Speakers
b0t – We’ll Do It Live: Experiments in Self-Modifying Code
cesi0 – Revenge of the Sol Stealers
Daryll Strauss – Covert Regional Communication with Meshtastic
Jack Baker – WINE for Video Game Hackers
Joe Rozner – Introduction to Fault Injection
Josh “savant” Brashars – Reverse Engineering Toys into Robots
m0zy – Microarchitectural Side Channel Attacks
machinist – Boo Boo Runs Wild: Guerilla Open-Source Manufacturing
Reet Kaur – Hacking the Machine: Unmasking the Top 10 LLM Vulnerabilities and Real-World Exploits
Sam Bowne – Securing AI Systems
Vincent Benzoni – Quantum Conundrums: Conquering Quomputing Challenges
wasabi – Amped up for (Learning) Radio
We’ll Do It Live: Experiments in Self-Modifying Code
b0t
In the 1990s-2010, code self-modification was considered a must-have feature for malware to evade anti-virus products. After finding many much easier ways to evade anti-virus, the need for this fairly complex feature died out.
As with all things computer related, we have come full circle to relying on self-modification as a great way to avoid detection. We’ll cover an example of a custom metamorphic code mutation engine. We will also explore additional limits of what is possible with code self-modification. We will answer the question of how feasible it might be to write code that can learn how to achieve a goal.
b0t is a virtual machine enthusiast and helped create and run a free, public malware archive called VX-Underground from its inception. b0t also produced a hacking magazine called VX-Underground Black Mass. He has 7 years of professional security research experience.
(^Top)
cesi0
You just joined the Discord of your favorite influencer and you got a private message from them! It’s your lucky day — they send over a link to receive a free airdrop of crypto tokens, just link your wallet. You click the url, follow the instructions, and just like that, your crypto wallet is drained. You’ve just been targeted by an impersonator and the link they sent is to a crypto drainer. We’ll be going over some common tactics used by threat actors as well as deep diving into few samples of malware actively deployed. As a treat, we’ll even dive into the op-sec failures of a particular actor and how I was able to track down their location.
Threat Hunter. Incident Responder. Security Engineer. All around degen. All of these titles fit cesi0 as a 15 year veteran of the security industry. cesi0 has performed forensics, malware reverse-engineering, threat detection, red teaming, and responded to all sorts of incidents. Returning to LayerOne for his 11th year, cesi0 brings extensive experience in all things relating to threat hunting and analysis.
(^Top)
Covert Regional Communication with Meshtastic
Daryll Strauss
Meshtastic uses inexpensive LORA radios to create ad hoc mesh messaging networks that don’t require centralized organizations or companies to operate. This makes them ideal for regional communications, and when configured properly, provides secure anonymous communications. Whether you want to chat with friends, share data among devices in the region, or want to perform highly covert communication in a group, this talk will give you all the information you need.
This presentation will discuss the fundamentals of LORA radio and mesh networking, the capabilities of Meshtastic, the hardware choices for running Meshtastic, how to configure Meshtastic for secure communications, an examination of additional threats to covert communication and what configuration options/techniques can be used to mitigate them.
I’ve been a technologist in Media and Entertainment for the last 30 years building visual effects studios and technology. My most recent work is focused on zero trust security architectures.
(^Top)
Jack Baker
WINE, the Windows compatibility layer for Linux, has had a significant upsurge in the past few years, particularly amongst PC gamers. This has created a unique landscape for video game hackers, much of which isn’t well understood by most developers. In this talk, we’ll explore WINE internals and how both hackers and defenders can take advantage of them.
Topics include Windows/Linux operating system internals, anti-debugging tricks, and general video game hacking.
Jack is a hobby video game hacker turned professional reverse engineer. In his day job, he’s the game security lead of an indie studio.
(^Top)
Introduction to Fault Injection
Joe Rozner
Fault injection has long been one of the primary methods for bypassing security controls and gaining code execution on secure chips. In recent years the cost of tooling, available information, and examples of attacks have exploded making it much more approachable. We’ll explore the basics of fault injection, how it’s used, available tooling, look at some real world examples, and provide resources to learn and gain more hands on experience.
After years leading the offensive security program at Yahoo Joe co-founded Based Security where he can continue to yell about how terrible we are at identity and access control and maybe do something about it. Shout out to red team gang
(^Top)
Reverse Engineering Toys into Robots
Josh “savant” Brashars
I reverse engineered a life-sized animatronic Yoda holiday decoration and jammed in microcontrollers, sketchy SBCs, hoverboard parts, and more than a few zip ties.
Whether you’re reverse engineering a piece of electronics, or breaking into the transportation network for a municipality, the processes is the same. This talk will walk through my workflow of identifying the goal (make a robot) and working backwards to a functional attack plan. I will demonstrate Robo YoYo’s karaoke mode, utilizing voice cloning + deep fake tech, YoYo’s agentic chatbot personality and not-at-all tiresome speech structure, YoYo’s scratch built autonomous sled, enabling him to rove and dance (Automotive/Smart vehicle security), reverse engineering the control systems to drive the animatronics, OSINT techniques for datasheets, and hunting for non-destructive entry.
Former Red Team @ Apple, Amazon, Salesforce, Yahoo! Paranoids, Rivian Automotive, and more. Lifetime @dc949.
