BEGIN:VCALENDAR
VERSION:2.0
X-WR-CALNAME:bsidesprg2026
X-WR-CALDESC:Event Calendar
METHOD:PUBLISH
CALSCALE:GREGORIAN
PRODID:-//Sched.com Security BSides Prague 2026//EN
X-WR-TIMEZONE:UTC
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260421T070000Z
DTEND:20260421T093000Z
SUMMARY:Autonomous Malware Logic: Practical Design and Analysis of Stealth Execution Techniques
DESCRIPTION:Modern malware increasingly relies on autonomous execution logic rather than immediate payload execution. This workshop demonstrates how they perform inspection and delayed activation to evade dynamic analysis and endpoint protection (practical learning for offensive + defensive security engineers). \n\nOverview\nAs endpoint detection\, sandboxing\, and behavioral monitoring mature\, malware has increasingly shifted toward autonomous execution models. Rather than immediately performing network communication or malicious actions\, many implants now embed logic that inspects the execution environment and defers activity until specific conditions are met.\n\nThis workshop examines the technical mechanisms behind dormant and conditionally executed malware behavior\, focusing on how execution flow is gated by environmental signals rather than external commands.\n\n\nTechnical focus areas\nParticipants will work with controlled samples that demonstrate:\nEnvironment inspection using operating system APIs (network availability\, adapter state\, DNS resolution\, system uptime)Conditional execution paths implemented through state machines and decision treesDelayed activation logic based on runtime conditions rather than timers aloneWhy standard tools such as process monitors\, network captures\, and sandbox environments frequently observe no actionable behaviorHow conditional execution impacts both red team validation and blue team detection strategiesHands-on approach\nThe workshop is structured around practical analysis rather than exploitation. Attendees will trace execution paths\, identify dormant branches\, and observe how small environmental changes alter program behavior. All demonstrations are non-destructive and run in isolated lab environments.\n\n\nOutcome\nBy the end of the session\, participants will be able to recognize environment-aware execution patterns\, understand why dormant malware often evades detection\, and reason about how such behavior affects modern security testing and monitoring.\n\nThis is a technical\, hands-on workshop focused on execution logic and control flow analysis.No ransomware\, destructive payloads\, or live command-and-control infrastructure are involved.All examples are self-contained and executed in isolated virtual environments.The workshop emphasizes system-level behavior\, API usage\, and execution gating rather than payload development.Attendees will need a laptop capable of running a preconfigured virtual machine (instructions provided in advance).Content is derived from real-world offensive security research and experience analyzing advanced execution-evasion techniques.\n\n
CATEGORIES:WORKSHOP
LOCATION:Novotel - WR2\, Kateřinská 38\, Nové Město\, 120 00 Praha-Praha 2\, Czechia
SEQUENCE:0
UID:edd2233cf6ea3eb31ecdbb60fc2470c2
URL:http://bsidesprg2026.sched.com/event/edd2233cf6ea3eb31ecdbb60fc2470c2
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260421T070000Z
DTEND:20260421T100000Z
SUMMARY:Mad data science for practical C2 detection
DESCRIPTION:Are you tired of JupyterLab notebooks with single-threaded\, unoptimized\, PoC code that does not scale in real-world scenarios? Do you have a C2 beaconing problem on your network? Well\, look no further! This workshop can fit so much data science for C2 detection! *slaps roof of a pile of code* \n\nIf you always wanted to know how tools like Flare or RITA work\, how to do C2 detection with frequency analysis\, or how to use probability theory to spot beaconing traffic\, then this is the workshop for you!We are going to be obsessing over the nitty-gritty details of spotting beaconing traffic using data science methods. However\, this time\, we will not use JupyterLab notebooks! We want to show you how to do these detections in real network environments\, and at scale. We will use solutions that can ingest network data and then provide meaningful outputs in a reasonable amount of time. The main goal of this workshop is to give you the understanding you need to apply these techniques the next day at work.\n\nYou can just attend this workshop and get your hands dirty with bits and bytes\, but if you want to have a better understanding of the underlying theories\, concepts\, and technical considerations\, then you should also come to our talk! Yes\, we are sort of cheating here\, hoping that you will attend both! :P So\, are you coming to the talk?\n\n\nRequirements for the workshop: \nA laptop with at least 16 GB of RAM and more than 50 GB of free disk space (VT-x support must be enabled on the host system). Application to run Virtual Images (type-2 hypervisor): VMWare Workstation Pro (recommended)\, VMWare Workstation Player\, VMWare Fusion\, or VirtualBox.Only 64-bit Intel-compatible (Intel or AMD) processors are supported.\nWARNING: ARM-based devices (such as Apple Silicon\, Qualcomm Snapdragon\, and some Microsoft Surface laptops) cannot perform the necessary virtualization and therefore cannot be used for the workshop.\n\n\n
CATEGORIES:WORKSHOP
LOCATION:Novotel - WR1\, Kateřinská 38\, Nové Město\, 120 00 Praha-Praha 2\, Czechia
SEQUENCE:0
UID:8ffdb71af0e3efc4aa76ae3f8286af48
URL:http://bsidesprg2026.sched.com/event/8ffdb71af0e3efc4aa76ae3f8286af48
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260421T100000Z
DTEND:20260421T110000Z
SUMMARY:Lunch Break
DESCRIPTION:DescriptionEnjoy the Lunch Break as an opportunity to step out\, recharge\, and grab something good to eat at one of the many nearby restaurants and cafés. Please note that lunch is not provided by the conference\, so we encourage you to explore the local options around the venue. You can find a curated list of recommended restaurants in your attendee booklet\, making it easy to choose a spot that fits your taste and schedule. Use this time not only to refuel\, but also to continue conversations with fellow attendees before the afternoon sessions begin.
