NorthSec 2023

Andreanne Bergeron

Andréanne Bergeron has a Ph.D. in criminology from Montreal University and works as a cybersecurity researcher at GoSecure. Acting as the social scientist of the team, she is interested in online attackers’ behaviors. She is an experienced presenter with over 38 academic conferences and is now focusing on the infosec field. She has presented at BSides Montreal, NorthSec and Human Factor in Cybercrime.

  • Q&A Criminology
  • Human versus Machine: The Level of Human Interaction in Automated Attacks Targeting the Remote Desktop Protocol
Arpine Maghakyan

Arpine Maghakyan is the CEO of RedRays.
Her area of expertise is protecting bank applications, ERP systems, and processing software. She has a lot of discovered vulnerabilities in public software such as - Oracle, SAP, Dell.

  • From On-Premises to Cloud: A Comprehensive Analysis of SAP Security Issues
Ashley Manraj

Spearheading the technology and development methodology at Pvotal Technologies centered around event driven asynchronous go gRPC microservices in the backend. In the front-end, we are developing with Flutter cross-platform using the BloC pattern to interact with our backends in gRPC and gRPC-web. Everything orchestrated strictly in infrastructure as code in GKE or locally using K3d.

  • gRPC security with less effort
Charles F. Hamilton (Mr.Un1k0d3r)

Charles Hamilton is a Red Teamer, with more than ten years of experience delivering offensive testing services for various government clients and commercial verticals. In recent years, Charles has focused on covert Red Team operations against complex and secured environments. These operations have allowed him to hone his craft at quietly navigating a client's network without detection. Since 2014, he is the founder and operator of the RingZer0 Team website, a platform focused on teaching hacking fundamentals. The RingZer0 community currently has more than 40,000 members worldwide. Charles is also a prolific toolsmith and speaker in the Infosec industry under the handle of Mr.Un1k0d3r.

  • Q&A Red Team
  • Evasion as a Red Teamer
Charlie Bromberg (Shutdown)

Shutdown (Charlie BROMBERG, @_nwodtuhs) is a penetration testing team leader in the South of France at Capgemini. He specializes in Active Directory. Author of The Hacker Recipes, creator of Exegol, and many other open-source projects and tools (pyWhisker, targetedKerberoast, etc.).

  • Roses are red, violets are blue, S4U bamboozles me, U2U too
Christian Paquin

I am a crypto/security specialist in MSR’s Security and Cryptography team. I’m currently involved in projects related to post-quantum cryptography, such as the Open Quantum Safe project. I’m also leading the development of the U-Prove technology. I’m mostly interested in identity and access management, privacy-enhancing technologies, smart cloud encryption (e.g., searchable and homomorphic encryption), and the intersection of AI and security.

Prior to joining Microsoft in 2008, I was the Chief Security Engineer at Credentica, a crypto developer at Silanis Technology working on digital signature systems, and a security engineer at Zero-Knowledge Systems working on TOR-like systems.

  • The quantum clock is ticking… get ready!
David Décary-Hétu

Prof. David Décary-Hétu has a Ph.D. in criminology from the Université de Montréal (2013). He first started as a Senior Scientist at the School of Criminal Sciences of the Université de Lausanne before moving to his current position as an Associate Professor at the School of Criminology of the Université de Montréal. The main research interests of Prof. Décary-Hétu focus on the impacts of technology on crime. Through his innovative approach based on big and small data, as well as social network analysis, Prof. Décary-Hétu studies how offenders adopt and use technologies, and how that shapes the regulation of offenses, as well as how researchers can study offenders and offenses. Prof. Décary-Hétu is the Chair of the Darknet and Anonymity Research Centre (DARC) that was funded by the John R. Evans Leaders Funds from the Canada Foundation for Innovation. His team collects and studies data from all types of offenders who use anonymity technologies such as the darkweb, cryptocurrencies and encryption. Prof. Décary-Hétu has received funding from both public and private grantors operating at the local, provincial, federal and international level. He has published in leading academic journals and is invited regularly in the news media to comment on recent events. Prof. Décary-Hétu is involved in many partnerships and initiatives including Open Criminology, the revue Criminologie, the Division of Cybercrime of the American Society of Criminology and the Human-Centric Cybersecurity Partnership. Prof. Décary-Hétu has presented at CanSecWest, H.O.P.E., ThotCon and Hackfest, and is a co-organizer of the BSides Montreal conference.

