{"$schema": "https://c3voc.de/schedule/schema.json", "generator": {"name": "pretalx", "version": "2024.2.1"}, "schedule": {"url": "https://cfp.dragonsec.si/dctf26/schedule/", "version": "1.2", "base_url": "https://cfp.dragonsec.si", "conference": {"acronym": "dctf26", "title": "DCTF26", "start": "2026-03-21", "end": "2026-03-22", "daysCount": 2, "timeslot_duration": "00:05", "time_zone_name": "Europe/Ljubljana", "colors": {"primary": "#1B517D"}, "rooms": [{"name": "PA", "guid": "da915239-c932-5fae-9774-072bfd5d2dbb", "description": "PA in Building X", "capacity": 300}, {"name": "P1", "guid": "abd9cffa-cb43-5526-854a-b961abe283cd", "description": "P1 at FRI", "capacity": 200}], "tracks": [], "days": [{"index": 1, "date": "2026-03-21", "day_start": "2026-03-21T04:00:00+01:00", "day_end": "2026-03-22T03:59:00+01:00", "rooms": {"PA": [{"url": "https://cfp.dragonsec.si/dctf26/talk/R8ZTV9/", "id": 28, "guid": "61f604d7-4300-5e1b-a7d9-a600b88798e6", "date": "2026-03-21T10:00:00+01:00", "start": "10:00", "logo": null, "duration": "00:25", "room": "PA", "slug": "dctf26-28-don-t-let-them-break-you-a-ctf-infrastructure-whitepaper", "title": "Don't let them break you: a CTF infrastructure whitepaper", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Most infrastructure is built to be used; CTF infrastructure is built to be abused. When your user base consists of hundreds of hackers armed with weaponized 1-days and a competitive drive to bypass your guardrails, \"standard\" scalability and security models fall apart.\r\n\r\nDrawing from two years of organizing on-site jeopardy competitions for several hundred participants, this talk deconstructs the unique intersection of high-concurrency DevOps and aggressive hardening. We will explore the \"war stories\" of managing real-time exploits, mitigating flag-sharing, and maintaining a satisfactory user experience in this unique and challenging environment.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "a44899ef-6325-5060-ad3e-4eb76035fb8a", "id": 35, "code": "GAWLRY", "public_name": "Rok \u0160tular", "avatar": "https://cfp.dragonsec.si/media/avatars/eh1_uMrW1lz.png", "biography": "Rok is a software engineer and cybersecurity enthusiast currently completing his Master of Computer Science at Delft University of Technology. A seasoned CTF competitor with numerous podium finishes in both national and international arenas, Rok bridges the gap between offensive security and robust engineering. His experience organizing large-scale CTF events has given him a unique, \"under-the-hood\" perspective on building systems that are as secure and scalable as they are reliable.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.dragonsec.si/dctf26/talk/YARFSQ/", "id": 23, "guid": "db46e56c-9773-502a-9a37-6cdb2bc10f13", "date": "2026-03-21T10:30:00+01:00", "start": "10:30", "logo": "https://cfp.dragonsec.si/media/dctf26/submissions/YARFSQ/311604688_661737755313270_3392773489265245707_n_C2duqzI.jpg", "duration": "00:25", "room": "PA", "slug": "dctf26-23-how-do-we-effectively-communicate-about-infosec-", "title": "How do we effectively communicate about INFOSEC?", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "What is our responsiblity to the public, when it comes to talking about INFOSEC. Do we need to dazzle people with our tech brilliance? Do we need to show them how cool and nerdy we are? Do we need to scare the bejesus out of them? Probably, none of the above. Join me in this informal session and we can talk about it :).", "description": "I will talk about some recent experiences and about how, in our field, we seem to be constantly going for shock and awe, rather than lowering the blood pressure of everyman. We should also discuss people skills, when it comes to voncersing with fellow humans.