NorthSec 2024

Adrien Lasalle

Formerly a firefighter in France 🇫🇷 🚒, I decided to pursue my passion for IT and especially offensive cybersecurity. Now a Pentester in Montreal 🇨🇦 for almost 3 years and an active member of HackersWithoutBorders North America, I am gradually specializing in internal and network intrusion testing.

Sharing our passion for this field, whether for awareness or education, is an important mission for me!

Feel free to contact me to discuss cyber or anything else over a beer :D 🍻

  • Hardware Q&A
  • Hardware Hacking Curiosity
AJ Jarrett

AJ Jarrett is the Incident Response Director for the Threat Management Center at DTCC. Prior to joining DTCC, AJ worked for over 15 years in various IT and cybersecurity roles including defense, compliance, assessments, and incident response. In addition to his work at DTCC, AJ is also an Adjunct Instructor at the Texas A&M Engineering Extension Service and volunteers with various educational initiatives to help bring cybersecurity knowledge to as many people as possible.

  • Cyber Incident Command System: A Firefighter's Approach to Managing Cyber Incidents
Alexandre Côté

Alexandre is a malware researcher at ESET since 2021. Working with the Montreal team, his research is focused on tracking APT groups and their toolsets.

He has previously presented about APTs and attribution at Botconf, Sleuthcon, Hackfest, and BSidesMTL. He is also involved in mentoring students getting started in infosec.
His interests include operating systems fundamentals, writing shell scripts to automate tasks that don't always need to be automated, and brewing beer.

  • Reverse-Engineering Nim Malware: Or a brief tale of analyzing the compiler for a language I had never used
  • Malware Q&A
Alexis Dorais-Joncas

Alexis Dorais-Joncas is the Senior Manager of Proofpoint’s APT research team, where he and his team of threat researchers and intelligence analysts focus on tracking the most elusive state-sponsored threat actors and ensuring Proofpoint customers are protected against these persistent attackers.
Prior to joining Proofpoint, Alexis led ESET’s Montreal-based R&D branch office for over 10 years, where his team focused on malware research, network security and targeted attacks tracking. Alexis is an established speaker on current cyberthreats, having spoken in front of diverse audiences at events such as Northsec, Bluehat, Botconf, First CTI, Sector and Rightscon. He has also been quoted in several security and technical media such as Wired, ITWorldCanada and Ars Technica, with broadcast appearances on Radio-Canada and Skynews.
Alexis holds an M. Sc. in Electrical Engineering from the University of Sherbrooke in Canada.

  • Will the real attribution please stand up?
  • Malware Q&A
Ben Gardiner

Mr. Gardiner is an independent consultant at Yellow Flag Security, Inc. presently working to secure commercial transportation at the NMFTA and connected transportation with TMNA. With more than ten years of professional experience in embedded systems design and a lifetime of hacking experience, Gardiner has a deep knowledge of the low-level functions of operating systems and the hardware with which they interface. Prior to YFS Inc., Mr. Gardiner held security assurance and reversing roles at a global corporation, as well as worked in embedded software and systems engineering roles at several organizations. He holds a M.Sc. Eng. in Applied Math & Stats from Queen’s University. He is a DEF CON Hardware Hacking Village (DC HHV) and Car Hacking Village (CHV) volunteer. He is GIAC GPEN certified and a GIAC advisory board member, he is also chair of the SAE TEVEES18A1 Cybersecurity Assurance Testing TF (drafting J3061-2), contributor to several ATA TMC task forces, ISO WG11 committees, and a voting member of the SAE Vehicle Electronic Systems Security Committee. Mr. Gardiner has delivered workshops and presentations at several world cybersecurity events including the Cybertruck Challenge, GENIVI security sessions, Hack in Paris, HackFest and DEF CON main stage.

  • How crypto gets broken (by you)
Benoit Cote-Jodoin

Benoît Côte-Jodoin is a Senior Product Security Engineer at BoostSecurity researching software supply chain security. Former active CTF player, he now designs challenges for the NorthSec CTF competition.