  • Too Anonymous To Prosecute? Survey And Interviews on Shadow Phones
  • Q&A Criminology
Dirk-jan Mollema

Dirk-jan Mollema is a hacker and researcher of Active Directory and Azure AD security. In 2022 he started his own company, Outsider Security, where he performs penetration tests and reviews of enterprise networks and cloud environments. He blogs at, where he publishes his research, and shares updates on the many open source security tools he has written over the years. He presented previously at TROOPERS, DEF CON, Black Hat and BlueHat and has been awarded as one of Microsoft’s Most Valuable Researchers multiple times.

  • (Windows) Hello from the other side
  • Q&A Vulnerability Research
Dr Nestori Syynimaa

Dr Nestori Syynimaa is one of the leading Azure AD / M365 experts in the world and the developer of the AADInternals toolkit. He has worked with Microsoft cloud services for over a decade and has been MCT since 2013, MVP since 2020, and awarded Microsoft Most Valuable Security Researcher for 2021. Currently, Dr Syynimaa works as a Senior Principal Security Researcher for Secureworks Counter Threat Unit. Before moving to his current position, Dr Syynimaa worked as a CIO, consultant, trainer, researcher, and university lecturer for almost 20 years.

Dr Syynimaa has spoken in many international scientific and professional conferences, including IEEE TrustCom 2018, Black Hat Arsenal USA 2019, Black Hat Arsenal Europe 2019 and 2021, and RSA Conference 2022

  • Tokens, everywhere!
Émilio Gonzalez

Émilio works in a blue team at a large Canadian organization. He loves to participate in CTFs and create challenges to introduce people to some defensive aspects of cybersecurity. He's a co-organizer for MontréHack, a monthly CTF workshop in Montréal (duh). If you see him in a bar someday, do not approach him or he'll probably start a rant about tabs being the superior indentation character or about how cars ruin cities.

  • Willy Wonka and the Detection Factory: Detection Engineering without Alert Fatigue
  • Q&A Detection
Florencia Herra-Vega

VP-Conference @ NorthSec

  • Welcome to NorthSec 2023!
François Proulx

François is a Senior Product Security Engineer for BoostSecurity, where he leads the Supply Chain research team. With over 10 years of experience in building AppSec programs for large corporations (such as Intel) and small startups he has been in the heat of the action as the DevSecOps movement took shape. François is one of founders of NorthSec and was a challenge designer for the NorthSec CTF.

  • Broken links - Behind the scenes of Supply Chain breaches
Guillaume Caillé

Guillaume Caillé is leading the penetration testing team at OKIOK. He also holds a bachelor's degree in Information Technology Engineering from the École de Technologie Supérieure (ÉTS) with a specialization in security.
A true passionate of offensive security, Guillaume specializes in malware development, red teaming and incident response. This experience has enabled him to develop and maintain bleeding edge techniques and tools to stay ahead of all aspects of a company's defense mechanisms.

  • Q&A Red Team
  • Thwarting Malware Analysis: Integrating Established and Novel Techniques
Harry Hayward
  • An Introduction to Continuous Security Testing
Hugo Genesse

Co-VP Conference @ NorthSec

  • Welcome to NorthSec 2023!
Ivan Kwiatkowski

An OSCP and OSCE-certified penetration tester and malware analyst working as a Senior Security Researcher in the Global Research and Analysis Team (GReAT) at Kaspersky Lab since 2018. Also delivers Kaspersky’s reverse-engineering trainings in Europe. Ivan maintains an open-source dissection tool for Windows executables and his research was presented during several cybersecurity conferences. As a digital privacy activist, he also operates an exit node of the Tor network.

