Black Hat Arsenal

Arsenal is a space for developers to showcase the latest open source tools and products with Black Hat attendees. Demonstrations are held in an open, conversational environment, enabling presenters to interact with attendees and provide a hands-on experience.

Participants are able to connect with others in the community and learn about new, cutting-edge research and tools to strengthen their security toolkits. Different tools are showcased across multiple days, including brand new tools, released for the first time. In 2019, Arsenal added introductory Meet Ups and Arsenal Labs to allow visitors to tinker with hardware and open-source tools in workshops led by tool developers.

Black Hat
Arsenal Events

Black Hat Europe

  • December 6-7, 2023

Black Hat Asia

  • April 18-19, 2024

Learn about all of the upcoming Black Hat Events.

Black Hat
Call for Tools

The Call for Tools invites developers to submit their projects for consideration preceding each Black Hat event.

If you would like to learn more about requirements of presenters once selected, please visit the Arsenal Resource Center.

Black Hat
Arsenal Review Board

Black Hat partners with ToolsWatch to produce Black Hat Arsenal at annual events. ToolsWatch reviews all submissions and selects tools for presentations.

Learn more about the Arsenal Review Board.

Arsenal Review Board

Rachid Harrando

Rachid Harrando fell in love with CyberSecurity, thanks to his long-time buddy Nabil Ouch (aka @ToolsWatch) where they launched their 1st startup about Cloud Vulnerability Security! Now Rachid enjoys keeping up with InfoSec as Office of the CISO at ServiceNow. Rachid is CISSP, ISO17001 LI Certified and graduated from French Engineering School ESME Sudria Paris!

NJ Ouchn

NJ has 20 years of experience in security assessment, penetration testing and vulnerability management with excellent knowledge of industry standards. In 2001, he founded the Leading and renowned Infosec Community Tools Portal During 2011, NJ co-founded and since then manage the Black Hat Arsenal Event improving its development and expansion from USA to Europe and Asia. Today the Arsenal is the World Largest Security Event dedicated to Open Source Tools Demonstrations. NJ is also maintaining vFeed IO the Largest Correlated Vulnerability and Threat Intelligence Database used by 1000+ security companies and CERTs.

He currently works as ICS/SCADA Ethical Hacker for different Oil Companies in Europe and Middle East.

Dr. Bramwell Brizendine

Dr. Bramwell Brizendine completed his Ph.D. in Cyber Operations. A security researcher, currently Bramwell is an Assistant Professor at the University of Alabama in Huntsville, and he is the founding Director of the Vulnerability and Exploitation Research for Offensive and Novel Attacks (VERONA Lab). A cybersecurity expert, Bramwell has taught numerous undergraduate, graduate, and doctoral level courses in reverse engineering, software exploitation, advanced software exploitation, malware analysis, and offensive security. Additionally, Bramwell has authored several important cybersecurity tools, including JOP ROCKET, SHAREM, ShellWasp, and ROP ROCKET, which are open source and freely available. Bramwell was a PI on a $300,000 NSA research grant to develop a shellcode analysis framework, SHAREM. Bramwell has been a speaker at many top security conferences across the globe, including different regional variations of Black Hat, DEFCON, Hack in the Box, and more.

Dr. Magda Lilia Chelly

Dr. Magda Lilia Chelly is an award-winning global cybersecurity leader. She has been named one of the top 20 most influential cybersecurity personalities in 2017 and 2021 by ISFEC Global.

Magda has authored two books, with a third being written and planned to be published in 2022. The first book is called "Being Brave; Vera's Cyber Adventures." The book combines cybersecurity with science fiction and romance, intending to raise cyber awareness to the general public. The two other books address cybersecurity challenges and recommendations for c-executives.