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "4ef51d6c-de28-5402-86c2-a582f63ae20e", "id": 11, "code": "KWQFJN", "public_name": "David  Modic", "avatar": "https://cfp.dragonsec.si/media/avatars/misch_resize_X384c0Q.jpg", "biography": "assistant professor of INFOSEC at FRI. https://david.modic.org", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.dragonsec.si/dctf26/talk/33KECY/", "id": 36, "guid": "155a22e1-8408-5f97-9054-349fc8abc729", "date": "2026-03-21T11:30:00+01:00", "start": "11:30", "logo": "https://cfp.dragonsec.si/media/dctf26/submissions/33KECY/CYBER-SEC_GNFwbzQ.png", "duration": "00:25", "room": "PA", "slug": "dctf26-36-from-beginner-to-pro-hacker-practical-approach-to-offensive-security-training", "title": "From Beginner to Pro Hacker: Practical Approach to Offensive Security Training", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "This session addresses the gap between theoretical knowledge and practical offensive security skills by presenting a hands-on training methodology based on realistic lab environments. It focuses on core techniques such as enumeration, exploitation, and post-exploitation, emphasizing the ability to chain vulnerabilities into complete attack paths. Drawing from recent penetration testing experience, it highlights how legacy systems and misconfigurations continue to expose modern infrastructures to compromise.", "description": "Transitioning from theoretical knowledge to practical offensive security skills remains a significant challenge for many learners. While concepts are widely documented, the ability to apply them in realistic environments is often missing.\r\nThis session presents a methodology for developing hands-on skills through controlled lab environments that simulate real-world infrastructures. The focus is on core offensive techniques, including enumeration, vulnerability identification, exploitation, and post-exploitation, with an emphasis on chaining weaknesses into meaningful attack paths.\r\nDrawing from recent penetration testing experience, including the discovery of vulnerabilities, the session highlights how legacy systems and misconfigurations continue to introduce exploitable conditions in modern networks.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "051b4129-e26a-5bb1-9949-677fb78ef248", "id": 17, "code": "AE8AZZ", "public_name": "\u017dan Urban\u010di\u010d", "avatar": "https://cfp.dragonsec.si/media/avatars/foto_Zan_R1QuMKP.jpg", "biography": "\u017dan Urban\u010di\u010d is the Co-Founder and Technical Director of CYBER-SEC d.o.o., a Slovenian cybersecurity company specializing in penetration testing, red teaming, and advanced security solutions. In his role, he leads the development and implementation of cutting-edge cybersecurity strategies, ensuring high standards of protection for digital infrastructures.\r\n\u017dan is an experienced ethical hacker and cybersecurity specialist with a strong focus on offensive security, vulnerability assessment, and real-world attack simulations. Over the course of his career, he has conducted more than 100 penetration tests across various industries, including finance, healthcare, and critical infrastructure.\r\nHe holds multiple industry-recognized certifications and has hands-on experience with advanced security technologies, SIEM systems, and XDR solutions. \u017dan has also participated in international cybersecurity exercises such as NATO\u2019s Locked Shields and Crossed Swords, gaining practical experience in large-scale cyber defense and attack scenarios.\r\nIn addition to his technical work, \u017dan is an active speaker and educator, sharing his expertise at conferences and professional events. His work focuses on identifying vulnerabilities, strengthening security postures, and helping organizations defend against modern cyber threats.", "answers": []}, {"guid": "3b1bd0d5-2c94-5b5f-a6c8-3aadb7c4a2a7", "id": 19, "code": "3EVZMU", "public_name": "Danijela \u0160antak", "avatar": "https://cfp.dragonsec.si/media/avatars/foto_DaniLinked_LR2OkDj.jpg", "biography": "With extensive experience in technology, business, and cybersecurity, I currently serve as Business Director at CYBER-SEC, where I leverage my expertise in artificial intelligence, internet security, and teamwork to drive impactful solutions. My work focuses on fostering collaboration, building strong partnerships, and developing strategies that align with long-term organizational goals.  \r\n\r\nCertified in ethical hacking and penetration testing, I combine technical acumen with a strategic mindset to bridge the gap between complex cybersecurity challenges and actionable outcomes. Passionate about empowering teams and creating meaningful solutions, my mission is to advance innovation and growth in a rapidly evolving digital security landscape.