Skip to content
BLACKOUT

leHACK OSINT VILLAGE is the serie of talks taking place inside the Louis Armand conference room (LVL -3)

leHACK OSINT VILLAGE offers a panorama of Open Source Intelligence technologies.
Open Source Intelligence (OSINT) is the collection, analysis, and dissemination of information that is publicly available and legally accessible.

osint TRACK

26/06/2026

10:30 - 11:30 TALK: [>_] Agents in the Basement EN

Salle Louis Armand s3

AI agents are starting to change OSINT work, not because they replace analysts, but because they can take over parts of the research loop: searching, extracting, comparing sources, drafting briefs, and leaving traces that a human can inspect. This talk presents a practitioner’s view of that shift. It starts with the evolution of cyber horizon scanning from framework-based research and OSINT, to field intelligence and LLM-assisted synthesis, and now to supervised agentic workflows. Using the example of vulnerability research, it will discuss possible architectures built with currently available tools: local agents, web search, controlled tool access, locally hosted language models, cloud model escalation, and evidence traces that support human review. The talk will focus on architecture, token and privacy strategy, local versus cloud model routing, harnesses, evaluation loops, and the limits of automation. It ends with the next question: once agents help govern research workflows, how do we keep human judgment visible and accountable?

Sergio Coronado

Sergio Coronado

Prof Dr Sergio Coronado is an internationally recognised expert in Information Technology and Communications with more than 35 years of experience across IT Strategy, Digital Leadership, Cloud Technologies, Cybersecurity, AI and Education. He is CIO at the NATO Support and Procurement Agency (NSPA) and an Assistant Professor (associé) at the University of Luxembourg, where he teaches Advanced Project Management and Cybersecurity Risk Management. Sergio holds a PhD in Industrial Engineering, an MSc in Software Engineering, a Certificate in Corporate Governance from INSEAD Business School, an MA in Clinical Psychology and Education, and a BSc in Electrical Engineering. In his free time, Sergio contributes to developing Luxembourg’s future digital talent through the Luxembourg Tech School (LTS) non-profit. Since 2016, LTS has grown from 30 students to more than 1.700 today, expanding from a one-year programme to a three-year programme covering Game Development, AI, FinTech, Robotics, Emerging Tech, Creative Coding, Digital Thinking and Interaction Design. The initiative also supports kids and adults with special needs, including autism, mental disabilities and neurodiversity.

11:30 - 12:30 TALK: Sun, Sea, and SQLite: Open-Source Facial Recognition for Fugitive Hunting EN

Salle Louis Armand s3

This talk will demonstrate a research project focused on transforming everyday tourist videos and walking tours into an automated investigative tool for tracking international fugitives. Attendees will discover how high-definition public footage can be leveraged for open-source intelligence, turning casual holiday backdrops into an effective search mechanism. By attending this session, you will explore a unique proof of concept for a localised facial recognition pipeline designed to scan video content for specific targets. You will walk away with a practical framework for automating target identification, understanding how open-source data can be harnessed to uncover individuals hiding in plain sight.

Joshua Richards

Joshua Richards

Joshua Richards is the founder of OSINT Praxis, where he specialises in digital footprint management, privacy consulting, and training. With over a decade dedicated to helping individuals and businesses understand their online exposure, Joshua focuses on identifying and fixing the vulnerabilities that most people don’t know exist. His approach combines technical precision with a passion for the human side of security. With experience spanning both the public and private sectors, Joshua brings a grounded and practical perspective to his work. In addition to his consulting, he is a member of the leadership team for the UK OSINT Community, helping to shape the future of the industry through education and collaboration.

13:30 - 14:30 TALK: Needle in a haystack: influence operations hiding in a dataset of 10 million users EN

Salle Louis Armand s3

Analyzing manipulation campaigns on social media is a complex topic, especially when you want to draw an accurate and complete picture of the operation. Inauthentic accounts and posts are diluted in a huge ocean of legitimate content, but what if we had the ability to scan the entire ocean? In this talk, we will demonstrate 4 cases where we managed to uncover influence operations by using algorithms on very large datasets, including our findings on the infamous Russian operation against the 2024 Romanian elections.

Clément Hammel

Clément Hammel

Clément and Mathis are co-founders of Agoratlas, a French agency specialized in analyzing social media data at very large scales. In collaboration with authorities and press organizations, they have uncovered online campaigns in several countries that were attacking the core of democracy, especially through their elections.

Mathis Hammel

Mathis Hammel

14:30 - 15:30 TALK: Decoding China’s OSINT Ecosystem EN

Salle Louis Armand s3

This session dives into China’s OSINT ecosystem: how public and private actors intertwine to equip the Party-state with powerful capabilities to collect and exploit publicly available data. We’ll unpack the tools, workflows, and partnerships that sustain this system, with a particular focus on how information is extracted and processed from Chinese sources

Côme

Côme

Côme is the Global Engagement Manager at Tadaweb, the Operating System for OSINT.

