BSides Vancouver 2026

Large Language Models are rapidly becoming part of the cybersecurity toolkit. Analysts use them for OSINT collection, threat intelligence reporting, and even offensive operations. But how well do we understand the tools we are adopting, and what happens when those same tools become the attack surface?

This hands-on, four-hour workshop takes participants through both sides of the LLM equation. Starting with prompting fundamentals and LLM foundations, participants will learn how to effectively use LLMs for security work. They will then apply those skills in practice: first using Claude AI integrated with Kali Linux via the Model Context Protocol (MCP) to conduct OSINT, generate threat intelligence reports, and hack a live target in the OffSec Proving Grounds Playground. Finally, the perspective flips entirely as participants learn to attack LLMs themselves through jailbreaking, prompt injection, improper output handling, and more.

This workshop bridges the gap between using AI as a force multiplier and understanding its vulnerabilities. Participants will leave with practical skills they can apply immediately, whether they work on a red team, blue team, or somewhere in between.

Workshop Outline

Prompting Fundamentals + LLM Foundations
The workshop begins with practical prompting techniques for security work. Participants learn how to craft effective prompts that produce useful, actionable output rather than generic responses. This is immediately applicable regardless of which LLM they use in their daily work.

From there, we build the foundational understanding needed for the rest of the day: how LLMs generate output, why they hallucinate, what context windows mean for a pentest session, and the basics of responsible AI. This section is deliberately non-academic. The goal is to give participants just enough theory to understand why the techniques in later hours work and why critical evaluation of LLM output is essential.

OSINT & Threat Intelligence Reporting with LLMs
Participants shift from theory to practice, using Claude integrated with Kali Linux to conduct OSINT operations and produce structured threat intelligence reports. This section demonstrates the analyst-facing side of LLMs: how they can accelerate intelligence gathering, source analysis, and report writing.

Participants also learn to evaluate LLM output with the same rigor they would apply to any other intelligence source. What did the LLM find? What did it miss? What did it fabricate? This analytical discipline is what separates effective LLM-assisted analysts from those who blindly trust the output.

LLMs as a Hacking Tool
Now participants use Claude and Kali Linux to hack a live target machine in the OffSec Proving Grounds Playground. Working through a full attack chain, they experience firsthand how an LLM can serve as a co-pilot during offensive operations: from initial enumeration and scanning through vulnerability identification to exploitation.

LLM Red Teaming
The perspective flips entirely. The LLM is no longer the tool; it is the target. Participants learn how to test and exploit vulnerabilities in LLM-powered applications, drawing directly from the OffSec LLM Red Teaming learning path. This section covers the techniques attackers use to manipulate, bypass, and abuse LLM systems.

Key Takeaways & Q&A
The final session brings everything together. We review key takeaways from all four hours, discuss where LLMs in cybersecurity are heading, and open the floor for questions and discussion. 

Learning Objectives

1. Write effective prompts for security workflows and critically evaluate LLM-generated output
2. Explain how LLMs generate output, why they hallucinate, and what this means for operational security work
3. Conduct OSINT collection and produce structured threat intelligence reports using LLM-assisted workflows
4. Use LLMs as a hacking co-pilot for enumeration, vulnerability discovery
5. Identify and exploit LLM-specific vulnerabilities 

This hands-on workshop delivers a practical introduction into Threat Hunting, Detection Engineering and Incident Response through Threat Hunting Labs. Participants will investigate real-world intrusions in interactive, production-lookalike environments using authentic forensic artifacts such as system logs, network traffic, and memory data.

Using SIEM platforms including Elasticsearch and Splunk, attendees will develop practical skills in identifying adversary techniques, reconstructing attack timelines, and investigating incidents using structured, repeatable methodologies. The session combines guided walk throughs with independent analysis, making it suitable for both newcomers and experienced information security professionals.

By the end of the workshop, participants will have hands-on experience hunting threats, analyzing forensic telemetry, and responding to incidents using real-world tradecraft.

Technical Requirements:
• Participants must bring a laptop capable of running a modern web browser.

Threat modelling is considered to be a critical component of Secure Software Development Lifecycle, yet many engineering organizations struggle to do it effectively and extract the full value. There’s a ton of information available on threat modelling, though most of it seems to be too theoretical, resulting in threat models that are generic and not actionable.

