Talk/Event Schedule


Saturday


This Schedule is tentative and may be changed at any time. Check at an Info Booth for the latest.

 

Saturday - 08:00 PDT


Return to Index  -  Locations Legend
SEV - (08:30-08:59 PDT) - Social Engineering Community Village opens - morning welcome and introduction

 

Saturday - 09:00 PDT


Return to Index  -  Locations Legend
DC - Human Registration Open
DC - Merch (formerly swag) Area Open -- README -
PYV - Payment Hacking Challenge -
SEV - Heroes vs Villians, a SEC Youth Challenge -
SEV - Vishing Competition (SECVC) - LIVE CALLS -
SKY - (09:30-10:20 PDT) - Geo-Targeting Live Tweets - Chet Hosmer
SOC - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
WS - Pivoting, Tunneling, and Redirection Master Class - Wesley Thurner,Barrett Darnell
WS - Master Class: Delivering a New Construct in Advanced Volatile Memory Analysis for Fun and Profit - Solomon Sonya
WS - Dig Dug: The Lost Art of Network Tunneling - Eijah,Cam
WS - Windows Defence Evasion and Fortification Primitives - Paul Laîné,Rohan Durve
WS - CTF 101: Breaking into CTFs (or “The Petting Zoo” - Breaking into CTFs) - Robert Fitzpatrick,Chris Forte

 

Saturday - 10:00 PDT


Return to Index  -  Locations Legend
AIV - A few useful things to know about AI Red Teams  - Sudipto Rakshit 
APV - Cypher Query Injection - the new "SQL Injection" we aren't aware of - Noy Pearl
ASV - Building Your Own Satellite Ground Station - Eric Escobar
ASV - Pen Test Partners A320 Simulator -
ASV - Boeing ARINC 429 Airplane Challenge and CTF -
ASV - Hack-A-Sat Digital Twin Workshop -
ASV - Amazon Web Services Aerospace and Satellite Jam -
ASV - Hack the Airfield with DDS -
ASV - Satellite Eavesdropping with DDS -
ASV - Red Balloon Failsat Challenges -
ASV - Hack the Airport with Intelligenesis -
ASV - (10:30-10:55 PDT) - Quantum Snake Oil? What Ailments Can It Cure? - Jose Pizarro
AVV - Drag us to Wonder Bad: a tale of how to be good people by capturing credentials and 2FA - Daniel Isler
AVV - (10:30-12:30 PDT) - Adversary Booth - Dean Lawrence,Ethan Michalak,Melanie Chan,Michael Kouremetis,Jay Yee
AVV - (10:30-17:30 PDT) - Adversary Wars CTF -
BHV - Space Station Sapians: Health is out of this world - Dr. Josef Schmid
BHV - (10:30-10:59 PDT) - Faking Positive COVID Tests - Ken Gannon
BICV - When The "IT" Hits The Fan, Stick To the Plan - Levone Campbell
BTV - (10:30-11:30 PDT) - Obsidian Forensics: KillChain3 - Continued Adventures in Splunk and Security Onion - ExtremePaperClip,Omenscan,Wes Lambert
BTV - (10:30-11:30 PDT) - Obsidian: IR - OODA! An hour in incident responder life - juju43
BTV - (10:30-11:30 PDT) - Obsidian CTH: Sniffing Compromise: Hunting for Bloodhound - CerealKiller
CLV - OAuth-some Security Tricks: Yet more OAuth abuse - Jenko Hwong
CLV - (10:40-11:20 PDT) - Who Contains the “Serverless” Containers? - Daniel Prizmant
CON - (10:30-11:59 PDT) - Capture The Packet Preliminaries -
CON - IoT Village CTF (the CTF formally known as SOHOplessly Broken) -
CON - Car Hacking Village CTF -
CON - Red Team Village CTF Qualifiers Part 2 -
CON - DARKNET-NG -
CON - DEF CON’s Next Top Threat Model -
CON - DC30 Ham Radio Fox Hunt Contest -
CON - Hospital Under Siege -
CON - Kubernetes Capture The Flag -
CPV - (10:30-10:59 PDT) - Fun with Factoring Large Prime Numbers - p80n,r3c0d3
DC - Scaling the Security Researcher to Eliminate OSS Vulnerabilities Once and For All - Jonathan Leitschuh
DC - Literal Self-Pwning: Why Patients - and Their Advocates - Should Be Encouraged to Hack, Improve, and Mod Med Tech - Christian "quaddi" Dameff MD,Cory Doctorow,Jeff “r3plicant” Tully MD
DC - cont...(09:00-18:59 PDT) - Human Registration Open
DC - Brazil Redux: Short Circuiting Tech-Enabled Dystopia with The Right to Repair - Paul Roberts,Kyle Wiens,Louis Rossmann,Corynne McSherry,Joe Grand
DC - Vendor Area Open
DC - cont...(09:00-15:59 PDT) - Merch (formerly swag) Area Open -- README -
DC - Memorial Room Open -
DC - Village Areas Open (Generally) -
DDV - DDV open and accepting drives for duplication -
DL - Empire 4.0 and Beyond - Vincent "Vinnybod" Rose,Anthony "Cx01N" Rose
DL - Memfini - A systemwide memory monitor interface for linux - Shubham Dubey,Rishal Dwivedi
DL - svachal + machinescli - Ankur Tyagi
DL - Injectyll-HIDe: Pushing the Future of Hardware Implants to the Next Level - Jonathan Fischer,Jeremy Miller
DL - EDR detection mechanisms and bypass techniques with EDRSandBlast - Thomas Diot,Maxime Meignan
GHV - Learn The Game, Play The Game, Change the Game - Yatia Hopkins
GHV - (10:30-10:59 PDT) - Opportunity Fuels Grit - Tanisha O'Donoghue
HHV - Solder Skills Village - Open
HHV - Hardware Hacking Village - Open
ICSV - Industry 4.0 and the MTS of the Future – Convergence, Challenges and Opportunities [[MARITIME]] - Zac Staples
ICSV - CISA and Idaho National Lab Escape Room -
ICSV - Hack the Plan[e]t CTF -
ICSV - Fantom5 SeaTF CTF -
ICSV - DDS Hack-the-Microgrid -
IOTV - IoT Village CTF Challenges -
IOTV - Hands on hacking labs -
IOTV - BURP Suite, Forensics Tools & 0-day Exploit Development. - Ken Pyle
IOTV - Hands on Hardware Hacking – eMMC to Root - Deral Heiland
IOTV - Drone Hack -
LPV - (10:15-10:45 PDT) - Intro to Lockpicking - TOOOL
MIV - Tools for Fighting Disinformation - Preslav Nakov
MIV - (10:45-12:30 PDT) - Mass Disinformation Operations - How to detect and assess Ops with OSINT & SOCMINT tools and techniques - Paula González Nagore
PHV - Botnet Workshop -
PHV - HardWired -
PHV - Wall of Sheep -
PHV - Packet Inspector -
PHV - Packet Detective -
PHV - Honey Pot Workshop -
PHV - NetworkOS Workshop -
PHV - RegEx Trainer -
PHV - Linux Trainer -
PLV - Hacking Operational Collaboration - Brianna McClenon,Hristiana Petkova,Gavin To,David Forscey,Seth McKinnis
PLV - Imagining a cyber policy crisis: Storytelling and Simulation for real-world risks - Nina Kollars,Winnona DeSombre,Safa Shahwan Edwards
PSV - Physical Security Village -
PSV - (10:30-10:59 PDT) - Bypass 101 - Karen Ng
PYV - cont...(09:00-13:59 PDT) - Payment Hacking Challenge -
RFV - DEFCON Demonstrations and Presentations by Open Research Institute at RF Village - Open Research Institute
RFV - (10:30-11:30 PDT) - RF CTF Kick Off Day 2 - RF Hackers Village Staff
RTV - Container and Kubernetes Offense - Michael Mitchell
RTV - Cyber Resilience Bootcamp - Ron Taylor
RTV - HackerOps - Ralph May
RTV - OSINT Skills Lab Challenge - Sandra Stibbards,Lee McWhorter
SEV - cont...(09:00-17:59 PDT) - Heroes vs Villians, a SEC Youth Challenge -
SEV - cont...(09:00-11:59 PDT) - Vishing Competition (SECVC) - LIVE CALLS -
SKY - cont...(09:30-10:20 PDT) - Geo-Targeting Live Tweets - Chet Hosmer
SKY - (10:35-11:25 PDT) - What your stolen identity did on its CoViD vacation - Judge Taylor
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
TEV - Learn at Tamper-Evident Village -
VMV - Dominion ImageCast X CVEs and reflections on CVD for election systems - Drew Springall
WS - cont...(09:00-12:59 PDT) - Pivoting, Tunneling, and Redirection Master Class - Wesley Thurner,Barrett Darnell
WS - cont...(09:00-12:59 PDT) - Master Class: Delivering a New Construct in Advanced Volatile Memory Analysis for Fun and Profit - Solomon Sonya
WS - cont...(09:00-12:59 PDT) - Dig Dug: The Lost Art of Network Tunneling - Eijah,Cam
WS - cont...(09:00-12:59 PDT) - Windows Defence Evasion and Fortification Primitives - Paul Laîné,Rohan Durve
WS - cont...(09:00-12:59 PDT) - CTF 101: Breaking into CTFs (or “The Petting Zoo” - Breaking into CTFs) - Robert Fitzpatrick,Chris Forte

 

Saturday - 11:00 PDT


Return to Index  -  Locations Legend
AIV - Hands-on Hacking of Reinforcement Learning Systems - Dr. Amanda Minnich 
APV - The Log4J Rollercoaster - from an incident response perspective - Brenton Morris,Guy Barnhart-Magen
ASV - cont...(10:00-11:59 PDT) - Pen Test Partners A320 Simulator -
ASV - cont...(10:00-15:59 PDT) - Boeing ARINC 429 Airplane Challenge and CTF -
ASV - cont...(10:00-16:59 PDT) - Hack-A-Sat Digital Twin Workshop -
ASV - cont...(10:00-16:59 PDT) - Amazon Web Services Aerospace and Satellite Jam -
ASV - cont...(10:00-16:59 PDT) - Hack the Airfield with DDS -
ASV - cont...(10:00-16:59 PDT) - Satellite Eavesdropping with DDS -
ASV - cont...(10:00-15:59 PDT) - Red Balloon Failsat Challenges -
ASV - cont...(10:00-16:59 PDT) - Hack the Airport with Intelligenesis -
ASV - Cyber Threats Against Aviation Systems: The Only Threat Briefing You Really Need - Teresa Merklin
AVV - cont...(10:30-12:30 PDT) - Adversary Booth - Dean Lawrence,Ethan Michalak,Melanie Chan,Michael Kouremetis,Jay Yee
AVV - cont...(10:30-17:30 PDT) - Adversary Wars CTF -
AVV - Nimbly Navigating a Nimiety of Nimplants: Writing Nim Malware Like The Cool Kids - Cas Van Cooten
BHV - How to Leverage MDS2 Data for Medical Device Security - Jeremy Linden
BHV - (11:30-11:59 PDT) - All information should be free (except the brain data you want to keep in your head)  - Isabel Straw
BICV - Cryptocurrency: A Bridge Across the Digital Divide - Stephanie Barnes
BTV - cont...(10:30-11:30 PDT) - Obsidian Forensics: KillChain3 - Continued Adventures in Splunk and Security Onion - ExtremePaperClip,Omenscan,Wes Lambert
BTV - cont...(10:30-11:30 PDT) - Obsidian: IR - OODA! An hour in incident responder life - juju43
BTV - (11:30-12:30 PDT) - Obsidian Forensics: Kill Chain 3 Endpoint Forensics Walkthrough - Omenscan
BTV - cont...(10:30-11:30 PDT) - Obsidian CTH: Sniffing Compromise: Hunting for Bloodhound - CerealKiller
BTV - (11:30-12:30 PDT) - Obsidian CTI: Operationalizing Threat Intelligence - l00sid,ttheveii0x,Stephanie G.
BTV - Threat Hunt Trilogy: A Beast in the Shadow! - Dr. Meisam Eslahi
BTV - Web Shell Hunting - Joe Schottman
CLV - cont...(10:40-11:20 PDT) - Who Contains the “Serverless” Containers? - Daniel Prizmant
CLV - (11:20-11:59 PDT) - Purple Teaming & Adversary Emulation in the Cloud with Stratus Red Team - Christophe Tafani-Dereeper
CON - cont...(10:30-11:59 PDT) - Capture The Packet Preliminaries -
CON - cont...(10:00-17:59 PDT) - IoT Village CTF (the CTF formally known as SOHOplessly Broken) -
CON - cont...(10:00-17:30 PDT) - Car Hacking Village CTF -
CON - cont...(10:00-11:59 PDT) - Red Team Village CTF Qualifiers Part 2 -
CON - cont...(10:00-19:59 PDT) - DARKNET-NG -
CON - cont...(10:00-17:59 PDT) - DEF CON’s Next Top Threat Model -
CON - cont...(10:00-19:59 PDT) - DC30 Ham Radio Fox Hunt Contest -
CON - cont...(10:00-17:59 PDT) - Hospital Under Siege -
CON - cont...(10:00-16:59 PDT) - Kubernetes Capture The Flag -
CPV - Introducing the Abusability Testing Framework (V1) - Nicole Chi,Avi Zajac,Ji Su Yoo
CPV - (11:30-12:30 PDT) - Jailed By a Google Search Part 2: Abortion Surveillance in Post-Roe America - Kate Bertash
DC - No-Code Malware: Windows 11 At Your Service - Michael Bargury
DC - How To Get MUMPS Thirty Years Later (or, Hacking The Government via FOIA'd Code) - Zachary Minneker
DC - cont...(09:00-18:59 PDT) - Human Registration Open
DC - cont...(10:00-11:15 PDT) - Brazil Redux: Short Circuiting Tech-Enabled Dystopia with The Right to Repair - Paul Roberts,Kyle Wiens,Louis Rossmann,Corynne McSherry,Joe Grand
DC - (11:30-12:15 PDT) - Reversing the Original Xbox Live Protocols - Tristan Miller
DC - My First Hack Was in 1958 (Then A Career in Rock’n’Roll Taught Me About Security) - Winn Schwartau
DC - cont...(10:00-17:59 PDT) - Vendor Area Open
DC - cont...(09:00-15:59 PDT) - Merch (formerly swag) Area Open -- README -
DC - cont...(10:00-17:59 PDT) - Memorial Room Open -
DC - cont...(10:00-17:59 PDT) - Village Areas Open (Generally) -
DDV - cont...(10:00-16:59 PDT) - DDV open and accepting drives for duplication -
DL - cont...(10:00-11:55 PDT) - Empire 4.0 and Beyond - Vincent "Vinnybod" Rose,Anthony "Cx01N" Rose
DL - cont...(10:00-11:55 PDT) - Memfini - A systemwide memory monitor interface for linux - Shubham Dubey,Rishal Dwivedi
DL - cont...(10:00-11:55 PDT) - svachal + machinescli - Ankur Tyagi
DL - cont...(10:00-11:55 PDT) - Injectyll-HIDe: Pushing the Future of Hardware Implants to the Next Level - Jonathan Fischer,Jeremy Miller
DL - cont...(10:00-11:55 PDT) - EDR detection mechanisms and bypass techniques with EDRSandBlast - Thomas Diot,Maxime Meignan
GHV - What is the Info Sec Color Wheel? - Saman Fatima
GHV - (11:30-11:59 PDT) - Black in Cybersecurity Research and Education: The Experience of one Black Girl's Journey through Graduate School - Katorah Williams
HHV - cont...(10:00-17:59 PDT) - Solder Skills Village - Open
HHV - cont...(10:00-17:59 PDT) - Hardware Hacking Village - Open
HRV - Free Amateur Radio License Exams -
HRV - (11:30-11:59 PDT) - Ham Nets 101 - Jon Marler
ICSV - Describing Maritime Cyber work roles Using the NICE Framework - Tyson B. Meadors
ICSV - (11:30-11:59 PDT) - Taking MITRE ATT&CK for ICS to Sea - Tyson B. Meadors
ICSV - cont...(10:00-17:59 PDT) - CISA and Idaho National Lab Escape Room -
ICSV - cont...(10:00-17:59 PDT) - Hack the Plan[e]t CTF -
ICSV - cont...(10:00-17:59 PDT) - Fantom5 SeaTF CTF -
ICSV - cont...(10:00-17:59 PDT) - DDS Hack-the-Microgrid -
IOTV - cont...(10:00-17:59 PDT) - IoT Village CTF Challenges -
IOTV - cont...(10:00-17:59 PDT) - Hands on hacking labs -
IOTV - cont...(10:00-13:59 PDT) - BURP Suite, Forensics Tools & 0-day Exploit Development. - Ken Pyle
IOTV - cont...(10:00-17:59 PDT) - Hands on Hardware Hacking – eMMC to Root - Deral Heiland
IOTV - cont...(10:00-17:59 PDT) - Drone Hack -
LPV - Metal and Fire... Copying Keys via Mold and Cast Tactics - Deviant Ollam
MIV - cont...(10:45-12:30 PDT) - Mass Disinformation Operations - How to detect and assess Ops with OSINT & SOCMINT tools and techniques - Paula González Nagore
PHV - cont...(10:00-17:59 PDT) - Botnet Workshop -
PHV - cont...(10:00-17:59 PDT) - HardWired -
PHV - cont...(10:00-17:59 PDT) - Wall of Sheep -
PHV - cont...(10:00-17:59 PDT) - Packet Inspector -
PHV - cont...(10:00-17:59 PDT) - Packet Detective -
PHV - cont...(10:00-17:59 PDT) - Honey Pot Workshop -
PHV - cont...(10:00-17:59 PDT) - NetworkOS Workshop -
PHV - cont...(10:00-17:59 PDT) - RegEx Trainer -
PHV - cont...(10:00-17:59 PDT) - Linux Trainer -
PLV - cont...(10:00-11:45 PDT) - Hacking Operational Collaboration - Brianna McClenon,Hristiana Petkova,Gavin To,David Forscey,Seth McKinnis
PLV - cont...(10:00-11:45 PDT) - Imagining a cyber policy crisis: Storytelling and Simulation for real-world risks - Nina Kollars,Winnona DeSombre,Safa Shahwan Edwards
PSV - cont...(10:00-17:59 PDT) - Physical Security Village -
PSV - Bypass 102 - Karen Ng
PWV - So long, PBKDF2! The end of password-based key derivation - Vivek Nair
PYV - cont...(09:00-13:59 PDT) - Payment Hacking Challenge -
RFV - cont...(10:00-17:59 PDT) - DEFCON Demonstrations and Presentations by Open Research Institute at RF Village - Open Research Institute
RFV - cont...(10:30-11:30 PDT) - RF CTF Kick Off Day 2 - RF Hackers Village Staff
RFV - (11:30-12:30 PDT) - Hacking IEEE 802.15.4 Low-Rate Wireless Networks - Dan Perret
RHV - Ethical considerations in using digital footprints for verifying identities for online services - Larsbodian
ROV - Juicing & Marking Cards - B
RTV - Container and Kubernetes Offense - Michael Mitchell
RTV - Cyber Resilience Bootcamp - Ron Taylor
RTV - HackerOps - Ralph May
RTV - OSINT Skills Lab Challenge - Sandra Stibbards,Lee McWhorter
RTV - Phishing With Phineas (Again) - Steroid Boosted Hack Recreation Workshop - George Karantzas
SEV - cont...(09:00-17:59 PDT) - Heroes vs Villians, a SEC Youth Challenge -
SEV - cont...(09:00-11:59 PDT) - Vishing Competition (SECVC) - LIVE CALLS -
SKY - cont...(10:35-11:25 PDT) - What your stolen identity did on its CoViD vacation - Judge Taylor
SKY - (11:40-12:30 PDT) - This one time, at this Hospital, I got Ransomware - Eirick Luraas
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
TEV - cont...(10:00-17:59 PDT) - Learn at Tamper-Evident Village -
WS - cont...(09:00-12:59 PDT) - Pivoting, Tunneling, and Redirection Master Class - Wesley Thurner,Barrett Darnell
WS - cont...(09:00-12:59 PDT) - Master Class: Delivering a New Construct in Advanced Volatile Memory Analysis for Fun and Profit - Solomon Sonya
WS - cont...(09:00-12:59 PDT) - Dig Dug: The Lost Art of Network Tunneling - Eijah,Cam
WS - cont...(09:00-12:59 PDT) - Windows Defence Evasion and Fortification Primitives - Paul Laîné,Rohan Durve
WS - cont...(09:00-12:59 PDT) - CTF 101: Breaking into CTFs (or “The Petting Zoo” - Breaking into CTFs) - Robert Fitzpatrick,Chris Forte

 

Saturday - 12:00 PDT


Return to Index  -  Locations Legend
AIV - A System for Alert Prioritization - Ben Gelman ,Salma Taoufiq
APV - Implementing E2E multi-client communication (for fun, work or profit) - what could go wrong? - Nicolas Boeckh
ASV - cont...(10:00-15:59 PDT) - Boeing ARINC 429 Airplane Challenge and CTF -
ASV - cont...(10:00-16:59 PDT) - Hack-A-Sat Digital Twin Workshop -
ASV - cont...(10:00-16:59 PDT) - Amazon Web Services Aerospace and Satellite Jam -
ASV - cont...(10:00-16:59 PDT) - Hack the Airfield with DDS -
ASV - cont...(10:00-16:59 PDT) - Satellite Eavesdropping with DDS -
ASV - cont...(10:00-15:59 PDT) - Red Balloon Failsat Challenges -
ASV - cont...(10:00-16:59 PDT) - Hack the Airport with Intelligenesis -
ASV - Introduction to Aircraft Networks and Security Design Considerations - Sean Sullivan
ASV - Hack-A-Sat Aerospace PiSat Challenge -
AVV - cont...(10:30-12:30 PDT) - Adversary Booth - Dean Lawrence,Ethan Michalak,Melanie Chan,Michael Kouremetis,Jay Yee
AVV - cont...(10:30-17:30 PDT) - Adversary Wars CTF -
AVV - Control Validation Compass: Intelligence for Improved Security Validation - Scott Small
AVV - (12:30-12:59 PDT) - Python vs Modern Defenses - Diego Capriotti
BHV - Breaking the Intelligence Cycle - how to tailor intelligence function to your needs? - Ohad Zaidenberg
BICV - Decolonizing Cybersecurity - Birhanu Eshete
BTV - cont...(11:30-12:30 PDT) - Obsidian Forensics: Kill Chain 3 Endpoint Forensics Walkthrough - Omenscan
BTV - cont...(11:30-12:30 PDT) - Obsidian CTI: Operationalizing Threat Intelligence - l00sid,ttheveii0x,Stephanie G.
BTV - (12:15-12:45 PDT) - Even my Dad is a Threat Modeler! - Sarthak Taneja
BTV - cont...(11:00-14:59 PDT) - Web Shell Hunting - Joe Schottman
CLV - SquarePhish - Phishing Office 365 using QR Codes and Oauth 2.0 Device Code Flow - Kamron Talebzadeh,Nevada Romsdahl
CLV - (12:30-13:10 PDT) - Security Misconfigurations in the Cloud - "Oh Look, something fluffy, poke, poke, poke" - Kat Fitzgerald
CON - cont...(10:00-17:59 PDT) - IoT Village CTF (the CTF formally known as SOHOplessly Broken) -
CON - cont...(10:00-17:30 PDT) - Car Hacking Village CTF -
CON - cont...(10:00-19:59 PDT) - DARKNET-NG -
CON - cont...(10:00-17:59 PDT) - DEF CON’s Next Top Threat Model -
CON - cont...(10:00-19:59 PDT) - DC30 Ham Radio Fox Hunt Contest -
CON - Red Team Village CTF Qualifiers Part 1 -
CON - cont...(10:00-17:59 PDT) - Hospital Under Siege -
CON - cont...(10:00-16:59 PDT) - Kubernetes Capture The Flag -
CPV - cont...(11:30-12:30 PDT) - Jailed By a Google Search Part 2: Abortion Surveillance in Post-Roe America - Kate Bertash
DC - All Roads leads to GKE's Host : 4+ Ways to Escape - Billy Jheng,Muhammad ALifa Ramdhan
DC - The Evil PLC Attack: Weaponizing PLCs - Sharon Brizinov
DC - (12:30-13:15 PDT) - Analyzing PIPEDREAM: Challenges in testing an ICS attack toolkit. - Jimmy Wylie
DC - cont...(09:00-18:59 PDT) - Human Registration Open
DC - cont...(11:30-12:15 PDT) - Reversing the Original Xbox Live Protocols - Tristan Miller
DC - (12:30-12:50 PDT) - The hitchhacker’s guide to iPhone Lightning & JTAG hacking - stacksmashing
DC - Tracking Military Ghost Helicopters over our Nation's Capital - Andrew Logan
DC - (12:30-13:15 PDT) - UFOs, Alien Life, and the Least Untruthful Things I Can Say. - Richard Thieme
DC - cont...(10:00-17:59 PDT) - Vendor Area Open
DC - cont...(09:00-15:59 PDT) - Merch (formerly swag) Area Open -- README -
DC - cont...(10:00-17:59 PDT) - Memorial Room Open -
DC - cont...(10:00-17:59 PDT) - Village Areas Open (Generally) -
DDV - cont...(10:00-16:59 PDT) - DDV open and accepting drives for duplication -
DL - alsanna - Jason Johnson
DL - unblob - towards efficient firmware extraction - Quentin Kaiser,Florian Lukavsky
DL - PMR - PT & VA Management & Reporting - Abdul Alanazi,Musaed Bin Muatred
DL - Defensive 5G - Eric Mair,Ryan Ashley
DL - SharpSCCM - Chris Thompson,Duane Michael
GHV - Exploring Fruadsters Persuasion Strategies on Employment Databases - Tessa Cole
GHV - (12:30-13:30 PDT) - Resumé Review
HHV - cont...(10:00-17:59 PDT) - Solder Skills Village - Open
HHV - cont...(10:00-17:59 PDT) - Hardware Hacking Village - Open
HRV - cont...(11:00-16:59 PDT) - Free Amateur Radio License Exams -
ICSV - Understanding AIS Protocols and the GRACE Console [[Maritime]] - Gary Kessler
ICSV - cont...(10:00-17:59 PDT) - CISA and Idaho National Lab Escape Room -
ICSV - cont...(10:00-17:59 PDT) - Hack the Plan[e]t CTF -
ICSV - cont...(10:00-17:59 PDT) - Fantom5 SeaTF CTF -
ICSV - cont...(10:00-17:59 PDT) - DDS Hack-the-Microgrid -
IOTV - cont...(10:00-17:59 PDT) - IoT Village CTF Challenges -
IOTV - cont...(10:00-17:59 PDT) - Hands on hacking labs -
IOTV - cont...(10:00-13:59 PDT) - BURP Suite, Forensics Tools & 0-day Exploit Development. - Ken Pyle
IOTV - cont...(10:00-17:59 PDT) - Hands on Hardware Hacking – eMMC to Root - Deral Heiland
IOTV - cont...(10:00-17:59 PDT) - Drone Hack -
LPV - Dozier Drill Tournament
MIV - cont...(10:45-12:30 PDT) - Mass Disinformation Operations - How to detect and assess Ops with OSINT & SOCMINT tools and techniques - Paula González Nagore
MIV - (12:30-13:15 PDT) - Cognitive Security in Theory and Practice - Sara-Jayne Terp
PHV - cont...(10:00-17:59 PDT) - Botnet Workshop -
PHV - cont...(10:00-17:59 PDT) - HardWired -
PHV - cont...(10:00-17:59 PDT) - Wall of Sheep -
PHV - cont...(10:00-17:59 PDT) - Packet Inspector -
PHV - cont...(10:00-17:59 PDT) - Packet Detective -
PHV - cont...(10:00-17:59 PDT) - Honey Pot Workshop -
PHV - cont...(10:00-17:59 PDT) - NetworkOS Workshop -
PHV - cont...(10:00-17:59 PDT) - RegEx Trainer -
PHV - cont...(10:00-17:59 PDT) - Linux Trainer -
PLV - Hacking Aviation Policy - Meg King,Pete Cooper,Ayan Islam,Timothy Weston,Ken Munro
PLV - Addressing the gap in assessing (or measuring) the harm of cyberattacks - Adrien Ogee
PSV - cont...(10:00-17:59 PDT) - Physical Security Village -
PSV - (12:30-12:59 PDT) - The least secure biometric lock on Earth - Seth Kintigh
PYV - cont...(09:00-13:59 PDT) - Payment Hacking Challenge -
RFV - cont...(10:00-17:59 PDT) - DEFCON Demonstrations and Presentations by Open Research Institute at RF Village - Open Research Institute
RFV - cont...(11:30-12:30 PDT) - Hacking IEEE 802.15.4 Low-Rate Wireless Networks - Dan Perret
RFV - (12:30-12:59 PDT) - Building a Modern Bluetooth Sniffer for SDRs - Mike Ryan
ROV - (12:30-13:30 PDT) - Verbal Steganography Re-Loaded - Jax,Four Suits Co,Zac
RTV - Container and Kubernetes Offense - Michael Mitchell
RTV - HackerOps - Ralph May
RTV - OSINT Skills Lab Challenge - Sandra Stibbards,Lee McWhorter
RTV - Quiet Recon: Gathering everything you need with LDAP and native AD services  - Cory Wolff
RTV - Hacking Active Directory
SEV - cont...(09:00-17:59 PDT) - Heroes vs Villians, a SEC Youth Challenge -
SEV - Cold Calls -
SKY - cont...(11:40-12:30 PDT) - This one time, at this Hospital, I got Ransomware - Eirick Luraas
SKY - (12:45-13:35 PDT) - Voter Targeting, Location Data, and You - l0ngrange
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - No Starch Press - Book Signing - Corey Ball, Hacking APIs
SOC - Friends of Bill W -
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
TEV - cont...(10:00-17:59 PDT) - Learn at Tamper-Evident Village -
VMV - United We Stand - Michael Moore
WS - cont...(09:00-12:59 PDT) - Pivoting, Tunneling, and Redirection Master Class - Wesley Thurner,Barrett Darnell
WS - cont...(09:00-12:59 PDT) - Master Class: Delivering a New Construct in Advanced Volatile Memory Analysis for Fun and Profit - Solomon Sonya
WS - cont...(09:00-12:59 PDT) - Dig Dug: The Lost Art of Network Tunneling - Eijah,Cam
WS - cont...(09:00-12:59 PDT) - Windows Defence Evasion and Fortification Primitives - Paul Laîné,Rohan Durve
WS - cont...(09:00-12:59 PDT) - CTF 101: Breaking into CTFs (or “The Petting Zoo” - Breaking into CTFs) - Robert Fitzpatrick,Chris Forte

 

Saturday - 13:00 PDT


Return to Index  -  Locations Legend
AIV - CatPhish Automation - The Emerging Use of Artificial Intelligence in Social Engineering - Justin Hutchens 
APV - (13:30-14:30 PDT) - Running system tests with active authn/z - Lars Skjorestad
ASV - cont...(10:00-15:59 PDT) - Boeing ARINC 429 Airplane Challenge and CTF -
ASV - cont...(10:00-16:59 PDT) - Hack-A-Sat Digital Twin Workshop -
ASV - cont...(10:00-16:59 PDT) - Amazon Web Services Aerospace and Satellite Jam -
ASV - cont...(10:00-16:59 PDT) - Hack the Airfield with DDS -
ASV - cont...(10:00-16:59 PDT) - Satellite Eavesdropping with DDS -
ASV - cont...(10:00-15:59 PDT) - Red Balloon Failsat Challenges -
ASV - cont...(10:00-16:59 PDT) - Hack the Airport with Intelligenesis -
ASV - cont...(12:00-16:59 PDT) - Hack-A-Sat Aerospace PiSat Challenge -
ASV - Hunting for Spacecraft Zero Days Using Digital Twins - Brandon Bailey
ASV - Pen Test Partners A320 Simulator -
ASV - Resumé Review and Career Guidance Session -
AVV - cont...(10:30-17:30 PDT) - Adversary Wars CTF -
AVV - Linux Threat Detection with Attack Range - Rod Soto,Teoderick Contreras
BHV - Out of the Abyss: Surviving Vulnerability Management - Mike Kijewski,Leo Nendza
BHV - (13:30-14:30 PDT) - Radical inclusivity and intersectionality in the biohacking world - Berkelly Gonzalez
BICV - State of the Model - GACWR Team ,Jovonni Pharr
BTV - Obsidian CTH Live: Killchain 3 Walkthrough -
BTV - Obsidian: IR - Final Reporting Made Exciting* - CountZ3r0,aviditas
BTV - Obsidian REM: Phishing In The Morning: An Abundance of Samples! - Alison N
BTV - The DFIR Report Homecoming Parade Panel - Ch33r10,Kostas,Justin Elze,nas_bench - Nasreddine Bencherchali,Jamie Williams,ICSNick - Nicklas Keijser
BTV - cont...(11:00-14:59 PDT) - Web Shell Hunting - Joe Schottman
CLV - cont...(12:30-13:10 PDT) - Security Misconfigurations in the Cloud - "Oh Look, something fluffy, poke, poke, poke" - Kat Fitzgerald
CLV - BrokenbyDesign: Azure | Get started with hacking Azure - Roy Stultiens,Ricardo Sanchez,Ricardo Sanchez,Siebren Kraak
CLV - (13:40-14:20 PDT) - us-east-1 Shuffle: Lateral Movement and other Creative Steps Attackers Take in AWS Cloud Environments and how to detect them - Felipe Espósito
CON - (13:30-17:59 PDT) - Capture The Packet Main Rounds -
CON - cont...(10:00-17:59 PDT) - IoT Village CTF (the CTF formally known as SOHOplessly Broken) -
CON - cont...(10:00-17:30 PDT) - Car Hacking Village CTF -
CON - cont...(10:00-19:59 PDT) - DARKNET-NG -
CON - cont...(10:00-17:59 PDT) - DEF CON’s Next Top Threat Model -
CON - cont...(10:00-19:59 PDT) - DC30 Ham Radio Fox Hunt Contest -
CON - cont...(12:00-16:59 PDT) - Red Team Village CTF Qualifiers Part 1 -
CON - cont...(10:00-17:59 PDT) - Hospital Under Siege -
CON - cont...(10:00-16:59 PDT) - Kubernetes Capture The Flag -
CPV - Cryptle: a secure multi-party Wordle clone with Enarx - Tom Dohrmann,Nick Vidal,Richard Zak
CPV - (13:45-14:30 PDT) - Exploring Unprecedented Avenues for Data Harvesting in the Metaverse - Gonzalo Munilla Garrido,Vivek Nair
DC - Exploring Ancient Ruins to Find Modern Bugs: Discovering a 0-Day in an MS-RPC Service - Ben Barnea,Ophir Harpaz
DC - cont...(12:30-13:15 PDT) - Analyzing PIPEDREAM: Challenges in testing an ICS attack toolkit. - Jimmy Wylie
DC - (13:30-14:15 PDT) - Do Not Trust the ASA, Trojans! - Jacob Baines
DC - cont...(09:00-18:59 PDT) - Human Registration Open
DC - Chromebook Breakout: Escaping Jail, with your friends, using a Pico Ducky - Jimi Allee
DC - cont...(12:30-13:15 PDT) - UFOs, Alien Life, and the Least Untruthful Things I Can Say. - Richard Thieme
DC - (13:30-14:15 PDT) - HACK THE HEMISPHERE! How we (legally) broadcasted hacker content to all of North America using an end-of-life geostationary satellite, and how you can set up your own broadcast too! - Karl Koscher,Andrew Green
DC - cont...(10:00-17:59 PDT) - Vendor Area Open
DC - cont...(09:00-15:59 PDT) - Merch (formerly swag) Area Open -- README -
DC - cont...(10:00-17:59 PDT) - Memorial Room Open -
DC - cont...(10:00-17:59 PDT) - Village Areas Open (Generally) -
DDV - cont...(10:00-16:59 PDT) - DDV open and accepting drives for duplication -
DL - cont...(12:00-13:55 PDT) - alsanna - Jason Johnson
DL - cont...(12:00-13:55 PDT) - unblob - towards efficient firmware extraction - Quentin Kaiser,Florian Lukavsky
DL - cont...(12:00-13:55 PDT) - PMR - PT & VA Management & Reporting - Abdul Alanazi,Musaed Bin Muatred
DL - cont...(12:00-13:55 PDT) - Defensive 5G - Eric Mair,Ryan Ashley
DL - cont...(12:00-13:55 PDT) - SharpSCCM - Chris Thompson,Duane Michael
GHV - cont...(12:30-13:30 PDT) - Resumé Review
GHV - (13:30-14:30 PDT) - Hacking Diversity
HHV - cont...(10:00-17:59 PDT) - Solder Skills Village - Open
HHV - cont...(10:00-17:59 PDT) - Hardware Hacking Village - Open
HHV - RoboSumo -
HRV - cont...(11:00-16:59 PDT) - Free Amateur Radio License Exams -
HRV - Getting on the air: My experiences with Ham radio QRP - Jeremy Hong
ICSV - We Promise Not to Brick It... But If We Do... - Todd Keller,Marissa Costa
ICSV - (13:30-13:59 PDT) - Cyber Physical Lab Environment for Maritime Cyber Security - Wesley Andrews
ICSV - cont...(10:00-17:59 PDT) - CISA and Idaho National Lab Escape Room -
ICSV - cont...(10:00-17:59 PDT) - Hack the Plan[e]t CTF -
ICSV - cont...(10:00-17:59 PDT) - Fantom5 SeaTF CTF -
ICSV - cont...(10:00-17:59 PDT) - DDS Hack-the-Microgrid -
ICSV - Maritime Hacking Boundary Adventure -
IOTV - cont...(10:00-17:59 PDT) - IoT Village CTF Challenges -
IOTV - cont...(10:00-17:59 PDT) - Hands on hacking labs -
IOTV - cont...(10:00-13:59 PDT) - BURP Suite, Forensics Tools & 0-day Exploit Development. - Ken Pyle
IOTV - cont...(10:00-17:59 PDT) - Hands on Hardware Hacking – eMMC to Root - Deral Heiland
IOTV - cont...(10:00-17:59 PDT) - Drone Hack -
LPV - cont...(12:00-13:59 PDT) - Dozier Drill Tournament
LPV - Intro to Lockpicking - TOOOL
MIV - cont...(12:30-13:15 PDT) - Cognitive Security in Theory and Practice - Sara-Jayne Terp
PHV - cont...(10:00-17:59 PDT) - Botnet Workshop -
PHV - cont...(10:00-17:59 PDT) - HardWired -
PHV - cont...(10:00-17:59 PDT) - Wall of Sheep -
PHV - cont...(10:00-17:59 PDT) - Packet Inspector -
PHV - cont...(10:00-17:59 PDT) - Packet Detective -
PHV - cont...(10:00-17:59 PDT) - Honey Pot Workshop -
PHV - cont...(10:00-17:59 PDT) - NetworkOS Workshop -
PHV - cont...(10:00-17:59 PDT) - RegEx Trainer -
PHV - cont...(10:00-17:59 PDT) - Linux Trainer -
PLV - cont...(12:00-13:45 PDT) - Hacking Aviation Policy - Meg King,Pete Cooper,Ayan Islam,Timothy Weston,Ken Munro
PLV - cont...(12:00-13:45 PDT) - Addressing the gap in assessing (or measuring) the harm of cyberattacks - Adrien Ogee
PSV - cont...(10:00-17:59 PDT) - Physical Security Village -
PSV - (13:30-13:59 PDT) - RFID Hacking 101 - Ege F
PYV - cont...(09:00-13:59 PDT) - Payment Hacking Challenge -
RFV - cont...(10:00-17:59 PDT) - DEFCON Demonstrations and Presentations by Open Research Institute at RF Village - Open Research Institute
RFV - Antennas for Surveillance - Kent Britain WA5VJB
ROV - cont...(12:30-13:30 PDT) - Verbal Steganography Re-Loaded - Jax,Four Suits Co,Zac
RTV - cont...(12:00-15:59 PDT) - Hacking Active Directory
RTV - Cyber Resilience Bootcamp - Ron Taylor
RTV - HackerOps - Ralph May
RTV - Hacking WebApps with WebSploit Labs - Omar Santos
RTV - How Most Internal Networks are Compromised: A Set of Common Active Directory Attacks and How to Perform Them from Linux - Scott Brink
SEV - cont...(09:00-17:59 PDT) - Heroes vs Villians, a SEC Youth Challenge -
SEV - Vishing Competition (SECVC) - LIVE CALLS -
SKY - cont...(12:45-13:35 PDT) - Voter Targeting, Location Data, and You - l0ngrange
SKY - (13:50-15:40 PDT) - INTERNET WARS 2022: These wars aren't just virtual - Gadi Evron,Bryson Bort,Cheryl Biswall,Chris Kubecka,Harri Hursti,Jivesx,Russ Handorf
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - No Starch Press - Book Signing - Joe Gray, Practical Social Engineering
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
TEV - cont...(10:00-17:59 PDT) - Learn at Tamper-Evident Village -

 

Saturday - 14:00 PDT


Return to Index  -  Locations Legend
AIV - The Use of AI/ML in Offensive Security Operations -
APV - cont...(13:30-14:30 PDT) - Running system tests with active authn/z - Lars Skjorestad
APV - (14:30-15:30 PDT) - No Code Security Review - What should I review in applications without code? - Inaae Kim
ASV - cont...(10:00-15:59 PDT) - Boeing ARINC 429 Airplane Challenge and CTF -
ASV - cont...(10:00-16:59 PDT) - Hack-A-Sat Digital Twin Workshop -
ASV - cont...(10:00-16:59 PDT) - Amazon Web Services Aerospace and Satellite Jam -
ASV - cont...(10:00-16:59 PDT) - Hack the Airfield with DDS -
ASV - cont...(10:00-16:59 PDT) - Satellite Eavesdropping with DDS -
ASV - cont...(10:00-15:59 PDT) - Red Balloon Failsat Challenges -
ASV - cont...(10:00-16:59 PDT) - Hack the Airport with Intelligenesis -
ASV - cont...(12:00-16:59 PDT) - Hack-A-Sat Aerospace PiSat Challenge -
ASV - cont...(13:00-14:59 PDT) - Pen Test Partners A320 Simulator -
ASV - cont...(13:00-14:59 PDT) - Resumé Review and Career Guidance Session -
ASV - Vulnerability Assessment of a Satellite Simulator - Henry Haswell
ASV - (14:30-14:55 PDT) - The Emerging Space - Cyber Warfare Theatre - Eytan Tepper
AVV - cont...(10:30-17:30 PDT) - Adversary Wars CTF -
AVV - The Way of The Adversary - Phillip Wylie
AVV - (14:30-17:30 PDT) - Adversary Booth - Dean Lawrence,Ethan Michalak,Melanie Chan,Michael Kouremetis,Jay Yee
AVV - (14:45-15:15 PDT) - Down The Rabbit Hole: 10 Lessons Learned from a Year in the Trenches - Andrew Costis
BHV - cont...(13:30-14:30 PDT) - Radical inclusivity and intersectionality in the biohacking world - Berkelly Gonzalez
BHV - (14:30-14:59 PDT) - Natural Disasters and International Supply Chains: Biomedical and Pharmaceutical Review - Jorge Acevedo Canabal
BTV - Obsidian Live: May We Have the OODA Loops? - juju43,CountZ3r0
BTV - Obsidian Forensics: Using Chainsaw to Identify Malicious Activity - Danny D. Henderson Jr (B4nd1t0)
BTV - (14:30-14:59 PDT) - Obsidian Forensics: Creating a custom Velociraptor collector - Wes Lambert,Omenscan
BTV - Obsidian CTH: The Logs are Gone? - ExtremePaperClip
BTV - (14:15-14:45 PDT) - Hunting Malicious Office Macros - Anton Ovrutsky
BTV - cont...(11:00-14:59 PDT) - Web Shell Hunting - Joe Schottman
CLV - cont...(13:40-14:20 PDT) - us-east-1 Shuffle: Lateral Movement and other Creative Steps Attackers Take in AWS Cloud Environments and how to detect them - Felipe Espósito
CLV - (14:20-14:50 PDT) - Access Undenied on AWS - Troubleshooting AWS IAM AccessDenied Errors - Noam Dahan
CON - cont...(13:30-17:59 PDT) - Capture The Packet Main Rounds -
CON - cont...(10:00-17:59 PDT) - IoT Village CTF (the CTF formally known as SOHOplessly Broken) -
CON - cont...(10:00-17:30 PDT) - Car Hacking Village CTF -
CON - cont...(10:00-19:59 PDT) - DARKNET-NG -
CON - cont...(10:00-17:59 PDT) - DEF CON’s Next Top Threat Model -
CON - cont...(10:00-19:59 PDT) - DC30 Ham Radio Fox Hunt Contest -
CON - cont...(12:00-16:59 PDT) - Red Team Village CTF Qualifiers Part 1 -
CON - cont...(10:00-17:59 PDT) - Hospital Under Siege -
CON - cont...(10:00-16:59 PDT) - Kubernetes Capture The Flag -
CPV - cont...(13:45-14:30 PDT) - Exploring Unprecedented Avenues for Data Harvesting in the Metaverse - Gonzalo Munilla Garrido,Vivek Nair
CPV - (14:30-14:59 PDT) - The deadly state of surveillance capitalism in healthcare - Andrea Downing,Valencia Robinson,Mike Mittelman
DC - The COW (Container On Windows) Who Escaped the Silo - Eran Segal
DC - cont...(13:30-14:15 PDT) - Do Not Trust the ASA, Trojans! - Jacob Baines
DC - (14:30-15:15 PDT) - Doing the Impossible: How I Found Mainframe Buffer Overflows - Jake Labelle
DC - cont...(09:00-18:59 PDT) - Human Registration Open
DC - OpenCola. The AntiSocial Network - John Midgley
DC - cont...(13:30-14:15 PDT) - HACK THE HEMISPHERE! How we (legally) broadcasted hacker content to all of North America using an end-of-life geostationary satellite, and how you can set up your own broadcast too! - Karl Koscher,Andrew Green
DC - (14:30-14:50 PDT) - Digging into Xiaomi’s TEE to get to Chinese money - Slava Makkaveev
DC - cont...(10:00-17:59 PDT) - Vendor Area Open
DC - cont...(09:00-15:59 PDT) - Merch (formerly swag) Area Open -- README -
DC - cont...(10:00-17:59 PDT) - Memorial Room Open -
DC - cont...(10:00-17:59 PDT) - Village Areas Open (Generally) -
DDV - cont...(10:00-16:59 PDT) - DDV open and accepting drives for duplication -
DL - OpenTDF - Paul Flynn,Cassandra Bailey
DL - Control Validation Compass – Threat Modeling Aide & Purple Team Content Repo - Scott Small
DL - ResidueFree - Logan Arkema
DL - hls4ml - Open Source Machine Learning Accelerators on FPGAs - Ben Hawks,Andres Meza
DL - Xavier Memory Analysis Framework - Solomon Sonya
GHV - cont...(13:30-14:30 PDT) - Hacking Diversity
GHV - (14:30-15:59 PDT) - Workshop: Protect the Pi - Girls Hack Village Staff
HHV - cont...(10:00-17:59 PDT) - Solder Skills Village - Open
HHV - cont...(10:00-17:59 PDT) - Hardware Hacking Village - Open
HRV - cont...(11:00-16:59 PDT) - Free Amateur Radio License Exams -
ICSV - Keeping Beer Cold: Attackers, ICS and Cross-Sector Defense -
ICSV - cont...(10:00-17:59 PDT) - CISA and Idaho National Lab Escape Room -
ICSV - cont...(10:00-17:59 PDT) - Hack the Plan[e]t CTF -
ICSV - cont...(10:00-17:59 PDT) - Fantom5 SeaTF CTF -
ICSV - cont...(10:00-17:59 PDT) - DDS Hack-the-Microgrid -
ICSV - cont...(13:00-16:59 PDT) - Maritime Hacking Boundary Adventure -
IOTV - cont...(10:00-17:59 PDT) - IoT Village CTF Challenges -
IOTV - cont...(10:00-17:59 PDT) - Hands on hacking labs -
IOTV - cont...(10:00-17:59 PDT) - Hands on Hardware Hacking – eMMC to Root - Deral Heiland
IOTV - cont...(10:00-17:59 PDT) - Drone Hack -
LPV - Please deposit 30c: A history of payphone locks that lead to one of the most secure locks ever made. - N∅thing
MIV - (14:15-14:45 PDT) - 404! Memory Holing and the SEO Warping of Human History - Arikia Millikan
MIV - (14:45-15:15 PDT) - Web Monetization: A privacy-preserving and open way to earn from Content - Uchi Uchibeke
PHV - cont...(10:00-17:59 PDT) - Botnet Workshop -
PHV - cont...(10:00-17:59 PDT) - HardWired -
PHV - cont...(10:00-17:59 PDT) - Wall of Sheep -
PHV - cont...(10:00-17:59 PDT) - Packet Inspector -
PHV - cont...(10:00-17:59 PDT) - Packet Detective -
PHV - cont...(10:00-17:59 PDT) - Honey Pot Workshop -
PHV - cont...(10:00-17:59 PDT) - NetworkOS Workshop -
PHV - cont...(10:00-17:59 PDT) - RegEx Trainer -
PHV - cont...(10:00-17:59 PDT) - Linux Trainer -
PLV - Confronting Reality in Cyberspace: Foreign Policy for a Fragmented Internet - Guillermo Christensen,Jason Healey,Neal Pollard
PLV - Return-Oriented Policy Making for Open Source and Software Security - Eric Mill,Harry Mourtos,Trey Herr
PSV - cont...(10:00-17:59 PDT) - Physical Security Village -
PSV - (14:30-14:59 PDT) - Pwning RFID From 6ft Away - Langston Clement (aka sh0ck),Daniel Goga
RFV - cont...(10:00-17:59 PDT) - DEFCON Demonstrations and Presentations by Open Research Institute at RF Village - Open Research Institute
RFV - Biohacking Using SDR When You Don’t Know What You’re Doing - J9
RFV - (14:30-15:30 PDT) - Rip and tear - Iceman
RTV - cont...(12:00-15:59 PDT) - Hacking Active Directory
RTV - AI Village + RTV Panel: The Use of AI/ML in Offensive Security Operations - Omar Santos,Will Pearce,Will Schroeder
RTV - HackerOps - Ralph May
RTV - Hacking APIs: How to break the chains of the web - Corey Ball
RTV - How Most Internal Networks are Compromised: A Set of Common Active Directory Attacks and How to Perform Them from Linux - Scott Brink
RTV - Offensive Wireless Security 101
SEV - cont...(09:00-17:59 PDT) - Heroes vs Villians, a SEC Youth Challenge -
SEV - cont...(13:00-15:59 PDT) - Vishing Competition (SECVC) - LIVE CALLS -
SKY - cont...(13:50-15:40 PDT) - INTERNET WARS 2022: These wars aren't just virtual - Gadi Evron,Bryson Bort,Cheryl Biswall,Chris Kubecka,Harri Hursti,Jivesx,Russ Handorf
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - No Starch Press - Book Signing - Jon DiMaggio, The Art of Cyberwarfare
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
TEV - cont...(10:00-17:59 PDT) - Learn at Tamper-Evident Village -
VMV - Election Forensics
WS - Hybrid Phishing Payloads: From Threat-actors to You - Jon Christiansen,Magnus Stubman
WS - Creating and uncovering malicious containers. - David Mitchell,Adrian Wood,Griffin Francis
WS - Evading Detection: A Beginner's Guide to Obfuscation - Anthony "Cx01N" Rose,Jake "Hubbl3" Krasnov,Vincent "Vinnybod" Rose
WS - Securing Web Apps - Kaitlyn Handleman,Elizabeth Biddlecome,Irvin Lemus,Sam Bowne
WS - Automated Debugging Under The Hood - Building A Programmable Windows Debugger From Scratch (In Python) - Sean Wilson,Sergei Frankoff

 

