Vienna Ethical Hacking Bootcamp 2026

The International Ethical Hacking Bootcamp is a short, intensive and practice-oriented training format focused on applied cybersecurity skills. Participants learn how to identify, analyse and responsibly report security vulnerabilities using ethical and legal methods. Designed for students, young professionals and cybersecurity enthusiasts, the bootcamp offers hands-on experience with cybersecurity fundamentals, penetration testing, vulnerability assessment, defensive strategies and realistic attack scenarios in a controlled learning environment. The format fosters practical skill development, joint learning and cross-border networking.

2026-07-07

From 2 to 5 July 2026, TU Wien hosted the fourth edition of the International Ethical Hacking Bootcamp, bringing together around 140 participants from 12 countries: Austria, Croatia, Czechia, Denmark, Hungary, Italy, Kosovo, Romania, Serbia, Slovakia, Slovenia and Switzerland. The event was organized by the TU Wien Cybersecurity Center in partnership with Cybersecurity Austria (CSA). The organizing team included Joe Pichlmayer, CEO of IKARUS and founder of the Austrian Cyber Security Challenge; Manuel Reinsperger, coach of Team Austria; and Marco Squarcina, Professor at TU Wien and coach of Team Austria.

The event opened with welcome remarks by Prof. Peter Puschner, Faculty Representative for Research and Infrastructure at the TU Wien Faculty of Informatics, and Prof. Matteo Maffei, Head of the Security and Privacy Group and Co-Director of the TU Wien Cybersecurity Center. Later on the first day, participants were also welcomed by Prof. Dr.-Ing. Jens Schneider, Rector of TU Wien. On the third day, Luca Tagliaretti, Executive Director of the European Cybersecurity Competence Centre (ECCC), joined online to greet the participants and emphasize the importance of developing cybersecurity talent across Europe.

The bootcamp combined an informal networking session, expert-led technical workshops, a full-day Capture The Flag exercise, and joint evening events. The programme covered AI-assisted hacking, vulnerability research in the V8 JavaScript engine, hardware hacking, web attacks without JavaScript, and Linux kernel exploitation. It offered participants a structured mix of hands-on cybersecurity training, collaborative problem-solving and cross-border networking.

A key contribution came from the TU Wien team and students who developed and supported the Attack/Defense CTF services and infrastructure used during the bootcamp. Lorenzo Veronese served as the A/D CTF mastermind, while Johannes Simon supported logistics and infrastructure, Dominik Apel contributed to the website, and Felix Roithmayr supported the testing of the A/D CTF services. The services developed by TU Wien students were developed as part of the course “Attacks and Defenses in Computer Security”, taught by Marco Squarcina, Lorenzo Veronese, Michael Pucher and Georg Merzdovnik. However, their impact went far beyond regular course assignments: they became part of a high-level international training environment and directly contributed to strengthening the practical cybersecurity skills of some of Europe’s leading young talents.

The technical programme covered a broad range of current cybersecurity topics. Philippe Dourassov led the workshop “Building AI agents for hacking”, introducing participants to the use of AI agents in security testing, including orchestration strategies, false-positive handling and practical agent-based hacking exercises. Matthias Pleschinger presented “Tales from the V8 VRP — A Post-Mortem”, offering insights into vulnerability research in the V8 JavaScript engine and the evolution of professional vulnerability research programmes.

The workshop “Hardware Hacking 101” by Jacopo Ferrigno introduced participants to practical hardware analysis, including PCB inspection, chip reconnaissance, communication interfaces, firmware extraction and basic hardware attack techniques. On the final day, Dragos Albastroiu delivered “Hacking with <style> — Breaking the Web Without JavaScript”, focusing on HTML, CSS and font-based attack techniques that do not rely on JavaScript. The programme concluded with “Linux Kernel Exploitation” by Georg Felber, which introduced common vulnerability classes and approaches to Linux kernel exploitation in both CTF-style and real-world security scenarios.

By combining expert-led workshops, challenge-based learning, student-developed CTF infrastructure and international teamwork, the International Ethical Hacking Bootcamp strengthened practical cybersecurity skills and reinforced Vienna’s role as a hub for cybersecurity education, research and European cooperation.

Further details are available on the bootcamp website