9-10th of September 2021

SEC-T 2021 Ticket Release

On Wednesday 23:rd of June 2021 at 20:00 CEST we will be releasing a first batch of 300 tickets for this years SEC-T conference.

The conference is set to take place on the 9-10 of September 2021. We will also be releasing tickets for the SEC-T2ion Training taking place on the 7-8:th of September.

Attendees of the SEC-T2ion Training are eligible for conference tickets.

Should corona restrictions allow us to run a larger conference there will be more tickets released.

Stay tuned…

Date and venue for SEC-T Spring Pub 2020

This years Spring Pub Event will take place on the 23:rd of April at Cafe Opera.

Expect a social hacker event with a few lightning talks and a nice bar setting. The event is free and open for everyone so save the date and spread the word!

See the Spring pub page for future updates.

Recordings from SEC-T 2019

After a lot of hard work from our media team we have now finished cutting and uploading all talks from SEC-T 0x0COMPUTE.

Make sure to check out our youtube playlist for 0x0C!

Last round of talks announced and tickets now sold out (again!)

We’re super happy to announce that we’ve managed to fill the venue with 750(!) people, from 450 last year. This means our tickets are sold out, and we can’t extend it more (we changed our booking so we could fit another 100 a few weeks ago but those are sold out as well). However, tickets might become available in case of cancellations or similar.

For non ticket holders

For you that didn’t manage to get a ticket, fear not! There are still things to do:


The last talks and speakers

We have now finished the CFP proccess. We have accepted and got confirmation from the last few speakers for this year:

Three more talks confirmed, tickets almost sold out

Three more talks

We are happy to announce another three talks for this year:

  1. Operation SoftCell – a global campaign against cellular providers – by Amit Serper, Mor Levi & Assaf Dahan
  2. How to bug hotel rooms – by Dan Tentler
  3. Chinese Police and CloudPets – by Abe

One seat left on Basics of binary exploitation training

A seat on Basics of binary exploitation training has opened up. This is the last training seat we have available so make sure to book it before it’s too late!

Tickets almost sold out

When writing this we have less than 50 tickets left. We expect to be sold out before the conference so if you plan on attending make sure to grab one before we’re out!

Three new talks, trainings sold out

All trainings for 2019 are sold out

We’re both happy and sad to announce that we for the first time have sold all seats to all trainings we have this year! We still have conference tickets left so make sure to grab one before they run out as well!

Three new talks accepted

We now have three more confirmed talks for this year:

Our Call for paper is still open so if you have something you want to talk about make sure to send it in before the 15th of August!

First five accepted speakers

We got a lot of good submissions for the first round of call for papers this year so it was no easy task to decide on the talks. Some were, for different reasons, pushed to a later round but four were accepted this round.

These are the talks we accepted in this first round:

Our Call for paper is still open so if you have something you want to talk about make sure to send it in!

Dark side ops 2: Adversary simulation training

Dark Side Ops 2: Adversary Simulation is the combination of sophisticated, red team trade craft and cutting-edge, offensive development to simulate real-world adversary activities. Challenge yourself to move beyond reliance on the typical “low-hanging exploitable fruit” from 1999 and start thinking, persisting, pivoting, and operating like a sophisticated adversary. Application whitelisting got you down? No problem. Can’t catch that callback? Been there. No touching disk? No worries. Dark Side Ops 2: Adversary Simulation helps participants up their offensive game by sharing the latest in initial access and post-exploitation, defensive countermeasure bypasses, and unique malware code execution techniques.

Dark Side Ops 2: Adversary Simulation builds on Silent Break Security’s Dark Side Ops: Custom Penetration Testing training by furthering participants’ abilities to think, operate, and develop tools just like sophisticated, real-world attackers. If you want to

  1. build confidence in your offensive approach and capabilities,
  2. learn about and implement the techniques of stealthy malware and backdoors, and
  3. achieve the operational results of a sophisticated adversary, then Dark Side Ops 2: Adversary Simulation is for you.

Dark Side Ops 2: Adversary Simulation provides participants with hands-on labs over an intense, two-day course.

Network forensics training

The two-day Network Forensics class consists of a mix of theory and hands-on labs, where students will learn to analyze Full Packet Capture (FPC) files. The scenarios in the labs are primarily focused at network forensics for incident response, but are also relevant for law enforcement/internal security etc. where the network traffic of a suspect or insider is being monitored.