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.dragonsec.si/dctf26/talk/NZGV7M/", "id": 25, "guid": "7f227f65-3d4e-5999-8213-2b46d15ed5d0", "date": "2026-03-21T12:00:00+01:00", "start": "12:00", "logo": null, "duration": "00:50", "room": "PA", "slug": "dctf26-25-compliance-of-electronic-products-in-the-eu-from-electrical-safety-and-emc-to-cybersecurity-under-red", "title": "Compliance of Electronic Products in the EU: From Electrical Safety and EMC to Cybersecurity under RED", "subtitle": "", "track": null, "type": "Lecture", "language": "en", "abstract": "This lecture presents an overview of the key EU product directives governing electronic and electrical equipment: the Low Voltage Directive (2014/35/EU), the Electromagnetic Compatibility Directive (2014/30/EU), and the Radio Equipment Directive (2014/53/EU). It outlines their essential requirements, conformity assessment procedures, and the role of harmonised standards in achieving CE marking.\r\nSpecial attention is given to cybersecurity obligations introduced under the Radio Equipment Directive through Delegated Regulation (EU) 2022/30. The lecture explains how cybersecurity, network protection, and personal data safeguards are now formal compliance requirements for connected and radio-enabled devices, and how these requirements impact design, risk assessment, technical documentation, and lifecycle management.\r\nThe session highlights the interaction between electrical safety, EMC, and cybersecurity within a unified compliance strategy for modern electronic products.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "1026d114-430b-5be2-bff1-2ea518bbda57", "id": 33, "code": "MCCETC", "public_name": "Marko Jankovec", "avatar": "https://cfp.dragonsec.si/media/avatars/Osebna_PV_sMT4ZM4.jpg", "biography": "Marko Jankovec received the B.S. and Ph.D. degrees in electrical engineering from the Faculty of Electrical Engineering, University of Ljubljana, Ljubljana, in 1999 and 2004, respectively.\r\nFrom 2004 to 2016, he was a Teaching Assistant with the University of Ljubljana, where he is currently a Professor. He was a Guest Research Scientist with PV-LAB, Ecole Polytechnique F\u00e9d\u00e9rale de Lausanne, Neuchatel. Switzerland. His main research field is measurement techniques and systems for long-term reliability and performance assessment of photovoltaic cells, modules, and systems.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.dragonsec.si/dctf26/talk/PLTQ8Z/", "id": 29, "guid": "6ffeae90-f233-571a-9bf7-98f577ae5157", "date": "2026-03-21T14:30:00+01:00", "start": "14:30", "logo": null, "duration": "00:25", "room": "PA", "slug": "dctf26-29-zero-to-rce-in-a-weekend-fuzzing-old-games-for-memory-corruption", "title": "Zero to RCE in a Weekend: Fuzzing Old Games for Memory Corruption", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Mid-2000s videogames are a great target for finding RCE exploits. They were written in a different era, when things like ASLR and DEP were still seen as useless luxuries that just tank performance. Besides, who is gonna go through the effort to set up a fuzzer for these ancient games?\r\n\r\nIn this talk we'll pick a classic 2000's game, go over the process of fuzzing the game's server with a very fancy snapshot fuzzer, and fuzzing the client with the dumbest possible bit-flipper I could write in an hour. Both of these approaches lead to bugs that we'll exploit for remote code execution.", "description": "", "recording_license": "", "do_not_record": true, "persons": [{"guid": "237313ae-154b-56a8-921f-6f72f2332cbf", "id": 36, "code": "EQKWZA", "public_name": "Rick de Jager", "avatar": "https://cfp.dragonsec.si/media/avatars/001_rtrNHyC.jpg", "biography": "Rick is a part of the Pwn2Own team \"PHP Hooligans\". He has competed in five editions of Pwn2Own, exploiting a wide range of targets including\r\nrouters, printers, and automotive targets. Aside from Pwn2Own, Rick is an avid CTF player, having competed as part of 0rganizers and ICC's team\r\nEurope.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.dragonsec.si/dctf26/talk/9LETXX/", "id": 24, "guid": "bdb4a770-695a-5d27-befc-bc83b64d77db", "date": "2026-03-21T15:00:00+01:00", "start": "15:00", "logo": null, "duration": "00:25", "room": "PA", "slug": "dctf26-24-unfaithful-claims-breaking-6-zkvms", "title": "Unfaithful Claims: Breaking 6 zkVMs", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "A Zero Knowledge Virtual Machine verifier should be faithful to one thing above all else: its public claims. That is, the proof of a statement should depend on the statement itself. As it turns out, this is not always the case, which can lead to disastrous consequences. In this talk, we will take a journey through six systems where we discovered critical vulnerabilities caused by such issues. Learn how a subtle ordering bug or a tiny omission can let an attacker bypass the cryptography entirely and prove mathematically impossible statements.