Security BSides Prague 2026

Internet is big and scary. Let’s ignore all the remote web apps for a while and stay cozy and warm on our localhost. Attack surface of Windows apps is also interesting!


What we’ll look into?

• OS Interaction Technologies: protocol handlers, COM/DCOM, named pipes, MSRPC, NTLM, handles, …

• Userland OS Weaknesses: ACLs, MSI, filesystem, TOCTOU, junctions

• 3 practical exercises on premade lab VMs: protocol handlers, COM and named pipes

After the workshop you should have basic idea of where to poke for cracks in attack surface of Windows apps and where to look for more information. We won’t have time to fully dive deep, but this approach lets us cover more ground and give you references to tear down the curtain hiding the details at your own pace. Who knows - maybe you’ll secure your code against attack surfaces you hadn’t considered or even get your own CVE-2026!


Requirements: laptop with RDP client, ability to write and understand code, basic knowledge of Windows OS (e.g., difference between EXE/DLL, the concept of a process)