Door Open and Registration

Opening remarks

Isao Takaesu (@bbr_bbq)

He is senior engineer in MBSD, involved in research related to the detection of vulnerabilities in Machine Learning (ML) systems and developing cybersecurity products. He has presented his research at hacker conferences such as Black Hat Arsenal, DEFCON DemoLabs and CODE BLUE. In recent years, he has made contributions to education as an instructor at security camps.".

Daiki Ichinose (＠mahoyaya)

He is an engineer and pentester in MBSD. He has over 15 years of work experience, and he uses his know-how to give talks at conferences such as Bsides Tokyo (2018, 2019), JAWS Days 2019, and many others. He enjoys finding vulnerabilities and loves Perl.

BLADE: An Autonomous AI Agent-Based Penetration Testing Tool – Automating the Entire Attack Chain from Attack Surface Discovery to Internal Compromise –

As cyberattacks become increasingly sophisticated and complex, the need for efficient and comprehensive penetration testing has grown significantly. This presentation introduces the design concept, core features, and a live demonstration of BLADE, a penetration testing tool powered by autonomous AI agents.

BLADE automates traditional penetration testing tasks such as privilege escalation and lateral movement. More notably, it enables the AI agent to autonomously execute the entire attack flow—from target discovery to exploitation—without human intervention. The process begins with BLADE’s built-in Attack Surface Management (ASM) module, which gathers publicly exposed servers by analyzing a target company’s name or domain. The collected data is enriched with Whois information, web content, and company-specific knowledge stored in a Retrieval-Augmented Generation (RAG) vector database. Using this information, BLADE automatically classifies whether the servers belong to the target organization.

Based on this classification, BLADE generates a custom password list by inferring likely patterns using the company’s abbreviation, founding year, and other related attributes. It then initiates SSH authentication attempts using the generated list. Once access is gained, BLADE autonomously checks the current privilege level and searches for privilege escalation vulnerabilities using tools such as LinPEAS. If a viable path is found, BLADE exploits it to achieve root-level access, often via cron-based execution or reverse shell techniques.

By automating this end-to-end process, BLADE enables fully autonomous execution of external attack surface identification and internal system compromise. Through the demonstration, this presentation highlights how autonomous AI agents can greatly streamline and enhance the efficiency of penetration testing, making it more scalable and adaptable to evolving threats.

YI-TING SHEN

I am currently working as a Security Researcher at Array Networks. Over the past year, I have presented various cybersecurity-related research topics at domestic and international conferences. I enjoy conducting research, especially focusing on AI/ML applications this year.

By engaging with different technical domains, I aim to solve cybersecurity problems, uncover vulnerabilities across various platforms, and identify new CVE vulnerabilities. I have found vulnerabilities in multiple platforms, including Google products, open-source projects, educational institutions… Learning and research have become the central focus of my life.

Speech record: COSCUP, WordCamp Asia, MOPCON, MWC, CYBERSEC, Hello World Dev Conference, AI Academy Annual Conference, PyCon Korea, SECCON…

Personal website: https://no-flag.com

Allen Chen

I am a cybersecurity researcher and practitioner with a background in penetration testing, security engineering, incident response (IR), and security automation. Over the years, I have specialized in web and mobile application security assessments, honeypot development, SIEM optimization, and security tool automation.

My work includes leading the development of a web log analysis platform and designing security features and workflows for 5G Purple Team platforms, focusing on cyber threat intelligence and advanced security testing.

Additionally, I have hands-on experience in incident response tool development, honeypot deployment, VMware ESXi automation, and have contributed to establishing a mobile security testing lab that meets MAS (Mobile Application Security) standards within my organization. I am proficient in SIEM operations (ArcSight), security forensics.

I am passionate about bridging security research with practical solutions. I have spoken at various conferences, including AWS Summits, sharing insights on cybersecurity trends, best practices, and security automation. My goal is to explore AI/ML applications in security, identify vulnerabilities across platforms, and contribute to the cybersecurity community.

Cyber Commanders: AI’s Autonomous Assault Unleashed

As AI continues to evolve, its applications in cybersecurity extend beyond defense to offensive capabilities. This talk will explore AI-driven autonomous attacks, where AI models independently analyze targets, generate attack plans, and execute offensive operations without human intervention. By integrating multiple AI models within a unified framework, we demonstrate how different AI systems collaborate in real-time to adapt their attack strategies based on live feedback. The session will feature a live demonstration of an AI attack framework running, showcasing the AI’s decision-making process, interactions between models, and real-time execution of attacks. Rather than focusing on specific vulnerabilities, our objective is to highlight AI’s ability to autonomously conduct offensive security operations, raising critical discussions on the ethical and security implications of AI in cyber warfare.

