Speakers
ROOTCON 20 brings together researchers, builders, breakers, defenders, and operators sharing practical work from across the security field. Speaker bios and session details will continue to be updated as the program is finalized.

Aden Yap
Aden is a Lead Penetration Tester at BAE Systems DI based in Malaysia, with over 10 years of experience in offensive security. He has successfully led red teaming and advanced penetration testing engagements across multiple industries worldwide, uncovering critical vulnerabilities in both applications and infrastructure. Beyond client work, he actively contributes to bug bounty and vulnerability disclosure programs. His research has led to the discovery of multiple internet-exposed vulnerabilities, earning him 18 CVE IDs to date. He has previously shared his work at ROOTCON, BSides, Nanosec, and RedTeam Hacker Academy conferences.

Alex Bazhaniuk
I serve as the Chief Technology Officer at Eclypsium, and am recognized as a preeminent authority in the spheres of hardware, firmware, and supply chain security, boasting a breadth of experience in research and product development. Over the course of my career spanning over 15 years, I have been at the helm of innovation, spearheading teams at industry-leading organizations such as Eclypsium, Intel, and McAfee.

Altaf Shaik
Dr. Altaf Shaik is a senior researcher at the Technische Universität Berlin in Germany, and conducts advanced research in telecommunications esp. in 6G security architecture, openRAN, and 5G radio access and core network security. He holds more than 13 years of experience in Telecom security and combines a professional background in embedded programming, wireless communications, and offensive network security. Dr. Shaik spent his career as a security engineer and expert at various leading telecommunication companies including Gemalto (currently Thales), Deutsche Telekom (Germany), and Huawei Technologies (Sweden). His PhD research assisted in improving the 3GPP 4G security standards and also exposed several vulnerabilities in commercial mobile networks affecting millions of base stations, networks, and handsets worldwide. His post-doctoral research exposed vulnerable API designs in latest 5G networks and slicing vulnerabilities in the 5G security specifications leading to serious attacks. Dr. Shaik is a frequent speaker and trainer at various prestigious international security conferences such as Blackhat, T2, SECT, Nullcon, Hardware.io and HITB, 44CON, and many others. His accomplishments landed him in the hall of fame of organizations like Google, Qualcomm, Huawei, and GSMA. He is also the founder of Kaitiaki labs and FastIoT that trains internationally various companies and governmental organizations in exploit development and also building secure mobile and IoT networks including their testing and security assessment.

Ariz Soriano
ar33zy
Ariz spearheads the Theos Red Team as an accomplished security consultant with experience in Incident Response, Penetration Testing, and Red Teaming. He has led VAPT and Red Teaming engagements for clients across different regions.
Ariz is also a Senior Content Engineer at TryHackMe and plays an active role in the Philippine security community as founder and lead of the Red Teaming Village at ROOTCON.

Artem Danilov
I have been working as a specialist in banking systems analysis and have been researching mobile and web applications for about three years. In my spare time, I research open source business systems - various helpdesk, erp, and web-based corporate vpn management clients, and have more than 20 CVEs. One of my recent studies is devoted to the study of Secure Email Gateway class security products, which are designed to protect corporate email clients from spam and malicious attachments, however, due to insufficiently strict restrictions in RFC 5322, many SEG products can be circumvented. My report will focus on desynchronizations in MIME parsers.

Arv Arvandy
Arvandy is an offensive security practitioner with over a decade of hands-on experience in adversarial simulation, red teaming, and advanced exploitation. His background spans software, database, and network security, with a primary focus on offensive tradecraft and intrusion emulation.
He holds a Master’s degree in Cybersecurity and industry certifications including OSCE3 and CRTL. His work focuses on modern attack surfaces, including AI-assisted development environments, agent-based systems, and enterprise intrusion modelling.

Davis Zheng
Davis is a cyber threat intelligence practitioner specialising in large-scale threat actor investigations, intelligence infrastructure, and security operations. A multi-time Black Hat and DEF CON speaker, his research spans space systems cybersecurity, information warfare, and national security, with work published in peer-reviewed IEEE venues and academic journals.