This hands-on workshop presents a practical collaborative approach to threat modelling with focus on applicability to Agile teams of various scales. We’ll spend a bit of time on threat modelling overview, but the majority of the workshop will be dedicated to going through an example threat modelling session and creating a threat model.

Key Learning Objectives
* How to "right-size" threat models for agile engineering organizations.
* Practical tips on building better threat models.
* Using agentic AI for design artifacts and source code analysis to boost speed and depth of your threat models.
* Making threat models actionable - what happens after the threat model is created is more important than the threat model on its own.

Target audience and pre-requisites
This workshop is great for security engineers, software engineers, DevOps engineers, technical product managers. No prior threat modeling experience is required. Bring a laptop.

Our last year's BSides Conference badge will be used in this workshop. Both this year's BSides ticket holders and those from BSides 2025 can attend this workshop for free.

Conference badges have become a staple of hacker culture. They’re part art piece, part engineering challenge, and part sleep-deprived miracles. In this workshop, we’ll walk through the complete journey of designing and building a custom electronic conference badge under the kind of timelines that normally produce regret instead of functioning hardware and software. Somehow, this one worked.

Participants will get an inside look at the hardware and software decisions behind the badge design, including component selection, PCB layout challenges, power considerations, embedded firmware architecture, cost minimization, and the compromises that happen when “the manufacturing deadline is only days away”.

Attendees will receive access to the base code repository and reference materials so they can follow along and begin experimenting immediately. We’ll share real design files, schematics, firmware, and lessons learned from building a badge intended to be functional, hackable, and fun.

Most importantly, this is a hands-on hacking session. After breaking down how the badge works internally, participants will spend the second half of the workshop designing and implementing their own features, modifications, or entirely unnecessary additions.

This workshop is about learning how hardware badges are built and how they become even better once the community starts hacking them.

We will have a collaborative discussion to identify and define the core components of a well functioning AppSec or Software Security program. And we’ll highlight which activities have the highest impact. We’ll query attendees to highlight real experiences and observed patterns they have noted in well performing (or not) AppSec programs. 


Discussion will focus on ideal patterns for:

• Identifying the Value add of an AppSec program
• Choosing what to measure
• Understanding Code Delivery Pipelines
• Defect remediation workflows
• Understanding the Team(s)
• Making the AppSec Program Org specific
• Building a 12 month roadmap

To do this, participants will be seated in small groups (4-8 people per table) and given an anonymized business scenario where an organization has decided to build or further mature an AppSec program. Teams will have a set time to discuss the scenario and come up with a 12-month roadmap. Teams will then get the opportunity to stand and explain their scenario to the rest of the participants in the workshop and what they included in their 12-month roadmap. 
As we work through each scenario, common patterns and innovative solutions will be observable. 

We’ll then close with a general synthesis segment where we recap covered material and highlight what were common ideal patterns or innovative solutions demonstrated by the groups. The goal is not to lecture the attendees but create an environment where it is easy to share and poll from the depth of experience found amongst the participants.

Participants will also go home with a worksheet that highlights main takeaways and helps leaders build their own roadmap for defining, building, or maturing their Application Security Program.

Rapid AI adoption is creating a new class of data exposure: sensitive information leaving an organization through prompts and tool outputs to external LLM providers. Even scarier are the uprising of middle-ware AI companies, which lack proper data security, retention and security. A reality is that AI is used by most developers

Teams spend years building DLP, insider-threat programs, and phishing campaigns, then paste stack traces, API keys, customer data, and internal context into AI tools because it’s fast. In the age of AI the boundary of trust has shifted: the prompt is now an egress channel, and reality (what data actually left your environment) becomes hard to audit.

In this hands on workshop, attendees will build a practical “AI egress proxy” that sits between users/tools and an LLM endpoint. We’ll intercept requests, detect sensitive content (PII, credentials, tokens, secrets), apply policy (block vs. redact), and produce audit logs you can use for investigations and risk reporting. We’ll cover why pure regex fails, how to add lightweight heuristics and optional model-assisted classification safely, and how to handle common bypass patterns like encoding, fragmentation, and “helpful” copy/paste.

Attendees will leave with a working reference implementation, a set of detection patterns, a basic risk scoring approach, and a clear roadmap for deploying this pattern in real environments.

"Do you trust the authors of the files in this folder?" It's a prompt modern IDEs throw at developers, and most click past it by reflex. But as vibe coding, AI-assisted tooling, and automated agents accelerate software development, that implicit trust in established tools like VS Code and authoritative sources like GitHub has become a critical, highly exploitable attack surface - especially for non-technical vibe coders.

