ROOTCON® Hacking Conference

Aaron is a Senior Systems Engineer at CrowdStrike where he advises customers on their security needs and solutions. He is currently based in Dubai, and is responsible for the CrowdStrike business across the Middle East, Turkey, and Africa (META) region. Prior to his current stint, Aaron served as a Strategic Threat Advisor where he actively evangelised for the value and pertinence of Cyber Threat Intelligence to organisations across the public and private sectors in the Asia Pacific (APAC) and META regions. Aaron represented CrowdStrike Intelligence, speaking at various Security Conferences including BlackHat MEA, MENA ISC, GovWare, RootCon, AVAR, BSides SG, and SINCON.

Prior to joining the Cybersecurity industry, Aaron served 12 years of Active Duty in the Singapore Armed Forces as a Military Intelligence Officer. He served in multiple command appointments in classified Intelligence units, and garnered staff experience in the areas of strategic planning and policy development. In his penultimate tour of duty, Aaron was instrumental in developing the masterplan for the Digital and Intelligence Service (DIS), the military branch responsible for providing military intelligence to the armed forces, building up Singapore's digital defence capabilities, and protecting the psychological defence of its military personnel.

ar33zy

Ariz spearheads the Theos Red Team as an accomplished security consultant with over seven years of experience in Incident Response, Penetration Testing, and Red Teaming. He has successfully led numerous VAPT and Red Teaming engagements for a wide array of clients, including significant corporations in various regions. Additionally, Ariz is a Senior Content Engineer at TryHackme, an online platform that uses gamified labs to teach cybersecurity skills, where he shares his expertise by creating cybersecurity training materials and capture-the-flag challenges. Furthermore, Ariz plays a pivotal role in the Philippine security community by founding and leading the Red Teaming Village at ROOTCON. Through this platform, they organize various activities, presentations, and training sessions aimed at enhancing the Red Teaming knowledge in the country.

Arun Mane

A Trailblazer in Security, Innovation, and Education Arun Mane, a visionary leader and luminary in the field of cybersecurity, wears many hats. He is not only the Founder and CEO of Amynasec Research Labs, but also the co-Founder and CEO of UnoAcademy, a distinguished training provider. With a resolute focus on Vehicle/IoT/ICS/IoMT security, Arun is also a recognized Hardware, IoT, and ICS Security Researcher, shaping the future of digital protection.Arun's passions encompass a spectrum of technological domains. He delves into Hardware Security, SCADA systems, Automotive Security, Fault Injection, RF protocols, and the intricacies of Firmware Reverse Engineering. His inquisitive mind thrives on unraveling complex systems and identifying vulnerabilities that safeguard the digital landscape. Arun's expertise extends to performing Security Audits aligned with ISO 62443, ISO 21434, NIST frameworks, catering to both government and private clients. His insights have proven invaluable in fortifying digital infrastructures against ever-evolving threats. His prominence shines brightly on the international stage. Arun has delivered captivating talks at an array of prestigious conferences, leaving a lasting impact on audiences worldwide. Noteworthy appearances include nullcon in Goa from 2016 to 2018, GNUnify 2017, Defcamp in Romania from 2017 to 2019,2023, Hacktivity in Budapest 2019,2023, Rootcon 2020 in the Philippines, BsidesDelhi 2017, c0c0n x in 2017 and 2019, BSides Ahmedabad 2021, EFY 2018, x33fcon from 2018 to 2021, BlackHat USA 2018, Defcon USA 2018, OWASP Seasides 2019 in Goa, and HITB Red Team Village 2020,Phuket 2023. These platforms serve as a testament to his remarkable insights and thought leadership in the cybersecurity realm

Dennis Goh

Dennis Goh (@RFIDGroup) is the co-founder of the RFID Research Group, where he plays a pivotal role in advancing radio-frequency identification technology.

Under his leadership, the team has developed innovative tools that serve the needs of researchers and professionals in the RFID field. Notable creations include Proxmark3 Rdv4.01, which enhances RFID research capabilities, USBninja—a versatile BadUSB for security tasks—and both ChameleonTiny and ChameleonUltra, which provide powerful functionalities for emulating and testing RFID systems.

In addition to his contributions to RFID technology, Dennis is actively involved in the cybersecurity community. He regularly attends and hosts RFID villages at cybersecurity conferences around the world, fostering collaboration and knowledge sharing among experts. His commitment to education and outreach was highlighted by his role as an arsenal presenter at BlackHat Asia 2024, where he shared insights into advanced RFID applications and their security implications.

Through his work, Dennis strives to push the boundaries of RFID technology and contribute to a safer digital landscape, providing robust solutions that empower users to explore and expand their understanding of the field.

Doan Minh Long

Long Doan Minh – Threat Analyst with 5 years of experience in cyber security, especially in reverse engineering, malware analysis, tracking and analyze 50+ threat actor (APT, Ransomware) targeting the Southeast Asia Region, handled 30+ incidents in big enterprises, government organizations in Vietnam

EungyoSeo

Eungyo Seo, also known as Wynt3r, is an offensive security researcher at NSHC Inc. She is a member of the Pwn2Own Automotive 2025 CIS team (COLLISION). She specializes in embedded systems, including IoT, OT, and automotive security.