  • Go reverse-engineering workshop
Jared Atkinson

Jared is a security researcher who specializes in Digital Forensics and Incident Response. Recently, he has been building and leading private sector Hunt Operations capabilities. In his previous life, Jared lead incident response missions for the U.S. Air Force Hunt Team, detecting and removing Advanced Persistent Threats on Air Force and DoD networks. Passionate about PowerShell and the open source community, Jared is the lead developer of PowerForensics, Uproot, and maintains a Detection Engineering focused blog at

  • Q&A Detection
  • Malware Morphology for Detection Engineers
Jeff Yates

Jeff Yates is a journalist with Radio-Canada's Décrypteurs. He has been covering online harms, such as disinformation, scams and extremism, since 2014.

  • Scams: a generative AI use case
Jonathan Johnson

Jonny is a security enthusiast who loves spending time with all things related to Windows Internals, reverse engineering, and data analysis. Jonny applies threat research and low-level knowledge to defensive capabilities, arming defenders with the information and tools needed to cover defensive gaps. Jonny loves to share his actionable findings in blogs ( and is committed to helping defenders be effective, independent, and efficient.

  • Malware Morphology for Detection Engineers
Laurent Desaulniers

Laurent Desaulniers is an amateur in most things, CTF challenge designer and speaker at a few conferences.

  • Q&A Red Team
  • Deception for pentesters
Lilly Chalupowski

While I may not have Alphabet Soup for a headline, let me show you what I can do based on my community contributions! I started my career after I hit rock bottom being a single mom who moved back to live with my parents. This was after dropping out of computer science in university, my professors told me I would not be good enough to get a job in computers. I had lost all passion for what I loved and hoped for the future. I worked with my case worker (social assistance program) and they helped me gain the confidence to try computers again. I was able to tech myself programming and other computer science concepts on my own time (online courses). With this, I was able to regain my confidence regarding computers. I then became really interested in offensive security and applied to work at a cyber security company. I started as an entry-level analyst and worked my way up to starting my own threat research and detection department. I taught myself how to reverse engineer malware from scratch along the way and have not looked back since. If I can train an English teacher to reverse engineer malware, I have the confidence I can train anyone to get the task done. If you are looking for someone to lead your threat research and detection team who has done each job on the way up to the top, I might be the one you are looking for. Since then, I've presented research all across North America, appeared on TV as an expert twice and have not looked back. I love reverse engineering, malware analysis, detecting threat actors, the thrill of the hunt, mentoring other women who want to get into cyber security and most importantly, my family and the wonderful people on my team who have grown so much in their careers

  • Malware Reverse Engineering Workshop
Logan MacLaren

Logan has been a cybersecurity enthusiast since getting online in the 90s and currently focuses on helping grow GitHub’s Bug Bounty program. During his free time, Logan dabbles in powerlifting, CTFs, and retro gaming.

  • Behind the Scenes in GitHub Bug Bounty
Magno Logan

Magno Logan works as an Information Security Specialist for Trend Micro. He specializes in Cloud, Container, and Application Security Research, Threat Modelling, and DevSecOps. In addition, he has been tapped as a resource speaker for numerous security conferences around the globe.

  • Abusing GitHub for fun and profit: Actions and Codespaces Security
Marc-André Labonté

Marc-andre Labonte was a system administrator for more than a decade at the McGill Genome Center while it was known as the McGill University and Genome Quebec Innovation Center. There, he took part in the design, deployment, operation and maintenance of the data center as it went through multiple upgrade cycles to accommodate ever powerful high throughput genome sequencers coming to market.

Then, he joined the ETTIC team at Desjardins in 2016 as infrastructure penetration tester. Currently doing research and testing on IOT devices, he also presented "Automated contact tracing experiment on ESP Vroom32" workshop at NSEC in 2021. His work is motivated by curiosity and a strong sense of personal privacy in a world of connected devices and data hungry organizations.

  • Analyse dynamique de pilotes Windows
Martin Dubé

Martin spends his day meeting in the day and in his basement in the evening. Passionate about the field of Hacking for 15 years, he has an interest in technical challenges, in particular malware development, evasion of defense controls and process automation. He was involved as a Challenge Designer in the CTF of Hackfest for 7 years and NorthSec for 1 year. Currently, Martin leads a large Ethical Hacker department where he strives to innovate every day so that offensive security talents are better used today.