15:30 - 16:30 TALK: Fight for Facts! Investigations at Reporters Without Borders (RSF) EN

Salle Louis Armand s3

As the mandate of Reporters sans frontières (RSF) has expanded, the organization launched its own investigations desk in 2022. Today, RSF is allocating dedicated resources and building innovative partnerships to take a deep dive into crimes committed against journalists, expose disinformation and propaganda operations, investigate the misuse of surveillance technologies, and shed light on the forces undermining media independence and pluralism. OSINT techniques have become part of RSF’s everyday investigative toolkit. This conference will offer a first glimpse behind the scenes of RSF’s investigative work: how facts are tracked and turned into impactful stories.

Arnaud Froger

Arnaud Froger

Arnaud Froger heads the Investigations Desk at Reporters Without Borders, which he created in 2022 to strengthen RSF’s ability to produce compelling investigations and support the organization’s advocacy strategy. He joined RSF in 2018 as Head of the Africa Desk. Previously, he worked as a reporter for several international news organizations, including RFI and France 24 mainly on the African continent, where he lived for around seven years.

18:00 - 21:00 CTF: Tracelabs Search Party EN

Salle Louis Armand s3

Help find the missing. Join the Trace Labs Search Party CTF at leHACK! The Trace Labs Search Party is a unique OSINT CTF where participants investigate real missing persons cases using open-source intelligence techniques. The intelligence gathered during the event is shared with partner organizations assisting families and law enforcement. Free and exclusively available to in-person leHACK attendees. Come learn, collaborate, and put your OSINT skills to work for a meaningful cause. A huge thank you to LGDD for supporting the event and serving as Trace Labs Coaches.

TRACELABS

TRACELABS

Trace Labs is a nonprofit organization whose mission is to accelerate the family reunification of missing persons while training members in the tradecraft of open source intelligence (OSINT).

27/06/2026

10:30 - 11:30 TALK: From Open Data to Evidence EN

Salle Louis Armand s3

Lorand Bodo is an international civil servant at the International, Impartial and Independent Mechanism for Syria (IIIM), where he works as an Internet Resources Analyst. In a personal capacity, Lorand Bodo will discuss the role of open source investigations in accountability efforts at the international level, drawing on practical experience in building investigative capacity, developing analytical workflows, and training initiatives. The talk will highlight how organizations can leverage open sources to support evidence-based investigations.

Lorand Bodo

Lorand Bodo

Lorand Bodo is a multilingual OSINT analyst currently serving as an Internet Resources Analyst with the United Nations. With experience across both the public and private sectors, Lorand has worked on a wide range of thematic areas, including counterterrorism, mis- and disinformation, environmental crime, and currently accountability-related work. In addition, he has been highly actively engaged in the global OSINT community through various initiatives, contributing to knowledge-sharing, training, and the advancement of open source investigative practices.

11:30 - 12:30 TALK: The Phisher’s Inbox: Reading Telegram Exfiltration Channels with the Bot Token EN

Salle Louis Armand s3

Phishing kits increasingly send stolen credentials straight into Telegram, posting them to a bot the operator controls. That design is also the weakness: anyone holding the bot token reads the same channel the operator does. At scale, that access becomes a view across the whole ecosystem, kept strictly aggregate: which sectors and regions the stolen data concentrates in, how large the victim pools actually are, and what the channels expose about the operators, who range from organized crews to people who plainly do not grasp the tool they deploy and keep treating their exfiltration feed as the private space it never was.

Oleg O.

Oleg O.

Oleg O. is a French cyber threat intelligence analyst specializing in Russian-speaking cybercrime and the broader Russian-language cybercriminal ecosystem. His research focuses on all aspects of this underground ecosystem, including ransomware operations, underground forums, bulletproof hosting services (BPH), illicit cryptocurrency exchanges, and money laundering techniques. He is the founder and editor of CybercrimeDiaries.com blog, where he publishes in-depth analyses and case studies based on my investigations. He is also a member of the Curated Intelligence research group, a collective of threat intelligence professionals sharing open-source research.