Doan Minh Long
Doan Minh Long is a threat analyst with experience in reverse engineering, malware analysis, and tracking threat actors targeting the Southeast Asia region.

Duc Kien Nguyen
Nguyen Duc Kien is a malware analyst at Viettel Cyber Security. He has worked in reverse engineering for 5 years and is a long-time member of the ARESx CTF team.
He specializes in reverse engineering obfuscated malware samples, including Mustang Panda malware, Android obfuscated malware, and .NET obfuscated malware. He has also written tools and blogs to help people deal with obfuscated malware samples, including mwemu, an upgraded version of Scylla for unpacking DLLs, and custom D810 tooling.

Edo Maland
Redho Maland is senior offensive security consultant with over a decade of hands-on experience in penetration testing, adversarial simulation, red teaming, and Active Directory security. He also authored popular open-source tools such as TheFatRat, Sudomy, Brutal, Vegile, and others.
He was invited and recognized as a cyber mentor and subject matter expert by EC-Council and Hack The Box (HTB) for voluntary projects. He holds industry certifications in the offensive security domain including OSCE3, OSCP+, OSWP, CRT(PEO), and eCPTX.
He regularly manages and leads cyber offensive teams, executing complex and unique security engagements to ensure quality and successful outcomes across multiple projects.

Ellwood Thewood
Ellwood has worked in technology for nearly 25 years, beginning as a systems administrator before moving through various technical roles and ultimately focusing on security for the past decade, including several years as a penetration tester. Outside of information and offensive security, he has worked in Technical Surveillance Countermeasures, basic electronics and radio, and served as a Chinese Linguist in the United States Air Force. He also studied French and German, though those skills have faded considerably over time.
Outside of tech, Ellwood enjoys tolerating marathon-distance running, biking, and hiking in the mountains of Colorado. He has created several electronic badges for BSidesSD, Rootcon, and unofficial DefCon events, and has also contributed to other badge projects and CTF challenges.

Hebe Au
Hebe Au is a Senior Offensive Security Consultant with a strong focus on red teaming, advanced penetration testing, and emerging risks in AI security. She has delivered complex offensive security engagements across multiple industries, working with major organizations throughout the Asia-Pacific region.
Her professional experience covers red team operations as well as AI, infrastructure, cloud, web, mobile, API, and wireless security testing. She has also conducted phishing simulations and adversary emulation exercises to assess real-world attack scenarios.
Alongside her consulting work, Hebe actively researches offensive techniques targeting AI and machine learning systems. Her current research focuses on adversarial machine learning and AI penetration testing, with particular attention to how traditional security assumptions can fail as machine learning models become embedded in enterprise systems. She is especially interested in practical exploitation scenarios where AI systems intersect with enterprise infrastructure, software supply chains, and human decision-making.
Hebe holds a Master of Science degree in Data Science and Business Statistics and possesses numerous advanced offensive security certifications, including OSCE3, OSEP, OSED, CRTE, and Certified AI/ML Pentester.

im10n Mikhail
We have released the IPAHound tool. IPAHound is a FreeIPA security analysis tool based on BloodHound. In the report, we will analyze which edges are in it and how to use them. Let's talk about other ways to increase privileges, for example, through the operation of hosts and servers. And let's look at the architectural features of the FreeIPA catalog that were not included in the article.

Jun Miura
Jun Miura is a red team consultant and researcher at Fujitsu LTD, specializing in offensive security, red teaming, and AI/LLM security. His recent research focuses on utilizing and abusing local LLMs from an attacker’s perspective. He has presented research on these topics at conferences including Black Hat Europe, the CERT-EU Annual Conference, and BSides Las Vegas.