This 4 hour hands-on workshop places attendees directly in the mindset of an attacker targeting modern development environments. We move beyond traditional social engineering and focus on how trust is abused through the tools developers rely on every day: IDEs, agent harnesses, and package managers. After dissecting recent real-world cases of developer-targeted attacks and AI-agent vulnerabilities, we transition into labs where participants build and execute their own PoCs - including constructing malicious repositories from scratch to trigger invisible code execution on open, weaponizing hidden prompt injections to drive AI agents into running attacker-controlled commands, and standing up a custom "Claude Code"- style agent harness to attack ourselves.

Agenda:
⚠️ How your trusted IDEs would betray you by executing malicious commands automatically (spoiler - they didn't!)
⚠️ How agent harnesses like Claude Code and Gemini CLI can be abused across multiple trust boundaries
⚠️ How package managers like npm turn seemingly harmless actions, like a routine package update, into full compromise

Bring a laptop - we'll get our hands dirty and hack ourselves together.

APIs are now the primary attack surface of modern applications. They expose sensitive data, control business logic, and connect services, partners, and users. When APIs fail, attackers gain direct access to the core of your system.

The OWASP API Security Top Ten identifies the most critical risks facing modern APIs. However, most developers are never taught how to actually fix these vulnerabilities in real code.

This hands-on workshop is taught by an OWASP Top Ten 2025 project leader and author, bringing direct insight into modern vulnerability patterns, secure coding practices, and how these risks manifest across applications and APIs.

Participants will work through all ten OWASP API Security Top Ten vulnerability categories using a structured, practical progression. For each category, attendees will learn what the vulnerability is, why it exists in APIs, and the real-world risk it creates. They will review vulnerable API implementations, fix them themselves, and examine progressively stronger implementations using the Bad / Better / Best method.

This method helps participants develop real-world secure coding judgment by showing how insecure APIs evolve into robust, production-grade secure implementations through layered mitigations and defense-in-depth.

Attendees will work hands-on in VS Code with vulnerable API code, identifying security flaws, implementing mitigations, and hardening endpoints against attack.

Participants will leave with practical experience securing APIs, a deep understanding of the OWASP API Security Top Ten, a best practices cheat sheet, and the skills to build and review secure APIs in modern distributed systems, including those built or assisted by AI.

Learn beginner web app hacking skills through interactive CTF (Capture The Flag) games! In this half-day workshop, we'll use the PicoCTF education platform (and others) to introduce students to basic web app hacking concepts such as:

* Looking into webpage source code
* Website cookie hacking
* Bypassing insecure login pages
* Common data transformation methods
* Hijacking files that the webpage loads
* and more!

This workshop is aimed at beginner-level cybersecurity enthusiasts who want a fun and easy introduction to the world of web app hacking!
Participant Requirements

Participants will need to have a registered account at picoctf.org and supply their own laptop device to interact and participate in this hands-on, objective-based, guided workshop.

Bug hunting in the automotive domain is often regarded as one of the more complex areas of offensive security. Despite its growing popularity, there are only a limited number of publicly available training courses focused on automotive security, and even fewer that specifically address vulnerability research and bug hunting in vehicles. As a result, many practitioners are interested in car hacking but are unsure where to begin, often perceiving vehicle bug hunting as an especially demanding discipline.

In reality, automotive security research is more approachable than it may appear. In this course, students will learn a systematic methodology for vehicle vulnerability research and bug hunting. We will examine common automotive attack surfaces, including infotainment systems, telematics units, modern key fob implementations.

By the end of the workshop, students will be familiar with a broad range of vehicle attack vectors. They will learn how to exploit previously discovered vulnerabilities in real-world vehicles and, more importantly, develop the skills needed to identify and exploit zero-day vulnerabilities across other automotive targets.

The Women in Security Documentary

In an industry historically dominated by men, The WOMEN IN SECURITY Documentary brings to life the often untold stories of women who have shaped — and continue to reshape — the landscape of cybersecurity, physical security, intelligence, and protective services.

Through candid interviews, reenactments of pivotal moments in history, and real-world insights, this documentary shines a light on the resilience, leadership, and innovation that women bring to every part of the security world.

This film isn’t just about visibility — it’s about building a future where women aren’t the exception, but the norm.

https://www.womeninsecuritydocumentary.com/