2025-12-13 –, Workshop Room 5
Many security folk are excellent at breaking things — fewer understand how to fix them. This two-hour, no-nonsense workshop teaches both sides of the coin for LLM chatbots: how prompt-injection and context-abuse attacks work in practice, and defensive controls you can implement today. Through an interactive attack-and-defence wargame we’ll exploit each others vulnerable chatbots, then harden them using layered mitigations. Expect practical demos, group exercises and takeaways you can apply to production systems. You’ll walk out with a better bullshit detector for when vendors tell you “our chatbot is secure by design.”.
LLMs are the new fun. Everyone’s hacking with ChatGPT-style bots, but few people actually understand how to patch them. Most pentesters stop at “haha, I made the bot leak its secrets.” Fewer can explain how to fix it so it doesn’t happen again.
This workshop is two hours of hands-on breaking and fixing LLMs. No fluff. We’ll spin up vulnerable chatbots for every learner and you’ll get to throw every nasty trick at them: prompt injections, role hijacks, data leaks, chaining attacks. Then we’ll flip it: you’ll harden the same bots, learning what actually works and what doesn’t when trying to defend against attacks.
The workshop is fully hands-on. We will learn in an attack and defence lab. By the end you’ll not only know how to pwn an LLM, but also how to design one that doesn’t roll over the second someone asks “ignore previous instructions and…”
This is built for Bsides folks — hackers, red teamers, defenders who want something tangible to take away. You’ll walk out with a better bullshit detector for when vendors tell you “our chatbot is secure by design.”
Davide Cioccia is the founder of DCODX, an ethical hacking, and security training firm focusing on DevSecOps, and AI pentesting. Davide is also CPO at SecDim.
Security Researcher Veteran | Serial Entrepreneur | Lecturer | Keynote Speaker | Baba