Saturday - 15:00 PDT


Return to Index  -  Locations Legend
AIV - Generative Art Tutorial -
APV - cont...(14:30-15:30 PDT) - No Code Security Review - What should I review in applications without code? - Inaae Kim
APV - (15:30-16:30 PDT) - Hacking & Defending Blockchain Applications - Kennashka DeSilva,Aimee Reyes
ASV - cont...(10:00-15:59 PDT) - Boeing ARINC 429 Airplane Challenge and CTF -
ASV - cont...(10:00-16:59 PDT) - Hack-A-Sat Digital Twin Workshop -
ASV - cont...(10:00-16:59 PDT) - Amazon Web Services Aerospace and Satellite Jam -
ASV - cont...(10:00-16:59 PDT) - Hack the Airfield with DDS -
ASV - cont...(10:00-16:59 PDT) - Satellite Eavesdropping with DDS -
ASV - cont...(10:00-15:59 PDT) - Red Balloon Failsat Challenges -
ASV - cont...(10:00-16:59 PDT) - Hack the Airport with Intelligenesis -
ASV - cont...(12:00-16:59 PDT) - Hack-A-Sat Aerospace PiSat Challenge -
ASV - Near and Far: Securing On and Off Planet Networks at JPL - Wes Gavins
AVV - cont...(10:30-17:30 PDT) - Adversary Wars CTF -
AVV - cont...(14:30-17:30 PDT) - Adversary Booth - Dean Lawrence,Ethan Michalak,Melanie Chan,Michael Kouremetis,Jay Yee
AVV - cont...(14:45-15:15 PDT) - Down The Rabbit Hole: 10 Lessons Learned from a Year in the Trenches - Andrew Costis
AVV - (15:15-17:15 PDT) - Attack and Defend with Adversary Emulation - Christopher Peacock,Jake Williams
BHV - Secure by Design - Facilities design cybersecurity - David Brearley
BICV - Threat hunting? Ain’t nobody got time for that... - Nick Gobern
BTV - Challenges in Control Validation - Kristen Cotten,AJ King,Jake Williams
BTV - Horusec - Brazilian SAST help World - Gilmar Esteves
CLV - KQL Kung Fu: Finding the Needle in the Haystack in Your Azure Environments - Darwin Salazar
CON - cont...(13:30-17:59 PDT) - Capture The Packet Main Rounds -
CON - cont...(10:00-17:59 PDT) - IoT Village CTF (the CTF formally known as SOHOplessly Broken) -
CON - cont...(10:00-17:30 PDT) - Car Hacking Village CTF -
CON - DEF CON 30 Chess Tournament - Mandatory Sign-up -
CON - (15:30-17:30 PDT) - DEF CON 30 Chess Tournament -
CON - cont...(10:00-19:59 PDT) - DARKNET-NG -
CON - cont...(10:00-17:59 PDT) - DEF CON’s Next Top Threat Model -
CON - cont...(10:00-19:59 PDT) - DC30 Ham Radio Fox Hunt Contest -
CON - cont...(12:00-16:59 PDT) - Red Team Village CTF Qualifiers Part 1 -
CON - cont...(10:00-17:59 PDT) - Hospital Under Siege -
CON - cont...(10:00-16:59 PDT) - Kubernetes Capture The Flag -
CPV - (15:30-16:15 PDT) - Capturing Chaos: Harvesting Environmental Entropy - Carey Parker
DC - You Have One New Appwntment - Hacking Proprietary iCalendar Properties - Eugene Lim
DC - cont...(14:30-15:15 PDT) - Doing the Impossible: How I Found Mainframe Buffer Overflows - Jake Labelle
DC - (15:30-16:15 PDT) - Perimeter Breached! Hacking an Access Control System - Sam Quinn,Steve Povolny
DC - cont...(09:00-18:59 PDT) - Human Registration Open
DC - Déjà Vu: Uncovering Stolen Algorithms in Commercial Products - Patrick Wardle,Tom McGuire
DC - (15:30-15:50 PDT) - Automotive Ethernet Fuzzing: From purchasing ECU to SOME/IP fuzzing - Jonghyuk Song,Soohwan Oh,Woongjo choi
DC - The Big Rick: How I Rickrolled My High School District and Got Away With It - Minh Duong
DC - (15:30-16:15 PDT) - Tor: Darknet Opsec By a Veteran Darknet Vendor & the Hackers Mentality - Sam Bent
DC - cont...(10:00-17:59 PDT) - Vendor Area Open
DC - cont...(09:00-15:59 PDT) - Merch (formerly swag) Area Open -- README -
DC - cont...(10:00-17:59 PDT) - Memorial Room Open -
DC - cont...(10:00-17:59 PDT) - Village Areas Open (Generally) -
DDV - cont...(10:00-16:59 PDT) - DDV open and accepting drives for duplication -
DL - cont...(14:00-15:55 PDT) - OpenTDF - Paul Flynn,Cassandra Bailey
DL - cont...(14:00-15:55 PDT) - Control Validation Compass – Threat Modeling Aide & Purple Team Content Repo - Scott Small
DL - cont...(14:00-15:55 PDT) - ResidueFree - Logan Arkema
DL - cont...(14:00-15:55 PDT) - hls4ml - Open Source Machine Learning Accelerators on FPGAs - Ben Hawks,Andres Meza
DL - cont...(14:00-15:55 PDT) - Xavier Memory Analysis Framework - Solomon Sonya
GHV - cont...(14:30-15:59 PDT) - Workshop: Protect the Pi - Girls Hack Village Staff
HHV - cont...(10:00-17:59 PDT) - Solder Skills Village - Open
HHV - cont...(10:00-17:59 PDT) - Hardware Hacking Village - Open
HRV - cont...(11:00-16:59 PDT) - Free Amateur Radio License Exams -
HRV - Panel: Ask-a-ham -
ICSV - The Perfect Storm: Deception, Manipulation, and Obfuscation on the High Seas - Rae Baker
ICSV - cont...(10:00-17:59 PDT) - CISA and Idaho National Lab Escape Room -
ICSV - cont...(10:00-17:59 PDT) - Hack the Plan[e]t CTF -
ICSV - cont...(10:00-17:59 PDT) - Fantom5 SeaTF CTF -
ICSV - cont...(10:00-17:59 PDT) - DDS Hack-the-Microgrid -
ICSV - cont...(13:00-16:59 PDT) - Maritime Hacking Boundary Adventure -
IOTV - cont...(10:00-17:59 PDT) - IoT Village CTF Challenges -
IOTV - cont...(10:00-17:59 PDT) - Hands on hacking labs -
IOTV - cont...(10:00-17:59 PDT) - Hands on Hardware Hacking – eMMC to Root - Deral Heiland
IOTV - cont...(10:00-17:59 PDT) - Drone Hack -
IOTV - (15:30-15:59 PDT) - Hackable Book Signing - Ted Harrington
MIV - cont...(14:45-15:15 PDT) - Web Monetization: A privacy-preserving and open way to earn from Content - Uchi Uchibeke
MIV - (15:15-15:45 PDT) - Fireside Chat - Arikia Millikan,Uchi Uchibeke
MIV - (15:45-16:15 PDT) - Ad it up: To minimize mis- and dis-information, we must reshape the ad tech business, not regulate speech - Jessica Dheere
PHV - cont...(10:00-17:59 PDT) - Botnet Workshop -
PHV - cont...(10:00-17:59 PDT) - HardWired -
PHV - cont...(10:00-17:59 PDT) - Wall of Sheep -
PHV - cont...(10:00-17:59 PDT) - Packet Inspector -
PHV - cont...(10:00-17:59 PDT) - Packet Detective -
PHV - cont...(10:00-17:59 PDT) - Honey Pot Workshop -
PHV - cont...(10:00-17:59 PDT) - NetworkOS Workshop -
PHV - cont...(10:00-17:59 PDT) - RegEx Trainer -
PHV - cont...(10:00-17:59 PDT) - Linux Trainer -
PLV - cont...(14:00-15:45 PDT) - Confronting Reality in Cyberspace: Foreign Policy for a Fragmented Internet - Guillermo Christensen,Jason Healey,Neal Pollard
PLV - cont...(14:00-15:45 PDT) - Return-Oriented Policy Making for Open Source and Software Security - Eric Mill,Harry Mourtos,Trey Herr
PSV - cont...(10:00-17:59 PDT) - Physical Security Village -
PSV - (15:30-15:59 PDT) - Elevators 101 - Karen Ng
RFV - cont...(10:00-17:59 PDT) - DEFCON Demonstrations and Presentations by Open Research Institute at RF Village - Open Research Institute
RFV - cont...(14:30-15:30 PDT) - Rip and tear - Iceman
RFV - (15:30-15:59 PDT) - Exploiting 802.11n Narrow Channel Bandwidth Implementation in UAV - Ronald Broberg
ROV - (15:30-16:30 PDT) - Forgery & Document Replication - Chris Dickson
RTV - cont...(12:00-15:59 PDT) - Hacking Active Directory
RTV - HackerOps - Ralph May
RTV - Hacking APIs: How to break the chains of the web - Corey Ball
RTV - Hacking WebApps with WebSploit Labs - Omar Santos
RTV - How Most Internal Networks are Compromised: A Set of Common Active Directory Attacks and How to Perform Them from Linux - Scott Brink
SEV - cont...(09:00-17:59 PDT) - Heroes vs Villians, a SEC Youth Challenge -
SEV - cont...(13:00-15:59 PDT) - Vishing Competition (SECVC) - LIVE CALLS -
SKY - cont...(13:50-15:40 PDT) - INTERNET WARS 2022: These wars aren't just virtual - Gadi Evron,Bryson Bort,Cheryl Biswall,Chris Kubecka,Harri Hursti,Jivesx,Russ Handorf
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
TEV - cont...(10:00-17:59 PDT) - Learn at Tamper-Evident Village -
WS - cont...(14:00-17:59 PDT) - Hybrid Phishing Payloads: From Threat-actors to You - Jon Christiansen,Magnus Stubman
WS - cont...(14:00-17:59 PDT) - Creating and uncovering malicious containers. - David Mitchell,Adrian Wood,Griffin Francis
WS - cont...(14:00-17:59 PDT) - Evading Detection: A Beginner's Guide to Obfuscation - Anthony "Cx01N" Rose,Jake "Hubbl3" Krasnov,Vincent "Vinnybod" Rose
WS - cont...(14:00-17:59 PDT) - Securing Web Apps - Kaitlyn Handleman,Elizabeth Biddlecome,Irvin Lemus,Sam Bowne
WS - cont...(14:00-17:59 PDT) - Automated Debugging Under The Hood - Building A Programmable Windows Debugger From Scratch (In Python) - Sean Wilson,Sergei Frankoff

 

Saturday - 16:00 PDT


Return to Index  -  Locations Legend
AIV - AI Music Tutorial and Show - dadabots
APV - cont...(15:30-16:30 PDT) - Hacking & Defending Blockchain Applications - Kennashka DeSilva,Aimee Reyes
APV - (16:30-17:30 PDT) - One Low, Two Informational: Why Your Pentest Findings are so Boring - Robyn Lundin
ASV - cont...(10:00-16:59 PDT) - Hack-A-Sat Digital Twin Workshop -
ASV - cont...(10:00-16:59 PDT) - Amazon Web Services Aerospace and Satellite Jam -
ASV - cont...(10:00-16:59 PDT) - Hack the Airfield with DDS -
ASV - cont...(10:00-16:59 PDT) - Satellite Eavesdropping with DDS -
ASV - cont...(10:00-16:59 PDT) - Hack the Airport with Intelligenesis -
ASV - cont...(12:00-16:59 PDT) - Hack-A-Sat Aerospace PiSat Challenge -
ASV - Space ISAC: Protecting Our Space Assets -
AVV - cont...(10:30-17:30 PDT) - Adversary Wars CTF -
AVV - cont...(14:30-17:30 PDT) - Adversary Booth - Dean Lawrence,Ethan Michalak,Melanie Chan,Michael Kouremetis,Jay Yee
AVV - cont...(15:15-17:15 PDT) - Attack and Defend with Adversary Emulation - Christopher Peacock,Jake Williams
BHV - Call for Evidence: Informing the Biological Security Strategy - Mariam Elgabry
BHV - (16:30-17:59 PDT) - How to Build DIY Lifesaving Medical Devices - Mixæl S. Laufer,Abraxas,Zac Shannon,Four Thieves Vinegar Collective
BICV - Neurodiversity in Cybersecurity: Find Your Competitive Advantage! - Nathan Chung,Kassandra Pierre
BTV - Making Your SOC Suck Less - Shawn Thomas,Carson Zimmerman,Jackie Bow,Alissa Torres,Sebastian Stein
CLV - cont...(15:00-16:59 PDT) - KQL Kung Fu: Finding the Needle in the Haystack in Your Azure Environments - Darwin Salazar
CON - cont...(13:30-17:59 PDT) - Capture The Packet Main Rounds -
CON - cont...(10:00-17:59 PDT) - IoT Village CTF (the CTF formally known as SOHOplessly Broken) -
CON - cont...(10:00-17:30 PDT) - Car Hacking Village CTF -
CON - cont...(15:30-17:30 PDT) - DEF CON 30 Chess Tournament -
CON - cont...(10:00-19:59 PDT) - DARKNET-NG -
CON - cont...(10:00-17:59 PDT) - DEF CON’s Next Top Threat Model -
CON - cont...(10:00-19:59 PDT) - DC30 Ham Radio Fox Hunt Contest -
CON - cont...(12:00-16:59 PDT) - Red Team Village CTF Qualifiers Part 1 -
CON - Crash and Compile - Contestant Setup -
CON - Hack3r Runw@y  -
CON - cont...(10:00-17:59 PDT) - Hospital Under Siege -
CON - cont...(10:00-16:59 PDT) - Kubernetes Capture The Flag -
CPV - cont...(15:30-16:15 PDT) - Capturing Chaos: Harvesting Environmental Entropy - Carey Parker
CPV - (16:15-16:59 PDT) - Toto, I’ve a feeling we’re not on a VPN anymore - Jonathan Tomek
DC - Low Code High Risk: Enterprise Domination via Low Code Abuse - Michael Bargury
DC - cont...(15:30-16:15 PDT) - Perimeter Breached! Hacking an Access Control System - Sam Quinn,Steve Povolny
DC - (16:30-17:15 PDT) - Defeating Moving Elements in High Security Keys - Bill Graydon
DC - cont...(09:00-18:59 PDT) - Human Registration Open
DC - Trailer Shouting: Talking PLC4TRUCKS Remotely with an SDR - Ben Gardiner,Chris Poore
DC - cont...(15:30-16:15 PDT) - Tor: Darknet Opsec By a Veteran Darknet Vendor & the Hackers Mentality - Sam Bent
DC - (16:30-17:15 PDT) - Why did you lose the last PS5 restock to a bot Top-performing app-hackers business modules, architecture, and techniques - Arik
DC - cont...(10:00-17:59 PDT) - Vendor Area Open
DC - cont...(10:00-17:59 PDT) - Memorial Room Open -
DC - cont...(10:00-17:59 PDT) - Village Areas Open (Generally) -
DDV - cont...(10:00-16:59 PDT) - DDV open and accepting drives for duplication -
GHV - S.O.S How Sharing Our Stories Will Save Cybersecurity - Rebekah Skeete
GHV - (16:30-16:59 PDT) - Staying Afloat in a Tsunami Of Security Inflormation - Tracy Z. Maleeff
HHV - cont...(10:00-17:59 PDT) - Solder Skills Village - Open
HHV - cont...(10:00-17:59 PDT) - Hardware Hacking Village - Open
HHV - Prizes announced for HHV Rube Goldberg Machine, Make Your Own Use Contest, and Bring the Other Half -
HRV - cont...(11:00-16:59 PDT) - Free Amateur Radio License Exams -
ICSV - The Geopolitical Implications of the Escalation and Weaponization of GPS and AIS Spoofing [[MARITIME]] -
ICSV - cont...(10:00-17:59 PDT) - CISA and Idaho National Lab Escape Room -
ICSV - cont...(10:00-17:59 PDT) - Hack the Plan[e]t CTF -
ICSV - cont...(10:00-17:59 PDT) - Fantom5 SeaTF CTF -
ICSV - cont...(10:00-17:59 PDT) - DDS Hack-the-Microgrid -
ICSV - cont...(13:00-16:59 PDT) - Maritime Hacking Boundary Adventure -
IOTV - cont...(10:00-17:59 PDT) - IoT Village CTF Challenges -
IOTV - cont...(10:00-17:59 PDT) - Hands on hacking labs -
IOTV - cont...(10:00-17:59 PDT) - Hands on Hardware Hacking – eMMC to Root - Deral Heiland
IOTV - cont...(10:00-17:59 PDT) - Drone Hack -
LPV - Intro to Lockpicking - TOOOL
MIV - cont...(15:45-16:15 PDT) - Ad it up: To minimize mis- and dis-information, we must reshape the ad tech business, not regulate speech - Jessica Dheere
MIV - (16:15-16:45 PDT) - Not Feeling Yourself: User Spoofing and Other Disinformation Exploits - E.C (Burninator)
PHV - cont...(10:00-17:59 PDT) - Botnet Workshop -
PHV - cont...(10:00-17:59 PDT) - HardWired -
PHV - cont...(10:00-17:59 PDT) - Wall of Sheep -
PHV - cont...(10:00-17:59 PDT) - Packet Inspector -
PHV - cont...(10:00-17:59 PDT) - Packet Detective -
PHV - cont...(10:00-17:59 PDT) - Honey Pot Workshop -
PHV - cont...(10:00-17:59 PDT) - NetworkOS Workshop -
PHV - cont...(10:00-17:59 PDT) - RegEx Trainer -
PHV - cont...(10:00-17:59 PDT) - Linux Trainer -
PLV - International Government Action Against Ransomware - Irfan Hemani,Adam Dobell,Jen Ellis
PSV - cont...(10:00-17:59 PDT) - Physical Security Village -
PSV - (16:30-16:59 PDT) - RFID Hacking 101 - Ege F
RFV - cont...(10:00-17:59 PDT) - DEFCON Demonstrations and Presentations by Open Research Institute at RF Village - Open Research Institute
RFV - Open Panel: War Driving Rig Makers Meetup -
ROV - cont...(15:30-16:30 PDT) - Forgery & Document Replication - Chris Dickson
RTV - Cyber Resilience Bootcamp - Ron Taylor
RTV - HackerOps - Ralph May
RTV - Hacking WebApps with WebSploit Labs - Omar Santos
RTV - How Most Internal Networks are Compromised: A Set of Common Active Directory Attacks and How to Perform Them from Linux - Scott Brink
SEV - cont...(09:00-17:59 PDT) - Heroes vs Villians, a SEC Youth Challenge -
SEV - (16:30-16:59 PDT) - Psychological Reverse Shells - MasterChen
SKY - Dancing Around DRM - ギンジー🐾ターラノー ,Game Tech Chris
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - Queercon Mixer -
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
TEV - cont...(10:00-17:59 PDT) - Learn at Tamper-Evident Village -
VMV - Digital Forensics and Voting Machines - Will Bagget
WS - cont...(14:00-17:59 PDT) - Hybrid Phishing Payloads: From Threat-actors to You - Jon Christiansen,Magnus Stubman
WS - cont...(14:00-17:59 PDT) - Creating and uncovering malicious containers. - David Mitchell,Adrian Wood,Griffin Francis
WS - cont...(14:00-17:59 PDT) - Evading Detection: A Beginner's Guide to Obfuscation - Anthony "Cx01N" Rose,Jake "Hubbl3" Krasnov,Vincent "Vinnybod" Rose
WS - cont...(14:00-17:59 PDT) - Securing Web Apps - Kaitlyn Handleman,Elizabeth Biddlecome,Irvin Lemus,Sam Bowne
WS - cont...(14:00-17:59 PDT) - Automated Debugging Under The Hood - Building A Programmable Windows Debugger From Scratch (In Python) - Sean Wilson,Sergei Frankoff

 

Saturday - 17:00 PDT


Return to Index  -  Locations Legend
AIV - cont...(16:00-17:30 PDT) - AI Music Tutorial and Show - dadabots
APV - cont...(16:30-17:30 PDT) - One Low, Two Informational: Why Your Pentest Findings are so Boring - Robyn Lundin
AVV - cont...(10:30-17:30 PDT) - Adversary Wars CTF -
AVV - cont...(14:30-17:30 PDT) - Adversary Booth - Dean Lawrence,Ethan Michalak,Melanie Chan,Michael Kouremetis,Jay Yee
AVV - cont...(15:15-17:15 PDT) - Attack and Defend with Adversary Emulation - Christopher Peacock,Jake Williams
AVV - (17:15-17:59 PDT) - Who doesn’t like a little Spice? Emulation Maturity, Team Culture and TTPs - Andy Grunt,Jamie Williams,TJ Null,Niru Raghupathy,Cat Self
BHV - cont...(16:30-17:59 PDT) - How to Build DIY Lifesaving Medical Devices - Mixæl S. Laufer,Abraxas,Zac Shannon,Four Thieves Vinegar Collective
BTV - Latest and Greatest in Incident Response - plug,Lauren Proehl,Jess,LitMoose,zr0
CON - cont...(13:30-17:59 PDT) - Capture The Packet Main Rounds -
CON - cont...(10:00-17:59 PDT) - IoT Village CTF (the CTF formally known as SOHOplessly Broken) -
CON - cont...(10:00-17:30 PDT) - Car Hacking Village CTF -
CON - cont...(15:30-17:30 PDT) - DEF CON 30 Chess Tournament -
CON - cont...(10:00-19:59 PDT) - DARKNET-NG -
CON - cont...(10:00-17:59 PDT) - DEF CON’s Next Top Threat Model -
CON - cont...(10:00-19:59 PDT) - DC30 Ham Radio Fox Hunt Contest -
CON - cont...(16:00-17:59 PDT) - Hack3r Runw@y  -
CON - Crash and Compile - Contest Stage -
CON - cont...(10:00-17:59 PDT) - Hospital Under Siege -
CPV - Pursuing Phone Privacy Protection [WORKSHOP] - Matt Nash,Mauricio Tavares
DC - Internal Server Error: Exploiting Inter-Process Communication with new desynchronization primitives - Martin Doyhenard
DC - cont...(16:30-17:15 PDT) - Defeating Moving Elements in High Security Keys - Bill Graydon
DC - (17:30-18:15 PDT) - Black-Box Assessment of Smart Cards - Daniel Crowley
DC - cont...(09:00-18:59 PDT) - Human Registration Open
DC - Hacking The Farm: Breaking Badly Into Agricultural Devices. - Sick Codes
DC - cont...(16:30-17:15 PDT) - Why did you lose the last PS5 restock to a bot Top-performing app-hackers business modules, architecture, and techniques - Arik
DC - (17:30-18:15 PDT) - Crossing the KASM -- a webapp pentest story - Samuel Erb,Justin Gardner
DC - cont...(10:00-17:59 PDT) - Vendor Area Open
DC - cont...(10:00-17:59 PDT) - Memorial Room Open -
DC - cont...(10:00-17:59 PDT) - Village Areas Open (Generally) -
GHV - Zero Trust - Ebony Pierce
HHV - cont...(10:00-17:59 PDT) - Solder Skills Village - Open
HHV - cont...(10:00-17:59 PDT) - Hardware Hacking Village - Open
ICSV - Thrice Is Nice: Evaluating the Ukrainian Power Events from BlackEnergy to Industroyer2 - Joe Slowik
ICSV - cont...(10:00-17:59 PDT) - CISA and Idaho National Lab Escape Room -
ICSV - cont...(10:00-17:59 PDT) - Hack the Plan[e]t CTF -
ICSV - cont...(10:00-17:59 PDT) - Fantom5 SeaTF CTF -
ICSV - cont...(10:00-17:59 PDT) - DDS Hack-the-Microgrid -
IOTV - cont...(10:00-17:59 PDT) - IoT Village CTF Challenges -
IOTV - cont...(10:00-17:59 PDT) - Hands on hacking labs -
IOTV - cont...(10:00-17:59 PDT) - Hands on Hardware Hacking – eMMC to Root - Deral Heiland
IOTV - cont...(10:00-17:59 PDT) - Drone Hack -
PHV - cont...(10:00-17:59 PDT) - Botnet Workshop -
PHV - cont...(10:00-17:59 PDT) - HardWired -
PHV - cont...(10:00-17:59 PDT) - Wall of Sheep -
PHV - cont...(10:00-17:59 PDT) - Packet Inspector -
PHV - cont...(10:00-17:59 PDT) - Packet Detective -
PHV - cont...(10:00-17:59 PDT) - Honey Pot Workshop -
PHV - cont...(10:00-17:59 PDT) - NetworkOS Workshop -
PHV - cont...(10:00-17:59 PDT) - RegEx Trainer -
PHV - cont...(10:00-17:59 PDT) - Linux Trainer -
PLV - cont...(16:00-17:45 PDT) - International Government Action Against Ransomware - Irfan Hemani,Adam Dobell,Jen Ellis
PSV - cont...(10:00-17:59 PDT) - Physical Security Village -
RFV - cont...(10:00-17:59 PDT) - DEFCON Demonstrations and Presentations by Open Research Institute at RF Village - Open Research Institute
RFV - cont...(16:00-17:59 PDT) - Open Panel: War Driving Rig Makers Meetup -
ROV - Picking Pockets, Picked Apart - James Harrison
SEV - cont...(09:00-17:59 PDT) - Heroes vs Villians, a SEC Youth Challenge -
SEV - The aftermath of a social engineering pentest. - Are we being ethically responsible?” - Ragnhild “Bridget“ Sageng
SEV - (17:30-17:59 PDT) - Truthsayer: Make a remote lie detector and become irresistible on Zoom calls - Fletcher Heisler
SKY - Ghost Guns: Rapidly acquiring, constructing or improvising firearms - Judge Taylor
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - cont...(16:00-17:59 PDT) - Queercon Mixer -
SOC - Denial, Deception, and Drinks with Mitre Engage -
SOC - Friends of Bill W -
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
TEV - cont...(10:00-17:59 PDT) - Learn at Tamper-Evident Village -
WS - cont...(14:00-17:59 PDT) - Hybrid Phishing Payloads: From Threat-actors to You - Jon Christiansen,Magnus Stubman
WS - cont...(14:00-17:59 PDT) - Creating and uncovering malicious containers. - David Mitchell,Adrian Wood,Griffin Francis
WS - cont...(14:00-17:59 PDT) - Evading Detection: A Beginner's Guide to Obfuscation - Anthony "Cx01N" Rose,Jake "Hubbl3" Krasnov,Vincent "Vinnybod" Rose
WS - cont...(14:00-17:59 PDT) - Securing Web Apps - Kaitlyn Handleman,Elizabeth Biddlecome,Irvin Lemus,Sam Bowne
WS - cont...(14:00-17:59 PDT) - Automated Debugging Under The Hood - Building A Programmable Windows Debugger From Scratch (In Python) - Sean Wilson,Sergei Frankoff

 

Saturday - 18:00 PDT


Return to Index  -  Locations Legend
CON - cont...(10:00-19:59 PDT) - DARKNET-NG -
CON - cont...(10:00-19:59 PDT) - DC30 Ham Radio Fox Hunt Contest -
CON - cont...(17:00-19:59 PDT) - Crash and Compile - Contest Stage -
DC - The CSRF Resurrections! Starring the Unholy Trinity: Service Worker of PWA, SameSite of HTTP Cookie, and Fetch - Dongsung Kim
DC - cont...(17:30-18:15 PDT) - Black-Box Assessment of Smart Cards - Daniel Crowley
DC - (18:30-18:50 PDT) - Digital Skeleton Keys - We’ve got a bone to pick with offline Access Control Systems - Micsen,Miana E Windall
DC - cont...(09:00-18:59 PDT) - Human Registration Open
DC - cont...(17:30-18:15 PDT) - Crossing the KASM -- a webapp pentest story - Samuel Erb,Justin Gardner
ICSV - (18:30-21:59 PDT) - ICS Village Charity BBQ -
SEV - Social Engineering as a career panel -
SOC - Night of the Ninjas - Entertainment - Magician Kody Hildebrand,TAIKOPROJECT,Z3NPI,Zebbler Encanti Experience,Scotch and Bubbles,CTRL/rsm,Krisz Klink,Mass Accelerator
SOC - cont...(17:00-18:59 PDT) - Denial, Deception, and Drinks with Mitre Engage -

 

Saturday - 19:00 PDT


Return to Index  -  Locations Legend
CON - cont...(10:00-19:59 PDT) - DARKNET-NG -
CON - cont...(10:00-19:59 PDT) - DC30 Ham Radio Fox Hunt Contest -
CON - cont...(17:00-19:59 PDT) - Crash and Compile - Contest Stage -
ICSV - cont...(18:30-21:59 PDT) - ICS Village Charity BBQ -
PLV - Fireside Policy Chats - Clare Martorana
PLV - D0 N0 H4RM: A Healthcare Security Conversation (Lounge) - Jessica Wilkerson,Christian "quaddi" Dameff MD,Jeff “r3plicant” Tully MD,Alissa Knight,Seeyew Mo
SOC - (19:30-00:59 PDT) - BlanketFort Con -
SOC - (19:30-01:59 PDT) - Hacker Karaoke -

 

Saturday - 20:00 PDT


Return to Index  -  Locations Legend
ICSV - cont...(18:30-21:59 PDT) - ICS Village Charity BBQ -
PLV - cont...(19:00-20:15 PDT) - Fireside Policy Chats - Clare Martorana
PLV - (20:30-21:15 PDT) - Fireside Policy Chats -
PLV - cont...(19:00-21:59 PDT) - D0 N0 H4RM: A Healthcare Security Conversation (Lounge) - Jessica Wilkerson,Christian "quaddi" Dameff MD,Jeff “r3plicant” Tully MD,Alissa Knight,Seeyew Mo
SOC - Movie Night Double Feature - The Conversation & The 13th Floor -
SOC - (20:30-23:59 PDT) - Girls Hack Village 90’s House Party -
SOC - Meet the EFF -
SOC - Hacker Flairgrounds -
SOC - Hacker Jeopardy -

 

Saturday - 21:00 PDT


Return to Index  -  Locations Legend
ICSV - cont...(18:30-21:59 PDT) - ICS Village Charity BBQ -
PLV - cont...(20:30-21:15 PDT) - Fireside Policy Chats -
PLV - cont...(19:00-21:59 PDT) - D0 N0 H4RM: A Healthcare Security Conversation (Lounge) - Jessica Wilkerson,Christian "quaddi" Dameff MD,Jeff “r3plicant” Tully MD,Alissa Knight,Seeyew Mo
SEV - (21:30-23:59 PDT) - Social Engineering Community Village Mixer -
SOC - cont...(20:00-23:59 PDT) - Movie Night Double Feature - The Conversation & The 13th Floor -
SOC - cont...(20:30-23:59 PDT) - Girls Hack Village 90’s House Party -
SOC - cont...(20:00-21:59 PDT) - Meet the EFF -
SOC - cont...(20:00-21:59 PDT) - Hacker Flairgrounds -
SOC - cont...(20:00-21:59 PDT) - Hacker Jeopardy -
SOC - Arcade Party -
SOC - VETCON -
SOC - Hallway Monitor Party - Entertainment - Terrestrial Access Network,Hanz Dwight,DJ Thaad,Yesterday & Tomorrow,Hellacopta

 

Saturday - 22:00 PDT


Return to Index  -  Locations Legend
SEV - cont...(21:30-23:59 PDT) - Social Engineering Community Village Mixer -
SOC - cont...(20:00-23:59 PDT) - Movie Night Double Feature - The Conversation & The 13th Floor -
SOC - cont...(20:30-23:59 PDT) - Girls Hack Village 90’s House Party -
SOC - Whose Slide Is It Anyway? (WSIIA) -
SOC - cont...(21:00-23:59 PDT) - Arcade Party -

 

Saturday - 23:00 PDT


Return to Index  -  Locations Legend
SEV - cont...(21:30-23:59 PDT) - Social Engineering Community Village Mixer -
SOC - cont...(20:00-23:59 PDT) - Movie Night Double Feature - The Conversation & The 13th Floor -
SOC - cont...(20:30-23:59 PDT) - Girls Hack Village 90’s House Party -
SOC - cont...(22:00-23:59 PDT) - Whose Slide Is It Anyway? (WSIIA) -
SOC - cont...(21:00-23:59 PDT) - Arcade Party -

Talk/Event Descriptions


 

MIV - Saturday - 14:15-14:45 PDT


Title: 404! Memory Holing and the SEO Warping of Human History
When: Saturday, Aug 13, 14:15 - 14:45 PDT
Where: Caesars Forum - Summit 221->236 (Misinformation Village) - Map

SpeakerBio:Arikia Millikan , Journalist, Media Consultant
Arikia Millikan is an American journalist and editorial strategist living in Berlin. Her journalistic work showcases my dedication to deep research and the art of the interview, bringing a humanistic perspective to topics at the intersection of technology and the human mind. In the private sector, she thrives while scrutinizing complexity and unblocking communication sticking points that occur when specialists are tasked with conveying information to a general audience. Her client roster includes founders and thought leaders from fields such as biotechnology, venture capital, telemedicine, teletherapy, femtech, cybersecurity, and mixed reality media.

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

AIV - Saturday - 10:00-10:50 PDT


Title: A few useful things to know about AI Red Teams 
When: Saturday, Aug 13, 10:00 - 10:50 PDT
Where: Caesars Forum - Summit 228->236 (AI Village) - Map

SpeakerBio:Sudipto Rakshit 
No BIO available

Description:
AI Red Teams are sprouting across organizations: Microsoft, Facebook, Google, DeepMind, OpenAI, NVIDIA all have dedicated teams to secure and red team their AI systems. Even the US Government is jumping on this bandwagon. But surprisingly, unlike traditional red teams, which have an agreed upon form, function and definition, there is little agreement on AI Red Teaming. This talk synthesizes Microsoft’s perspective of AI Red Team and interleaves formal and informal conversations with more than 15 different AI Red Teams across the industry and governments, as well analyzing their job postings, publications and blog posts. We ground each of the lessons in our experience of red teaming production systems.

After this talk, you will get a taste of how AI Red Teams approach the problem, grasp what AI Red Teams do, how they interact with existing security paradigms like traditional red teaming as well as emerging areas like adversarial machine learning. You will be able to assess what it takes to be successful in this field, and how your can make an impact without a PhD in Adversarial Machine learning.


Return to Index    -    Add to    -    ics Calendar file

 

AIV - Saturday - 12:00-12:50 PDT


Title: A System for Alert Prioritization
When: Saturday, Aug 13, 12:00 - 12:50 PDT
Where: Caesars Forum - Summit 228->236 (AI Village) - Map
Speakers:Ben Gelman ,Salma Taoufiq

SpeakerBio:Ben Gelman 
No BIO available

SpeakerBio:Salma Taoufiq
No BIO available

Description:
At any moment, tens of thousands of analysts within security operations centers (SOCs) inspect security alerts to detect evidence of compromise, but the knowledge they gain in the process is often lost, siloed, or inefficiently preserved. In our talk, we’ll present a machine learning prototype that leverages this forgotten knowledge, helping analysts triage malicious alerts in a feedback loop. The system learns to predict which alerts analysts will escalate, presents these alerts to analysts, and improves as analysts make decisions about these alerts. Our system is trained on real activity from hundreds of SOC analysts analyzing threats over thousands of customer environments, and it demonstrates a dramatic reduction in alert volume with minimal loss in detection rate, freeing up analysts to dive into alerts that truly matter.

In our presentation, we describe this system in transparent detail, discussing the complexity of raw data, the limitations of current approaches, and how our system can integrate into existing infrastructure, even in the presence of unstructured data and a shifting landscape of security sensors. We’ll also show our system’s performance in the practical defense of a diverse population of organizations and go over in-the-trenches case studies illustrating our system’s strengths and weaknesses.


Return to Index    -    Add to    -    ics Calendar file

 

CLV - Saturday - 14:20-14:50 PDT


Title: Access Undenied on AWS - Troubleshooting AWS IAM AccessDenied Errors
When: Saturday, Aug 13, 14:20 - 14:50 PDT
Where: Flamingo - Scenic Ballroom (Cloud Village) - Map

SpeakerBio:Noam Dahan
Noam Dahan is a Senior Security Researcher at Ermetic with several years of experience in embedded security. He is a graduate of the Talpiot program at the Israel Defense Forces and spent several years in the 8200 Intelligence Corps. While this is his first time presenting at DEF CON, it is not his first time in front of a crowd. Noam was a competitive debater and is a former World Debating Champion.
Twitter: @NoamDahan

Description:
Access Undenied on AWS analyzes AWS CloudTrail AccessDenied events û it scans the environment to identify and explain the reasons for which access was denied. When the reason is an explicit deny statement, AccessUndenied identifies the exact statement. When the reason is a missing allow statement, AccessUndenied offers a least-privilege policy that facilitates access.

IAM is a complex system in which permission information is distributed among many sources and permission evaluation logic is complex. The tool can help both defensive and offensive security teams with this challenge.

For defenders. The need to facilitate access to teams annoyed or frustrated by access denied messages often breaks least-privilege and creates excessive permissions in the environment. AccessUndenied gives a minimal least-privilege policy suggestion and prevents this. Some users of the tool are even scaling their use by hooking AccessUndenied to a Lambda that automatically handles AccessDenied messages and sends them a slack notification with the tool's output.

For offensive teams. In AWS IAM, a Deny statement trumps any allow. Therefore even after privilege escalation to admin, certain actions can still be blocked. Offensive teams can use AccessUndenied to quickly and effectively track down these explicit deny statements to then circumvent or remove them.

Sometimes, the new and more detailed AccessDenied messages provided by AWS will be sufficient. However, this is not always the case.

Some AccessDenied messages do not provide details. Among the services with (many or exclusively) undetailed messages are: S3, SSO, EFS, EKS, GuardDuty, Batch, SQS, and many more.

When the reason for AccessDenied is an explicit deny, it can be difficult to track down and evaluate every relevant policy.

When the explicit deny is in a service control policy (SCP), one has to find every single policy in the organization that applies to the account.

When the problem is a missing allow statement, users still need to define a least-privilege policy.

Github: https://github.com/ermetic/access-undenied-aws


Return to Index    -    Add to    -    ics Calendar file

 

MIV - Saturday - 15:45-16:15 PDT


Title: Ad it up: To minimize mis- and dis-information, we must reshape the ad tech business, not regulate speech
When: Saturday, Aug 13, 15:45 - 16:15 PDT
Where: Caesars Forum - Summit 221->236 (Misinformation Village) - Map

SpeakerBio:Jessica Dheere
Jessica Dheere is the Director of Ranking Digital Rights. She is the founder, former executive director, and board member of SMEX (https://www.smex.org/), the Middle East’s leading digital rights research and advocacy organization. As a 2018–19 research fellow (https://cyber.harvard.edu/people/jessica-dheere) at the Berkman Klein Center for Internet & Society, she launched the CYRILLA Collaborative (https://www.cyrilla.org/). She is also a member of the 2019-20 class of Technology and Human Rights Fellow (https://carrcenter.hks.harvard.edu/people/jessica-dheere) at Harvard’s Carr Center for Human Rights Policy. Dheere has presented at the Internet Governance Forum, the Milton Wolf Seminar on Media and Diplomacy, RightsCon, and the International Journalism Festival.

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

PLV - Saturday - 12:00-13:45 PDT


Title: Addressing the gap in assessing (or measuring) the harm of cyberattacks
When: Saturday, Aug 13, 12:00 - 13:45 PDT
Where: Caesars Forum - Summit 226-227 - Policy Roundtable - Map

SpeakerBio:Adrien Ogee , Chief Operations Officer
Adrien is currently Chief Operations Officer at the CyberPeace Institute, a cybersecurity non-profit based in Switzerland. At the Institute, he provides cybersecurity assistance to vulnerable communities around the world. Adrien has more than 15 years of experience in various cyber crisis response roles in the private sector, the French Cybersecurity Agency (ANSSI), the European Cybersecurity Agency (ENISA), and the World Economic Forum. Adrien holds an MEng in telecommunication and information systems, an MSc in Global Security and a Master in Business Administration.

Description:
Through this session we propose to outline the draft methodology, so as to leverage the expertise of the audience to provide feedback and indicate interest in peer-reviewing or testing such a methodology. As well as to have an open discussion about the value of understanding harm in a cyber context.

Return to Index    -    Add to    -    ics Calendar file

 

AVV - Saturday - 14:30-17:30 PDT


Title: Adversary Booth
When: Saturday, Aug 13, 14:30 - 17:30 PDT
Where: Flamingo - Scenic Ballroom (Adversary Village) - Map
Speakers:Dean Lawrence,Ethan Michalak,Melanie Chan,Michael Kouremetis,Jay Yee

SpeakerBio:Dean Lawrence , Software Systems Engineer
No BIO available

SpeakerBio:Ethan Michalak , Cyber Security Intern
No BIO available

SpeakerBio:Melanie Chan , Senior Cybersecurity Engineer & Intern Coordinator
No BIO available

SpeakerBio:Michael Kouremetis , Lead Cyber Operations Engineer and Group Lead
No BIO available

SpeakerBio:Jay Yee , Senior Cyber Security Engineer, Defensive Cyber Operations
No BIO available

Description:
Adversary Simulator booth will have hands-on adversary emulation plans specific to a wide variety of threat-actors - ransomware, these are meant to provide the participant/visitor with a better understanding of the Adversary tactics.

Return to Index    -    Add to    -    ics Calendar file

 

AVV - Saturday - 10:30-12:30 PDT


Title: Adversary Booth
When: Saturday, Aug 13, 10:30 - 12:30 PDT
Where: Flamingo - Scenic Ballroom (Adversary Village) - Map
Speakers:Dean Lawrence,Ethan Michalak,Melanie Chan,Michael Kouremetis,Jay Yee

SpeakerBio:Dean Lawrence , Software Systems Engineer
No BIO available

SpeakerBio:Ethan Michalak , Cyber Security Intern
No BIO available

SpeakerBio:Melanie Chan , Senior Cybersecurity Engineer & Intern Coordinator
No BIO available

SpeakerBio:Michael Kouremetis , Lead Cyber Operations Engineer and Group Lead
No BIO available

SpeakerBio:Jay Yee , Senior Cyber Security Engineer, Defensive Cyber Operations
No BIO available

Description:
Adversary Simulator booth will have hands-on adversary emulation plans specific to a wide variety of threat-actors - ransomware, these are meant to provide the participant/visitor with a better understanding of the Adversary tactics.

Return to Index    -    Add to    -    ics Calendar file

 

AVV - Saturday - 10:30-17:30 PDT


Title: Adversary Wars CTF
When: Saturday, Aug 13, 10:30 - 17:30 PDT
Where: Flamingo - Scenic Ballroom (Adversary Village) - Map

Description:
Adversary Wars CTF will have real world simulation CTF scenarios and challenges, where the adversaries can simulate attacks and learn new attack vectors, TTPs, techniques, etc. There would be combined exercises which include different levels of threat/adversary emulation and purple teaming.

Return to Index    -    Add to    -    ics Calendar file

 

AIV - Saturday - 16:00-17:30 PDT


Title: AI Music Tutorial and Show
When: Saturday, Aug 13, 16:00 - 17:30 PDT
Where: Caesars Forum - Summit 228->236 (AI Village) - Map

SpeakerBio:dadabots
No BIO available

Description:
Learn how the dadabots make their music and enjoy a performance after the tutorial.

Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 14:00-14:59 PDT


Title: AI Village + RTV Panel: The Use of AI/ML in Offensive Security Operations
When: Saturday, Aug 13, 14:00 - 14:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map
Speakers:Omar Santos,Will Pearce,Will Schroeder

SpeakerBio:Omar Santos , Principal Engineer
No BIO available
Twitter: @santosomar

SpeakerBio:Will Pearce
No BIO available
Twitter: @moo_hax

SpeakerBio:Will Schroeder
No BIO available
Twitter: @HarmJ0y

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

BHV - Saturday - 11:30-11:59 PDT


Title: All information should be free (except the brain data you want to keep in your head) 
When: Saturday, Aug 13, 11:30 - 11:59 PDT
Where: Flamingo - Laughlin I,II,III (Biohacking Village) - Map

SpeakerBio:Isabel Straw , MD
Isabel is an Emergency Doctor in London with a background in public and global health, currently pursuing a PhD in ‘Artificial Intelligence (AI) in Healthcare’ at University College London (UCL).
Twitter: @IsabelStrawMD

Description:
"""When Isaac* arrived at our Emergency department in a critical condition, the last place we thought to investigate was within the Deep Brain Stimulator (DBS) inside his head. Medical device failures or 'medical hacks' are not constituents of practitioner training, and the consequences were immediately apparent as we attempted to care for the patient [1]. Isaac's recovery was due to the resetting of the DBS settings by the programmer, and not as a result of medical attention.

The use of implanted neuromodulation is increasing in both the medical and consumer space, yet the telemetric nature of these closed looped systems expose them to a range of vulnerabilities [2-4]. Unlike hacks on insulin pumps and pacemakers, there is currently no research on hacks of brain-computer interfaces [1, 5].

Interactions between hardware and neuroanatomy invoke a range of unexpected symptoms - for Isaac the DBS error induced intense emotions and motor disturbance. An understanding of these biotechnological syndromes requires expertise from computer scientists, engineers, biomedical experts and hackers who can expose system flaws. We bring this case to DEFCON to foster collaboration between the medical and hacking community, to improve the care of patients like Isaac, who present with medical emergencies resulting from technological failures.

*Psuedonym
"""


Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 12:00-12:45 PDT


Title: All Roads leads to GKE's Host : 4+ Ways to Escape
When: Saturday, Aug 13, 12:00 - 12:45 PDT
Where: Caesars Forum - Academy 401-410, 421 (Track 3) - Map
Speakers:Billy Jheng,Muhammad ALifa Ramdhan

SpeakerBio:Billy Jheng , Security Researcher at STAR Labs
Billy Jheng is a information security researcher at STAR Labs, focusing on Hypervisor and Linux Kernel vulnerability research and exploitation, a member of the Balsn CTF team.

He participated in Pwn2Own 2021 Vancouver & Austin and was a speaker at conferences HITCON.

Twitter: @st424204

SpeakerBio:Muhammad ALifa Ramdhan , Security Researcher at STAR Labs
Muhammad Ramdhan is a security researcher at STAR Labs, currently interested on Linux Kernel, Hypervisor or Container vulnerability research and exploitation. He is also a CTF enthusiast who is currently a member of CTF team SuperGuesser focusing on binary exploitation problems.
Twitter: @n0psledbyte

Description:
Container security is a prevalent topic in security research. Due to the great design and long-term effort, containers have been more and more secure. Usage of container technology is increasingly being used. Container security is a topic that has started to be discussed a lot lately.

In late 2021, Google increased the vulnerability reward program in kCTF infrastructure, which was built on top of Kubernetes and Google Container Optimized OS, with a minimum reward of $31,337 per submission.

In this talk, we will share about how we managed to have 4 successful submissions on kCTF VRP by exploiting four Linux kernel bugs to perform container escape on kCTF cluster, we will explain some interesting kernel exploit techniques and tricks that can be used to bypass the latest security mitigation in Linux kernel. We will also share what we did wrong that causes us to nearly lose 1 of the bounty.

As of writing, there are 14 successful entries to kCTF. In this presentation, we are willing to share our full, in-depth details on the research of kCTF.

To the best of our knowledge, this presentation will be the first to talk about a complete methodology to pwn kCTF (find and exploit bugs within 0-day and 1-day) in public.


Return to Index    -    Add to    -    ics Calendar file

 

DL - Saturday - 12:00-13:55 PDT


Title: alsanna
When: Saturday, Aug 13, 12:00 - 13:55 PDT
Where: Caesars Forum - Accord Boardroom (Demo Labs) - Map

SpeakerBio:Jason Johnson
Jason has been hacking for years, getting great satisfaction from peeling back layers of abstraction. He enjoys working on network security and machine learning. He's been to two DEF CONs in the past, and loved every minute of them. He is currently employed by WithSecure and based out of upstate New York.

Description:
alsanna is a command-line based intercepting proxy for arbitrary TCP traffic. It includes built-in support for decrypting TLS streams, and allows editing the stream as it passes over the network. It is deliberately lightweight and documented to help hackers who need to modify its behavior. This demo will include live instances of the tool which can be used by visitors, live support for anyone looking to learn how to use alsanna, and a short on-demand walkthrough for visitors, covering how the tool works and what you need to know to modify it.

Audience: Researchers, reverse engineers, pentesters, bug bounty hunters


Return to Index    -    Add to    -    ics Calendar file

 

ASV - Saturday - 10:00-16:59 PDT


Title: Amazon Web Services Aerospace and Satellite Jam
When: Saturday, Aug 13, 10:00 - 16:59 PDT
Where: Caesars Forum - Forum 112-117 (Aerospace Village) - Map

Description:
Jams are immersive engagements that encourage you to up-level your security and coding skills on AWS through the use of hands-on real-world scenarios. The scenarios have varying level of difficulty and points associated with them. Jam engagements allow you to identify strengths, areas of improvement, and the ability to work together in team or individual challenges. Participating will help you advance your cloud cyber skills, hone your problem-solving abilities, and better understand and appreciate the complex set of threat vectors that the aerospace and satellite community confront every day. You will gain experience with a wide range of AWS services in a series of prepared scenarios across aerospace and satellite use cases and operational tasks. Come prepared to stop threat actors from laterally moving through your virtual flight operations center. Detect manipulated imagery in your satellite imagery analysis pipeline. Defend against a DDOS attack on your satellite ground station receiver network. Harden your virtual twin Mars rover against Internet of Things (IoT) attacks. There’s never a dull moment to work in space!

Required gear: Laptop and connection required to access the jam environment, set up DEF CON WiFi in advance!


Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 12:30-13:15 PDT


Title: Analyzing PIPEDREAM: Challenges in testing an ICS attack toolkit.
When: Saturday, Aug 13, 12:30 - 13:15 PDT
Where: Caesars Forum - Alliance 301-309, 321 (Track 4) - Map

SpeakerBio:Jimmy Wylie , Principal Malware Analyst II , Dragos, Inc.
Jimmy Wylie is a Principal Malware Analyst at Dragos, Inc. who spends his days (and nights) searching for and analyzing threats to critical infrastructure. He was the lead analyst on PIPEDREAM, the first ICS attack "utility belt", TRISIS, the first malware to target a safety instrumented system, and analysis of historical artifacts of the CRASHOVERRIDE attack, the first attack featuring malware specifically tailored to disrupt breakers and switchgear in an electric transmission substation.

Jimmy has worked for various DoD contractors, leveraging a variety of skills against national level adversaries, including network analysis, dead disk and memory forensics, and software development for detection and analysis of malware. After leaving the DoD contracting world, he joined Focal Point Academy, where he developed and taught malware analysis courses to civilian and military professionals across the country. In his off-time, Jimmy enjoys learning about operating systems internals, playing pool, cheap beer, and good whiskey.

Twitter: @mayahustle

Description:
Identified early in 2022, PIPEDREAM is the seventh-known ICS-specific malware and the fifth malware specifically developed to disrupt industrial processes. PIPEDREAM demonstrates significant adversary research and development focused on the disruption, degradation, and potentially, the destruction of industrial environments and physical processes. PIPEDREAM can impact a wide variety of PLCs including Omron and Schneider Electric controllers. PIPEDREAM can also execute attacks that take advantage of ubiquitous industrial protocols, including CODESYS, Modbus, FINS, and OPC-UA.

This presentation will summarize the malware, and detail the difficulties encountered during the reverse engineering and analysis of the malware to include acquiring equipment and setting up our lab. This talk will also release the latest results from Drago's lab including an assessment of the breadth of impact of PIPEDREAM's CODESYS modules on equipment beyond Schneider Electric's PLCs, testing Omron servo manipulation, as well as OPC-UA server manipulation. While a background in ICS is helpful to understand this talk, it is not required. The audience will learn about what challenges they can expect to encounter when testing ICS malware and how to overcome them.


Return to Index    -    Add to    -    ics Calendar file

 

RFV - Saturday - 13:00-13:59 PDT


Title: Antennas for Surveillance
When: Saturday, Aug 13, 13:00 - 13:59 PDT
Where: Flamingo - Eldorado Ballroom (Radio Frequency Village) - Map

SpeakerBio:Kent Britain WA5VJB
Kent is an RF Engineer with extensive experience developing Antennas and RF products for a wide variety of applications.

Description:
"Antennas Different types, where and when you would want one design vs another. (Short overview of my last talk for you) Why the 1/4 wave whip is a NON-FUNCTIONAL antenna on small transmitters! (needs to be much longer) SDR More comments on the design limitations of SDR's. Proper use of Low Noise AMPs and why filters are usually necessary. Short Bio on Mr Leon Theremin An extremely productive spy for the KGB. He had spent far more time in the Patent office making copies of patents than he did in the concert hall. Quick notes on the technology of the passive microphone he built that was put in the wood carving of the US Seal and placed in the ambassadors office. And to think he did that work while vacationing in one of Stalin's gulags! Taking Theremin's work to the next level and using various objects in an office as passive microphones. This would cover why the Russians and the Cubans like to beam microwaves into embassies."

Return to Index    -    Add to    -    ics Calendar file

 

SOC - Saturday - 21:00-23:59 PDT


Title: Arcade Party
When: Saturday, Aug 13, 21:00 - 23:59 PDT
Where: Caesars Forum - Forum 104-105, 136 - Map

Description:
The Arcade Party is back! Come play your favorite classic arcade games while jamming out to Keith Myers DJing. Your favorite custom built 16 player LED foosball table will be ready for some competitive games.

This epic party is hosted by the Military Cyber Professionals Association (a tech ed charity) and friends.

More info: ArcadeParty.org (open to all DEF CON attendees)


Return to Index    -    Add to    -    ics Calendar file

 

AVV - Saturday - 15:15-17:15 PDT


Title: Attack and Defend with Adversary Emulation
When: Saturday, Aug 13, 15:15 - 17:15 PDT
Where: Flamingo - Scenic Ballroom (Adversary Village) - Map
Speakers:Christopher Peacock,Jake Williams

SpeakerBio:Christopher Peacock , Adversary Emulation - Detection Engineer
Christopher Peacock is an Adversary Emulation - Detection Engineer at SCYTHE, specializing in Purple Team Exercises and Detection Engineering. His previous experience includes multiple roles such as Cyber Threat Intelligence Analyst, Cyber Threat Hunter, Tier 3 SOC Analyst, Incident Responder, Cyber Security Consultant, and Purple Team Lead. He previously worked at Raytheon Intelligence & Space and General Dynamics Ordnance & Tactical Systems. Additionally, he has experience in multiple industries, including Energy, Finance, Healthcare, Technology, and Defense. Current certifications include GCTI, GCFA, GCED, eJPT, and CSIS.
Twitter: @SecurePeacock

SpeakerBio:Jake Williams
Jake Williams is the Executive Director of Cyber Threat Intelligence at SCYTHE. Williams is an IANS Faculty Member and also works as a SANS Analyst. He is a prolific speaker on topics in information security and has trained thousands of people on incident response, red team operations, reverse engineering, cyber threat intelligence, and other information security topics. Jake is the two time winner of the DC3 Digital Forensics Challenge, a recipient of the DoD Exceptional Civilian Service Award, and is one of only a handful of people to ever be certified as Master Network Exploitation Operator by the US Government.
Twitter: @MalwareJake

Description:
Command and Control is one of the most used tactics by adversaries in intrusions. Without command and control, you have to write a worm, and worms can get out of control. For this reason, 95% or more of attacks use Command and Control. We will leverage cyber threat intelligence to develop procedural emulations to attack target systems and then cover how to detect the attacks. The workshop will begin with a brief lecture to introduce cyber threat intelligence, threat emulation development, and detection engineering. The rest will be hands-on keyboard exercises.

We will supply individual labs using the VMware Learning Platform. The lab environment will include an attack system and a target Windows system. Please bring a laptop with internet access so that you can connect to the cloud-hosted VMware lab environment.

Attendees will be able to follow the self-paced guide to set up emulations, create payloads, and gain execution for assumed breach payloads. From there, various adversary behaviors will be walked through to meet adversary objectives. From the defensive side, the guide will walk the attendee through setting up data sources for detection using free tools and cover common detection types.


Return to Index    -    Add to    -    ics Calendar file

 

WS - Saturday - 14:00-17:59 PDT


Title: Automated Debugging Under The Hood - Building A Programmable Windows Debugger From Scratch (In Python)
When: Saturday, Aug 13, 14:00 - 17:59 PDT
Where: Harrah's - Silver (Workshops) - Map
Speakers:Sean Wilson,Sergei Frankoff

SpeakerBio:Sean Wilson , Co-Founder, OpenAnalysis Inc.
Sean is a co-founder of OpenAnalysis Inc. He splits his time between reverse engineering malware and building automation tools for incident response. Sean brings over a decade of experience working in a number of incident response and application security roles with a focus on security testing and threat modelling. In his free time Sean loves fly fishing.

SpeakerBio:Sergei Frankoff , Co-Founder, OpenAnalysis Inc.
Sergei is a co-founder of OpenAnalysis Inc. When he is not reverse engineering malware Sergei is focused on building automation tools for malware analysis, and producing tutorials for the OALABS YouTube channel. With over a decade in the security industry Sergei has extensive experience working at the intersection of incident response and threat intelligence.

Description:
How do anti-debug tricks actually work? Is there a way to automate tedious debugging tasks like unpacking malware? Have you ever wondered what is happening under the hood of a debugger?

