Show threadGerhard KlostermeierDec 26
@ttdennis @willnix Was there at #Troopers25. Looking forward to the update. Really great work!
Show threadwiizarrrdDec 25

@rebane2001 I saw this talk about CSS attacks at #troopers25 :

https://youtu.be/Owp-mHUyg9I?si=9VnryDlXzKcpyLHh

TROOPERS25: Scriptless Attacks - Why CSS is My Favorite Programming Language

YouTube
danNov 30

Talks from #TROOPERS25 are up
@WEareTROOPERS

https://youtube.com/@trooperscon

TROOPERS IT Security Conference

Welcome TROOPER, on our channel you will find talks and impressions around the ITsecurity conference TROOPERS in Heidelberg, hosted by ERNW.  Enjoy the talks of the last years and exchange with the community, because WEareTROOPERS. 

YouTube
securefirmwareNov 27

We had the joy of being part of the beautiful #TROOPERS25 security conference in June this year.
The recording of our talk "SBOMs the right way" is now available.

Check it out here https://youtu.be/ecr_ar8o8R8?si=CG1U7MSeC84xfL3l

Fabian BaderNov 27

@_dirkjan and my joint talk at #TROOPERS25 is now available on YouTube.

"Finding Entra ID CA Bypasses - the structured way" @WEareTROOPERS

https://youtu.be/yYQBeDFEkps

#Entra #ConditionalAccess

TROOPERS25: Finding Entra ID CA Bypasses - The Structured Way

YouTube
FrederikNov 25
The recording of my #TROOPERS25 talk about the #DHL Packstation has finally been published ๐ŸŽ‰ https://youtu.be/WEGVL9Wttsc?si=LIIN6Fq9YSaVL2Zq
TROOPERS25: DHL Hackstation - What's inside

YouTube
InsinuatorSep 25, 2025
New post: #TROOPERS25 AD & Entra ID Security Track https://insinuator.net/2025/08/troopers25-ad-entra-id-security-track/
#TROOPERS25 AD & Entra ID Security Track

The #TROOPERS25 'AD & Entra ID Security' track was a blast โ€“ as was the whole conference ;-) โ€“  bringing together some of the smartest researchers in the field and a great audience of practitioners willing to share their experiences during the roundtable. The slides of the talks have been released in the interim on the TROOPERS website, but since many speakers published additional blogpost ...

Insinuator.net
securefirmwareJul 8, 2025
Great news for today ... you can grab our SBOM/EMBArk slides from our talk at #troopers25 here https://troopers.de/troopers25/talks/cblhdx/
SBOMs the right way

TROOPERS is more than just an infoSec con. Hands-on, high-end knowledge sharing leaves you motivated and charged to

Security Research LabsJul 1, 2025

Unveiled at #TROOPERS25 - Hexagon fuzzing unlocked

Hexagon is the architecture in Qualcomm basebands - they power most of the world's leading smartphones.

Until now, this baseband was out of reach.

We released the first open-source toolchain for system-mode Hexagon fuzzing, presented by Luca Glockow (@luglo), Rachna Shriwas, and Bruno Produit (@bruno) at @WEareTROOPERS

Full post: https://www.srlabs.de/blog-post/hexagon-fuzz-full-system-emulated-fuzzing-of-qualcomm-basebands

How we opened up mobile firmware in 3 steps:
1. Boot real iPhone basebands with a custom QEMU fork
2. Rust-powered fuzzer controls execution via JSON configs
3. Ghidra integration maps coverage across threads

This brings full visibility to Qualcommโ€™s 4G/5G/GPS stacks.

Reproducible. Extendable. Open source.

Hexagonโ€™s no longer off-limits - mobile security just got a lot more transparent.


๐Ÿ”— Try it yourself: https://github.com/srlabs/hexagon_fuzz
๐Ÿ“š Docs: https://github.com/srlabs/hexagon_fuzz/blob/main/docs/reverse_engineering.md
๐Ÿ–ฅ๏ธ Slides from Troopers25: https://github.com/srlabs/hexagon_fuzz/blob/main/docs/talk/hexagon_fuzz_troopers2025.pdf
๐Ÿ› ๏ธ Issues, ideas, or contributions? PRs welcome.

Hexagon fuzz: Full-system emulated fuzzing of Qualcomm basebands

Bruno Produit, Luca Glockow, Rachna Shriwas

GoatFooJun 28, 2025
Really enjoyed this years #Troopers25. Also enjoyed my Chameleon Ultra, which held my hotel room access card. The card was an unprotected MIFARE Ultralight, the missing password made it really easy to clone the card with the CU GUI.