Break

Tripp “cicada” Roybal

Tripp is the founder of TenguSec, CEO of Harmful Stimulus and COW (US companies), as well as CTO of Japan Secure Technologies. Tripp also serves as the Active Cyber Defense Operations Advisor for the Japan Institute for CyberSpace Studies and is author of the 2024 book Pentesting With Kali Nethunter. Previously spoke at CarolinaCon in 2017 (A Pentester’s Intro to ICS/SCADA), AV Tokyo 2023 (Hacker EDC/Intro to Bluetooth and Wifi hacking), and BSides Tokyo 2024. Tripp is the founder and primary organizer of TenguCon, a hacking and cybersecurity conference in Tokyo.

Brainwave Breaches: Hacking the Human Interface

In “Brainwave Backdoors: Hacking the Human Interface,” I will present groundbreaking research on how consumer-grade EEG devices can be used to capture and analyze neural responses that betray private information. Using a budget-friendly headset (such as the NeuroSky MindWave or the InteraXon Muse 2) and open-source analysis tools, I will demonstrate how a simple oddball paradigm can reveal the P300 response—a measurable spike in brainwave activity when a subject recognizes a target stimulus. This talk explores the emerging field of neurosecurity by showing, through live demonstration, that our neural signals can act as an inadvertent backdoor into our most personal data. Attendees will leave with a fresh perspective on the vulnerabilities inherent in human–machine interfaces and an understanding of why our brains, like any other digital system, demand robust protection.

Hiromu Kubiura

I joined Yahoo Japan Corporation (now LINE Yahoo Corporation) as a new graduate in 2023. I am part of the threat analysis team, where I analyze malware popular in Japan and other countries. I gave a joint presentation at Black Hat USA 2023 Arsenal “Z9 - Malicious PowerShell Script Analyzer”.

maline: Unofficial LINE Installer and the Actor Groups

In this presentation, we will discuss the actor groups distributing fake LINE installers for PC versions that have been observed in Southeast Asia and East Asia. The fake LINE installer installs the legitimate LINE application, but then deploys a second stage installer in the background to execute the attack. This method has been observed since around 2022, but it is still being distributed from various fake websites, and we have confirmed the existence of variants of the binary. We will continue to clarify the relationship between the attack method of this malware and the actors distributing it.

masaomi346

He is a member of the Threat Intelligence Project NA4Sec at NTT Communications Corporation, and is involved in the investigation and analysis of various cybercrimes, with a focus on phishing scams. He disseminates information about phishing sites on social networking sites.

Classification of developers according to the characteristics of their phishing kits

Phishing kits, which are tools for building phishing sites, have functions that gather information about victims and functions that hinder analysts’ analysis. In order to save development time, the functions implemented once are sometimes reused in other phishing kits. For this reason, there are phishing kits with the same features implemented in the same way, even if they are from different vendors. This becomes a characteristic of the developer, so that the developers can be classified as a single phishing kit family. In this talk, we will analyze phishing kits pretending to be Japanese brands, classify the developers based on the characteristics of the functions they have implemented, and share the lessons we learned in a way that can be used in CTI and other areas.

Break

Mr.Rabbit

Former penetration tester, currently working to protect everyone’s peace of mind while also working on cybersecurity as a hobby. In the past, I have presented my own tools at various events. Recently, I have been studying military history and tactics as part of my hobby. I like alcohol, and the vulnerability of alcohol injection has not been fixed yet.

Ochoushimon (御調子門) -AZAZEL system- : Tactical Delaying Action via the Cyber-Scapegoat Gateway

Have you heard of the term “delaying action”? This is a defensive military action in which defensive forces continue to fight for as long as possible without being involved in a decisive battle that involves the risk of retreat, in order to delay the advance of the enemy. Modern cyber attacks are fast and automated, and the risk of attackers reaching assets in a short time is increasing. For this reason, it is necessary to adopt the concept of “delaying action” in cyber warfare as well.

We have developed the “Ochikomon -AZAZEL system-” that incorporates this concept. This system uses a technology called “scapegoat-type decoy”, and it achieves “delaying action” that was not possible with conventional honeypots. It is also built on the Raspberry Pi 5 platform using OSS, so it can be easily introduced anywhere, such as in a workplace lab environment, at home, at a VPN exit, or in a CTF training environment.