In this workshop you will build your own programmable Windows debugger from scratch (using Python). Each component in the debugger will be built as a separate module with an accompanying lab used to explain the concepts and Windows internals that support the component. In the final lab you will have the chance to test your new debugger against various malware samples and attempt to automatically unpack them, and extract IOCs.

This workshop is aimed at malware analysts and reverse engineers who are interested in learning more about debuggers and how programmable debuggers can be used to automate some reverse engineering workflows. Students must be able to write basic Python scripts, and have a working knowledge of the Windows OS.

You will be provided with a VirtualMachine to use during the workshop. Please make sure to bring a laptop that meets the following requirements. - Your laptop must have VirtualBox or VMWare installed and working prior to the start of the course. - Your laptop must have at least 60GB of disk space free. - Your laptop must also be able to mount USB storage devices. (Make sure you have the appropriate dongle if you need one.)

Materials
Students will be provided with a VirtualMachine to use during the workshop. They will need to bring a laptop that meets the following requirements; - The laptop must have VirtualBox or VMWare installed and working prior to class. - The laptop must have at least 60GB of disk space free. - The laptop must be able to mount USB storage devices (ensure you have the appropriate dongle if you need one).
Prereq
Students must be able to write basic Python scripts and have a basic understanding of the Windows operating system. Familiarity with a Windows user space debugger like x64dbg would also be a benefit.

Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 15:30-15:50 PDT


Title: Automotive Ethernet Fuzzing: From purchasing ECU to SOME/IP fuzzing
When: Saturday, Aug 13, 15:30 - 15:50 PDT
Where: Caesars Forum - Forum 104-105, 135-136 (Track 1) - Map
Speakers:Jonghyuk Song,Soohwan Oh,Woongjo choi

SpeakerBio:Jonghyuk Song , "Jonghyuk Song, Redteam Leader, Autocrypt"
Jonghyuk Song is lead for Autocrypt’s Red Team. His current tasks are security testing for automotive including fuzzing, penetration testing, and vulnerability scanning.

He researches security issues in not only in-vehicle systems, but also V2G and V2X systems. Jonghyuk received his Ph.D. in Computer Science and Engineering at POSTECH, South Korea in 2015. He has worked in Samsung Research as an offensive security researcher, where his work included finding security issues in smartphones, smart home appliances and network routers.


SpeakerBio:Soohwan Oh , Blueteam Engineer, Autocrypt
Soohwan Oh is an automotive engineer and security tester at Autocrypt blue team.

He is mainly working on fuzzing test and issue analysis on the in-vehicle networks, such as CAN/CAN-FD, UDSonCAN and Automotive Ethernet.

Also, he has designed the requirements of automotive security test solutions.


SpeakerBio:Woongjo choi , Blueteam Leader, Autocrypt
Woongjo Choi is in charge of team leader of blue team and also vehicle security test engineer at Autocrypt. Also, he designed automotive security test solution and conducted the fuzzing test.Experienced in various fields : Vehicle security, Mobile phone, Application Processor, Ultrasound system, etc.

Description:
Car hacking is a tricky subject to hackers because it requires lots of money and hardware knowledge to research with a real car. An alternative way would be to research with an ECU but it also difficult to know how to setup the equipment. Moreover, in order to communicate with Automotive Ethernet services running on the ECU, you need additional devices such as media converters and Ethernet adapters supporting Virtual LAN(VLAN). Even if you succeed in building the hardware environment, you can't communicate with the ECU over SOME/IP protocol of Automotive Ethernet if you don't know the network configuration, such as VLAN ID, service IDs and IP/port mapped to each service.

This talk describes how to do fuzzing on the SOME/IP services step by step. First, we demonstrate how to buy an ECU, how to power and wire it. Second, we explain network configurations to communicate between ECU and PC. Third, we describe how to find out the information required to perform SOME/IP fuzzing and how to implement SOME/IP Fuzzer. We have conducted the fuzzing with the BMW ECUs purchased by official BMW sales channels, not used products.

We hope this talk will make more people to try car hacking and will not go through the trials and errors that we have experienced.


Return to Index    -    Add to    -    ics Calendar file

 

RFV - Saturday - 14:00-14:30 PDT


Title: Biohacking Using SDR When You Don’t Know What You’re Doing
When: Saturday, Aug 13, 14:00 - 14:30 PDT
Where: Flamingo - Eldorado Ballroom (Radio Frequency Village) - Map

SpeakerBio:J9
J9 is a Security Researcher and Analyst who primarily works in infrastructure device security. She started her career as a Web Programmer, became a Systems Administrator, and then transitioned into Information Security because she gets bored easily and is sadistic. In her spare time, J9 enjoys puzzles, cooking, and your mom.
Twitter: @fackque99

Description:
What would you do if you were implanted with a medical device that broadcasts every 12 seconds? Starting with loads of curiosity and very little knowledge about RF, how to use a software defined radio (SDR), and no knowledge of how to decode captured RF signals, I embarked on an adventure to teach myself something new. Jumping head first into the RF CTF helped greatly! This presentation starts with cocaine and ketamine (in a controlled medical setting) and includes a near-death experience and new skills attained by building on the work of those who came before me. The end result of this adventure led me to the US Capitol to sit down with Senate staffers about the security and exploitability of medical devices.

Return to Index    -    Add to    -    ics Calendar file

 

GHV - Saturday - 11:30-11:59 PDT


Title: Black in Cybersecurity Research and Education: The Experience of one Black Girl's Journey through Graduate School
When: Saturday, Aug 13, 11:30 - 11:59 PDT
Where: Flamingo - Virginia City III (Girls Hack Village) - Map

SpeakerBio:Katorah Williams
Katorah is a doctoral candidate in the Criminal Justice department at Temple University. Her work falls primarily into 2 buckets: 1) social engineering and education and 2) surveillance and privacy. During her time at Temple, she has worked closely with Dr. Aunshul Rege in the Cybersecurity in Application, Research and Education (C.A.R.E.) Lab to develop strategies to educate students on the non-technical side of hacking, also known as social engineering. In her own research, Katorah focuses on the role of surveillance in society, including the intersection of surveillance with race and gender, and how people view and interpret the right to privacy. Her dissertation explores the decision-making process social media users go through when engaging in lateral surveillance on various platforms.

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 17:30-18:15 PDT


Title: Black-Box Assessment of Smart Cards
When: Saturday, Aug 13, 17:30 - 18:15 PDT
Where: Caesars Forum - Alliance 301-309, 321 (Track 4) - Map

SpeakerBio:Daniel Crowley , Head of Research, X-Force Red
Daniel Crowley is the head of research and a penetration tester for X-Force Red. Daniel denies all allegations regarding unicorn smuggling and questions your character for even suggesting it. Daniel is the primary author of both the Magical Code Injection Rainbow, a configurable vulnerability testbed, and FeatherDuster, an automated cryptanalysis tool. Daniel enjoys climbing large rocks and is TIME magazine's 2006 person of the year. Daniel has been working in the information security industry since 2004 and is a frequent speaker at conferences including Black Hat, DEF CON, Shmoocon, and SOURCE. Daniel does his own charcuterie and brews his own beer. Daniel's work has been included in books and college courses. Daniel also holds the noble title of Baron in the micronation of Sealand.
Twitter: @dan_crowley

Description:
You probably have at least two smart cards in your pockets right now. Your credit card, and the SIM card in your cell phone. You might also have a CAC, metro card, or the contactless key to your hotel room. Many of these cards are based on the same basic standards and share a common command format, called APDU.

This talk will discuss and demonstrate how even in the absence of information about a given card, there are a series of ways to enumerate the contents and capabilities of a card, find exposed information, fuzz for input handling flaws, and exploit poor authentication and access control.


Return to Index    -    Add to    -    ics Calendar file

 

SOC - Saturday - 19:30-00:59 PDT


Title: BlanketFort Con
When: Saturday, Aug 13, 19:30 - 00:59 PDT
Where: Caesars Forum - Forum 109-110 - Map

Description:
Blanket Fort Con: Come for the chill vibes and diversity, stay for the Blanket Fort Building, Cool Lights, Music, and, Kid Friendly\Safe environment. Now with less Gluten and more animal onesies!

Return to Index    -    Add to    -    ics Calendar file

 

ASV - Saturday - 10:00-15:59 PDT


Title: Boeing ARINC 429 Airplane Challenge and CTF
When: Saturday, Aug 13, 10:00 - 15:59 PDT
Where: Caesars Forum - Forum 112-117 (Aerospace Village) - Map

Description:
Boeing Test & Evaluation (T&E) has developed two modules to provide an interactive learning environment and engagement opportunity on ARINC 429 data bus. Three modules will be offered, including a 10-15 minute guided discussion on the basics of ARINC 429, highlighting the key components necessary to participate in the two interactive modules. Boeing will provide an interactive learning environment to improve situational awareness of ARINC 429 data bus and promote discussion on Cyber T&E across the aviation industry. After completing the basics guided tour, participants may engage in one or both of events, the Airplane Challenge and CTF.

In order to get participants familiar with ARINC 429 concepts, there will be a presentation introducing 429 and the challenge environment at 10:30 and 13:00 both days.

Event #1 – Airplane Challenge (“AC”): during this event the user is presented with a user interface to send their own crafted 429 messages. The participant will be assigned an airplane on a map with the objectives of navigating the airplane to a win condition.

Event #2 – Capture The Flag (CTF): The participants will connect into the CTF to take on challenges involving protocol and message manipulation. The participant will be able to validate each flag found in order to complete the event!

Required gear: for the AC, you will need a mobile phone and/or Laptop with ability to connect to WiFi. For the CTF you will need a laptop and ethernet cable

Signups: first come first serve!


Return to Index    -    Add to    -    ics Calendar file

 

PHV - Saturday - 10:00-17:59 PDT


Title: Botnet Workshop
When: Saturday, Aug 13, 10:00 - 17:59 PDT
Where: Caesars Forum - Academy 411-414, 420 (Packet Hacking Village) - Map

Description:
What is a botnet and how does it work? Come to the Packet Hacking Village and we'll teach you! Our workshop covers the basics of setup, operation, and shenanigans. Learn a skill useful for offense and defense in infosec!

Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 10:00-11:15 PDT


Title: Brazil Redux: Short Circuiting Tech-Enabled Dystopia with The Right to Repair
When: Saturday, Aug 13, 10:00 - 11:15 PDT
Where: Caesars Forum - Forum 104-105, 135-136 (Track 1) - Map
Speakers:Paul Roberts,Kyle Wiens,Louis Rossmann,Corynne McSherry,Joe Grand

SpeakerBio:Paul Roberts , Founder, SecuRepairs.org, Editor in Chief, The Security Ledger
Paul Roberts is the publisher and Editor in Chief of The Security Ledger (securityledger.com), and the founder of SecuRepairs.org, an organization of more than 200 information security professionals who support a right to repair.

SpeakerBio:Kyle Wiens , CEO, iFixit
Kyle Wiens is the cofounder and CEO of iFixit, an online repair community and parts retailer internationally renowned for its open source repair manuals and product teardowns.
Twitter: @kwiens

SpeakerBio:Louis Rossmann , Founder, Rossmanngroup.com
Louis Rossmann is the owner of Rossmann Repair Group, a computer repair shop established in 2007 that specializes in repair of MacBooks, iPhones and other electronic devices. Louis’s YouTube channel, with more than 1.7 million subscribers, documents repairs as and dispenses advice and opinions on the right to repair.
Twitter: @rossmannsupply

SpeakerBio:Corynne McSherry , Legal Director, Electronic Frontier Foundation
Corynne McSherry is the Legal Director at EFF, specializing in intellectual property, open access, and free speech issues.
Twitter: @cmcsherr

SpeakerBio:Joe Grand , Founder and CEO, Grand Idea Studios
Joe Grand is a product designer, hardware hacker, and the founder of Grand Idea Studio, Inc. He specializes in creating, exploring, manipulating, and teaching about electronic devices.
Twitter: @joegrand

Description:
Terry Gilliam’s 1985 cult film Brazil posits a polluted, hyper-consumerist and totalitarian dystopia in which a renegade heating engineer, Archibald Tuttle, takes great risks to conduct repairs outside of the stifling and inefficient bureaucracy of “Central Services.” When Tuttle’s rogue repairs are detected, Central Services workers demolish and seize repaired systems under the pretext of “fixing” them. It’s dark. It's also not so far off from our present reality in which device makers use always-on Internet connections, DRM and expansive copyright and IP claims to sustain “Central Services”-like monopolies on the service and repair of appliances, agricultural and medical equipment, personal electronics and more. The net effect of this is a less- not more secure ecosystem of connected things that burdens consumers, businesses and the planet. Our panel of repair and cybersecurity experts will delve into how OEMs’ anti-repair arguments trumpet cybersecurity risks, while strangling independent repair and dissembling about the abysmal state of embedded device security. We’ll also examine how the emergent “right to repair” movement aims to dismantle this emerging “Brazil” style dystopia and lay the foundation for a “circular” economy that reduces waste while also ensuring better security and privacy protections for technology users.

Return to Index    -    Add to    -    ics Calendar file

 

BHV - Saturday - 12:00-12:30 PDT


Title: Breaking the Intelligence Cycle - how to tailor intelligence function to your needs?
When: Saturday, Aug 13, 12:00 - 12:30 PDT
Where: Flamingo - Laughlin I,II,III (Biohacking Village) - Map

SpeakerBio:Ohad Zaidenberg
Ohad Zaidenberg is the threat intelligence strategic leader at ABInbev and the CTI League founder. Over the past ten years, Zaidenberg has focused on establishing tailor-made intelligence functions and researching adversaries and disinformation. Zaidenberg was also the lead researcher of ClearSky.
Twitter: @ohad_mz

Description:
Threat Intelligence has become a buzzword in the last few years, and almost every organization now understands the need for intelligence to enable better protection in the organization. The intelligence function is decisive in the ability of the organization to be proactive in security, but what do we really know about establishing this function, and how can we tailor the function to our intelligence needs and our protection capabilities? In "Breaking the Intelligence Cycle", Ohad Zaidenberg, Threat Intelligence Strategic Leader and the founder of the CTI League, will review the steps that need to be taken to create this tailor-made function with considerations for the maturity level of the recipient stakeholders. Moreover, Ohad will present brand new methods for establishing PIRs and disseminating intelligence, especially for the medical sector. 

Return to Index    -    Add to    -    ics Calendar file

 

CLV - Saturday - 13:10-13:40 PDT


Title: BrokenbyDesign: Azure | Get started with hacking Azure
When: Saturday, Aug 13, 13:10 - 13:40 PDT
Where: Flamingo - Scenic Ballroom (Cloud Village) - Map
Speakers:Roy Stultiens,Ricardo Sanchez,Ricardo Sanchez,Siebren Kraak

SpeakerBio:Roy Stultiens
Roy Stultiens is a Security Cloud Specialist expert in serverless and containerized applications. He is a thought leader in Cloud and Kubernetes Security is one of the larger focused cybersecurity firms in the Netherlands. He has created several other training courses on these topics.

SpeakerBio:Ricardo Sanchez
Ricardo Sanchez is a Senior cloud security expert with 10+ years of experience in security. He is currently leading the Cloud Security Unit in one of the larger focused cybersecurity firms in the Netherlands.

SpeakerBio:Ricardo Sanchez
Ricardo is a senior security specialist with business development and consultant background and over 10 years of experience. He exceeds in translating business needs into technical needs, and vice versa. He is currently the Lead of the Cloud Business Unit of one of the most important Cyber Security companies of the Netherlands. On top of that, he wrote two books with international distribution, has two patent applications as main inventor.
Twitter: @ric_rojo

SpeakerBio:Siebren Kraak
Siebren Kraak is a Dutch full-stack Azure developer specializing in Security and Cloud and is currently a master's student at a university in The Netherlands.

Description:
Link to tool: https://www.brokenazure.cloud/

Because cloud and on-premise infrastructures are not alike, security analysts require a different skillset when assessing cloud infrastructure. There are multiple courses and exams that can be taken to learn how to work with and audit cloud environments. All these courses teach a global understanding of cloud security, but do not go in-depth due to all services having a different portal and setup. With this tool we will create security hacking training for the rapidly developing Azure space.

With this tool we will create security hacking training for the rapidly developing Azure space. We aim to breach the gap between theory and practice in a real secured Azure cloud environment. The software allows everyone that is trying to get into the field of cloud security to train their skills in the Azure space, with a Capture-the-Flag requiring multiple vulnerabilities that need to be exploited. All challenges are hosted online for free for anyone that wants to use the software. The challenges are beginner-friendly. The broken features are explained to give insight into why they exist and how they can be prevented. If the user is not able to figure out how to complete the challenge, additional hints (and eventually the answer) can be requested. The environment is built using the Infrastructure-As-Code language Terraform, which will all be open-source to allow other developers and security professionals to add new challenges and make the tool even better.


Return to Index    -    Add to    -    ics Calendar file

 

RFV - Saturday - 12:30-12:59 PDT


Title: Building a Modern Bluetooth Sniffer for SDRs
When: Saturday, Aug 13, 12:30 - 12:59 PDT
Where: Flamingo - Eldorado Ballroom (Radio Frequency Village) - Map

SpeakerBio:Mike Ryan
Mike Ryan is a wireless hacker who hacks. Whether you know him from his work on Ubertooth, hacking electric skateboards, or blowing BLE security wide open, it's clear Mike knows a thing or two about Bluetooth. He founded ICE9 Consulting in 2016 to serve the growing demand for expertise in Bluetooth, IoT, and embedded security.
Twitter: @mpeg4codec

Description:
ICE9 Bluetooth Sniffer is a brand new Bluetooth sniffer for SDRs. It can sniff BLE connections, including connections that have already been established. Join Mike as he explains the practical architecture of the sniffer (light-to-medium on SDR theory) and how it integrates with Wireshark. If you have a HackRF, BladeRF, or USRP you will want to see this talk.

Return to Index    -    Add to    -    ics Calendar file

 

ASV - Saturday - 10:00-10:25 PDT


Title: Building Your Own Satellite Ground Station
When: Saturday, Aug 13, 10:00 - 10:25 PDT
Where: Caesars Forum - Forum 112-117 (Aerospace Village) - Map

SpeakerBio:Eric Escobar
Eric is a seasoned pentester and a Security Principal Consultant at Secureworks. On a daily basis he attempts to compromise large enterprise networks to test their physical, human, network and wireless security. He has successfully compromised companies from all sectors of business including: Healthcare, Pharmaceutical, Entertainment, Amusement Parks, Banking, Finance, Technology, Insurance, Retail, Food Distribution, Government, Education, Transportation, Energy and Industrial Manufacturing.

His team consecutively won first place at DEF CON 23, 24, and 25's Wireless CTF, snagging a black badge along the way. Forcibly retired from competing in the Wireless CTF, he now helps create challenges!

Twitter: @EricEscobar

Description:
Are you interested in satellite communications? Would you like to help a growing community of ground station and satellite operators collect telemetry data? Well this is the talk for you. With some inexpensive hardware and a trip to your local hardware store, you too can create your very own satellite ground station. In this talk you’ll learn about hardware, radio propagation and how to get started receiving data from satellites on your own ground station

Return to Index    -    Add to    -    ics Calendar file

 

IOTV - Saturday - 10:00-13:59 PDT


Title: BURP Suite, Forensics Tools & 0-day Exploit Development.
When: Saturday, Aug 13, 10:00 - 13:59 PDT
Where: Caesars Forum - Alliance 311, 320 (IoT Village) - Map

SpeakerBio:Ken Pyle
No BIO available

Description:
These exercises will show how simple security flaws and exposures become critical, world wide exposures in systems like the Emergency Alert System and network infrastructure from Cisco & Dell. Recreate some of the most impactful kill chains ever, learn new IOT / appsec skills, enumerate a supply chain network with a text editor, and ""live off the land"" with a few simple free tools like BURP SUITE.

Return to Index    -    Add to    -    ics Calendar file

 

PSV - Saturday - 10:30-10:59 PDT


Title: Bypass 101
When: Saturday, Aug 13, 10:30 - 10:59 PDT
Where: Caesars Forum - Summit 201-202 (Physical Security Village) - Map

SpeakerBio:Karen Ng
As a founding member of the Physical Security Village, Karen has always been eager to spread awareness of physical security vulnerabilities. Karen works with GGR Security as a Security Risk Assessor.
Twitter: @hwenab

Description:
There are loads of ways to get through a door without actually attacking the lock itself, including using the egress hardware, access control hardware, and countless other techniques to gain entry. Learn the basics in this talk.

Return to Index    -    Add to    -    ics Calendar file

 

PSV - Saturday - 11:00-11:30 PDT


Title: Bypass 102
When: Saturday, Aug 13, 11:00 - 11:30 PDT
Where: Caesars Forum - Summit 201-202 (Physical Security Village) - Map

SpeakerBio:Karen Ng
As a founding member of the Physical Security Village, Karen has always been eager to spread awareness of physical security vulnerabilities. Karen works with GGR Security as a Security Risk Assessor.
Twitter: @hwenab

Description:
Now that you’re familiar with the techniques used to bypass locks in some door installation, come and learn the remediations for these common bypasses. In this talk, you will learn how to protect against or harden against attacks such as the Under the Door attack, latch slipping, and more.

Return to Index    -    Add to    -    ics Calendar file

 

BHV - Saturday - 16:00-16:30 PDT


Title: Call for Evidence: Informing the Biological Security Strategy
When: Saturday, Aug 13, 16:00 - 16:30 PDT
Where: Flamingo - Laughlin I,II,III (Biohacking Village) - Map

SpeakerBio:Mariam Elgabry
Mariam Elgabry, PhD is a Cyber Fellow at Yale University Law School with a PhD in Cyber- Biosecurity from the Dawes Centre for Future Crime and the Advanced Biochemical Engineering departments at UCL. Mariam’s background is in deep-tech and bioengineering, developed from leading award-winning projects in industrial settings, during her time at Astra Zeneca and Microsoft. Her work on biotechnology crime has been recognized by the UK Parliament Joint Committee for National Security and the United Nations. Mariam is founderof bronic (www.bronic.co), a security design platform for emerging technologies.
Twitter: @MariamElgabry11

Description:
Cyber-biosecurity is neither a biology-only nor a cyber-only challenge. As biotechnology continues to develop and the way that science is practiced evolves, so too does the nature of crime. In this talk, I will present a framework for mapping biotechnology crime and misuse opportunities with the aim to inform, influence and underpin evidence-based policymaking in the UK and abroad and, where relevant, to change organisational culture and practices, to improve national security.

Return to Index    -    Add to    -    ics Calendar file

 

CON - Saturday - 13:30-17:59 PDT


Title: Capture The Packet Main Rounds
When: Saturday, Aug 13, 13:30 - 17:59 PDT
Where: Caesars Forum - Academy 411-414, 420 (Packet Hacking Village) - Map

Description:
Capture The Packet is returning to DEF CON! Our legendary cyber defense competition has been a Black Badge contest for over 10 years! Glory and prizes await. Follow this event on Twitter at @Capturetp for the latest information on competition dates and times, as well as prizes.

Last round kicks off at 16:00


Return to Index    -    Add to    -    ics Calendar file

 

CON - Saturday - 10:30-11:59 PDT


Title: Capture The Packet Preliminaries
When: Saturday, Aug 13, 10:30 - 11:59 PDT
Where: Caesars Forum - Academy 411-414, 420 (Packet Hacking Village) - Map

Description:
Capture The Packet is returning to DEF CON! Our legendary cyber defense competition has been a Black Badge contest for over 10 years! Glory and prizes await. Follow this event on Twitter at @Capturetp for the latest information on competition dates and times, as well as prizes.

Last round for Friday kicks off at 16:00.


Return to Index    -    Add to    -    ics Calendar file

 

CPV - Saturday - 15:30-16:15 PDT


Title: Capturing Chaos: Harvesting Environmental Entropy
When: Saturday, Aug 13, 15:30 - 16:15 PDT
Where: Flamingo - Vista Ballroom (Crypto Privacy Village) - Map

SpeakerBio:Carey Parker
Carey Parker is an author, podcast host, educator and retired software engineer. He is a privacy advocate whose mission is educating the masses on the basics of personal cybersecurity and the dangers of surveillance capitalism, using entertaining analogies and minimizing technical jargon.

Description:
Much is made for the need for strong passwords and keys, but most cryptographic processes also require a source of entropy. While computers are excellent at doing what they're told, they suck at generating true randomness. Even when gathering high quality entropy, the pool can be quickly depleted with many processes invoking cryptographic functions in rapid succession. I will discuss why entropy is so important, give examples of randomness failures, and discuss techniques for generating high quality random values in low-cost embedded systems.

Return to Index    -    Add to    -    ics Calendar file

 

CON - Saturday - 10:00-17:30 PDT


Title: Car Hacking Village CTF
When: Saturday, Aug 13, 10:00 - 17:30 PDT
Where: Caesars Forum - Forum 124-128 (Car Hacking Village) - Map

Description:
The Car Hacking Village CTF is a fun interactive challenge which gives contestants first hand experience to interact with automotive technologies. We work with multiple automotive OE's and suppliers to ensure our challenges give a real-world experience to hacking cars. We understand car hacking can be expensive, so please come check out our village and flex your skills in hacking automotive technologies.

Return to Index    -    Add to    -    ics Calendar file

 

AIV - Saturday - 13:00-13:50 PDT


Title: CatPhish Automation - The Emerging Use of Artificial Intelligence in Social Engineering
When: Saturday, Aug 13, 13:00 - 13:50 PDT
Where: Caesars Forum - Summit 228->236 (AI Village) - Map

SpeakerBio:Justin Hutchens 
No BIO available

Description:
Infestations of bots on social network platforms is nothing new, but the sophistication of these bots have transformed dramatically in the past few years. In the recent past, it was fairly easy for any sensible person to recognize if they were talking to a bot. But that is rapidly changing as Artificial Intelligence (AI) solutions become more advanced and more accessible. During this presentation, the speaker will explore the increasing use of AI for automated social engineering within the context of social networks, and will show how AI chat bots can be leveraged to conduct phishing attacks, compromise credentials, or distribute malware. By using emerging technologies (to include Generative Adversarial Networks for generating non-searchable profile images, and deep-learning natural language processing models for simulating human intelligence), these bots can be used to consistently fool even the most vigilant of users.

Return to Index    -    Add to    -    ics Calendar file

 

BTV - Saturday - 15:00-15:59 PDT


Title: Challenges in Control Validation
When: Saturday, Aug 13, 15:00 - 15:59 PDT
Where: Flamingo - Savoy Ballroom - BTV Main Stage (In-person) - Map
Speakers:Kristen Cotten,AJ King,Jake Williams

SpeakerBio:Kristen Cotten
Kristen is a Cyber Threat Intelligence Analyst at SCYTHE. Prior to joining the herd she worked for the United States Department of the Army in various roles ranging from network and system administration to vulnerability management and cyber compliance. She has a penchant for solving technical puzzles, leaping from perfectly good airplanes (or cliffs), and finding the best local hole-in-the-wall restaurants. If you want to talk about foreign travel, sports nutrition, or why Episodes 4-6 are the only Star Wars movies that matter, she's your girl!

SpeakerBio:AJ King
No BIO available

SpeakerBio:Jake Williams
Jake Williams is the Executive Director of Cyber Threat Intelligence at SCYTHE. Williams is an IANS Faculty Member and also works as a SANS Analyst. He is a prolific speaker on topics in information security and has trained thousands of people on incident response, red team operations, reverse engineering, cyber threat intelligence, and other information security topics. Jake is the two time winner of the DC3 Digital Forensics Challenge, a recipient of the DoD Exceptional Civilian Service Award, and is one of only a handful of people to ever be certified as Master Network Exploitation Operator by the US Government.
Twitter: @MalwareJake

Description:
Sample panel questions may include:
How is control validation different from red teaming? Isn’t control validation just purple teaming? (it’s not) How do you recommend my organization starts its first control validation exercise? What’s you #1 recommendation for maturing a control validation program? What are methods for scaling control validation programs? How much validation is too much? When is the cost no longer justified?

Testing security controls is hard. Really hard. Every incident responder has lived with victims who are sure existing security controls should have prevented or detected the intrusion. While some organizations don’t do any security control validation, those that do understand the challenges. While red team operations allow for point-in-time validation, how are organizations dealing with control validations during product updates or configuration changes? By and large the answer is “they aren’t.” On this panel, we’ll discuss why control validation is difficult. Then we’ll discuss recommendations for scaling control validation operations in practically any organization.


Return to Index    -    Add to    -    ics Calendar file

 

SOC - Saturday - 09:00-17:59 PDT


Title: Chillout Lounge (with entertainment)
When: Saturday, Aug 13, 09:00 - 17:59 PDT
Where: Caesars Forum - Forum 120-123, 129, 137 (Chillout) - Map
Speakers:Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe

SpeakerBio:Rusty
No BIO available

SpeakerBio:djdead
No BIO available

SpeakerBio:Kampf
No BIO available

SpeakerBio:Merin MC
No BIO available

SpeakerBio:Pie & Darren
No BIO available

SpeakerBio:s1gnsofl1fe
No BIO available

Description:
The chillout lounge in Caesars Forum will have live music; all other chillout lounges will have music live-streamed from there.

All chillout lounges are planned to be open 09:00 - 18:00 for chillout purposes. Each may be open at other times for parties, meetups, etc.

Entertainment schedule:

09:00 to 12:00 - Pie & Darren
12:00 to 13:30 - Kampf
13:30 to 14:30 - s1gnsofl1fe
14:30 to 15:30 - Merin MC
15:30 to 16:30 - Rusty
16:30 to 18:00 - djdead


Return to Index    -    Add to    -    ics Calendar file

 

SOC - Saturday - 09:00-17:59 PDT


Title: Chillout Lounge (with entertainment)
When: Saturday, Aug 13, 09:00 - 17:59 PDT
Where: Flamingo - Carson City I (Chillout) - Map
Speakers:Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe

SpeakerBio:Rusty
No BIO available

SpeakerBio:djdead
No BIO available

SpeakerBio:Kampf
No BIO available

SpeakerBio:Merin MC
No BIO available

SpeakerBio:Pie & Darren
No BIO available

SpeakerBio:s1gnsofl1fe
No BIO available

Description:
The chillout lounge in Caesars Forum will have live music; all other chillout lounges will have music live-streamed from there.

All chillout lounges are planned to be open 09:00 - 18:00 for chillout purposes. Each may be open at other times for parties, meetups, etc.

Entertainment schedule:

09:00 to 12:00 - Pie & Darren
12:00 to 13:30 - Kampf
13:30 to 14:30 - s1gnsofl1fe
14:30 to 15:30 - Merin MC
15:30 to 16:30 - Rusty
16:30 to 18:00 - djdead


Return to Index    -    Add to    -    ics Calendar file

 

SOC - Saturday - 09:00-17:59 PDT


Title: Chillout Lounge (with entertainment)
When: Saturday, Aug 13, 09:00 - 17:59 PDT
Where: Flamingo - Reno I Ballroom (Chillout Lounge) - Map
Speakers:Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe

SpeakerBio:Rusty
No BIO available

SpeakerBio:djdead
No BIO available

SpeakerBio:Kampf
No BIO available

SpeakerBio:Merin MC
No BIO available

SpeakerBio:Pie & Darren
No BIO available

SpeakerBio:s1gnsofl1fe
No BIO available

Description:
The chillout lounge in Caesars Forum will have live music; all other chillout lounges will have music live-streamed from there.

All chillout lounges are planned to be open 09:00 - 18:00 for chillout purposes. Each may be open at other times for parties, meetups, etc.

Entertainment schedule:

09:00 to 12:00 - Pie & Darren
12:00 to 13:30 - Kampf
13:30 to 14:30 - s1gnsofl1fe
14:30 to 15:30 - Merin MC
15:30 to 16:30 - Rusty
16:30 to 18:00 - djdead


Return to Index    -    Add to    -    ics Calendar file

 

SOC - Saturday - 09:00-17:59 PDT


Title: Chillout Lounge (with entertainment)
When: Saturday, Aug 13, 09:00 - 17:59 PDT
Where: LINQ - 3rd flr - Chillout - Map
Speakers:Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe

SpeakerBio:Rusty
No BIO available

SpeakerBio:djdead
No BIO available

SpeakerBio:Kampf
No BIO available

SpeakerBio:Merin MC
No BIO available

SpeakerBio:Pie & Darren
No BIO available

SpeakerBio:s1gnsofl1fe
No BIO available

Description:
The chillout lounge in Caesars Forum will have live music; all other chillout lounges will have music live-streamed from there.

All chillout lounges are planned to be open 09:00 - 18:00 for chillout purposes. Each may be open at other times for parties, meetups, etc.

Entertainment schedule:

09:00 to 12:00 - Pie & Darren
12:00 to 13:30 - Kampf
13:30 to 14:30 - s1gnsofl1fe
14:30 to 15:30 - Merin MC
15:30 to 16:30 - Rusty
16:30 to 18:00 - djdead


Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 13:00-13:45 PDT


Title: Chromebook Breakout: Escaping Jail, with your friends, using a Pico Ducky
When: Saturday, Aug 13, 13:00 - 13:45 PDT
Where: Caesars Forum - Forum 104-105, 135-136 (Track 1) - Map

SpeakerBio:Jimi Allee , CEO @ Lost Rabbit Labs
With 30 years in the Information Security industry, Jimi Allee has successfully navigated through many roles within the Infosec landscape, including Network/System/Security Engineering, Threat Intel/Risk Analysis, Offensive Security, Red/Blue/Purple Teaming as well as Research & Development. A former member of the US National Video Game Team, Jimi’s passionate curiosity brings a gamer mentality to the world of Threat Research, Detection and Elimination. Jimi is currently the CEO of Lost Rabbit Labs, a Full-Spectrum Cybersecurity Services company that specializes in Collaborative Penetration Testing and Assessments.
Twitter: @jimi2x303

Description:
Learn how we used our Pico Ducky to escape Chromebook jail, rescue our friends along the way, and have some fun Living Off the Land! Leveraging a discovered (but previously disclosed) Command Injection vulnerability in the ChromeOS crosh shell, we rabbithole into the internal ChromeOS Linux system, obtain persistence across reboots, and exfiltrate user data even before Developer Mode has been enabled. Learn how to provision and utilize local services in order to perform Privilege Escalations, and also create a 'Master Key' with the Pico Ducky and custom GTFO 1-liners, in order to perform a full Chromebook Breakout!

Return to Index    -    Add to    -    ics Calendar file

 

ICSV - Saturday - 10:00-17:59 PDT


Title: CISA and Idaho National Lab Escape Room
When: Saturday, Aug 13, 10:00 - 17:59 PDT
Where: Caesars Forum - Alliance 314 - 319 (ICS Village) - ICS CISA Escape Room - Map

Description:
CISA and Idaho National Lab invite you to participate in an immersive Escape Room adventure to test your cybersecurity and infrastructure protection skills. This Escape Room will challenge you and your Team through a series of traditional time-bound Escape Room challenges mixed with cybersecurity elements. Participant’s skills will be confronted with cybersecurity puzzles involving wireless technologies, Open Source Intelligence (OSINT) analysis, database exploitation, network discovery, industrial control systems, cryptography, Arduino backed puzzles, and more. With the mix of traditional escape room puzzles, there is enough to do for everyone regardless of the level of their cyber skills. Come have fun while learning more about cybersecurity with CISA and Idaho National Lab.

** Swing by the ICS Village to reserve a time for your team. **

Escape Room Scenario: A disgruntled employee, Bob, has been plotting to bring down the company where he works. In retaliation for his perceived mistreatment, Bob has created an electromagnetic pulse device (EMP) to take out sensitive industrial control systems in the area. Thanks to a few diligent and observant company employees, Bob was taken into custody but not before the timer on the device could be activated! The EMP device has been armed and the clock is ticking. CISA needs your help in protecting our critical infrastructure by following the clues found in Bob’s office to help CISA to disarm the EMP device before it is too late.


Return to Index    -    Add to    -    ics Calendar file

 

MIV - Saturday - 12:30-13:15 PDT


Title: Cognitive Security in Theory and Practice
When: Saturday, Aug 13, 12:30 - 13:15 PDT
Where: Caesars Forum - Summit 221->236 (Misinformation Village) - Map

SpeakerBio:Sara-Jayne Terp
SJ Terp applies information security practices to defend against disinformation and other online harms, including extremism. She has run large incident responses, set up response systems for election- and health-based cognitive security around the world, advises companies on disinformation risk management, and has built a body of research and tools for running and operating cognitive security operations centres, including the DISARM (formerly AMITT) frameworks for rapidly sharing disinformation data. She teaches cybersecurity and cognitive security at the University of Maryland.

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

SEV - Saturday - 12:00-12:59 PDT


Title: Cold Calls
When: Saturday, Aug 13, 12:00 - 12:59 PDT
Where: LINQ - 3rd flr - Social A (Social Engineering Community) - Map

Description:
https://www.se.community/research-cold-calls/#coldcalls

Return to Index    -    Add to    -    ics Calendar file

 

PLV - Saturday - 14:00-15:45 PDT


Title: Confronting Reality in Cyberspace: Foreign Policy for a Fragmented Internet
When: Saturday, Aug 13, 14:00 - 15:45 PDT
Where: Caesars Forum - Summit 224-225 - Policy Collaboratorium - Map
Speakers:Guillermo Christensen,Jason Healey,Neal Pollard

SpeakerBio:Guillermo Christensen , Partner
No BIO available

SpeakerBio:Jason Healey , Senior Research Scholar
No BIO available

SpeakerBio:Neal Pollard , Ernst & Young
No BIO available

Description:
The global internet is in large part a creation of the United States. The internet’s basic structure—a reliance on the private sector and the technical community, relatively light regulatory oversight, and the protection of speech and the promotion of the free flow of information—reflected American values. Moreover, U.S. strategic, economic, political, and foreign policy interests were served by the global, open internet. But the United States now confronts a starkly different reality. The utopian vision of an open, reliable, and secure global network has not been achieved and is unlikely ever to be realized. Today, the internet is less free, more fragmented, and less secure.

The United States needs a new strategy that responds to what is now a fragmented and dangerous internet. The Council on Foreign Relations launched an independent task force to develop findings and recommendations for a new foreign policy for cyberspace. This session will seek input from the DEF CON community on specific foreign policy measures, to help guide Washington’s adaptation to today’s more complex, variegated, and dangerous cyber realm.

Come prepared to discuss topics, such as: Developing a digital privacy policy that is interoperable with Europe’s General Data Protection Regulation (GDPR); Building a coalition for open-source software; Developing coalition-wide practices for the Vulnerabilities Equities Process (VEP); Clean up U.S. cyberspace by offering incentives for internet service providers (ISPs) and cloud providers to reduce malicious activity within their infrastructure.


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 11:00-11:59 PDT


Title: Container and Kubernetes Offense
When: Saturday, Aug 13, 11:00 - 11:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map

SpeakerBio:Michael Mitchell
No BIO available

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 12:00-12:59 PDT


Title: Container and Kubernetes Offense
When: Saturday, Aug 13, 12:00 - 12:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map

SpeakerBio:Michael Mitchell
No BIO available

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 10:00-10:59 PDT


Title: Container and Kubernetes Offense
When: Saturday, Aug 13, 10:00 - 10:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map

SpeakerBio:Michael Mitchell
No BIO available

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

DL - Saturday - 14:00-15:55 PDT


Title: Control Validation Compass – Threat Modeling Aide & Purple Team Content Repo
When: Saturday, Aug 13, 14:00 - 15:55 PDT
Where: Caesars Forum - Caucus Boardroom (Demo Labs) - Map

SpeakerBio:Scott Small
Scott Small has over 10 years’ professional experience as a security & intelligence practitioner. Currently an analyst at a major retailer, Scott’s prior roles focused on advising security teams across maturity levels on technical and strategic applications of intelligence. Scott is an active member of the professional security & intelligence communities. In addition to speaking and contributing to community projects, he has launched two projects that aggregate and streamline publicly accessible intelligence/security resources, as well as authored his own original tools & resources.
Twitter: @IntelScott

Description:
Control Validation Compass ("Control Compass") provides a needed public resource that enables cyber security teams to actually operationalize MITRE ATT&CK for its best purpose: prioritized control validation. Control Compass unites tens of thousands of detection rules, offensive security scripts, and policy recommendations from 60+ open sources – all aligned with MITRE ATT&CK – into the largest single, continuously updated reference library for such content, wrapped in an easily searchable interface. This saves defenders, red teamers, and intel & GRC analysts serious time & effort when researching content for purple teaming efforts (aka control validation). Like its input components and sources, Control Compass resource sets are openly available to all, no strings attached. Control Compass supports a powerful second use case informed by its author’s experience advising security & intelligence teams across maturity levels: the tool also provides a library of unique, openly available threat landscape summaries organized by key adversary categories, including motivation, location, and victim industry. By enabling easy identification of relevant threat intelligence – and a simple UI-based workflow to instantly surface corresponding security controls – Control Compass greatly lowers the barrier to building accurate, intelligence-driven threat models and helps drive tighter control validation feedback loops around the threats that matter most to a given organization.

Audience: Intelligence analysts, SOC/blue team/defenders, red team/adversary emulation, GRC analysts


Return to Index    -    Add to    -    ics Calendar file

 

AVV - Saturday - 12:00-12:30 PDT


Title: Control Validation Compass: Intelligence for Improved Security Validation
When: Saturday, Aug 13, 12:00 - 12:30 PDT
Where: Flamingo - Scenic Ballroom (Adversary Village) - Map

SpeakerBio:Scott Small
Scott Small has over 10 years’ professional experience as a security & intelligence practitioner. Currently an analyst at a major retailer, Scott’s prior roles focused on advising security teams across maturity levels on technical and strategic applications of intelligence. Scott is an active member of the professional security & intelligence communities. In addition to speaking and contributing to community projects, he has launched two projects that aggregate and streamline publicly accessible intelligence/security resources, as well as authored his own original tools & resources.
Twitter: @IntelScott

Description:
Control Validation Compass ("CVC") is the hub for publicly accessible, operational cybersecurity resources. CVC unites a broad set of technical controls, offensive security tests, and governance resources around a common language for adversary behavior (MITRE ATT&CK). CVC allows intelligence analysts, defenders, and red teamers to instantly surface relevant detection rules, scripts, and policy controls across more than 30 repositories, reducing time and effort to strengthen, validate, and measure security posture.

Return to Index    -    Add to    -    ics Calendar file

 

CON - Saturday - 17:00-19:59 PDT


Title: Crash and Compile - Contest Stage
When: Saturday, Aug 13, 17:00 - 19:59 PDT
Where: Caesars Forum - Summit 206-208, 238, 237, 234 (Contest Area) - Map

Description:
What happens when you take an ACM style programming contest, smash it head long into a drinking game, throw in a mix of our most distracting helpers, then shove the resulting chaos incarnate onto a stage? You get the contest known as Crash and Compile.

Teams are given programming challenges and have to solve them with code. If your code fails to compile? Take a drink. Segfault? Take a drink. Did your code fail to produce the correct answer when you ran it? Take a drink. We set you against the clock and the other teams. And because our ""Team Distraction"" think watching people simply code is boring, they have taken it upon themselves to be creative in hindering you from programming, much to the enjoyment of the audience. At the end of the night, one team will have proven their ability, and walk away with the coveted Crash and Compile trophy.

Crash and Compile is looking for the top programmers to test their skills in our contest. Can you complete our challenges? Can you do so with style that sets your team ahead of the others? To play our game you must first complete our qualifying round. Gather your team and see if you have the coding chops to secure your place as one of the top teams to move on to the main contest.

Qualifications for Crash and Compile will take place Friday from 10am to 3pm on-site and online at https://crashandcompile.org.

You may have up to two people per team. (Having two people on a team is highly suggested)

Of the qualifiers, nine teams will move on to compete head to head on the contest stage.


Return to Index    -    Add to    -    ics Calendar file

 

CON - Saturday - 16:00-16:59 PDT


Title: Crash and Compile - Contestant Setup
When: Saturday, Aug 13, 16:00 - 16:59 PDT
Where: Caesars Forum - Summit 206-208, 238, 237, 234 (Contest Area) - Map

Description:
** Contestants who placed in qualifiers please show up at 4pm for setup. **

What happens when you take an ACM style programming contest, smash it head long into a drinking game, throw in a mix of our most distracting helpers, then shove the resulting chaos incarnate onto a stage? You get the contest known as Crash and Compile.

Teams are given programming challenges and have to solve them with code. If your code fails to compile? Take a drink. Segfault? Take a drink. Did your code fail to produce the correct answer when you ran it? Take a drink. We set you against the clock and the other teams. And because our ""Team Distraction"" think watching people simply code is boring, they have taken it upon themselves to be creative in hindering you from programming, much to the enjoyment of the audience. At the end of the night, one team will have proven their ability, and walk away with the coveted Crash and Compile trophy.

Crash and Compile is looking for the top programmers to test their skills in our contest. Can you complete our challenges? Can you do so with style that sets your team ahead of the others? To play our game you must first complete our qualifying round. Gather your team and see if you have the coding chops to secure your place as one of the top teams to move on to the main contest.

Qualifications for Crash and Compile will take place Friday from 10am to 3pm on-site and online at https://crashandcompile.org.

You may have up to two people per team. (Having two people on a team is highly suggested)

Of the qualifiers, nine teams will move on to compete head to head on the contest stage.


Return to Index    -    Add to    -    ics Calendar file

 

WS - Saturday - 14:00-17:59 PDT


Title: Creating and uncovering malicious containers.
When: Saturday, Aug 13, 14:00 - 17:59 PDT
Where: Harrah's - Elko (Workshops) - Map
Speakers:David Mitchell,Adrian Wood,Griffin Francis

SpeakerBio:David Mitchell , Red Team
David Mitchell, aka digish0, started his hacking career as a script kiddie running 7th Sphere in mIRC in high school. Later falling in with some Linux/RedHat nerds at a local 2600 group at college while studying CS, etc. He got into Linux, started an IT career, later rediscovering his hacking script kiddie roots when a local hacker space opened up and shared members with a lockpicking group that worked in infosec as penetration testers, etc where he discovered he could get paid to do the things he liked doing in high school/college. He now works professionally as a red team member and cyber security researcher at a large financial institution. The rest of the time he spends being a dad/husband, trying not to get injured in Muay Thai/BJJ or mountain biking, and listening to either very expensive or very cheap vinyl.

SpeakerBio:Adrian Wood , Security Researcher
Adrian Wood, aka threlfall, discovered a love for hacking from cracking and modding video games and from the encouragement of online friends. He has worked as a red team consultant for WHITEHACK, a company he founded, and later as a lead engineer for an offensive research team at a US bank, where he was very interested in appsec, container security, CI/CD security and also founded their bug bounty program. He currently works for Dropbox, working on application security. In his free time, he enjoys playing saxophone, working on vintage cars, and fly-fishing.

SpeakerBio:Griffin Francis , Security Research Consultant
Griffin Francis (@aussinfosec) is a lead information security research consultant at Wells Fargo. Previously having worked at Trustwave in Sydney, Australia. His interests are within Web Application security and Bug Bounty. His research has identified vulnerabilities in companies and organisations including Apple, Microsoft, Mozilla, Oracle, Riot Games & AT&T. When not at the computer, Griffin can be found attending music festivals and travelling.
Twitter: @aussinfosec

Description:
Containers are the future. Like it or not even the most technically conservative industries are shifting to them. What that means for the bad actors is they get access to an excellent delivery mechanism for malware deployment in organizations, offering a wide variety of detection avoidance and persistence mechanisms. Fear not protectors, containers also offer ways to detect these, but can be fraught with challenges. Whether you're red, blue or just container curious this workshop is for you.

In this workshop, you will get hands-on with containers and kubernetes, - starting with introductory content - learning how they work, where and how to hide or find things, how to identify indicators of compromise, indicators of attack, and how to apply analysis to gain a deeper understanding of container malware and what is going on inside containers.

This workshop will utilize the Google Cloud Platform alongside command line operands and a small amount of open source tooling to learn both offensive and defense techniques on containers. By the end, you’ll have a solid mental model of how containers work, how they are managed and deployed, and be equipped with the ability to analyze container images, identify problems, and identify familiar patterns. Ultimately, these skills will allow you to generate valuable insights for your organization’s defense or aid you in your next attack.

This is a fast-paced course designed to take you deep into the world of containers, making tooling like Kubernetes much more intuitive and easy to understand. Labs will be used to reinforce your learnings, and the course comes with very detailed notes and instructions for setup which you can repeat on your own time. This course will provide references to scripts that make certain tasks easier, but we will be challenging you to learn the process and reasoning behind them rather than relying on automation.

Attendees will be provided with all the lab material used in the course in digital format, including labs, guides and virtual machine setup.

Materials
A Google Cloud free tier account (basically a fresh gmail account), and an internet connected computer. We hope to send out instructions to attendees prior to the class, so they can be ready on the day.
Prereq
None, the class is well designed to allow those with little to no linux, kubernetes or cloud familiarity to follow along, but a basic familiarity with Linux and terminal will allow attendees to focus on the work.

Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 17:30-18:15 PDT


Title: Crossing the KASM -- a webapp pentest story
When: Saturday, Aug 13, 17:30 - 18:15 PDT
Where: Caesars Forum - Forum 106-110, 138-139 (Track 2) - Map
Speakers:Samuel Erb,Justin Gardner

SpeakerBio:Samuel Erb , Hacker
Samuel Erb is a 2x black badge winner with Co9 in the Badge Challenge and is working to make the Internet a safer place. He has also presented 3x previously at the Packet Hacking Village. Outside of hacking, you will likely find Sam in a climbing gym or on the side of a mountain.
Twitter: @erbbysam

SpeakerBio:Justin Gardner , Full-time Bug Bounty Hunter
Justin Gardner is a full-time bug bounty hunter who spent the last two years traveling around Japan with his wife Mariah, and is currently in the process of settling back down in Richmond, VA to adopt some kids and start a family. His expertise lies mostly in Web Hacking with a bug bounty focus, but he also has experience with Ethereum Smart Contract Auditing, Penetration Testing, and Mobile App Hacking. He hopes to pivot into binary exploitation over the next couple years as well.
Twitter: @Rhynorater

Description:
In this talk we will tell the story of an insane exploit we used to compromise the otherwise secure KASM Workspaces software. KASM Workspaces is enterprise software for streaming virtual workstations to end users built on top of Docker.

This talk will span python binary RE, header smuggling, configuration injection, docker networking and questionable RFC interpretation. We hope to show you a little bit of what worked and a lot a bit of what didn't work on our quest to exploit this heisenbug.


Return to Index    -    Add to    -    ics Calendar file

 

CPV - Saturday - 13:00-13:45 PDT


Title: Cryptle: a secure multi-party Wordle clone with Enarx
When: Saturday, Aug 13, 13:00 - 13:45 PDT
Where: Flamingo - Vista Ballroom (Crypto Privacy Village) - Map
Speakers:Tom Dohrmann,Nick Vidal,Richard Zak

SpeakerBio:Tom Dohrmann
Rust enthusiast and contributor to several open source projects, including the Enarx project.

SpeakerBio:Nick Vidal
Nick Vidal is the Community Manager of Profian and the Enarx project, which is part of the Confidential Computing Consortium from the Linux Foundation. Previously, he was the Director of Community and Business Development at the Open Source Initiative, Director of Americas at the Open Invention Network, and one of the community leaders of the Drupal project in Latin America

SpeakerBio:Richard Zak
After a decade of malware and machine learning research, and publishing several papers, Richard decided to switch gears and work on Enarx and Confidential Computing. He is also a part-time computer science instructor at a university. Outside of work, he enjoys working on open source projects, playing video games, and tinkering with various technologies. Website: https://rjzak.github.io/

Description:
Wordle is a popular web-based game, where a single player has to guess a five-letter word in six attempts, with yellow/green colored titles shown as hints in each round, indicating letters that match with the secret word.

We’ve created an open source clone of Wordle called Cryptle, with the goal of demonstrating data encryption in use, where the processing of the data is done in a Trusted Execution Environment (TEE), and only accessible to the Cryptle application.

Cryptle is similar to Wordle but one important difference is that it is multi-party and the secret words are suggested by the players themselves. Each player proposes words that are most likely to match those sent by others. The words are sent to the Cryptle application deployed and running in an Enarx Keep (a specific TEE instance) and are only revealed to the players when there’s a match between the secret words.

The standard way to engage with the game is for players to guess the secret words by playing Cryptle from the client side. However, we will also be allowing an alternative: players may write an open source application which runs with root privileges on the host side and attempts to derive or otherwise guess the secret words. Since Cryptle makes use of Confidential Computing, players shouldn't be able to read what's in memory, even with root access.

We'll provide an overview of an exploit of Enarx and we'll explain how we were able to fix it. Attendees will be invited to find new vulnerabilities as part of the Cryptle Hack Challenge.


Return to Index    -    Add to    -    ics Calendar file

 

BICV - Saturday - 11:00-11:45 PDT


Title: Cryptocurrency: A Bridge Across the Digital Divide
When: Saturday, Aug 13, 11:00 - 11:45 PDT
Where: Virtual - BIC Village

SpeakerBio:Stephanie Barnes
No BIO available

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

WS - Saturday - 09:00-12:59 PDT


Title: CTF 101: Breaking into CTFs (or “The Petting Zoo” - Breaking into CTFs)
When: Saturday, Aug 13, 09:00 - 12:59 PDT
Where: Harrah's - Silver (Workshops) - Map
Speakers:Robert Fitzpatrick,Chris Forte

SpeakerBio:Robert Fitzpatrick
Robert Fitzpatrick is a military veteran of over 19 years. He began his cyber life leading the Information Assurance office, and quickly moved up to run the Network Operations Center, as well as the Network Test and Evaluation center. He has built multiple operations centers in both homeland and austere locations, purchased satellite infrastructures, and led vulnerability investigations for classified networks. He is also a co-founder of DC702 and enjoys training new students on an eclectic array of subjects surrounding his interests.

SpeakerBio:Chris Forte , Security Researcher
Christopher Forte is a security researcher, technology enthusiast, and cybersecurity professional. With experience ranging from software development to physical red teaming, he is passionate about keeping security and various forms of engineering at the center of his focus. Christopher leads his local TOOOL chapter and is a co-founder of the DC702 group.
Twitter: @chris__forte

Description:
Breaking into the capture the flag (CTF) world can be daunting. With much of the world going virtual, many companies, organizations, and individuals are sponsoring capture the flag competitions and people are using these types of events, or various hacking platforms (e.g., Offensive Security's Proving Grounds or Hack The Box), to learn and practice new skills. Unfortunately, many feel overwhelmed when faced with these challenges or don't know where to start. This workshop will introduce the basics of CTFs and provide resources, tips, and fundamental skills that can be helpful when getting started.