CATEGORIES:NETWORKING
LOCATION:Novotel Praha Wenceslas Square\, Kateřinská 38\, Nové Město\, 120 00 Praha-Praha 2\, Czechia
SEQUENCE:0
UID:9c1777b878b04d9d2704d4cf4bbefa3d
URL:http://bsidesprg2026.sched.com/event/9c1777b878b04d9d2704d4cf4bbefa3d
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260421T100000Z
DTEND:20260421T160000Z
SUMMARY:BloodHound Basics Workshop
DESCRIPTION:BECOME A BLOODHOUND OPERATOR\nYou hear some of the Red teamers talk about Attack Paths\, OpenGraph\, and Cypher queries but you are not sure what it’s all about? No worries\, we’ve got you covered. We’ll take you from new BloodHound user to power-level-over-9000-BloodHound-Ninja. During this workshop\, we start from the basics and guide you from setup all the way to becoming a capable\, hands-on BloodHound operator.\n\nThis workshop is aimed at new to intermediate BloodHound users. Besides a laptop and limited technical knowledge\, there are no special requirements for joining. Join us and learn to understand Attack Paths like adversaries do.\n\nAbstract\nThis one-day workshop introduces the core concepts and terminology associated with BloodHound\, details the basics BloodHound usage\, and discusses possible BloodHound extensions. The workshop alternates lectures and hand-on lab exercises (~50/50). Trainees will learn how to install\, configure\, and operate BloodHound Community Edition. The goal is to get everyone familiar with all aspects of BloodHound\, so that it will hold no secrets for them after this workshop.\n\nWorkshop outline\nDuring the workshop\, we will cover the following topics:\nModule 1&nbsp\;-&nbsp\;Concepts & Components\nThinking in GraphsGraph Theory & Graph TerminologyBloodHound EvolutionBloodHound Data ModelBloodHound Application ComponentsBloodHound Code & DocumentationBloodHound SlackModule 2&nbsp\;–&nbsp\;Installation & Discovery\nInstalling BloodHoundInitial LoginUI DiscoveryBasic Docker CommandsModule 3 - Data Collection & Ingestion\nDownloading CollectorsSharpHound Data CollectionAzureHound Data CollectionIngesting Data & Data QualityIngestion Under the HoodDeleting DataModule 4 - Data Exploration & Cypher Basics\nRetrieving Nodes & PropertiesRetrieving Edges & PathsBuilt-In QueriesIntro to CypherCustom QueriesCypher Tips & TricksModule 5 - BloodHound Administration\nUser ManagementSSO ConfigurationConfig & Early Feature AccessModule 6 - BloodHound API & Automation\nAPI ExplorerAPI TokensRequest SignatureAPI CallRunning Cypher QueriesModule 7 - Advanced BloodHound Usage\nDirect DB AccessMutating QueriesOpenGraphIntegration ConceptsBloodHound Related ToolingBHOperator Demo\n\n\nExtra Info\nThis is not an Active Directory training\, but we will talk about it a lot.\nThis is not an Offensive tradecraft course\, but we will talk about it a lot.\nAnd of course\, we are happy to discuss any questions that come up during the workshop.\n\n\n\nWhat to expect?\nThe workshop takes 4 to 6 hours in classes up to 20 people. We aim for an open and intimate setting\, where everyone is free to share and ask questions.\nBasic Active Directory\, Azure and InfoSec knowledge is required. Offensive security knowledge is not required.\nBring a laptop capable of running&nbsp\;BloodHound Community Edition in Docker\, as this is a hands-on workshop. Make sure Docker Desktop is installed before the Workshop.\n\n
CATEGORIES:WORKSHOP
LOCATION:Novotel - WR2\, Kateřinská 38\, Nové Město\, 120 00 Praha-Praha 2\, Czechia
SEQUENCE:0
UID:3167e2471d92caa4bdff96c88a6bd59d
URL:http://bsidesprg2026.sched.com/event/3167e2471d92caa4bdff96c88a6bd59d
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260421T110000Z
DTEND:20260421T150000Z
SUMMARY:Payload Obfuscation for Red Teams
DESCRIPTION:In this hands-on workshop you will learn how to obfuscate your payloads with a custom VM. This will help to evade signature detections and make reverse engineering more difficult. Participants will walk away with new tooling they can try out in the field right away!\n \nIn this workshop we will leverage the RISC-V architecture and the LLVM ecosystem to build a simple obfuscation pipeline. The VM interpreter code is small and once it is loaded\, you do not need to allocate additional executable pages to execute arbitrary payloads.\n\nCovered topics: \n Introduction to VM-based obfuscation&nbsp\; Basics of the RISC-V architecture&nbsp\; Compiling payloads for the RISC-V architecture&nbsp\;Obfuscating the VM interpreter for evasion - VM Hardening to complicate reversing the payloads - Building a basic C2 framework (as time allows)\n\nThe bulk of the work will be done in a GitHub Codespace (Linux)\, which makes it easy for participants to get started. However\, the final payloads need to be executed in a Windows VM (which you have to prepare beforehand).\n\n\nNote: You need basic C programming and Linux command line experience to follow along with the workshop. Reverse engineering experience is definitely a plus!\n\n\nThe start of the workshop is a hands-on version of a blog post I was the main author of: RISC-Y Business: Raging against the reduced machine\, specifically tailored for red teamers. The second half will contain currently-unpublished research\, discussing obfuscation and evasion techniques which should be interesting to conference participants.\n\n\n
CATEGORIES:WORKSHOP
LOCATION:Novotel - WR1\, Kateřinská 38\, Nové Město\, 120 00 Praha-Praha 2\, Czechia
SEQUENCE:0
UID:a46aa8b3a5410c4e2f11b6f4c8317c41
URL:http://bsidesprg2026.sched.com/event/a46aa8b3a5410c4e2f11b6f4c8317c41
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260422T070000Z
DTEND:20260422T100000Z
SUMMARY:Digital Forensics on MacOS - Analyzing current Threats
DESCRIPTION:As macOS gains traction in enterprises\, so do attacks. This workshop equips participants with the skills to perform effective macOS forensic analysis\, uncovering and understanding modern threats to strengthen enterprise defences.\n\nThe goal of this workshop is to equip participants with the essential knowledge and practical skills needed to perform forensic analysis of macOS systems in the context of modern threats. Although macOS devices still represent a smaller share of enterprise environments compared to Windows\, they are increasingly targeted by threat actors. As a result\, macOS security and forensic analysis remain less mature and underrepresented in many organisations’ defensive strategies. Recent industry reports — including findings from Red Canary showing a 400% increase in macOS-related threats between 2023 and 2024 [1] — highlight the urgent need for improved visibility and expertise in this area.\n\nThis workshop will guide participants through the fundamental steps of conducting macOS forensic investigations\, including: \n\nCreating logical and triage images of macOS devices Identifying and interpreting key system artefacts Investigating artefacts for evidence of threat actor activity Utilising common forensic tools to support analysis - Understanding the evolving macOS threat landscape\nBy the end of this workshop\, participants will be able to independently conduct forensic investigations on macOS systems and will receive additional resources to support continued learning and future casework.\n\n[1] https://redcanary.com/threat-detection-report/trends/mac-malware/\n\nSince the core of this workshop involves hands-on forensic analysis of a compromised macOS system\, each participant is required to bring a laptop. As the provided forensic data is designed for macOS\, a MacBook is prefered for the exercises. \nFor those who do not have access to a MacBook\, suitable alternatives will be made available\, accessible from any operating system. Participants should have a basic understanding of cybersecurity concepts\, though prior experience with macOS internals or forensic analysis is not required. The workshop is designed to build these skills through guided\, practical exercises.\n\n\n
CATEGORIES:WORKSHOP
LOCATION:Novotel - WR1\, Kateřinská 38\, Nové Město\, 120 00 Praha-Praha 2\, Czechia
SEQUENCE:0
UID:068d3641ac10ebc81ece7a59c29d43d6
URL:http://bsidesprg2026.sched.com/event/068d3641ac10ebc81ece7a59c29d43d6
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260422T070000Z
DTEND:20260422T100000Z
SUMMARY:Unveiling the Obscurity: Decrypting Agent-Server Communications
DESCRIPTION:Decrypting agent–server communications is not a subject that can be easily researched (limited information available). Either you find corner cases debugging a binary or quite simple examples using Burp. This workshop covers them all and opens new topics that might be expanded in the future. \n\nDescription\nUsually\, as a pentester or a defender\, when it comes to agent-server communications\, we always struggle to intercept the data shared between peers. Sometimes\, vendors include MITM support or provide an option to disable encryption. However\, this is not as common as one might expect. Security by obscurity is still a thing and cannot be easily defeated. Nevertheless\, as pentesters\, finding workarounds is our job — and that’s the goal of this workshop.\n\nDuring the workshop\, attendees will: - Get a clear overview of the different encryption mechanisms used in the wild (HTTP\, HTTPs\, TCP\, TLS over TCP\, mutual TLS). - Learn how to circumvent each of them based on the characteristics of the binary and the protocols used: - Is the binary using HTTP or TPC? - Is it a Golang compiled? - Can we use our own self-signed certificate? - If not\, do we have access to the legitimate CA? - Use Frida to dig deeper into more complex situations like mutual TLS. - Learn by practicing with custom binaries per protocol. - Obtain a mindmap for each scenario to speed up their tests - Intercept fast\, test faster! - Apply this mindmap for facing a real world tool like Sliver (C2 framework).\n\nIf time permits\, an extra binary will be launched at the end of the workshop as a miniCTF challenge.\n\nNote: Slides and binaries used during the workshop will be available on GitHub.
