NorthSec Team

  • Intro (Day 1)
  • Intro (Day 2)
  • Code of conduct, logistics, and more
  • HAK MTL Screening
  • Conference Party
  • Registration
  • Sponsor event
  • Thursday Lunch
  • Friday Lunch
Alexander Druffel

Alexander Druffel studies IT Security at Technische Universität Darmstadt and is writing a thesis on modifying an android kernel for application tracing and malware sandboxing.
Besides that he is working as an android security researcher at Fraunhofer-Institute for secure information technologies and focuses on building low level native analysis tools.
In his spare time he plays Capture The Flag with the WIzardsOfDos team.

  • Using angr to augment binary analysis workflow
Apurva Kumar

Apurva Kumar is a security researcher at Lookout that spends most of her time
uncovering and exposing threats as they emerge in and around the mobile space. Her work
incorporates threat hunting, reverse engineering, and penetration testing. Apurva has also spoken at a number of cyber security meetups and conferences such as KW Security Meetup, DefCon416, TASK and RSA 2019.

  • xRAT: Monitoring Chinese Interests Abroad With Mobile Surveillance-ware
Arezou Hosseinzad-Amirkhizi

Arezou Hosseinzad-Amirkhizi is a security researcher and reverse engineer with experience working in different domains of security. She has discovered software vulnerabilities and leaded threat intelligence and incident response teams. Since 2017, she's been with Lookout mobile security focusing on reversing mobile malware.

  • xRAT: Monitoring Chinese Interests Abroad With Mobile Surveillance-ware
Charles F. Hamilton

With more than 9 years of experience delivering Information Technology and Information Security services to various government and commercial clients such as a banks, nuclear industry and lay firms. Having the opportunity to perform RedTeam against complex and secured environment allowed him to develop a certain expertise that can be used to navigate through the target network without being detected. Since 2014 I'm also the proud owner of the RingZer0 Team website that have more than 25 000 members worldwide. The RingZer0 Team website is a hacking learning platform.

  • Red Teaming Workshop
Chloé Messdaghi

Security Researcher Advocate/PM @Bugcrowd, board member for 4 nonprofits, heads WIST SF, mentors, speaker on diversity and inclusion in InfoSec, and Drop Labels founder.

  • Fixing the Internet's Auto-Immune Problem: Bilateral Safe Harbor for Good-Faith Hackers
Christian Paquin

I am a cryptography specialist in Microsoft Research’s Security and Cryptography team. I’m currently involved in projects related to post-quantum cryptography, such as the Open Quantum Safe project. I’m also leading the development of the U-Prove technology. I’m also interested in privacy-enhancing technologies, smart cloud encryption (e.g., searchable and homomorphic encryption), and the intersection of AI and security.

Prior to joining Microsoft in 2008, I was the Chief Security Engineer at Credentica, a crypto developer at Silanis Technology working on digital signature systems, and a security engineer at Zero-Knowledge Systems working on TOR-like systems.

  • Post-Quantum Cryptography: today's defense against tomorrow's quantum hackers
Elissa Shevinsky

Elissa Shevinsky is CEO of Faster Than Light, where she is building developer tools. Shevinsky previously launched Everyday Health (IPO), Geekcorps (acquired) and Brave ($35M ICO.) Her focus is on bringing security best practices earlier into the development lifecycle, and building tools to make it easier to ship secure code. Shevinsky is also the author of "Lean Out" published by OR Books.

  • What is our Ethical Obligation to Ship Secure Code?
Emilien Le Jamtel

Emilien is a security analyst for CERT-EU since 4 years, also responsible for the monitoring and hunting activities in CERT-EU.

  • Trick or treat? Unveil the “stratum” of the mining pools
Émilio Gonzalez

Émilio is an undergraduate student from Université de Sherbrooke (UdeS). He discovered a passion for cybersecurity two years ago, which lead him to break his promise of trying three different fields during his internships and instead taking only cybersecurity-related internships at the Canadian Cyber Incident Response Center (formerly CCIRC, now CCCS)'s malware analysis team, GoSecure's R&D team and Desjardins' threat hunting team.

President of JDIS, UdeS' computer science student organization, Émilio likes to make things happen, let it be CTFs, AI competitions, conferences, workshops or making every developper understand that tab is the superior indentation character (work in progress).

