Join us at DefCamp 2025
That’s right. We're back at the largest cybersecurity conference in CEE, and we're not just bringing our A-game. This time we're bringing the whole team behind our tools.
This is your chance to go beyond the UI. Come by our booth to talk shop, see live demos, and snag gear that'll make your team jealous.
Catch two keynotes on AI pentesting and 0-day hunting
Attend the live demos
Talk to the people behind the tools
Score unique swag
Why you should stop by
No fluff, just great stuff.
Built by breakers. Brought to you live.
Our team wrote the payloads, built the detections, and ran the scans you’re trying to automate. This is your chance to get real answers, no scripts. Ask anything.
Real demos. Zero buzzwords.
We won’t “disrupt” your thinking - we’ll show you how our toolkit lets you scan smarter, validate faster, and report sharper. See our product in action, applied to real-world scenarios.
A gallery’s worth of swag
We’re bringing gear you’ll actually wear, and maybe even fight your teammates over. In a CTF match, obviously.
Get hired
Not right on the spot, let’s get coffee first and talk some vulns, CVEs, you got it. We’re actively recruiting, so this might be your chance to get the tour with bells and whistles.
When & where
November 13-14
Palace of the Parliament
Bucharest, Romania
Meet the speakers
Adrian Furtuna
Founder & CEO
Using his deep technical expertise and 20+ years of hands-on IT security work, Adrian Furtuna founded and built Pentest-Tools.com. He enjoys building and breaking stuff (mostly related to infosec). He also teaches penetration testing classes, does bug bounty hunting, and speaks at international security conferences (Hack.lu, ZeroNights, Hacktivity, DefCamp, OWASP).
Matei Badanoiu
Offensive Security Research Lead
Also known as ‘CVE Jesus’ in closed circles, Matei Badanoiu is a full time security researcher living his best life one CVE at a time. Makes complete sense, since he’s the proud owner of +120 responsibly disclosed 0-days/CVEs. If and when CVEs are not a thing anymore, he’ll really need to find new ways to measure time.
Real talks, no gimmicks
Our team isn’t just attending - they’re taking on the spotlight.
Don’t miss these two sessions.
VIBE Pentesting - Enhancing the human hacker with LLMs
Adrian Furtuna, Founder & CEO, Pentest-Tools.com
📅 Thu, Nov 13, 2:15 PM
📍Track #1 - Rosetti
In this hands-on session we explore multiple scenarios where LLMs can augment the human expertise in penetration testing and offensive security activities.
By integrating well-known LLMs with both open-source and commercial security testing tools, we show how to improve our vulnerability discovery, automated vulnerability validation, exploitation and report writing.
The session is packed with live demos where we highlight the strengths and limitations of using LLMs in offensive security.
We'll finish with a short discussion on the future of pentesting as we know it and how pentesting teams should adapt their processes and skillsets in an AI-assisted world.
Nightmare Factory
Matei Badanoiu, Offensive Security Research Lead, Pentest-Tools.com
📅 Thu, Nov 13, 2:15 PM
📍Track #3 - Balcescu
The team at Pentest-Tools are no strangers to a vulnerability. Or two. Or 166.
As a result, we started pursuing - and finding - our own 0-days.
Following our successes in 2024 with finding vulnerabilities in Odoo, and finding CVEs in Gitea, FileCloud and others, we decided to dive deeper and try HARDER. So far in 2025, we ended up reporting around 15 new 0-days to different vendors (with more to come).
Come along as we unpack our revamped research approach and share examples of vulnerabilities we found that, when chained, result in a one-click RCE attack.
Be there for the whole vibe
A gallery's worth of swag
You know how they make special edition T-shirts at festivals? Well, we don’t want to brag…but we’re gonna brag - our T-shirts are 10 festivals in one.
We could easily sell this stuff, but it’s yours for free if you’re quick enough. And if you thought last year’s ‘I can see your vulns’ pun was good, just wait.