CATEGORIES:WORKSHOP
LOCATION:Novotel - WR2\, Kateřinská 38\, Nové Město\, 120 00 Praha-Praha 2\, Czechia
SEQUENCE:0
UID:e69f53cd1a0fa44440b806f906789eac
URL:http://bsidesprg2026.sched.com/event/e69f53cd1a0fa44440b806f906789eac
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260422T100000Z
DTEND:20260422T110000Z
SUMMARY:Lunch Break
DESCRIPTION:DescriptionEnjoy the Lunch Break as an opportunity to step out\, recharge\, and grab something good to eat at one of the many nearby restaurants and cafés. Please note that lunch is not provided by the conference\, so we encourage you to explore the local options around the venue. You can find a curated list of recommended restaurants in your attendee booklet\, making it easy to choose a spot that fits your taste and schedule. Use this time not only to refuel\, but also to continue conversations with fellow attendees before the afternoon sessions begin.
CATEGORIES:
LOCATION:Novotel Praha Wenceslas Square\, Kateřinská 38\, Nové Město\, 120 00 Praha-Praha 2\, Czechia
SEQUENCE:0
UID:d7b4e8864bad3cb9095a17cc0a4a62ac
URL:http://bsidesprg2026.sched.com/event/d7b4e8864bad3cb9095a17cc0a4a62ac
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260422T110000Z
DTEND:20260422T150000Z
SUMMARY:Beyond the Web: Exploration of Windows Userland Weaknesses
DESCRIPTION:Internet is big and scary. Let’s ignore all the remote web apps for a while and stay cozy and warm on our localhost. Attack surface of Windows apps is also interesting!\n\n\nWhat we’ll look into?\n\nOS Interaction Technologies: protocol handlers\, COM/DCOM\, named pipes\, MSRPC\, NTLM\, handles\, …Userland OS Weaknesses: ACLs\, MSI\, filesystem\, TOCTOU\, junctions3 practical exercises on premade lab VMs: protocol handlers\, COM and named pipes\n\nAfter the workshop you should have basic idea of where to poke for cracks in attack surface of Windows apps and where to look for more information. We won’t have time to fully dive deep\, but this approach lets us cover more ground and give you references to tear down the curtain hiding the details at your own pace. Who knows - maybe you’ll secure your code against attack surfaces you hadn’t considered or even get your own CVE-2026!\n\n\nRequirements: laptop with RDP client\, ability to write and understand code\, basic knowledge of Windows OS (e.g.\, difference between EXE/DLL\, the concept of a process) \n\n
CATEGORIES:WORKSHOP
LOCATION:Novotel - WR1\, Kateřinská 38\, Nové Město\, 120 00 Praha-Praha 2\, Czechia
SEQUENCE:0
UID:d4186c5b743fff7b8ad27b2f031d6ac2
URL:http://bsidesprg2026.sched.com/event/d4186c5b743fff7b8ad27b2f031d6ac2
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260422T110000Z
DTEND:20260422T150000Z
SUMMARY:Practical Threat Modeling: from vague worries to an actionable backlog
DESCRIPTION:No more drowning in checklists! Change “we should probably be more secure” into an actual\, risk-prioritized engineering backlog. In this hands-on workshop you’ll learn to threat model systems using STRIDE + data-flow diagrams. You'll leave with a repeatable approach you can drop into product work. \n\nNo more drowning in checklists! Change “we should probably be more secure” into an actual\, risk-prioritized engineering backlog. In this hands-on workshop you’ll learn to threat model systems using STRIDE + data-flow diagrams. You'll leave with a repeatable approach you can drop into product work.\n\nWhat we’ll do\nWorking in small groups\, we’ll threat model a software system end-to-end:\nsketch a data-flow diagram (DFD) and identify trust boundariesapply STRIDE to systematically enumerate threatsprioritize threats by risk\, focusing on what matters mostturn results into a well-scoped mitigation backlogidentify reusable security patterns you can apply elsewhere\nWhat you’ll learn / take home\nA repeatable workflow for running a threat modeling session with your teamHow to spend more effort on high-impact risks (and less on low-value busywork) without losing the plot with auditorsA set of “next actions” you can implement immediately: mitigations\, logging/monitoring hooks\, and design changes expressed as backlog items\nWho it’s for\nDevelopers/engineers who own services in productionSecurity champions embedded in product teamsArchitects / tech leads responsible for system design\nPrerequisites & logistics\nNo special tools required: either bring pen and paper for diagrams or laptop with a lightweight drawing tool. Basic familiarity with software architecture helps\, but you don’t need prior threat modeling experience. \n\n\n\n\n\n\n
CATEGORIES:WORKSHOP
LOCATION:Novotel - WR2\, Kateřinská 38\, Nové Město\, 120 00 Praha-Praha 2\, Czechia
SEQUENCE:0
UID:53a66c519b7fb46ad003e2418562e3e4
URL:http://bsidesprg2026.sched.com/event/53a66c519b7fb46ad003e2418562e3e4
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T060000Z
DTEND:20260423T064500Z
SUMMARY:Open doors
DESCRIPTION:\n
CATEGORIES:NETWORKING
LOCATION:All\, Prague\, Czechia
SEQUENCE:0
UID:be27ac6adb39054772cccc7cfba7488e
URL:http://bsidesprg2026.sched.com/event/be27ac6adb39054772cccc7cfba7488e
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T064000Z
DTEND:20260423T070000Z
SUMMARY:Opening talk
DESCRIPTION:Martin Hron will open BSides Prague 2026 with a short welcome session that sets the tone for the entire conference\, introduces the spirit and community values of BSides\, and provides essential information for all attendees. The talk will cover key organizational details about the venue\, agenda\, tracks\, partners\, and practical logistics\, along with important reminders about the Code of Conduct and how to make the most of the day through networking and collaboration. This opening ensures everyone starts aligned\, informed\, and ready for a full day of cybersecurity knowledge sharing\, discussions\, and community-driven inspiration.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - MAIN\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:a5dfc2d69c9c6c86671f544ea0929c4e
URL:http://bsidesprg2026.sched.com/event/a5dfc2d69c9c6c86671f544ea0929c4e
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T070000Z
DTEND:20260423T074500Z
SUMMARY:Keynote: Do Not Build the Torment Nexus
DESCRIPTION:\n
CATEGORIES:TALK
LOCATION:Lucerna Cinema - MAIN\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:c02990dbfd81aa59dbb61bc47b024c4a
URL:http://bsidesprg2026.sched.com/event/c02990dbfd81aa59dbb61bc47b024c4a
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T074500Z
DTEND:20260423T081000Z
SUMMARY:Coffee Break
DESCRIPTION:Take a well-deserved pause during our Coffee Break — a perfect moment to stretch your legs\, grab a fresh cup of coffee or a quick snack\, and recharge before the next round of talks. Use this time to move to your selected session\, explore partner booths\, or catch up with familiar faces you haven’t seen since the last event. Whether you’re continuing a deep technical debate or just enjoying a casual hallway conversation\, this break is all about connecting\, refueling\, and getting ready for what’s next at BSides Prague 2026.