  • AppSec Q&A
  • Under the Radar: How we found 0-days in the Build Pipeline of OSS Packages
Berenice Flores

As a senior penetration tester at Bishop Fox, Berenice focuses on application security and cloud penetration testing (AWS). In the past year, Berenice has worked in security research against frameworks in the cloud. Berenice holds many cybersecurity certifications including Offensive Security Certified Professional (OSCP), Off-Sec Web Assessor (OSWA) and Offensive Security Wireless Professional (OSWP).
When she's not finding bugs, Berenice enjoys attending hacking conferences and collecting stickers, pins and token coins.

  • Machine Learning Q&A
  • With Great gAIn Comes Greater Security Issues - When ML Frameworks' Scale for Growth Incorporates Security Risks to Users' Cloud Accounts
Camille Felx Leduc

Ms. Felx Leduc is an ICS Senior Security Consultant in Mandiant’s Canadian practice. As part of the ICS Services team, Camille supports clients with better securing their ICS networks, analyzes client networks for threats, and supports clients with strategic assessment, roadmap development, and initiative implementation, including Security Program Assessments, and threat modeling.

  • Unveiling the OT Threat Landscape
Charl-alexandre Le Brun

Je suis un passionné de l'informatique, ce domaine est ma passion et mon métier.
Je fais des tests d'intrusion depuis quelques années et sur le côté j'aime entreprendre des recherches ou des projets.
Que ce soit identifié des vulnérabilités ou construire des outils, je vais toujours suivre ma curiosité.

  • Exploiter Ansible WorX et tout le reste
Charles F. Hamilton (Mr.Un1k0d3r)

Charles Hamilton also known as Mr.Un1k0d3r is a Red Teamer, with more than twelve years of experience delivering offensive testing services for various government clients and commercial verticals. In recent years, Charles has focused on covert Red Team operations against complex and secured environments. These operations have allowed him to hone his craft at quietly navigating a client's network without detection. Since 2014, he is the founder and operator of the RingZer0 Team website, a platform focused on teaching hacking fundamentals. The RingZer0 community currently has more than 40,000 members worldwide. Charles is also a prolific toolsmith and speaker in the Infosec industry under the handle of Mr.Un1k0d3r.

  • Browser is the new LSASS
  • Red Team Q&A
Charlie Bromberg (Shutdown)

Creator of The Hacker Recipes and Exegol.
Creator or contributor to many other projects.
Leading ethical hacking offerings for Capgemini France.
Passionate about Active Directory.

  • Mastering Exegol
Christian Paquin

I’m cryptography and security engineer at Microsoft Research where I aim to bring new research innovations closer to reality. My work focuses lately on privacy-preserving identity, post-quantum cryptography, and content origin and authentication (especially surrounding the work of the C2PA in which I’m a member of the technical working group). Prior to joining Microsoft I was a crypto developer at Zero Knowledge Systems developing a TOR-precursor mixnet and the Chief Security Engineer at Credentica.

  • Human in the Middle Q&A
  • Real or fake? Tools to fight online disinformation
Cindy Xiao

Cindy Xiao is a security researcher who works primarily on malware reverse engineering, in support of cyber threat intelligence reporting. Cindy enjoys learning from other security practitioners (both offensive and defensive), developing tools to help with analysis, and mentoring others.

  • Reversing Rust Binaries: One step beyond strings
Corinne Pulgar

Corinne Pulgar brings a unique blend of technical expertise and social awareness to the field of digital security. With a Master's in Software Engineering from École de Technologie Supérieure (ETS) and a Bachelor's in Computer Science from Université du Québec à Montréal (UQAM), they possess a deep understanding of software development and security. They have shown a steadfast commitment to education through their contributions as a project manager and InfoSec at Lab2038 and a teaching assistant and lecturer at multiple institutions, including McGill University, ETS and UQAM. Her ability to translate complex technical concepts into accessible knowledge has made them a sought-after lecturer and mentor.

Corinne’s research, presented at conferences and published in journals, focuses on model-driven software engineering and DevOps, demonstrating their innovative approach to software development. Their work at the intersection of technology and inclusivity reflects their dedication to leveraging their technical expertise for social good, specifically in enhancing digital privacy and security for vulnerable groups. Their unique perspective, combining technical acumen with a passion for social impact, makes them an ideal speaker to address the critical issue of digital privacy in the context of IPV.