Magda's many appearances discussing cybersecurity on national and international TV, Radio, and News Magazines have raised her profile as the media's go-to expert on subjects requiring accurate yet straightforward insights on cybersecurity topics. Magda appeared in a popular documentary on Channel News Asia, "The Dark Web," where she provides insights on cybercrimes. She, later on, was featured in other TV shows, including VTV 1 News; the first Vietnamese channel of VTV launched on 7 September 1970. Dr. Magda was the guest on Task Force 7 Radio. She gave interviews, including Prime Time on MoneyFM 89.3. In 2020 and 2021, she was featured in the distributed version of the Dark Web Documentary on Canal Plus and ZDFInfo.

Magda also hosted cybersecurity events worldwide, including the first Catch the Flag competition for girls in Singapore in collaboration with the Cybersecurity Agency of Singapore in 2019. Currently, she is working on its fourth edition.

In her career, Magda wore several hats. She has been an Information Security Officer for multiple organizations, including multinational insurance corporations. She developed businesses in the cyber advisory space. Furthermore, with years of experience in cybersecurity and providing services worldwide, Magda co-founded a cybersecurity start-up in Singapore valued at 7 Million SGD in 2020. She is also an angel investor in the cybersecurity space and beyond.

Magda is a popular keynote speaker. She delivers engaging presentations worldwide in five languages: English, French, Polish, Italian, and Arabic for corporate events, practitioner, and academic conferences. Known for her ability to engage audiences ranging from senior executives to ethical hackers and the general public, she brings energy, enthusiasm, and fun to cybersecurity.

Her speaking engagements address mainly topics on cyber risk quantification, bridging the gap between business and cybersecurity, cyber awareness, diversity and inclusion in the cybersecurity industry, and cybersecurity investments and entrepreneurship. Magda's research focused on cybersecurity, the future of localization and positioning, education, and more. Her research writings around cybersecurity have been featured by IEEE, RSA Conference, World Congress on Internet Security (WorldCIS-2016), CYBER RISK LEADERS Magazine.

Magda's international experience, technical knowledge, and multi-cultural background have equipped her with unique insights. She is known for her clear communication style and for making cybersecurity accessible to all.

Tony Lee

With a diverse background in Red Teaming, Incident Response, and SOC building, Tony is considered a trusted advisor to many global organizations. As an avid educator, he has taught thousands of students at venues worldwide, including government, universities, corporations, and conferences such as Black Hat. He takes every opportunity to give back to the security community through writing, mentoring, and helping organize amazing conferences and presentations.

Vivek Ramachandran

Vivek Ramachandran is a serial entrepreneur, author, and cyber security professional with over 2 decades of experience. He is currently the founder of SquareX, a browser-based cyber security solution for consumers, which recently received seed funding from Sequoia Capital Southeast Asia in May 2023.

Prior to SquareX, Vivek was the founder and CEO of Pentester Academy. The company trained thousands of customers from government agencies, Fortune 500 companies and to enterprises from over 140 countries. Vivek successfully sold Pentester Academy to a US based education and training company called INE in 2021.

Vivek's expertise and influence extend beyond his ventures, as he is a sought-after speaker at top security conferences worldwide, including Blackhat USA and Europe, DEFCON, Brucon, and Hacktivity. His pioneering work on wireless security led him to discovery of the notable Caffe Latte attack. Vivek is an accomplished author with multiple five-star rated books on Wi-Fi security, translated into various languages and appreciated globally.

Noushin Shabab

Noushin Shabab is a lead security researcher in the Global Research & Analysis Team (GReAT) at kaspersky. Her research focuses on the investigation of advanced targeted attacks with a particular focus on local threats in the Asia Pacific region.

Noushin is very active in the cybersecurity community where she regularly presents at various security conferences and also delivers technical workshops. Some of her previous conference presentations include Virus Bulletin, Black Hat ASIA, AusCERT, Security Analyst Summit, 0xCC, MRE, Ruxcon, Kawaiicon and various BSides events. She has been a guest lecturer at RMIT University, Melbourne Institute of Technology and the University of Guelph, Canada. She is also a member of the Australian Women in Security Network (AWSN) which aims to connect, support, collaborate and inspire women in the Australian cybersecurity industry.

Sustaining Partners