CATEGORIES:NETWORKING
LOCATION:All\, Prague\, Czechia
SEQUENCE:0
UID:4f160e48bc75ff499b8fee24cb6f9562
URL:http://bsidesprg2026.sched.com/event/4f160e48bc75ff499b8fee24cb6f9562
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T081000Z
DTEND:20260423T083500Z
SUMMARY:Adventures in Router Firmware Through Dynamic Taint Analysis
DESCRIPTION:While the security industry is captivated by AI/ML advancements\, the fundamentals of VR remain as critical as ever. This presentation returns to these essentials\, demonstrating advanced techniques for discovering firmware vulnerabilities\, the most prevalent security flaw in router firmware.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - AUX\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:4dfa95741054c5ce5aa5504021725dd3
URL:http://bsidesprg2026.sched.com/event/4dfa95741054c5ce5aa5504021725dd3
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T081000Z
DTEND:20260423T085500Z
SUMMARY:From Prompt to Pwn: Abusing Browser Small Language Models
DESCRIPTION:The Chrome browser's new Prompt API opens up the next frontier of AI exploitation: for the first time\, a local AI model is embedded directly into the browser’s runtime environment. This presentation shows how browsers can be turned into high-value AI exploitation platforms\, and what to do about it.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - MAIN\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:79a573b897465aff38608718a04e35e3
URL:http://bsidesprg2026.sched.com/event/79a573b897465aff38608718a04e35e3
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T084000Z
DTEND:20260423T090500Z
SUMMARY:JA3/JA4+ hashes: A "Secret" Fingerprint Identifying Bots and Scrapers
DESCRIPTION:The internet is full of bots and some aren't nice (DDoS\, scraping\, exploits\, AI..). To block bots\, we must identify them in the traffic. That's hard as some pretend to be human/browsers! Let's explore JA3 (and their successor JA4+) hashes - a lesser-known method based on the client TLS capabilities.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - AUX\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:bcefbbc79bc15794ae37aede09c7875e
URL:http://bsidesprg2026.sched.com/event/bcefbbc79bc15794ae37aede09c7875e
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T090000Z
DTEND:20260423T094500Z
SUMMARY:Building Deception at Scale: Automating Honeypots with Autonomous AI Agents
DESCRIPTION:What if honeypots could deploy\, adapt\, and learn on their own? See how autonomous AI agents build realistic deception environments targeting vibe-coded and AI-built apps\, interact with real attackers\, and uncover exploitation patterns-without constant human tuning.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - MAIN\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:5ed941cafc977891f18c437733877e66
URL:http://bsidesprg2026.sched.com/event/5ed941cafc977891f18c437733877e66
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T091000Z
DTEND:20260423T093500Z
SUMMARY:Malware Evasion - Packers\, Loaders\, and Why Your EDR Misses Them
DESCRIPTION:Are your Linux security systems truly protecting you? This cutting-edge presentation exposes a critical blind spot in modern cybersecurity: sophisticated Linux malware packers and loaders that are silently evading detection across enterprise environments.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - AUX\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:d7da9c30ac9a3d7e0d222556ff816a94
URL:http://bsidesprg2026.sched.com/event/d7da9c30ac9a3d7e0d222556ff816a94
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T094000Z
DTEND:20260423T100500Z
SUMMARY:Prompt\, Pwn\, Profit: A $30k Deep Dive into AI Agent Vulnerabilities
DESCRIPTION:I earned over $30\,000 by exploiting 25 vulnerabilities in major AI Agents like Claude Code\, Google Gemini\, and other. This talk reveals the specific techniques— Argument Injection\, Regex bypasses\, AST limitation and Sandbox escapes—used to turn "safe" coding assistants into weapons for RCE.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - AUX\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:5da710aec6071db2256dc81189d385c7
URL:http://bsidesprg2026.sched.com/event/5da710aec6071db2256dc81189d385c7
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T095000Z
DTEND:20260423T103500Z
SUMMARY:Hackerdy
DESCRIPTION:Are you ready to test your knowledge in the New Age? \n\nThe game is what you expect of the ever popular "Jeopardy" but with a hacker twist\, hence "Hackerdy". Expect to understand not only the fundamental aspects of cybersecurity and its history\, but the growing trends of AI and its impacts. \n\nThe game will consist of three teams pitted against each other! You'll go through two rounds and then you'll be lead to Final Hackerdy!\n\nLet's see what you're made of.
CATEGORIES:CUSTOM_TALK
LOCATION:Lucerna Cinema - Lounge\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:6ff1bdcf1226a957c1b5ba39d7701b98
URL:http://bsidesprg2026.sched.com/event/6ff1bdcf1226a957c1b5ba39d7701b98
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T095000Z
DTEND:20260423T103500Z
SUMMARY:Exploit is in the logic: Reversing an Android application to hack transactions on an NFC tag.
DESCRIPTION:A punk journey in a home-made reversing engineering project to hack an NFC tag for ̶p̶r̶o̶f̶i̶t̶ ̶a̶n̶d̶ ̶f̶u̶n̶ free drinks (and fun\, it's always about fun). Reversing a Hermes-encoded Android bundle to understand how an NFC tag (NXP NTAG 21X) works and how to exploit it.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - MAIN\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:cdd230bf01fe05d12830b27508acadd7
URL:http://bsidesprg2026.sched.com/event/cdd230bf01fe05d12830b27508acadd7
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T101000Z
DTEND:20260423T102500Z
SUMMARY:Harder\, Better\, Faster\, Stronger: Because “FROM ubuntu:latest” Is a Supply-Chain Horror Story
DESCRIPTION:Most Docker images are obese\, vulnerable\, and emotionally unstable. Let’s go Harder\, Better\, Faster\, Stronger—cut the fat\, drop root\, and make containers so minimal attackers think they’re hallucinating.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - AUX\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:01711b19aa39ba3e6ccff5541b5cafd4
URL:http://bsidesprg2026.sched.com/event/01711b19aa39ba3e6ccff5541b5cafd4
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T103500Z
DTEND:20260423T113500Z
SUMMARY:Lunch Break
DESCRIPTION:Enjoy the Lunch Break as an opportunity to step out\, recharge\, and grab something good to eat at one of the many nearby restaurants and cafés. Please note that lunch is not provided by the conference\, so we encourage you to explore the local options around the venue. You can find a curated list of recommended restaurants in your attendee booklet\, making it easy to choose a spot that fits your taste and schedule. Use this time not only to refuel\, but also to continue conversations with fellow attendees before the afternoon sessions begin.