HeaEun Moon

I am the director of Red Alert Labs at NSHC, with a total of 24 years of experience in IT security. My primary work involves discovering zero-day vulnerabilities in various types of software, including browsers, kernels, IoT, and ICS/SCADA systems. I have organized CTF competitions at major hacking and security conferences such as Black Hat, DEF CON, MOTIE, and HITB. I also enjoy participating in CTFs myself and take part in computer hacking contests such as Pwn2Own and SPIRITCYBER.

Hyunseok Yun

I have a broad interest in security vulnerabilities in embedded systems, including IoT/OT and automotive security.

Georgy Kucherin

Georgy Kucherin is a Security Researcher at Kaspersky’s renowned Global Research and Analysis Team. Georgy demonstrates an unwavering passion for unraveling the intricacies of complex malware and employing reverse engineering techniques to analyze and understand its inner workings. With a strong background in cybersecurity research, Georgy has contributed significantly to the field through his comprehensive investigations into advanced persistent threats (APTs) such as Operation Triangulation, FinFisher, APT41, and Lazarus. Georgy actively shares his research findings at prominent conferences, where his presentations captivate audiences and contribute to the collective knowledge of the cybersecurity community.

Hyuna Lee

Hyuna Lee analyzes cybercrime at SK Shieldus’s Ransomware Response Center, where she meticulously investigates and tracks cyber threats. Her expertise spans not only researching ransomware but also exploring the complexities of the deep web and dark web. Driven by her passion for cybersecurity, she finds great satisfaction in identifying emerging threats and contributing to the safety of her community. She also regularly participates in Capture The Flag (CTF) competitions to hone her analytical skills and deepen her expertise in the field.

Ignacio Navarro

Ignacio Navarro, an Ethical Hacker and Security Researcher from Cordoba, Argentina. With around 6 years in the cybersecurity game, he's currently working as an Application Security. Their interests include code analysis, web application security, and cloud security. o Speaker at DEFCON, H2HC, Troopers, LeHACK, NorthSec, TyphoonCon, Security Fest, SASCON, 8.8 among others.

Karl Biron

Karl Biron is a Security Researcher in the SpiderLabs Database Security team at Trustwave, bringing nine years of hands-on technical experience across the cybersecurity landscape. He holds multiple industry-recognized certifications and has built a global perspective through his work in Singapore, the United Arab Emirates, and the Philippines. Karl is the lead author of two IEEE peer-reviewed publications covering diverse topics such as cybersecurity and data science. He is also an experienced IEEE speaker, having delivered technical presentations that bridge research and practical application.

Over the past year, Karl has authored multiple in-depth technical blogs for Trustwave SpiderLabs, each providing detailed, hands-on walkthroughs that are accessible and actionable for practitioners and researchers alike. These blogs span a wide range of topics, including exploitable vulnerabilities (e.g., MariaDB RCE CVE), anonymous data corruption campaigns (e.g., Meow Attack), ransomware threats (e.g., Xbash Malware), offensive security tool evaluations (e.g., OracleDB vs ODAT), security feature simulations (e.g., Elasticsearch X-Pack Security Plugin), and Modbus attack simulations using his in-house-built CLI tool (Using M.A.T.R.I.X to Learn About Modbus Vulnerabilities).

LiquidWorm (Gjoko Krstic)

Gjoko Krstic is a security engineer and vulnerability researcher, with a bachelor’s degree in computer science, and various certifications specializing in cyber security. He has over 18 years of experience in security architecture, exploit development, reverse engineering, red teaming and penetration testing for various corporate and government organizations. Gjoko is the founder of Zero Science Lab, a Macedonian information security research and development laboratory, discovering and responsibly disclosing a wide range of vulnerabilities in commercial products. He's also an author of security research papers related to WAFs and BMS including embedded systems and a speaker at various conferences.

OfflineIsNewLuxury

Jeffrey is a Vice President of Consulting Services at DACTA Global, specializing in Offensive Security, with more than a decade of experience in Penetration Testing, Vulnerability Management, Cyber Threat Intelligence, and Security Operations. He has led and delivered security assessments for businesses, enterprises, and government agencies, identifying and mitigating critical vulnerabilities across networks, Active Directory, web applications, APIs, wireless networks, and mobile platforms (iOS & Android).

As a recognized expert, Jeffrey actively participates in bug bounty programs and has been acknowledged by top organizations, including Apple, Oracle, Toyota, and Morgan Stanley. His research has contributed to the discovery of multiple vulnerabilities, earning him four CVE IDs.

In May 2024, he presented an API security tool at the Black Hat Arsenal in Singapore, showcasing an API scanning tool designed to enhance security and detect vulnerabilities in API applications.