  • Redefining Digital Security: A New Approach for IPV Victims
Dekel Paz

Security Researcher with over 15 years of experience in Cybersecurity and software development. I’ve been on both sides of the fence – leading Offensive and Defensive security teams in the past.

  • Prevent First, Detect Second: An Open-Source Approach

Pronouns: he/him

I'm a lifelong hacker and avid selfhoster/homelabber who works a day job pentesting.
On the side, I build CTF challenges and occasionally even go outside to see the world.

  • AppSec Q&A
  • API: Alternate Pathway to Injection
François Labrèche

François is a Research Lead at Secureworks, who focuses on applying machine learning approaches to research problems related to security alerts and vulnerabilities. He focuses on using machine learning to improve the prioritization of alerts and vulnerabilities, in the context of XDR and vulnerability management. He has a PhD from École Polytechnique de Montréal, and has published research papers on the topics of spam detection, malware analysis and machine learning applied to cybersecurity.

  • Machine Learning Q&A
François Proulx

François is a Senior Product Security Engineer for BoostSecurity, where he leads the Supply Chain research team. With over 10 years of experience in building AppSec programs for large corporations (such as Intel) and small startups he has been in the heat of the action as the DevSecOps movement took shape. François is one of founders of NorthSec and was a challenge designer for the NorthSec CTF.

  • AppSec Q&A
  • Under the Radar: How we found 0-days in the Build Pipeline of OSS Packages
Greg Lesnewich

Greg Lesnewich is a Senior Threat Researcher at Proofpoint, focused on identifying, tracking, detecting, and disrupting malicious activity linked to North Korea and Russia. Greg has a background in threat intelligence, incident response, and managed detection, previously working at Recorded Future, Leidos, and NCFTA, with experience in developing methods of tracking espionage and state-sponsored activity. Greg enjoys the topics of weird forensic artifacts, measuring malware similarity, YARA, and infrastructure tracking.

  • Will the real attribution please stand up?
  • Malware Q&A
Ignacio Navarro

Ignacio Navarro, an Ethical Hacker and Security Researcher from Cordoba, Argentina. With around 6 years in the cybersecurity game, he's currently working as an Application Security. Their interests include code analysis, web application security, and cloud security.
Speaker at Hackers2Hackers, Security Fest, BSides, Diana Initiative, Hacktivity Budapest, 8.8, Ekoparty.

  • Insert coin: Hacking arcades for fun
John Stoner

John Stoner is a Global Principal Security Strategist at Google Cloud and leverages his experience to improve users' capabilities in Security Operations, Threat Hunting, Incident Response, Detection Engineering and Threat Intelligence. He blogs on threat hunting and security operations and has built multiple APT threat emulations for blue team capture the flag events. John has presented and led workshops at various industry symposia including FIRST (CTI, Tech Colloquium), BSides (SF, Las Vegas), SANS Summits (DFIR, Threat Hunting, Cloud and SIEM), WiCyS, Way West Hacking Fest, AISA and DefCon Packet Hacking Village. He also enjoys listening to what his former teammates referred to as "80s sad-timey music."

  • GraphRunner and Defending Your Microsoft Tenant
Kai Iyer

Kai is a Senior Security Engineer at EY's Cyber Threat Management team and manages Applied Machine Learning and Security Engineering. He holds multiple certifications and has extensive knowledge in various domains, including Web-App Development, Data Science, Incident Response, DevSecOps and Purple Teaming. He is also an advocate for open source software and data privacy. He dreams of a world where no one clicks on phishing e-mails.

  • Jupyter Jetpack: Automating Cloud Threat Hunting
Laurent Desaulniers
  • Red Team Q&A
Logan MacLaren

Logan is a Senior Product Security Engineer at GitHub where he focuses on the success of their Bug Bounty program. When not hacking on GitHub itself, Logan can be found doing security research focused on open source projects, or learning and refining new skills with CTF challenges!