CATEGORIES:NETWORKING
LOCATION:All\, Prague\, Czechia
SEQUENCE:0
UID:1b8b782d13b764a33110af77b6f896a5
URL:http://bsidesprg2026.sched.com/event/1b8b782d13b764a33110af77b6f896a5
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T113500Z
DTEND:20260423T123500Z
SUMMARY:Threat Modeling through Play: A Hands-On Elevation of Privilege Game Workshop
DESCRIPTION:In this session\, we go back to where systems begin: the whiteboard - where designs take shape and the right question is: what could go wrong? That’s the essence of threat modelling: finding weaknesses before anything is built.In this hands-on workshop\, we use the Elevation of Privilege card game\, created by Adam Shostack\, to turn threat modelling into an engaging\, team-based activity. Working in small groups\, you’ll analyse a system architecture\, applying cards aligned to STRIDE to uncover realistic threats. It’s structured\, collaborative\, and built around discussion\, not just tools.Together\, you’ll learn how to:- Identify vulnerabilities early in the design phase- Explore attack categories through a six-part framework- Experience how serious security work can also be funYou’ll leave with a practical\, repeatable approach to bring threat modelling into your teams from day one.
CATEGORIES:CUSTOM_TALK
LOCATION:Lucerna Cinema - Lounge\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:686d06cb022aad6cd04c9737dbf49dcf
URL:http://bsidesprg2026.sched.com/event/686d06cb022aad6cd04c9737dbf49dcf
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T113500Z
DTEND:20260423T122000Z
SUMMARY:How Infostealers slipped through EDRs - Process Doppleganging by IDAT Loader for over 18 months
DESCRIPTION:Infostealers slip through EDR engines by obfuscating code but at later stage of kill chain when they reconstruct their code or inject into a benign process\, they start leaving some tips for hunters and our talk covers over 12 tricks unique to IDAT Loader that bypassed over 100 cases.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - MAIN\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:f07c94a97e068fc8bc69e37029f1eeb6
URL:http://bsidesprg2026.sched.com/event/f07c94a97e068fc8bc69e37029f1eeb6
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T113500Z
DTEND:20260423T122000Z
SUMMARY:Inside the Fortress: Attacking RFID Access Control Systems
DESCRIPTION:RFID access control systems have become one of the primary ways in which corporate and residential buildings around the world control physical access. Thus\, in this talk\, we will address some of the main security issues presented by these systems\, from bypass techniques to long-range tag cloning.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - AUX\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:d5f9f4d5a2338af4c6aa0e2bc4e45650
URL:http://bsidesprg2026.sched.com/event/d5f9f4d5a2338af4c6aa0e2bc4e45650
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T122500Z
DTEND:20260423T131000Z
SUMMARY:Ghost in the Script: Impersonating Google App Script projects for stealthy persistence
DESCRIPTION:This talk will go through how Google Apps Script projects work and how an attacker can utilize the Apps Script projects to persist in a target’s environment. Then\, we will look into how these techniques can be detected and prevented\, so they will not be able to be maliciously utilized by attackers.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - AUX\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:fe28b30ed1d2de278e87b78befed0199
URL:http://bsidesprg2026.sched.com/event/fe28b30ed1d2de278e87b78befed0199
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T122500Z
DTEND:20260423T131000Z
SUMMARY:The CSI Hijack: Default Kubernetes Storage Drivers Exploitation
DESCRIPTION:We demonstrate multiple new 0days and insecure defaults in EKS/EKS Auto - AWS kubernetes enabling escalation from Kubernetes access to full AWS account data-plane control + 0day and similar CSI/IAM flaws in AKS and GKE enabling admin-level escalation. We also show control-plane ransomware via CSI.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - MAIN\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:1f94a55ca2f734d4a79a1a345bf900b3
URL:http://bsidesprg2026.sched.com/event/1f94a55ca2f734d4a79a1a345bf900b3
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T124000Z
DTEND:20260423T130000Z
SUMMARY:Building a safe harbor for folks in cyber security
DESCRIPTION:This lightning talk explores workplace well-being in cybersecurity through positive and negative examples. It emphasizes the critical role of mental health for operational teams like SOCs and CSIRTs\, while also addressing the pressure CISOs face today. By explaining how to build a "safe harbor" and create an open environment\, the talk will demonstrate how such a supportive approach is reciprocated by professionals\, ultimately fostering a positive workplace culture.
CATEGORIES:CUSTOM_TALK
LOCATION:Lucerna Cinema - Lounge\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:ad8c82248b35c00f62f0601bbdf7c371
URL:http://bsidesprg2026.sched.com/event/ad8c82248b35c00f62f0601bbdf7c371
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T132000Z
DTEND:20260423T134500Z
SUMMARY:(Security) Operations fuckups
DESCRIPTION:The most things you learn with failures. That is known wisdom\, but it is hard to allow yourself to fail\, when you are a newbie in the field\, right? This talk is focusing on sharing of the most epical (security) operation fails and WTF moments - not only for laughter\, but also to support new talents.\n
CATEGORIES:TALK
LOCATION:Lucerna Cinema - AUX\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:7923beab0823a56fa9d13f76e0dfdb6b
URL:http://bsidesprg2026.sched.com/event/7923beab0823a56fa9d13f76e0dfdb6b
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T132000Z
DTEND:20260423T134500Z
SUMMARY:Cloud Agent to Physical Access: How Cursor Unlocked My Front Door
DESCRIPTION:Cursor cloud agents promise isolation\, but new research reveals a cloud→local attack chain. Using Cursor’s client‑server interaction\, an attacker can trigger arbitrary URI handlers on the victim's machine with impact ranging from potential RCE to physical impact via smart IoT devices.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - MAIN\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:67f3c4009349419babaa2fbfe8b53653
URL:http://bsidesprg2026.sched.com/event/67f3c4009349419babaa2fbfe8b53653
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T134500Z
DTEND:20260423T141000Z
SUMMARY:Coffee Break 2
DESCRIPTION:Take a well-deserved pause during our Coffee Break — a perfect moment to stretch your legs\, grab a fresh cup of coffee or a quick snack\, and recharge before the next round of talks. Use this time to move to your selected session\, explore partner booths\, or catch up with familiar faces you haven’t seen since the last event. Whether you’re continuing a deep technical debate or just enjoying a casual hallway conversation\, this break is all about connecting\, refueling\, and getting ready for what’s next at BSides Prague 2026.