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "9801b267-9399-5314-a7ac-8b220254fd78", "id": 7, "code": "YFWGSY", "public_name": "Andra\u017e Strgar", "avatar": "https://cfp.dragonsec.si/media/avatars/20251114_091858_ngb8bmP.jpg", "biography": "Andra\u017e is an auditor and security researcher at OtterSec, focusing on securing cryptographic implementations of blockchain projects. He is also an active CTF player for DragonSec SI, 0rganizers and ICC Team Europe.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.dragonsec.si/dctf26/talk/QWPGK3/", "id": 27, "guid": "6e4c4bbe-b61a-532e-b215-c0323d86b18a", "date": "2026-03-21T15:30:00+01:00", "start": "15:30", "logo": null, "duration": "00:25", "room": "PA", "slug": "dctf26-27-anonymous-credentials-for-next-generation-rate-limiting-from-linear-to-constant-size-issuance", "title": "Anonymous Credentials for Next-Generation Rate Limiting: From Linear to Constant-Size Issuance", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Anonymous credentials are a critical building block for privacy-preserving systems, from EU digital wallets to privacy-respecting authentication schemes. At the IETF, however, they address efficient rate limiting in the presence of CAPTCHA-based human verification.\r\nCurrent rate limiting systems use blind signatures or OPRFs to issue batches of rate-limiting tokens post-CAPTCHA. While cryptographically sound, this approach incurs communication complexity linear in the number of tokens issued, a significant bottleneck when handling large token batches.\r\nThe talk presents two proposals to reduce the token issuance to constant-size communication regardless of batch size, and shows how to combine them to get parallel, revocable tokens \r\nThe talk will cover the cryptographic foundations, discuss trade-offs between revocation expressiveness and issuance efficiency, and examine deployment challenges. We'll also explore an interesting secondary application: extending rate limiting to adaptive systems (LLMs, bots) that must solve CAPTCHAs, where the same credential mechanism enables fine-grained behavioral constraints beyond simple token budgets.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "646beef0-e5da-5f3c-b677-609bd04db529", "id": 34, "code": "8HHRCJ", "public_name": "Lena Heimberger", "avatar": "https://cfp.dragonsec.si/media/avatars/signal-2026-03-14-140926_002_5Fj3Wjj.jpeg", "biography": "Lena Heimberger is a cryptographer working on practical and post-quantum privacy for the web. She currently works at Graz University of Technology. She interned with Cloudflare in 2024 and 2025.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.dragonsec.si/dctf26/talk/TNAZ7R/", "id": 26, "guid": "549b2c03-ad8e-5fdf-9eb5-ef83266d0025", "date": "2026-03-21T16:30:00+01:00", "start": "16:30", "logo": null, "duration": "00:50", "room": "PA", "slug": "dctf26-26-when-correct-code-leaks-secrets-side-channels-explained", "title": "When Correct Code leaks Secrets: Side Channels Explained", "subtitle": "", "track": null, "type": "Lecture", "language": "en", "abstract": "In the real world, computer exploits are often simple: Logic bugs, forgotten bounds checks, or less-adept users typing their passwords into sketchy websites.\r\nBut what if we had a world full of flawless code, Rust-only programs, and completely security-aware end users?\r\n\r\nUnfortunately, we still would not be secure.\r\nModern systems leak information in many ways, including performance optimizations or unavoidable limitations in hard- or software.\r\nExecution time, memory access patterns, power usage, and other indirect effects can allow attackers to infer information and extract secrets, even from correctly implemented systems.\r\n\r\nIn this talk, we look at examples of different attacks exploiting behavior of the CPU architecture, microarchitecture, the Linux kernel code, and common applications that are running on your machine _right now_.