  • Welcome to the Jumble: Improving RDP Tooling for Malware Analysis and Pentesting
Erica Portnoy

Erica Portnoy is a technologist at the Electronic Frontier Foundation (EFF). She develops the Let's Encrypt client Certbot, which makes it easy for people who run websites to turn on https, keeping their users private and secure against network-based attackers. She writes and speaks about encryption in practice, including what people need from secure messaging providers and what the next generation of encryption in the cloud might look like. Erica also works on EFF's net neutrality project, writing technical filings and opinion pieces and organizing technologists from the networking industry to speak up for technical accuracy in policy decisions.

  • Making it easier for everyone to get Let's Encrypt certificates with Certbot
Eva Galperin

Eva Galperin is EFF's Director of Cybersecurity. Prior to 2007, when she came to work for EFF, Eva worked in security and IT in Silicon Valley and earned degrees in Political Science and International Relations from SFSU. Her work is primarily focused on providing privacy and security for vulnerable populations around the world. To that end, she has applied the combination of her political science and technical background to everything from organizing EFF's Tor Relay Challenge, to writing privacy and security training materials (including Surveillance Self Defense and the Digital First Aid Kit), and publishing research on malware in Syria, Vietnam, Kazakhstan. When she is not collecting new and exotic malware, she practices aerial circus arts and learning new languages.

  • Where Do We Go From Here? Stalkerware, Spouseware, and What We Should Do About It
Florian Magin

Florian Magin works as a Security Researcher at ERNW Research GmbH while pursuing a degree at the TU Darmstadt in Germany.
They organize the local CTF team WizardsOfDos and are a regular CTF player with the main interests in reverse engineering and automated program analysis.

  • Using angr to augment binary analysis workflow
Francis Labelle

A student at the École de Technologie Supérieure (E. T. S.), Francis has discovered an interest for information security at the start of his undergraduate studies. He has worked as an intern for Desjardins's ETTIC team and GoSecure. He has also given workshops for Montrehack and DCIÉTS, and has been a finalist in popular CTF events like Hack in Paris, CSAW and DefCamp.

  • Welcome to the Jumble: Improving RDP Tooling for Malware Analysis and Pentesting
Hugo Porcher

Hugo is a malware researcher at ESET. He focuses mainly on malicious softwares targeting UNIX based operating systems (especially the Apple flavour ones). His previous researches include the analysis of 21 different Linux OpenSSH backdoors families (mostly undocumented). He spoke at various conferences like Botconf, GoSec or LCA. In his free time, he enjoys sliding sports such as surfing and skiing, and expanding his knowledge in doing various projects related to program analysis and CTF challenges.

  • Wajam: From a Start-up to Massive Spread Adware
Ioana-Andrada Todirica

I am currently working In Brussels for Computer Emergency Response Team (CERT-EU) as an IT Security Administrator.
Previously I worked as an IT System Administrator for the Romanian Ministry of Defense.
Passionate about Information Technology , I graduated from Technical Military Academy with a master's degree in Information Technology Security - Bucharest, Romania
I was always curious about IT , but cybersecurity really caught my attention, by never letting me the chance to get bored and keep me challenged everyday. It soon became an exciting career prospect, with endless opportunities to grow and learn.

  • Trick or treat? Unveil the “stratum” of the mining pools
Jacob Grant

Jacob is a Security Strategist at eSentire, a Cambridge, Ontario based Managed Detection and Response services company.

Jacob has worked within the MDR space for over 8 years in various roles from SOC Analyst, Operations, and Professional Services. Mainly focused on security as it relates to networking, cloud services, and automation.

  • Threat hunting in the cloud
Joan Calvet

Joan Calvet is (almost) a developer and (sometimes) a reverse-engineer, working on JEB decompiler since 2016. He previously worked as ESET as a malware researcher, and presented at conferences such as REcon, and Virus Bulletin.

  • The (Long) Journey To A Multi-Architecture Disassembler
Jonathan Marcil

Jonathan has created over a hundred threat models during his career and enjoys sharing his experience. He currently leads the OWASP Media Project and is a board member of the OWASP Orange County chapter located in beautiful Irvine, California. Originally from Montreal, he was the local chapter leader and was part of NorthSec CTF as a challenge designer specialized in Web and imaginative contraptions. He is passionate about Application Security and enjoys architecture analysis, code review, threat modeling and debunking security tools. Jonathan holds a bachelor's degree in Software Engineering from ETS Montreal and has more than 15 years of experience in Information Technology and Security.