CATEGORIES:NETWORKING
LOCATION:All\, Prague\, Czechia
SEQUENCE:0
UID:95c647522e7e13658552fc6a717a79d8
URL:http://bsidesprg2026.sched.com/event/95c647522e7e13658552fc6a717a79d8
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T141000Z
DTEND:20260423T145500Z
SUMMARY:Hackerdy
DESCRIPTION:
CATEGORIES:CUSTOM_TALK
LOCATION:Lucerna Cinema - Lounge\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:6cf38d347ab79686eb2da5cb5c86835a
URL:http://bsidesprg2026.sched.com/event/6cf38d347ab79686eb2da5cb5c86835a
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T141000Z
DTEND:20260423T145500Z
SUMMARY:Blind the Kernel: Subverting Integrity Checks via Semantic Asymmetry
DESCRIPTION:Kernels trust processes—but they shouldn't. We expose the architectural manipulation of ZwQueryVirtualMemory used by latest malwares. See the "Twin Patch" evasion in action\, and learn why modern malware is shattering the foundation of Windows security. Trust is dead.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - MAIN\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:53e6ba690c845274045c8b425f9dcfb1
URL:http://bsidesprg2026.sched.com/event/53e6ba690c845274045c8b425f9dcfb1
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T141000Z
DTEND:20260423T145500Z
SUMMARY:Hunting Malicious Domains at Scale with AI-Augmented OSINT
DESCRIPTION:Through real-world examples\, we'll walk through how AI can be used to surface emerging malicious domain activity\, explain attacker intent from sparse signals\, and automatically route high-confidence findings into Slack\, SIEM\, and SOAR workflows without overwhelming analysts.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - AUX\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:f18a68ff5ec12e271a386ffe897b9d1c
URL:http://bsidesprg2026.sched.com/event/f18a68ff5ec12e271a386ffe897b9d1c
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T150000Z
DTEND:20260423T152500Z
SUMMARY:The Forgotten Fingerprint: OSINT Through DNS TXT Record Analysis
DESCRIPTION:This talk explores a DNS-based OSINT technique that reveals hidden services and tech dependencies through TXT record analysis. Learn how these overlooked records expose valuable insights for offensive and defensive security\, and how to integrate this into recon workflows using Nuclei and Amass
CATEGORIES:TALK
LOCATION:Lucerna Cinema - MAIN\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:3aa7fc06656c350a8df42d804c857948
URL:http://bsidesprg2026.sched.com/event/3aa7fc06656c350a8df42d804c857948
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T150000Z
DTEND:20260423T152500Z
SUMMARY:Who defends the defenders? EDR killers landscape boom
DESCRIPTION:In 2025\, the landscape of EDR killers\, tools to evade EDRs\, expanded significantly\, especially with a tight connection to ransomware. Our talk moves beyond the abused vulnerable drivers and explores where do these tools come from\, who uses them and how we can leverage them for research and defense.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - AUX\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:6c82f601063a9e3f262ab9e9b7e737c3
URL:http://bsidesprg2026.sched.com/event/6c82f601063a9e3f262ab9e9b7e737c3
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T153000Z
DTEND:20260423T161500Z
SUMMARY:CLOSING KEYNOTE
DESCRIPTION:\n
CATEGORIES:
LOCATION:Lucerna Cinema - MAIN\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:f3660accff6c9c5bfd600b25b86fc82c
URL:http://bsidesprg2026.sched.com/event/f3660accff6c9c5bfd600b25b86fc82c
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260423T162000Z
DTEND:20260423T163500Z
SUMMARY:CLOSING DAY#1
DESCRIPTION:Martin Hron will close Day 1 of BSides Prague 2026 with a short wrap-up session reflecting on the key moments\, insights\, and energy that shaped the first day of the conference. The closing talk will highlight important announcements\, share practical information for the evening program and networking opportunities\, and outline what attendees can look forward to on Day 2. It’s a chance to thank speakers\, partners\, and participants\, celebrate the community spirit that makes BSides unique\, and encourage everyone to continue the conversations\, connections\, and ideas sparked throughout the day.\n\n
CATEGORIES:CUSTOM_TALK
LOCATION:Lucerna Cinema - MAIN\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:5fd4c553b7afbdbac8b21a75eaf8a574
URL:http://bsidesprg2026.sched.com/event/5fd4c553b7afbdbac8b21a75eaf8a574
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T060000Z
DTEND:20260424T064500Z
SUMMARY:OPEN DOORS
DESCRIPTION:\n
CATEGORIES:NETWORKING
LOCATION:All\, Prague\, Czechia
SEQUENCE:0
UID:6a0bfb61db352c1e93e32065cc3a5398
URL:http://bsidesprg2026.sched.com/event/6a0bfb61db352c1e93e32065cc3a5398
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T064000Z
DTEND:20260424T070000Z
SUMMARY:Opening Day 2
DESCRIPTION:\n
CATEGORIES:CUSTOM_TALK
LOCATION:Lucerna Cinema - MAIN\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:39a3de710f997baf59c5a144f6be9ef5
URL:http://bsidesprg2026.sched.com/event/39a3de710f997baf59c5a144f6be9ef5
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T070000Z
DTEND:20260424T074500Z
SUMMARY:KEYNOTE
DESCRIPTION:\n
CATEGORIES:CUSTOM_TALK
LOCATION:Lucerna Cinema - MAIN\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:7c587a69a1117a7f0e3fe402171a2321
URL:http://bsidesprg2026.sched.com/event/7c587a69a1117a7f0e3fe402171a2321
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T074500Z
DTEND:20260424T081000Z
SUMMARY:Coffee Break
DESCRIPTION:Take a well-deserved pause during our Coffee Break — a perfect moment to stretch your legs\, grab a fresh cup of coffee or a quick snack\, and recharge before the next round of talks. Use this time to move to your selected session\, explore partner booths\, or catch up with familiar faces you haven’t seen since the last event. Whether you’re continuing a deep technical debate or just enjoying a casual hallway conversation\, this break is all about connecting\, refueling\, and getting ready for what’s next at BSides Prague 2026.
CATEGORIES:NETWORKING
LOCATION:All\, Prague\, Czechia
SEQUENCE:0
UID:1eeeb9fd515ae99312722f44021ff6a3
URL:http://bsidesprg2026.sched.com/event/1eeeb9fd515ae99312722f44021ff6a3
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T081000Z
DTEND:20260424T085500Z
SUMMARY:Breaching The Perimeter: The Forgotten Attack Vector That Always Works
DESCRIPTION:Physical security failures still open the door to serious breaches. We show how attackers gain access\, exploit trust\, and bypass controls using real-world scenarios\, including a live server-room door assessment\, and provide concrete steps to harden facilities\, meet regulations\, and reduce risk.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - AUX\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:8894b8b054dda9c475eb2477575939a8
URL:http://bsidesprg2026.sched.com/event/8894b8b054dda9c475eb2477575939a8
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T081000Z
DTEND:20260424T085500Z
SUMMARY:The Agents of Chaos: AI Driven Malware Generation
DESCRIPTION:AI agents are catching wind in offensive security\, now it's the time to focus on malware. An agent that is incharge of the malware creation process directly. From the spark of the idea\, comparing different models\, prompts\, and results\, to the challenges we faced\, improvements\, and actual testing.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - MAIN\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:96ce92de76061de69018f7ac7222356d
URL:http://bsidesprg2026.sched.com/event/96ce92de76061de69018f7ac7222356d
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T090000Z
DTEND:20260424T094500Z
SUMMARY:Abusing the Ordinary: New COM-Based Windows Attack Vectors
DESCRIPTION:This talk explores Windows COM infrastructure from an offensive perspective\, presenting COM hunting methodologies and several previously undocumented attack techniques that enable stealthy code execution and sensitive data access through legitimate system components.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - AUX\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:f8357fe3d666620eb6e5958f6a78aa65
URL:http://bsidesprg2026.sched.com/event/f8357fe3d666620eb6e5958f6a78aa65
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T090000Z
DTEND:20260424T094500Z
SUMMARY:Forked and Owned: Taking Over GitHub Repositories via a single Pull Request
DESCRIPTION:GitHub Actions is broken. Attackers can now enjoy an RCE-as-a-service vector that can lead to significant downstream effects. In this talk\, you will learn how I managed to compromise the repositories of Google\, Microsoft and other Fortune-100 companies\, simply by creating a pull request from a fork.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - MAIN\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:256bab01cbf7c591a35ba661fd0f34e6
URL:http://bsidesprg2026.sched.com/event/256bab01cbf7c591a35ba661fd0f34e6
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T095000Z
DTEND:20260424T103500Z
SUMMARY:Hackerdy
DESCRIPTION:
CATEGORIES:CUSTOM_TALK
LOCATION:Lucerna Cinema - Lounge\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:bc313a1285ff256af692a47192ec7e56
URL:http://bsidesprg2026.sched.com/event/bc313a1285ff256af692a47192ec7e56
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T095000Z
DTEND:20260424T103500Z
SUMMARY:1 Click\, 0 Warnings: Hijacking Mic\, Camera & GPS via Browser UI Blindspots
DESCRIPTION:Browsers lie. Permission prompts show your trusted domain while hidden iframes hijack camera\, mic\, or GPS. This systemic flaw enables surveillance at scale. I’ll demo real exploits\, dissect failed defenses\, and reveal why even Fortune 500 portals remain vulnerable.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - AUX\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:583a91858b0441a6eb8be4ca8a3b2f01
URL:http://bsidesprg2026.sched.com/event/583a91858b0441a6eb8be4ca8a3b2f01
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T095000Z
DTEND:20260424T103500Z
SUMMARY:Mad data science for practical C2 detection - the talk
DESCRIPTION:Are you understaffed and never have enough time for threat hunting? Do you have a C2 beaconing problem on your network? You wish your middle name was automation or machine learning? Well\, look no further! This talk can fit so much data science for C2 detection! *slaps roof of PowerPoint slide deck*
CATEGORIES:TALK
LOCATION:Lucerna Cinema - MAIN\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:92439ff6da49c8155c32bda11bbfdbb1
URL:http://bsidesprg2026.sched.com/event/92439ff6da49c8155c32bda11bbfdbb1
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T103500Z
DTEND:20260424T113500Z
SUMMARY:Lunch Break
DESCRIPTION:Enjoy the Lunch Break as an opportunity to step out\, recharge\, and grab something good to eat at one of the many nearby restaurants and cafés. Please note that lunch is not provided by the conference\, so we encourage you to explore the local options around the venue. You can find a curated list of recommended restaurants in your attendee booklet\, making it easy to choose a spot that fits your taste and schedule. Use this time not only to refuel\, but also to continue conversations with fellow attendees before the afternoon sessions begin.