  • Q&A Red Team
Masarah Paquet-Clouston

Masarah Paquet-Clouston is a professor at Université of Montréal and a collaborator at the Stratosphere Laboratory. She holds a Ph.D. in criminology from Simon Fraser University and is specialized in the study of profit-driven crime enabled by technologies. In the past, she worked five years as a researcher at the private cybersecurity firm GoSecure. She presented the results of her research at various international conferences including NorthSec, Black Hat USA, DEF CON, CERT-EU, RSA, HackFest, and Virus Bulletin.

  • Q&A Criminology
Mathieu Saulnier

Mathieu Saulnier is a “Security Enthusiast” and a Core Mentor for Defcon's Blue Team Village.
He is currently "Director Threat Research" at Sumo Logic where he focuses on research, threat hunting and adversary detection.
In the last 2 decades, he worked for one of the largest carrier in Canada as Sr Security Architect and held numerous positions as a consultant within several of Quebec’s largest institutions. Since 2020 he took his mentoring engagement to the next level by joining the Blue Team Village Mentor Program. He loves to give talks and has had the honor to do so at Derbycon, SANS DFIR Summit, Defcon’s BTV, NorthSec, GrayHat, GoSec and some BSides.

  • Q&A Detection
  • Password <del>Audit</del> Cracking in AD: The Fun Part of Compliance
Matt Cheung

Matt Cheung started developing his interest in cryptography during an internship in 2011. He worked on implementation of a secure multi-party protocol by adding elliptic curve support to an existing secure text pattern matching protocol. Implementation weaknesses were not a priority and this concerned Matt. This concern prompted him to learn about cryptographic attacks from Dan Boneh's crypto 1 course offered on Coursera and the Matasano/cryptopals challenges. From this experience he has given workshops at the Boston Application Security Conference, BSidesLV, DEF CON, and the Crypto and Privacy Village.

  • Introduction to Cryptographic Attacks
Matthieu Faou

Matthieu Faou is a senior malware researcher at ESET where he specializes in researching targeted attacks. His main duties include threat hunting and reverse engineering of APTs. He finished his Master’s degree in computer science at École Polytechnique de Montréal and at École des Mines de Nancy in 2016. In the past, he has spoken at multiple conferences including BlueHat, Botconf, CYBERWARCON, RECON and Virus Bulletin.

  • Asylum Ambuscade: Crimeware or cyberespionage?
  • Q&A Malware

Je me présente, mon nom est Marc Dovéro, j'ai été responsable technique d'un opérateur internet Européen, puis CISO ou Architecte Cyber dans des entités gouvernementales ou privées en France et au Québec. Je travaille actuellement dans l'industrie dans le domaine militaire.

  • Vulnérabilités des réseaux overlays VxLan dans les datacenters.
Melanie Théorêt

Mélanie Théorêt is a bachelor's student in Criminology at the University of Montreal. She is currently a research assistant at the School of Criminology at the University of Montreal and an intern for the Research Chair in Cybercrime Prevention. Mélanie is working on various research projects focused on cybercrime, online fraud, and the impacts of technology on crime.

  • Too Anonymous To Prosecute? Survey And Interviews on Shadow Phones
Mike Saunders

Mike Saunders has over 25 years of experience in IT and security and has worked in the ISP, financial, insurance, and agribusiness industries. He has held a variety of roles in his career including system and network administration, development, and security architect. Mike has been performing penetration tests for a decade. Mike is an experienced speaker and has spoken at DerbyCon, Wild West Hackin’ Fest, regional BSides conferences, the NDSU Cyber Security Conference, and SANS and Red Siege webcasts.

  • Roll for Stealth: Evading AV/EDR Entropy Checks
Nicolas Grégoire

Nicolas Grégoire has been auditing web apps for 20 years. He is an official Burp Suite Pro trainer since 2015, and has trained nearly a thousand people since then, either privately or at public events. Other of that, he runs Agarri, a one-man business where he looks for security vulnerabilities for clients and for fun. His public talks (covering SSRF, XSLT, Burp Suite, ...) have been presented at numerous conferences around the world.