  • Threat Modeling
Kelley Robinson

Kelley works on the Account Security team at Twilio, helping developers manage and secure customer identity in their software applications. Previously she worked in a variety of API platform and data engineering roles at startups in San Francisco. She believes in making technical concepts, especially security, accessible and approachable for new audiences. In her spare time, Kelley is an avid home cook and greatly enjoys reorganizing her tiny kitchen to accommodate completely necessary small appliance purchases.

  • Call Center Authentication
Kelly Villanueva

Kelly is an operator at SpecterOps. She has several years of experience improving the security posture of Fortune 500 companies through adversary simulation and detection activities. Since graduating from the University of Miami School of Business Administration, Kelly has informally continued her studies in behavioral science and economics, and she enjoys applying her abstract ideas to red team operations.

  • Hacking Heuristics: Exploiting the Narrative
Kristin Del Rosso

Kristin Del Rosso is a member of Lookout's Threat Intelligence Team in San Francisco, where she hunts for nation state malware and targeted surveillanceware. She recently spoke at BlackHat Europe on a state-sponsored malware campaign, and continues to work with her team to map out attacker infrastructure and better understand the actors and motives behind these mobile threats. Her happy place combines history, languages and security intelligence.

  • Using Geopolitical Conflicts for Threat Hunting - How Global Awareness Can Enable New Surveillanceware Discoveries
Kurtis Armour

We help architect and deploy solutions to prevent, detect and respond to security incidents. I work on the Field CTO Team at eSentire Inc.

  • Threat hunting in the cloud
Laurent Desaulniers

Laurent is a team lead for a large security consulting firm, based in Montreal. He has conducted over 200 pentesting and red team engagements over the span of 10 years and is still enthusiatic about it. Laurent is also a challenge designer for Northsec and has given talks to CQSI, NCFTA, HackFest, RSI, Montrehack, Owasp Montreal and Northsec. Besides security, Laurent is interested in Lockpicking, magic and pickpocketting.

  • A good list of bad ideas
Lisa Aichele

Lisa is a student in Automation and Mechatronics at the university Hochschule
Furtwangen (HFU), Campus Tuttlingen. With her bachelor thesis she shifted torwards the security field by developing a clang-based fuzzing toolchain. She was both attendee and trainer at Blackhoodie events and likes CTF competitions.

  • Introduction to Return Oriented Programming
Louis Dion-Marcil

Louis Dion-Marcil is a consultant working for Mandiant. He specializes in offensive appsec and pentesting medium to large scale organizations. A seasoned CTF participant and sometimes finalist with the DCIETS team, he has also written challenges for various competitions. His prior research at GoSecure introduced a new class of attack, coined Edge Side Include Injection, which was presented at BlackHat and DEF CON in 2018.

  • Cache Me If You Can: Messing with Web Caching
Marc-andre Labonte
  • Graduated in electrical engineering
  • System administrator for more than 11 years
  • Joined Desjardins penetration testing team in 2016
  • Leveraging UART, SPI and JTAG for firmware extraction
Marc-Etienne M.Léveillé

Marc-Etienne is a malware researcher at ESET since 2012. He specializes in malware attacking unusual platforms, whether it’s fruity hardware or software from south pole birds. Marc-Etienne focused his research on the reverse engineering of server-side malware to discover their inner working and operation strategy. His research led to the publication of the Operation Windigo white paper that won Virus Bulletin’s Péter Szőr Award for best research paper in 2014. While still keeping eyes open on crimeware, he now focuses on the analysis of targeted attacks.

Outside his day job, Marc-Etienne enjoys designing challenges for the NorthSec CTF competition. He is also a co-organiser of the MontréHack monthly event. He presented at multiple conferences including CSAW:Threads, CARO Workshop and Linuxcon Europe. When he’s not one of the organizer, he loves participating in CTF competitions like a partying gentleman. Outside the cyberspace, Marc-Etienne plays the clarinet and read comics. He tweets sporadically at @marc_etienne_.

  • Hunting Linux Malware for Fun and Flags
Martin Lebel


  • Intro to badge soldering
Masarah Paquet-Clouston

Masarah Paquet-Clouston is a security researcher at GoSecure, a PhD student at Simon Fraser University in criminology and one of Canada’s decorated 150 scientific innovators. With her background in economics and criminology, she specializes in the study of markets behind illicit online activities. She published in several peer-reviewed journals, such as Social Networks, Global Crime and the International Journal for the Study of Drug Policy, and presented at various international conferences including WEIS, Virus Bulletin, Black Hat Europe, Botconf and the American Society of Criminology.