CATEGORIES:NETWORKING
LOCATION:All\, Prague\, Czechia
SEQUENCE:0
UID:edb6821980a1325d596010af205111d6
URL:http://bsidesprg2026.sched.com/event/edb6821980a1325d596010af205111d6
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T113500Z
DTEND:20260424T123500Z
SUMMARY:Play to Secure: Exploring AI Security Through Games
DESCRIPTION:A hands-on session with the Elevation of Machine Learning Security (MLSEC) game.AI security is a problem no one is qualified to tackle alone\, yet AI is the technology revolution of our time.Large Language Models\, self driving cars\, moon landers\, online companions\, and even your favourite custom cat emojis. All manner of enterprises benefit from AI. Meanwhile\, even our traditional software is under increasing attack with household names held to ransom\, hospital labs closed\, and data leaks becoming an unwelcome fact of life. For those attempting to bring AI and Machine Learning into the enterprise\, it is a minefield. Commands are mixed with data\, biases are systematised and mistakes happen.This is a hands–on workshop where you’ll play the Elevation of MLSEC game\, a new threat modelling experience created by software engineer and security champion\, Elias Brattli Sørensen\, focused on AI and machine learning systems. Working in teams around a shared system architecture\, you’ll explore realistic pitfalls across product\, code\, and QA\, learning how and where security issues emerge in AI-enabled systems.Key takeaways:- Get to grips with the key threats that show up across the ML lifecycle- Learn a hands-on\, team-based way to threat model AI systems- Pick up practical ideas for using games to boost engagement and build a secure-by-design culture
CATEGORIES:CUSTOM_TALK
LOCATION:Lucerna Cinema - Lounge\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:c1384e1b516f6343e7559b0ef3dcdb10
URL:http://bsidesprg2026.sched.com/event/c1384e1b516f6343e7559b0ef3dcdb10
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T113500Z
DTEND:20260424T122000Z
SUMMARY:Beyond classic detections: unlocking the full potential of EDR telemetry
DESCRIPTION:Your EDR collects far more data than its built-in rules use. We'll show how to turn raw telemetry into custom detections for AD attacks like DCSync\, lateral movement\, and recon that default rules miss. We'll even explore if AI can help build new rules. The methodology applies to any modern EDR.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - AUX\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:c717d1f1583e6f5caeb22e68f5d40f64
URL:http://bsidesprg2026.sched.com/event/c717d1f1583e6f5caeb22e68f5d40f64
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T113500Z
DTEND:20260424T122000Z
SUMMARY:Painless IOS App Pentesting
DESCRIPTION:IOS security is getting tighter\, and many mobile pentesters feel locked out as&nbsp\;there is no jailbreak for the latest versions. Entitlements are stricter than ever and traditional dynamic analysis has become much harder. However\, modern&nbsp\;iOS pentesting isn't dead -&nbsp\;it just requires a smarter&nbsp\;approach.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - MAIN\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:54ac2b7ef4347eca6d55361c778b7192
URL:http://bsidesprg2026.sched.com/event/54ac2b7ef4347eca6d55361c778b7192
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T122500Z
DTEND:20260424T131000Z
SUMMARY:Uncovering SAP BTP Attack Vectors\, Before Someone Else Does!
DESCRIPTION:Think SAP BTP is secure by design? Think again. In this red team–driven talk\, we’ll break into BTP using misconfigurations\, over-permissioned services\, vulnerable Kyma flows\, and Cloud Connector shortcuts. Real attack paths. No fluff. Just cloud-native chaos\, with demos.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - AUX\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:c798e10c665c6144aeb97cd7916d7e90
URL:http://bsidesprg2026.sched.com/event/c798e10c665c6144aeb97cd7916d7e90
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T122500Z
DTEND:20260424T131000Z
SUMMARY:What an "Exploitable CVE" Really Means: Moving Beyond CVSS Scores
DESCRIPTION:Most CVEs never become real risks. We explore what makes a vulnerability truly exploitable by examining the economics of offensive research\, the limitations of scoring systems\, and the conditions required for exploitation. Attendees will learn why exploitability is discretional and how to prioritize
CATEGORIES:TALK
LOCATION:Lucerna Cinema - MAIN\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:c319f506744f62854c40cccb2692d2cf
URL:http://bsidesprg2026.sched.com/event/c319f506744f62854c40cccb2692d2cf
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T131500Z
DTEND:20260424T134000Z
SUMMARY:Decoding Chinese State-Sponsored Cyber Activity: Behavioral Models for Early Detection and Effective Threat Hunting
DESCRIPTION:Key Takeaways: A structured approach to behavioral attribution for Chinese state-sponsored activity Case studies illustrating persistent behavioral patterns across varied campaigns Practical behavioral models that can be deployed by any security team to support threat hunting and early detection
CATEGORIES:TALK
LOCATION:Lucerna Cinema - MAIN\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:5dff0e2858961444135c0329ee49bdcc
URL:http://bsidesprg2026.sched.com/event/5dff0e2858961444135c0329ee49bdcc
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T131500Z
DTEND:20260424T134000Z
SUMMARY:LLMs for Vulnerability Fixing: Hype or Reality?