  • Burp Suite Pro tips and tricks, the sequel
Octavia Hexe

Octavia is a Principal Security Engineer at Prelude. Previously, they have worked in security roles at Ubisoft and as a volunteer with non-profits countering disinformation.

  • An Introduction to Continuous Security Testing
Olaf Hartong

Olaf Hartong is a security researcher at FalconForce and a Microsoft Security MVP. He specialises in understanding the attacker tradecraft and thereby improving detection capabilities. He has a varied background in blue and purple team operations, network engineering, and security transformation projects.

  • Q&A Detection
  • Infrastructure as Code, Automation, and Testing: The Key to Unlocking the Power of Detection Engineering
Olivier Bilodeau

Olivier Bilodeau is leading the Cybersecurity Research team at GoSecure. With more than 13 years of infosec experience, he enjoys luring malware operators into his traps, writing tools for malware research and vulnerability research. Olivier is a passionate communicator having spoken at several conferences including BlackHat, Defcon, Botconf, NorthSec, Derbycon, and HackFest. Invested in his community, he co-founded MontréHack, a monthly workshop focused on hands-on CTF problem solving, and NorthSec, a large non-profit conference and CTF based in Montreal which you may have heard of.

  • 10 years of NorthSec if you count from 0
  • Capture-The-Flag 101
Philippe Pépos Petitclerc

After particularly enjoying his master's degree on symbolic execution of binary software, Philippe is now a PhD Candidate obsessing over automatic antivirus evasion. He spent a few years working as a Pentester, Red Teamer, Blue Teamer and more recently University Lecturer. He is a founding member of Résilience Coop, a newly born cooperative striving to help industries re-appropriate and comprehend their detection frameworks. Last but not least, he is a member of the Eternal Seconds, Hubert Hackin' CTF team.

  • Q&A Vulnerability Research
Pierre-Marc Bureau

Pierre-Marc Bureau est responsable de la sous équipe de TAG qui se concentre sur les attaques informatiques motivées financièrement. Son équipe et lui sont basés à Montréal, ils se spécialisent en rétro ingénierie et analyse de codes malveillants.

Pierre-Marc compte plus de 15 ans d’expertise en sécurité informatique. Avant de se joindre à Google, Pierre-Marc a travaillé chez Dell SecureWorks et à ESET. Il a été présentateur dans plusieurs événements internationaux incluant BlackHat, Recon et Virus Bulletin.

  • Q&A Malware
Rémi Langevin

Rémi has been working in a blue team for a few years as a threat hunter and developper.

He also thinks that tab could be a great indentation character but everybody's using spaces. As such it is more practical to use spaces.

  • Willy Wonka and the Detection Factory: Detection Engineering without Alert Fatigue
  • Q&A Detection
Roberto Rodriguez

Roberto Rodriquez is a Principal Security Researcher at the Microsoft Security Research organization. He is the founder of the Open Threat Research (OTR) community and author of several open-source projects, such as the Threat Hunter Playbook, OSSEM, SimuLand, ATT&CK Python Client, Security Datasets, and more. You can find all his contributions to the InfoSec community in the open OTR GitHub repository and can follow him in Twitter @Cyb3rWard0g.

  • Empowering Security with Generative AI: Fundamentals and Applications of GPT models
Ron Bowes

During the day, Ron Bowes is a lead vulnerability researcher at Rapid7, where his job is to perform deep-dive analyses of publicly disclosed vulnerabilities, as well as to find (and report) his own. His previous role at Counter Hack Security was combo pentester / CTF developer.

In his free time, he runs (and writes challenges for) the BSides San Francisco CTF and is a lead organizer for The Long Con security conference in Winnipeg. When he's not doing infosec work, his biggest hobbies are rockclimbing and video games (current game: Slay the Spire!)

