0. Introduction
- Purpose of this review
- Quick overview of the event
1. Venue and Atmosphere
- Athens Conservatoire location
- Setup and branding tailored to hacking culture
2. Trainings Before the Conference
- Advanced Malware Analysis
- EDR Bypass Workshop
- Other hands-on sessions
3. Talks and Presentations
- Keynotes
- Selected technical sessions
- Live demos (e.g., car hacking)
4. Hacking Village
- RFID challenges
- Hardware hacking activities
- Badge and arcade stations
5. Capture The Flag Competition
- Structure and dioramas
- Teams and final scores
- Prizes and winners
6. Sponsors and Exhibitors
- Companies present
- Giveaways and community initiatives
7. Community and Networking
- Impressions from attendees
- Diversity and inclusion efforts
8. Overall Impressions
- Strengths
- Areas for improvement

Offensive X 2025 was held in Athens, Greece, and brought together security professionals, researchers, and enthusiasts focused on offensive security. Over two main conference days and additional training sessions, the event offered technical talks, hands-on workshops, live hacking demonstrations, and a challenging Capture The Flag competition.

This review aims to share an objective summary of what was presented and what it felt like to attend. It covers the structure of the event, selected presentations, the hacking village activities, and impressions from the broader cybersecurity community.

The conference took place at the Athens Conservatoire, a venue known for hosting cybersecurity and technology conferences over the years. Its central location and recognizable architecture have made it a frequent choice for professional gatherings in Greece.

The organizers put effort into designing a visual identity that fit well with hacking culture. Branding was visible across the venue, including neon Offensive X signs, large banners with stylized hacker artwork, and circuit board-inspired badges. The decoration and setup gave a clear sense of focus on offensive security and hands-on research rather than general technology themes.

The main hall hosted the keynote speeches and presentations, while separate areas were reserved for the Capture The Flag competition, the Hacking Village and sponsors. Overall, the atmosphere blended professional with hacking culture really well and was very much aligned with the spirit of the community.

Before the main conference days, Offensive X offered optional training sessions for attendees who wanted to deepen their skills. These trainings were delivered by experienced professionals and focused on advanced offensive techniques.

One of the most discussed courses was Advanced Malware Analysis, led by Théo Letailleur and Maxence Fossat from Synacktiv. The workshop included practical exercises on analyzing malicious software, understanding how payloads are structured, and exploring techniques to evade detection.

Another training, How to Bypass EDR Systems During Red Team Exercises, was conducted by Charles Hamilton. This session covered methods attackers use to avoid Endpoint Detection and Response solutions and demonstrated real-world examples of evasion strategies.

Participants shared positive feedback on LinkedIn about the depth of these trainings, highlighting that they provided practical knowledge directly applicable to red teaming engagements.

The main conference agenda included two full days of talks from professionals with deep experience in offensive security. The presentations covered a range of topics, from exploit development to cloud persistence and AI-driven attacks.

The first keynote was delivered by Dr. Yannis Pavlosoglou, titled “The 3 Horizons of Offensive Cybersecurity Strategy: Red Team Thinking for a Black Swan World.” This talk proposed a framework for balancing current operational focus with preparation for unpredictable future threats. Many attendees mentioned this keynote on LinkedIn as a highlight for its clear and structured approach.

Another keynote on the second day, by Renaud Feil, focused on “Security Beyond the Exploit: Red Teaming at Scale.” It explored how organizations can improve resilience by systematically testing assumptions and building processes that scale beyond isolated engagements.

Lastly, another keynote that captured the audience attention came from Rio Sherri, aka @0x09AL, a Principal Security Consultant at NetSPI, focused on speaking about abusing browser extensions in modern enterprise environments. Rio presented valuable research he had been working on for a long time and also shared some new cool tools and techniques.

Among other technical sessions, several stood out:

• Dirk-Jan Mollema shared a detailed exploration of identity federation abuse in Azure Entra ID, showing persistence techniques and MFA bypasses.
• Ruben Boonen examined post-exploitation risks in AI-first development environments such as VSCode and Cursor.
• Linfeng Xiao and Qican Ma led a live demonstration of hacking an electric car, covering offensive strategies against automotive cyber-physical systems.

• Charles Hamilton presented methods for executing shellcode in .NET without changing memory permissions.

Overall, the talks were practical and focused on methods attackers use today, rather than theoretical overviews. This emphasis on applied knowledge was a common point of positive feedback from participants.

Parallel to the main talks, the conference hosted a dedicated Hacking Village where participants could explore hardware hacking, RFID attacks, and other hands-on challenges.

One of the standout activities was an RFID exploitation challenge hosted by Dennis Goh. This scenario focused on a high/low-frequency RFID attack, where participants worked to identify critical data bytes and design a payload to inject them under specific constraints. The challenge attracted professionals and hobbyists interested in hardware security and was praised for its realistic approach.

Another area of the Hacking Village offered workshops on BadUSB attacks. Chris Chan demonstrated how a modified device, referred to as a “bad mouse,” could be used to compromise a target system. This session helped attendees understand the risks posed by seemingly harmless peripherals.

There was also a hardware badge, designed as a custom circuit board, which included embedded challenges for participants to solve. The Hacking Village setup, combined with the open atmosphere, encouraged people to experiment and learn in a more informal way compared to the main presentations.

Overall, this part of the conference was a good complement to the talks, giving space for direct interaction with devices and techniques in a controlled environment.

The Capture The Flag (CTF) competition at Offensive X was one of the most active parts of the event. Organized by echoCTF (Echothrust Solutions), it featured a range of realistic challenges that tested skills in infrastructure hacking, binary exploitation, web attacks, and cloud security.