  • What's New is Old - Parallels of OWASP's Top 10 for LLMs and Web Applications
  • Machine Learning Q&A
Louis Melançon

Titulaire d’une maîtrise en mobilisation et transfert des connaissances de l’Institut national de la recherche scientifique, Louis a toujours cherché à combiner son intérêt pour le transfert des connaissances à sa passion pour la recherche et l’impact des nouvelles technologies. Après avoir poursuivi ses études universitaires en s’intéressant à la vulnérabilité Heartbleed et son impact sur les pratiques de sécurité, Louis a collaboré avec plusieurs organismes de mobilisation des connaissances tels que Serene-risc et Research Impact Canada. Ayant récemment joint l’équipe du soutien à la recherche chez Ivado, cette présentation est l’occasion pour Louis de revisiter le sujet qui l’a passionné pendant des années.

Holder of a master's degree in knowledge mobilization from INRS, Louis has always sought to combine his interest in knowledge transfer with his passion for research and the impact of new technologies. After continuing his university studies focusing on the Heartbleed vulnerability and its impact on security practices, Louis collaborated with several knowledge mobilization organizations such as Serene-risc and Research Impact Canada. Having recently joined the research support team at Ivado, this presentation is an opportunity for Louis to revisit the subject that has fascinated him for years.

  • Heartbleed, ten years later
Mangatas Tondang (@tas_kmanager)

Tas has spent the last five years immersed in the worlds of threat hunting, detection engineering, and security research. Currently, he's making changes at Microsoft, specializing in cloud security research. Beyond his professional endeavors, Tas is a passionate contributor to the cybersecurity community, holding roles in the DFIR report and Curated Intelligence. He's also no stranger to the stage, having presented at various conferences around the globe, to name a few SANS Summits and DEF CON BTV. When he's not navigating the digital landscape, Tas enjoys the art of astrophotography and embarking on spontaneous adventures across the globe exploring landscapes and cuisines.

  • Double Trouble: Unmasking Twin Phishing Campaigns Targeting E-commerce and Travel Sites
Marc-André Labonté

Marc-andre Labonte was a system administrator for more than a decade at the McGill Genome Center while it was known as the McGill University and Genome Quebec Innovation Center. There, he took part in the design, deployment, operation and maintenance of the data center as it went through multiple upgrade cycles to accommodate ever powerful high throughput genome sequencers coming to market.

Then, he joined the ETTIC team at Desjardins in 2016 as infrastructure penetration tester. Currently doing vulnerability research on IOT devices, he also presented "Automated contact tracing experiment on ESP Vroom32" workshop at NSEC in 2021. His work is motivated by curiosity and a strong sense of personal privacy in a world of connected devices and data hungry organizations.

  • Toolbox for reverse engineering and binary exploitation
  • Hardware Q&A
Marc-Etienne M.Léveillé

Marc-Etienne is a malware researcher at ESET since 2012. He specializes in
malware attacking unusual platforms, whether it’s fruity hardware or software
from south pole birds. Marc-Etienne focused his research on the reverse
engineering of server-side malware to discover their inner working and
operation strategy. His research led to the publication of the Operation
Windigo white paper that won Virus Bulletin’s Péter Szőr Award for best
research paper in 2014. He
presented at multiple conferences including RSAC, FIRST, 44con, CARO and
Linuxcon Europe. When he’s not one of the organizer, he loves participating in
CTF competitions like a partying gentleman. Outside the cyberspace,
Marc-Etienne plays the clarinet and read comics.

Marc-Etienne est chercheur en logiciels malveillants chez ESET depuis 2012. Il
se spécialise dans les logiciels qui ciblent les plateformes inhabituelles,
comme les ordinateurs avec des pommes ou des pingouins. Durant les dernières
années, Marc-Etienne s'est concentré sur la rétro-ingénierie de logiciels
malveillants s'attaquant aux serveurs, Ă  la fois pour comprendre leurs
fonctionnements et comment ils sont utilisés. Ses recherches ont mené à la
publication du rapport Operation Windigo qui s'est mérité le prix Péter Szőr
Award à Virus Bulletin pour meilleur rapport de recherche en 2014. Il a présenté à de multiples conférences incluant RSAC, FIRST, 44con, CARO Workshop et Linuxcon Europe. Quand il n'est pas dans le comité
organisateur, il aime participer à des compétitions de sécurité (CTF) comme un
gentilhomme en fĂŞte. En dehors du cyberespace,
Marc-Etienne joue de la clarinette et lit des bandes dessineés.