Day 1 – Theory and Practice using Open Source Tools

Day 2 – Advanced Network Forensics using Netresec Tools

The Scenario

The scenario used in the class involves a new progressive Bank, which provides exchange services for Bitcoin and Litecoin. We’ve set up clients and a server for this bank using REAL physical machines and a REAL internet connection. All traffic on the network is captured to PCAP files by a SecurityOnion sensor. In the scenario this bank gets into lots of trouble with hackers and malware, such as:

Class attendees will learn to analyze captured network traffic from these events in order to:

NetworkMiner CapLoader Professional software included FREE of charge

Each attendee will be provided with a free personal single user license of NetworkMiner Professional and CapLoader. These licenses will be valid for six months from the first training day.

Target Audience

Q: Who should attend?
A: Anyone who want to improve their skills at finding evil stuff in full content packet captures.

Q: Who should NOT attend?
A: Those who are afraid of using Linux command line tools.

Training Preparations

Laptop Required
Attendees will need to bring a laptop that fits the following specs:

A VirtualBox VM will be provided on USB flash drives at the beginning of the training. Please note that having a 64-bit CPU and a 64-bit OS is not always enough to support 64-bit virtualization. You might need to enable features such as ”AMD-V”, ”VT-x” or ”Hyper-V” in BIOS in order to run virtual machines in 64-bit mode. You might also need to turn off “Intel Trusted Execution” in BIOS. One way to verify that your laptop supports 64-bit virtualization is to download the SecurityOnion ISO and see if it boots up in VirtualBox.

Basics of binary exploitation training


Binary exploitation is the topic concerning the finding and exploitation of vulnerabilities in low-level code, particularly machine level code. It is usually considered one of the more complex areas of IT security and some of the exploits produced sometimes chain together dozens of moving parts in mind-boggling ways to cause programs to behave in a completely unintended manner. The field is the basis of high-severity exploits such as OS privilege escalation, jailbreaks and browser exploits.

Learning goals and expected outcomes

This two-day training aims to give the participant a deeper understanding of how programs execute and interact with the rest of the system, an understanding of the basic building blocks, terminology and anatomy of binary exploitation as well as hands on experience and creating some basics exploits of their own. It will also cover various protection mechanisms, how they work and how to deal with them. Throughout the course, techniques for finding vulnerabilities, analyzing and turning them into exploits will be covered and practiced in the form of hands on exercises.

After completing the training the student will have a solid foundation from which they can continue exploring the field of binary exploitation and allowing them to start learning advanced topics such as kernel exploitation, different architectures and exploiting real-world software such as browsers and phones. The student will also have a basic understanding of some of the various techniques used for working with analysis and exploitation of programs.

Course contents

The course will cover the following topics will be covered in the course. Topics marked with “*” will be covered as part of the introduction/background without accompanying exercises. Topics marked with “**” are advanced topics covered as part of an introduction into how to proceed after the training.


Below is a rough outline of the planned schedule for the training. This is preliminary and subject to change. A more definitive schedule will be posted prior to the training.

Tools used

We will be using mostly free and open source tools throughout the training. Programs will be debugged with gdb with the pwndbg addon. The exercises can be solved with a programming language of your choice but examples will be presented in Python with the pwntools framework.

The only commercial tool we will use is Binary Ninja which is a reverse engineering platform. A personal non-commercial license for Binary Ninja is included in the price of the training which you get to keep and can, if desired be upgraded to a commercial license. All tools and exercises will be available as a pre-packaged VM/container. Instructions on how to obtain and get it set up on your computer will be provided to all participants ahead of the training.


The student is expected to have basic understanding of computers, programs and operating systems. Some basic programming skills are also required, particularly some basic Python knowledge is very helpful. Finally it is expected that the student can read simple C code and understand very basic concepts of assembler.

The instructor

Carl Svensson is a security professional and hobbyist currently working as the head of security at Swedish healthcare startup, KRY. He is a frequent CTF player for the Swedish top team HackingForSoju and an active member of the Swedish and international security community with a great fondness for a broad range of topics, reverse engineering being one of his favorites. If you have questions about the contents of this training, feel free to get in touch at [email protected]