\r\nWe will see that many side channels are caused by important performance optimizations, making them fundamentally difficult to eliminate.\r\n\r\nThis talk aims to demystify side channels and give an intuition on how they work, where they appear, and why even \"correct\" code is not necessarily secure.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"guid": "34f1db01-74c0-5591-b1c7-63e5164bb10c", "id": 30, "code": "MNT9PP", "public_name": "Hannes Weissteiner", "avatar": "https://cfp.dragonsec.si/media/avatars/weissteiner-hannes-400x400_0XbpDOR.jpg", "biography": "I am a PhD Student in the CoreSec Group at the Institute of Information Security of Graz University of Technology.\r\nMy research area is side-channel attacks and defenses.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.dragonsec.si/dctf26/talk/9EU38Y/", "id": 31, "guid": "3f8a8412-dfe9-500d-a884-0aea4b0a2645", "date": "2026-03-21T17:30:00+01:00", "start": "17:30", "logo": null, "duration": "00:25", "room": "PA", "slug": "dctf26-31-how-can-one-do-security-in-a-fully-modular-kernel-", "title": "How can one do security in a fully modular kernel?", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "I mean, let's be real, a fully modular kernel? sounds awesome, you know what's not so awesome? Trying to think of a security architecture for it!", "description": "This talk will cover some of the classic methods of security when it comes to kernels and operating systems, then it will throw those backward ideas out of the window because basically none of them are compatible with my idea of a fully modular kernel! but then you might ask, a fully modular kernel? Well i've been working on this \"side\" project in my free time for quite a while, it's a custom kernel where (almost) all components of the kernel are loadable modules, that means you can switch out parts of your kernel whenever you want! Which sounds perfectly awesome, but just so happens to be a security nightmare! In any other currently popular operating system allowing any user to load kernel modules is a terrible idea, but maybe it doesn't have to be in my custom kernel?", "recording_license": "", "do_not_record": true, "persons": [{"guid": "67ccc68d-e4bd-5644-9c26-65063d9f660c", "id": 38, "code": "LZNFDT", "public_name": "Andra\u017e Rotar", "avatar": null, "biography": "full-time employed working on my projects, part-time professional recreational programmer and quarter-time student", "answers": []}], "links": [], "attachments": [], "answers": []}, {"url": "https://cfp.dragonsec.si/dctf26/talk/ULRU9Q/", "id": 38, "guid": "0fbee1f0-fc9e-5ffa-ac3b-8afc3af65a2d", "date": "2026-03-21T18:00:00+01:00", "start": "18:00", "logo": "https://cfp.dragonsec.si/media/dctf26/submissions/ULRU9Q/Actual_IT_GROUP_hor_rgb_300dpi_FCY0q42.jpg", "duration": "00:25", "room": "PA", "slug": "dctf26-38-capture-the-flag-in-soc", "title": "Capture the Flag in SOC", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "What does cybersecurity look like in practice? This lecture shows how Capture the Flag challenges build practical SOC skills, analytical thinking, and teamwork under pressure.", "description": "What does cybersecurity look like in practice? Through the Capture the Flag approach, the lecture will show how threat detection, incident analysis, and finding the right answers under time pressure take place in a SOC environment. Participants will learn why these types of challenges are important for developing practical skills, analytical thinking, and effective teamwork.", "recording_license": "", "do_not_record": false, "persons": [{"guid": "1cf55cfd-c364-545e-b4e1-6351d3ff457b", "id": 39, "code": "LVTRSP", "public_name": "Peter Hutinski", "avatar": null, "biography": "vodja SOC-a  ACTUAL I.T.", "answers": []}, {"guid": "5c4ec08f-efde-5b8a-a948-d356064c71ae", "id": 40, "code": "JAK3MW", "public_name": "Peter Pavkovi\u010d", "avatar": null, "biography": "direktor infrastrukture in re\u0161itev v oblaku v ACTUAL I.T.", "answers": []}, {"guid": "e9d6f020-3547-5ae1-9390-3a7cebc72e25", "id": 41, "code": "BQLYYY", "public_name": "Matic \u0160ebjan Ogrizek", "avatar": null, "biography": "analitik v SOC-u  ACTUAL I.T.", "answers": []}], "links": [], "attachments": [], "answers": []}]}}, {"index": 2, "date": "2026-03-22", "day_start": "2026-03-22T04:00:00+01:00", "day_end": "2026-03-23T03:59:00+01:00", "rooms": {}}]}}}