  • Ebury, 10 years in: The evolution of a sophisticated Linux server threat
  • Malware Q&A
Mathieu Calemard du Gardin (Dramelac)

Red Teamer and co-creator of Exegol

  • Mastering Exegol
Octavia Hexe

Octavia is an independent security researcher. They have worked in security engineering, purple team, adversary emulation roles, and as a volunteer with non-profits countering disinformation.

  • Human in the Middle Q&A
Patricia Gagnon-Renaud

Patricia Gagnon-Renaud is a Cybersecurity Analyst in the Ethical Hacking team at GoSecure. She has a bachelor's degrees in IT engineering, is a licensed engineer, and more recently, has become a Certified Information Systems Security Professional (CISSP). Her interests include social engineering, physical security, lockpicking and urbanism.

  • Human in the Middle Q&A
  • I will look for you and I will find you: OSINT on publicly shared pictures
  • I will look for you and I will find you: OSINT Extras
Philippe Arteau

Philippe is a security engineer for ServiceNow. He has an interest in software development, penetration testing and security code review. He maintains Find Security Bugs, the static analysis tool. He has presented at various conferences including Black Hat Arsenal, SecTor, AppSec USA, ATLSecCon, 44CON and JavaOne.

  • AppSec Q&A
Pierre-Marc Bureau
  • Malware Q&A
Pier-Yves Lessard

Embedded software engineer working at NXP semiconductor on embedded AI optimization for the automotive industry. Past experience in EV/motor control software. Author of 2 (relatively) widely used open source library dedicated to ECU communications and the main developer of Scrutiny Debugger, a project soon to be released. Father of two who develops open source stuff between 21h and 00h

  • Hardware Q&A
  • Scrutiny Debugger - Debug, test and configure embedded softwares through instrumentation

As an offensive security engineer at Microsoft, Priyank's primary focus is conducting security exercises that emulate real-world threats impacting billions of users. He is well known for his expertise in identifying high-impact vulnerabilities and has shared his research openly through various industry conferences.

His forte is web/mobile application security assessments, network penetration testing and secure source code reviews. In the past, he has advised F500 brands and startups and does mobile and IoT related research in his spare time.

As a new parent, he is now (re)learning hacking from his toddler who defeats all the "restrictions" to limit their mobility.

  • UnRegister Me - Advanced Techniques for hunting and securing user registration vulnerabilities.
Ron Bowes

Ron Bowes is a Lead Security Researcher on the GreyNoise Labs team, which tracks and investigates unusual--typically malicious--internet traffic. His primary role is to understand and track the big vulnerabilities of the day/week/month/year; often, that means parsing vague vendor advisories, diff'ing patches, reconstructing attacks from log files, and--most complex of all--installing and configuring enterprise software. When he's not at work, he runs the BSides San Francisco Capture the Flag contest, is a founder of The Long Con conference in Winnipeg, maintains a personal blog, and continues his question to finish every game in his Steam library.

  • Finding signals in the noise: Why write exploits when attackers share them for free?
Sagar Bhure

Sagar Bhure is a highly accomplished Security Researcher with a proven track record of excellence in
his research on security. He is a filed patent holder with the US for his innovative work on ML and Security
and has published several papers on the subject in top-tier journals. He currently leads various projects
at OWASP, including the prestigious "ML Security Top 10" , an OWASP flagship project. Sagar has spoken
at several industry-leading international conferences, including Hack in Paris, BlackHat, OWASP, and
APISecure. He is regarded as a respected thought leader in the cybersecurity community, frequently
invited to speak at conferences and workshops on topics related to offensive and defensive security.
Sagar’s engaging presentations have helped to educate security professionals with cutting-edge research
and tools to strengthen their security toolkits.