Omkar Mali
Omkar Mali is a security researcher and infrastructure and cloud security practitioner with a focus on hardware security, IoT security, automotive cybersecurity, RF protocols, and firmware reverse engineering.
He also leads The Marathi Hackers Group and has conducted security audits for government and private organizations.

Pengfei Yu
BigZaddy
Pengfei is the APJ and SAARC Solutions Architect at Picus Security. He previously worked in GovTech's GCSOC team, where he led the implementation of continuous purple teaming across the Whole-of-Government.
Before that, he served on GovTech's red team, working on VAPT and adversary simulation. He has presented research at conferences including Black Hat USA, Black Hat Asia, DEF CON, SINCON, and ROOTCON.

Priya Patel
Priya Patel currently works as an intern at SEQRITE Labs focusing on security research and threat hunting, publishing research, on various APT groups across the globe and various other incidents. She occasionally loves travelling and cooking

Rick Wesson
Rick thinks bios have become less and less meaningful. You can ask AI to complete them, and might consider just generating them yourself.
He has been on the net since 1988. He is a pilot and a farmer, which has nothing to do with his interest in mathematics or security. He still cannot spell, and that has now become a singular way to identify human-written text.

Salimah Liyakkathali
Salimah Liyakathali works at Accenture within the Global Readiness and Response team, where she focuses on incident response and cyber threat intelligence.
Prior to joining Accenture, she was in academia conducting cybersecurity research in the industrial control systems (ICS/OT) space, focusing on critical infrastructure threats.
She has spoken at multiple cybersecurity conferences, including SANS HackFest Hollywood 2024, where she shares insights on landscapes and research. She is also an independent researcher and an adjunct lecturer.

Smriti Gaba
Smriti is a Senior Security Researcher at Alpitronic, one of the world's leading EV charger manufacturers, where she enhances product security and drives secure design practices for next-generation charging infrastructure. With over 6 years of specialized experience in hardware hacking, IoT security, embedded systems, automotive security, and RF exploitation, she has conducted security evaluations on diverse embedded targets including drones, routers, RF-based smart meters, IoT ecosystems, automotive ECUs, and 5G communication systems. As a technical lead, Smriti has developed and delivered multiple trainings in the hardware security domain. Has been defcon instructor and defcon speaker.

Subhajeet Singha
Subhajeet Singha is a Senior Researcher at Acronis TRU Labs, working around threat intelligence, malware research, and reverse engineering. Subhajeet actively investigates advanced persistent threats (APTs), reverse-engineers complex malware strains, and contributes to research initiatives that improve threat detection & have previously presented researches at Virus Bulletin, FIRST Conference, AVAR and loves biking occasionally.

Sunggwan Choi
Sunggwan Choi is a red team operator currently working in-house on adversary simulation. He began his career at IBM X-Force Red in the U.S., focusing on Active Directory, web, and external network penetration testing. After returning to Korea, he shifted into adversary simulation, with an emphasis on hands-on operations, malware development, and AI-assisted automation. He is also a co-founder of RedRaccoon, South Korea’s open community for offensive security, where he organizes offline meetups, competitions, and free wargames.

Takao Homma
Bio coming soon.

Yeonwoo Park
Yeonwoo Park is a security researcher who has conducted penetration testing engagements for companies in South Korea. He currently works at SK Inc. AX, where he performs penetration testing across SK Group affiliates. He is also part of the research division of SaturnX, a CTF team, where he studies vulnerability research and offensive methodologies related to red teaming. His main interests are red teaming and Active Directory security. He previously identified a security design flaw in the Microsoft Kerberos protocol and presented his research, “Disabled SPN Kerberoasting,” at DefCamp 2025.

Yi Ting Shen
Yi Ting Shen is a university student and full-time cybersecurity engineer with hands-on experience in penetration testing, vulnerability assessments, and AI-driven security tooling.
Their current focus is integrating artificial intelligence into security workflows to enhance threat detection and automate testing processes. They have shared research at conferences and workshops including BSides, SECCON, CYBERSEC, and WordCamp Asia.