(^Top)
Microarchitectural Side Channel Attacks
m0zy
Processors are optimized for speed, efficiency, and parallelism — but these same design choices have introduced subtle and powerful security risks. Microarchitectural side channel attacks exploit the invisible behaviors of silicon: leaking sensitive data not through software flaws, but through the way hardware internally manages caching, speculation, prediction, and resource sharing. This talk will explore the current state of microarchitectural attacks and how they bypass traditional security boundaries. If you’re interested in breaking systems at a layer most people ignore — or want to think like an attacker operating below the OS — this talk is for you.
m0zy is a Principal Security Researcher with over a decade of experience in embedded systems and low-level software security. She specializes in building and breaking autonomous vehicles, cyber-physical systems, and IoT devices, bringing expertise in reverse engineering, vulnerability research, and exploit development.
(^Top)
Boo Boo Runs Wild: Guerilla Open-Source Manufacturing
machinist
Last year, a bear broke into my kitchen window when my whole family was home. Luckily and without incident, she spooked and ran off before meaningful damage was done. I suppose this explains the industrial-grade electric fences some neighbors have in front of their doors. However, I’ve lived in the local mountains for many years, and this strikes me as unusual bear behavior. No bear arms in my kitchen, please!
Considering this problem deeply, I realized there are some CAD designs on the intertubes that could be useful in this regard. Using the dual magic of computers and caffeine, we’ll play with FreeCAD to manifest these designs into reality with a RepRap. I will explain some nuances of the processes regarding Geometric Dimensioning & Tolerancing, measurement, polymer choice, and slicer setup.
Using this toolchain, you too can make an infinite variety of custom hardware widgets to improve your life, whether it’s organizing the spice rack or keeping the bears away.
You may remember me from previous LayerOne talks such as “3D printing our way to Skynet” and “Swords to Plowshares”. I tend to talk about Computer-Aided-Design, and my background is a lifetime of hardware. I currently work with hardware that goes to space.
(^Top)
Hacking the Machine: Unmasking the Top 10 LLM Vulnerabilities and Real-World Exploits
Reet Kaur
Large Language Models (LLMs) are revolutionizing industries, but they also introduce a new and rapidly evolving attack surface. The OWASP Top 10 for LLM Applications (2025) highlights the most pressing security vulnerabilities that organizations face today. From Prompt Injection to System Prompt Leakage, Data Poisoning, and Excessive Agency, these vulnerabilities are actively exploited by threat actors in ways that many security teams are unprepared for.
This talk will be interactive, example-driven, and packed with visuals, ensuring that every attendee walks away with a clear understanding of LLM threats and actionable steps to defend against them.
With over 24 years of hands-on experience in information security and IT, specializing in developing security programs with a focus on risk management, I’ve consistently delivered value for Fortune 100 and 500 companies, as well as the public sector. As the former CISO at Portland Community College, I orchestrated the alignment of security initiatives with the organization’s mission and objectives.
My expertise spans all three lines of defense, including security strategies, engineering and security innovation, security operations and incident response, threat intelligence, vulnerability management governance, risk and compliance (GRC), internal and external audit and Board reporting.
(^Top)
Sam Bowne
Everyone is deploying chatbots and many other AI systems now, but few understand the security risks they cause. To understand the risks, you need to understand how AI systems operate–especially Large Language Models. These systems are not actually intelligent, but perform intelligence simulation, giving the appearance of knowledge without actually understanding anything they are saying. When you see how words are encoded, embedded, and transformed, you’ll understand what LLMs are doing and why they hallucinate.
Several attacks and defenses are demonstrated, including prompt injection, evasion, poisoning, and deep neural rejection. This talk also covers security guidelines from OWASP, NIST, and the UK Government.
A CTF game is introduced so you can practice setting up AI systems, attacking, and defending them yourself. The game, with other materials including tutorials, slides, and videos will be available at samsclass.info after the talk for anyone to use.
Sam Bowne has been teaching computer networking and security classes at City College San Francisco since 2000. He has given talks and hands-on trainings at DEF CON, DEF CON China, Black Hat USA, HOPE, BSidesSF, BSidesLV, RSA, and many other conferences and colleges. He founded Infosec Decoded, Inc., and does corporate training and consulting for several Fortune 100 companies, on topics including Incident Response and Secure Coding.
(^Top)
Quantum Conundrums: Conquering Quomputing Challenges
Vincent Benzoni
Quantum computing poses a fundamental challenge to modern cryptography, but the reality of its impact is often misunderstood or exaggerated. This talk provides a clear, technically grounded overview of how quantum algorithms like Shor’s and Grover’s threaten widely used encryption schemes, including RSA, ECC, and certain symmetric ciphers. We’ll review the current state of quantum hardware, assess realistic threat timelines, and evaluate which cryptographic systems are at risk—and which are not.
I’m Vincent Benzoni—aka Guillotine—Lead Cybersecurity Engineer at Hoag Hospital. Before I broke into cybersecurity, I spent years wiring up superconducting circuits trying to elaborate a quantum simulator aka the dumb brother of quantum computer for my PhD in Quantum Physics (proof I suffered https://theses.hal.science/tel-03611001). Now I build AI-powered detection systems, bend Microsoft Logic Apps almost to my will, and try automate everything that moves.
(^Top)
wasabi
Forget high-powered transmissions—this talk is all about low-power radio (ISM) and making RF learning fun! We’ll dive into interactive examples, including number stations and custom-built transmitters using the ever-reliable CC1101. Along the way, we’ll share successes and challenges in getting students excited about radio, exploring what works (and what doesn’t) when introducing RF concepts. Best of all, we’ll have live demos to showcase just how accessible and exciting radio can be. Whether you’re an educator, a hobbyist, or just RF-curious, this session is for you!
A tinkerer of many things, security researcher, sometimes cloud engineer.
(^Top)