  • Machine Learning For Security Professionals: Building And Hacking ML Systems

Sagie is a defensive security researcher, leading the Zero-Labs team as VP of Research @ Zero Networks.
With a bachelor's in Electrical-Engineer, Sagie started out designing and breaking-up communication schemas in the Intelligence unit of the military. After his service, Sagie went on to perform research on diverse topics, introducing new attacks techniques such as the "man-in-the-cloud" attacks and supply chain compromises against container developers. In recent years, Sagie is focused on research that delivers practical solutions to security teams, mainly in the form of open source security tools.

  • Prevent First, Detect Second: An Open-Source Approach
Sergei Frankoff

Sergei is a co-founder of OpenAnalysis Inc, and part of the team behind UnpacMe. When he is not reverse engineering malware Sergei is focused on building automation tools for malware analysis, and producing tutorials for the OALABS YouTube channel. With over a decade in the security industry Sergei has extensive experience working at the intersection of incident response and threat intelligence.

  • Technical Analysis Past, Present, and Future - Insights from a Reverse Engineering Perspective
  • Malware Q&A
Simon Lacasse

Simon Lacasse travaille comme testeur d'intrusions chez Desjardins, avec un focus sur des tests organisationels orientés par objectifs. Il est très intéressé par la sécurité web et d'infrastructure. Équipé d'une formation en ingénierie logicielle, il aime créer ses propres outils pour résoudre les différents défis qu'il rencontre. Lorsque possible, il aime redonner à la communauté en faisant de ses outils des logiciels libres. Simon est également un ancien membre du club de sécurité informatique de Polytechnique Montréal, PolyHack/PolyHx.

(Bio de Charl-Alexandre en attente.)

  • Exploiter Ansible WorX et tout le reste
Simon Nolet (Viper)

Simon is a cybersecurity expert with 10 years of experience, specializing in offensive security for the past 9 years. He focuses achieving high-impact attack chains .He has conducted over 250 penetration tests. Simon is also an active member of the cybersecurity community, dedicated to sharing his knowledge by volunteering for events like Hackfest CTF and training individuals for over 5 years in the Security 103 course and the Beginner CTF. He values honesty, promoting transparency and integrity in his work. His expertise covers networks, infrastructure, Active Directory pentesting, but he is also interested in red teaming, access control evasion, and efficient computer usage. Simon is constantly striving to enhance a company's security by producing precise reports and offering operational recommendations to increase resilience against adversaries. He believes that often, the root causes of security issues can be addressed through education and training. His goal is to educate and strengthen security measures to protect both businesses and individuals in their digital environments, with a strong emphasis on training others.

  • CTF 101
Thomas Poinsignon Clavel
  • Unveiling the OT Threat Landscape
W. Garrett Myler

W. Garrett Myler, Sr. OT cybersecurity Specialist at Red Trident Inc. and proud U.S. Air Force Reservist, has over a decade of experience supporting threat intelligence and cyber operations within the U.S. Department of Defense - from strategic to tactical levels of operation. He has traveled the world performing vulnerability assessments on industrial control systems (ICS) supporting critical infrastructure. Mr. Myler is an experienced and engaging cybersecurity instructor and presenter and has trained professionals and addressed audiences from around the world. He is a CISSP, GIAC Certified Forensic Analyst, an ISA 62443 certified "expert", and has a Masters of Science in Digital Forensics and Cyber Investigation. Mr. Myler is honored to fill the roles of husband to his wife Julie and father to their five children.

  • Human in the Middle Q&A
  • BEWARE of Infosec Influencers
Will Summerhill

Will Summerhill is a senior security consultant with Mandiant Canada on the Proactive team performing red teams, purple teams, and penetration testing assessments. He has been in offensive security consulting for over 7 years and has 10 years of information security experience combined. He teaches red teaming classes to clients and taught a penetration testing course at the post-grad college level.

  • Simplified Malware Evasion - Entropy and other Techniques
  • Red Team Q&A
Zaid Osta

Zaid Osta is a Cyber Threat Intelligence Analyst at Flare, and his primary role involves the collection, research, and analysis of the latest cyber threats.

  • Crowdsourced DDoS Attacks Amid Geopolitical Events