10:15 – “HTTP/1.1 Must Die! The Desync Endgame” by James “albinowax” Kettle [ 📺 Video | 🖋️ Slides ]
11:05 – “Attacking Assumptions Behind the Image Load Callbacks” by Denis Nagayuk (diversenok) [ 📺 Video | 🖋️ Slides ]
11:55 – “7 Vulns in 7 Days: Breaking Bloatware Faster Than It’s Built” by Leon Jacobs [ 📺 Video | 🖋️ Slides ]
14:45 – “Internal Domain Name Collision 2.0” by Philippe Caturegli [ 📺 Video | 🖋️ Slides ]
15:35 – “Sign Here to Bypass: From macOS Intune PRT Cookie Theft to Entra ID Persistence” by Shang-De “John” Jiang & Kazma Ye [ 📺 Video | 🖋️ Slides ]
16:25 – “The Ultimate Guide for Protecting Hybrid Identities in Entra ID” by Dr Nestori Syynimaa [ 📺 Video | 🖋️ Slides ]
17:15 – “The (Un)Rightful Heir: My dMSA Is Your New Domain Admin” by Yuval Gordon [ 📺 Video | 🖋️ Slides ]
– Offensive Entra ID (Azure AD) and Hybrid AD security training by Dirk-Jan Mollema
– Burp Suite Pro, 100% hands-on by Nicolas Grégoire
– Advanced .NET Exploitation Training by Sina Kheirkhah
– The Art of Fault Injection: Advanced Techniques & Attacks by Raelize – Cristofaro Mune & Niek Timmers
– Hunting Zero-Days In Embedded Devices by Pedro Ribeiro and Radek Domansky
RomHack is a format made by the non-profit association Cyber Saiyan and composed by
The Conference has international speakers and audience and is one of the main cyber security conferences in Italy.
In 2025 we had have a track dedicated to the kids and a Live Hacking Event during the Conference, a Training sessions the days before.
Did you ask about the Camp? The next RomHack Hacker Camp will take place from Friday, September 25 to Sunday, September 27, 2026!
RomHack is made possible thanks to our generous sponsors. We want to thank them for their generous support. Check the Job Opportunities page!
RomHack is made with 🤍 by Cyber Saiyan
Support us making a donation or becoming a member
[ Code of Conduct ]
Cyber Saiyan Ente del Terzo Settore – C.F. (FC) 97958200582 – VAT 14669161003