Find Expert Speakers

Christian Herrmann – RFID Hacker | Co-Founder of AuroraSec & RRG | MCPD Enterprise ArchitectChristian Herrmann, better known in the hacker community as “Iceman”, is a co-founder ofAuroraSec and RRG, and has helped develop many of today’s most widely used RFIDresearch tools, including the Proxmark3 RDV4 and the Chameleon Mini. He is a well-knownRFID hacking and Proxmark3 evangelist, serving the community as both a forumadministrator and a major code contributor alongside other developers since 2013.Christian has spoken at hacker conferences around the world, including Troopers, Black HatAsia, DEF CON, Hardwear IO, SSTIC, NullCon, Pass-the-Salt, BSides Tallinn, BlackAlps, and SaintCon. He also runs a YouTube channel where he shares his knowledge of RFID hacking with the public.With over 14 years of experience in bespoke software development, Christian specializes in.NET platforms and is a Certified MCPD Enterprise Architect.He possesses near-unmatched expertise in the Proxmark3 architecture and various RFIDtechnologies, and has served as an instructor for Red Team Alliance (RTA), including trainingsessions at Black Hat.

As an ethical hacker, I equip enterprises with the advice and solutions to improve their digital security posture and their overall business growth. Throughout my career as an ethical hacker I’ve worked across several industries including:💥 Government💥 Advertising💥 Retail💥 Financial Services💥 Blockchain💥 Technology💥 Publishing💥 Non-Profit💥 And more!This has provided me the opportunities to gain a breadth of knowledge on all things security testing.

Jian-Lin Peng, aka YingMuo (@YingMuo), is a security researcher at DEVCORE. His work primarily focuses on IoT, macOS kernel and hypervisor security. He has participated in Pwn2Own competitions 2 times, successfully compromising QNAP NAS. He was also a speaker at HITCON PEACE 2022 and DEVCORE CONFERENCE 2024.

Cybersecurity Enthusiast, CTF Player and Bug Hunter. Contributed to the organization of SECCON CTF, took the stage at AVTOKYO2020/2023/2024, Security Analyst Summit 2024, Hack Fes. 2024, m0leCon 2025, TyphoonCon Seoul 2025, HITCON 2025 and competed in the DEF CON CTF Finals. Renowned for uncovering and reporting vulnerabilities in web services and softwares including Google and Firefox.

I got into cybersecurity the messy, curious way - hacking games as a teenager to get extra coins and superpowers, then later reverse-engineering ransomwares to understand how they worked. That same curiosity and passion led me to a career in offensive cyber security.In the past 5+ years of work experience across India, UAE & USA, I’ve worked on:• Mobile application penetration testing (Android & iOS)• Web application and API penetration testing• Secure code review across C/C++, Python, Java, Golang, JavaScript, Typescript and C# .NET• Custom Signature Code Analysis (Semgrep, YARA & Coverity CodeXM custom checkers)• Adverserial tradecraft and Cyber threat intelligence• Network and infrastructure assessments with Segmentation penetration tests for cloud and on-prem setups• Software Composition Analysis (Coverity, Black Duck, GitHub Advisories, PlexTrac)• Innovative research & automated pentest tools development (AI, OSINT, Python, Bash script)Currently, I work as a Security Researcher at OnDefend, where I help secure user data of a large-scale social media platform & contribute to U.S. national security.🌟 Key Achievements:• Awarded the first-ever “Magical Mention” as an intern at Equinix for uncovering and reporting multiple critical security misconfigurations. Recognized for investigative persistence, curiosity, and successfully improving internal security workflows through proactive analysis and alerting.• Bug Bounty & Hall of Fame mentions: Tesco, IKEA, SecureLayer7 live hacking event, Accenture, Ericsson, Springer Nature, OSIsoft🔍CVE Research:• CVE-2020-11539 : Access control issue in Tata Sonata Smartwatch• CVE-2020-11540 : Access control issue in Tata Sonata Smartwatch• CVE-2020-25498 : Chained CSRF & Stored XSS vulnerabilities in Beetel router• CVE-2020-35262 : Stored XSS vulnerability in Digisol router👾 Outside of work, I’m always exploring new tools, ways to use AI as leverage in security, hacking techniques & trying to level up. I love building my own custom IoT devices as well as hacking them.🧑‍🤝‍🧑As an active member of 'Women in Cybersecurity', 'Women in Security & Privacy' and 'The Diana Initiative' volunteer at Defcon, I’m also passionate about making cyber security more inclusive and human, especially for women and underrepresented voices.