Through this talk, I hope that the audience will be exposed to the idea that “defending is about buying time”. I hope that they will try to actually implement tactical defenses that deliberately accept attacks and delay them, rather than just stopping them, and control the actions of the attackers. I also hope that they will think about applying deception and delay to their own environment and organization, and take the first step towards creative cyber defense.

Tatsuya Hasegawa

Threat hunter and data visualization developer. Holds certifications including CISSP, CISA, GSP, GX-FA, GX-FE, GX-IH, GREM, GCIH, GCFA, GCFE, GNFA, GMOB, GXPN, and GPEN. Board member of the ISACA Nagoya Chapter, committee member of SECCON Open Conference, and contributor to msticpy.

Threat Hunting with better Data Visualization

When conducting threat hunting on event data accumulated in a SIEM, the filtering stage is the most critical. Given limited time and resources, it’s essential to reduce the volume of data that requires human review in order to detect suspicious events or potential threats effectively. Once suspicious events are identified, further deep-dive analysis tends to be less complex and more automatable compared to the initial filtering. During the filtering stage, preprocessing techniques such as rare value extraction and noise reduction are applied, and data is visualized through various charts and graphs to facilitate analysis. Because threat hunting is flexible, there’s often a dilemma: how much should be broadly visualized and how much should be shown in detailed data form? This presentation shares insights—grounded in the speaker’s experience—on the ambiguous boundary of one abstract yet crucial question: “Do you sufficiently understand the data?” Additionally, it includes findings on how much data visualization can be streamlined using generative AI, aiming to support threat hunters in leveraging data visualization as a powerful tool.

Yusuke Nakajima

Joined NTT DATA Group in 2019, selling solutions in image processing and natural language processing as a sales representative. Transferred to the company’s CSIRT team “NTTDATA-CERT” in April 2023, engaging in incident response, IoC collection and distribution, Threat hunting, and streamlining CSIRT operations using LLMs. Also deeply interested in offensive security activities such as C2 framework development, OSS vulnerability research (6 CVEs identified), and participation in bug bounty programs. CISSP, OSTH, JSAC 2025 Speacker.

SigmaOptimizer: LLM-Enhanced Detection Rule Workflow

Sigma rules are the cornerstone of threat detection, but creating effective rules requires a deep understanding of attack methods and a great deal of time and effort. Recently, much attention has been paid to methods for automatically generating Sigma rules from threat reports using Large Language Models (LLMs), but the following issues have also been highlighted

Accuracy and reliability issues: Rules that are not based on actual logs run the risk of false positives and omissions due to LLM hallucinations.

Delay in detection: Threat reports are published with some delay after an attack occurs, so responses based on them inevitably have a time lag, increasing the risk of incidents.

In this session, we will introduce SigmaOptimizer", which we have developed to overcome these issues. SigmaOptimizer is an innovative tool that automatically generates Sigma rules, performs syntax checking, verifies detection effectiveness, and evaluates false positives by combining actual logs and LLM. It also has a rule enhancement feature that supports command obfuscation and improves resistance to evasion techniques.

In addition, by interfacing with MITRE Caldera, it is possible to automatically execute various attack techniques and automatically generate and evaluate Sigma rules from the resulting logs. This significantly reduces the time required to generate rules and increases the realistic threat coverage.

Break

Charles Green

Charles Green is the founder of Lean Security, where he provides security training, advisory, and testing services. A former 2x CISO with deep experience in fintech, he has spent his career building and leading cloud security, red, and blue teams. His current focus is on securing multi-agent AI systems and delivering hands-on security training. Based in Japan for over 18 years, Charles is an active member of the fintech and cybersecurity community.

Threat Modeling with Multi-Agent AI

Threat modeling is essential, but it’s often slow, frustrating, and incomplete. Documentation is outdated, architecture diagrams are missing, and worst of all, confident and helpful engineers give you the wrong information.

This talk explores how multi-agent AI systems can automate core parts of the threat modeling process by extracting live data from cloud metadata, architecture diagrams, and documentation, then mapping it to STRIDE risks. These agents work together to uncover inconsistencies, reduce guesswork, and generate testable outputs for security teams.

Rather than relying on static templates or tribal knowledge, this approach builds a live, accurate view of your system. You’ll leave with practical ideas to make threat modeling faster, more reliable, and easier to scale.

