OffensiveCon 2026 — Berlin

OffensiveCon exists because its founders got tired of security conferences where half the talks are product demos in disguise. Every presentation here is deeply technical, peer-reviewed for quality, and focused on one thing: pushing the boundaries of offensive security research.

Held at the Hilton Berlin, the conference keeps its attendance deliberately small — a few hundred people — which creates an atmosphere closer to a research workshop than a trade show. You'll sit next to Google Project Zero researchers, MSRC engineers, and independent hackers who've spent months or years developing their techniques.

What You'll See on Stage

Past OffensiveCon talks have included full browser exploitation chains, novel kernel privilege escalation techniques, attacks on hypervisors, and hardware implant research. The 2026 edition is expected to continue this tradition with a focus on:

• Modern browser sandbox escape techniques
• Exploitation of AI/ML inference engines
• Mobile baseband attacks
• Hypervisor and TEE security research
• Supply chain attack methodologies

Training Workshops

The four days preceding the conference (May 11–14) offer hands-on training from practitioners who actually develop exploits, not trainers who read slides. Topics typically include advanced binary exploitation, ARM reverse engineering, and Windows kernel internals.

Who Should Attend

This isn't a conference for beginners or business executives. It's for security researchers, vulnerability analysts, and red team operators who want to stay at the technical frontier. If you've ever submitted a CVE, written a fuzzer, or debugged a kernel crash — you'll feel at home.