14:00 - 15:00 TALK: On the information frontline. A human and digital investigation in the Russian-speaking region of Gagauzia (Moldova) EN

Salle Louis Armand s3

This study offers a cross-analysis of the circulation and reception of Russian and pro-Russian narratives in Moldova. The country currently serves as a testing ground for Russia to trial new techniques that are subsequently rolled out in other countries. It is also viewed by Moscow as a vulnerability for Europe, given that some of its citizens are able to move freely both within Russian-occupied Transnistria and within the Schengen Area. The investigation focused on Gagauzia, a southern region where a sense of marginalisation vis-à-vis Chișinău and Europe creates fertile ground for the penetration of Russian narratives. It combines ethnographic fieldwork with a digital investigation utilising cyber and OSINT methods, and has enabled us to uncover manoeuvres relying on clandestine broadcasting equipment, as well as Russian, Chinese and possibly even Iranian cybercriminal networks, used to disseminate narratives in Gagauzia.

Kélian Sanz Pascual

Kélian Sanz Pascual

Kélian SANZ PASCUAL is head of Russian affairs at Cassini and PhD Student at GEODE. His research focuses on how Russia uses ICT to pursue its imperialist policy. As part of his work at Cassini, he also studies Russian influence operations and networks of actors such as the former Prigozhin ‘galaxy’, the SDA, Russian ‘ANOs’ and the Russian presidential administration.

Kevin Limonier

Kevin Limonier

Kevin Limonier is a professor of geography at the French Institute of Geopolitics (University of Paris 8). He is also deputy director of GEODE, one of two Centres of Excellence selected in 2020 by the Ministry of the Armed Forces to promote the next generation of strategic talent in France.He is also scientific director of the Russian-speaking Infosphere Observatory, a member of the Russia Programme at George Washington University, and a founding partner of the cartography firm Cassini. He lectures on cyber issues at several training programmes (Saint-Cyr Coëtquidan, etc.) and for several years taught geography and geopolitics at the Russian State University for the Humanities (RGGU, Moscow). His research focuses on the development of new methods for mapping cyberspace and digital investigation (OSINT) in the post-Soviet context (Mapping Power in the Digital Age: Investigations and Explorations in Russian Cyberspace, to be published by CNRS Editions in 2026).

15:00 - 16:00 TALK: The Digital Armoury; Mapping the Global 3D-Printed Firearms Movement EN

Salle Louis Armand s3

The Digital Armoury maps the brief history of the global 3D-printed firearms ecosystem, from designers and design communities to files, distribution platforms, physical objects, end users, and emerging practices. The talk examines how digital designs circulate, evolve, and materialize, and how OSINT can help researchers and security professionals better understand the connection between the online movement and its potential real-world consequences.

Zoltán Füredi

Zoltán Füredi

Founder of Deep Layer Lab and veteran aviation security professional focused on the evolving threat of 3D-printed firearms and their adjacent digital ecosystems. Creator of tools supporting the detection, analysis, and structured understanding of emerging additive-manufacturing-related threats.

16:00 - 17:00 TALK: Hunting spies for a living EN

Salle Louis Armand s3

How OSINT can help identify Russian spies in journalistic investigations : ethical considerations and real-world examples.

Nicolas Quenel

Nicolas Quenel

Nicolas Quenel is a french investigative journalist. He’s been working on russian intelligence activities for six years and had exposed a dozen of spies and operations targeting France and Europe.

17:00 - 19:30 TALK: Rumps EN

Salle Louis Armand s3

RUMPS are small talk sessions, where you can freely grab the mic to present random speech about hacking without control, censorship, pressure, and inside a 'plausible deniability' setup. No lineup, no recording, no endorsements, anonymity is guaranteed if needed but you bring your own countermeasures (face mask allowed). You take all responsibility for the topic you present, leHACK isn’t responsible for your speech, be wise and don’t break the law. See you on Louis Armand room, on S3 level, starting Saturday 27/06/2026 from 17:00 to 19:30. Format : 5 minutes, ABSOLUTELY NO CAMERA, NO RECORDING! We will enforce this and immediately remove offenders without warning. Send us your speech hints at CFP before Saturday noon !

21:30 - 22:15 LIVE TALK: Car Hacking FR

Salle Louis Armand S3

Following the serie of workshops Ratzilla gave on car hacking, he will give a closure talk on the same topic.

RatzillaS

RatzillaS

Hi, I’m RatZillaS aka Gaël Musquet. I’m a Free/Libre Open Source Software/Hardware Westindian Hacker. Hamradio CallID: [FR] F4HXS [US] N6HXS Spokesman of OpenStreetMap France Chairman of HAND – Hackers Against Natural Disasters I’m the founder and CEO of CxLinks a SME specialized in Open[Source|Hardware] embedded systems, part of SmartUp27 hosted by EAC2P, the CIS Unit of French Air Force I love Astronomy, Hamradio, Debian and h4ck1ng stuff. If you would like to get in touch with me for h4ck, crisis management, or hamradio, feel free to send me an email or a tweet. My email address is: gael.musquet -> ratzillas.com GPG:0x76E279EE My Twitter is: @RatZillaS.

28/06/2026