conundrums: Conquering Quomputing Challenges
Vincent Benzoni
Quantum computing poses a fundamental challenge to modern cryptography, but the reality of its impact is often misunderstood or exaggerated. This talk provides a clear, technically grounded overview of how quantum algorithms like Shor’s and Grover’s threaten widely used encryption schemes, including RSA, ECC, and certain symmetric ciphers. We’ll review the current state of quantum hardware, assess realistic threat timelines, and evaluate which cryptographic systems are at risk—and which are not.
I’m Vincent Benzoni—aka Guillotine—Lead Cybersecurity Engineer at Hoag Hospital. Before I broke into cybersecurity, I spent years wiring up superconducting circuits trying to elaborate a quantum simulator aka the dumb brother of quantum computer for my PhD in Quantum Physics (proof I suffered https://theses.hal.science/tel-03611001). Now I build AI-powered detection systems, bend Microsoft Logic Apps almost to my will, and try automate everything that moves.
(^Top)
wasabi
Forget high-powered transmissions—this talk is all about low-power radio (ISM) and making RF learning fun! We’ll dive into interactive examples, including number stations and custom-built transmitters using the ever-reliable CC1101. Along the way, we’ll share successes and challenges in getting students excited about radio, exploring what works (and what doesn’t) when introducing RF concepts. Best of all, we’ll have live demos to showcase just how accessible and exciting radio can be. Whether you’re an educator, a hobbyist, or just RF-curious, this session is for you!
A tinkerer of many things, security researcher, sometimes cloud engineer.
(^Top)