Omkar Mali

Omkar Mali is a Security Researcher and seasoned Infrastructure and Cloud Security expert, leveraging his expertise in safeguarding digital assets for clients. With a keen focus on Hardware and IoT Security and Automotive Cybersecurity, he serves as a dedicated researcher in these domains, ensuring robust protection against emerging threats. Omkar's areas of specialization encompass Hardware Security, Automotive Security, RF Protocols, and Firmware Reverse Engineering, demonstrating a comprehensive understanding of complex security landscapes. In addition to his professional roles, Omkar Mali assumes leadership as the head of The Marathi Hackers Group, a testament to his commitment to fostering collaboration and knowledge sharing within the cybersecurity community. His extensive experience includes conducting Security Audits for both governmental and private entities, showcasing his ability to navigate diverse environments and deliver tailored solutions to mitigate risks effectively.

Parameswaran Ganesan

Parameswaran Ganesan is the Lead of Presales at DACTA Global and a cybersecurity strategist with 9+ years of experience securing enterprises, governments, and OT environments across APAC. He leads complex security transformations, from EDR and SIEM rollouts to regional SOC deployments and threat intelligence integrations. A passionate researcher, Parameswaran authored two notable papers:
“Exploring Cyber Threats in the Financial Sector”, analyzing real-world APT campaigns; and
“Demystifying Deep Learning in Side-Channel Analysis”, where he pioneered explainable AI techniques for cryptographic attack modeling.

He holds a Master’s in Cybersecurity from NTU and is pursuing a PhD at SUTD, focusing on AI and Threat Intelligence. Parameswaran also delivers cybersecurity training, builds red-blue team simulations, and advises on AI-driven security strategies.

Pengfei “BigZaddy” Yu

Pengfei is the APJ & SAARC Solutions Architect at Picus Security. Previously, he worked as a Cybersecurity Engineer in GovTech's GCSOC team, where he led the implementation of continuous purple teaming across the Whole-of-Government. Before this role, he served on GovTech's red team, mainly dabbling in VAPT and Adversary Simulation. Pengfei is certified with OSCP, eMAPT, Crest CRT, CCSK V4, etc. He has conducted research on emerging cybersecurity technologies and presented his findings at renowned conferences like Black Hat USA & Asia, DEFCON, SINCON, ROOTCON, etc.

Rakesh Seal

Rakesh Seal is a Senior R&D engineer with the Application & Threat Intelligence Research Center (ATIRC) at Keysight Technologies. He actively works on network application simulation, network steganography, IoT devices and AI vulnerability research. Rakesh likes to automate stuff that needs manual work even though the automation takes more time than doing it manually. Rakesh is a full stack developer with a keen interest in building scalable systems. When he's not tinkering with tech, he enjoys sharing his expertise by writing technical blogs on network security and speaking at security conferences and meetups.

Sergio García

Sergio García is a Cloud Security Engineer and the main maintainer of Prowler, an open-source cloud security tool. With a strong background in cloud security and automation, he is passionate about securing cloud environments and contributing to the open-source community. Sergio shares insights on best practices, risk management, and innovative security solutions to help organizations strengthen their cloud security posture.

Vismit Rakhecha

Vismit is a seasoned cybersecurity professional with over 13 years of experience, currently working as a Principal Information Security Engineer in the healthcare sector. His thought leadership in the field is reflected in published white papers, including “Exploring Potential Crimes Enabled by 3D Printers in Healthcare,” “Digital Mafia~Decrypted"", ""Wardriving’s Impact on Corporate Espionage and Prevention Strategies"" Vismit has presented his research at prominent conferences such as Hakon, CSA, OWASP, and HackTech.

Outside of his professional role, he actively contributes to the global security community as a bug bounty hunter, earning accolades from organizations like Microsoft, NASA, AWS, Avira, Sony, Nokia and AT&T. Passionate about knowledge sharing, he has conducted 50+ training sessions and talks across educational institutions and government organizations, fostering awareness and skill development in cybersecurity.

Wilson Chua

Wilson L. Chua is an accomplished cybersecurity and operations leader, recognized for excellence and innovation in both the private and academic sectors. A Gold Medal Awardee from the National University of Singapore (NUS) and a Distinguished Alumni of the University of the Philippines Cesar Virata School of Business, Wilson brings a rare blend of strategic insight and hands-on expertise across multiple domains.

With a solid track record as a Chief Information Security Officer (CISO), Wilson has led cybersecurity programs that balance compliance, risk management, operational resilience and leveraging on ML/AI. Beyond cybersecurity, Wilson has also held key leadership roles in Call Center Operations, Network Operations, and Big Data Analytics, driving digital transformation and operational efficiency across large-scale enterprises.

With a unique mix of academic excellence and real-world experience, Wilson is passionate about building secure, data-driven organizations that thrive in today’s fast-evolving digital landscape"

Yi Ting Shen

I’m a university student and full-time cybersecurity engineer at a US-based company, with 3+ years of hands-on experience specializing in penetration testing, vulnerability assessments, and AI-driven tooling. Currently, my focus is on integrating artificial intelligence into security workflows to enhance threat detection and automate testing processes.

I’ve shared my research at over 20 conferences and workshops both locally and internationally — including BSides, SECCON, CYBERSEC, and WordCamp Asia. Beyond AI security applications, I actively explore cybersecurity threats across various domains — such as connected vehicles (V2X) and satellite systems. I’m passionate about building practical tools, uncovering emerging risks, and contributing to the global security community through research and collaboration.