  • To the moon and back: How we found and exploited a series of critical vulns in an RPC server
  • Q&A Vulnerability Research
Sarah Kraynick

Sarah Kraynick BA, CISSP

Sarah Kraynick is a long-time hacker. She spent her youth hacking electronics, well really any system she could get her hands on. She later would graduate University and go onto work in the tech industry. She spent the better part of 10 years as a software engineer with a keen interest in security engineering. She had a foray into tech entrepreneurship and learned much about privacy and security of PHI. For the last 5 or so years her main focus has been on cyber security; she primarily worked on the offensive side of the house. Her research interests include cryptography, malware, reverse engineering and apparently cyber warfare. Sarah is currently working towards her CISSP-ISSEP… in the future she hopes to finally get her masters.

  • Democratizing (cyber) warfare and the battle for Ukraine. Tactics, techniques and methods for effective offensive cyber operations.
Suchakra Sharma

Suchakra Sharma is the Chief Scientist at Privado where he helps build code analysis tools for data privacy and data security. He completed his Ph.D. in computer engineering from Polytechnique Montréal where he worked on eBPF technology and hardware-assisted tracing techniques for OS analysis. For the last six years, Suchakra has been working on enhancing static analysis tooling for fixing security bugs at scale. He has delivered talks and trainings at venues such as USENIX LISA, Enigma, SCALE, RSA, BlackHat Arsenal, Papers We Love, NorthSec etc. When not playing with computers, he develops film photographs and writes poems.

  • Privacy through the lens of code
Suweera De Souza

Suweera has over a decade of experience in reversing malware and botnet analysis. She previously volunteered giving a BlackHoodie workshop at NorthSec and workshops for CyberAegis, a local community in Montreal. Currently Suweera is employed as a Senior Security Researcher at CrowdStrike where she focuses on botnets such as Bumblebee and BokBot.

  • Q&A Malware
  • Tracking Bumblebee’s Development
Sylvain Pelissier

Cryptography expert in the research team at Kudelski Security. His favorite topics are Cryptography, Hardware attacks and vulnerability research in general. He worked on security of Cryptography algorithms implementations on different platforms as well as on critical code security audits. He like playing and organizing CTFs.

  • Practical exploitation of cryptographic flaws in Windows

Vahagn Vardanyan is the CTO of RedRays.

His expertise includes protecting vital business applications, including ERP, CRM, SRM, banking, and processing software. He is a well-known authority on enterprise application security, including SAP and Oracle. He published many vulnerabilities, and SAP routinely thanks him for them.

The author of numerous whitepapers and surveys on SAP security research is Vahagn. He has received invitations to present at many conferences worldwide, including Troopers, Owasp, and others.

  • From On-Premises to Cloud: A Comprehensive Analysis of SAP Security Issues
Vicky Desjardins

I am an English lit major turned criminologist turned cyber threat intelligence analyst. I'm an eternal optimist that research can make the world a better and safer place for all so that is what I do. I get crazy ideas, turn them into research projects and figure out later if it's actually possible. Let's see if this one will work out.

  • Q&A Criminology
  • Checkmate: using game theory to study the evolution of ransomware
Yolan Romailler

Yolan is an applied cryptographer at Protocol Labs delving into (and mostly dwelling on) cryptography, secure coding, and other fun things. He has previously spoken at Black Hat USA, BSidesLV, Cryptovillage, NorthSec, GopherConEU, and DEF CON on topics including automation in cryptography, public keys vulnerabilities, elliptic curves, post-quantum cryptography, functional encryption, open source security, distributed randomness, and more! He introduced the first practical fault attack against the EdDSA signature scheme and orchestrated the full disclosure with the code of the CurveBall vulnerability. Nowadays he's working on the distributed randomness project, drand, studying pairing-based cryptography, distributed key generation, and threshold systems. His most recent work was focused around Timelock Encryption.

  • Practical exploitation of cryptographic flaws in Windows
zunaira zaman

Zunaira Zaman is a Research Engineer at Synopsys Inc. with a keen interest in utilizing Machine Learning for automating software security. With a Joint Master's degree from Maynooth University, Ireland, and the University of Lorraine, France, and prior experience as a research intern at Inria, France, Zunaira brings a diverse skillset to her work. Her focus on leveraging ML to drive business growth and enhance user experiences is matched by her dedication to staying up-to-date with the latest industry trends through continuous professional development.

  • Profiling Risky Code using Machine Learning