This workshop will start with an overview of the CTF landscape, why we do them, and what value they have in the scope of the hacking community. This workshop will include various resources, a couple walkthroughs to show how to approach CTFs, and how it may differ from "real world" hacking challenges. Next, a short CTF will be hosted to give attendees hands-on experience solving challenges while being able to ask for help to successfully navigate the challenges. By the end of the workshop, the group will have worked through various types of CTF challenges, and have the confidence to participate in other CTFs hosted throughout the year.

Areas of focus will include:
* Common platforms and formats
* Overview of online resources
* Common tools used in CTFs and hacking challenges * Basics of web challenges
* Basics of binary exploitation and reversing challenges * Basics of cryptographic challenges
* Basics of forensic and network traffic challenges * Some ways of preparing for your next CTF / Hacking challenge

Materials
Laptop Debian-based Virtual Machine (e.g., Kali) is recommended, and USB install drives will be available Virtualized environment or Kali is not required but Kali will provide all the tools useful in solving the challenges and help standardize available tools. All challenge solutions will be possible using default Kali installations.
Prereq
Be curious about CTFs and have a very basic knowledge of or exposure to fundamental topics (e.g., Linux, websites, networking, data encoding and encryption) Exposure to the above concepts will help during the workshop defined CTF challenges but is not required for the workshop

Return to Index    -    Add to    -    ics Calendar file

 

PT - Monday - 09:00-16:59 PDT


Title: Customizable Binary Analysis: Using angr to its full potential
When: Monday, Aug 15, 09:00 - 16:59 PDT
Where: Caesars Forum - Map
Speakers:Fish Wang,Audrey Dutcher

SpeakerBio:Fish Wang
Fish Wang is an Assistant Professor at Arizona State University. He is extremely interested in demystifying all sorts of binary code, and his main research interests are software vulnerability discovery, automated exploit generation, and binary decompilation. Fish is a co-founder and a core maintainer of angr.
Twitter: @ltfish_

SpeakerBio:Audrey Dutcher
Audrey is a PhD student at Arizona State university. She loves reverse engineering, fruit, Celeste (2018), Python, Rust, and symbolic execution.
Twitter: @rhelmot

Description:
Latest details, requirements, description, cost: https://defcontrainings.myshopify.com/products/fish-wang-customizable-binary-analysis-using-angr-to-its-full-potential

Training description:

One of the most badass skills a hacker can possess is the ability to find and pwn vulnerabilities in binary software. This is enabled by a long history of complex tools: OllyDBG, SoftICE, IDA Pro, Binary Ninja, and now: angr. Built using cutting-edge techniques straight out of research labs around the world, angr enables analysts to swiftly carry out advanced reasoning over software to understand complex code and find the juicy hidden vulnerabilities within. While angr is arguably one of the most user-friendly binary analysis frameworks available on the market, it is never an easy task to use it to its full potential, especially when facing less common architectures (such as PowerPC), niche operating environments (bare-metal binaries or embedded architectures), or unique tasks (e.g., binary code optimization, exploit generation, efficient vulnerability discovery, etc.). To assist users, especially medium-level and professional reverse engineers to effectively and efficiently use angr in their daily work, we designed this two-day course focusing on the use of non-trivial capabilities that angr offers, as well as customizing angr’s advanced analyses for users’ needs. This course is extremely practical and hands-on: Besides a five-hour lecture, core angr developers will guide students to solve over ten specially crafted problems with angr. This course will focus on Linux userspace binaries (x86-64 and ARM), Windows userspace binaries (x86-64), and firmware images (ARM). After completing this course, students will master practical angr skills that will help them reverse engineer userspace binary programs and assess them for defects and vulnerabilities.


Return to Index    -    Add to    -    ics Calendar file

 

PT - Tuesday - 09:00-16:59 PDT


Title: Customizable Binary Analysis: Using angr to its full potential
When: Tuesday, Aug 16, 09:00 - 16:59 PDT
Where: Caesars Forum - Map
Speakers:Fish Wang,Audrey Dutcher

SpeakerBio:Fish Wang
Fish Wang is an Assistant Professor at Arizona State University. He is extremely interested in demystifying all sorts of binary code, and his main research interests are software vulnerability discovery, automated exploit generation, and binary decompilation. Fish is a co-founder and a core maintainer of angr.
Twitter: @ltfish_

SpeakerBio:Audrey Dutcher
Audrey is a PhD student at Arizona State university. She loves reverse engineering, fruit, Celeste (2018), Python, Rust, and symbolic execution.
Twitter: @rhelmot

Description:
Latest details, requirements, description, cost: https://defcontrainings.myshopify.com/products/fish-wang-customizable-binary-analysis-using-angr-to-its-full-potential

Training description:

One of the most badass skills a hacker can possess is the ability to find and pwn vulnerabilities in binary software. This is enabled by a long history of complex tools: OllyDBG, SoftICE, IDA Pro, Binary Ninja, and now: angr. Built using cutting-edge techniques straight out of research labs around the world, angr enables analysts to swiftly carry out advanced reasoning over software to understand complex code and find the juicy hidden vulnerabilities within. While angr is arguably one of the most user-friendly binary analysis frameworks available on the market, it is never an easy task to use it to its full potential, especially when facing less common architectures (such as PowerPC), niche operating environments (bare-metal binaries or embedded architectures), or unique tasks (e.g., binary code optimization, exploit generation, efficient vulnerability discovery, etc.). To assist users, especially medium-level and professional reverse engineers to effectively and efficiently use angr in their daily work, we designed this two-day course focusing on the use of non-trivial capabilities that angr offers, as well as customizing angr’s advanced analyses for users’ needs. This course is extremely practical and hands-on: Besides a five-hour lecture, core angr developers will guide students to solve over ten specially crafted problems with angr. This course will focus on Linux userspace binaries (x86-64 and ARM), Windows userspace binaries (x86-64), and firmware images (ARM). After completing this course, students will master practical angr skills that will help them reverse engineer userspace binary programs and assess them for defects and vulnerabilities.


Return to Index    -    Add to    -    ics Calendar file

 

ICSV - Saturday - 13:30-13:59 PDT


Title: Cyber Physical Lab Environment for Maritime Cyber Security
When: Saturday, Aug 13, 13:30 - 13:59 PDT
Where: Caesars Forum - Alliance 314 - 319 (ICS Village) - Map

SpeakerBio:Wesley Andrews , Industrial Research Associate and Project Engineer
I have Masters in Electronics Engineering and have many years of professional and personal experience with electronics engineering and product development. I currently work as an industrial research associate and the lead engineer for the Cyber-SHIP lab at the University of Plymouth, I also have some experience within cyber security and an interest in aerospace engineering and physics.

Description:
This will be a discussion about the Cyber-SHIP lab, a Cyber-Physical lab environment and hardware testbed, currently being developed at the University of Plymouth to help prevent Maritime Cyber-attacks. The talk will focus on the facilities capabilities, research aims and current development progress, as well as some details on current research projects.

Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 10:00-10:59 PDT


Title: Cyber Resilience Bootcamp
When: Saturday, Aug 13, 10:00 - 10:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map

SpeakerBio:Ron Taylor
No BIO available
Twitter: @Gu5G0rman

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 11:00-11:59 PDT


Title: Cyber Resilience Bootcamp
When: Saturday, Aug 13, 11:00 - 11:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map

SpeakerBio:Ron Taylor
No BIO available
Twitter: @Gu5G0rman

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 13:00-13:59 PDT


Title: Cyber Resilience Bootcamp
When: Saturday, Aug 13, 13:00 - 13:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map

SpeakerBio:Ron Taylor
No BIO available
Twitter: @Gu5G0rman

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 16:00-16:59 PDT


Title: Cyber Resilience Bootcamp
When: Saturday, Aug 13, 16:00 - 16:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map

SpeakerBio:Ron Taylor
No BIO available
Twitter: @Gu5G0rman

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

ASV - Saturday - 11:00-11:50 PDT


Title: Cyber Threats Against Aviation Systems: The Only Threat Briefing You Really Need
When: Saturday, Aug 13, 11:00 - 11:50 PDT
Where: Caesars Forum - Forum 112-117 (Aerospace Village) - Map

SpeakerBio:Teresa Merklin , Fellow attached to the Aeronautics Cyber Range
Teresa Merklin is a Fellow attached to the Aeronautics Cyber Range at Lockheed Martin. That facility is chartered to perform highly specialized cybersecurity testing and evaluation of embedded avionics and weapons systems. She specializes in Cyber Risk Assessment across the Aeronautics portfolio.

Description:
Developing and maintaining Aerospace systems for cyber resilient operation requires knowledge and insight into adversarial techniques and tactics. The historical origins of cyber risk assessment and cyber development standards center around an understanding of the threat actors who perpetrate attacks on Aerospace systems. This presentation cuts through the historical origins of that focus so developers and operators of aviation systems, space systems, and critical infrastructure can leverage that insight into effective adversarial targeting, capabilities required, and cyber effects that align with intent. Finally this talk describes specific actionable analysis that can help industry drive toward more cyber resilient Aerospace systems and get “Left of Boom” of adversarial cyber-attack.

Return to Index    -    Add to    -    ics Calendar file

 

APV - Saturday - 10:00-10:59 PDT


Title: Cypher Query Injection - the new "SQL Injection" we aren't aware of
When: Saturday, Aug 13, 10:00 - 10:59 PDT
Where: Flamingo - Twilight Ballroom - AppSec Village - Main Stage - Map

SpeakerBio:Noy Pearl
Noy is a Security Researcher with the focus on web and mobile security. Noy has contributed to the OWASP AppSec CTF team as a challenge creator and is interested in everything that the security world has to offer.

Description:
How often do you hear about injections? Probably a lot. Probably most of them are familiar to you and chances are that you are tired of hearing about another SQL injection that was recently found. Graph Databases (e.g. Neo4j, RedisGraph, Amazon Neptune) which are becoming increasingly popular don’t use SQL, but you can still achieve an injection and even go beyond that. In this presentation, we talk about how to inject into Cypher queries and attack modern graph databases. We talk about escalating our attack to perform SSRF against other machines as well, causing Denial of Service and going far beyond a trivial injection in Cypher Query - all by simply injecting into Cypher queries..

Return to Index    -    Add to    -    ics Calendar file

 

PLV - Saturday - 19:00-21:59 PDT


Title: D0 N0 H4RM: A Healthcare Security Conversation (Lounge)
When: Saturday, Aug 13, 19:00 - 21:59 PDT
Where: Caesars Forum - Summit 226-227 - Policy Roundtable - Map
Speakers:Jessica Wilkerson,Christian "quaddi" Dameff MD,Jeff “r3plicant” Tully MD,Alissa Knight,Seeyew Mo

SpeakerBio:Jessica Wilkerson , Cyber Policy Advisor at the US Food and Drug Administration FDA
No BIO available

SpeakerBio:Christian "quaddi" Dameff MD , Emergency Medicine Physician & Hacker at The University of California San Diego
Christian (quaddi) Dameff MD is an Assistant Professor of Emergency Medicine, Biomedical Informatics, and Computer Science (Affiliate) at the University of California San Diego. He is also a hacker, former open capture the flag champion, and prior DEF CON/RSA/Blackhat/HIMSS speaker. Published works include topics such as therapeutic hypothermia after cardiac arrest, novel drug targets for myocardial infarction patients, and other Emergency Medicine related works. Published security research topics including hacking critical healthcare infrastructure, medical devices and the effects of malware on patient care. This is his eighteenth DEF CON.
Twitter: @CDameffMD

SpeakerBio:Jeff “r3plicant” Tully MD , Anesthesiologist at The University of California San Diego
Jeff (r3plicant) Tully is a security researcher with an interest in understanding the ever-growing intersections between healthcare and technology. His day job focuses primarily on the delivery of oxygen to tissues.
Twitter: @JeffTullyMD

SpeakerBio:Alissa Knight , Hacker & principal analyst at Alissa Knight & Associates
No BIO available

SpeakerBio:Seeyew Mo , Senior Cybersecurity, Tech, National Security Fellow
No BIO available

Description:
Hackers in healthcare have come a long way from the days of the Manifesto. There is no longer apathy amongst the powerful - baby food has been replaced with steak. Hackers are making medical devices safer for patients. Hackers are protecting hospitals from ransomware. Hackers are writing policy and guiding regulation. This is cause for celebration- and where better to throw down than DEF CON 30?

Let’s face it- the last couple of years have been doom and gloom, and while attacks on hospitals continue to increase at record pace, and the promise of new medical technologies is equally matched with some terrifying security implications (Neuralink, call us), we really do need to stand back and appreciate where we’ve come from, because only then can we put into perspective what we still need to do.

D0 No H4rm returns to DEF CON to once again give you the chance to interface directly with some of the biggest names in a domain that just keeps growing in importance. Moderated by physician hackers quaddi and r3plicant, this perennially packed event - with a heavily curated panel of policy badasses, elite hackers, and seasoned clinicians - always fills up fast. So if you want to protect patients, build a safer and more resilient healthcare system, and meet some incredible new friends, then join us. And welcome home.


Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 15:00-15:20 PDT


Title: Déjà Vu: Uncovering Stolen Algorithms in Commercial Products
When: Saturday, Aug 13, 15:00 - 15:20 PDT
Where: Caesars Forum - Forum 104-105, 135-136 (Track 1) - Map
Speakers:Patrick Wardle,Tom McGuire

SpeakerBio:Patrick Wardle , Founder, Objective-See Foundation
Patrick Wardle is the creator of the non-profit Objective-See Foundation, author of the “The Art of Mac Malware” book series, and founder of the “Objective by the Sea” macOS Security conference.

Having worked at NASA and the NSA, as well as presenting at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy.

Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0days, analyzing macOS malware, and writing free open-source security tools to protect Mac users.

Twitter: @patrickwardle

SpeakerBio:Tom McGuire
Tom has been working in the security industry since the late 90s. He is the CTO of a cybersecurity firm and an Instructor at Johns Hopkins University where he teaches Reverse Engineering, OS Security, Cryptology and Cyber Risk Management. He loves his family, all things security, biotech and the Red Sox!

Description:
In an ideal world, members of a community work together towards a common goal or greater good. Unfortunately, we do not (yet) live in such a world.

In this talk, we discuss what appears to be a systemic issue impacting our cyber-security community: the theft and unauthorized use of algorithms by corporate entities. Entities who themselves may be part of the community.

First, we’ll present a variety of search techniques that can automatically point to unauthorized code in commercial products. Then we’ll show how reverse-engineering and binary comparison techniques can confirm such findings.

Next, we will apply these approaches in a real-world case study. Specifically, we’ll focus on a popular tool from a non-profit organization that was reverse-engineered by multiple entities such that its core algorithm could be recovered and used (unauthorized), in multiple commercial products.

The talk will end with actionable takeaways and recommendations, as who knows, this may happen to you too! For one, we'll present strategic approaches (and the challenges) of confronting culpable commercial entities (and their legal teams). Moreover, we’ll provide recommendations for corporations to ensure this doesn’t happen in the first place, thus ensuring that our community can remain cohesively focused on its mutual goals.


Return to Index    -    Add to    -    ics Calendar file

 

SKY - Saturday - 16:00-16:50 PDT


Title: Dancing Around DRM
When: Saturday, Aug 13, 16:00 - 16:50 PDT
Where: LINQ - BLOQ (SkyTalks 303) - Map
Speakers:ギンジー🐾ターラノー ,Game Tech Chris

SpeakerBio:ギンジー🐾ターラノー
No BIO available
Twitter: @lobstar85

SpeakerBio:Game Tech Chris
No BIO available
Twitter: @gtc

Description:
After losing hundreds of pounds playing dance dance revolution (seriously, over 300 pounds down!), it was discovered that this game had suicide DRM - when the hard drive dies, it's game over; You could not get it repaired! Two friends set out on a journey to tear the game apart and find a way to keep dancing after the components have sunset. This is the story of how this game (and others that used the same protection scheme) was saved without fully needing to break their entire DRM scheme!

This talk will go over the hardware and software combination approach we used to combat a notorious DRM scheme and preserve a series of arcade games. The protection is employed in commercial and consumer environments and this trick has been used to preserve not only these, but many other digital games from extinction.


Return to Index    -    Add to    -    ics Calendar file

 

CON - Saturday - 10:00-19:59 PDT


Title: DARKNET-NG
When: Saturday, Aug 13, 10:00 - 19:59 PDT
Where: Caesars Forum - Summit 206-208, 238, 237, 234 (Contest Area) - Map

Description:
Darknet-NG is an In-Person Massively Multiplayer Online Role Playing Game (MMO-RPG), where the players take on the Persona of an Agent who is sent on Quests to learn real skills and gain in-game points. If this is your first time at DEF CON, this is a great place to start, because we assume no prior knowledge. Building from basic concepts, we teach agents about a range of topics from Lock-picking, to using and decoding ciphers, to Electronics 101, just to name a few, all while also helping to connect them to the larger DEF CON Community. The “Learning Quests” help the agent gather knowledge from all across the other villages at the conference, while the “Challenge Quests” help hone their skills! Sunday Morning there is a BOSS FIGHT where the Agents must use their combined skills as a community and take on that year’s challenge! There is a whole skill tree of personal knowledge to obtain, community to connect with and memories to make! To get started, check out our site https://darknet-ng.network and join our growing Discord Community!

Return to Index    -    Add to    -    ics Calendar file

 

CON - Saturday - 10:00-19:59 PDT


Title: DC30 Ham Radio Fox Hunt Contest
When: Saturday, Aug 13, 10:00 - 19:59 PDT
Where: Caesars Forum - Summit 206-208, 238, 237, 234 (Contest Area) - Map

Description:
In the world of amateur radio, groups of hams will often put together a transmitter hunt (also called “fox hunting”) in order to hone their radio direction finding skills to locate one or more hidden radio transmitters broadcasting. The Defcon Ham Radio Fox Hunt will require participants to locate a number of hidden radio transmitters broadcasting at very low power which are hidden throughout the conference. A map with rough search areas will be given to participants to guide them on their hunt. Additional hints and tips will be provided throughout Defcon at the contest table to help people who find themselves stuck. This contest is designed to be an introduction to ham radio fox hunting and as such will be simple to participate in and all people who participate will be guided towards successful completion!

Friday: 10:00-20:00
Saturday: 10:00-20:00


Return to Index    -    Add to    -    ics Calendar file

 

ICSV - Saturday - 10:00-17:59 PDT


Title: DDS Hack-the-Microgrid
When: Saturday, Aug 13, 10:00 - 17:59 PDT
Where: Caesars Forum - Alliance 314 - 319 (ICS Village) - ICS Workshop Area - Map

Description:
Microgrids are pretty high maintenance, and like satellites, primarily built for survivability, not security. As the Department of Defense marches toward deploying microgrids at scale to shore up mission resilience in response to the challenges presented by climate change, hackers are gonna hack.

In this lab, you’ll learn the basics of microgrid design – from what they are, how they work, and how they regulate themselves. Then, you’ll be able to use this knowledge to then attempt to take over and shut down a mock microgrid by hacking its weather data system and sensor input network to generate chaos.

(first-come-first-seated kind of event, essentially when a seat is free you are allowed to join)


Return to Index    -    Add to    -    ics Calendar file

 

DDV - Saturday - 10:00-16:59 PDT


Title: DDV open and accepting drives for duplication
When: Saturday, Aug 13, 10:00 - 16:59 PDT
Where: Flamingo - Exec Conf Ctr - Lake Meade and Valley of Fire (Data Duplication Village) - Map

Description:
We reopen and accept drives until we reach capacity (usually late Friday or early Saturday).  Then we copy and copy all the things until we just can't copy any more - first come, first served.  We run around the clock until we run out of time on Sunday morning with the last possible pickup being before 11:00am on Sunday.

Return to Index    -    Add to    -    ics Calendar file

 

BICV - Saturday - 12:00-12:30 PDT


Title: Decolonizing Cybersecurity
When: Saturday, Aug 13, 12:00 - 12:30 PDT
Where: Virtual - BIC Village

SpeakerBio:Birhanu Eshete
No BIO available

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

CON - Saturday - 15:00-15:30 PDT


Title: DEF CON 30 Chess Tournament - Mandatory Sign-up
When: Saturday, Aug 13, 15:00 - 15:30 PDT
Where: Caesars Forum - Forum 133 (Karaoke/Chess) - Map

Description:
** If you wish to compete in the Chess Tournament, you must register Saturday between 15:00 and 15:30. **

Chess, computers, and hacking go way back. In the 18th century, the Mechanical Turk appeared to play a good game, but there was a human ghost hiding in the shell. Some of the first computer software was written to play chess. In 1997, world champion Garry Kasparov lost to the program Deep Blue, but after the match he accused IBM of cheating, alleging that only a rival grandmaster could have made certain moves.

At DEF CON 30, we propose to host a human chess tournament. The games will have a “blitz” time control of 5 minutes on each player’s clock, for a maximum total game time of 10 minutes. The tournament will have a Swiss-system format, with a fixed number of rounds. The match pairing for each round is done after the previous round has ended, and depends on its results. Each player is paired with another player who has a similar running score.

To determine the winner, the Swiss system is considered highly effective, even when there is a large number of competitors and a small number of rounds. Every player gets to play the full tournament, and the winner has the highest aggregate score when all rounds are over.

We’ll also have a top computer chess program on hand. There will be prizes for the winners of the tournament, as well as anyone who can beat the machine.

The tournament mechanics will be managed by the Las Vegas Chess Center (LVCC), which has over five years of experience in organizing royal game tournaments for all strength levels and ages. LVCC has professional coaches, and grandmasters are frequent visitors.

Does your contest or event plan to have a pre-qualifier?

To help crown the best chess player at DEF CON 30, we will register the highest-rated players first. We did this at DEF CON 26. In the end, everyone who wanted to play was able to play.


Return to Index    -    Add to    -    ics Calendar file

 

CON - Saturday - 15:30-17:30 PDT


Title: DEF CON 30 Chess Tournament
When: Saturday, Aug 13, 15:30 - 17:30 PDT
Where: Caesars Forum - Forum 133 (Karaoke/Chess) - Map

Description:
Chess, computers, and hacking go way back. In the 18th century, the Mechanical Turk appeared to play a good game, but there was a human ghost hiding in the shell. Some of the first computer software was written to play chess. In 1997, world champion Garry Kasparov lost to the program Deep Blue, but after the match he accused IBM of cheating, alleging that only a rival grandmaster could have made certain moves.

At DEF CON 30, we propose to host a human chess tournament. The games will have a “blitz” time control of 5 minutes on each player’s clock, for a maximum total game time of 10 minutes. The tournament will have a Swiss-system format, with a fixed number of rounds. The match pairing for each round is done after the previous round has ended, and depends on its results. Each player is paired with another player who has a similar running score.

To determine the winner, the Swiss system is considered highly effective, even when there is a large number of competitors and a small number of rounds. Every player gets to play the full tournament, and the winner has the highest aggregate score when all rounds are over.

We’ll also have a top computer chess program on hand. There will be prizes for the winners of the tournament, as well as anyone who can beat the machine.

The tournament mechanics will be managed by the Las Vegas Chess Center (LVCC), which has over five years of experience in organizing royal game tournaments for all strength levels and ages. LVCC has professional coaches, and grandmasters are frequent visitors.

Does your contest or event plan to have a pre-qualifier?

To help crown the best chess player at DEF CON 30, we will register the highest-rated players first. We did this at DEF CON 26. In the end, everyone who wanted to play was able to play.


Return to Index    -    Add to    -    ics Calendar file

 

CON - Saturday - 10:00-17:59 PDT


Title: DEF CON’s Next Top Threat Model
When: Saturday, Aug 13, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit 206-208, 238, 237, 234 (Contest Area) - Map

Description:
Threat Modeling is arguably the single most important activity in an application security program and if performed early can identify a wide range of potential flaws before a single line of code has been written. While being so critically important there is no single correct way to perform Threat Modeling, many techniques, methodologies and/or tools exist.

As part of our challenge we will present contestants with the exact same design and compare the outputs they produce against a number of categories in order to identify a winner and crown DEF CON’s Next Top Threat Model(er).


Return to Index    -    Add to    -    ics Calendar file

 

RFV - Saturday - 10:00-17:59 PDT


Title: DEFCON Demonstrations and Presentations by Open Research Institute at RF Village
When: Saturday, Aug 13, 10:00 - 17:59 PDT
Where: Flamingo - Eldorado Ballroom (Radio Frequency Village) - Map

SpeakerBio:Open Research Institute
No BIO available
Twitter: @OpenResearchIns

Description:
Opulent Voice Opulent Voice is an open source high bitrate digital voice (and data) protocol. It's intended to be useful for both space and terrestrial deployments. We’re getting nice clear 16kbps OPUS audio out of the demodulator. See and hear a demonstration at the ORI exhibit in RF Village. We’ll be using COBS protocol within Opulent Voice. If you’re unfamiliar with COBS, please read about it here: https://en.wikipedia.org/wiki/Consistent_Overhead_Byte_Stuffing Authentication and authorization is built in and optional. There is no separate “packet mode”. Things are designed to “just work” and get out of your way whether or not you’re sending voice or data. Based on Mobilinkd codebase that implemented M17, the Opulent Voice development implementation can be found here: https://github.com/phase4ground/opv-cxx-demod Authentication and Authorization functions will be summarized in a poster presentation. Find out more about this work here: https://github.com/phase4ground/documents/tree/master/Engineering/AAAAA Ribbit Ribbit is an open source SMS data mode that leverages smart phone hardware. The free Android app produces digital audio that you transmit over your HT or any other audio coupled device. There will be poster explaining the architecture and you can pick up a Ribbit sticker with QR code for the free Android app at ORI's exhibit in RF Village. Regulatory Interested in being able to do more with open source satellites? We have some landmark regulatory results that solve a big problem for those of us in the US that have wanted to do open source satellite work without fear. See our poster in RF Village and find out more at the following link: https://github.com/phase4ground/documents/tree/master/Regulatory OpenRTX OpenRTX is a team based in Italy that specializes in open source firmware for a variety of platforms in the VHF/UHF digital voice world. They work on DMR and M17 implementations for the MD-380, and more. Pick up a business card and see a demonstration of OpenRTX's work at ORI's exhibit in RF Village. Tiny CTF We'll have the World's Smallest Wireless CTF! Come and find it and get a mission patch for successful solves of the challenge. More! There's plenty more. If you see a Volcano and friendly people, you've found the right place.

Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 16:30-17:15 PDT


Title: Defeating Moving Elements in High Security Keys
When: Saturday, Aug 13, 16:30 - 17:15 PDT
Where: Caesars Forum - Alliance 301-309, 321 (Track 4) - Map

SpeakerBio:Bill Graydon , Principal, Physical Security Analytics, GGR Security
Bill Graydon is a principal researcher at GGR Security, where he hacks everything from locks and alarms to critical infrastructure; this has given him some very fine-tuned skills for breaking stuff. He’s passionate about advancing the security field through research, teaching numerous courses, giving talks, and running DEF CON’s Lock Bypass Village. He’s received various degrees in computer engineering, security, and forensics and comes from a broad background of work experience in cyber security, anti-money laundering, and infectious disease detection.
Twitter: @access_ctrl

Description:
A recent trend in high security locks is to add a moving element to the key: this prevents casting, 3D printing and many other forms of unauthorised duplication. Pioneered by the Mul-T-Lock Interactive locks, we see the technique used in recent Mul-T-Lock iterations, the Abloy Protec 2 and most recently, the Medeco M4, which is only rolling out to customers now.

We have identified a major vulnerability in this technology, and have developed a number of techniques to unlock these locks using a key made from a solid piece of material, which defeats all of the benefits of an interactive key. I’ll demonstrate how it can be applied to Mul-T-Lock Interactive, Mul-T-Lock MT5+ and the Medeco M4, allowing keys to be duplicated by casting, 3D printing and more. I’ll also cover other techniques to defeat moving elements in a key, such as printing a compliant mechanism and printing a captive element directly. With this talk, we’re also releasing a web application for anyone to generate 3D printable files based on this exploit. Finally, I’ll also discuss the responsible disclosure process, and working with the lock manufacturers to patch the vulnerability and mitigate the risk.


Return to Index    -    Add to    -    ics Calendar file

 

PT - Monday - 09:00-16:59 PDT


Title: Defender's Guide to Securing Public Cloud Infrastructures
When: Monday, Aug 15, 09:00 - 16:59 PDT
Where: Caesars Forum - Map

SpeakerBio:Abhinav Singh
Abhinav Singh is a cybersecurity researcher with close to a decade long experience working for global leaders in security technology, financial institutions and as an independent trainer/consultant. He is the author of Metasploit Penetration Testing Cookbook (first, second & third editions) and Instant Wireshark Starter, by Packt. He is an active contributor to the security community in the form of patents, open-source tools, paper publications, articles, and blogs. His work has been quoted in several security and privacy magazines, and digital portals. He is a frequent speaker at eminent international conferences like Black Hat, RSA & Defcon. His areas of expertise include malware research, reverse engineering, enterprise security, forensics, and cloud security.

Description:
Latest details, requirements, description, cost: https://defcontrainings.myshopify.com/products/abhinav-singh-defenders-guide-to-securing-public-cloud-infrastructures

Training description:

This training focuses on elevating your threat detection, investigations, and response knowledge into the cloud. This hands-on training simulates real-life attack scenarios on cloud infrastructure & applications. It then teaches you to build your own defensive tools against such attacks by using cloud native services on AWS. This makes it an ideal class for red & blue teams.


Return to Index    -    Add to    -    ics Calendar file

 

PT - Tuesday - 09:00-16:59 PDT


Title: Defender's Guide to Securing Public Cloud Infrastructures
When: Tuesday, Aug 16, 09:00 - 16:59 PDT
Where: Caesars Forum - Map

SpeakerBio:Abhinav Singh
Abhinav Singh is a cybersecurity researcher with close to a decade long experience working for global leaders in security technology, financial institutions and as an independent trainer/consultant. He is the author of Metasploit Penetration Testing Cookbook (first, second & third editions) and Instant Wireshark Starter, by Packt. He is an active contributor to the security community in the form of patents, open-source tools, paper publications, articles, and blogs. His work has been quoted in several security and privacy magazines, and digital portals. He is a frequent speaker at eminent international conferences like Black Hat, RSA & Defcon. His areas of expertise include malware research, reverse engineering, enterprise security, forensics, and cloud security.

Description:
Latest details, requirements, description, cost: https://defcontrainings.myshopify.com/products/abhinav-singh-defenders-guide-to-securing-public-cloud-infrastructures

Training description:

This training focuses on elevating your threat detection, investigations, and response knowledge into the cloud. This hands-on training simulates real-life attack scenarios on cloud infrastructure & applications. It then teaches you to build your own defensive tools against such attacks by using cloud native services on AWS. This makes it an ideal class for red & blue teams.


Return to Index    -    Add to    -    ics Calendar file

 

DL - Saturday - 12:00-13:55 PDT


Title: Defensive 5G
When: Saturday, Aug 13, 12:00 - 13:55 PDT
Where: Caesars Forum - Council Boardroom (Demo Labs) - Map
Speakers:Eric Mair,Ryan Ashley

SpeakerBio:Eric Mair
Eric Mair has been working in wireless communications for over 20 years and is currently working for In- Q-Tel Labs in Arlington, VA as a senior communications-technologist focusing on 5G, SDR and the application of machine-learning to RF communications. Prior to IQT he was with the US Government for 19 years.

SpeakerBio:Ryan Ashley
Ryan Ashley is currently a senior software-engineer at In-Q-Tel Labs. He is responsible for architecture, design, and implementation of open-source tools for analysis and visualization of network activity and other cyber-security use-cases. He is the primary maintainer of the IQT-Labs project NetworkML, and is a contributor to various other open-source projects.

Description:
In this work we developed a 4.5G/5G network using only commercial off the shelf (COTS) hardware and open-source software to serve as test-infrastructure for studying vulnerabilities in 5G networks. We are using software defined networking (SDN) tools such as Faucet and Dovesnap and software defined radio(SDR) capabilities such as Open5gs and srsRAN along with Docker Containers to facilitate the rapid and reliable setup and configuration of network topologies that can be used to represent the 5G networks that we intend to test. By having a configurable and repeatable mechanism that could be shared among multiple users with differing hardware setups we were able to test 5G network configurations in a variety of ways and have those results validated by other team members.

Audience: Target Audience: Network Defense and Attack, 5G, Software Defined Radio and Infrastructure-as-Code.


Return to Index    -    Add to    -    ics Calendar file

 

SOC - Saturday - 17:00-18:59 PDT


Title: Denial, Deception, and Drinks with Mitre Engage
When: Saturday, Aug 13, 17:00 - 18:59 PDT
Where: Caesars Forum - Society Boardroom (Demo Labs) - Map

Description:
Interested in cyber denial, deception, and adversary engagement? Come join the MITRE Engage team for conversations, war stories, and cyber shenanigans.

Return to Index    -    Add to    -    ics Calendar file

 

ICSV - Saturday - 11:00-11:30 PDT


Title: Describing Maritime Cyber work roles Using the NICE Framework
When: Saturday, Aug 13, 11:00 - 11:30 PDT
Where: Caesars Forum - Alliance 314 - 319 (ICS Village) - Map

SpeakerBio:Tyson B. Meadors , Cyber Warfare Engineer
LCDR Tyson B. Meadors is a Navy Cyber Warfare Engineer currently assigned to Cryptologic Warfare Activity SIXTY SEVEN. He previously served both afloat and ashore as a Surface Warfare Officer and Naval Intelligence Officer. From 2017-2018, he was a Director of Cyber Policy on the National Security Council Staff, where he advised the President, Vice President, and multiple National Security Advisors on cyber operations policy, technology, and threats and helped draft multiple national-level strategies and policies. Prior to commissioning from the US Naval Academy, worked as a journalist and taught English in the People’s Republic of China. He is the only naval officer to ever defeat a guided missile destroyer in a real-world engagement and is also the founder and CEO of Ex Mare Cyber, a cybersecurity consultancy.

Description:
This presentation provides insights from a recent US government "tiger team" that worked to examine the maritime cybersecurity workforce gaps identified in the 2020 National Maritime Cybersecurity Plan from a National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework perspective in order to identify gaps in the existing framework as well as to develop proposals for new statements describing maritime cyber-specific task, skills, knowledge, and competencies that should be recommended for inclusion into future versions of the framework. In the process of doing so, the interagency group identified five, high-level strategic factors that are going to shape maritime cybersecurity workforce development for years to come.

Return to Index    -    Add to    -    ics Calendar file

 

WS - Saturday - 09:00-12:59 PDT


Title: Dig Dug: The Lost Art of Network Tunneling
When: Saturday, Aug 13, 09:00 - 12:59 PDT
Where: Harrah's - Lake Tahoe (Workshops) - Map
Speakers:Eijah,Cam

SpeakerBio:Eijah , Founder
Eijah is the founder of Code Siren, LLC and has 20+ years of software development and security experience. He is also the creator of Demonsaw, an encrypted communications platform that allows you to chat, message, and transfer files without fear of data collection or surveillance. Before that Eijah was a Lead Programmer at Rockstar Games where he created games like Grand Theft Auto V and Red Dead Redemption 2. In 2007, Eijah hacked multiple implementations of the Advanced Access Content System (AACS) protocol and released the first Blu-ray device keys under the pseudonym, ATARI Vampire. He has been a faculty member at multiple colleges, has spoken at DEF CON and other security conferences, and holds a master’s degree in Computer Science. Eijah is an active member of the hacking community and is an avid proponent of Internet freedom.

SpeakerBio:Cam , Developer, Hacker
Cam is a developer and hacker with experience in C++, Java, and Android. He has spent the past 5 years writing software for secure communication platforms including VOIP and messaging services. In his free time, he enjoys Android reverse engineering, studying Mandarin, and writing software for human rights projects.

Description:
In a world of decreasing privacy, it's important that users can communicate P2P without any reliance on centralized solutions. But how do computers connect directly to each other without having external IP addresses, using an insecure protocol like UPnP, manually port forwarding, or routing through intermediary services like Signal, Skype, or Telegram? The traditional solution to this problem has been to trust companies and just route our data though their servers. We can totally trust them, right? If the future of secure communication depends on companies to route our traffic, then I would argue that the future of communications is insecure. There must be a better solution more in line with privacy fundamentals.

Reverse Network Tunneling, i.e. UDP Hole Punching, is a powerful technique that makes it possible for computers with internal IP addresses that are inaccessible on the Internet to be able to connect to each other directly, and therefore become accessible. As crazy as this sounds, it's real and works. This has multiple applications in the real world, such as allowing a pentester to directly connect to a victim that is hidden behind a router. Network tunneling also invalidates the need of centralized services provided by companies that log, surveil and profit from our traffic. Imagine how the future of secure communications would change if all of our online interactions were off-the-grid?

This workshop shows you how to punch holes through external routers to allow computers that were once hidden from the Internet to connect to each other P2P. If you've ever wanted to tunnel into private networks and access internal computers, then this workshop is for you. Create a botnet, backdoor, or even the next great privacy app - the sky's the limit! This is a beginner-level, technical workshop and requires that attendees have some prior experience in at least one programming language, such as Python, JavaScript or C++. Bring your laptop and a strong appetite for pwning network devices.

Materials
Laptop with Windows, Linux, or OSX. USB flash drive for copying program materials (optional).
Prereq
Previous experience in at least one programming language is required. Previous experience with Python or C/C++ is recommended, but not required.

Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 14:30-14:50 PDT


Title: Digging into Xiaomi’s TEE to get to Chinese money
When: Saturday, Aug 13, 14:30 - 14:50 PDT
Where: Caesars Forum - Forum 106-110, 138-139 (Track 2) - Map

SpeakerBio:Slava Makkaveev , Security Researcher, Check Point
Slava Makkaveev is a Security Researcher at Check Point Research. Holds a PhD in Computer Science. Slava has found himself in the security field more than ten years ago and since that gained vast experience in reverse engineering and vulnerability research. Recently Slava has taken a particularly strong interest in mobile platforms and firmware security. Slava was a speaker at DEF CON, CanSecWest, REcon, HITB and others.

Description:
The Far East and China account for two-thirds of global mobile payments in 2021. That is about $4 billion in mobile wallet transactions. Such a huge amount of money is sure to attract the attention of hackers. Have you ever wondered how safe it is to pay from a mobile device? Can a malicious app steal money from your digital wallet? To answer these questions, we researched the payment system built into Xiaomi smartphones based on MediaTek chips, which are very popular in China. As a result, we discovered vulnerabilities that allow forging payment packages or disabling the payment system directly from an unprivileged Android application.

Mobile payment signatures are carried out in the Trusted Execution Environment (TEE) that remains secure on compromised devices. The attacker needs to hack the TEE in order to hack the payment. There is a lot of good research about mobile TEEs in the public domain, but no one pays attention to trusted apps written by device vendors like Xiaomi and not by chip makers, while the core of mobile payments is implemented there. In our research, we reviewed Xiaomi's TEE for security issues in order to find a way to scam WeChat Pay.


Return to Index    -    Add to    -    ics Calendar file

 

VMV - Saturday - 16:00-16:30 PDT


Title: Digital Forensics and Voting Machines
When: Saturday, Aug 13, 16:00 - 16:30 PDT
Where: Caesars Forum - Alliance 313-314, 320 (Voting Village) - Map

SpeakerBio:Will Bagget
Will Baggett has a background in the U.S. Intelligence Community and also in NATO SOF as a cyber instructor His experience in the Intelligence Community provided a foundation for Insider Threat, Digital Forensics, and Cyber Intelligence consulting to pharmaceutical, financial, and technical entities. He is a graduate of Georgia Tech, holds multiple digital forensic certifications as well as that of a Certified Fraud Examiner and has appeared on several news broadcasts discussing cybersecurity issues. Will is also the Director of Digital Forensic services for Operation Safe Escape, a volunteer-run non profit assisting domestic abuse victims as they begin new lives.
Twitter: @iOSforensic

Description:
While in Las Vegas for data recovery and E-discovery work for a client, I attended DefCon 2017. By happenstance, I visited the Voting Village, organized by Harri Hurst.

Dozens of machines were on display for DefCon participants to ‘hack’ and find vulnerabilities. As I had my digital forensic toolkit with me, I asked Harri if the Windows CE and Windows XP devices had been professionally imaged and analyzed. Within minutes, I was presented with a pristine Windows CE machine. I imaged the device with BlackBag’s MacQuisition and began triage analysis with BlackBag’s BlackLight system.

The system was used for local, state, and national elections, initially purchased by Fairfax County, Virginia and placed into service, October 2002. The machine was last used in November 2014. I met with Harri at DefCon 2018 and performed the same tasks for thirty seven additional voting machines. The systematic lack of security was found on every single device nationwide. The same pattern was repeated at DefCon 2019.

I will discuss the professional methods we use to image devices at the Voting Village prior to the general public accessing the machines and the two-person finding verification method in use as well as the best practice of multiple tools. (Imaged with write-blocking hardware, analyzed with BlackLight and Autopsy, with a deleted file recovery tool afterwards.) I will discuss the findings we have discovered in the voting village: The operating system had not been updated since purchase. Votes were compiled into cleartext (votes.txt) onto a removable media drive and in some instances, uploaded to a ftp server, unencrypted.

Hundreds of USB drives had been inserted into the machines since deployment. Voters access the machines as ‘administrator’ with all votes being cast on the admin account. Admin and security user names and passwords are found online due to the relevant state sunshine laws. I will present our findings as to what was absent from the machines:

No firewall or antivirus programs are present No audit trail for USB drives or voting record integrity was found No voter information was found
No evidence of tampering has been found.


Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 18:30-18:50 PDT


Title: Digital Skeleton Keys - We’ve got a bone to pick with offline Access Control Systems
When: Saturday, Aug 13, 18:30 - 18:50 PDT
Where: Caesars Forum - Alliance 301-309, 321 (Track 4) - Map
Speakers:Micsen,Miana E Windall

SpeakerBio:Micsen , Software developer, Installer, And much more!
Micsen: At 5 years old Micsen began his career of dismantling things. He had just gotten his first RC car and wanted to fix it since it didn’t drive straight. Luckily the skills have evolved significantly from that time as the car never drove again! When a company is affected by ransomware he will happily use his hacking skills to trade for booze.
Twitter: @micsen97

SpeakerBio:Miana E Windall , Software Development Engineer
Miana is a lifelong tinkerer who likes breaking things almost as much as she likes building them.
Twitter: @NiamhAstra

Description:
Offline RFID systems rely on data stored within the key to control access and configuration. But what if a key lies? What if we can make the system trust those lies? Well then we can do some real spooky things… This is the story of how a strange repeating data pattern turned into a skeleton key that can open an entire range of RFID access control products in seconds.

Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 13:30-14:15 PDT


Title: Do Not Trust the ASA, Trojans!
When: Saturday, Aug 13, 13:30 - 14:15 PDT
Where: Caesars Forum - Alliance 301-309, 321 (Track 4) - Map

SpeakerBio:Jacob Baines , Lead Security Researcher, Rapid7
Jacob Baines is a Lead Security Researcher at Rapid7 and a member of the Emergent Threat Response team. As part of his daily duties, Jacob conducts n-day and zero-day vulnerability research on important or impactful systems. He particularly enjoys sharing findings with the security community and developing Metasploit exploits.

Jacob has been active in the Security field for well over a decade. He’s held positions as a developer, reverse engineer, and vulnerability researcher. As a vulnerability researcher, Jacob has had the good fortune to publish and present his research which varies from embedded system exploitation, web application attacks, and Windows vulnerabilities.

Twitter: @Junior_Baines

Description:
Cisco ASA and ASA-X are widely deployed firewalls that are relied upon to protect internal networks from the dangers of the outside world. This key piece of network infrastructure is an obvious point of attack, and a known target for exploitation and implantation by APT such as the Equation Group. Yet it’s been a number of years since a new vulnerability has been published that can provide privileged access to the ASA or the protected internal network. But all good things must come to an end.

In this talk, new vulnerabilities affecting the Cisco ASA will be presented. We’ll exploit the firewall, the system’s administrators, and the ASA-X FirePOWER module. The result of which should call into question the firewall’s trustworthiness.

The talk will focus on the practical exploitation of the ASA using these new vulnerabilities. To that end, new tooling and Metasploit modules will be presented. For IT protectors, mitigation and potential indicators of compromise will also be explored.


Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 14:30-15:15 PDT


Title: Doing the Impossible: How I Found Mainframe Buffer Overflows
When: Saturday, Aug 13, 14:30 - 15:15 PDT
Where: Caesars Forum - Alliance 301-309, 321 (Track 4) - Map

SpeakerBio:Jake Labelle , Security Consultant
Jake, a security consultant from Basingstoke, UK, got his hands on a licensed emulator for z/OS over the pandemic , and considering that we have been in and out of lockdown for the past two years, started playing around with it for a fairly good portion of time. As someone who adores the 80s cyber aesthetic, he loves mucking around with it, but also there is nothing legacy about mainframes, docker, node js, python all your modern applications/programs are on there. Over the past year, he has found and reported a number of z/OS LPEs and RCEs vulns to IBM.
Twitter: @Jabellz2

Description:
Mainframes run the world, literally. Have you ever paid for something, a mainframe was involved, flown? Used a bank? Gone to college? A mainframe was involved. Do you live in a country with a government? Mainframes! The current (and really only) mainframe OS is z/OS from IBM. If you've ever talked to a mainframer you'll get told how they're more secure because buffer overflows are (were) impossible. This talk will prove them all wrong!

Finding exploits on z/OS is no different than any other platform. This talk will walk through how you too can become a mainframe exploit researcher!

Remote code execution is extra tricky on a mainframe as almost all sockets read data with the ASCII character set and convert that to EBCDIC for the application. With this talk you will find out how to find and then remotely overflow a vulnerable mainframe C program and create a ASCII -> EBCDIC shellcode to escalate your privileges remotely, without auth. Previous mainframe talks focused on infrastructure based attacks. This talk builds on those but adds a class of vulnerabilities, opening up the mainframe hacking community.


Return to Index    -    Add to    -    ics Calendar file

 

VMV - Saturday - 10:00-10:30 PDT


Title: Dominion ImageCast X CVEs and reflections on CVD for election systems
When: Saturday, Aug 13, 10:00 - 10:30 PDT
Where: Caesars Forum - Alliance 313-314, 320 (Voting Village) - Map

SpeakerBio:Drew Springall
I am an Assistant Professor in the Department of Computer Science and Software Engineering at Auburn University. As a security researcher, I focus on nation-state/highly privileged attackers, Internet-scale measurement/vulnerabilities, and election security. I recently left Google's Production Security team where I was working to mitigate insider threats, secure core infrastructure, and improve the overall security and privacy properties of Google's products and services. My Ph.D. research focused on studying nation-state attackers such as the NSA, GCHQ, and other intelligence agencies to understand their approach to security issues and identify weaknesses that are form-fitted to their special abilities and characteristics. Throughout my graduate education at the University of Michigan, I was advised by Prof. J. Alex Halderman and funded by an NSF Graduate Research Fellowship, the Post-9/11 GI Bill, Google ATAP, and others. My work has helped explain intelligence agencies' ability to defeat widely used cryptography, identify and analyze the danger posed by common cryptographic shortcuts used in the TLS protocol, and demonstrated the real-world potential of election interference by foreign actors through technical means. This research has been covered and cited by The Wall Street Journal, The Washington Post, Ars Technica, The Guardian, US-CERT, NIST, FBI Cyber Division, and Playboy (SFW).
Twitter: @_aaspring_

Description:
In February of this year, we worked with CISA to conduct the first: CVD related to an active, widely-used voting system (the Dominion Democracy Suite 5.5-A system) in order to disclose multiple vulnerabilities found through analysis and testing of the system as used in the state of Georgia (ICSA-22-151-01). Though initiated prior to and not focused on the November 2020 election, our research and efforts to disclose occurred in its shadow and with the November 2022 election on the horizon. Along with the urgency, overlapping primary elections ensured that the importance of "getting it right" was not lost but along the way, found discovered that "right" meant very different things to the various stakeholders. In this talk, we'll share our experiences and lessons-leamed from this journey, discuss how the advisory-sausage is actually made, and offer our analysis and opinions on the use of the standard CVD process for voting system vulnerabilities going-forward.

Return to Index    -    Add to    -    ics Calendar file

 

AVV - Saturday - 14:45-15:15 PDT


Title: Down The Rabbit Hole: 10 Lessons Learned from a Year in the Trenches
When: Saturday, Aug 13, 14:45 - 15:15 PDT
Where: Flamingo - Scenic Ballroom (Adversary Village) - Map

SpeakerBio:Andrew Costis
Andrew has 20+ years of industry experience, and recent roles include threat research, reverse engineering malware, tracking ransomware campaigns, incident response and discovering new malware campaigns. Andrew has been invited to give various talks at Black Hat, B-Sides, CyberRisk Alliance, SecurityWeekly, ITPro, BrightTalk, SC Magazine, VMware World and others.
Twitter: @0x4143

Description:
Are you new to the world of Threat and Adversary Emulation, Breach and Attack Simulation and/or Purple Teaming? A little over a year ago, I was too, and so there I began my journey down the rabbit hole into this new, hot, and upcoming area of cybersecurity. One year later, upon reflection, I asked myself what advice I could share to my past self as well as other defenders out there. What are some of the major obstacles to overcome when trying to implement purple teaming? What factors are often overlooked when using breach and attack simulation? What assumptions are typically made about threat emulation? And what could you do differently to start demonstrating value quicker? In this presentation I will be sharing my top 10 lessons learned from the trenches, with the aim of helping you to prepare, plan and ponder my recommendations with your existing Breach and Attack Simulation and/or Purple Teaming project. Regardless of what tool, platform, or framework you use, whether you are technical or not, or if you are red, blue, or purple, this neutral presentation aims to provide some useful, practical advice and guidance in the hope that all attendees can benefit from.

Return to Index    -    Add to    -    ics Calendar file

 

AVV - Saturday - 10:00-10:45 PDT


Title: Drag us to Wonder Bad: a tale of how to be good people by capturing credentials and 2FA
When: Saturday, Aug 13, 10:00 - 10:45 PDT
Where: Flamingo - Scenic Ballroom (Adversary Village) - Map

SpeakerBio:Daniel Isler
Social Engineering Consultant Bachelor in Arts of Representation. With certifications in Social Engineering, Red Team & OSINT. Team Leader of Fr1endly RATs, the Social Engineering unit at Dreamlab Technologies Chile. Specializing and developing techniques and methodologies for simulations of Phishing attacks, Vishing, Pretexting, Physical Intrusions and Red Team.
Twitter: @Fr1endlyRATs

Description:
The forms of authentication and data protection are becoming more and more robust, but the users remain the same. How to breach all those controls to capture credentials and the 2FA of one of the most used email clients in the world? The aim of this paper is to demonstrate how anyone without any advanced programming knowledge could easily do it. How? Social Engineering. Inspired by Alice in Wonderland a particular White RatBit will explain it.

Return to Index    -    Add to    -    ics Calendar file

 

IOTV - Saturday - 10:00-17:59 PDT


Title: Drone Hack
When: Saturday, Aug 13, 10:00 - 17:59 PDT
Where: Caesars Forum - Alliance 311, 320 (IoT Village) - Map

Description:
A handcrafted IoT challenge that will put your skills to the test. Be prepared to hack devices over bluetooth low energy, break into Wi-Fi networks, and exploit binaries. If you avoid the deadly sharks and laser beams you may be able to access smart locks, conduct electronic warfare, and fly drones.

Return to Index    -    Add to    -    ics Calendar file

 

DL - Saturday - 10:00-11:55 PDT


Title: EDR detection mechanisms and bypass techniques with EDRSandBlast
When: Saturday, Aug 13, 10:00 - 11:55 PDT
Where: Caesars Forum - Society Boardroom (Demo Labs) - Map
Speakers:Thomas Diot,Maxime Meignan

SpeakerBio:Thomas Diot
Thomas Diot (Qazeer) is a security consultant at Wavestone, an independent French consulting firm. His work involves a mix of penetration testing, Red / Purple Teams engagements, and Incident Responses with Wavestone CERT-W. Thomas enjoys practicing and improving his skills by playing in CTFs, developing tools, and working on various security projects.

SpeakerBio:Maxime Meignan
Maxime Meignan (@th3m4ks) is a security consultant at Wavestone, based in Paris, since the middle of the last decade. Loving to reverse engineer binaries in both professional and CTF contexts, Maxime has an IDA sticker on the back of his smartphone. And writes this uninteresting fact in his bio. He is currently interested in various fields of security, related to EDR software, Windows internals and Virtualisation Based Security.

Description:
EDRSandBlast is a tool written in C that implements and industrializes known as well as original bypass techniques to make EDR evasion easier during adversary simulations. Both user-land and kernel-land EDR detection capabilities can be bypassed, using multiple unhooking techniques and a vulnerable signed driver to unregister kernel callbacks and disable the ETW Threat Intelligence provider. Since the initial release, multiple improvements have been implemented in EDRSandBlast: it is now possible to use this toolbox as a library from another attacking tool, new bypasses have been implemented, the embedded vulnerable driver is now interchangeable to increase stealthiness and the use of a pre-built offsets database is no more required! Come discover our tool and its new features, learn (or teach us!) something about EDRs and discuss about the potential improvements to this project.

Audience: Offense, Defense, Windows, EDR


Return to Index    -    Add to    -    ics Calendar file

 

PSV - Saturday - 15:30-15:59 PDT


Title: Elevators 101
When: Saturday, Aug 13, 15:30 - 15:59 PDT
Where: Caesars Forum - Summit 201-202 (Physical Security Village) - Map

SpeakerBio:Karen Ng
As a founding member of the Physical Security Village, Karen has always been eager to spread awareness of physical security vulnerabilities. Karen works with GGR Security as a Security Risk Assessor.
Twitter: @hwenab

Description:
Elevator floor lockouts are often used as an additional, or the only, layer of security. This talk will focus on how to hack elevators for the purpose of getting to locked out floors – including using special operating modes, tricking the controller into taking you there, and hoistway entry.

Return to Index    -    Add to    -    ics Calendar file

 

DL - Saturday - 10:00-11:55 PDT


Title: Empire 4.0 and Beyond
When: Saturday, Aug 13, 10:00 - 11:55 PDT
Where: Caesars Forum - Accord Boardroom (Demo Labs) - Map
Speakers:Vincent "Vinnybod" Rose,Anthony "Cx01N" Rose

SpeakerBio:Vincent "Vinnybod" Rose , Lead Tool Developer
Vincent "Vinnybod" Rose is the lead developer for Empire and Starkiller. He is a software engineer with experience in cloud services, large-scale web applications, build pipeline automation, and big data ETL. Vinnybod has presented at Black Hat and has taught courses at DEF CON on Red Teaming and Offensive PowerShell. He currently maintains a cybersecurity blog focused on offensive security at https://www.bc-security.org/blog/.