  • From Bitcoins Amateurs to Experts: Fundamentals, grouping, tracing and extracting bulk information with open-source tools
Mathieu Saulnier

Mathieu Saulnier is a “Security Enthusiast” ©@h3xstream. He has held numerous positions as a consultant within several of Quebec’s largest institutions. For the last 6 years he has been focused on putting in place a few SOC and has specialized in detection (Blue Team), content creation and mentorship. He currently holds the title of « Senior Security Architect » and acts as “Adversary Detection Team Lead” and “Threat Hunting Team Lead” in one of Canada’s largest carrier. In the last decade, he has taken two separate sabbaticals to travel Africa and Asia.

  • The SOC Counter ATT&CK
Matt Mitchell

Matt Mitchell is a hacker,and the Director of Digital Safety & Privacy, at Tactical Tech (also known as the Tactical Technology Collective). In his work there Matt leads security training efforts, curricula, and organizational security for the organization in their mission to raise awareness about privacy, provide tools for digital security, and mobilize people to turn information into action.

Matt is a well known security researcher, operational security trainer, and data journalist who founded & leads CryptoHarlem, impromptu workshops teaching basic cryptography tools to the predominately African American community in upper Manhattan.

  • Cybersecurity vs the world

Maurelian is a lead security engineer at ConsenSys Diligence, where he works to ensure that Ethereum smart contracts are transparent, trustworthy, and reliable. He helped build a decentralized name registrar for the Ethereum Name Service; authoring the spec and auditing the final implementation. He is a regular writer and speaker on smart contract security. Prior to joining ConsenSys, Maurelian worked at Coinbase.

  • Breaking smart contracts
Norman Shamas

Norman Shamas is a security and privacy harm reduction specialist. They work with activists globally and have a particular focus on sex workers, queer, trans*, and gender nonconforming communities. Norman works an independent consultant and is a member of Open Privacy's board of directors.

  • Safer Online Sex: Harm Reduction and Queer Dating Apps
Olivier Arteau

Olivier Arteau is a security researcher that works for Desjardins. In his early day, he was a web developer and transitioned into the security field during his university. He gave in the last few years a good amount of workshop for the user group MontreHack and is also part of the organization of a few CTFs (Mini-CTF OWASP and NorthSec).

  • Introduction to appliance reverse engineering
Olivier Bilodeau

Olivier Bilodeau is leading the Cybersecurity Research team at GoSecure. With more than 10 years of infosec experience, he enjoys attracting embedded Linux malware, writing tools for malware research, reverse-engineering all-the-things and vulnerability research. Passionate communicator, Olivier has spoken at several conferences like BlackHat USA/Europe, Defcon, Botconf, SecTor, Derbycon, HackFest and many more. Invested in his community, he co-organizes MontréHack, a monthly workshop focused on applied information security, and NorthSec, Montreal's community conference and Capture-The-Flag.

  • Capture-The-Flag 101
Patrick Ventuzelo

Patrick Ventuzelo is a French security researcher specializing in Vulnerability research, Reverse engineering, Security tool development, and Program analysis. Patrick is the author of Octopus, the first Open-source security analysis tool that support WebAssembly and multiple Blockchain Smart Contract to help researchers perform Analysis on closed-source bytecode.

Currently, Patrick is mainly focus on developing automatic Binary Analysis and Transaction Tracking technique for Quoscient GmbH. Previously, he worked for P1 Security, the French Department Of Defense and Airbus D&S Cybersecurity.

Patrick has been Speaker and Trainer at various international security conferences (BlackAlps,, Toorcon, REcon Montreal/Brussels, SSTIC)

  • Reversing WebAssembly Module 101
Paul Rascagnères

Paul is a security researcher within Talos, Cisco’s threat intelligence and research organization. As a researcher, he performs investigations to identify new threats and presents his findings as publications and at international security conferences throughout the world. He has been involved in security research for 7 years, mainly focusing on malware analysis, malware hunting and more specially on Advanced Persistence Threat campaigns and rootkit capabilities. He previously worked for several incident response team within the private and public sectors.

  • DNS On Fire
  • DNS On Fire
Philippe Arteau

Philippe is a security researcher working for GoSecure. His research is focused on Web application security. His past work experience includes pentesting, secure code review and software development. He is the author of the widely-used Java static analysis tool Find Security Bugs. He is also a contributor to the static analysis tool for .NET called Security Code Scan. He built many plugins for Burp and ZAP proxy tools: Retire.js, Reissue Request Scripter, CSP Auditor and many others. He presented at several conferences including Black Hat Arsenal, ATLSecCon, NorthSec, Hackfest (QC), 44CON and JavaOne.