A unique element of this CTF was the use of miniature dioramas, physical models of industrial control systems, including wind turbines, cranes, and power plants. Teams worked to breach these simulated environments, making the experience feel extremely close to real-world scenarios.

The competition lasted two days, and the final scoreboard showed strong performances by several teams. La Vida Keyz secured first place, followed by Vysecurity and Order of the Phoenix. Prizes included cash awards and recognition within the community.

Participants described the CTF as challenging and engaging, with some even calling it one of the most intense competitions they had entered. The environment combined teamwork, time pressure, and diverse technical problems that pushed both experienced professionals and newer players to think creatively.

This part of the event clearly demonstrated the organizers’ commitment to practical learning and skill development, reinforcing Offensive X’s reputation as an applied offensive security conference.

Offensive X 2025 was supported by a group of sponsors and exhibitors who contributed to the event’s organization and content. Companies present included established offensive security vendors, service providers, and community-focused organizations.

Among the main sponsors were Code.Hub, NSS, Hackcraft (Neurosoft), EY, and Fortra. Their booths offered information about products, services, and training opportunities, as well as stickers, giveaways, and branded materials.

Cenobe Cybersecurity hosted an arcade corner where attendees could play retro games and enter a raffle for hardware hacking tools such as the Proxmark3, ChameleonUltra, and ChameleonLite. This area helped create a more relaxed atmosphere between technical sessions.

Women in Security and Privacy (WISP) and Women in CyberSecurity (WiCys) also supported the event by providing scholarships and sponsored tickets to help participants attend. These initiatives were mentioned in multiple attendee posts on LinkedIn as important steps toward inclusion and professional development in the field.

Overall, the exhibitor area was well integrated into the conference, offering participants a chance to explore resources, connect with vendors, and learn about tools relevant to offensive security.

One of the strongest aspects of Offensive X 2025 was the community that gathered around it. Attendees included experienced red teamers, penetration testers, researchers, and students from different countries and backgrounds.

Many participants mentioned that the event felt approachable and inclusive, with plenty of opportunities to connect and share ideas. The setup encouraged interaction, whether during breaks, at sponsor booths, or in the Hacking Village.

Several attendees highlighted the value of informal conversations with speakers and other professionals. These exchanges often covered practical techniques, career development, and the challenges of working in offensive security.

Scholarship programs from Women in Security and Privacy (WISP) and Women in CyberSecurity (WiCys) supported participation by individuals who might not otherwise have been able to attend. This was seen as an important step toward broadening access and representation in the field.

Another notable initiative that contributed to the sense of community was the distribution of the Periodic Table of Offensive Security (PTOS). This resource was personally designed and created by Ilias Mavropoulos (Straw Hat Hacks). To make it accessible to everyone, Ilias personally funded the printing of 500 high-quality laminated copies in A4 (350 gsm) so that each participant could take one in the backpack as a memorable takeaway. The PTOS organizes offensive security tools and attack stages in a clear and visually engaging format, helping practitioners reference tools, methods, and frameworks at a glance.

This gesture stood out because it combined practical value with a personal commitment to knowledge sharing. Many attendees shared positive comments about receiving the PTOS, noting that it was a unique, thoughtful addition that would be useful in their work.

Overall, the event succeeded in creating a space that balanced technical depth with openness, making it easier for both newcomers and seasoned professionals to feel part of the community.

Offensive X 2025 delivered what it promised: a conference focused on practical offensive security knowledge, hands-on experience, and a strong sense of community. The organizers managed to combine high-quality technical talks from well established speakers, challenging competitions, and open networking opportunities in a way that felt cohesive and purposeful.

The variety of topics, from cloud persistence and AI-enabled post-exploitation to RFID attacks and automotive hacking, ensured that there was something relevant for professionals across different areas of offensive security. Many talks went beyond surface-level concepts, offering deep dives and demonstrations that participants could immediately apply in their work.

The Capture The Flag competition, with its physical dioramas and realistic infrastructure scenarios, was frequently mentioned as a highlight with photos flooding LinkedIn posts. Alongside that, the Hacking Village and the thoughtfully curated sponsor area added extra layers of engagement.

Finally, initiatives like the distribution of the Periodic Table of Offensive Security, community scholarships, and approachable speakers contributed to an inclusive environment. The atmosphere struck a balance between professional and relaxed, making it easy to learn and connect without feeling rushed or overly formal.

Overall, the impressions and vibes were very similar to larger international conferences such as Black Hat and DEF CON, bringing a culture and level of energy that felt new and significant for Greece. For many local professionals, it was the first time an event combined this scale, quality, and spirit in the region.

For attendees interested in applied offensive security, Offensive X has clearly established itself as one of the most valuable conferences in the region.

While the event was widely appreciated, there were a few points where participants noted room for improvement:

• Session Timing and Overlaps: Some talks and workshops overlapped with the CTF and Hacking Village activities, making it difficult for attendees to experience everything without missing content. Clearer scheduling or staggered sessions could help.
• Space and Seating: At peak times, certain areas, especially around registration, hacking village and coffee breaks, became crowded. A larger venue space or better flow management could improve comfort.
• Advance Communication: A few participants mentioned that more frequent updates before the event, such as detailed agendas or speaker abstracts, would have helped with planning.

These are relatively minor issues in the context of the overall experience, but addressing them would make future editions even stronger.

If future editions continue in the same direction, Offensive X is likely to grow into a flagship event for offensive security professionals in Europe. For anyone interested in red teaming, vulnerability research, and real-world adversarial techniques, it’s a conference worth putting on your calendar.