SpeakerBio:Anthony "Cx01N" Rose , Lead Security Researcher
Anthony "Cx01N" Rose, CISSP, is a Security Researcher and Chief Operating Officer at BC Security, where he specializes in adversary tactic emulation planning, Red and Blue Team operations, and embedded systems security. He has presented at numerous security conferences, including Black Hat, DEF CON, and RSA conferences. Anthony is the author of various offensive security tools, including Empire and Starkiller, which he actively develops and maintains. He is recognized for his work, revealing widespread vulnerabilities in Bluetooth devices and is the co-author of a cybersecurity blog at https://www.bc-security.org/blog/.
Twitter: @Cx01N_

Description:
Empire is a Command and Control (C2) framework powered by Python 3 that supports Windows, Linux, and macOS exploitation. It has evolved significantly since its introduction in 2015 and has become one of the most widely used open-source C2 platforms. Starting life as PowerShell Empire and later merging in Empyre, Empire is now a full-fledged .NET C2 leveraging PowerShell, Python, C, and Dynamic Language Runtime (DLR) agents. It offers a flexible modular architecture that links Advanced Persistent Threats (APTs) Tactics, Techniques, and Procedures (TTPs) through the MITRE ATT&CK database. The framework aims to provide a flexible and easy-to-use interface to easily incorporate a wide array of tools into a single platform for red team operations to emulate APTs. This presentation will explore our most recent upgrades in Empire 4.0, including C and IronPython agents, Customizable Bypasses, Malleable HTTP C2, Donut Integration, Beacon Object File (BoF), and much more. In addition, our team will be giving a preview of Empire 5.0 and its features. The most exciting of these being the brand-new web client (Starkiller 2.0) and v2 API, which will be released later this year.

Audience: Offense


Return to Index    -    Add to    -    ics Calendar file

 

RHV - Saturday - 11:00-11:59 PDT


Title: Ethical considerations in using digital footprints for verifying identities for online services
When: Saturday, Aug 13, 11:00 - 11:59 PDT
Where: Caesars Forum - Alliance 310, 320 (Retail Hacking Village) - Map

SpeakerBio:Larsbodian
Larsbodian is an industrial PhD student at the Department of Computer and Systems Sciences at Stockholm University in Sweden researching IoT security integration within Enterprise Architecture.

Description:
Many players in the Buy Now Pay Later (BNPL) and merchant services industries are increasingly relying on digital footprint services when credit checks and national identification schemes are not easily available for different types of campaigns. There are a number of ethical considerations with this type of information is gathered and used along with regulatory issues that need to be considered.

Return to Index    -    Add to    -    ics Calendar file

 

WS - Saturday - 14:00-17:59 PDT


Title: Evading Detection: A Beginner's Guide to Obfuscation
When: Saturday, Aug 13, 14:00 - 17:59 PDT
Where: Harrah's - Lake Tahoe (Workshops) - Map
Speakers:Anthony "Cx01N" Rose,Jake "Hubbl3" Krasnov,Vincent "Vinnybod" Rose

SpeakerBio:Anthony "Cx01N" Rose , Lead Security Researcher
Anthony "Cx01N" Rose, CISSP, is a Security Researcher and Chief Operating Officer at BC Security, where he specializes in adversary tactic emulation planning, Red and Blue Team operations, and embedded systems security. He has presented at numerous security conferences, including Black Hat, DEF CON, and RSA conferences. Anthony is the author of various offensive security tools, including Empire and Starkiller, which he actively develops and maintains. He is recognized for his work, revealing widespread vulnerabilities in Bluetooth devices and is the co-author of a cybersecurity blog at https://www.bc-security.org/blog/.
Twitter: @Cx01N_

SpeakerBio:Jake "Hubbl3" Krasnov , Red Team Operations Lead and Chief Executive Officer
Jake "Hubbl3" Krasnov is the Red Team Operations Lead and Chief Executive Officer of BC Security. He has spent the first half of his career as an Astronautical Engineer overseeing rocket modifications for the Air Force. He then moved into offensive security, running operational cyber testing for fighter aircraft and operating on a red team. Jake has presented at DEF CON, where he taught courses on offensive PowerShell and has been recognized by Microsoft for his discovery of a vulnerability in AMSI. Jake has authored numerous tools, including Invoke-PrintDemon and Invoke-ZeroLogon, and is the co-author of a cybersecurity blog at https://www.bc-security.org/blog/.
Twitter: @_Hubbl3

SpeakerBio:Vincent "Vinnybod" Rose , Lead Tool Developer
Vincent "Vinnybod" Rose is the lead developer for Empire and Starkiller. He is a software engineer with experience in cloud services, large-scale web applications, build pipeline automation, and big data ETL. Vinnybod has presented at Black Hat and has taught courses at DEF CON on Red Teaming and Offensive PowerShell. He currently maintains a cybersecurity blog focused on offensive security at https://www.bc-security.org/blog/.

Description:
Defenders are constantly adapting their security to counter new threats. Our mission is to identify how they plan on securing their systems and avoid being identified as a threat. This is a hands-on class to learn the methodology behind malware delivery and avoiding detection. This workshop explores the inner workings of Microsoft's Antimalware Scan Interface (AMSI), Windows Defender, and Event Tracing for Windows (ETW). We will learn how to employ obfuscated malware using Visual Basic (VB), PowerShell, and C# to avoid Microsoft's defenses. Students will learn to build AMSI bypass techniques, obfuscate payloads from dynamic and static signature detection methods, and learn about alternative network evasion methods.

In this workshop, we will:

i.            Understand the use and employment of obfuscation in red teaming.
ii.           Demonstrate the concept of least obfuscation.
iii.          Introduce Microsoft's Antimalware Scan Interface (AMSI) and explain its importance.
iv.          Demonstrate obfuscation methodology for .NET payloads.
Materials
Laptop VMWare or Virtual Box Windows Dev machine or other Windows VM Kali Linux VM
Prereq
Basic level of PowerShell or C# experience.

Return to Index    -    Add to    -    ics Calendar file

 

BTV - Saturday - 12:15-12:45 PDT


Title: Even my Dad is a Threat Modeler!
When: Saturday, Aug 13, 12:15 - 12:45 PDT
Where: Virtual - BlueTeam Village - Talks

SpeakerBio:Sarthak Taneja
Sarthak(S4T4N) is a Security Engineer passionate about everything InfoSec. He is always looking for new topics to learn. Suffering from Volunteeristis. You can always find him working with conferences behind the curtains. Right now, He is struggling to write 100 words about himself because he is habitual to writing 50 words bios.

Description:
Detailed Outline will be as follows:
  1. What is Threat Modelling?
  2. Why is Threat Modeling necessary? 3.Common Threat Modelling Frameworks:

    All the mentioned frameworks will be explained in detail with actionable scenarios and how to measure violations and propose mitigations

    STRIDE PASTA VAST TRIKE

  3. How to plan Threat Modelling?
  4. What NOT to do when doing threat modelling?
  5. How to handle the results of threat modelling to not make it overwhelming to different stakeholders?

For eg:
In STRIDE, I'll give an overview and then walkthrough real life scenarios how

  1. Explanantion of the framwork
  2. Example: 2.1. Spoofing Identity refers to violation of authentication

    Can be potrayed by misconfigured VPN configurations (in detail) 2.2 Tampering with data refers to Integrity

    Having mutable logs and super admin having toxic right to change them (in detail) 2.3 Non Repudiation

    Multiple users using same set of credentials causing non-repudiation and making logs useless because actions can't be backtracked to the user performing it (in details) etc

I will give examples from actual threat modellings I have done but remove all the organisation related information and make them generic, then what scenarios look like in organisations.

The talk will mainly focus on different frameworks of Threat Modelling and how threat modelling can be more efficient. Learning from the past experiences and common mistakes which organizations make while doing threat modelling.


Return to Index    -    Add to    -    ics Calendar file

 

RFV - Saturday - 15:30-15:59 PDT


Title: Exploiting 802.11n Narrow Channel Bandwidth Implementation in UAV
When: Saturday, Aug 13, 15:30 - 15:59 PDT
Where: Flamingo - Eldorado Ballroom (Radio Frequency Village) - Map

SpeakerBio:Ronald Broberg
Ronald Broberg performs security assessments on Uncrewed Aerial Systems (UAS) with Dark Wolf Solutions. Previously, he was employed with Lockheed Martin. He had presented at the Aerospace Village during DEFCON 29
Twitter: @noiq15

Description:
Some 802.11n radios being used in Uncrewed Aerial Systems (UAS) are transmitting with non-standard channel widths below 20MHz to increase the communication range of the UAS. These narrow channel widths can be accessed in certain Atheros chipsets. Wifi communications using these narrow channel widths are more difficult to detect and evaluate. We discuss our our approach and the tools developed to detect, access, and assess this non-standard 802.11n transmission. No drones will be harmed during the presentation.

Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 13:00-13:45 PDT


Title: Exploring Ancient Ruins to Find Modern Bugs: Discovering a 0-Day in an MS-RPC Service
When: Saturday, Aug 13, 13:00 - 13:45 PDT
Where: Caesars Forum - Academy 401-410, 421 (Track 3) - Map
Speakers:Ben Barnea,Ophir Harpaz

SpeakerBio:Ben Barnea , Senior Security Researcher, Akamai
Ben Barnea is a security researcher at Akamai with interest and experience conducting low-level security research and vulnerability research across various architectures - Windows, Linux, IoT and mobile. He likes learning how complex mechanisms work and most importantly, how they fail.
Twitter: @nachoskrnl

SpeakerBio:Ophir Harpaz , Senior Security Research Team Lead, Akamai
Ophir Harpaz is a security research team lead in Akamai, where she manages research projects around OS internals, exploitation and malware analysis. Ophir has spoken in various security conferences including Black Hat USA, Botconf, SEC-T, HackFest and more. As an active member in Baot - a community for women engineers - she has taught a reverse-engineering workshop (https://begin.re) to share her enthusiasm for reversing. Ophir has entered Forbes' list of 30-under-30 and won the Rising Star category of SC Magazine's Reboot awards for her achievements and contribution to the Cyber security industry.
Twitter: @OphirHarpaz

Description:
MS-RPC is Microsoft's implementation of the Remote Procedure Calls protocol. Even though the protocol is extremely widespread, and serves as the basis for nearly all Windows services on both managed and unmanaged networks, little has been published about MS-RPC, its attack surface and design flaws.

In this talk, we will walkthrough and demonstrate a 0-day RCE vulnerability which we discovered through our research of MS-RPC. When exploited, this vulnerability allows an attacker to execute code remotely and potentially take over the Domain Controller. We believe this vulnerability may belong to a somewhat novel bug-class which is unique to RPC server implementations, and would like to share this idea as a possible research direction with the audience.

To aid future research into the topic of MS-RPC, we will share a deep, technical overview of the RPC system in Windows, explain why we decided to target it, and point out several design flaws. We will also outline the methodology we developed around RPC as a research target along with some tools we built to facilitate the bug-hunting process.


Return to Index    -    Add to    -    ics Calendar file

 

GHV - Saturday - 12:00-12:30 PDT


Title: Exploring Fruadsters Persuasion Strategies on Employment Databases
When: Saturday, Aug 13, 12:00 - 12:30 PDT
Where: Flamingo - Virginia City III (Girls Hack Village) - Map

SpeakerBio:Tessa Cole
Tessa Cole is a Ph.D. Candidate in the Department of Criminal Justice and Criminology at Georgia State University. She earned a Bachelor of Science in Political Science from Berry College and a Master of Science in Criminal Justice from the University of Tennessee at Chattanooga. Tessa's area of research focuses on offenders' effect(s) on targets and victims within the cybercrime ecosystem, including, but not limited to revenge pornography, sexting among adolescents, and online fraud. She is proficient in both SPSS and STATA and is currently developing GIS and PYTHON skills. Recently, Dr. Rege has invited her to participate and share her research knowledge in two panels, an academic panel highlighting black cybercrime researchers and Temple University's Cybersecurity in Application, Research, and Education (CARE) Lab's Social Engineering Educator Workshop.

Additionally, she is published in Victims & Offenders with several forthcoming articles in peer-reviewed journals. She volunteers for the Crisis Hotline and has served as a mentor in the Pipeline Mentorship Program at Georgia State University. She has received several awards, such as the University of Tennessee at Chattanooga Department of Social, Cultural, and Justice Studies Most Outstanding Graduate Student in 2018, the Andrew Young Dean's Fellowship Scholarship at Georgia State University from 2018 to 2021, and the Department of Criminal Justice and Criminology Graduate Teaching Award at Georgia State University in the spring of 2021. Currently, she is completing her dissertation exploring online fraudsters' decision-making processes which is constructed in the three-journal article format to be published upon her degree confirmation.


Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

CPV - Saturday - 13:45-14:30 PDT


Title: Exploring Unprecedented Avenues for Data Harvesting in the Metaverse
When: Saturday, Aug 13, 13:45 - 14:30 PDT
Where: Flamingo - Vista Ballroom (Crypto Privacy Village) - Map
Speakers:Gonzalo Munilla Garrido,Vivek Nair

SpeakerBio:Gonzalo Munilla Garrido
Gonzalo Munilla Garrido is a privacy researcher at the BMW Group and Ph.D. Student at TU Munich, where he researches privacy-enhancing technologies. His main research interests are in differential privacy and probability theory. Gonzalo has previously been recognized as OpenMined's "contributor of the month" and has appeared in Google's "Awakening" magazine. He contributes to the security & privacy community by participating as a mentor and judge in hackathons, publishing code tutorials about differential privacy, and teaching the Blockchain Engineering course at TUM.

SpeakerBio:Vivek Nair
Vivek Nair is an EECS Ph.D. student at UC Berkeley and a researcher at Cornell's IC3. As a recipient of the NSF, NPSC, and Hertz fellowships, Vivek has worked with the US Department of Defense to build resilient cyber systems. He began researching cybersecurity in 2015, when he founded Multifactor.com, and has gone on to author 12+ patents for cybersecurity technologies. He was the youngest-ever recipient of Bachelor's and Master's degrees in Computer Science at the University of Illinois at the ages of 18 and 19 respectively. Outside of cybersecurity, Vivek is a competitive VR eSports player and the captain of UC Berkeley’s Beat Saber team, which he led to a US collegiate championship victory in 2021.

Description:
A virtual reality (VR) user thought they were joining an anonymous server in the popular "VR Chat" application. Behind the scenes, however, an adversarial program had accurately inferred over 25 of their personal data attributes, from anthropometrics like height and wingspan to demographics like age and gender, within just a few minutes of them joining. As notoriously data-hungry companies become increasingly involved in VR development, this scenario may soon represent a typical VR user experience. While virtual telepresence applications (and the so-called "metaverse") have recently received increased attention and investment from major tech firms, these environments remain relatively under-studied from a security and privacy standpoint. In this talk, we'll illustrate via a real-time VR/XR demo how an attacker can covertly harvest personal attributes from seemingly-anonymous users of innocent-looking VR games. These attackers can be as simple as other VR users without special privilege, and the potential scale and scope of this data collection far exceed what is feasible within traditional mobile and web applications. We aim to shed light on the unique privacy risks that the metaverse entails and contribute a new way of thinking about security and privacy in emerging AR/VR environments.

Return to Index    -    Add to    -    ics Calendar file

 

BHV - Saturday - 10:30-10:59 PDT


Title: Faking Positive COVID Tests
When: Saturday, Aug 13, 10:30 - 10:59 PDT
Where: Flamingo - Laughlin I,II,III (Biohacking Village) - Map

SpeakerBio:Ken Gannon
Ken is a Principal Security Consultant at F-Secure who specializes in mobile security, with a hint of IoT security. He has a love/hate relationship with the medical field, as he's been involved with that field for over 10 years.
Twitter: @Yogehi

Description:
I looked at 3 different COVID at-home tests this year (2 used Bluetooth, one used a camera). I tried to identify weaknesses in these tests, and with the Bluetooth specific tests I was able to fake a positive test result. In theory, my research can be used to fake a negative result as well.

Return to Index    -    Add to    -    ics Calendar file

 

ICSV - Saturday - 10:00-17:59 PDT


Title: Fantom5 SeaTF CTF
When: Saturday, Aug 13, 10:00 - 17:59 PDT
Where: Caesars Forum - Alliance 314 - 319 (ICS Village) - ICS CTF Area - Map

Description:
Contestants will be able to try their hand and compete in a point based Capture the Flag hacking competition based around 3 Maritime consoles. The consoles involved will be Navigation systems, Steering and Propulsion systems, and Ballast systems. These systems provide a relative experience of the actual systems found aboard a naval vessel.

This is a registration required based CTF https://www.sea-tf.com/registration First come first serve basis on time slots.


Return to Index    -    Add to    -    ics Calendar file

 

MIV - Saturday - 15:15-15:45 PDT


Title: Fireside Chat
When: Saturday, Aug 13, 15:15 - 15:45 PDT
Where: Caesars Forum - Summit 221->236 (Misinformation Village) - Map
Speakers:Arikia Millikan,Uchi Uchibeke

SpeakerBio:Arikia Millikan , Journalist, Media Consultant
Arikia Millikan is an American journalist and editorial strategist living in Berlin. Her journalistic work showcases my dedication to deep research and the art of the interview, bringing a humanistic perspective to topics at the intersection of technology and the human mind. In the private sector, she thrives while scrutinizing complexity and unblocking communication sticking points that occur when specialists are tasked with conveying information to a general audience. Her client roster includes founders and thought leaders from fields such as biotechnology, venture capital, telemedicine, teletherapy, femtech, cybersecurity, and mixed reality media.

SpeakerBio:Uchi Uchibeke
No BIO available

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

PLV - Saturday - 19:00-20:15 PDT


Title: Fireside Policy Chats
When: Saturday, Aug 13, 19:00 - 20:15 PDT
Where: Caesars Forum - Summit 224-225 - Policy Collaboratorium - Map

SpeakerBio:Clare Martorana , Federal Chief Information Officer
No BIO available

Description:
Fireside Lounge sessions are your informal, off the record opportunity to get to know policymakers in an intimate setting. Maybe with a drink in hand. No specific knowledge is required, but a skeptical mind and mischievous intellect are a must. The speaker will give a strategic analysis of relevant issues, lead a Socratic dialogue about the trade-offs represented in decision-making, and open the floor to audience questions and/or a moderated group debate. Did we mention it's off the record?

Return to Index    -    Add to    -    ics Calendar file

 

PLV - Saturday - 20:30-21:15 PDT


Title: Fireside Policy Chats
When: Saturday, Aug 13, 20:30 - 21:15 PDT
Where: Caesars Forum - Summit 224-225 - Policy Collaboratorium - Map

Description:
Fireside Lounge sessions are your informal, off the record opportunity to get to know policymakers in an intimate setting. Maybe with a drink in hand. No specific knowledge is required, but a skeptical mind and mischievous intellect are a must. The speaker will give a strategic analysis of relevant issues, lead a Socratic dialogue about the trade-offs represented in decision-making, and open the floor to audience questions and/or a moderated group debate. Did we mention it's off the record?

Return to Index    -    Add to    -    ics Calendar file

 

ROV - Saturday - 15:30-16:30 PDT


Title: Forgery & Document Replication
When: Saturday, Aug 13, 15:30 - 16:30 PDT
Where: LINQ - 3rd flr - Evolution (Rogues Village) - Map

SpeakerBio:Chris Dickson
No BIO available
Twitter: @CA_Dickson

Description:
What’s better than stealing the Declaration of Independence? Flawlessly replicating one for your own home. In this talk, Chris will teach you the tricks of the trade of a professional historical document forger.

Return to Index    -    Add to    -    ics Calendar file

 

HRV - Saturday - 11:00-16:59 PDT


Title: Free Amateur Radio License Exams
When: Saturday, Aug 13, 11:00 - 16:59 PDT
Where: Flamingo - Virginia City I (Ham Radio Village Exams) - Map

Description:
Take the test to join what has been considered to be one of the first hacker communities, amateur radio! The Ham Radio Village is back at DEF CON 30 to offer free amateur radio license exams to anyone who wishes to get their ham radio license. Examinees are encouraged to study on https://ham.study/, and may sign up here: https://ham.study/sessions/626c9a57d57aa149429eebf3/1

Return to Index    -    Add to    -    ics Calendar file

 

SOC - Saturday - 12:00-11:59 PDT


Title: Friends of Bill W
When: Saturday, Aug 13, 12:00 - 11:59 PDT
Where: Caesars Forum - Unity Boardroom - Map

Description:
For all those Friends of Bill W. looking for a meeting or just a quiet moment to regroup, we have you covered with meetings throughout #DEFCON - Noon & 5pm Thurs-Sat, Noon Sun.

Please note: the Caesars Forum Unity Ballroom is at the "front" of Caesars Forum, beside Demo Labs, across from room 216 (the Contest-CTF area).


Return to Index    -    Add to    -    ics Calendar file

 

SOC - Saturday - 17:00-16:59 PDT


Title: Friends of Bill W
When: Saturday, Aug 13, 17:00 - 16:59 PDT
Where: Caesars Forum - Unity Boardroom - Map

Description:
For all those Friends of Bill W. looking for a meeting or just a quiet moment to regroup, we have you covered with meetings throughout #DEFCON - Noon & 5pm Thurs-Sat, Noon Sun.

Please note: the Caesars Forum Unity Ballroom is at the "front" of Caesars Forum, beside Demo Labs, across from room 216 (the Contest-CTF area).


Return to Index    -    Add to    -    ics Calendar file

 

CPV - Saturday - 10:30-10:59 PDT


Title: Fun with Factoring Large Prime Numbers
When: Saturday, Aug 13, 10:30 - 10:59 PDT
Where: Flamingo - Vista Ballroom (Crypto Privacy Village) - Map
Speakers:p80n,r3c0d3

SpeakerBio:p80n
No BIO available

SpeakerBio:r3c0d3
No BIO available

Description:
Enter the world of quantum hardware, mathematical proofs, and the latest in post-quantum resistant cryptography. The quantum apocalypse is coming and it will break RSA and Diffie-Hellman. In this session, there will be a unique demo where we run code on a real quantum computer to factor “large” prime numbers using Shor’s algorithm.

Return to Index    -    Add to    -    ics Calendar file

 

AIV - Saturday - 15:00-15:50 PDT


Title: Generative Art Tutorial
When: Saturday, Aug 13, 15:00 - 15:50 PDT
Where: Caesars Forum - Summit 228->236 (AI Village) - Map

Description:
Learn how to make art with AI

Return to Index    -    Add to    -    ics Calendar file

 

SKY - Saturday - 09:30-10:20 PDT


Title: Geo-Targeting Live Tweets
When: Saturday, Aug 13, 09:30 - 10:20 PDT
Where: LINQ - BLOQ (SkyTalks 303) - Map

SpeakerBio:Chet Hosmer , Professor of Practice
Chet serves as a Professor of Practice at the University of Arizona in the Cyber Operations program where he is teaching and researching the application of Python and Machine Learning to advance cybersecurity challenges. Chet is also the Founder of Python Forensics, Inc. which is focused on the collaborative development of open-source investigative technologies using Python and other popular scripting languages. Chet has been researching and developing technology and training surrounding forensics, digital investigation, and steganography for decades. He has made numerous appearances to discuss emerging cyber threats including National Public Radio's Kojo Nnamdi show, ABC's Primetime Thursday, and ABC News Australia. He has also been a frequent contributor to technical and news stories relating to cybersecurity and forensics with Forbes, IEEE, The New York Times, The Washington Post, Government Computer News, Salon.com and Wired Magazine.

Description:
This talk focuses on using Python to acquire LIVE open-source intelligence (OSINT) from tweets and the associated images, videos, and translated emojis from geographically bounded areas anywhere in the world. This method delivers a plethora of information (tweets, images, videos, emojis, friends, followers, and detailed mapping of movement) within a specific time/space continuum, including chronolocation data. Twitter routinely removes tweets and images from their platform based on policy violations and other influences. By acquiring them “at the moment they are tweeted” provides timely access to live events, as well as the ability to preserve future redacted information. Our ability to generate alerts of aberrant behaviors through the lens of those on the scene has never been more important. The lecture and demonstration will include real examples of collections and mapping from war zones, natural disasters, social unrest, and criminal activity.

Return to Index    -    Add to    -    ics Calendar file

 

HRV - Saturday - 13:00-13:30 PDT


Title: Getting on the air: My experiences with Ham radio QRP
When: Saturday, Aug 13, 13:00 - 13:30 PDT
Where: Flamingo - Virginia City II (Ham Radio Village Activities) - Map

SpeakerBio:Jeremy Hong
Hardware Hacker, Amateur Extra Class Ham Radio Operator (KD8TUO), Reverse Engineer at Cromulence. Featured on ARRL's QST and On The Air Publications.
https://www.qrz.com/db/KD8TUO

Description:
Have a FCC amateur radio license or thinking about getting one? There are some easy quick ways to get on the air, and yes all it takes is some wire, balun, and a radio (this can be a raspberry pi). I'll share a few quick examples of my own.

Return to Index    -    Add to    -    ics Calendar file

 

SKY - Saturday - 17:05-17:55 PDT


Title: Ghost Guns: Rapidly acquiring, constructing or improvising firearms
When: Saturday, Aug 13, 17:05 - 17:55 PDT
Where: LINQ - BLOQ (SkyTalks 303) - Map

SpeakerBio:Judge Taylor
The Hon., Rev., Dr. Taylor, Esq., J.D. (because fucking titles.. am I right?), Judge, Firearms Law Attorney, drafter of fine old fashioned legislation, righter of wrongs, and fucking cripple; is annoyed, loud, and as funny as your worst enemy's heart attack; is an expert in what the government ought not to do.. but the government keeps doing anyway.
Twitter: @mingheemouse

Description:
You may be old enough to remember the civil unrest of 2020, but what you may not have noticed was the total absence of guns and ammunition from the store shelves. With escalating levels of violence you may have thought that exercising your human right to self protection would have been nice, but now you have found yourself behind the curve, and with few options. We will discuss a variety of steps to rapidly source, acquire, improvise, or construct firearms and ammunition from scratch, or from readily available precursor components. There will be a discussion of recent events involving improvised firearms on the world stage.

Elevator pitch: The world is dangerous. I will tell you how to make or source guns and ammunition. Don't break the law.


Return to Index    -    Add to    -    ics Calendar file

 

SOC - Saturday - 20:30-23:59 PDT


Title: Girls Hack Village 90’s House Party
When: Saturday, Aug 13, 20:30 - 23:59 PDT
Where: Caesars Forum - Academy 405 - Map

Description:
Nostalgia, maybe? I think so. In honor of DEF CON 30, we're throwing it back to the era of slow jams and house party mixtapes. We'll be playing everything from power ballads and rap to r&b and pop. Do like Kris Kross and Jump on the opportunity to have a good time with good people to good music.

Return to Index    -    Add to    -    ics Calendar file

 

ASV - Saturday - 10:00-16:59 PDT


Title: Hack the Airfield with DDS
When: Saturday, Aug 13, 10:00 - 16:59 PDT
Where: Caesars Forum - Forum 112-117 (Aerospace Village) - Map

Description:
Hack the Airfield is broken down into two primary components, the aircraft and the system used to locate and find them.

BRICKS IN THE AIR
Learn how avionics systems work in a safe and fun way in our Bricks in the Air workshop that simulates an environment requiring similar approaches to hacking on actual aviation buses without using any of the real hardware, protocols, or commands. Challengers can freely play and develop skills without worrying about legalities or sensitivities of real systems.

SPOOFING ADS-B
ADS-B is the latest version of Identify Friend or Foe (IFF), which is the common name for cooperative radar surveillance of aircraft. Unlike traditional IFF, in ADS-B the aircraft periodically sends a broadcast out roughly every half second to alert all nearby receivers of its current location. These broadcasts are unencrypted and fairly easy to spoof, allowing anyone to create as many aircraft as they want. Stop by the workshop and learn what it takes to spoof fake aircraft into the system used to track them.

Required gear: none!


Return to Index    -    Add to    -    ics Calendar file

 

ASV - Saturday - 10:00-16:59 PDT


Title: Hack the Airport with Intelligenesis
When: Saturday, Aug 13, 10:00 - 16:59 PDT
Where: Caesars Forum - Forum 112-117 (Aerospace Village) - Map

Description:
Can you restore the Aerospace Village runway lighting system? IntelliGenesis will be holding a mini-Hack the Airport that is designed to showcase the impact of a cyber-attack on critical infrastructure commercial or government facilities; specifically, Aviation Control Systems. Transportation Systems is one of the 16 Cybersecurity and Infrastructure Agency Critical Infrastructure Sectors for the US. There is a hyper focus on cybersecurity surrounding airports and the critical infrastructure systems supporting aviation operations. Come on over and give it an attempt, there will be 4 stages culminating in restoring the lighting system so that the village can begin landing and launching aircraft. All levels of experience can participate.

Signups: beginning Monday 8/8 – but not required to participate


Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 13:30-14:15 PDT


Title: HACK THE HEMISPHERE! How we (legally) broadcasted hacker content to all of North America using an end-of-life geostationary satellite, and how you can set up your own broadcast too!
When: Saturday, Aug 13, 13:30 - 14:15 PDT
Where: Caesars Forum - Forum 106-110, 138-139 (Track 2) - Map
Speakers:Karl Koscher,Andrew Green

SpeakerBio:Karl Koscher , Hacker
Karl Koscher is a technology and security generalist with an emphasis on wireless and embedded systems security. As part of his dissertation work at the University of Washington, he and his collaborators were the first to demonstrate a complete remote compromise of a car over cellular, Bluetooth and other channels. He is a co-organizer of the Crypto and Privacy Village and holds an Amateur Extra license.

SpeakerBio:Andrew Green , Hacker
Andrew Green is a multidisciplinary jack of all trades, who specializes in information technology and broadcasting. He brings together many years of unique experiences, with a talent for understanding complex systems on the fly. He currently holds an Advanced amateur radio license, VO1VO.

Description:
The Shadytel cabal had an unprecedented opportunity to legally uplink to and use a vacant transponder slot on a geostationary satellite about to be decommissioned. This talk will explain how we modified an unused commercial uplink facility to broadcast modern HD DVB-S2 signals and created the media processing chain to generate the ultimate information broadcast. You'll learn how satellite transponders work, how HDTV is encoded and transmitted, and how you can create your own hacker event broadcast.

Return to Index    -    Add to    -    ics Calendar file

 

ICSV - Saturday - 10:00-17:59 PDT


Title: Hack the Plan[e]t CTF
When: Saturday, Aug 13, 10:00 - 17:59 PDT
Where: Caesars Forum - Alliance 314 - 319 (ICS Village) - ICS CTF Area - Map

Description:
Hack the Plan[e]t Capture the Flag (CTF) contest will feature Howdy Neighbor and the Industrial Control System (ICS) Range. This first of its kind CTF will integrate both Internet of Things (IoT) and ICS environments with interactive components for competitors to test their skills and knowledge.

Howdy Neighbor is an interactive IoT CTF challenge where competitors can test their hacking skills and learn about common oversights made in development, configuration, and setup of IoT devices. Howdy Neighbor is a miniature home - made to be “smart” from basement to garage. It’s a test-bed for reverse engineering and hacking distinct consumerfocused smart devices, and to understand how the (in)security of individual devices can implicate the safety of your home or office, and ultimately your family or business. Within Howdy Neighbor there are over 25 emulated or real devices and over 50 vulnerabilities that have been staged as challenges. Each of the challenges are of varying levels to test a competitors ability to find vulnerabilities in an IoT environment. Howdy Neighbor’s challenges are composed of a real and simulated devices controlled by an App or Network interface and additional hardware sensors; each Howdy Neighbor device contains 1 to 3 staged vulnerabilities which when solved present a key for scoring/reporting that it was discovered.

In the same vein, this CTF challenge will also leverage the ICS Village’s ICS Ranges including physical and virtual environments to provide an additional testbed for more advanced challenges in critical infrastructure and ICS environments. There will be integrated elements from DHS/CISA with their ranges that are realistically miniaturized assets (ie operational oil and natural gas pipeline, etc.).


Return to Index    -    Add to    -    ics Calendar file

 

ASV - Saturday - 12:00-16:59 PDT


Title: Hack-A-Sat Aerospace PiSat Challenge
When: Saturday, Aug 13, 12:00 - 16:59 PDT
Where: Caesars Forum - Forum 112-117 (Aerospace Village) - Map

Description:
Engineers at the Aerospace Corporation are hosting a CTF using the PiSat platform (check out the PiSat Workshop also in the Aerospace Village). Teams will command a PiSat via a COSMOS web GUI and complete challenges, which will be announced during the event. The CTF will primarily use crosslinks between PiSats to complete tasks including attacking other PiSats. Rounds will last ten minutes each, but teams can stay for up to one hour.

Required gear: bring a laptop (with an ethernet port!) to compete in the contest.

Signups: Sign-ups for the event will be in person each morning from 10am – 12pm and will be first come, first served.


Return to Index    -    Add to    -    ics Calendar file

 

ASV - Saturday - 10:00-16:59 PDT


Title: Hack-A-Sat Digital Twin Workshop
When: Saturday, Aug 13, 10:00 - 16:59 PDT
Where: Caesars Forum - Forum 112-117 (Aerospace Village) - Map

Description:
The Hack-A-Sat team is working hard to build the next competition platform for the Hack-A-Sat 3 (HAS3) Finals competition, where space math, hacking, and satellite operations are interwoven into a realistic space CTF environment. We will be demoing the HAS3 digital twin satellite in the Aerospace Village for participants to experience basic satellite command & control operations and flight software exploitation with two challenges created specifically for DEF CON. This year’s digital twin brings new tools, processor architecture, and physics simulation capabilities that we will be unveiling for the first time.

Required gear: We are hosting the demo on our own hardware so all you need to bring is your own desire to “Learn. Space. Faster”.

Signups: first come first serve, come by the Aerospace Village during its normal operating hours!


Return to Index    -    Add to    -    ics Calendar file

 

CON - Saturday - 16:00-17:59 PDT


Title: Hack3r Runw@y 
When: Saturday, Aug 13, 16:00 - 17:59 PDT
Where: Caesars Forum - Summit 206-208, 238, 237, 234 (Contest Area) - Map

Description:
After 2 years virtual and one in person, we’d like to return to stage for our 4th year where this contest shines best. Hack3r Runw@y brings out all the sheek geeks out there. It encourages rethinking fashion in the eyes of hackers. Be it smartwear, LED additions, obfuscation, cosplay or just everyday wear using fabrics and textures that are familiar to the community. Contestants can enter clothing, shoes, jewelry, hats or accessories. If it can be worn, it is perfect for the runway. For convenience, contestants can enter the contest with designs made ahead of the conference, however it needs to be made by them and not just store bought.

Awards will be handed out in 4 categories and one trophy for the People’s Choice category where the winner is anyone’s guess:

Digital wearable - LED, electronic, passive Smart wear - interactive, temperature sensing, mood changing, card skimmers, etc Aesthetics and More - 3d printed, geeky wear, passive design, obfuscation, cosplay Functional wear - did you bling out your mask and/or shield, have a hazmat suit, lock pick earrings, cufflinks shims Winners will be selected based on, but no limited to:

Uniqueness
Trendy
Practical
Couture
Creativity
Relevance
Originality
Presentation
Mastery

Friday: 2pm – 4pm

Saturday: 4pm – 6pm (or 2 hours before the contest stage and then 1 hr on stage)


Return to Index    -    Add to    -    ics Calendar file

 

IOTV - Saturday - 15:30-15:59 PDT


Title: Hackable Book Signing
When: Saturday, Aug 13, 15:30 - 15:59 PDT
Where: Caesars Forum - Alliance 311, 320 (IoT Village) - Map

SpeakerBio:Ted Harrington
No BIO available

Description:
Get a free signed copy of the #1bestseller Hackable and meet the author!

Return to Index    -    Add to    -    ics Calendar file

 

SOC - Saturday - 20:00-21:59 PDT


Title: Hacker Flairgrounds
When: Saturday, Aug 13, 20:00 - 21:59 PDT
Where: Caesars Forum - Accord Boardroom (Demo Labs) - Map

Description:
The destination for badge collectors, designers, and hardware hacks to celebrate the flashier side of DEF CON. It is a melding of the 1337 and the un1eet interested in hardware and IoT. We see #badgelife, #badgelove, SAOs and badge hacking as a great potential for securing IoT and keeping the power in the hands of the consumer by spreading knowledge about the craft/trade. Those involved should be celebrated for sharing their knowledge. Many of them do not like the limelight, so this gives us a chance to personally say thank you in a chill environment.

Return to Index    -    Add to    -    ics Calendar file

 

SOC - Saturday - 20:00-21:59 PDT


Title: Hacker Jeopardy
When: Saturday, Aug 13, 20:00 - 21:59 PDT
Where: Caesars Forum - Alliance 301-309, 321 (Track 4) - Map

Description:
Hacker Jeopardy, the classic DEF CON game show, is returning for yet another year of answers, questions, NULL beers, and occasionally some impressive feats of knowledge. You don't want to miss this opportunity to encourage the contestants, your fellow Humans, "DON'T FUCK IT UP!

We will be opening auditions, with the call posted on the dfiu.tv website, and linked to DEF CON forums. (promoted on social media)

Track 4
Friday: 2000-2200
Saturday: 2000-2200


Return to Index    -    Add to    -    ics Calendar file

 

SOC - Saturday - 19:30-01:59 PDT


Title: Hacker Karaoke
When: Saturday, Aug 13, 19:30 - 01:59 PDT
Where: Caesars Forum - Forum 133 (Karaoke/Chess) - Map

Description:
For those who love to sing and perform in front of others, we are celebrating our 14th year of Love, Laughter, and Song from 8 PM to 2 AM Friday and Saturday night.

We are open to everyone of any age, and singing is not required.

For more information visit:

https://hackerkaraoke.org or Twitter @hackerkaraoke.


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 16:00-16:59 PDT


Title: HackerOps
When: Saturday, Aug 13, 16:00 - 16:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map

SpeakerBio:Ralph May
No BIO available

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 15:00-15:59 PDT


Title: HackerOps
When: Saturday, Aug 13, 15:00 - 15:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map

SpeakerBio:Ralph May
No BIO available

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 14:00-14:59 PDT


Title: HackerOps
When: Saturday, Aug 13, 14:00 - 14:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map

SpeakerBio:Ralph May
No BIO available

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 13:00-13:59 PDT


Title: HackerOps
When: Saturday, Aug 13, 13:00 - 13:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map

SpeakerBio:Ralph May
No BIO available

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 12:00-12:59 PDT


Title: HackerOps
When: Saturday, Aug 13, 12:00 - 12:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map

SpeakerBio:Ralph May
No BIO available

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 11:00-11:59 PDT


Title: HackerOps
When: Saturday, Aug 13, 11:00 - 11:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map

SpeakerBio:Ralph May
No BIO available

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 10:00-10:59 PDT


Title: HackerOps
When: Saturday, Aug 13, 10:00 - 10:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map

SpeakerBio:Ralph May
No BIO available

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

APV - Saturday - 15:30-16:30 PDT


Title: Hacking & Defending Blockchain Applications
When: Saturday, Aug 13, 15:30 - 16:30 PDT
Where: Flamingo - Twilight Ballroom - AppSec Village - Main Stage - Map
Speakers:Kennashka DeSilva,Aimee Reyes

SpeakerBio:Kennashka DeSilva
Kennashka DeSilva, Cybersecurity Consultant at EY, is highly skilled in building web2 and web3 applications in addition to securing cloud environments. She is passionate about integrating best practices in blockchain security and cloud computing.

SpeakerBio:Aimee Reyes
When not typing "terraform destroy" I build security tooling that intersects with machine learning. Ex-OWASP DevSlop co-host, currrent Women in Cybersecurity and Society of Hispanic Professional Engineers student chapter president.

Description:
Blockchain is a technology that is rapidly gaining widespread adoption; however, security standards, frameworks, or methodologies that incorporate the OWASP principles are not widely available. Frameworks such as OWASP as it relates to Blockchain Application Security (BAS) can ensure accountability, fair participation, and security within the network.

DEFI stands for Decentralized Finance and is an alternate financial universe with a steadily growing catalog of applications that runs autonomously, where users can deposit digital assets and earn returns, borrow, and loan money — still in its infancy. There is an opportunity to increase the quality of life and economic health across the board as currently, the total all-time high exceeds $2t with about $3b lost or stolen through hacks.

What are some components within a blockchain?

Blockchain networks are primarily managed through a peer-to-peer network for use as a publicly distributed ledger. Some components of the blockchain include transaction blocks of data representing each transaction found. The wallet stores your funds and allows a way to buy, sell, swap, and earn cryptocurrencies. Smart Contracts are computer code that automatically executes all or parts of an agreement. Public Key Cryptography, or asymmetric cryptography, is an encryption method that employs two mathematically related numbers.

How does the blockchain work?

Bob wants to send money to Susan. Bob’s transaction gets represented within the block. The block gets broadcasted to every party in the network. The transactions gets confirmed and approved. The block gets appended to the ledger, and Susan receives her funds.

The OWASP Top Ten List is an industry-recognized tool for identifying vulnerabilities in application security. Blockchain Application security has some areas of opportunity for correlating OWASP to the blockchain to help discover potential vulnerabilities in blockchain systems.

Here is a list of OWASP's top ten vulnerabilities as it relates to blockchain applications:

A01:2021 – Broken Access Control

Secure implementation of authentication is critical to the DEFI ecosystem. The wide use of browser wallet transaction authorization means that a large attack surface exists.

Examples

Metamask wallet: Signing a transaction to an insecure wallet such as fake projects posing as trusted brands with the average end-users being unable to analyze a smart contract.

Contract Function calls allowing the owner to sign a transaction and allowing bad actors to claim ownership of the digital assets but didn’t check. Solution:

Wallet Access Policy and Implementation

Reading the contract before signing

Researching the credibility of the project

A02:2021-CRYPTOGRAPHIC FAILURES

Cryptographic algorithms within Blockchain Applications can guarantee a high level of privacy for the users. On the other hand, failures in cryptography can be traced to poor management errors.

Examples

Keccak-256 failure (hashing algorithm for accessing addresses in memory or storage).

Multi-signature architecture Failure

Private keys that are not encrypted somehow fell into the hands of the hackers.

A02:2021-CRYPTOGRAPHIC FAILURES DEFENSE

Solution

Life cycle management of cryptographic keys (generation, distribution, destruction)

Ensure geographical dispersion of keys required to sign a transaction.

Implement Identity and Access Management (IAM) controls such as least privilege and zero-trust principles.

A03:2021-INJECTION

Injection attacks occur when the user-supplied is able to insert information into an insecure Blockchain Application API.

Examples
Insecure Blockchain API Smart-contract parsing function that allowed a buffer-out-of-bounds write Unsecure function calls that allow a buffer-out-of-bounds write.

A03:2021-INJECTION DEFENSE

Solution
Test early and often for dynamic queries, escape special characters and etc. Sanitize, validate and filter Leveraging machine learning for signature-based detection and anomaly-based detection.

A04:2021-INSECURE DESIGN

An insecure design flaw in DEFI applications relates to, design patterns flaws in architectures such as weakness in the operation, management of exchanges, and e-wallet services

Insecure Design example:

Double Spending Attacks
Re-entrancy Attacks

A04:2021-INSECURE DESIGN DEFENSE

Solution
Secure Development Lifecycle with CICD principles Secured component library, tooling, and threat modeling.

A05:2021-SECURITY MISCONFIGURATION
DEFI applications allow access to a variety of services in the palm of your hands such as DAO, Trading, Insurance, P2P lending and borrowing, and more. In this case, security misconfigurations in the application could drastically end-users.

Examples

Security features that are not enabled by default such as wallet password protection for browser-based wallets.

DEFI applications rely on third-party outdated libraries such as NPM packages.

A05:2021-SECURITY MISCONFIGURATION DEFENSE

Solutions
Auditing Tools MFA Defense In-Depth Patch Management and Updates An automated testing process to verify the effectiveness of the configurations and settings in all environments.

A06:2021-VULNERABLE AND OUTDATED COMPONENTS

Blockchain systems rely on complex middleware, like Ethereum or Hyperledger Fabric, and ether.js that allow running smart contracts, which specify business logic in cooperative applications.

Examples
Dependency faults lead to the declaration which allows an application to read data

A06:2021-VULNERABLE AND OUTDATED COMPONENTS DEFENSE

Solution
Patch management policy and process for outdated dependencies, unnecessary features, components, files, and documentation. Actively Monitor for external libraries and functions that may be deprecated or within an outdated version.

A07:2021-IDENTIFICATION AND AUTHENTICATION FAILURES

In a decentralized application, it is important to verify the user's identity, authentication, along with user session management to protect against authentication-related attacks.

Examples

Authentication weaknesses in the DEFI application that permit automated attacks such as brute force or other automated attacks No API Authentication Exposed Private Keys from Github Repositories Excessive API data exposure in HTTP requests (GET, POST requests)

A07:2021-IDENTIFICATION AND AUTHENTICATION FAILURES DEFENSE

Solution

Multi-factor authentication (MFA) to prevent automated credential stuffing, brute force, and stolen credential reuse attacks. Strong password Policy Password for users and internal systems API Access Policy, and Attributes to limit requests for Session Manager Policy
Good Testing

A08:2021-SOFTWARE AND DATA INTEGRITY FAILURES

Software and data integrity failures as it relates to blockchain application security hold valuable data that must be kept secret and must be appropriately protected.

Example
A failure to achieve oracle integrity which allows exploitation by malicious actors.

A08:2021-SOFTWARE AND DATA INTEGRITY FAILURES DEFENSE

Solution

Digital signatures or similar mechanisms to verify the software or data is from the expected source and has not been altered. Ensure libraries and dependencies, such as npm, are consuming trusted repositories.

Utilize logs

Change Policies to minimize the chance that malicious code or configuration may be introduced into your software pipeline.

Compliance Frameworks as it relates to personal data protected by privacy laws like the General Data Protection Regulation (GDPR) or the Health Insurance Portability and Accessibility Act (HIPAA)

Centralized or private blockchain implementation

A09:2021-SECURITY LOGGING AND MONITORING FAILURES

Security Logging and Monitoring is currently not widely available for all blockchains such as bitcoin, Ethereum, and others. With proper logging and monitoring mechanism, anomalies can be detected.

For example:

Blockchain explorer auditable events such as high-value transactions failed transactions and etc.

Appropriate alerting thresholds and response escalation processes are not made widely available on all blockchains.

A09:2021-SECURITY LOGGING AND MONITORING FAILURES DEFENSE

Solution
Anomaly Detection and Alerts Real-Time Blockchain Explorer Analysis Ensure that logs are generated in a consumable format leveraged with AI Incident response and recovery policy

A10:2021-SERVER-SIDE REQUEST FORGERY

SSRF flaws as it relates to DEFI Applications occur whenever a web application is receiving resources without validating the user-supplied URL.

Examples

Insecure URL fetching during the enumeration phases of an attack

Untrusted data from the blockchain explorer without validating and sanitizing it first.

Cross-site scripting vulnerabilities that allow crypto-mining malware to be run on the victim’s computer.

A10:2021-SERVER-SIDE REQUEST FORGERY DEFENSE

Solution
Web Application Firewall: Enforce “deny by default” firewall policies. Establish a lifecycle policy for firewall rules based on applications. Log all accepted and blocked network flows on the firewall

Sanitize and validate all client-supplied input data

Enforce strong URL schema

Disallow HTTP redirections

CONCLUSION

Blockchain Application Security (BAS) lacks specific security guidance and resource. The Blockchain may be secure however applications sitting on the blockchain may not. Most Web3 Application have HTML front-ends; in result, security controls correlating to the OWASP Framework centered around traditional web application security is critical.


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 14:00-14:59 PDT


Title: Hacking APIs: How to break the chains of the web
When: Saturday, Aug 13, 14:00 - 14:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map

SpeakerBio:Corey Ball
No BIO available
Twitter: @hAPI_hacker

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 15:00-15:59 PDT


Title: Hacking APIs: How to break the chains of the web
When: Saturday, Aug 13, 15:00 - 15:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map

SpeakerBio:Corey Ball
No BIO available
Twitter: @hAPI_hacker

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

PLV - Saturday - 12:00-13:45 PDT


Title: Hacking Aviation Policy
When: Saturday, Aug 13, 12:00 - 13:45 PDT
Where: Caesars Forum - Summit 224-225 - Policy Collaboratorium - Map
Speakers:Meg King,Pete Cooper,Ayan Islam,Timothy Weston,Ken Munro

SpeakerBio:Meg King , Executive Director for Strategy, Policy Coordination & Innovation, Transportation Security Administration
No BIO available

SpeakerBio:Pete Cooper , Deputy Director Cyber Defence
No BIO available

SpeakerBio:Ayan Islam , R-Street Institute
Ayan Islam is the associate policy director of Cybersecurity and Emerging Threats at R Street Institute and adjunct lecturer of the Cyber Threats and Security policy course at American University’s School of Public Affairs. Previously, she served as the critical infrastructure portfolio lead in the Insights/Mitigation team, the Operation Warp Speed liaison, and cybersecurity strategist for the Aviation Cyber Initiative (ACI) at the Cybersecurity and Infrastructure Security Agency (CISA).

SpeakerBio:Timothy Weston , Deputy Executive Director (acting), Cybersecurity Policy Coordinator, Transportation Security Administration
Tim Weston is the Director for Strategy & Performance in TSA’s office of Strategy, Policy Coordination and Innovation. Mr. Weston also serves as the TSA Cybersecurity Policy Coordinator. Previously, he worked in the TSA Office of Chief Counsel, as Senior Counsel in the Security Threat Assessment Division.

SpeakerBio:Ken Munro , Pentest Partners
Ken Munro is Partner and Founder of Pen Test Partners, a firm of penetration testers with a keen interest in aviation. Pen Test Partners has several pilots on the team, both private and commercial, recognizing that the increase in retired airframes has created opportunities for independent security research into aviation security. Pen Test Partners has been recognized for its highly responsible approach to vulnerability disclosure in aviation and was invited to join the Boeing Cyber Technical Council as a result. Pen Test Partners has published research into aviation cyber security, covering topics from airborne connectivity, avionics hardware, and connectivity with ground systems.

Description:
TSA and DEFCON will host a policy discussion group focused on the current cybersecurity threats to the aviation ecosystem. Discussion will be focused on the increasing threat space focused on airports, airframes, airlines, and air cargo. Additional topics of discussion will focus on cybersecurity work force issues, prioritization of mitigation measures to counter the threats, and how the research community can assist the government and the private sector. The aviation sector policy discussion will be held under Chatham House rules, otherwise known as “what happens in Vegas, stays in Vegas,” with the desired outcome that participants will come away with a better understanding of the threats, possible solutions, and the importance of collaboration to solve these pressing issues. Given the global nature of aviation, we will touch on the partnerships and policy regimes under consideration by the international community.

Return to Index    -    Add to    -    ics Calendar file

 

RFV - Saturday - 11:30-12:30 PDT


Title: Hacking IEEE 802.15.4 Low-Rate Wireless Networks
When: Saturday, Aug 13, 11:30 - 12:30 PDT
Where: Flamingo - Eldorado Ballroom (Radio Frequency Village) - Map

SpeakerBio:Dan Perret
Dan enjoys capturing and manipulating wireless signals, especially when he can turn those signals into new Radio Frequency Capture the Flag (RFCTF) challenges.
Twitter: @_the_RedBaron_

Description:
IEEE 802.15.4 is a standard for Low-Rate Wireless Networks, and defines the physical (PHY) and medium access control (MAC) layers for higher level protocols such as Zigbee and 6LoWPAN to build upon. In this presentation, we will discuss the basics of IEEE 802.15.4, and hardware and software tools to interact with these networks. We will also walk through some of the IEEE 802.15.4 challenges that have been running in the Radio Frequency Capture the Flag (RFCTF) over the last few years, as well as introducing a new IEEE 802.15.4 based challenge.

Return to Index    -    Add to    -    ics Calendar file

 

PLV - Saturday - 10:00-11:45 PDT


Title: Hacking Operational Collaboration
When: Saturday, Aug 13, 10:00 - 11:45 PDT
Where: Caesars Forum - Summit 224-225 - Policy Collaboratorium - Map
Speakers:Brianna McClenon,Hristiana Petkova,Gavin To,David Forscey,Seth McKinnis

SpeakerBio:Brianna McClenon , Joint Cyber Defense Collaborative
No BIO available

SpeakerBio:Hristiana Petkova , Joint Cyber Defense Collaborative
No BIO available

SpeakerBio:Gavin To , Joint Cyber Defense Collaborative
No BIO available

SpeakerBio:David Forscey
No BIO available

SpeakerBio:Seth McKinnis , Joint Cyber Defense Collaborative
No BIO available

Description:
CISA/JCDC leadership will speak on a panel to review the purpose and history of JCDC, and set the scene for the event before attendees begin their own conversations. Following the panel, attendees will split up into four breakout sections and gather in four corners of the room. Each of these groups will divide again to form no more than 5-6 people per discussion group. These small groups will delve into one proposal for a JCDC initiative and discuss for 15-20 minutes, after which they will rotate to the next section/topic. Each conversation will be facilitated by CISA, who play the “champion” for that specific proposal. Topics may include: Transnational Trust Webs (How can JCDC collaborate with researchers, orgs, and partners spread across the globe? Internet security, not just national security); Chaos Engine (How do we turn the Internet into a much more risky place for adversaries? Which hackers have the right data to find adversary infrastructure?); We Want You (How can CISA expand on its past work with individuals on research to integrate volunteer hackers into response operations?); Expect the Worst (What kind of contingencies should CISA prioritize? What planning and preparation can achieve the most leverage if the worst happens?)

Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 17:00-17:45 PDT


Title: Hacking The Farm: Breaking Badly Into Agricultural Devices.
When: Saturday, Aug 13, 17:00 - 17:45 PDT
Where: Caesars Forum - Forum 104-105, 135-136 (Track 1) - Map

SpeakerBio:Sick Codes , Hacker
Ordinary everyday hacker.

Sick Codes is an alleged Australian hacker, who resides somewhere in Asia: I love finding vulns, the thrill of the the 0day, emulation, free software, reverse engineering, standing up for other researchers & fast motorbikes. I hack anything with an electromagnetic pulse, including TV's, cars, tractors, ice cream machines, and more. My heart lies with Free Software but I like to go where no researcher has gone before. My works include Docker-OSX, which regularly trends on GitHub with 22k+ stars, 300k+ downloads.

Twitter: @sickcodes

Description:
Hacking the farm. In this session, I'll demonstrate tractor-sized hardware hacking techniques, firmware extraction, duplication, emulation, and cloning. We'll be diving into how the inner workings of agricultural cyber security; how such low-tech devices are now high-tech devices. The "connected farm" is now a reality; a slurry of EOL devices, trade secrets, data transfer, and overall shenanigans in an industry that accounts for roughly one-fifth of the US economic activity. We'll be discussing hacking into tractors, combines, cotton harvesters, sugar cane and more.

Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 13:00-13:59 PDT


Title: Hacking WebApps with WebSploit Labs
When: Saturday, Aug 13, 13:00 - 13:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map

SpeakerBio:Omar Santos , Principal Engineer
No BIO available
Twitter: @santosomar

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 16:00-16:59 PDT


Title: Hacking WebApps with WebSploit Labs
When: Saturday, Aug 13, 16:00 - 16:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map

SpeakerBio:Omar Santos , Principal Engineer
No BIO available
Twitter: @santosomar

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 15:00-15:59 PDT


Title: Hacking WebApps with WebSploit Labs
When: Saturday, Aug 13, 15:00 - 15:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map

SpeakerBio:Omar Santos , Principal Engineer
No BIO available
Twitter: @santosomar

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

SOC - Saturday - 21:00-01:59 PDT


Title: Hallway Monitor Party - Entertainment
When: Saturday, Aug 13, 21:00 - 01:59 PDT
Where: Caesars Forum - Skybridge Entrance - Map
Speakers:Terrestrial Access Network,Hanz Dwight,DJ Thaad,Yesterday & Tomorrow,Hellacopta

SpeakerBio:Terrestrial Access Network
No BIO available

SpeakerBio:Hanz Dwight
No BIO available

SpeakerBio:DJ Thaad
No BIO available

SpeakerBio:Yesterday & Tomorrow
No BIO available

SpeakerBio:Hellacopta
No BIO available

Description:
21:00 - 22:00: Terrestrial Access Network 22:00 - 23:00: DJ Thaad
23:00 - 00:00: Hellacopta
00:00 - 01:00: Hanz Dwight
01:00 - 02:00: Yesterday & Tomorrow

Return to Index    -    Add to    -    ics Calendar file

 

HRV - Saturday - 11:30-11:59 PDT


Title: Ham Nets 101
When: Saturday, Aug 13, 11:30 - 11:59 PDT
Where: Flamingo - Virginia City II (Ham Radio Village Activities) - Map

SpeakerBio:Jon Marler
Jon is a product manager at Viking Cloud with a true passion for information security. Jon is an amateur radio operator, lockpicker, phreaker, repairer of all things, and maker.
Twitter: @jmarler

Description:
Ham Nets 101 - An introduction to ham nets for operators of all experience levels. Nets are an easy way to get on the air, talk to other hams, and be part of the ham community. Ham nets operate on all bands and often even on local repeaters. If you have a brand new Technician license, or a dusty old Extra, come learn all about what ham nets are and how to participate.

Return to Index    -    Add to    -    ics Calendar file

 

IOTV - Saturday - 10:00-17:59 PDT


Title: Hands on hacking labs
When: Saturday, Aug 13, 10:00 - 17:59 PDT
Where: Caesars Forum - Alliance 311, 320 (IoT Village) - Map

Description:
IoT Hacking 101 is a set of quick, hands-on labs developed to teach the tools techniques for discovering and exploiting some of the common weaknesses found in loT devices today. Whether you're a pentester that has never hacked loT devices or even someone that has never hacked anything (!), these self-guided labs will walk you through all the steps in order to successfully pwn loT.

Return to Index    -    Add to    -    ics Calendar file

 

IOTV - Saturday - 10:00-17:59 PDT


Title: Hands on Hardware Hacking – eMMC to Root
When: Saturday, Aug 13, 10:00 - 17:59 PDT
Where: Caesars Forum - Alliance 311, 320 (IoT Village) - Map

SpeakerBio:Deral Heiland
No BIO available

Description:
Hardware hacking with Rapid7! Rapid7 guided exercises will lead you through the hands-on hardware hacking process to gain root level access to embedded IoT technology. This series of exercises will cover multiple steps including embedded multimedia controller (eMMC) interaction, making binary images copies of flash, interaction with read only squash files systems to unpack and repack systems, and altering startup files systems within the devices’ file system to allow you to eventually gain root level access over SSH.

Return to Index    -    Add to    -    ics Calendar file

 

AIV - Saturday - 11:00-11:50 PDT


Title: Hands-on Hacking of Reinforcement Learning Systems
When: Saturday, Aug 13, 11:00 - 11:50 PDT
Where: Caesars Forum - Summit 228->236 (AI Village) - Map

SpeakerBio:Dr. Amanda Minnich 
No BIO available

Description:
Reinforcement learning (RL) is a class of machine learning where an agent learns the optimal actions to take to achieve short- and long-term objectives in the context of its environment. RL models are everywhere, from enabling autonomous vehicles to drive to assisting in diagnostic decision making in healthcare. They are used to make critical decisions with life-or-death implications, meaning the security and robustness of these models and the machine learning systems they comprise is extremely important.

However, the threat model of these RL systems is not well understood. Traditional network and system security measures are expected to provide some level of protection from threat actors, but if an attacker can get past these, many post-exploitation threat vectors exist in the reinforcement learning model itself, which can be weaponized and lead to disastrous outcomes.

In this talk, I will provide a high-level overview of reinforcement learning and the classes of attacks used to compromise RL systems. I will also present and demo two RL attacks we developed that do not require in-depth machine learning expertise to implement: the initial perturbation attack and the Corrupted Replay Attack (CRA), an attack we created while doing this research. Both of these attacks will be available as part of our open-source toolkit, Counterfit, so attendees can use these attacks against a reinforcement learning model of their choice. Finally, I will speak about my practical experiences in this space, describing the repercussions of an adversary successfully executing these attacks in the wild.

Attendees will walk away from this talk with the knowledge and tools to attack RL models, as well as an appreciation for the importance of properly securing machine learning systems.


Return to Index    -    Add to    -    ics Calendar file

 

PHV - Saturday - 10:00-17:59 PDT


Title: HardWired
When: Saturday, Aug 13, 10:00 - 17:59 PDT
Where: Caesars Forum - Academy 411-414, 420 (Packet Hacking Village) - Map

Description:
New at DEF CON: come play our newest Packet Hacking Village game, HardWired! Don't know how to make a network cable and want to learn? Has it been years? Or do you think you're a pro? Come test your skills against the clock, and make the best cable at con!

Return to Index    -    Add to    -    ics Calendar file

 

SEV - Saturday - 09:00-17:59 PDT


Title: Heroes vs Villians, a SEC Youth Challenge
When: Saturday, Aug 13, 09:00 - 17:59 PDT
Where: LINQ - 3rd flr - Social A (Social Engineering Community) - Map

Description:
CALLING ALL KIDS! Come use your VS super skills and powers to work with a team of heroes SE COMMUNITY YOUTH CHALLENGE or villains.

The balance of good and evil will be determined by individual participants completing various challenges in this ‘Choose Your Own Adventure’ style event. By participating in this event, you will have opportunities to interact and learn from many other incredible villages at DEF CON while at the same time improving your Social Engineering abilities. If successful, you may even have the chance to help your team prevail and become the ultimate Superhero or Supervillain!


Return to Index    -    Add to    -    ics Calendar file

 

DL - Saturday - 14:00-15:55 PDT


Title: hls4ml - Open Source Machine Learning Accelerators on FPGAs
When: Saturday, Aug 13, 14:00 - 15:55 PDT
Where: Caesars Forum - Council Boardroom (Demo Labs) - Map
Speakers:Ben Hawks,Andres Meza

SpeakerBio:Ben Hawks
Ben Hawks is an AI Researcher at Fermi National Accelerator Laboratory, focusing on optimizing and compressing neural networks to be tiny, fast, and accurate for use on FPGAs and other specialized hardware. Since he was young, he’s had a personal interest in computer security, programming, and electronics, and is interested in learning how to make machine learning fair, efficient, and fast. Outside of work, he spends his time messing with electronics, tabletop RPGs, and catering to the whims of a small feline overlord.

SpeakerBio:Andres Meza
Andres Meza is a research and development engineer in the Department of Computer Science and Engineering at the University of California, San Diego. He received a B.S. Computer Science and a B.S. Cognitive Science with a Machine Learning and Neural Computation Specialization from UCSD in 2020. His current research focuses on hardware security, optimization of ML models for hardware deployment, and computer vision.

Description:
Born from the high energy physics community at the Large Hadron Collider, hls4ml is an open-source Python package for machine learning inference in FPGAs (Field Programmable Gate Arrays). It creates firmware implementations of machine learning algorithms by translating traditional, open-source machine learning package models into optimized high level synthesis C++ that can then be customized for your use case and implemented on devices such as FPGAs and Application Specific Integrated Circuits (ASICs). Hls4ml can easily scale the implementation of a model to take advantage of the parallel processing capabilities that FPGAs offer, not only allowing for low latency, high throughput designs, but also designs sized to fit on lower cost, resource constrained hardware. Hls4ml also supports generating accelerators with different drivers that build minimal, self-contained implementations which enable control via Python or C/C++ with little extra development or hardware expertise.

Audience: Hardware, AI, IoT, FPGA


Return to Index    -    Add to    -    ics Calendar file

 

PHV - Saturday - 10:00-17:59 PDT


Title: Honey Pot Workshop
When: Saturday, Aug 13, 10:00 - 17:59 PDT
Where: Caesars Forum - Academy 411-414, 420 (Packet Hacking Village) - Map

Description:
Think you know your way around a honeypot? Come to the Packet Hacking Village for a friendly, fun, low-pressure DEFCON challenge that's open to all! This game is designed for users of all experience levels: bring your own laptop, SSH in, and explore the adventure.

Return to Index    -    Add to    -    ics Calendar file

 

BTV - Saturday - 15:00-15:15 PDT


Title: Horusec - Brazilian SAST help World
When: Saturday, Aug 13, 15:00 - 15:15 PDT
Where: Virtual - BlueTeam Village - Talks

SpeakerBio:Gilmar Esteves
Gilmar works with information security2006. He was a Marine in the Brazilian Navy, worked in large telecom and payments companies. He is currently Vice President of Information Security and coordinates some research fronts in addition to the day to day of Cyber.

Description:
Demonstrate how Horusec can help and how easy it is to get started. Show the evolutions of the latest version and invite people to contribute. Show the case of Log4j where we became Top Trend on Twitter because of the detection and after that several big companies started using it.

Demonstrate from installation to configuration to detection and how AppSec and BlueTeam times can benefit.

Presentation of the Horusec tool (https://github.com/ZupIT/horusec) that was developed by ZUP IT in Brazil to help companies identify security problems in the most common languages still in a development environment or the IDE.


Return to Index    -    Add to    -    ics Calendar file

 

CON - Saturday - 10:00-17:59 PDT


Title: Hospital Under Siege
When: Saturday, Aug 13, 10:00 - 17:59 PDT
Where: Flamingo - Laughlin I,II,III (Biohacking Village) - Map

Description:
Hospital Under Siege is a scenario-driven Capture the Flag contest run by the Biohacking Village, pitting teams of participants against adversaries and against a clock, to protect human life and public safety. Participants will compete against each other on both real and simulated medical devices, in the fully immersive Biohacking Village: Device Lab, laid out as a working hospital. Teams of any size are welcome, as are players from all backgrounds and skill levels. Challenges will be tailored for all skill levels and draw from expertise areas including forensics, RF hacking, network exploitation techniques, web security, protocol reverse engineering, hardware hacking, and others.

You will hack actual medical devices and play with protocols like DICOM, HL7 and FHIR.

Visit https://www.villageb.io/capturetheflag for more information.


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 16:00-16:59 PDT


Title: How Most Internal Networks are Compromised: A Set of Common Active Directory Attacks and How to Perform Them from Linux
When: Saturday, Aug 13, 16:00 - 16:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map

SpeakerBio:Scott Brink
No BIO available
Twitter: @_sandw1ch

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 14:00-14:59 PDT


Title: How Most Internal Networks are Compromised: A Set of Common Active Directory Attacks and How to Perform Them from Linux
When: Saturday, Aug 13, 14:00 - 14:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map

SpeakerBio:Scott Brink
No BIO available
Twitter: @_sandw1ch

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 15:00-15:59 PDT


Title: How Most Internal Networks are Compromised: A Set of Common Active Directory Attacks and How to Perform Them from Linux
When: Saturday, Aug 13, 15:00 - 15:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map

SpeakerBio:Scott Brink
No BIO available
Twitter: @_sandw1ch

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 13:00-13:59 PDT


Title: How Most Internal Networks are Compromised: A Set of Common Active Directory Attacks and How to Perform Them from Linux
When: Saturday, Aug 13, 13:00 - 13:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map

SpeakerBio:Scott Brink
No BIO available
Twitter: @_sandw1ch

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

BHV - Saturday - 16:30-17:59 PDT


Title: How to Build DIY Lifesaving Medical Devices
When: Saturday, Aug 13, 16:30 - 17:59 PDT
Where: Flamingo - Laughlin I,II,III (Biohacking Village) - Map
Speakers:Mixæl S. Laufer,Abraxas,Zac Shannon,Four Thieves Vinegar Collective

SpeakerBio:Mixæl S. Laufer
Mixæl Swan Laufer worked in mathematics and high energy physics until he decided to tackle problems of global health and human rights. He continues to work to make it possible for people to manufacture their own medications and devices at home by creating public access to tools and information.
Twitter: @MichaelSLaufer

SpeakerBio:Abraxas
Abraxas has taken a break from poetry and geometry to defend human rights on the global health stage. He likes burgers, and his favorite color is probably chartreuse.

SpeakerBio:Zac Shannon
Zac Shannon is a grinder and multi-hobbyist. He receives gratification from applying lessons learned from one field of interest to another, especially when it results in the improvement in the lives of others.

SpeakerBio:Four Thieves Vinegar Collective
No BIO available
Twitter: @4ThievesVinegar

Description:
Over the course of the past two years, our group has finished a number of projects which allow for people to take control of their own health. Automatic external defibrillators can cause someone who is in [certain types of] cardiac arrest to merely wake up, but only if they get it soon enough. However, they cost thousands of dollars. We have an open-source version which can be built for $500 by any mid-level hobbyist, and meets all CE and FDA requirements. Additionally, we have adjoint tools for the AED which increase the save rate, and reduce the likelihood of brain damage. We also have an open-source DIY automated chemical reactor, with which people can manufacture their own drugs. We will be demonstrating the device and releasing complete instructions and programs for it, including one which makes Narcan out of Vicodin. Lastly, we will have a live demonstration, and give public online access to an AI which can discover drug synthesis pathways. Come see all this and more, as we release detailed documentation explaining how to build devices yourself which can save your life.

Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 11:00-11:45 PDT


Title: How To Get MUMPS Thirty Years Later (or, Hacking The Government via FOIA'd Code)
When: Saturday, Aug 13, 11:00 - 11:45 PDT
Where: Caesars Forum - Alliance 301-309, 321 (Track 4) - Map

SpeakerBio:Zachary Minneker , Senior Security Engineer, Security Innovation
Zachary Minneker is a senior security engineer and security researcher at Security Innovation. His first computer was a PowerPC Macintosh, an ISA which he continues to defend to this day. At Security Innovation, he has performed security assessments on a variety of systems, including robots for kids, audio transcription codecs, and electronic medical systems. He has previous experience administrating electronic medical systems, and deep experience in fuzzing, reverse engineering, and protocol analysis. His research has focused on techniques for in-memory fuzzing, IPC methods, and vulnerability discovery in electronic medical record systems and health care protocols. In his free time he works on music and synthesizers.
Twitter: @seiranib

Description:
In the 60s, engineers working in a lab at Massachusettes General Hospital in Boston invented a programming environment for use in medical contexts. This is before C, before the Unix epoch, before the concept of an electronic medical records system even existed. But if you have medical records in the US, or if you've banked in the US, its likely that this language has touched your data. Since the 1960s, this language has been used in everything from EMRs to core banking to general database needs, and even is contained in apt to this day.

This is the Massachusettes General Hospital Utility Multi-Programming System. This is MUMPS.

This talk covers new research into common open-source MUMPS implementations, starting with an application that relies on MUMPS: the Department of Veterans Affairs' VistA EMR. We’ll cover a short history of VistA before diving into its guts and examining MUMPS, the language that VistA was written in. Then we'll talk about 30 memory bugs discovered while fuzzing open source MUMPS implementations before returning to VistA to cover critical vulnerabilities found in credential handling and login mechanisms. We'll close by taking a step back and asking questions about how we even got here in the first place, the right moves we made, and what we can do better.


Return to Index    -    Add to    -    ics Calendar file

 

BHV - Saturday - 11:00-11:59 PDT


Title: How to Leverage MDS2 Data for Medical Device Security
When: Saturday, Aug 13, 11:00 - 11:59 PDT
Where: Flamingo - Laughlin I,II,III (Biohacking Village) - Map

SpeakerBio:Jeremy Linden
Jeremy Linden is Sr. Director, Product Management at Asimily. He has over 15 years of experience in the cybersecurity industry as a product manager, engineer, and security analyst. Prior to Asimily, he led product management teams at Expanse, OpenDNS, and other security companies.
Twitter: @jeremydlinden

Description:
The Manufacturers Disclosure Statement for Medical Device Security, or MDS2, has become increasingly ubiquitous as a source of information about the security capabilities of IoMT devices, but many organizations still find operationalizing the information contained within to be challenging. In this talk, learn how to best analyze the MDS2 form to gather security data, and how to leverage the data contained within the MDS2 form to improve your IoMT security posture across the device lifecycle, both for pre-procurement risk assessments and post-procurement management and hardening.

Return to Index    -    Add to    -    ics Calendar file

 

ASV - Saturday - 13:00-13:50 PDT


Title: Hunting for Spacecraft Zero Days Using Digital Twins
When: Saturday, Aug 13, 13:00 - 13:50 PDT
Where: Caesars Forum - Forum 112-117 (Aerospace Village) - Map

SpeakerBio:Brandon Bailey
Brandon Bailey is a pen-tester for gov and commercial sector and has worked in space cybersecurity for about 8years. He previously was a presenter at the Aerospace Village in 2020 and 2021. He has worked for NASA for over 10 years and was awarded NASA’s Exceptional Service Medal for landmark cybersecurity work in 2019. Brandon currently work with Aerospace Corp.

Description:
To ensure spacecraft architectures and software are built with security and resiliency, a focus on high-fidelity digital twins, purpose built for the testing need is recommended to perform research-based cyber evaluation and testing. This presentation will demonstrate how to use high fidelity digital twins for advanced cyber research. Focus will be applied on PowerPC750 environment.

Return to Index    -    Add to    -    ics Calendar file

 

BTV - Saturday - 14:15-14:45 PDT


Title: Hunting Malicious Office Macros
When: Saturday, Aug 13, 14:15 - 14:45 PDT
Where: Virtual - BlueTeam Village - Talks

SpeakerBio:Anton Ovrutsky
Anton is a BSides Toronto speaker, C3X volunteer, and an OSCE, OSCP, CISSP, CSSP certificate holder. Anton enjoys the defensive aspects of cybersecurity and loves logs and queries.

Description:
The talk will cover the following areas:

When reviewing threat intelligence reports it is common to see malicious Office macros of various types used as an initial access vector. Recently, Microsoft announced big changes to Office behavior in the context of malicious macros. However, organizations still struggle with detecting malicious macros which is often a prerequisite for implementing any type of hardening changes. The aim of this talk is to address this gap and provide guidance on how to detect malicious macro usage in environments and highlight the necessary steps to ensure systems are properly hardened against this threat.


Return to Index    -    Add to    -    ics Calendar file

 

WS - Saturday - 14:00-17:59 PDT


Title: Hybrid Phishing Payloads: From Threat-actors to You
When: Saturday, Aug 13, 14:00 - 17:59 PDT
Where: Harrah's - Copper (Workshops) - Map
Speakers:Jon Christiansen,Magnus Stubman

SpeakerBio:Jon Christiansen , Red Team Lead
Jon is the Red Team lead for Mandiant Europe. After spending a decade as a hands-on keyboard Red Teamer and malware dev, he recently took a step back to focus more on capability development and team expansion. He founded the APT66 research project team at Mandiant and currently focuses research interest in the latest bypass techniques, threat actor malware and in finding new ways to jump the IT/OT barrier.

SpeakerBio:Magnus Stubman , Red Team
Magnus is part of the European Red Team at Mandiant and the APT66 project. He currently resides within the groups Malware team where he specializes in research and application of offensive techniques in both overt and covert engagements, discovering zero days and custom C2 techniques for the team. His other focuses is on adversarial simulation of FIN & APT groups via enactment of known (and not so known) TTPs, incorporating the known bad into something that can be used as a force of good.

Description:
The hard outer shell of cyber defenses often give way to a soft, gooey and easy-to-exploit centre, but all the lateral movement and escalation techniques in the world, isn’t going to be worth anything if initial access cannot be secured. For threat actors and Red Teamer’s alike, getting over that initial hurdle can be a long, arduous task with little hope of success and phishing in particular is often the bane of any aspiring attacker. Between EDRs, email scanner solutions, payload fingerprinting… what do you do?

This workshop has been developed with the aim of giving participants hands-on experience working with sophisticated payloads and techniques used by nation-state threat actors. Armed with payload automation tools, participants will learn to implement novel bypass techniques to circumvent state of the art anti-malware security products, both network-based and host-based technical controls, and iteratively improve their payloads throughout.

Topics will include:
* Multiple payload formats, the advantages and disadvantages * Combining phishing techniques
* Automation, obfuscation and creation of payloads for quick turn around * How to Improve payloads based on information gathered from earlier attacks * Extracting technical information from threat actor intelligence breakdowns

Materials
Just the laptop
Prereq
Laptop with ability to connect to local network and run 1 VM requiring 4GB of memory Some understanding of phishing and what a payload is also a good idea Experience with creating / modifying tools from source code will also help

Return to Index    -    Add to    -    ics Calendar file

 

ICSV - Saturday - 18:30-21:59 PDT


Title: ICS Village Charity BBQ
When: Saturday, Aug 13, 18:30 - 21:59 PDT
Where: Other/See Description

Description:
ICS Village will be hosting a #unicornchef (check out the show that has included interviews with recipes with folks like Chris Krebs) catered BBQ with a select group of great people in our community. As always, our events adhere to a safe space policy including lots of non-alcoholic options. There will be a pool so bring your swim trunks and a towel! All proceeds go to the ICS Village 501c3 non-profit.

View more information, and get a ticket to the ICS Village Charity BBQ, here: https://www.eventbrite.com/e/ics-village-charity-bbq-tickets-391293578627


Return to Index    -    Add to    -    ics Calendar file

 

PLV - Saturday - 10:00-11:45 PDT


Title: Imagining a cyber policy crisis: Storytelling and Simulation for real-world risks
When: Saturday, Aug 13, 10:00 - 11:45 PDT
Where: Caesars Forum - Summit 226-227 - Policy Roundtable - Map
Speakers:Nina Kollars,Winnona DeSombre,Safa Shahwan Edwards

SpeakerBio:Nina Kollars , Department of Defense
No BIO available

SpeakerBio:Winnona DeSombre
No BIO available

SpeakerBio:Safa Shahwan Edwards , Deputy Director, Cyber Statecraft Initiative, Atlantic Council
No BIO available

Description:
Story time for hackers. The importance of storytelling and simulation for teaching and training policymakers including a scenario from the Atlantic Council Cyber 9/12 program and other comparable efforts. Hear from panelists on how they construct stories and simulations for policymakers, from short from prose to war games to student competitions. This panel draws on the hacking community’s rich history of storytelling through fiction, graphic art, and more to demonstrate the practical importance of shaping ideas in policy debates. This session complements an otherwise heavy emphasis throughout the track on ideas over the medium itself. Panelists would also discuss their approach to breaking down a complicated issue or problem in order to represent its core themes, challenges, and opportunities especially for policymakers.

Return to Index    -    Add to    -    ics Calendar file

 

APV - Saturday - 12:00-12:59 PDT


Title: Implementing E2E multi-client communication (for fun, work or profit) - what could go wrong?
When: Saturday, Aug 13, 12:00 - 12:59 PDT
Where: Flamingo - Twilight Ballroom - AppSec Village - Main Stage - Map

SpeakerBio:Nicolas Boeckh
Nicolas (he/they) is a developer, a fervent information security enthusiast alongside being a student in information systems security.

They help manage a community called Digital Overdose, organize a conference and CTFs and help out where they can.


Description:
End-to-end encryption is a concept we've been hearing about a lot these last few years, and has gained a lot of prominence in the public eye due to various platforms (WhatsApp, Signal, Telegram) implementing a variation of it.

In this talk I want to cover E2E encryption in detail, it's usages, as well as why everyone keeps saying to "never roll your own crypto".

General Outline:
The presentation will try in a first part to demystify various aspects of E2E-encryption, describing various algorithms that are used to that extent, and where they are primarily used.

The second part will focus on the various usages of E2E encryption and why countries and organizations are fighting against it. It will also go into detail about what that means for the average person, versus what that means for various categories of individuals, such as for example journalists or criminals.

The third and most extensive part will involve diving into a custom - but not by any means secure - implementation of E2E encryption that was "made for fun" (to learn more about cryptography) and seeing what concepts are implemented. This is to take a look at how theory - as seen in books - often distances itself from practice, and what pitfalls one can easily find themselves falling into when trying to implement such algorithms.


Return to Index    -    Add to    -    ics Calendar file

 

ICSV - Saturday - 10:00-10:59 PDT


Title: Industry 4.0 and the MTS of the Future – Convergence, Challenges and Opportunities [[MARITIME]]
When: Saturday, Aug 13, 10:00 - 10:59 PDT
Where: Caesars Forum - Alliance 314 - 319 (ICS Village) - Map

SpeakerBio:Zac Staples , Founder & CEO
Zac Staples is the Founder and CEO of Fathom5, an emerging global leader in industrial technology headquartered in Austin, Texas. Before launching Fathom5, Zac served in the U.S. Navy for over two decades, culminating a long career of shipboard service as Director of the Center for Cyber Warfare at the Naval Postgraduate School in Monterey, California. He brings a lifelong focus on mission-critical systems and high reliability under extreme conditions.

Description:
The maritime transportation system (MTS) today is realizing a sea change in the entire ecosystem due to digitalization, a technological leap that is transforming the industry and redefining our sometimes ancient processes. Digitalization is enabled by the integration of advanced computing and sensor technologies, industrial control systems (ICS) and operational technology (OT), digital processing and telecommunications capabilities, and data analytics. These new and improved capabilities will change all aspects of the maritime industry, including enabling partially and fully autonomous vessels and operations. This is the intersection of the MTS and Industry 4.0. With these advances, we see myriad new opportunities for research and study, economic and environmental benefits, industry optimization, and sustainability. Of course, this new capability totally depends upon reliable access to quality information. Without adequate cybersecurity protections, the benefits of this technological convergence implodes and, instead, becomes an existential threat to the industry and every nations' food, energy, economic, and national security.

Return to Index    -    Add to    -    ics Calendar file

 

DL - Saturday - 10:00-11:55 PDT


Title: Injectyll-HIDe: Pushing the Future of Hardware Implants to the Next Level
When: Saturday, Aug 13, 10:00 - 11:55 PDT
Where: Caesars Forum - Council Boardroom (Demo Labs) - Map
Speakers:Jonathan Fischer,Jeremy Miller

SpeakerBio:Jonathan Fischer
Jonathan Fischer is a hardware and IoT security enthusiast that started off designing, programming, and implementing electronic controls for industrial control systems and off-highway machinery. After a decade in that industry, Jonathan obtained his BS in Computer Science and transitioned over to the cyber security industry where he has been working as a Red Team consultant and researcher for more than five years at a Fortune 500. Since joining the cyber security industry, Jonathan has since earned various industry certifications (OSCP, GPEN, etc.) and continues to leverage his unique experience in his research into hardware hacking.

SpeakerBio:Jeremy Miller
Jeremy Miller is a 12+ year security professional that has worked in various industries including life-sciences, finance, and retail. Jeremy has worked both sides of the security spectrum ranging from Security Research, Red Teaming and Penetration Testing to Threat Intelligence and SOC Analyst. Jeremy currently works as a Security Technical Lead for an emerging R&D Life Science Platform where he works on product and infrastructure security.

Description:
Enterprises today are shifting away from dedicated workstations, and moving to flexible workspaces with shared hardware peripherals. This creates the ideal landscape for hardware implant attacks; however, implants have not kept up with this shift. While closed source, for-profit solutions exist and have seen some recent advances in innovation, they lack the customization to adapt to large targeted deployments. Open-source projects exist but focus more on individual workstations (dumb keyboards/terminals) relying on corporate networks for remote control. Our solution is an open source, hardware implant which adopts IoT technologies, using non-standard channels to create a remotely managed mesh network of hardware implants. Attendees will learn how to create a new breed of open-source hardware implants. Topics covered in this talk include the scaling of implants for enterprise takeover, creating and utilizing a custom C2 server, a reverse shell that survives screen lock, and more. They will also leave with a new platform from which to innovate custom implants. Live demos will be used to show these new tactics against real world infrastructure. This talk builds off of previous implant talks but will show how to leverage new techniques and technologies to push the innovation of hardware implants forward evolutionarily.

Audience: Offense and Red Teams with a focus on a hardware approach


Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 17:00-17:45 PDT


Title: Internal Server Error: Exploiting Inter-Process Communication with new desynchronization primitives
When: Saturday, Aug 13, 17:00 - 17:45 PDT
Where: Caesars Forum - Academy 401-410, 421 (Track 3) - Map

SpeakerBio:Martin Doyhenard , Security Researcher at Onapsis
Martin is a security researcher at the Onapsis Research Labs. His work includes performing security assessment on SAP and Oracle products and detecting vulnerabilities in ERP systems. His research is focused on Web stack security, reverse engineering and binary analisis, and he is also an active CTF player.

Martin has spoken at different conferences including DEFCON, RSA, HITB and EkoParty, and presented multiple critical vulnerabilities.

Twitter: @tincho_508

Description:
In this talk I will show how to reverse engineer a proprietary HTTP Server in order to leverage memory corruption vulnerabilities using high level HTTP protocol exploitation techniques. To do so, I will present two critical vulnerabilities, CVE-2022-22536 and CVE-2022-22532, which were found in SAP's proprietary HTTP Server, and could be used by a remote unauthenticated attacker to compromise any SAP installation in the world.

First, I will explain how to escalate an error in the request handling process to Desynchronize data buffers and hijack every user’s account with Advanced Response Smuggling. Furthermore, as the primitives of this vulnerability do not rely on header parsing errors, I will show a new technique to persist the attack using the first Desync botnet in history. This attack will prove to be effective even in an “impossible to exploit” scenario: without a Proxy!

Next I will examine a Use-After-Free in the shared memory used for Inter-Process Communication. By exploiting the incorrect deallocation, I will show how to tamper messages belonging to other TCP connections and take control of all responses using Cache Poisoning and Response Splitting theory.

Finally, as the affected buffers could also contain IPC control data, I will explain how to corrupt memory address pointers and end up obtaining RCE.


Return to Index    -    Add to    -    ics Calendar file

 

PLV - Saturday - 16:00-17:45 PDT


Title: International Government Action Against Ransomware
When: Saturday, Aug 13, 16:00 - 17:45 PDT
Where: Caesars Forum - Summit 224-225 - Policy Collaboratorium - Map
Speakers:Irfan Hemani,Adam Dobell,Jen Ellis

SpeakerBio:Irfan Hemani , Deputy Director - Cyber Security, Cyber Security and Digital Identity Directorate, UK Department for Digital, Culture, Media and Sport
No BIO available

SpeakerBio:Adam Dobell , First Secretary, Department of Home Affairs, Embassy of Australia
No BIO available

SpeakerBio:Jen Ellis , Vice President of Community and Public Affairs
No BIO available

Description:
Ransomware attacks continue to abound and various governments around the world are very active on combatting this issue. This session would bring some of them together to discuss what's being done and where it needs to go. It's been a little over a year since the Colonial Pipeline, HSE, and JBS attacks put ransomware firmly on the agenda as a threat to national security and economic stability. Since then, we've seen ransomware attacks become more openly politicized. We're also seen the White House and G7 both host international government forums to identify collaborative actions to tackle the threat. We've also seen new sanctions, public/private initiatives, bounties for criminals, and various other government actions introduced to make life for cybercriminals harder. This session brings together multiple govs to talk about what's being done, what results have been seen, and where we're headed next. They will start off covering these points and then open to the audience for questions and open discussion on next steps and impacts.

Return to Index    -    Add to    -    ics Calendar file

 

SKY - Saturday - 13:50-15:40 PDT


Title: INTERNET WARS 2022: These wars aren't just virtual
When: Saturday, Aug 13, 13:50 - 15:40 PDT
Where: LINQ - BLOQ (SkyTalks 303) - Map
Speakers:Gadi Evron,Bryson Bort,Cheryl Biswall,Chris Kubecka,Harri Hursti,Jivesx,Russ Handorf

SpeakerBio:Gadi Evron
Gadi Evron is the Innovation Domain Lead at Citi and co-wrote the post-mortem for “the first Internet war”, in Estonia (2007).
Twitter: @gadievron

SpeakerBio:Bryson Bort
Bryson is the Founder of SCYTHE, a start-up building a next generation attack emulation platform, and GRIMM, a cybersecurity consultancy, and Co-Founder of the ICS Village, a non-profit advancing awareness of industrial control system security. He is a Senior Fellow with the Atlantic Council’s Cyber Statecraft Initiative, the National Security Institute, and an Advisor to the Army Cyber Institute. As a U.S. Army Officer, he served as a Battle Captain and Brigade Engineering Officer in support of Operation Iraqi Freedom before leaving the Army as a Captain. He was recognized as one of the Top 50 in Cyber in 2020 by Business Insider.

Bryson received his Bachelor of Science in Computer Science with honors from the United States Military Academy at West Point. He holds a Master’s Degree in Telecommunications Management from the University of Maryland, a Master’s in Business Administration from the University of Florida, and completed graduate studies in Electrical Engineering and Computer Science at the University of Texas.

Twitter: @brysonbort

SpeakerBio:Cheryl Biswall
Cheryl Biswas is a strategic Cyber Threat Intelligence Specialist at a major bank, a founder of The Diana Initiative and was featured in “Tribe of Hackers: Cybersecurity Advice from the Best Hackers in the World.”
Twitter: @3ncr1pt3d

SpeakerBio:Chris Kubecka
CEO of cyber warfare incident management company in The Netherlands and Distinguished Chair for a Cyber Security program in the US Program. Advises the multiple governments, militaries, television and documentary technical advisor as a subject matter expert on cyber warfare national defense. Author of OSINT books and USAF military combat veteran, former military aircrew, and USAF Space Command. Defends critical infrastructure and handles country level cyber incidents, cyberwarfare, and cyber espionage. Lives and breathes IT/IOT/ICS SCADA control systems security. Hacker since the age of 10 and was in Kiev when the war started.
Twitter: @SecEvangelism

SpeakerBio:Harri Hursti
Harri Hursti is a founder of Nordic Innovation Labs and the Voter Village. His work has been featured in two HBO documentaries, the latest being "Kill Chain: The Cyber War on America's Elections."
Twitter: @HarriHursti

SpeakerBio:Jivesx
Jivesx is a 20 year veteran of network security, forensics and privacy in open higher ed environments. In his free time he tries to support the infosec community by volunteering, organizing, or just being a pest at multiple cons and villages.
Twitter: @jivesx

SpeakerBio:Russ Handorf
Dr. Russell Handorf currently is an agent of chaos at Twitter. He is also recovering fed after ten years of service defending the USA and other countries in a variety of matters. He’s done a lot of other odd things here and there, but that isn’t important. Let’s just have a conversation, but you’ll have to endure my dad jokes.
Twitter: @dntlookbehindu

Description:
It's been a long 12 years since the last time an Internet Wars panel was held at DEF CON, in that time a lot has changed, and a lot has not. This panel will bring together representatives from multiple industries and with a breadth of experiences discuss current trends and topics in internet security and the way those are playing out in both the cyber and the physical realm.

This discussion will start with an introductory presentation on some of the latest trends in digital security, threat intel, disinformation, and APTs. Further we will be discussing how cyber threats are being weaponized in the Russian attacks on Ukraine. From there we'll move into questions and answers from the audience. Panelists will accept questions on any subject related to the threat landscape, IoT and ICS threats, internet warfare and will discuss what we expect is coming and how we, as an industry, can best deal with it.


Return to Index    -    Add to    -    ics Calendar file

 

LPV - Saturday - 10:15-10:45 PDT


Title: Intro to Lockpicking
When: Saturday, Aug 13, 10:15 - 10:45 PDT
Where: Caesars Forum - Summit 203-204, 235 (Lock Pick Village) - Map

SpeakerBio:TOOOL
No BIO available

Description:
New to lock picking? Haven't picked in a year and need a refresher? Don't know a half-diamond from a turner? This talk is for you! Join one of our knowledgeable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.

Return to Index    -    Add to    -    ics Calendar file

 

LPV - Saturday - 16:00-16:30 PDT


Title: Intro to Lockpicking
When: Saturday, Aug 13, 16:00 - 16:30 PDT
Where: Caesars Forum - Summit 203-204, 235 (Lock Pick Village) - Map

SpeakerBio:TOOOL
No BIO available

Description:
New to lock picking? Haven't picked in a year and need a refresher? Don't know a half-diamond from a turner? This talk is for you! Join one of our knowledgeable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.

Return to Index    -    Add to    -    ics Calendar file

 

LPV - Saturday - 13:00-13:30 PDT


Title: Intro to Lockpicking
When: Saturday, Aug 13, 13:00 - 13:30 PDT
Where: Caesars Forum - Summit 203-204, 235 (Lock Pick Village) - Map

SpeakerBio:TOOOL
No BIO available

Description:
New to lock picking? Haven't picked in a year and need a refresher? Don't know a half-diamond from a turner? This talk is for you! Join one of our knowledgeable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.

Return to Index    -    Add to    -    ics Calendar file

 

CPV - Saturday - 11:00-11:30 PDT


Title: Introducing the Abusability Testing Framework (V1)
When: Saturday, Aug 13, 11:00 - 11:30 PDT
Where: Flamingo - Vista Ballroom (Crypto Privacy Village) - Map
Speakers:Nicole Chi,Avi Zajac,Ji Su Yoo

SpeakerBio:Nicole Chi
Nicole Chi (@nchisays, she/her) is currently a product manager working on Trust & Safety features, and the creator of Algorithm Unwrapped, a project to help people make sense of algorithmic content harms. She formerly worked on environmental restoration products and digital capacity building for nonprofits.
Twitter: @nchisays

SpeakerBio:Avi Zajac
Avi (@_llzes, Avi/they/he) is a privacy-focused hacker. They love rabbits, cheesecake, and cute things like privacy and security, locksport, cryptography. They builds mission-driven products; help individuals and organisations protect their privacy and safety; and enjoy making and breaking things for a more equitable world.

SpeakerBio:Ji Su Yoo
Ji Su (@JiSuYoo1, she/her) is a PhD at UC Berkeley’s School of Information and former researcher at the Harvard Data Privacy Lab.
Twitter: @JiSuYoo1

Description:
Are you concerned about how your products may be used for harm: intentionally or unintentionally? We introduce core concepts of abusability testing from our first public framework release, so you can walk away with an understanding of what abusability testing is, understand how to incorporate it, and learn how to alleviate harm in your own products with actionable steps.

Return to Index    -    Add to    -    ics Calendar file

 

ASV - Saturday - 12:00-12:50 PDT


Title: Introduction to Aircraft Networks and Security Design Considerations
When: Saturday, Aug 13, 12:00 - 12:50 PDT
Where: Caesars Forum - Forum 112-117 (Aerospace Village) - Map

SpeakerBio:Sean Sullivan , Chief Engineer for Cabin, Network Systems and Product Security
Sean Sullivan is the Boeing Commercial Airplanes Chief Engineer for Cabin, Network Systems and Product Security. Sullivan held multiple positions in Boeing over a career of 34 years.

Description:
How is a commercial aircraft’s avionics network designed? How is an aircraft architecture integrated with an avionics network? Come learn about complexity of the aviation systems environment, aircraft design security requirements, design assurance levels, and lastly dive deep from a cyber perspective into an aircraft environment we are all familiar with: the passenger cabin.

Return to Index    -    Add to    -    ics Calendar file

 

CON - Saturday - 10:00-17:59 PDT


Title: IoT Village CTF (the CTF formally known as SOHOplessly Broken)
When: Saturday, Aug 13, 10:00 - 17:59 PDT
Where: Caesars Forum - Alliance 311, 320 (IoT Village) - Map

Description:
The IoT Village CTF has over 30+ devices and challenges to find and exploit vulnerabilities in real IoT devices. Players, or teams up to 6 people, can register and compete against one another to win great prizes!. With an overall focus on real-life consequences, this year's CTF is the newest and best IoT Village CTF yet! The challenges will require creative thinking, knowledge in networking, and competency in exploit development to claim the top prize. Prizes will be awarded to the top 3 teams/players at the end of the event

IoT Village Hacking CTF is hosted in IoT Village, teams of 1-6 players access a local network filled with IoT devices primed to be exploited. You will compete against others by successfully exploiting real IoT products and finding the hidden flags in each. The hacking contest features more than 30 real-world, vulnerable IoT devices.

This event has been redesigned to include challenges which highlight tangible impacts when exploiting real vulnerabilities on real IoT devices. Hidden in the network are devices which require advanced skills to exploit or require creative attack chaining to find the flag. Players will encounter unique hacking scenarios like, exfiltrating files off a NAS to find “clues” or bypassing a router firewall to access a camera on a hidden network to “see” a flag. Prepare to outwit, see, sneak, move, and listen your way through these hidden scenarios which have a cyber-physical effect.

The IoT devices in the contest are not simulated and do not contain contrived/made-up vulnerabilities. Competitors must figure out what real-world vulnerabilities exist in these devices and exploit them to get a shell and find the flag. This is what makes the IoT Village CTF special.

This 3-time DEF CON Black Badge awarded contest CTF is open to anyone! Our contest provides a wonderful experience to learn more about security and test your skills, and the IoT CTF provides the most realistic hacking experience around!

A few devices are approachable for entry level people to experience getting their first root shell, but to win this CTF your team must perform detailed network reconnaissance, lateral pivoting, vulnerability research, hardware hacking, firmware analysis, reverse engineering, and exploit development.

So, join a team (or even by yourself) and compete for fun and prizes! Exploit as many as you can during the con and the top three teams will be rewarded.


Return to Index    -    Add to    -    ics Calendar file

 

IOTV - Saturday - 10:00-17:59 PDT


Title: IoT Village CTF Challenges
When: Saturday, Aug 13, 10:00 - 17:59 PDT
Where: Caesars Forum - Alliance 311, 320 (IoT Village) - Map

Description:
Dive into hacking challenges with HTB at the IoT Village DEFCON 30 CTF. “House Edge” is a themed CTF challenge that aims to have the players travel through a mission inside a space casino with the final goal of accessing a safe box to retrieve its contents. Each challenge is a standalone and does not require to have solved any other challenges. That said, the content is structured in a specific order that helps facilitate the scenario, which at a high level can be broken down into the following side-tasks of the mission:

Gain access to the main security system to avoid being identified Steal RFID credentials of the reads in the open areas to gain access to restricted areas Disable the additional motion sensors in the restricted areas to avoid triggering an alarm Open a safe box and retrieve its contents.


Return to Index    -    Add to    -    ics Calendar file

 

CPV - Saturday - 11:30-12:30 PDT


Title: Jailed By a Google Search Part 2: Abortion Surveillance in Post-Roe America
When: Saturday, Aug 13, 11:30 - 12:30 PDT
Where: Flamingo - Vista Ballroom (Crypto Privacy Village) - Map

SpeakerBio:Kate Bertash
Kate is Director of the Digital Defense Fund, leading a team that provides technology and security resources and front-line support to the American abortion access movement. She brings together a background in nonprofit operations, technology startups, and public policy to this work. In her free time she designs fabrics that fool surveillance systems, and (full disclosure!) also helps out co-organizing the Crypto Privacy Village.
Twitter: @KateRoseBee

Description:
The overturning of Roe v Wade brings with it grim implications not just for abortion access in America, but for all digital privacy rights. In this talk we revisit the threats to our privacy and encryption slipped into law and practice under the guise of “protecting life” that were first discussed in the 2018 talk “Jailed by a Google Search.” We will then examine the pervasive digital monitoring that in many ways creates an even more dangerous surveillance environment for pregnant people than before Roe’s 1973 landmark ruling (temporarily) federally legalizing abortion.

Today patients must navigate an ever-expanding interlocked web of digital data collection and anti-abortion misinformation, all while enduring the existing infrastructures of pregnancy surveillance in our medical and policing systems. By the end of this talk you’ll receive information on how to threat model issues that may come up in pursuing different safe abortion options, tips and strategies for digitally securing an abortion experience, and ways our privacy community can help take action.


Return to Index    -    Add to    -    ics Calendar file

 

ROV - Saturday - 11:00-11:59 PDT


Title: Juicing & Marking Cards
When: Saturday, Aug 13, 11:00 - 11:59 PDT
Where: LINQ - 3rd flr - Evolution (Rogues Village) - Map

SpeakerBio:B
No BIO available

Description:
B will show you the elusive art of “juicing” a deck of cards. Often referenced in heist/poker literature since the invention of playing cards for gambling, B will show you everything you need to apply this arcane method to a deck of cards.

Return to Index    -    Add to    -    ics Calendar file

 

ICSV - Saturday - 14:00-14:59 PDT


Title: Keeping Beer Cold: Attackers, ICS and Cross-Sector Defense
When: Saturday, Aug 13, 14:00 - 14:59 PDT
Where: Caesars Forum - Alliance 314 - 319 (ICS Village) - Map

Description:
Enterprise IT face a huge number of threats while ICS face fewer. But within that threat environment, nation-states will often test or reuse attack vectors which makes cross-sector visibility even more important. Cybersecurity leaders from threat information sharing communities will draw back the curtain on intelligence, actions and processes surrounding ICS threats and vulnerabilities. The discussion will set the stage for the question of what you as attendees would target and how enterprises and sharing communities should react to stop you.

Return to Index    -    Add to    -    ics Calendar file

 

CLV - Saturday - 15:00-16:59 PDT


Title: KQL Kung Fu: Finding the Needle in the Haystack in Your Azure Environments
When: Saturday, Aug 13, 15:00 - 16:59 PDT
Where: Flamingo - Scenic Ballroom (Cloud Village) - Map

SpeakerBio:Darwin Salazar
Darwin Salazar is a Product Detection Engineer @ Datadog. Formerly a medical device security practitioner and cloud security consulting for several Fortune 500s. Enjoys reading, working out, spending time with family and giving back to his community.
Twitter: @darwnsm

Description:
Kusto Query Language (KQL) is Microsoft's proprietary query language and has many use cases in enterprise Azure environments including threat hunting, threat detection and discovering misconfigured assets. In this workshop, I'll be going over these use cases and teaching the attendee how to structure KQL queries to get insights about activity in their Azure environments via Microsoft Sentinel.

Workshop Pre-requisites -
- Laptop w/ network connectivity
- An Azure subscription (Free trial or Pay-as-you-Go tier works just fine)  - Disclaimer: Attendees may incur a small bill due to the nature of the workshop. We will be deleting everything we create during the workshop upon completion of the workshop. - Water, snacks and an appetite for learning


Return to Index    -    Add to    -    ics Calendar file

 

CON - Saturday - 10:00-16:59 PDT


Title: Kubernetes Capture The Flag
When: Saturday, Aug 13, 10:00 - 16:59 PDT
Where: Virtual

Description:
The DEF CON Kubernetes Capture the Flag (CTF) contest features a Kubernetes-based CTF challenge, where teams and individuals can build and test their Kubernetes hacking skills. Each team/individual is given access to a single Kubernetes cluster that contains a set of serial challenges, winning flags and points as they progress. Later flags pose more difficulty, but count for more points.

A scoreboard tracks the teams’ current and final scores. In the event of a tie, the first team to achieve the score wins that tie.

Friday: 10:00-20:00
Saturday: 10:00-17:00


Return to Index    -    Add to    -    ics Calendar file

 

BTV - Saturday - 17:00-17:59 PDT


Title: Latest and Greatest in Incident Response
When: Saturday, Aug 13, 17:00 - 17:59 PDT
Where: Flamingo - Savoy Ballroom - BTV Main Stage (In-person) - Map
Speakers:plug,Lauren Proehl,Jess,LitMoose,zr0

SpeakerBio:plug
No BIO available

SpeakerBio:Lauren Proehl
Lauren is currently the Sr Manager of Global Cyber Defense at Marsh McLennan… which is a wordy way of saying she manages CTI, Threat Hunting, Security Automation, and SOC things. When she isn’t in front of a screen, she is running long distances in the woods, cycling over gravel trails, or acquiring more cats in order to reach crazy cat lady status.

SpeakerBio:Jess
No BIO available

SpeakerBio:LitMoose
Moose (aka Heather) is a benevolent Principal Incident Response consultant with CrowdStrike. Moose leads cases globally specializing in c-level grief counseling, eCrime stomping, forensic dumpster diving, attacker evictions, and long sessions staring deeply into logs, code, and config files. Outside of IR, Moose is a mother of cats, fiddler, and lover of potatoes in all forms.

SpeakerBio:zr0
zr0 is currently a Sr. Consultant on the IBM X-Force IR team leading both reactive and proactive DFIR engagements. In his spare time, z_r0 loves playing competitive tennis, and exploring new things to do in the city with his new wife!

Description:
IR is constantly in motion, adversaries change tactics and techniques and so do Incident Responders. Come hear from IR professionals what they've been up to for the past year.

IR is constantly in motion, adversaries change tactics and techniques and so do Incident Responders. Come hear from IR professionals what they've been up to for the past year.


Return to Index    -    Add to    -    ics Calendar file

 

TEV - Saturday - 10:00-17:59 PDT


Title: Learn at Tamper-Evident Village
When: Saturday, Aug 13, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit 203-204, 235 (Tamper Evident Village) - Map

Description:
Stop by anytime we're open for 1:1 or small-group teaching about tamper-evident hardware, such as mechanical seals, adhesive seals, electronic seals, and mail tampering.

Return to Index    -    Add to    -    ics Calendar file

 

GHV - Saturday - 10:00-10:30 PDT


Title: Learn The Game, Play The Game, Change the Game
When: Saturday, Aug 13, 10:00 - 10:30 PDT
Where: Flamingo - Virginia City III (Girls Hack Village) - Map

SpeakerBio:Yatia Hopkins
Tia Hopkins has spent more than two decades in the IT and IT Security industry and is currently the Field CTO & Chief Cyber Risk Strategist at eSentire. In addition to her role at eSentire, Tia is an adjunct professor of Cybersecurity, a women’s tackle football coach, and a LinkedIn Learning Instructor. She is also pursuing her Executive MBA and PhD in Cybersecurity. Tia was recognized by SC Media as an outstanding educator in 2019, as well as one of The Software Report's Top 25 Women Leaders in Cybersecurity and Cyber Defense Magazine's Top 100 Women in Cybersecurity; both in 2020. In 2021, Tia was recognized as a Top Influencer in the Security Executives category by IFSEC Global and was most recently recognized by Dark Reading as #1 on the list of ‘8 More Women in Security You May Not Know, but Should’ in 2022. Tia contributed a chapter to the book The Rise of Cyber Women: Volume 2 in 2021 and co-authored ‘ Hacking the Cybersecurity Interview’ with Ken Underhill and Chris Foulon, which is currently available for pre-order. She is also the Founder of Empow(H)er Cybersecurity, a non-profit organization aimed at inspiring and empowering women of color to pursue cybersecurity careers.

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

AVV - Saturday - 13:00-13:59 PDT


Title: Linux Threat Detection with Attack Range
When: Saturday, Aug 13, 13:00 - 13:59 PDT
Where: Flamingo - Scenic Ballroom (Adversary Village) - Map
Speakers:Rod Soto,Teoderick Contreras

SpeakerBio:Rod Soto , Security Researcher
No BIO available
Twitter: @rodsoto

SpeakerBio:Teoderick Contreras , Security Researcher
No BIO available
Twitter: @tccontre18

Description:
The release of Microsoft Sysmon for Linux gives defenders new opportunities for monitoring, management and detection development on Linux Operating Systems. In this presentation, presenters will showcase open source Splunk Attack Range in order to replicate adversarial TTPs, record, analyze and develop detections based on Linux Sysmon data.

Return to Index    -    Add to    -    ics Calendar file

 

PHV - Saturday - 10:00-17:59 PDT


Title: Linux Trainer
When: Saturday, Aug 13, 10:00 - 17:59 PDT
Where: Caesars Forum - Academy 411-414, 420 (Packet Hacking Village) - Map

Description:
New this year at DEF CON! Are you new to hacking? Want to learn Linux? We have a workshop for you! Interactive style training will teach you the basics of this operating system step by step so you can start your journey.

Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 10:00-10:45 PDT


Title: Literal Self-Pwning: Why Patients - and Their Advocates - Should Be Encouraged to Hack, Improve, and Mod Med Tech
When: Saturday, Aug 13, 10:00 - 10:45 PDT
Where: Caesars Forum - Alliance 301-309, 321 (Track 4) - Map
Speakers:Christian "quaddi" Dameff MD,Cory Doctorow,Jeff “r3plicant” Tully MD

SpeakerBio:Christian "quaddi" Dameff MD , Emergency Medicine Physician & Hacker at The University of California San Diego
Christian (quaddi) Dameff MD is an Assistant Professor of Emergency Medicine, Biomedical Informatics, and Computer Science (Affiliate) at the University of California San Diego. He is also a hacker, former open capture the flag champion, and prior DEF CON/RSA/Blackhat/HIMSS speaker. Published works include topics such as therapeutic hypothermia after cardiac arrest, novel drug targets for myocardial infarction patients, and other Emergency Medicine related works. Published security research topics including hacking critical healthcare infrastructure, medical devices and the effects of malware on patient care. This is his eighteenth DEF CON.
Twitter: @CDameffMD

SpeakerBio:Cory Doctorow , Science fiction author, activist and journalist
Cory Doctorow (craphound.com) is a science fiction author, activist and journalist. He is the author of many books, most recently RADICALIZED and WALKAWAY, science fiction for adults, IN REAL LIFE, a graphic novel; INFORMATION DOESN’T WANT TO BE FREE, a book about earning a living in the Internet age, and HOMELAND, a YA sequel to LITTLE BROTHER. His next book is ATTACK SURFACE.
Twitter: @doctorow

SpeakerBio:Jeff “r3plicant” Tully MD , Anesthesiologist at The University of California San Diego
Jeff (r3plicant) Tully is a security researcher with an interest in understanding the ever-growing intersections between healthcare and technology. His day job focuses primarily on the delivery of oxygen to tissues.
Twitter: @JeffTullyMD

Description:
What do Apple, John Deere and Wahl Shavers have in common with med-tech companies? They all insist that if you were able to mod their stuff, you would kill yourself and/or someone else... and they've all demonstrated, time and again, that they are unfit to have the final say over how the tools you depend on should work. As right to repair and other interoperability movements gain prominence, med-tech wants us to think that it's too life-or-death for modding. We think that med-tech is too life-or-death NOT to to be open, accountable and configurable by the people who depend on it. Hear two hacker doctors and a tech activist talk about who's on the right side of history and how the people on the wrong side of history are trying to turn you into a walking inkjet printer, locked into an app store.

Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 16:00-16:45 PDT


Title: Low Code High Risk: Enterprise Domination via Low Code Abuse
When: Saturday, Aug 13, 16:00 - 16:45 PDT
Where: Caesars Forum - Academy 401-410, 421 (Track 3) - Map

SpeakerBio:Michael Bargury , Co-Founder and CTO, Zenity.io
Michael Bargury is the Co-Founder and CTO of Zenity, where he helps companies secure their low-code/no-code apps. In the past, he headed security product efforts at Azure focused on IoT, APIs and IaC. Michael is passionate about all things related to cloud, SaaS and low-code security, and spends his time finding ways they could go wrong. He also leads the OWASP low-code security project and writes about it on DarkReading.
Twitter: @mbrg0

Description:
Why focus on heavily guarded crown jewels when you can dominate an organization through its shadow IT?

Low-Code applications have become a reality in the enterprise, with surveys showing that most enterprise apps are now built outside of IT, with lacking security practices. Unsurprisingly, attackers have figured out ways to leverage these platforms for their gain.

In this talk, we demonstrate a host of attack techniques found in the wild, where enterprise No-Code platforms are leveraged and abused for every step in the cyber killchain. You will learn how attackers perform an account takeover by making the user simply click a link, move laterally and escalate privileges with zero network traffic, leave behind an untraceable backdoor, and automate data exfiltration, to name a few capabilities. All capabilities will be demonstrated with POCs, and their source code will be shared.

Next, we will drop two isolation-breaking vulnerabilities that allow privilege escalation and cross-tenant access. We will explain how these vulnerabilities were discovered and assess their pre-discovery impact.

Finally, we will introduce an open-source recon tool that identifies opportunities for lateral movement and privilege escalation through low-code platforms.


Return to Index    -    Add to    -    ics Calendar file

 

BTV - Saturday - 16:00-16:59 PDT


Title: Making Your SOC Suck Less
When: Saturday, Aug 13, 16:00 - 16:59 PDT
Where: Flamingo - Savoy Ballroom - BTV Main Stage (In-person) - Map
Speakers:Shawn Thomas,Carson Zimmerman,Jackie Bow,Alissa Torres,Sebastian Stein

SpeakerBio:Shawn Thomas
Shawn is ex Incident Response consultant, SOC manager, and current Head of Incident Response at Yahoo!, a Paranoid by trade and title he has spent his career trying to find badness and protect users. Shawn has worked in or managed many SOC’s across both the government, private sector, and MSSP space. He loves to teach and talk DFIR/Operations, volunteer at conferences, host podcasts, including Positively Blue Team and The Paranoids Podcast, and help run the DeadPixelSec discord community which is his infosec home.

SpeakerBio:Carson Zimmerman
Carson Zimmerman has been working in cybersecurity for about 20 years. In his current role at Microsoft, he leads an investigations team responsible for defending the M365 platform and ecosystem. Previously at The MITRE Corporation, Carson specialized in cybersecurity operations center architecture, consulting, and engineering. In his early days at MITRE, Carson worked in roles ranging from CSOC tier 1 analysis, to secure systems design consulting, to vulnerability assessment. Carson recently co-wrote 11 Strategies of a World-Class Cybersecurity Operations Center, available at mitre.org/11Strategies.

SpeakerBio:Jackie Bow
A Jackie-of-all- trades, master of none, Jackie seems to be physically unable to stop returning to threat detection and response. Her 10 years in the industry have been spent in malware analysis, reverse engineering, and infrastructure and product security. She has been an analyst, engineer, and leader. Currently, she is focused on building out the threat detection and response program at Asana. She aspires to build teams that leave members better than they were found, technically AND mentally. She speaks and sometimes writes about burnout awareness and efforts to dismantle the gatekeeping of technical security roles.

SpeakerBio:Alissa Torres
No BIO available

SpeakerBio:Sebastian Stein
Security Operations Leader from the "uber innovative" SF Bay Area (originally from Berlin) with 12y of security and 10y of infra experience. Currently defending a $2B publicly traded pharmaceutical company. Security at scale is hard! And when everything is cobbled together with off-the-shelf software, it is almost impossible. Security teams always have everyone else's back and are absolutely allowed to fail.

Description:
The Security Operations Center: is it really more than a place to go where dreams die? So many analysts feel that the soul-sucking march of awful false positive alerts will never end; there’s no way to improve and they’re in a dead end job. How can you turn your nightmare into something more bearable? Come join our panelists, four security analysts turned leaders, as they get grilled by our moderator in answering this question and more. By the end of this talk, you will gain a series of tips and tricks to take back to your SOC whether it’s new or old, big or small, chaotic or calm. You will learn how to get the most from your individual experience, lift up your team around you, or at least recognize when it’s time to run like mad.

The Security Operations Center: is it really more than a place to go where dreams die? So many analysts feel that there’s no way to improve and they’re in a dead end job. How can you turn your nightmare into something more bearable? By the end of this panel, you will gain a series of tips and tricks to take back to your SOC, you will learn how to get the most from your individual experience, lift up your team around you, or at least recognize when it’s time to run like mad.


Return to Index    -    Add to    -    ics Calendar file

 

ICSV - Saturday - 13:00-16:59 PDT


Title: Maritime Hacking Boundary Adventure
When: Saturday, Aug 13, 13:00 - 16:59 PDT
Where: Caesars Forum - Alliance 314 - 319 (ICS Village) - ICS Workshop Area - Map

Description:
Have you ever wanted to run your own shipyard? To drive ships? Without permission? Then the Hacking Boundary tabletop role playing game is just for you. Hacking Boundary is a realistic, competitive, game of identifying and exploiting vulnerabilities in ports and ships. The game is designed to allow for you to bring your knowledge, skills, and abilities to the table and use these to compete against your peers. The game will last about 4 hours, and participants will have roles as attackers, defenders, or the mighty US government. Come for the competition, stay for the victory points, but try and not generate a lot of digital exhaust for the cops to find.

Return to Index    -    Add to    -    ics Calendar file

 

MIV - Saturday - 10:45-12:30 PDT


Title: Mass Disinformation Operations - How to detect and assess Ops with OSINT & SOCMINT tools and techniques
When: Saturday, Aug 13, 10:45 - 12:30 PDT
Where: Caesars Forum - Summit 221->236 (Misinformation Village) - Map

SpeakerBio:Paula González Nagore
Paula González Nagore is an Intelligence Analyst specialized in OSINT and SOCMINT investigations and Cyber Intelligence. She currently works in the private sector conducting Digital Footprint, Digital Surveillance and Competitive Intelligence investigations. She also collaborates with different public and educational institutions to investigate disinformation and its effects, as well as the digital tools that are used today to develop disinformation campaigns and fake news in digital media and social networks.

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

WS - Saturday - 09:00-12:59 PDT


Title: Master Class: Delivering a New Construct in Advanced Volatile Memory Analysis for Fun and Profit
When: Saturday, Aug 13, 09:00 - 12:59 PDT
Where: Harrah's - Ely (Workshops) - Map

SpeakerBio:Solomon Sonya , Director of Cyber Operations Training
Solomon Sonya (@Carpenter1010) is the Director of Cyber Operations Training at a large organization. He has a background in software development, malware analysis, covert channels, steganography, distributed computing, computer hacking, information protection paradigms, and cyber warfare. He received his Undergraduate Degree in Computer Science and has Master’s degrees in Computer Science and Information System Engineering. Before becoming Director of Cyber Operations Training, he was a university Computer Science Assistant Professor of Computer Science and Research Director. Solomon’s current research includes computer system exploitation, cyber threat intelligence, digital forensics, and data protection.

Solomon's previous keynote and conference engagements include: BlackHat USA, SecTor Canada, Hack in Paris, France, HackCon Norway, ICSIS – Toronto, ICORES Italy, BruCon Belgium, CyberCentral – Prague and Slovakia, Hack.Lu Luxembourg, Shmoocon DC, BotConf - France, DerbyCon Kentucky, SkyDogCon Tennessee, HackerHalted Georgia, Day-Con Ohio, and TakeDownCon Connecticut, Maryland, and Alabama, AFCEA – Colorado Springs.

Twitter: @Carpenter1010

Description:
Malware continues to advance in sophistication. Well-engineered malware can obfuscate itself from the user and the OS. Volatile memory is the unique structure malware cannot evade. I have engineered a new construct for memory analysis and a new open-source tool that automates memory analysis, correlation, and user-interaction to increase investigation accuracy, reduce analysis time and workload, and better detect malware presence from memory. This workshop introduces a new visualization construct that creates the ability to interact with memory analysis artifacts. We will cover how to conducted advanced memory analysis utilizing this brand new tool that will greatly enhance the analysis process. Additionally, we will learn how to use new Data XREF and System Manifest features in this workshop. Data XREF provides an index and memory context detailing how your search data is coupled with processes, modules, and events captured in memory. The System Manifest distills the analysis data to create a new memory analysis snapshot and precise identification of malicious artifacts detectable from malware execution especially useful for exploit dev and malware analysis! This talk is perfect if you have conducted memory analysis before and understand the pain it is to conduct this type of analysis by hand. In this workshop, we will work with a new revolutionary tool to automate, correlate, and enrich memory analysis saving you hours of analysis time. This work shop exposes participants to capture-the-flag memory analysis challenges utilizing the new Xavier Memory Analysis Framework and concludes with a culminating capstone exercise at the end. Participants will walk away with advanced memory analysis capabilities including how to recognize and handle various forms of advance code injection and rootkit hooking techniques from computer memory.
Materials
Just a laptop with VirtualBox installed. I will provide the memory images with all tools configured ready for the workshop.
Prereq
None

Return to Index    -    Add to    -    ics Calendar file

 

SOC - Saturday - 20:00-21:59 PDT


Title: Meet the EFF
When: Saturday, Aug 13, 20:00 - 21:59 PDT
Where: Caesars Forum - Academy 410 - Map

Description:
Join the Electronic Frontier Foundation - The leading non-profit fighting for civil liberties in the digital world- to chat about the latest developments in Tech and Law and how these can help each other to build a better future.

The discussion will include updates on current EFF issues such as Disciplinary technologies, Stalkerware, LGBTQ+ Rights, Reproductive Rights, drones, updates on cases and legislation affecting security research, and law enforcement partnerships with industry.

Half of this session will be given over to question-and-answer, so it’s your chance to ask EFF questions about the law and tech.


Return to Index    -    Add to    -    ics Calendar file

 

DL - Saturday - 10:00-11:55 PDT


Title: Memfini - A systemwide memory monitor interface for linux
When: Saturday, Aug 13, 10:00 - 11:55 PDT
Where: Caesars Forum - Caucus Boardroom (Demo Labs) - Map
Speakers:Shubham Dubey,Rishal Dwivedi

SpeakerBio:Shubham Dubey
Shubham is a Security Researcher 2 at Microsoft where he works for Microsoft’s defender product. His expertise lies in low level security and internals which includes reverse engineering, exploitation and firmware security. Prior to joining Microsoft, Shubham was Security researcher at Antivirus company working in exploit prevention team where he contributed to protect customers from 0days and vulnerabilities in the wild. Shubham has worked on multiple independent project on kernel level and firmware security. He own a security blog nixhacker.com where you will find lots of content on low level security and internals.

SpeakerBio:Rishal Dwivedi
Rishal is a Security Researcher at Microsoft where he works for Microsoft's defender product. His expertise lies in Offensive security which includes vulnerability discovery and exploitation, owning multiple CVE's. Prior to joining Microsoft, Rishal was a Sr. Security researcher at company where he contributed to their Web Application Security product. Rishal gained fame in bug bounty at an early age of 13 years. After contributing to Application Security for multiple years, he went on to explore other domains of security including IOT security and Malware Analysis.

Description:
Surprisingly, memory related events logging has been ignored by monitoring tool’s authors since a long time. There are multiple event loggers present for Linux that are capable of monitoring processes, i/o operations, function calls or whole systemwide events. But something which lacks in most is global monitoring of memory related events like allocation, attachment to a shared memory, memory allocation in foreign process etc. This has many applications in security domain or even software engineering in general. The main area of focus or use case for Memfini is to assist Security professionals for carrying out memory specific Dynamic Malware Analysis, in order to help them in finding indicators for malicious activities without reversing the behavior. Below listed are few of the use cases (which we will also be demonstrating in the talk). • Process Injection • Fileless malware execution • Shellcode Execution • Malicious shared memory usage On the other hand, it can also be helpful for Software developers, who wish to have an eagle eye on the memory allocations • Finding Memory Leaks • Error detection for debugging purposes. The is possible as Memfini is capable of monitoring memory allocations on User space, Kernel space as well as some under looked allocations like PCI device mapping, DMA allocations etc. It provides a command line interface with multiple filters, allowing a user to interact with the logs generated & get the required data. Currently, the user will be able to filter the events by individual process, type of access etc.

Audience: Defensive security(Malware researcher, IR/Forensics) and Offensive security(memory based vulnerability discovery)


Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 10:00-17:59 PDT


Title: Memorial Room Open
When: Saturday, Aug 13, 10:00 - 17:59 PDT
Where: Flamingo - Carson City II (Memorial Room) - Map

Description:
Our Memorial Room is returning this year. A bit more space and more to participate & honoring our community and friends. In FLAMINGO – Carson City 2.

Take some time to remember and honor our friends that are no longer with us. You can share your stories and adventures across the many years of DEFCON and our hacker community. If this is your first year – you are welcome to come and experience the depth of our community.

Add names of friends no longer with us to our books or create some art that you feel is right. It is all your choice. We know that being at DEFCON often brings up memories and feeling about past highlights and this is the place to come and let those thoughts, feelings, and memories flow. DEFCON is an international community, and it is your community.

Last year we were sort of set up to print photos from your phones – we have a few glitches – a ask about it when you drop by. BUT we think we are set to go!

Email the photos – with name or handle if you have it – to memorial@defconmusic.org and of course you can load them in when you are in the room. We have some really nice printers so they look good. And you can place them in the room. And we have lots of other ways to celebrate our family that is no longer with us.


Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 09:00-15:59 PDT


Title: Merch (formerly swag) Area Open -- README
When: Saturday, Aug 13, 09:00 - 15:59 PDT
Where: Caesars Forum - Summit 229 (Merch) - Map

Description:
The published hours for the merch area are only an approximation: supplies are limited, and when merch is sold out, the merch area will close. (We intend to update this schedule to reflect their true operating status, but this is strictly best-effort.)

Return to Index    -    Add to    -    ics Calendar file

 

LPV - Saturday - 11:00-11:30 PDT


Title: Metal and Fire... Copying Keys via Mold and Cast Tactics
When: Saturday, Aug 13, 11:00 - 11:30 PDT
Where: Caesars Forum - Summit 203-204, 235 (Lock Pick Village) - Map

SpeakerBio:Deviant Ollam
No BIO available

Description:
You've seen lockpickers open doors by manipulating pins. Such a tactic relies on ownership of pick tools and the knowledge of how to use them.

You may have witnessed hackers demonstrate the art of impressioning. Such a technique requires a working blank key that can be hand-filed into the correct shape in order to facilitate entry.

But have you ever seen a key fabricated before your eyes from nothing at all? With a raw ingot of metal ore, heat from a flame, and some subversive skill it's possible to re-create almost any key -- no matter how obscure -- via molding and casting. That is what this presentation entails: keys will be created using raw metal and fire. But not in a forge or foundry... this is a tactic that can be employed in the field by covert entry types who want a way to gain repeated access without having to carry around key blanks and specific tools specialized for every brand of lock.

When you're casting a key from nothing, virtually any kind of mechanical lock becomes a valid target.


Return to Index    -    Add to    -    ics Calendar file

 

SOC - Saturday - 20:00-23:59 PDT


Title: Movie Night Double Feature - The Conversation & The 13th Floor
When: Saturday, Aug 13, 20:00 - 23:59 PDT
Where: Caesars Forum - Academy 401-410, 421 (Track 3) - Map

Description:
Chills! Thrills! A quiet place to sit down! 2 Movies for the price of none!

The Conversation - A paranoid, secretive surveillance expert has a crisis of conscience when he suspects that the couple he is spying on will be murdered.

The 13th Floor - A computer scientist a virtual reality simulation of 1937 becomes the primary suspect when his colleague and mentor is murdered.


Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 11:00-11:45 PDT


Title: My First Hack Was in 1958 (Then A Career in Rock’n’Roll Taught Me About Security)
When: Saturday, Aug 13, 11:00 - 11:45 PDT
Where: Caesars Forum - Forum 106-110, 138-139 (Track 2) - Map

SpeakerBio:Winn Schwartau , Security Thinker Since 1983
“After talking to Winn for an hour and a half, you’re like, what the f*** just happened? - Bob Todrank

Winn has lived Cybersecurity since 1983, and now says, “I think, maybe, I’m starting to understand it.” Since 1988, his predictions about security have been scarily spot on. He coined “Electronic Pearl Harbor” while testifying before Congress in 1991 and prognosticated a future with massive surveillance, loss of personal privacy, nation-state hacking, cyberwar and cyber-terrorism. He was named the “Civilian Architect of Information Warfare,” by Admiral Tyrrell of the British MoD.

His latest book, “Analogue Network Security” is a math and time-based, probabilistic approach to security with designs “fix security and the internet. It will twist your mind.

Fellow, Royal Society of the Arts
Distinguished Fellow: Ponemon Institute Int’l Security Hall of Fame: ISSA
Top 20 industry pioneers: SC Magazine
Top 25 Most Influential: Security Magazine Top 5 Security Thinkers: SC Magazine
Power Thinker (and one of 50 most powerful people) Network World Top Rated (4.85/5) RSA Speaker
Top Rated ISC2: 4.56
.001% Top Influencer RSAC 2019

Author: Information Warfare, CyberShock, Internet & Computer Ethics for Kids, Time Based Security, Pearl Harbor Dot Com (Die Hard IV) Founder: www.TheSecurityAwarenessCompany.Com Producer: Hackers Are People Too

Twitter: @WinnSchwartau

Description:
My first hack was in 1958, and it was all my mother’s fault. Or perhaps I should also blame my father. They were both engineers and I got their DNA. As a kid I hacked phones… cuz, well, phones were expensive! (Cardboard was an important hacking tool.) At age 6 I made a decent living cuz I could fix tube TVs. True!

In roughly 1970 (thanks to NYU) we moved on to hacking Hollerith (punch) cards to avoid paying for telephone and our utilities, and of course, shenanigans.

As a recording studio designer and builder, we dumpster dived for technology from AT&T. We never threw anything out and learned how to repurpose and abuse tech from the 1940s.

As a rock’n’roll engineer, I learned to live with constant systems epic failures. Anything that could break would break: before a live TV event or a massive concert. Talk about lessons in Disaster Recovery and Incident Response.

This talk, chock full of pictures and stories from the past, covers my hacking path as a kid then as a necessary part of survival in the entertainment industry. 1958-1981.

Come on down for the ride and see how 64 years of lessons learned can give you an entirely different view of Hacking and how and why I have embraced failure for both of my careers!


Return to Index    -    Add to    -    ics Calendar file

 

BHV - Saturday - 14:30-14:59 PDT


Title: Natural Disasters and International Supply Chains: Biomedical and Pharmaceutical Review
When: Saturday, Aug 13, 14:30 - 14:59 PDT
Where: Flamingo - Laughlin I,II,III (Biohacking Village) - Map

SpeakerBio:Jorge Acevedo Canabal , MD
No BIO available

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

ASV - Saturday - 15:00-15:50 PDT


Title: Near and Far: Securing On and Off Planet Networks at JPL
When: Saturday, Aug 13, 15:00 - 15:50 PDT
Where: Caesars Forum - Forum 112-117 (Aerospace Village) - Map

SpeakerBio:Wes Gavins
As CISO, Wes provides strategic direction for all IT security technology areas including applications, networks and storage; serves as the authority and primary JPL representative on internal and external security architecture teams; selects solutions to enhance security controls; and conduct risk assessments for major Lab-wide processes and make major security risk decisions. 

Description:
If you know the names Voyager 1 and 2, Galileo, Salvage 1, Hubble, Cassini, Opportunity, and Spirit then you are familiar with the work done by NASA’s Jet Propulsion Laboratory. But space operations are more than just the satellites and vehicles we typically hear about, and JPL’s Chief Information Security Officer is responsible for keeping the variety of complex ground networks continuously running. Join us to hear from Wes Gavins, CISO at JPL, and learn about his infosec journey, his inspiration, and how he leads his teams to ensure safe and secure space operations.

Return to Index    -    Add to    -    ics Calendar file

 

PHV - Saturday - 10:00-17:59 PDT


Title: NetworkOS Workshop
When: Saturday, Aug 13, 10:00 - 17:59 PDT
Where: Caesars Forum - Academy 411-414, 420 (Packet Hacking Village) - Map

Description:
The NetworkOS workshop takes you into the mysterious world underpinning modern computing and global communication: the network itself. Step by step, you'll learn all the basics you need. No experience needed: must know how to type and copy/paste.

Return to Index    -    Add to    -    ics Calendar file

 

BICV - Saturday - 16:00-16:30 PDT


Title: Neurodiversity in Cybersecurity: Find Your Competitive Advantage!
When: Saturday, Aug 13, 16:00 - 16:30 PDT
Where: Virtual - BIC Village
Speakers:Nathan Chung,Kassandra Pierre

SpeakerBio:Nathan Chung
No BIO available

SpeakerBio:Kassandra Pierre
No BIO available

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

SOC - Saturday - 18:00-01:59 PDT


Title: Night of the Ninjas - Entertainment
When: Saturday, Aug 13, 18:00 - 01:59 PDT
Where: Caesars Forum - Forum 120-123, 129, 137 (Chillout) - Map
Speakers:Magician Kody Hildebrand,TAIKOPROJECT,Z3NPI,Zebbler Encanti Experience,Scotch and Bubbles,CTRL/rsm,Krisz Klink,Mass Accelerator

SpeakerBio:Magician Kody Hildebrand
No BIO available

SpeakerBio:TAIKOPROJECT
No BIO available

SpeakerBio:Z3NPI
No BIO available

SpeakerBio:Zebbler Encanti Experience
No BIO available

SpeakerBio:Scotch and Bubbles
No BIO available

SpeakerBio:CTRL/rsm
No BIO available

SpeakerBio:Krisz Klink
No BIO available

SpeakerBio:Mass Accelerator
No BIO available

Description:
18:00 - 19:00: Hildebrand Magic
19:00 - 20:00: Scotch and Bubbles
20:00 - 21:00: Z3npi
21:00 - 22:00: Mass Accelerator
22:00 - 23:00: Krisz Klink
23:00 - 00:00: TAIKOPROJECT
00:00 - 00:15: Costume Contest
00:15 - 01:00: Zebbler Encanti Experience 01:00 - 02:00: CTRL/rsm

Return to Index    -    Add to    -    ics Calendar file

 

AVV - Saturday - 11:00-11:45 PDT


Title: Nimbly Navigating a Nimiety of Nimplants: Writing Nim Malware Like The Cool Kids
When: Saturday, Aug 13, 11:00 - 11:45 PDT
Where: Flamingo - Scenic Ballroom (Adversary Village) - Map

SpeakerBio:Cas Van Cooten
Cas van Cooten is an offensive security enthusiast and Red Team Operator at ABN AMRO Bank in The Netherlands. He started out as a ""fluffy"" information security strategy consultant, but exchanged his suit for a hoodie when he realized he was more of a hacker than a strategist.

He likes evading defenses by developing offensive security tooling and malware, specifically in the Nim programming language. He developed tools such as 'Nimplant', 'NimPackt', and 'BugBountyScanner', is a HackTheBox machine author, and likes shitposting on his Twitter timeline.

Twitter: @chvancooten

Description:
All the cool kids are using obscure programming languages to write malware nowadays. Offensive security professionals (as well as threat actors with cool names) are increasingly wrapping their malware in languages such as Go, Rust, or Nim. This talk will break down why Nim is a prime candidate for malware development and how it allows you to write low-level functionality without having to bother learning ""actually complicated"" low-level languages such as C.

We will dive into the intricacies of various open-source Nim tools and analyze how they manage to evade defenses such as AV and EDR, providing you with the foundation needed to get started building your own Nim-based malware. If you're interested in learning Nim, malware development, or are just tagging along to build better detections - consider this your invitation into the wondrous world of Nim malware.


Return to Index    -    Add to    -    ics Calendar file

 

APV - Saturday - 14:30-15:30 PDT


Title: No Code Security Review - What should I review in applications without code?
When: Saturday, Aug 13, 14:30 - 15:30 PDT
Where: Flamingo - Twilight Ballroom - AppSec Village - Main Stage - Map

SpeakerBio:Inaae Kim
Inaae Kim is a security engineer at Unqork. She has a unique background as both a security engineer and a software engineer. She specializes in building security into the software development life cycle and seeks for proactive security approach.

Description:
No-code application platforms emerged a few years ago. They are a very attractive platform to many business organizations because they use modular and pre-built configurations for quick and efficient software development and delivery without writing code. Secure code review is one of the major processes to identify security weaknesses early in the SDLC and prevents potential vulnerabilities when the application is released in production. If there is no code in your software development, what are application security engineers reviewing in the application? In this talk, I’ll talk about your security concerns in no-code application development platforms including the OWASP top 10 no-code security risks, and provide tips to mitigate risks from no-code development. I’ll also introduce a new security review process for no-code software development to reduce security risks. At the end of the talk, I will demonstrate how to conduct security reviews of no-code applications. This talk is helpful for application security engineers whose organizations are considering or already using no-code platforms and anyone who wants to know how to incorporate security into no-code applications.

Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 11:00-11:45 PDT


Title: No-Code Malware: Windows 11 At Your Service
When: Saturday, Aug 13, 11:00 - 11:45 PDT
Where: Caesars Forum - Academy 401-410, 421 (Track 3) - Map

SpeakerBio:Michael Bargury , Co-Founder and CTO, Zenity.io
Michael Bargury is the Co-Founder and CTO of Zenity, where he helps companies secure their low-code/no-code apps. In the past, he headed security product efforts at Azure focused on IoT, APIs and IaC. Michael is passionate about all things related to cloud, SaaS and low-code security, and spends his time finding ways they could go wrong. He also leads the OWASP low-code security project and writes about it on DarkReading.
Twitter: @mbrg0

Description:
Windows 11 ships with a nifty feature called Power Automate, which lets users automate mundane processes. In a nutshell, Users can build custom processes and hand them to Microsoft, which in turn ensures they are distributed to all user machines or Office cloud, executed successfully and reports back to the cloud. You can probably already see where this is going.. In this presentation, we will show how Power Automate can be repurposed to power malware operations. We will demonstrate the full cycle of distributing payloads, bypassing perimeter controls, executing them on victim machines and exfiltrating data. All while using nothing but Windows baked-in and signed executables, and Office cloud services. We will then take you behind the scenes and explore how this service works, what attack surface it exposes on the machine and in the cloud, and how it is enabled by-default and can be used without explicit user consent. We will also point out a few promising future research directions for the community to pursue. Finally, we will share an open-source command line tool to easily accomplish all of the above, so you will be able to add it into your Red Team arsenal and try out your own ideas.

Return to Index    -    Add to    -    ics Calendar file

 

MIV - Saturday - 16:15-16:45 PDT


Title: Not Feeling Yourself: User Spoofing and Other Disinformation Exploits
When: Saturday, Aug 13, 16:15 - 16:45 PDT
Where: Caesars Forum - Summit 221->236 (Misinformation Village) - Map

SpeakerBio:E.C (Burninator)
Burninator was a software engineer, bot developer and hobbyist hacker before becoming an appsec redteamer in 2018, and has been hacking all the things since high school.

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

CLV - Saturday - 10:00-10:40 PDT


Title: OAuth-some Security Tricks: Yet more OAuth abuse
When: Saturday, Aug 13, 10:00 - 10:40 PDT
Where: Flamingo - Scenic Ballroom (Cloud Village) - Map

SpeakerBio:Jenko Hwong
Jenko Hwong is a Principal Researcher on Netskope's Threat Research Team, focusing on cloud threats/vectors. He's spent time in engineering and product roles at various security startups in vulnerability scanning, AV/AS, pen-testing/exploits, L3/4 appliances, threat intel, and windows security.
Twitter: @jenkohwong

Description:
Join in this deep dive looking at new abuses of OAuth 2.0. We'll look at a variety of attacks including phishing and stolen credential attacks, starting with Microsoft authorization code grant to Google authorization code grant using copy/paste. We'll then move on to new attacks including: OWA browser attacks, Chrome attacks, different SaaS OAuth implementations, upstream SSO attacks, and hidden uses of OAuth in Google App Scripting and Google Cloud Shell.

In a nod to Penn and Teller, with each attack, we'll reveal the underlying secret techniques used, why and how it works, and what can be generalized. We'll then show how the most common defensive measures (e.g. MFA, IP allow lists, application allow lists, authorization controls) are used to mitigate each attack, then adjust the attack to bypass the defensive measure. We'll also discuss what vendors have been doing to mitigate these attacks and whether they are effective.

Code for any demo/POCs will be made available as open-source.


Return to Index    -    Add to    -    ics Calendar file

 

BTV - Saturday - 13:00-13:59 PDT


Title: Obsidian CTH Live: Killchain 3 Walkthrough
When: Saturday, Aug 13, 13:00 - 13:59 PDT
Where: Flamingo - Savoy Ballroom - BTV Main Stage (In-person) - Map

Description:
Obsidian CTH Live: Killchain 3 Walkthrough

Blue Team Village’s Project Obsidian is an immersive, defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Reverse Engineering Malware (REM), Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH).

Obsidian CTH Live: Killchain 3 Walkthrough

Blue Team Village’s Project Obsidian is an immersive, defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Reverse Engineering Malware (REM), Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH).


Return to Index    -    Add to    -    ics Calendar file

 

BTV - Saturday - 10:30-11:30 PDT


Title: Obsidian CTH: Sniffing Compromise: Hunting for Bloodhound
When: Saturday, Aug 13, 10:30 - 11:30 PDT
Where: Flamingo - Savoy Ballroom - BTV Project Obsidian: Track 0x42 (In-person) - Map

SpeakerBio:CerealKiller
No BIO available

Description:
Join us on a journey as we chase BloodHound through a compromised environment via host and network telemetry. We will dive quickly into detections to become better prepared for next time.

Blue Team Village’s Project Obsidian is an immersive, defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Reverse Engineering Malware (REM), Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH).

Join us on a journey as we chase BloodHound through a compromised environment via host and network telemetry. We will dive quickly into detections to become better prepared for next time.

Blue Team Village’s Project Obsidian is an immersive, defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Reverse Engineering Malware (REM), Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH).


Return to Index    -    Add to    -    ics Calendar file

 

BTV - Saturday - 14:00-14:59 PDT


Title: Obsidian CTH: The Logs are Gone?
When: Saturday, Aug 13, 14:00 - 14:59 PDT
Where: Flamingo - Savoy Ballroom - BTV Project Obsidian: Track 0x42 (In-person) - Map

SpeakerBio:ExtremePaperClip
Digital Forensics Nerd, Linux Geek, InfoSec Dork, Lifelong Student of Everything, Amateur History Buff... Loads of Fun.

Description:
What happens when an attacker clears the logs in an effort to hide their tracks? Here we will dive into that question, build a Threat Hunting hypothesis, develop some ways to detect this activity, and document the process.

Blue Team Village’s Project Obsidian is an immersive, defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Reverse Engineering Malware (REM), Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH).

What happens when an attacker clears the logs in an effort to hide their tracks? Here we will dive into that question, build a Threat Hunting hypothesis, develop some ways to detect this activity, and document the process.

Blue Team Village’s Project Obsidian is an immersive, defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Reverse Engineering Malware (REM), Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH).


Return to Index    -    Add to    -    ics Calendar file

 

BTV - Saturday - 11:30-12:30 PDT


Title: Obsidian CTI: Operationalizing Threat Intelligence
When: Saturday, Aug 13, 11:30 - 12:30 PDT
Where: Flamingo - Savoy Ballroom - BTV Project Obsidian: Track 0x42 (In-person) - Map
Speakers:l00sid,ttheveii0x,Stephanie G.

SpeakerBio:l00sid
l00sid just started a career as a blue teamer. He loves the kinds of puzzles he gets to solve in the process of stopping attackers.

SpeakerBio:ttheveii0x
Mentor, Hacker, Cyber Threat Intelligence, Reverse Engineering Malware, OSINT, 70757a7a6c6573, Blue Team Village Director, Consultant

SpeakerBio:Stephanie G.
Stephanie is a security software engineer in the product security space. She is a volunteer on BTV's CTI team for Project Obsidian at DEF CON 30.

Description:
This module covers:

Objective: Demonstrate how a CTI report can be operationalized.

Blue Team Village’s Project Obsidian is an immersive, defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Reverse Engineering Malware (REM), Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH).

This module presents an overview of how threat intelligence gleaned from a single CTI report can be operationalized across an organization. We'll run through a report based on content from Project Obsidian's kill chain 3 and demonstrate how it can be operationalized by different teams (SOC, IR, forensics, security management, and executives.

Blue Team Village’s Project Obsidian is an immersive, defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Reverse Engineering Malware (REM), Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH).


Return to Index    -    Add to    -    ics Calendar file

 

BTV - Saturday - 14:30-14:59 PDT


Title: Obsidian Forensics: Creating a custom Velociraptor collector
When: Saturday, Aug 13, 14:30 - 14:59 PDT
Where: Flamingo - Savoy Ballroom - BTV Project Obsidian: Track 0x41 (In-person) - Map
Speakers:Wes Lambert,Omenscan

SpeakerBio:Wes Lambert
No BIO available

SpeakerBio:Omenscan
Obsidian Forensics Lead

Description:
Obsidian 4n6 Station: Pre-Recorded - Obsidian 4n6: Creating a custom Velociraptor collector

Blue Team Village’s Project Obsidian is an immersive, defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Reverse Engineering Malware (REM), Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH).

Obsidian 4n6 Station: Pre-Recorded - Obsidian 4n6: Creating a custom Velociraptor collector

Blue Team Village’s Project Obsidian is an immersive, defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Reverse Engineering Malware (REM), Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH).


Return to Index    -    Add to    -    ics Calendar file

 

BTV - Saturday - 11:30-12:30 PDT


Title: Obsidian Forensics: Kill Chain 3 Endpoint Forensics Walkthrough
When: Saturday, Aug 13, 11:30 - 12:30 PDT
Where: Flamingo - Savoy Ballroom - BTV Project Obsidian: Track 0x41 (In-person) - Map

SpeakerBio:Omenscan
Obsidian Forensics Lead

Description:
Obsidian Forensics Station: In this pre-recorded presentation we will walk through the artifacts and analysis of the Obsidian Kill Chain 3 using forensics artifacts found on affected Endpoints.

Blue Team Village’s Project Obsidian is an immersive, defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Reverse Engineering Malware (REM), Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH).

Obsidian Forensics Station: Kill Chain 3 Endpoint Forensics Walkthrough

Blue Team Village’s Project Obsidian is an immersive, defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Reverse Engineering Malware (REM), Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH).


Return to Index    -    Add to    -    ics Calendar file

 

BTV - Saturday - 10:30-11:30 PDT


Title: Obsidian Forensics: KillChain3 - Continued Adventures in Splunk and Security Onion
When: Saturday, Aug 13, 10:30 - 11:30 PDT
Where: Flamingo - Savoy Ballroom - BTV Main Stage (In-person) - Map
Speakers:ExtremePaperClip,Omenscan,Wes Lambert

SpeakerBio:ExtremePaperClip
Digital Forensics Nerd, Linux Geek, InfoSec Dork, Lifelong Student of Everything, Amateur History Buff... Loads of Fun.

SpeakerBio:Omenscan
Obsidian Forensics Lead

SpeakerBio:Wes Lambert
No BIO available

Description:
A Live Forensics Walkthrough of Obsidian Kill Chain 3 (KC3) forensics analysis using Splunk and Security Onion

Blue Team Village’s Project Obsidian is an immersive, defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Reverse Engineering Malware (REM), Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH).

A Live Forensics Walkthrough of Obsidian Kill Chain 3 (KC3) forensics analysis using Splunk and Security Onion

Blue Team Village’s Project Obsidian is an immersive, defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Reverse Engineering Malware (REM), Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH).


Return to Index    -    Add to    -    ics Calendar file

 

BTV - Saturday - 14:00-14:59 PDT


Title: Obsidian Forensics: Using Chainsaw to Identify Malicious Activity
When: Saturday, Aug 13, 14:00 - 14:59 PDT
Where: Flamingo - Savoy Ballroom - BTV Project Obsidian: Track 0x41 (In-person) - Map

SpeakerBio:Danny D. Henderson Jr (B4nd1t0)
With 14-years career in the U.S. public sector and 11 years with ICT, Danny now works at SecureWorks in Bucharest as an L3 SOC Analyst. His skillset includes digital forensics, threat intelligence, malware analysis, with small touch of Offensive Security. Outside of the Security field, Danny is working on a passion video game project as the Fearless Leader of the Sacred Star Team and is fond of fantasy tabletop games such as Dungeons and Dragons (D&D).

Description:
This talk is a small in-depth look of using Chainsaw for investigations using the Obsidian project as the example.

The intent is to go over the following: - Default display to console
- Creating a CSV for slicing and to put into a spreadsheet - SIGMA rules and how Chinsaw applies those rules

Blue Team Village’s Project Obsidian is an immersive, defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Reverse Engineering Malware (REM), Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH).

When time is of essence in IR, having a tool to quickly collect data from Windows Event Logs is the way to go. We'll LET IT RIP with Chainsaw, hosted by B4nd1t0 as part of Project Obsidian.

Blue Team Village’s Project Obsidian is an immersive, defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Reverse Engineering Malware (REM), Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH).


Return to Index    -    Add to    -    ics Calendar file

 

BTV - Saturday - 14:00-14:59 PDT


Title: Obsidian Live: May We Have the OODA Loops?
When: Saturday, Aug 13, 14:00 - 14:59 PDT
Where: Flamingo - Savoy Ballroom - BTV Main Stage (In-person) - Map
Speakers:juju43,CountZ3r0

SpeakerBio:juju43
No BIO available

SpeakerBio:CountZ3r0
Stuff goes here.

Description:
Incident Response Live Walkthough: This will go over how to use OODA to effectively investigate and respond to a real world incident. Come work through the demos alongside experts during this live walkthrough.

Blue Team Village’s Project Obsidian is an immersive, defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Reverse Engineering Malware (REM), Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH).

Incident Response Live Walkthough: This will go over how to use OODA to effectively investigate and respond to a real world incident. Come work through the demos alongside experts during this live walkthrough.

Blue Team Village’s Project Obsidian is an immersive, defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Reverse Engineering Malware (REM), Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH).


Return to Index    -    Add to    -    ics Calendar file

 

BTV - Saturday - 13:00-13:59 PDT


Title: Obsidian REM: Phishing In The Morning: An Abundance of Samples!
When: Saturday, Aug 13, 13:00 - 13:59 PDT
Where: Flamingo - Savoy Ballroom - BTV Project Obsidian: Track 0x42 (In-person) - Map

SpeakerBio:Alison N
No BIO available

Description:
Coming soon

Coming soon


Return to Index    -    Add to    -    ics Calendar file

 

BTV - Saturday - 13:00-13:59 PDT


Title: Obsidian: IR - Final Reporting Made Exciting*
When: Saturday, Aug 13, 13:00 - 13:59 PDT
Where: Flamingo - Savoy Ballroom - BTV Project Obsidian: Track 0x41 (In-person) - Map
Speakers:CountZ3r0,aviditas

SpeakerBio:CountZ3r0
Stuff goes here.

SpeakerBio:aviditas
No BIO available

Description:
*Insert eye catching and compelling abstract on IR final reporting here. Make it seem exciting and not at all a dreaded yet critical part of incident handling.

Blue Team Village’s Project Obsidian is an immersive, defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Reverse Engineering Malware (REM), Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH).

*Insert eye catching and compelling abstract on IR final reporting here. Make it seem exciting and not at all a dreaded yet critical part of incident handling.

Blue Team Village’s Project Obsidian is an immersive, defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Reverse Engineering Malware (REM), Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH).


Return to Index    -    Add to    -    ics Calendar file

 

BTV - Saturday - 10:30-11:30 PDT


Title: Obsidian: IR - OODA! An hour in incident responder life
When: Saturday, Aug 13, 10:30 - 11:30 PDT
Where: Flamingo - Savoy Ballroom - BTV Project Obsidian: Track 0x41 (In-person) - Map

SpeakerBio:juju43
No BIO available

Description:
Project Obsidian Incident Response station will walk through the OODA loop and Jupyter Notebooks to help you investigate, document and answer the key questions during incidents. This session is based on Kill Chain 3 data set and will leverage msticpy. Data, Notebook and Presentation will be made available after Defcon.

Blue Team Village’s Project Obsidian is an immersive, defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Reverse Engineering Malware (REM), Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH).

Let's dance and fly from dogfight to cyberworld. How to investigate and win against threats.

Blue Team Village’s Project Obsidian is an immersive, defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Reverse Engineering Malware (REM), Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH).


Return to Index    -    Add to    -    ics Calendar file

 

APV - Saturday - 16:30-17:30 PDT


Title: One Low, Two Informational: Why Your Pentest Findings are so Boring
When: Saturday, Aug 13, 16:30 - 17:30 PDT
Where: Flamingo - Twilight Ballroom - AppSec Village - Main Stage - Map

SpeakerBio:Robyn Lundin
Robyn started working in tech after a coding bootcamp as a developer for a small startup. She then discovered her passion for security, pivoted into pentesting for NCC Group, and now is working as a Senior Product Security engineer for Slack.

Description:
Application Pentests are costly, sometimes six-figures costly, and can be very time consuming for the hosting AppSec team. Even so, application pentests often yield very few meaningful findings, leaving potential security bugs in the wild for malicious actors to find and exploit. The goal of a pentest is often to find and remediate security issues before they become an even more expensive problem. But if the hosting company doesn't set pentesters up for success, the likelihood of a worthwhile pentest is abysmally low. While a well-done pentest could cost hundreds of thousands of dollars for an application with a highly complex attack surface, a crappy pentest could cost millions in ransom payouts & GDPR fines by giving the hosting company a false sense of assurance while adding no extra protection against security breaches. Avoiding common pitfalls in application pentest planning will yield better results and ensure broader coverage of the target application.

Outline


Return to Index    -    Add to    -    ics Calendar file

 

RFV - Saturday - 16:00-17:59 PDT


Title: Open Panel: War Driving Rig Makers Meetup
When: Saturday, Aug 13, 16:00 - 17:59 PDT
Where: Flamingo - Eldorado Ballroom (Radio Frequency Village) - Map

Description:
2 hours of people doing 5 minute pitches of their custom rigs, what makes it special, unique, build challenges they faced etc.

Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 14:00-14:45 PDT


Title: OpenCola. The AntiSocial Network
When: Saturday, Aug 13, 14:00 - 14:45 PDT
Where: Caesars Forum - Forum 104-105, 135-136 (Track 1) - Map

SpeakerBio:John Midgley , Cult of the Dead Cow
John Midgley was born and raised in Toronto, Canada. He studied computer science at the University of Toronto where he earned a B.Sc. and a Masters in Computer Vision. His first job out of school was building the search algorithms for openCola, an early peer to peer collaboration tool that was arguably 20 years ahead of its time. Not being able to afford a time machine, he busied himself by working at a string of startups and then a couple larger companies (Microsoft and Netflix). From 2011 to 2021 he worked at Netflix on Facebook integration, search, video ranking, content promotion and ended up managing the personalization organization, responsible for the systems and algorithms that construct the Netflix experience. Now that it’s 20 years later, the world may finally be ready for a new and improved version of OpenCola.

Description:
The internet, as it stands today, is not a very trustworthy environment, as evidenced by the numerous headlines of companies abusing personal data and activity. This is not really surprising since companies are responsible for optimizing revenue, which is often at odds with user benefit. The result of these incentives has produced or exacerbated significant problems: tech silos, misinformation, privacy abuse, concentration of wealth, the attention economy, etc. We built OpenCola, free and open source, as an alternative to existing big-tech applications. It puts users in control of their personal activity and the algorithms that shape the flow of data to them. We believe that this solution, although simple, can significantly mitigate the challenges facing the Internet.

Return to Index    -    Add to    -    ics Calendar file

 

DL - Saturday - 14:00-15:55 PDT


Title: OpenTDF
When: Saturday, Aug 13, 14:00 - 15:55 PDT
Where: Caesars Forum - Accord Boardroom (Demo Labs) - Map
Speakers:Paul Flynn,Cassandra Bailey

SpeakerBio:Paul Flynn
Paul has been a software developer for over 25 years, starting as a webmaster in 1995. Paul has worked on securely connecting merchants with banking mainframes; providing governments with digital signing and receipting of documents, and solved Y2K. He has helped scale some of the largest web sites of its time (eBay, Obamacare) and worked on command-and-control systems of life-saving McMurdo beacons. Paul has recognized the deficiency of security from his past and is proud of the solution that is available in OpenTDF.

SpeakerBio:Cassandra Bailey
Cassandra started her career as a full-stack developer for web and macOS applications, and has since managed projects and products in the DeFi, gaming, and most recently, data protection and security spaces. The latter corresponds to her role in helping to develop and manage the OpenTDF project, an open-source API and SDK that leverages the Trusted Data Format (TDF) to enable zero-trust data protection.

Description:
OpenTDF is an open source project that provides developers with the tools to build data protections natively within their applications using the Trusted Data Format (TDF).

Audience: AppSec, Defense, Mobile, IoT


Return to Index    -    Add to    -    ics Calendar file

 

GHV - Saturday - 10:30-10:59 PDT


Title: Opportunity Fuels Grit
When: Saturday, Aug 13, 10:30 - 10:59 PDT
Where: Flamingo - Virginia City III (Girls Hack Village) - Map

SpeakerBio:Tanisha O'Donoghue
Over the last 6 years Tanisha O’Donoghue has been on an upward climb in the Cyber Security Space. The Guyanese native presently resides in the in Washington, DC area. Her current role as an Information Security Risk and Compliance Specialist at Tyler Technologies. As a member of the Information Security Compliance team, she assists with policy management, audits and risk management. Her recent focus has been governance, risk and compliance. Tanisha received her start in cyber with an internship at Symantec in partnership with a nonprofit called Year Up. Year Up's mission is to close the Opportunity Divide by ensuring that young adults gain the skills, experiences, and support that will empower them to reach their potential through careers and higher education. Tanisha’s career experience has included incident response/ recovery efforts, vulnerability management, risk management and compliance. She is the Director of Policy and Procedures at BlackGirlsHack, a nonprofit organization that provides resources, training, mentoring, and opportunities to black women to increase representation and diversity in the cyber security field. Her commitment is to work with individuals and organizations to increase the diversity, inclusion and opportunities so they can make an influential impact on the world. She mentors with passion, guiding her mentees to enhance and elevate their vision for their lives.

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 12:00-12:59 PDT


Title: OSINT Skills Lab Challenge
When: Saturday, Aug 13, 12:00 - 12:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map
Speakers:Sandra Stibbards,Lee McWhorter

SpeakerBio:Sandra Stibbards
Sandra Stibbards opened her investigation agency, Camelot Investigations, in 1996. Currently, she maintains a private investigator license in the state of California. Stibbards specializes in financial fraud investigations, competitive intelligence, counterintelligence, business and corporate espionage, physical penetration tests, online vulnerability assessments, brand protection/IP investigations, corporate due diligence, and Internet investigations. Stibbards has conducted investigations internationally in five continents. Stibbards clients include several Fortune 500 and international companies. Stibbards has been providing training seminars and presentations on Open Source Intelligence (OSINT) internationally since 2010 to federal governments and corporations.
Twitter: @camelotinv

SpeakerBio:Lee McWhorter
Lee McWhorter, CTO at Covered 6, has been involved in IT since its early days and has over 30 years of experience. He is a highly sought-after professional who first learned about identifying weaknesses in computer networks, systems, and software when Internet access was achieved using just a modem. McWhorter currently holds an MBA and over 20 industry certifications (including all of CompTIA’s) in such areas as IT, system admin, networking, programming, Linux, IoT, and cybersecurity. His roles have ranged from the server room to the board room, and he has taught for numerous universities, colleges, commercial trainers, and non-profits. McWhorter works closely with the DEFCON Red Team Village, Dark Arts Village, CompTIA, and the CompTIA Instructor Network (he is a Board Member) as a Speaker, SME, and Instructor.
Twitter: @tleemcjr

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 10:00-10:59 PDT


Title: OSINT Skills Lab Challenge
When: Saturday, Aug 13, 10:00 - 10:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map
Speakers:Sandra Stibbards,Lee McWhorter

SpeakerBio:Sandra Stibbards
Sandra Stibbards opened her investigation agency, Camelot Investigations, in 1996. Currently, she maintains a private investigator license in the state of California. Stibbards specializes in financial fraud investigations, competitive intelligence, counterintelligence, business and corporate espionage, physical penetration tests, online vulnerability assessments, brand protection/IP investigations, corporate due diligence, and Internet investigations. Stibbards has conducted investigations internationally in five continents. Stibbards clients include several Fortune 500 and international companies. Stibbards has been providing training seminars and presentations on Open Source Intelligence (OSINT) internationally since 2010 to federal governments and corporations.
Twitter: @camelotinv

SpeakerBio:Lee McWhorter
Lee McWhorter, CTO at Covered 6, has been involved in IT since its early days and has over 30 years of experience. He is a highly sought-after professional who first learned about identifying weaknesses in computer networks, systems, and software when Internet access was achieved using just a modem. McWhorter currently holds an MBA and over 20 industry certifications (including all of CompTIA’s) in such areas as IT, system admin, networking, programming, Linux, IoT, and cybersecurity. His roles have ranged from the server room to the board room, and he has taught for numerous universities, colleges, commercial trainers, and non-profits. McWhorter works closely with the DEFCON Red Team Village, Dark Arts Village, CompTIA, and the CompTIA Instructor Network (he is a Board Member) as a Speaker, SME, and Instructor.
Twitter: @tleemcjr

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 11:00-11:59 PDT


Title: OSINT Skills Lab Challenge
When: Saturday, Aug 13, 11:00 - 11:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map
Speakers:Sandra Stibbards,Lee McWhorter

SpeakerBio:Sandra Stibbards
Sandra Stibbards opened her investigation agency, Camelot Investigations, in 1996. Currently, she maintains a private investigator license in the state of California. Stibbards specializes in financial fraud investigations, competitive intelligence, counterintelligence, business and corporate espionage, physical penetration tests, online vulnerability assessments, brand protection/IP investigations, corporate due diligence, and Internet investigations. Stibbards has conducted investigations internationally in five continents. Stibbards clients include several Fortune 500 and international companies. Stibbards has been providing training seminars and presentations on Open Source Intelligence (OSINT) internationally since 2010 to federal governments and corporations.
Twitter: @camelotinv

SpeakerBio:Lee McWhorter
Lee McWhorter, CTO at Covered 6, has been involved in IT since its early days and has over 30 years of experience. He is a highly sought-after professional who first learned about identifying weaknesses in computer networks, systems, and software when Internet access was achieved using just a modem. McWhorter currently holds an MBA and over 20 industry certifications (including all of CompTIA’s) in such areas as IT, system admin, networking, programming, Linux, IoT, and cybersecurity. His roles have ranged from the server room to the board room, and he has taught for numerous universities, colleges, commercial trainers, and non-profits. McWhorter works closely with the DEFCON Red Team Village, Dark Arts Village, CompTIA, and the CompTIA Instructor Network (he is a Board Member) as a Speaker, SME, and Instructor.
Twitter: @tleemcjr

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

BHV - Saturday - 13:00-13:30 PDT


Title: Out of the Abyss: Surviving Vulnerability Management
When: Saturday, Aug 13, 13:00 - 13:30 PDT
Where: Flamingo - Laughlin I,II,III (Biohacking Village) - Map
Speakers:Mike Kijewski,Leo Nendza

SpeakerBio:Mike Kijewski
Mike is the cofounder of MedCrypt, a medical device cybersecurity startup based in San Diego, CA.
Twitter: @mikekijewski

SpeakerBio:Leo Nendza
Leo is a Senior Software Development Engineer on MedCrypt’s Heimdall project and a forever DM.

Description:
"""The introduction of an SBOM in the 2018 FDA premarket cybersecurity guidance, and inclusion in update 2022 quality system considerations guidance, has become a rallying cry for SBOM adoption across the healthcare industry. However, three years on and progress has been incremental in generation, adoption, distribution and consumption. The end objective is knowing when a vulnerability impacts an ecosystem.

This talk shares some observations, practical / technical insights into challenges, and paints a picture of the potential future we could have."""


Return to Index    -    Add to    -    ics Calendar file

 

PHV - Saturday - 10:00-17:59 PDT


Title: Packet Detective
When: Saturday, Aug 13, 10:00 - 17:59 PDT
Where: Caesars Forum - Academy 411-414, 420 (Packet Hacking Village) - Map

Description:
Ready to upgrade your skills at the Packet Hacking Village? It’s time to play Packet Detective. A step up in difficulty from Packet Investigator, Packet Detective will test your network hunting abilities at the intermediate level. Come learn some new tricks!

Return to Index    -    Add to    -    ics Calendar file

 

PHV - Saturday - 10:00-17:59 PDT


Title: Packet Inspector
When: Saturday, Aug 13, 10:00 - 17:59 PDT
Where: Caesars Forum - Academy 411-414, 420 (Packet Hacking Village) - Map

Description:
New to packet-fu? Don't know a pcap from a bottle cap? Packet Inspector is the game for you! We provide the laptops and all necessary tools for you to learn the basics of network analysis, sniffing, and forensics.

Return to Index    -    Add to    -    ics Calendar file

 

HRV - Saturday - 15:00-15:30 PDT


Title: Panel: Ask-a-ham
When: Saturday, Aug 13, 15:00 - 15:30 PDT
Where: Flamingo - Virginia City II (Ham Radio Village Activities) - Map

Description:
Do you have any questions for those that have been involved in the amateur radio hobby? Now is the time to "Ask-A-Ham"!