  • Deserialization: RCE for modern web applications
Philippe Lamontagne

Philippe Lamontagne completed his Ph. D. in quantum cryptography from Université de Montréal in 2018. In the year following his graduation, he worked as a machine learning analyst specializing in NLP. He is now a research officer in cybersecurity at Canada's National Research Council.

  • Post-Quantum Manifesto
Philip 'Soldier of FORTRAN' Young

Philip Young, aka Soldier of FORTRAN, is a leading expert in all things mainframe hacking. Having spoken and taught at conferences around the world, including DEFCON, RSA, BlackHat and keynoting at both SHARE and GSE Europe, he has established himself as the thought leader in the mainframe hacking scene. Since 2013 Philip has released tools to aid in the testing of mainframe security and contributed to multiple opensource projects including Nmap, allowing those with little mainframe capabilities the chance to test their mainframes. In addition to speaking, he has built mainframe security programs for multiple Fortune 100 organizations starting from the ground up to creating a repeatable testing program using both vendor and public toolsets. His hope is that through raising awareness about mainframe security more organizations will take their risk profile seriously.

  • Mainframe Hacking in 2019
Shayan Eskandari

Shayan is currently completing his doctoral studies in Information Systems Engineering at Concordia University. He is also working as a security engineer and auditor in ConsenSys Diligence team. He has worked in network and information systems security for several years and has extensive experience as a blockchain engineer in startups as well as contributing to open source projects. He is currently dedicating both his intellectual and professional pursuits towards Blockchain technology. Looking at the technology from an interdisciplinary perspective, Shayan has been working on multiple academic papers varying from exploring the psychology of Blockchain to decentral exchanges.

  • Breaking smart contracts
Silvia Väli

I am currently working as a web application pentester in Clarified Security, which is based in Estonia. Shellcoding, assembly language and understanding the x86-64 bit architecture on its own is something I do for fun aside from also running the TallinnSec IT security meetups in Tallinn, Estonia.

  • 64-bit shellcoding and introduction to buffer overflow exploitation on Linux
Thomas Pornin

Thomas Pornin is a cryptographer, author of the BearSSL library. He works as a consultant for NCC Group, as part of the Cryptography Services team.

  • T1: Secure Programming For Embedded Systems
Warren Mercer

Warren Mercer joined Talos coming from a network security background, having previously worked for other vendors and the financial sector. Focusing on security research and threat intelligence, Warren finds himself in the deep, dark and dirty areas of the Internet and enjoys the thrill of the chase when it comes to tracking down new malware and the bad guys! Warren has spent time in various roles throughout his career, ranging from NOC engineer to leading teams of other passionate security engineers. Warren enjoys keeping up to speed with all the latest security trends, gadgets and gizmos; anything that makes his life easier in work helps!

  • DNS On Fire
  • DNS On Fire
Yamila Vanesa Levalle

Yamila Vanesa Levalle is an Information Systems Engineer, Security Researcher and Offensive Security Professional with more than 15 years of experience in Infosec. Over the years, she has discovered vulnerabilities in various applications and systems.

Yamila currently works as Security Researcher in ElevenPaths (Telefonica Cibersecurity Unit) where she specializes in offensive/defensive techniques, conducts researches, publishes articles on different information security issues and develop security tools in Python. She is an international security conferences speaker and has presented her researches at important events such as OWASP Latam Tour, Infosec UTN and Notpinkcon. She has also taught ethical hacking courses for women, CTF courses for beginners and several information security awareness and training courses and talks.

  • M33tfinder: Disclosing Corporate Secrets via Videoconferences
Yashvier Kosaraju

Yash is a Senior Product Security Engineer at Twilio. He has worked with Box and iSEC Partners in the past. He has been working in security for over half a decade. He has worked in a variety of roles ranging from consulting to enterprise product security teams. He is a seasoned speaker and has presented in BSides SLC 2016, HackMiami 2017 and BSides San Diego 2018, and will be presenting at Troopers 2019

  • Container Security Deep Dive
Yolan Romailler

Yolan is a security researcher delving into (and dwelling on) cryptography, crypto coding, blockchains technologies and other fun things. He has spoken at Black Hat USA, BSidesLV, Cryptovillage and DEF CON, on topics including automation in cryptography, public keys vulnerabilities, or vulnerability research, and presented at FDTC the first known practical fault attack against the EdDSA signature scheme.
Yolan tweets as @anomalroil.

  • One Key To Rule Them All - ECC Math Tricks