Dirk-jan Mollema is a hacker and researcher of Active Directory and Microsoft Entra (Azure AD) security. In 2022 he started his own company, Outsider Security, where he performs penetration tests and reviews of enterprise networks and cloud environments. He blogs at dirkjanm.io, where he publishes his research, and shares updates on the many open source security tools he has written over the years. He presented previously at TROOPERS, DEF CON, Black Hat and BlueHat and has been awarded as one of Microsoft’s Most Valuable Researchers multiple times.

Nicolas Grégoire has been auditing web apps for 20 years. He is an official Burp Suite Pro trainer since 2015, and has trained more than a thousand people since then, either privately or at public events. Other of that, he runs Agarri, a one-man business where he looks for security vulnerabilities for clients and for fun. His public talks (covering SSRF, XSLT, Burp Suite, ...) have been presented at numerous conferences around the world.

Meet Sina Kheirkhah, widely recognized as @SinSinology in the cybersecurity community! Sina is a dedicated full-time vulnerability researcher with a passion for breaking into various systems.

From cracking server-side enterprise solutions to targeting hardware and delving into reverse engineering, Sina‘s expertise covers a wide spectrum. He specializes in low-level exploitation, attacking .NET/Java stacks, bypassing security measures, and chaining bugs seamlessly.

Notably, Sina has competed in Pwn2Own for four consecutive years and has won the “Master of Pwn” title as a solo researcher in pwn2own 2025, demonstrating his dedication to the field.

Cristofaro Mune has been in the security field for 20+ years. He has 15+ years of experience with evaluating the software and hardware security of secure devices, as well as 10+ years of experience in testing and assessing the security of Trusted Execution Environments (TEEs).

Niek Timmers has been analyzing and testing the security of software and hardware of secure devices for over a decade. His interest is typically sparked by technologies where the hardware of the device is fundamentally part of the equation.

Pedro Ribeiro is a vulnerability researcher and reverse engineer with over 10 years of commercial experience. Pedro has found and exploited hundreds of vulnerabilities in software and hardware products. He has over 150 CVE ID’s attributed to his name (most of which related to remote code execution vulnerabilities) and has authored over 60 Metasploit modules that have been released publicly. Besides his vulnerability research activities, he is the founder and director of a penetration testing and reverse engineering consultancy based in London (Agile Information Security), with a variety of clients worldwide. More information about Pedro’s publicly disclosed vulnerabilities can be found at https://github.com/pedrib/PoC

Radek Domanski started his professional career 12 years ago securing large networks and systems and transitioned afterwards into offensive security. He worked on high profile projects within the largest Internet Service Provider in Europe and in the research center of one of the world’s largest telecommunications equipment companies. Radek found a number of critical vulnerabilities in real products and systems that are used by millions of users worldwide. Throughout the years of working on offensive product security Radek developed a unique methodology and honed his skills of vulnerability hunting. At the moment Radek is focusing on hardware, automotive hacking, exploitation and reverse engineering of embedded systems.