DESCRIPTION:Large Language Models seem ideal for fixing vulnerabilities\, but how effective are they really? This talk explores how context\, knowledge bases\, and inference strategies impact LLM-based remediation\, separating real progress from pure hype.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - AUX\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:fa29f4d00dc17fe013d8c90cda625d30
URL:http://bsidesprg2026.sched.com/event/fa29f4d00dc17fe013d8c90cda625d30
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T134000Z
DTEND:20260424T140500Z
SUMMARY:Coffee break
DESCRIPTION:Take a well-deserved pause during our Coffee Break — a perfect moment to stretch your legs\, grab a fresh cup of coffee or a quick snack\, and recharge before the next round of talks. Use this time to move to your selected session\, explore partner booths\, or catch up with familiar faces you haven’t seen since the last event. Whether you’re continuing a deep technical debate or just enjoying a casual hallway conversation\, this break is all about connecting\, refueling\, and getting ready for what’s next at BSides Prague 2026.\n\n
CATEGORIES:NETWORKING
LOCATION:All\, Prague\, Czechia
SEQUENCE:0
UID:f09c9b1bcedf5085b700609cc8beabe3
URL:http://bsidesprg2026.sched.com/event/f09c9b1bcedf5085b700609cc8beabe3
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T140500Z
DTEND:20260424T145000Z
SUMMARY:Hackerdy
DESCRIPTION:
CATEGORIES:CUSTOM_TALK
LOCATION:Lucerna Cinema - Lounge\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:423f8f6d9c41e5ccb42693cfc1b6ab5f
URL:http://bsidesprg2026.sched.com/event/423f8f6d9c41e5ccb42693cfc1b6ab5f
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T140500Z
DTEND:20260424T143000Z
SUMMARY:From Input to Impact: Prompt Injection in Production Pipelines
DESCRIPTION:Prompt injection is no longer a chatbot trick\, it allowed us to hack Google. As AI agents enter CI/CD and build systems\, untrusted input becomes an execution vector. This talk reveals real-world pipeline exploits affecting Fortune 500 firms and explains why prompt injection is a very real threat.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - AUX\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:5a69d08b96a6c41b159a1bd43cf3027e
URL:http://bsidesprg2026.sched.com/event/5a69d08b96a6c41b159a1bd43cf3027e
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T140500Z
DTEND:20260424T145000Z
SUMMARY:LazarOps: APT Tactics Targeting the Developers Supply Chain
DESCRIPTION:LazarOps is the name of an investigation done by Security Joes that uncovers how Lazarus built a network of fake GitHub accounts\, malicious coding challenges\, and cross-platform tooling to target developers and infiltrate software supply chains.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - MAIN\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:082b9429aeca16da36ab095532daaa42
URL:http://bsidesprg2026.sched.com/event/082b9429aeca16da36ab095532daaa42
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T143500Z
DTEND:20260424T150000Z
SUMMARY:Call Me By Your [User]Name: Modern Identity-Centric Attacks
DESCRIPTION:Forget malware. Attackers are logging in now. Discover the identity-centric attacks\, accelerated by AI and used by threat actors like Scattered Spider to bypass MFA and turn trusted processes into their primary weapon. In a world of smart systems\, vigilance starts with knowing who you’re talking to.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - AUX\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:b6163f8501d539c8c29bd9875b872c66
URL:http://bsidesprg2026.sched.com/event/b6163f8501d539c8c29bd9875b872c66
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T145500Z
DTEND:20260424T154000Z
SUMMARY:RTFM - Read The Fatal Manual: When Documentation Creates Critical Misconfiguration
DESCRIPTION:Misconfigurations persist in enterprises despite widespread awareness - with AD CS being the prime example. This talk explores how vendors guide users into deploying critical misconfigurations\, a large-scale responsible disclosure journey\, and the shared responsibilities between us all.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - MAIN\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:04cd51fc7706b7292bddd504a2abb902
URL:http://bsidesprg2026.sched.com/event/04cd51fc7706b7292bddd504a2abb902
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T150500Z
DTEND:20260424T155000Z
SUMMARY:So You Want to Write a Book? Writing About AI Security For No Starch Press
DESCRIPTION:Ever wondered what it’s like to write a technical book? I’ll share how I wrote an AI security book for No Starch Press—how it started\, what made it so different from a PhD\, the behind-the-scenes work\, and the key lessons I learned for anyone tackling a big creative project.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - AUX\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:9f6f283931fe9feefe7e9461ed5025e0
URL:http://bsidesprg2026.sched.com/event/9f6f283931fe9feefe7e9461ed5025e0
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T155000Z
DTEND:20260424T161500Z
SUMMARY:CLOSING BSIDES 2026
DESCRIPTION:Martin Hron will officially close BSides Prague 2026 with a final wrap-up session marking the end of two days filled with knowledge sharing\, technical deep dives\, inspiring discussions\, and new connections. This closing talk will thank all speakers\, partners\, volunteers\, and attendees who made the event possible\, briefly reflect on the highlights of the conference\, and encourage the community to stay connected beyond the venue walls. The session will smoothly transition into the evening program\, guiding attendees toward the afterparty and the informal afterparty talks that continue the spirit of BSides in a more relaxed setting — because while the conference may be ending\, the conversations are just getting started.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - MAIN\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:630d3ba7217273ac578df7f3715c595e
URL:http://bsidesprg2026.sched.com/event/630d3ba7217273ac578df7f3715c595e
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T163000Z
DTEND:20260424T165500Z
SUMMARY:Airport Security! - S01 E008 - Breaking into your baggage
DESCRIPTION:When we travel with valuable luggage\, we rely on the security of locks\, especially those that are TSA-approved. But\, are they really? In this talk\, we’ll discuss how lock picking techniques\, master keys\, and bypass methods can compromise the security of TSA-approved locks.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - MAIN\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:4f4a9f60cb553c9f6ae44b4a5a670757
URL:http://bsidesprg2026.sched.com/event/4f4a9f60cb553c9f6ae44b4a5a670757
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T171000Z
DTEND:20260424T175500Z
SUMMARY:Last night a DJ erased my drive
DESCRIPTION:Music and security have much in common. Both require a trigger that sets off a series of events. Music can cause destruction and has been used for torture as well for encryption to bypass censorship. Music is also fun and this talk will be an audio-visual journey through cybersecurity.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - MAIN\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:777a545c76c6d709cdcc284010ceda44
URL:http://bsidesprg2026.sched.com/event/777a545c76c6d709cdcc284010ceda44
END:VEVENT
BEGIN:VEVENT
DTSTAMP:20260430T212144Z
DTSTART:20260424T181000Z
DTEND:20260424T185500Z
SUMMARY:The Great Train Robbery - Hacking Like It’s 1855
DESCRIPTION:In his book “The Great Train Robbery” Michael Crichton details a train robbery in 1855 involving a prostitute and scaling buildings. Although these methods are not included in any letter of engagement\, the most famous train robbery of its time has parallels to modern day physical security.
CATEGORIES:TALK
LOCATION:Lucerna Cinema - MAIN\, Vodičkova 704 /36/110 00\, 110 00 Nové Město
SEQUENCE:0
UID:a6e045bedf4f19411cb83fbf9c31ada5
URL:http://bsidesprg2026.sched.com/event/a6e045bedf4f19411cb83fbf9c31ada5
END:VEVENT
END:VCALENDAR