Larry Trowell

Larry is a Director at NetSPI responsible for leading and executing IOT/Embedded Penetration Testing and researching new security techniques to ensure the safety of embedded systems. Larry has a master’s degree in mathematics with emphases on Computer Science and Artificial Intelligence from Georgia Southern University. He has worked with several Fortune 250 companies both as an embedded systems engineer and security expert focused on medical devices. He has aided in the design and security of multiple devices in the Automotive, Financial, Medical, Wireless, and Multimedia spectrums, has been published in medical journals, and has spoken at conferences all over the globe. Larry has extensive knowledge of the design of various bare metal and low-level embedded devices.

Sam Beaumont

Sam Beaumont (PANTH13R) is the Director of Transportation, Mobility, and Cyber-Physical Systems at NetSPI, Sam is at the forefront of developing and delivering technical strategies and solutions for Hardware and Integrated Systems at NetSPI. With a career spanning 10+ years in tech and cybersecurity, Sam has established a formidable reputation for hacking anything with a chip – from hardware and embedded systems to all things that “fly, sail, or drive”. Her extensive expertise provides NetSPI customers with unmatched technical leadership, depth, and delivery excellence in advisory and cybersecurity services, ensuring assets existing in physical spaces are fortified against evolving threats. In previous roles, Sam has served in a technical capacity as an offensive security Principal Consultant, Red Teamer, Exploit Developer, Vulnerability Researcher, and more. She has continually demonstrated a unique ability to bridge the gap between business, regulatory needs, and the most prevalent theoretical vulnerabilities. Sam’s commitment to the cybersecurity community and approach to tackling cyber-physical systems has cemented her status as a practical thought leader in the field. Through continued research, speaking engagements, and mentorship, Sam is dedicated to pushing the boundaries of what’s possible for women in cybersecurity, ensuring a safer, more diverse future for those who wish to secure technologies.

Laser Beams & Light Streams: Letting Hackers Go Pew Pew, Building Affordable Light-Based Hardware Security Tooling

Stored memory in hardware has had a long history of being influenced by light, by design. For instance, as memory is represented by the series of transistors, and their physical state represents 1’s and 0’s, original EEPROM memory could be erased via the utilization of UV light, in preparation for flashing new memory.

Naturally, whilst useful, this also has proven to be an avenue of opportunity to be leveraged by attackers, allowing them to selectively influence memory via a host of optical/light-based techniques. As chips became more advanced, the usage of opaque resin was used as a “temporary” measure to combat this flaw, by coating chips in a material that would reflect undesirable UV.

Present day opinions are that laser (or light) based hardware attacks, are something that only nation state actors are capable of doing; due to both limitations of cost in tooling as well as personnel expertise required. Currently, sophisticated hardware labs use expensive, high frequency IR beams to penetrate the resin.

This project demonstrates that with a limited budget and hacker-and-maker mentality, similar results can be obtained at a fraction of the cost, from the comfort of your home or garage. With the modifications of an opensource low-cost microscope, addition of a home-built beam splitter and interchangeable diode laser, it has been shown that consumer-grade diodes are capable of producing results similar to the high-cost variants, such as the YAG lasers.

By leveraging more inexpensive technology alternatives, we have embarked on a mission to unveil hardware malware, detect supply chain chip replacements, and delve into the realm of laser logic state imaging. Our approach integrates optics, laser selection, and machine learning components.

Rick de Jager

Rick and Carlo are part of the Pwn2Own team “PHP Hooligans”. They have competed in five editions of Pwn2Own, exploiting a wide range of targets including routers, printers, and automotive targets. Aside from Pwn2Own, Rick is an avid CTF player, having competed as part of 0rganizers and ICC’s team Europe.

Carlo Meijer

Carlo is a founding partner of the boutique security consultancy firm Midnight Blue and is most known for his research into TETRA, the MIFARE Classic Crypto1 RFID cipher, and the security of self-encrypting drives.

Dialing into the Past: RCE via the Fax Machine – Because Why Not?

In this talk, we’ll show you how we leveraged a printer bug that we found at Pwn2Own Ireland to gain remote code execution. Over its fax interface. You might think, “Who cares about faxes?” – but what if I told you that lurking within this vintage feature is a potential pathway for remote code execution? We’ll walk through the memory corruption that made this possible, how we shaped the heap through an archaic interface, and the unexpected challenges of porting a modern PDF exploit to a decades-old fax protocol—and not to mention the hundreds of hours spent poring over soul-crushing, ancient specifications just to make sense of it all. That’s right, while everyone else is busy patching the latest vulnerabilities in trendy software and half the world is obsessed with cloud security, we’ll be having a blast with tech that should’ve been retired to the attic long ago, exploiting a feature that’s older than some of the attendees!

Closing remarks

Networking and Door Close

After Party