Mobile Hacking Conference

Join a global audience during the FREE Mobile Hacking Conference,
 full of mobile security talks covering exploitation, AI, and a live mobile CTF


 3 - 4 March 2026

Speakers and Talks

Full line up and program coming soon!

Lukas Stefanko

Malware Analyst
ESET

Lukas explores how NFC, now common in tap-to-pay and access badges, has become an active attack surface.

He traces the rise of in-the-wild Android NFC relay malware, shares high-level telemetry on growing NFC abuse, and highlights real-world fraud scenarios beyond payments.

Gabrielle Botbol

Cyber Security Consultant
Independent

Gabrielle examines how Android application security testing is changing as AI becomes embedded in mobile apps.

She connects traditional pentesting approaches with emerging AI-specific risks and shares updated frameworks for assessing modern, AI-driven Android attack surfaces.

Andreas Flamino

IR and Digital Forensics
FlaminoIR

Andreas presents a preview of the upcoming Windows DFIR course through a simulated incident investigation.

Using Velociraptor, he demonstrates how working directly with OS-level artifacts helps build timelines, ask precise questions, and strengthen DFIR and threat-hunting intuition.

Ken Gannon

Head of Research
Mobile Hacking Lab

Ken explores how Android application exploitation workflows have traditionally relied on manual reversing, code review, and custom proof-of-concept development.

He compares that approach with his current workflow using Djini, showing how AI-assisted analysis changes exploit research through concrete examples from past Android vulnerabilities.

Miłosz Gaczkowski

Cyber Security Consultant
Reversec

Miłosz examines how many mobile security solutions fall into “security theater”, implementing defenses that appear robust but break down under technical scrutiny.

Drawing from real-world vulnerabilities, he highlights recurring design flaws that create a dangerous false sense of security across the mobile ecosystem.

Juan Urbano Stordeur

Founder / CEO
Just Mobile Security

Juan covers the fundamentals of KYC implementations and examines how common design and implementation flaws lead to insecure mobile KYC systems.

Focusing on real-world bypass techniques, he highlights weaknesses involving insecure components and deepfake-generated images and videos in mobile applications.

Gersi Hajrullahi

Security Researcher
Digital Forensics Specialist

This talk explores the foundations of lawful mobile device access in modern forensic investigations.

Gersi examines agent-based acquisition techniques and recovery workflows, and discusses what makes an exploit forensically sound, focusing on reliability, minimal data alteration, and courtroom defensibility.

Vaibhav Agrawal

Senior Security Engineer
Google

Traditional Static Analysis Security Testing (SAST) tools often overwhelm engineers with high false-positive rates.

In this session, Vaibhav discusses a hybrid framework that combines SAST with an LLM to provide intelligent triage in code scanning and security, resulting in a 91% reduction in false positive rates .

Tamaghna Basu

Founder / CEO
DeTaSECURE

More info soon.

Simon Janz

Senior Security Expert
 CODE WHITE GmbH

Modern Android replaced its userspace heap with Scudo, a hardened allocator designed to make memory corruption exploitation harder.

Simon explains what that actually means for exploit developers, covering the fundamentals of heap exploitation, key Scudo internals,
   and how to work through modern defenses. 

Lyes Mouloudi

Security Researcher
Mobile Hacking Lab

More info soon.

Dario Durando

Senior Threat Analyst
ThreatFabric

Android banking malware continues to evolve in complexity.

Dario walk trough a real-world campaign through every stage of its lifecycle, from initial distribution vectors and dropper behavior, through payload unpacking and decryption, to C2 traffic interception and configuration extraction

Stay tuned for the full line-up.

Register here:

Thank you!
Proudly supported by