Return to Index    -    Add to    -    ics Calendar file

 

PYV - Saturday - 09:00-13:59 PDT


Title: Payment Hacking Challenge
When: Saturday, Aug 13, 09:00 - 13:59 PDT
Where: Virtual - Payment Village

Description:
Try yourself in ATM, Online bank, POS and Cards hacking challenges

Return to Index    -    Add to    -    ics Calendar file

 

ASV - Saturday - 10:00-11:59 PDT


Title: Pen Test Partners A320 Simulator
When: Saturday, Aug 13, 10:00 - 11:59 PDT
Where: Caesars Forum - Forum 112-117 (Aerospace Village) - Map

Description:
Come take the controls of Pen Test Partners’ immersive A320 simulator. Experience the effects of tampered electronic flight bag data on take-off and landing, TCAS spoofing and more all in the safety of the sim. You’ll see how experienced pilots would deal with these incidents and mitigate risk to passengers and the airplane.

Return to Index    -    Add to    -    ics Calendar file

 

ASV - Saturday - 13:00-14:59 PDT


Title: Pen Test Partners A320 Simulator
When: Saturday, Aug 13, 13:00 - 14:59 PDT
Where: Caesars Forum - Forum 112-117 (Aerospace Village) - Map

Description:
Come take the controls of Pen Test Partners’ immersive A320 simulator. Experience the effects of tampered electronic flight bag data on take-off and landing, TCAS spoofing and more all in the safety of the sim. You’ll see how experienced pilots would deal with these incidents and mitigate risk to passengers and the airplane.

Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 15:30-16:15 PDT


Title: Perimeter Breached! Hacking an Access Control System
When: Saturday, Aug 13, 15:30 - 16:15 PDT
Where: Caesars Forum - Alliance 301-309, 321 (Track 4) - Map
Speakers:Sam Quinn,Steve Povolny

SpeakerBio:Sam Quinn , Senior Security Researcher
Sam Quinn, @eAyeP, is a Senior Security Researcher on the Advanced Threat Research team, focused on finding new vulnerabilities in both software and hardware. Sam has a focus on embedded devices with knowledge in the fields of reverse engineering and exploitation. He has had numerous vulnerability findings and published CVEs in the areas of IOT and enterprise software.
Twitter: @eAyeP

SpeakerBio:Steve Povolny , Principal Engineer & Head of Advanced Threat Research
Steve Povolny, @spovolny, is the Head of Advanced Threat Research for Trellix, which delivers groundbreaking vulnerability research spanning nearly every industry. With more than a decade of experience in network security, Steve is a recognized authority on hardware and software vulnerabilities, and regularly collaborates with influencers in academia, government, law enforcement, consumers and enterprise businesses of all sizes. Steve is a sought after public speaker and media commentator who often blogs on key topics. He brings his passion for threat research and a unique vision to harness the power of collaboration between the research community and product vendors, through responsible disclosure, for the benefit of all.
Twitter: @spovolny

Description:
The first critical component to any attack is an entry point. As we lock down firewalls and routers, it can be easy to overlook the network-connected physical access control systems. A study done by IBM in 2021 showed that the average cost of a physical security compromise is $3.54 million and takes an average of 223 days to identify a breach.

HID Mercury is a global distributor of access control systems with more than 20 OEM partners, deployed across multiple industries and certified for use in federal and state government facilities.

Trellix's Advanced Threat Research team uncovered 4 unique 0-day vulnerabilities and 4 additional undisclosed vulnerabilities leading to remote, unauthenticated code execution on multiple HID Mercury access control panels. These findings lead to full system control including the ability for an attacker to remotely manipulate door locks. During this presentation, we will briefly cover the hardware debugging process, leading to a root shell on the target. We will explore in greater depth the vulnerability discovery techniques, including emulation, fuzzing, static and dynamic reverse engineering, and a detailed walkthrough of several of the most critical vulnerabilities. We’ll address our approach to exploitation using simplistic malware we designed to control system functionality and culminate the talk with a live demo featuring full system control, unlocking doors remotely without triggering any software notification


Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 11:00-11:59 PDT


Title: Phishing With Phineas (Again) - Steroid Boosted Hack Recreation Workshop
When: Saturday, Aug 13, 11:00 - 11:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map

SpeakerBio:George Karantzas
No BIO available

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

PSV - Saturday - 10:00-17:59 PDT


Title: Physical Security Village
When: Saturday, Aug 13, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit 201-202 (Physical Security Village) - Map

Description:
The Physical Security Village (formerly known as the Lock Bypass Village) explores the world of hardware bypasses and techniques generally outside of the realm of cyber security and lockpicking. Come learn some of these bypasses, how to fix them, and have the opportunity to try them out for yourself!

We'll be covering the basics, including the under-the-door-tool and latch slipping attacks, as well as an in-depth look at more complicated bypasses. Learn about elevator hacking, try out alarm system attacks at the sensor and communication line, and have an inside look at common hardware to see how it works.

No prior experience or skills necessary - drop in and learn as much or as little as you'd like!

Looking for a challenge? Show us you can use lock bypass to escape from a pair of standard handcuffs in under 30 seconds and receive a prize!


Return to Index    -    Add to    -    ics Calendar file

 

ROV - Saturday - 17:00-17:59 PDT


Title: Picking Pockets, Picked Apart
When: Saturday, Aug 13, 17:00 - 17:59 PDT
Where: LINQ - 3rd flr - Evolution (Rogues Village) - Map

SpeakerBio:James Harrison
No BIO available
Twitter: @PickpocketJames

Description:
In this workshop, James will be going over the mechanics of picking pockets as well as the psychological principles which allow this centuries old technique to persist to this day.

Return to Index    -    Add to    -    ics Calendar file

 

WS - Saturday - 09:00-12:59 PDT


Title: Pivoting, Tunneling, and Redirection Master Class
When: Saturday, Aug 13, 09:00 - 12:59 PDT
Where: Harrah's - Copper (Workshops) - Map
Speakers:Wesley Thurner,Barrett Darnell

SpeakerBio:Wesley Thurner , Principal Security Engineer
Wesley Thurner is a Principal Security Engineer on the Intuit Red Team, a vital part of the organization that protects Intuit and customers from all forms of cybercrime. Intuit is the global technology platform that helps consumers and small businesses overcome their most important financial challenges. Serving more than 100 million customers worldwide with TurboTax, QuickBooks, Mint, Credit Karma and Mailchimp, we believe that everyone should have the opportunity to prosper. We never stop working to find new, innovative ways to make that possible.

Prior to Intuit, Wesley served as an exploitation operator in the US Department of Defense's most elite computer network exploitation (CNE) unit. There he led and developed multiple teams across a variety of roles in the US Air Force's premier selectively-manned cyber attack squadron. Wes is also a co-organizer for the Red Team Village, a community driven village bridging the gap between penetration testers and offensive operations.


SpeakerBio:Barrett Darnell , Principal Security Engineer
Barrett Darnell is a Principal Security Engineer on the Intuit Red Team, a vital part of the organization that protects Intuit and customers from all forms of cybercrime. Intuit is the global technology platform that helps consumers and small businesses overcome their most important financial challenges. Serving more than 100 million customers worldwide with TurboTax, QuickBooks, Mint, Credit Karma and Mailchimp, we believe that everyone should have the opportunity to prosper. We never stop working to find new, innovative ways to make that possible.

Prior to Intuit, Barrett was a Managing Senior Operator at Bishop Fox, a security firm providing professional and managed services to the Fortune 1000, global financial institutions, and high-tech startups. Barrett was a technical lead for the Continuous Attack Surface Testing (CAST) Managed Security Service. Before Bishop Fox, he served as an exploitation operator in the US Department of Defense's most elite computer network exploitation (CNE) unit. As a top-rated military officer, Barrett led an offensive operations team in the US Air Force's premier selectively-manned cyber attack squadron.


Description:
Pivoting, tunneling, and redirection are essential skills that separate the junior and senior operators in the offensive security landscape. This workshop describes various techniques used to creatively route traffic through multiple network segments. Various tools and techniques will be discussed and demonstrated. Attendees will be able to practice these skills in a provided cyber range during and after the workshop. These are essential skills for every pentester, bug bounty hunter, and red team operator. But that's not all! Defenders will learn techniques for detecting these sorts of suspicious traffic in their network.
Materials
Laptop with wireless network adapter
Prereq
Must have a laptop with an ssh client, students should have beginner experience with ssh and networking.

Return to Index    -    Add to    -    ics Calendar file

 

LPV - Saturday - 14:00-14:59 PDT


Title: Please deposit 30c: A history of payphone locks that lead to one of the most secure locks ever made.
When: Saturday, Aug 13, 14:00 - 14:59 PDT
Where: Caesars Forum - Summit 203-204, 235 (Lock Pick Village) - Map

SpeakerBio:N∅thing
No BIO available

Description:
We will take a look at patents and lock models from payphones through the years leading up to the WE30C and beyond.

Return to Index    -    Add to    -    ics Calendar file

 

DL - Saturday - 12:00-13:55 PDT


Title: PMR - PT & VA Management & Reporting
When: Saturday, Aug 13, 12:00 - 13:55 PDT
Where: Caesars Forum - Committee Boardroom (Demo Labs) - Map
Speakers:Abdul Alanazi,Musaed Bin Muatred

SpeakerBio:Abdul Alanazi
Abdul Alenazi is a penetration testing technical manager @SabrySecurity, a founding member of Sabry InfoSec, with nearly 8 years of experience in pentesting. Prior to joining Sabry, he has worked as a Penetration Testing Consultant at Booz Allen Hamilton, HYAS infoSec, ManTech and other Global & Local Companies. Abdul has completed MASc in Computer Engineering with focus on Applied Network Security & Machine Learning at @UVIC.ca. He has also published academic research on Botnet Detection. In his free time, he enjoys coding and investigating open source security tools. Twitter: @alenazi_90

SpeakerBio:Musaed Bin Muatred
Musaed Bin Muatred: is a Threat Intelligence expert with +8 years of experience in the field of cyber defence. He holds more than 10 certifications and MSc in Computer Science. Also, he has extensive experience in DFIR, threat hunting and reverse engineering

Description:
PMR (PTVA Management & Reporting) is an open-source collaboration platform that closes the gap between InfoSec Technical teams and Management in all assessment phases, from planning to reporting. Technical folks can focus on assessment methodology planning, test execution ,and engagement collaboration. Whereas management can plan engagements, track progress, assign testers, monitor remediation status, and escalate SLA breaches, this is an All-in-One fancy dashboard. The main features are: A) Asset Management which allows IT asset inventory tracking with system owner contacts. B) Engagements Management & Planning that enable security testers to follow a test execution roadmap by creating a new testing methodology or follow execution standards such as NIST, PTES or OWASP. It definitely will keep pentesting engagements and projects more professional. Also, it enables collaborative testing, gathering information and evidence uploading. C) Report Automation that automates boring tasks such as writing technical reports and validation reports. Generating a PDF report that is ready to share with clients and management can be accomplished with one-click. D) All-in-One Dashboard that will keep executives and management up-to-date with the organization's security posture. The dashboard components are: - High level of current vulnerabilities. - Engagement progress. - Remediation Status. - Track SLA breaches. -Monitoring risk exceptions.

Audience: Security professionals, Vulnerability Analysts , AppSec, Offense, Risk Management


Return to Index    -    Add to    -    ics Calendar file

 

HHV - Saturday - 16:00-16:30 PDT


Title: Prizes announced for HHV Rube Goldberg Machine, Make Your Own Use Contest, and Bring the Other Half
When: Saturday, Aug 13, 16:00 - 16:30 PDT
Where: Flamingo - Exec Conf Ctr - Red Rock VI, VII, VII (Hardware Hacking Village) - Map

Description:
Prizes to be given out for these different events. For more information see - https://dchhv.org

Return to Index    -    Add to    -    ics Calendar file

 

SEV - Saturday - 16:30-16:59 PDT


Title: Psychological Reverse Shells
When: Saturday, Aug 13, 16:30 - 16:59 PDT
Where: LINQ - 3rd flr - Social A (Social Engineering Community) - Map

SpeakerBio:MasterChen
MasterChen is a hacker with a background in phone phreaking, psychology, and automation design. His latest research has been highly focused around cyber stalking/anti-stalking, and how to automate both sides of that coin. Bridging gaps between the technical and human elements of self defense has become his life’s mission.
Twitter: @chenb0x

Description:
In hacking and penetration testing, we use “reverse shells” to make a target machine connect back to us for further exploitation or privilege escalation. What does that look like in the realm of psychology and social engineering? This presentation discusses techniques on getting the “mark” to contact us for more help/exploitation.

Return to Index    -    Add to    -    ics Calendar file

 

CLV - Saturday - 11:20-11:59 PDT


Title: Purple Teaming & Adversary Emulation in the Cloud with Stratus Red Team
When: Saturday, Aug 13, 11:20 - 11:59 PDT
Where: Flamingo - Scenic Ballroom (Cloud Village) - Map

SpeakerBio:Christophe Tafani-Dereeper
Christophe is a cloud security researcher and advocate at Datadog. He's passionate about threat detection in the cloud, and cloud-native technologies in general. He previously worked as a software developer, penetration tester, SOC analyst and cloud security engineer. He likes to write about technology he likes, uses, dislikes and misuses. Living in Switzerland, you can tell he's French when he speaks.
Twitter: @christophetd

Description:
To detect evil in the cloud, you must first know what 'evil' looks like. Then, it's critical to have an easy way to reproduce common attack techniques in live environments, to validate that our threat detection and logging pipelines work as intended. In this talk, we present Stratus Red Team, an open-source project for adversary emulation and end-to-end validation of threat detection in AWS, Kubernetes and Azure.

We discuss the motivation behind the project, design choices, and the philosophy behind Stratus Red Team: helping blue teams focus on real-world, documented attack techniques and empower them to iteratively build high-quality detections. We also discuss more advanced use-cases that Stratus Red Team allows, such as running it on a schedule in your CI/CD to continuously validate that the expected alerts are popping up in your SIEM.

We conclude with a live demo where we 'detonate' attack techniques against a live Kubernetes cluster and AWS account.


Return to Index    -    Add to    -    ics Calendar file

 

CPV - Saturday - 17:00-17:59 PDT


Title: Pursuing Phone Privacy Protection [WORKSHOP]
When: Saturday, Aug 13, 17:00 - 17:59 PDT
Where: Flamingo - Vista Ballroom (Crypto Privacy Village) - Map
Speakers:Matt Nash,Mauricio Tavares

SpeakerBio:Matt Nash
Matt Nash breaks things (sometimes intentionally)

As a security consultant, Matt works in a variety of realms, including: internal/external network infrastructure, cloud environments, web applications, automated teller machines (ATMs), physical security, social engineering, digital forensics and incident response, mobile, and wireless. As well, these assessments span a number of sectors: energy, utility, manufacturing, software development, financial, retail, municipal, and medical.

Matt holds a B.S. in Food and Resource Economics, and as a result is totally qualified to speak on the topic being discussed today.


SpeakerBio:Mauricio Tavares
Mauricio Tavares confuses people and things

Mauricio has worked in both the private industry -- credit card and medical -- and multinational research projects, which led to an interest in the behavioral aspect of data security and privacy. He has published in topics ranging from aerospace engineering to computer automation and data privacy (or lack of thereof). Currently, he helps organizations understand the importance of protecting their bacon, including tasty user and data privacy, using expressive dancing.

He only knows two facts about geese, both of which are wrong.


Description:
New year, new challenges to privacy.

You are in a public event, or a coffee shop. Did a notification just tell you about a sale nearby? Why is this app showing ads for the car you rented and told your friend about? Is Santa Claus the only one who knows if you've been naughty or nice? "Maybe if I run a VPN I will be safe." This is wishful thinking at best; it only helps to deal with some privacy attacks. You see, smart phones are little snitches. By design.

They listen to you. They know where you go, what you purchase, and who you interact with. And they never sleep or take vacations.

You can fight back. You can regain (at least some) control of your privacy! But it will not be done buying some magic software and pressing the EZ button. Some assembly is required.

If you are willing to roll up your sleeves and take your brave pill, join us in this workshop as we show how to build your Android phone with the balance between privacy, security, and convenience that fits your comfort level.

Attendees will come out of this workshop with a privacy mindset:

Appreciating the privacy and security implications of using a smart phone in general -- specifically consumer Android devices. Knowing how to achieve different levels of privacy in their phones and understanding the costs and benefits of each approach. Understanding what "attribution of traffic" tying IP to a person through a VPN is.Finding out which apps are privacy-respecting, and how to contain untrusted apps that may be a "must have".

[Who should take this workshop]
Privacy-conscious smartphone users who would like to understand and control what their phones share about them.

[Audience Skill Level]

Intermediate
Entry level, if you have studied the instructions and are prepared to hit the ground running. Or if your team is willing to help you out. We will NOT be able to wait for you to install 374 OS updates, download and install VirtualBox, and then build a Linux VM.

[Attendees' requirements]

An understanding of basic Linux commands. Be comfortable with the idea of installing an aftermarket firmware/OS ("ROM") on a mobile device. Soft/hard "bricking" is a possibility, so having a spare phone may be a good investment. Follow additional instructions provided on the GitHub repository (https://github.com/matthewnash/building-phone-privacy/wiki) ahead of the workshop.

[What students should bring (or do beforehand)]

An Android phone that has been configured per the GitHub instructions. Alternatively, a laptop with Android Studio installed. A learning attitude.


Return to Index    -    Add to    -    ics Calendar file

 

PSV - Saturday - 14:30-14:59 PDT


Title: Pwning RFID From 6ft Away
When: Saturday, Aug 13, 14:30 - 14:59 PDT
Where: Caesars Forum - Summit 201-202 (Physical Security Village) - Map
Speakers:Langston Clement (aka sh0ck),Daniel Goga

SpeakerBio:Langston Clement (aka sh0ck)
Langston Clement (sh0ck) grew up reading stories about the 90's hacker escapades and then after years of observing the scene, he jumped into the cybersecurity field and never looked back. He is the current lead for Red Team operations and Penetration Testing engagements at Core BTS. With over fifteen (15) years of public and private sector experience in cybersecurity and ethical hacking, his goal is to provide organizations with valuable and actionable information to help improve their security posture. Langston's specializations focus on modern-day social engineering techniques, wireless and RFID attacks, vulnerability analysis, as well as physical and cloud penetration testing.
Twitter: @sh0ckSec

SpeakerBio:Daniel Goga
Dan Goga serves as a Security Consultant with Core BTS focused on conducting penetration testing and vulnerability assessments. Dan Goga has seven years of information security experience in the public, private, and academic sectors. Dan has extensive knowledge and experience with RFID hacking, phishing techniques, social engineering techniques, and penetration testing Microsoft Active Directory and cloud environments.
Twitter: @_badcharacters

Description:
Traditional RFID badge cloning methods require you to be within 3 feet of your target. So how can you conduct a physical penetration test and clone a badge if you must stay at least 6 feet from a person? Over the past two years, companies have increasingly adopted a hybrid work environment, allowing employees to partially work remotely which has decreased the amount of foot traffic in and out of a building at any given time. This session discusses two accessible, entry-level hardware designs you can build in a day and deploy in the field, along with the tried-and-true social engineering techniques that can increase your chances of remotely cloning an RFID badge. Langston and Dan discuss their Red Team adventures and methods that can be used beyond a social distancing era. This presentation is supplemented with files and instructions that are available for download in order to build your own standalone gooseneck reader and wall implant devices!

Return to Index    -    Add to    -    ics Calendar file

 

AVV - Saturday - 12:30-12:59 PDT


Title: Python vs Modern Defenses
When: Saturday, Aug 13, 12:30 - 12:59 PDT
Where: Flamingo - Scenic Ballroom (Adversary Village) - Map

SpeakerBio:Diego Capriotti
Diego served 15 years as an Engineer Officer and tackled many problems that had real-life operational impact. He has 5+ years of experience in information security positions for both Public and Private sector focusing on both offensive and defensive security.

During this time, he focused mostly on pen testing, adversarial emulation, and reverse engineering. In the past he has been in charge of ""hacking the RF Spectrum"" for the Italian Army. He is now leading an Offensive Cyber Security Team for a Multinational Company in Italy.


Description:
In recent years the offensive infosec community has shifted from Powershell tooling to C. Other less popular lanuages like Nim, Rust, F, Boolang have also been leveraged to create custom tooling. Modern endpoint defenses are deploying kernel callbacks, userland hooking and ML models to help identify threats. Security-by-default configuration is also becoming the new mantra that will hopefully challenge attackers and narrow down their avenues for action. Furthermore, very popular offensive commercial tools are under increased scrutiny by security vendors, so there's the need to have alternative capabilities and tools at hand. For these reasons, it is crucial for pentesters to know the full potential of a language as a foundational stone for tooling and evasion capabilities that can be brought to the game. In this context of improving security, Python language has something more to say. During the talk will be presented several techniques that can be leveraged using a Python implant to bypass modern defenses by:
  1. Importing python modules dynamically and in memory to bring the vast amount of offensive tooling straight into the interpreter or the implant. Impacket tools and bloodhound-python will be imported and ran entirely from memory.
  2. Executing Cobalt Strikes’s Beacon Object Files (BOF) through the Python implant and use them to stealthily dump lsass process memory. BOFs are first converted into shellcode before execution (ref. https://www.naksyn.com/injection/2022/02/16/running-cobalt-strike-bofs-from-python.html ).
  3. Decoupling C2 communications to reduce implant network fingerprint.
  4. Using Python bundle that comes with a signed interpreter that can be dropped to a machine with low probability of alerting because of Python's wide adoption. The tool used to leverage the afore-mentioned capabilities is named Pyramid and will be published during the talk. Common post exploitation activities have been performed using Pyramid on endpoints equipped with top-tier EDRs, leveraging BOFs and in-memory loaded modules. Results showed that Python is still a viable language for evasion and post-exploitation tasks. Running scripts in memory through a signed interpreter binary can increase the probability of getting a non-malicious verdict by Machine Learning models. Furthermore, modern defenses lack extensive visibility and native prevention capabilities because currently there is no AMSI for Python where security vendors can tap into. Python provides “audit hooks” (ref. https://peps.python.org/pep-0578/ ) that can make Python runtime actions visible to auditing tools. However, audit hooks are not enabled by default in Python official bundle since they will downgrade performance. All things considered, Python might currently represent a blindspot for modern defenses and this could be true for the foreseeable future unless a new surge in popularity as an offensive tooling language will make security vendors put more efforts into malicious Python detection, just like it happened for Powershell or C#.

Return to Index    -    Add to    -    ics Calendar file

 

ASV - Saturday - 10:30-10:55 PDT


Title: Quantum Snake Oil? What Ailments Can It Cure?
When: Saturday, Aug 13, 10:30 - 10:55 PDT
Where: Caesars Forum - Forum 112-117 (Aerospace Village) - Map

SpeakerBio:Jose Pizarro , System Engineer
Jose Pizarro is System Engineer at ESA covering over 20 years of experience. He’s pulled cables under the floors of various labs covering space robotics to quantum communications

Description:
 This presentation will provide a short primer on Quantum Communications in the Aerospace (Communications, Computing and Cybersecurity). We will cover what Quantum Communications overpromises (It will make you coffee in the morning) & talk about the right tools for the right job. Finally, an overview of the engineering challenges to implementing a QKD system in space will also be discussed.

Return to Index    -    Add to    -    ics Calendar file

 

SOC - Saturday - 16:00-17:59 PDT


Title: Queercon Mixer
When: Saturday, Aug 13, 16:00 - 17:59 PDT
Where: Caesars Forum - Forum 120-123, 129, 137 (Chillout) - Map

Description:
The lgbtqia+ community in InfoSec is throwing a party to bring our folk together and have a good time. Meet others like you or hang out with those you’ve met over the years. This is a safe and inclusive space meant to make you feel comfortable and help you socialize with others like you.

Return to Index    -    Add to    -    ics Calendar file

 

RTV - Saturday - 12:00-12:59 PDT


Title: Quiet Recon: Gathering everything you need with LDAP and native AD services 
When: Saturday, Aug 13, 12:00 - 12:59 PDT
Where: Flamingo - Mesquite Ballroom (Red Team Village) - Map

SpeakerBio:Cory Wolff
No BIO available
Twitter: @cwolff411

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

BHV - Saturday - 13:30-14:30 PDT


Title: Radical inclusivity and intersectionality in the biohacking world
When: Saturday, Aug 13, 13:30 - 14:30 PDT
Where: Flamingo - Laughlin I,II,III (Biohacking Village) - Map

SpeakerBio:Berkelly Gonzalez
Berkelly Gonzalez is a biohacker and undergraduate Physics student studying at UC Berkeley who is passionate about issues surrounding healthcare as a human right, bodily autonomy, and accessibility within the scientific community.

Description:
Cyborgs and mutants are not fictional creatures relegated to the realm of sci-fi and superheroes, they are all around us: regular people with pacemakers and prosthetics, with cancer and chronic illness, as well as gender queer and neurodivergent people. For cyborgs and mutants, biohacking often isn’t just a hobby, it is a method of survival. This workshop aims to examine the history, ethics, and legalities of various forms of biohacking and their impact on gender queer, disabled, chronically ill, and neurodivergent persons.

Return to Index    -    Add to    -    ics Calendar file

 

ASV - Saturday - 10:00-15:59 PDT


Title: Red Balloon Failsat Challenges
When: Saturday, Aug 13, 10:00 - 15:59 PDT
Where: Caesars Forum - Forum 112-117 (Aerospace Village) - Map

Description:
Red Balloon Security will provide satellite modems as well as a small satellite for the modems to communicate with. We will provide support and training at the event to help people work through all steps of the challenges using OFRAK. OFRAK (Open Firmware Reverse Analysis Konsole) combines the ability to unpack, analyze, modify, and repack binaries & firmware in a single application. PWNSAT CHALLENGE Participants will analyze and modify the modem firmware with the goal of successfully patching in shellcode to send malicious commands to the CubeSat to make it spin. Modifications may include – disabling firewall, finding credentials, and shellcode writing + injection. Winners with the most interesting CubeSat spin results will be rewarded with a prize.

SAFE SPACE: SATELLITE CONTROL PATCHING In this challenge, participants will have the opportunity to construct and apply a patch modeled after a real world bug detected in spacecrafts. The challenge will be to understand and patch code that’s trying to solve an equation, but has a bug that makes the satellite unusable. We provide guidance on how to identify the mistake and present multiple approaches in increasing degrees of patching complexity.


Return to Index    -    Add to    -    ics Calendar file

 

CON - Saturday - 12:00-16:59 PDT


Title: Red Team Village CTF Qualifiers Part 1
When: Saturday, Aug 13, 12:00 - 16:59 PDT
Where: Caesars Forum - Summit 206-208, 238, 237, 234 (Contest Area) - Map

Description:
Once again this year’s DEF CON Red Team CTF will be hosted by Threat Simulations! We have an amazing, immersive scenario that stresses strong red team skills as players traverse through an enterprise network. This event is not for the faint of heart, first you will battle with hundreds of teams in a jeopardy board style ctf, then the top teams will enter the finals where your Red Team skills will be tested in a full Active Directory environment. Your team will compete against some of the best red teamers in the world as you exploit, pivot, and loot the target environment.

Return to Index    -    Add to    -    ics Calendar file

 

CON - Saturday - 10:00-11:59 PDT


Title: Red Team Village CTF Qualifiers Part 2
When: Saturday, Aug 13, 10:00 - 11:59 PDT
Where: Caesars Forum - Summit 206-208, 238, 237, 234 (Contest Area) - Map

Description:
Once again this year’s DEF CON Red Team CTF will be hosted by Threat Simulations! We have an amazing, immersive scenario that stresses strong red team skills as players traverse through an enterprise network. This event is not for the faint of heart, first you will battle with hundreds of teams in a jeopardy board style ctf, then the top teams will enter the finals where your Red Team skills will be tested in a full Active Directory environment. Your team will compete against some of the best red teamers in the world as you exploit, pivot, and loot the target environment.

Return to Index    -    Add to    -    ics Calendar file

 

PHV - Saturday - 10:00-17:59 PDT


Title: RegEx Trainer
When: Saturday, Aug 13, 10:00 - 17:59 PDT
Where: Caesars Forum - Academy 411-414, 420 (Packet Hacking Village) - Map

Description:
Is regex a mystery to you? We've got your back at the Packet Hacking Village. Our new interactive REGEX Trainer will walk you through learning then doing, giving you a full understanding of how Regular Expressions work.

Return to Index    -    Add to    -    ics Calendar file

 

DL - Saturday - 14:00-15:55 PDT


Title: ResidueFree
When: Saturday, Aug 13, 14:00 - 15:55 PDT
Where: Caesars Forum - Committee Boardroom (Demo Labs) - Map

SpeakerBio:Logan Arkema
Logan is a former student-turned-independent researcher and software developer. While he makes a living conducting IT, security, and privacy audits, his most impactful hacking is 1337ing his job's policies as a union rep to elevate workplace privileges. He has an OSCP, other certs from days wooing federal hiring screeners to pass along his application, and The Time Warp stuck in his head from the time he heard "rm -rf" could be pronounced "rimm raff."

Description:
ResidueFree is a privacy-enhancing tool that allows individuals to keep sensitive information off their device's filesystem. It takes on-device privacy protections from TAILS and "incognito" web browser modes and applies them to any app running on a user's regular operating system, effectively making the privacy protections offered by TAILS more usable and accessible while improving the on-device privacy guarantees made by web browsers and extending them to any application. While ResidueFree currently runs on Linux, its maintainers are hoping to port it to other operating systems in the near future. In addition, ResidueFree can help forensic analysts and application security engineers isolate filesystem changes made by a specific application. The same implementation ResidueFree uses to ensure that any file changes an application makes are not stored to disk can also be used to isolate those changes to a separate folder without impacting the original files.

Audience: ResidueFree was primarily developed for individuals facing privacy threats that can access the information stored on the individuals' device. However, this presentation is also designed for security trainers that want to expand the tools they can suggest as well as for privacy engineers interested in contributing to ResidueFree or expanding it to more commonly used operating systems. ResidueFree also has features built for malware or forensic analysts, application security engineers, or others who wish to easily isolate an application's changes to a device's filesystem with a simple tool.


Return to Index    -    Add to    -    ics Calendar file

 

ASV - Saturday - 13:00-14:59 PDT


Title: Resumé Review and Career Guidance Session
When: Saturday, Aug 13, 13:00 - 14:59 PDT
Where: Caesars Forum - Forum 112-117 (Aerospace Village) - Map

Description:
Bring yourself and a copy of your resume to discuss your career trajectory with public and private industry leaders. Prepare your questions or sit in a mock interview as you hone your skills for a future in aerospace cybersecurity.

Return to Index    -    Add to    -    ics Calendar file

 

PLV - Saturday - 14:00-15:45 PDT


Title: Return-Oriented Policy Making for Open Source and Software Security
When: Saturday, Aug 13, 14:00 - 15:45 PDT
Where: Caesars Forum - Summit 226-227 - Policy Roundtable - Map
Speakers:Eric Mill,Harry Mourtos,Trey Herr

SpeakerBio:Eric Mill , US Office of Management and Budget
No BIO available

SpeakerBio:Harry Mourtos , Office of the National Cyber Director
No BIO available

SpeakerBio:Trey Herr , Director
Trey Herr is the director of the Cyber Statecraft Initiative under the Scowcroft Center for Strategy and Security at the Atlantic Council. His team works on cybersecurity and geopolitics including cloud computing, the security of the internet, supply chain policy, cyber effects on the battlefield, and growing a more capable cybersecurity policy workforce. Previously, he was a senior security strategist with Microsoft handling cloud computing and supply chain security policy as well as a fellow with the Belfer Cybersecurity Project at Harvard Kennedy School and a non-resident fellow with the Hoover Institution at Stanford University. He holds a PhD in Political Science and BS in Musical Theatre and Political Science.

Description:
A moderated discussion on how to hack policy systems using laws and authorities already on the books, featuring the policymakers who write and use them, focusing on open source and software security. At DefCon 22 in the aftermath of Heartbleed, John Menerick told us to "keep calm and hide the internet". Alas, they found it. The policy community in the US, and lesser extent Europe, is finally starting to put serious focus on software security including open source. This event will bring hackers together with policymakers to identify policies on the book that could help improve the open source ecosystem and the security of software. Other policy conversations might stray into the possible, this one will emphasize the practical. The discussion will involve policymakers who write and implement these laws and use these authorities to enable discussion and debate focused on pragmatic solutions, putting hackers inside ongoing policy debates in real time.

Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 11:30-12:15 PDT


Title: Reversing the Original Xbox Live Protocols
When: Saturday, Aug 13, 11:30 - 12:15 PDT
Where: Caesars Forum - Forum 104-105, 135-136 (Track 1) - Map

SpeakerBio:Tristan Miller , Hacker
monocasa has over a decade of industry experience as an engineer in related sub-fields such as firmware development, binary reversing, cloud based device and identity management, and custom tunneling of IP.

Description:
Xbox Live for original Xbox systems launched on November 15, 2002 and was subsequently discontinued on April 15, 2010. The first half of this talk will be an infromation dense overview of the gritty details of how the underlying protocols work and intermixing a retrospective of two decades of how the industry has approached IOT and network security. The second half of the talk will use that base to discuss the architecture of drop in replacement server infrastructure, how the speaker approaches the ethics of third party support for non-updatable abandoned networked devices, and culminating in a demo.

Return to Index    -    Add to    -    ics Calendar file

 

RFV - Saturday - 10:30-11:30 PDT


Title: RF CTF Kick Off Day 2
When: Saturday, Aug 13, 10:30 - 11:30 PDT
Where: Flamingo - Eldorado Ballroom (Radio Frequency Village) - Map

SpeakerBio:RF Hackers Village Staff
No BIO available
Twitter: @rfhackers

Description:
Join the RF Hackers for a presentation on how to RF CTF. All are welcome for this free to play game, documentation online for virtual players. https://github.com/rfhs/rfhs-wiki/wiki/RF-CTF-Virtual-HowToGetStarted

Return to Index    -    Add to    -    ics Calendar file

 

PSV - Saturday - 16:30-16:59 PDT


Title: RFID Hacking 101
When: Saturday, Aug 13, 16:30 - 16:59 PDT
Where: Caesars Forum - Summit 201-202 (Physical Security Village) - Map

SpeakerBio:Ege F
Ege is a security researcher specialising in access control systems and electronics. She is currently pursuing a degree in Electrical Engineering and work part-time for GGR Security as a Security Risk Assessor.
Twitter: @Efeyzee

Description:
Ever wondered how the cards you use to enter your hotel room or the key fobs you use in your car work, and how vulnerabilities in their design and implementation can be exploited? Find out all that and more with this talk.

Return to Index    -    Add to    -    ics Calendar file

 

PSV - Saturday - 13:30-13:59 PDT


Title: RFID Hacking 101
When: Saturday, Aug 13, 13:30 - 13:59 PDT
Where: Caesars Forum - Summit 201-202 (Physical Security Village) - Map

SpeakerBio:Ege F
Ege is a security researcher specialising in access control systems and electronics. She is currently pursuing a degree in Electrical Engineering and work part-time for GGR Security as a Security Risk Assessor.
Twitter: @Efeyzee

Description:
Ever wondered how the cards you use to enter your hotel room or the key fobs you use in your car work, and how vulnerabilities in their design and implementation can be exploited? Find out all that and more with this talk.

Return to Index    -    Add to    -    ics Calendar file

 

RFV - Saturday - 14:30-15:30 PDT


Title: Rip and tear
When: Saturday, Aug 13, 14:30 - 15:30 PDT
Where: Flamingo - Eldorado Ballroom (Radio Frequency Village) - Map

SpeakerBio:Iceman
Christian Herrmann, better known throughout the hacker community as “Iceman”, is a co-founder of RRG and helped produce many of the most common RFID research tools available today including the Proxmark3 RDV4, and Chameleon Mini. He is an RFID hacking and Proxmark3 evangelist, serving the RFID community as both forum administrator and major code-contributor alongside other community developers since 2013. He has spoken at hacker conferences around the world including DEF CON, NullCon, Pass-the-Salt, SSTIC, and BlackAlps. -= Uses four spaces instead of tab =-
Twitter: @herrmann1001

Description:
The talk will cover two different aspects of modern RFID research using the Proxmark3 device. We be looking into a wellknown access control system final layers of protection and to wrap it up, using the new tear off attack to come up with fun findings with its tags. This talk is suitable for people with bizarre interest in PACS. "

Return to Index    -    Add to    -    ics Calendar file

 

HHV - Saturday - 13:00-13:45 PDT


Title: RoboSumo
When: Saturday, Aug 13, 13:00 - 13:45 PDT
Where: Flamingo - Exec Conf Ctr - Red Rock VI, VII, VII (Hardware Hacking Village) - Map

Description:
Bring a robo sumo and compete. Details at - https://dchhv.org/events/robosumo.html

Return to Index    -    Add to    -    ics Calendar file

 

APV - Saturday - 13:30-14:30 PDT


Title: Running system tests with active authn/z
When: Saturday, Aug 13, 13:30 - 14:30 PDT
Where: Flamingo - Twilight Ballroom - AppSec Village - Main Stage - Map

SpeakerBio:Lars Skjorestad
Passionate about software development, application security and people. Application Security Advocate in Equinor's AppSec team
Twitter: @larskaare

Description:
Experience has shown that we spend most of our test effort on unit testing. Many team reports that a key blocker for spending more time on system testing is the effort required to manage/mock the authentication and authorization parts of the system. In this talk we will briefly explore this problem and present one potential solution that could work for some teams.

Return to Index    -    Add to    -    ics Calendar file

 

GHV - Saturday - 16:00-16:30 PDT


Title: S.O.S How Sharing Our Stories Will Save Cybersecurity
When: Saturday, Aug 13, 16:00 - 16:30 PDT
Where: Flamingo - Virginia City III (Girls Hack Village) - Map

SpeakerBio:Rebekah Skeete
Rebekah Skeete is a Security Engineer with Schellman based in Dallas, Texas. As a member of the Infrastructure and Security team, Rebekah is part of a collaborative group of technology professionals that serve as the primary technical resource to help safeguard the organization's computer networks and systems. In her role she is responsible for planning and carrying out security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks.

Prior to joining Schellman in 2022, Rebekah worked for the Texas Rangers in a myriad of roles including Cybersecurity Analyst and Manager of IT Applications and Operations. During the construction of the Rangers new state-of-the-art ballpark, Globe Life Field, Rebekah assisted the Rangers IT department in creating plans to transition over 200 front office employees to their new workspaces. Outside baseball and IT, Rebekah is also interested in politics and started volunteering for campaigns in 2008. From 2013- 2016, she served as a Campaign Manager in the Dallas-Fort Worth area. In 2015, she attended the Women’s Campaign School at Yale. She is the COO of BlackGirlsHack, a nonprofit organization that provides resources, training, mentoring, and access to black women to increase representation and diversity in the cyber security field. Committed to inclusion and belonging, she holds the firm belief that representation enhances the culture and community of an organization and seeks to amplify underserved voices at any table she has a seat.


Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

ASV - Saturday - 10:00-16:59 PDT


Title: Satellite Eavesdropping with DDS
When: Saturday, Aug 13, 10:00 - 16:59 PDT
Where: Caesars Forum - Forum 112-117 (Aerospace Village) - Map

Description:
Satellite communications are used by millions of people every day. From television broadcasts to internet services, satellites bring connectivity beyond the reach of wired infrastructure. In this lab, you’ll learn about one of the most popular satellite communications protocols – DVB-S (Digital Video Broadcasting for Satellite) – and how anyone with inexpensive radio equipment and freely available software can intercept and listen to these signals.

Required gear: none!


Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 10:00-10:45 PDT


Title: Scaling the Security Researcher to Eliminate OSS Vulnerabilities Once and For All
When: Saturday, Aug 13, 10:00 - 10:45 PDT
Where: Caesars Forum - Academy 401-410, 421 (Track 3) - Map

SpeakerBio:Jonathan Leitschuh , OSS Security Researcher - Dan Kaminsky Fellowship @ HUMAN Security
Jonathan Leitschuh is a Software Engineer and Software Security Researcher. He is the first ever Dan Kaminsky Fellow. Jonathan is best known for his July 2019 bombshell Zoom 0-day vulnerability disclosure. He is amongst the top OSS researchers on GitHub by advisory credit. He’s both a GitHub Star and a GitHub Security Ambassador. In 2019 he championed an industry-wide initiative to get all major artifact servers in the JVM ecosystem to formally decommission the support of HTTP in favor of HTTPS only. In his free time he loves rock climbing, surfing, and sailing his Hobie catamaran.

This work is sponsored by the new Dan Kaminsky Fellowship which celebrates Dan’s memory and legacy by funding OSS work that makes the world a better (and more secure) place.

Twitter: @JLLeitschuh

Description:
Hundreds of thousands of human hours are invested every year in finding common security vulnerabilities with relatively simple fixes. These vulnerabilities aren’t sexy, cool, or new, we’ve known about them for years, but they’re everywhere!

The scale of GitHub & tools like CodeQL (GitHub's code query language) enable one to scan for vulnerabilities across hundreds of thousands of OSS projects, but the challenge is how to scale the triaging, reporting, and fixing. Simply automating the creation of thousands of bug reports by itself isn’t useful, & would be even more of a burden on volunteer maintainers of OSS projects. Ideally the maintainers would be provided with not only information about the vulnerability, but also a fix in the form of an easily actionable pull request.

When facing a problem of this scale, what is the most efficient way to leverage researcher knowledge to fix the most vulnerabilities across OSS? This talk will cover a highly scalable solution - automated bulk pull request generation. We’ll discuss the practical applications of this technique on real world OSS projects. We’ll also cover technologies like CodeQL & OpenRewrite (a style-preserving refactoring tool created at Netflix & now developed by Moderne). Let’s not just talk about vulnerabilities, let’s actually fix them at scale.


Return to Index    -    Add to    -    ics Calendar file

 

BHV - Saturday - 15:00-15:30 PDT


Title: Secure by Design - Facilities design cybersecurity
When: Saturday, Aug 13, 15:00 - 15:30 PDT
Where: Flamingo - Laughlin I,II,III (Biohacking Village) - Map

SpeakerBio:David Brearley
David Brearley (GICSP, PMP) is a senior professional associate and Operational Technology Cybersecurity Director at HDR. David has nearly 20 years of international experience in providing IT & OT solutions, services, and consulting covering the comprehensive control system lifecycle.

Description:
"""This presentation is on planning for cybersecurity risks that are inherent within healthcare facility control systems. Traditional standalone OT systems that operate our building (HVAC, electrical, etc) are systems are essential components to a typical healthcare facility’s operation.

The evolution and market demand for smart and sustainable buildings is driving convergence of IT, IoT and OT systems. The return on investment offered by these technologies could be eliminated by a single cyber event without planning for cybersecurity and resilience, or even worse, can affect patient life safety due to interdependencies of systems.

This presentation shows how to recognize potential cybersecurity risks from integrated control system technologies and data integration, and how owners have successfully implemented secure, resilient, and maintainable solutions through application of a risk management framework within facility design."""


Return to Index    -    Add to    -    ics Calendar file

 

WS - Saturday - 14:00-17:59 PDT


Title: Securing Web Apps
When: Saturday, Aug 13, 14:00 - 17:59 PDT
Where: Harrah's - Reno (Workshops) - Map
Speakers:Kaitlyn Handleman,Elizabeth Biddlecome,Irvin Lemus,Sam Bowne

SpeakerBio:Kaitlyn Handleman , Security Engineer
Kaitlyn Handelman is a security engineer and consultant, defending high-value networks professionally. She has extensive experience in aerospace, radio, and hardware hacking.

Industry credentials: OSCP, OSED


SpeakerBio:Elizabeth Biddlecome , Consultant and Instructor
Elizabeth Biddlecome is a consultant and instructor, delivering technical training and mentorship to students and professionals. She leverages her enthusiasm for architecture, security, and code to design and implement comprehensive information security solutions for business needs. Elizabeth enjoys wielding everything from soldering irons to scripting languages in cybersecurity competitions, hackathons, and CTFs.

SpeakerBio:Irvin Lemus , Instructor
Irvin Lemus has been in the industry for 10+ years as an MSP technician, consultant, instructor and coordinator. He is currently the cybersecurity professor at Cabrillo College in Santa Cruz, CA. He also is the Bay Area Cyber Competitions Regional Coordinator as well as the contest creator for SkillsUSA CA and FL. Irvin has spoken at various cybersecurity and educational conferences. Irvin holds a CISSP and a Bachelor's Degree in Information Security.

SpeakerBio:Sam Bowne , Instructor
Sam Bowne has been teaching computer networking and security classes at City College San Francisco since 2000, and is the founder of Infosec Decoded, Inc. He has given talks and hands-on trainings at Black Hat USA, RSA, DEF CON, DEF CON China, HOPE, and many other conferences.

Credentials: PhD, CISSP, DEF CON Black Badge Co-Winner


Description:
Attack Web applications with: command injection, SQL injection, Cross-Site Request Forgery, Cross-Site Scripting, cookie manipulation, Server-Side Template Injection, and more. We will also exploit Drupal and SAML. We will then implement network defenses and monitoring agents. We will use Burp, Splunk, and Suricata. We will also perform attacks on a vulnerable API. This workshop is structured as a CTF competition, to make it useful to students at all levels. We will demonstrate the easier challenges from each topic, and detailed step-by-step instructions are available. We will have several instructors available to answer questions and help participants individually. Every participant should learn new, useful techniques.
Materials
Any computer with a Web browser.
Prereq
Beginners are welcome. Familiarity with web technologies is helpful but not necessary.

Return to Index    -    Add to    -    ics Calendar file

 

CLV - Saturday - 12:30-13:10 PDT


Title: Security Misconfigurations in the Cloud - "Oh Look, something fluffy, poke, poke, poke"
When: Saturday, Aug 13, 12:30 - 13:10 PDT
Where: Flamingo - Scenic Ballroom (Cloud Village) - Map

SpeakerBio:Kat Fitzgerald
Based in Seattle and a natural creature of winter, you can typically find me sipping Grand Mayan Extra Anejo whilst simultaneously defending my systems using OSS, magic spells and Dancing Flamingos. Honeypots & Refrigerators are a few of my favorite things! Fun Fact: I rescue Feral Pop Tarts and have the only Pop Tart Sanctuary in the Seattle area.
Twitter: @rnbwkat

Description:
Intro time (5 mins) Well, I have to say who I am and why I'm here and my qualifications, otherwise people leave. Ok, maybe they don't leave, but I want to explain how/why I do this and how I'm going to make it a fun project for everyone after the talk! Baking something fluffy (10 mins) Now I take a few minutes to explain the common concepts of cloud configurations such as IAM/ORG policies and how they compare to redteaming 'on-prem'. It's all about understanding the magic that is the cloud in clear terms that everyone can follow along with - and yes, there are funny jokes and memes throughout. A happy crowd is an engaged crowd! Seriously, in a quick 10 minutes, 'Pizza as a Service' is used to explain the concepts of the cloud, the attack vectors presented and how pentesters and bad actors use these attack points to their advantage. It's clobberin time (10 mins) Let's get to it with lots of example of misconfigurations and the attack vectors they pose. This is both live (with recorded backup) demo time and OSS tool demonstrations to help find misconfigured cloud services. Not much else to say about this part. It is interactive, fun and really shows off how simple mistakes can lead to serious incidents like exposing millions of records to the public 'accidentally' or how a public github repo was used to launch over 300 VMs for crypto mining and no one knew until a month later. Oh yeah, and a brief description of how cryptomining is a fun diversion to take your attention away from what the attacker was really doing will be discussed. Peace offerings to the demo gods will be made prior to the live portion of course. Great, now how do we fix it? (10 mins) Well, attendees have to come away with some clear AIs to be able to apply to their cloud configurations and some suggestions on how to avoid misconfigurations in the first place. Auditing tools are discussed and shown (not in demo, but output from audits are shared and discussed) Tools discussed are all OSS and nothing, (and I mean nothing!) is commercial! Before and afters of misconfigured cloud projects will be shown with some general automation suggestions to help remove the 'human threat' factor from the process. Key Takeaways (5 mins) Let's bring it all to a neat and tidy conclusion with specific takeaways so attendees feel like they got something out of this. What good is any talk without identified specifics of what we learned and how to apply them, am I right? And there you have it, tied up neatly with a lovely bow and ready to take home! Q/A (5 mins)

Return to Index    -    Add to    -    ics Calendar file

 

DL - Saturday - 12:00-13:55 PDT


Title: SharpSCCM
When: Saturday, Aug 13, 12:00 - 13:55 PDT
Where: Caesars Forum - Society Boardroom (Demo Labs) - Map
Speakers:Chris Thompson,Duane Michael

SpeakerBio:Chris Thompson
Chris is a senior consultant on SpecterOps’s adversary simulation team and has over ten years of experience in information security, serving numerous Fortune 500 clients in the retail, consumer products, financial, and telecom industries. He has extensive experience leading network, web application, and wireless penetration tests, social engineering engagements, and technical security assessments to provide actionable recommendations that align with each organization's security strategy and risk tolerance. Chris enjoys researching and applying new tradecraft to overcome technical challenges and writing tools that automate tasks and improve efficiency.

SpeakerBio:Duane Michael
Duane is a senior consultant on SpecterOps's adversary simulation team, where he conducts advanced red team exercises and instructs courses on red team operations and vulnerability research. He has over ten years of experience in information security, with a deep curiosity for researching Windows, its internals, and related technologies. Duane strives to demystify tradecraft for clients through both an offensive and defensive lens, an activity he has performed for numerous Fortune 100 clients.

Description:
SharpSCCM is a post-exploitation tool designed to leverage Microsoft Endpoint Configuration Manager (a.k.a. ConfigMgr, formerly SCCM) for lateral movement from a C2 agent without requiring access to the SCCM administration console. SharpSCCM supports lateral movement functions ported from PowerSCCM and contains additional functionality to abuse newly discovered attack primitives for coercing NTLM authentication from local administrator and SCCM site server machine accounts in environments where automatic client push installation is enabled. SharpSCCM can also dump information about the SCCM environment from a client, including domain credentials for Network Access Accounts. Further, with access to an SCCM administrator account, operators of SharpSCCM can execute code as SYSTEM or coerce NTLM authentication from the currently logged-in user or the machine account on any SCCM client.

Audience: Offense, Defense, System Administrators


Return to Index    -    Add to    -    ics Calendar file

 

PWV - Saturday - 11:00-10:59 PDT


Title: So long, PBKDF2! The end of password-based key derivation
When: Saturday, Aug 13, 11:00 - 10:59 PDT
Where: Caesars Forum - Summit 218-219 (Password Village) - Map

SpeakerBio:Vivek Nair
Vivek Nair is an EECS Ph.D. student at UC Berkeley and a researcher at Cornell's IC3. As a recipient of the NSF, NPSC, and Hertz fellowships, Vivek has worked with the US Department of Defense to build resilient cyber systems. He began researching cybersecurity in 2015, when he founded Multifactor.com, and has gone on to author 12+ patents for cybersecurity technologies. He was the youngest-ever recipient of Bachelor's and Master's degrees in Computer Science at the University of Illinois at the ages of 18 and 19 respectively. Outside of cybersecurity, Vivek is a competitive VR eSports player and the captain of UC Berkeley’s Beat Saber team, which he led to a US collegiate championship victory in 2021.

Description:
"From Apple iOS to LastPass to WPA/WPA2, decades-old password-based key derivation functions like PBKDF2 remain in widespread use across major enterprise systems today. Yet the advent of fast SHA-1 and SHA-256 ASICs and the increasing prevalence of credential stuffing and password spraying attacks have made password-based key derivation all but obsolete. Moreover, current key recovery standards (like NIST SP 800-57) suggest using a master key to recover lost passwords, creating a central point of failure and thus entirely defeating the purpose of user-derived keys. While multi-factor authentication is a great defense against credential stuffing, password-derived keys remain only as strong as the passwords they're based on. This talk will demonstrate how credential stuffing attacks can target data encrypted with password-derived keys and will propose a new KDF construction, ""multi-factor key derivation,"" that leverages novel cryptography to take advantage of all of a user's authentication factors in the key derivation process. "

Return to Index    -    Add to    -    ics Calendar file

 

SEV - Saturday - 18:00-18:59 PDT


Title: Social Engineering as a career panel
When: Saturday, Aug 13, 18:00 - 18:59 PDT
Where: LINQ - 3rd flr - Social A (Social Engineering Community) - Map

Description:
https://www.se.community/presentations/#career-panel

Return to Index    -    Add to    -    ics Calendar file

 

SEV - Saturday - 21:30-23:59 PDT


Title: Social Engineering Community Village Mixer
When: Saturday, Aug 13, 21:30 - 23:59 PDT
Where: LINQ - 3rd flr - Social A (Social Engineering Community) - Map

Description:
Our village is throwing a low-key mixer! There will be a cash bar (alcoholic and nonalcoholic options). While there is no sign up needed, it will be on a first come, first serve/till we fill the room basis.

Return to Index    -    Add to    -    ics Calendar file

 

BHV - Saturday - 10:00-10:30 PDT


Title: Space Station Sapians: Health is out of this world
When: Saturday, Aug 13, 10:00 - 10:30 PDT
Where: Flamingo - Laughlin I,II,III (Biohacking Village) - Map

SpeakerBio:Dr. Josef Schmid , Flight Surgeon
NASA Flight Surgeon • Aquanaut • Air Force Major General (Ret) ​
Dr. Josef Schmid is a Flight Surgeon at NASA and a Major General (Retired) in the United States Air Force Reserves. His patients are the current and past Astronauts and their family members, and include an X-15 pilot, Shuttle, Space Station and Apollo Astronauts who have walked on the Moon. He became an aquanaut during a 12 day mission to NOAA’s undersea Aquarius habitat during NASA’s NEEMO 12.

Dr. Schmid has been a crew surgeon for shuttle missions STS-116, STS-120, STS-126 and for multiple long duration missions supporting the International Space Station including Soyuz launches and landing operations in Kazakhstan for expeditions 18, 24, 29, 39, 48, 56, and 63. He serves as the Lead for Medical Operations for the new Orion vehicle and Artemis Missions that will return humans to the Moon.

Dr. Schmid is the previous lead for Space Medicine Training, responsible for training medical students, other flight surgeons, astronaut crew medical officers and biomedical engineers, former Co-director for the Aerospace Medicine Residency at the University of Texas Medical Branch, Galveston. He has led missions teaching life saving surgical skills in Nepal, Rwanda, Mexico, Romania, Bosnia and Sri Lanka.


Description:
Dr. Schmid will provide an overview of the NASA space medicine operations current spaceflight challenges and opportunities in the context of the environments of care including air, space and terrestrially in our domestic and international health systems. He will provide a worldwind tour of Space Medicine origins, space telemedicine, medical training required, extreme environments of care, NASA international and off the planet medical operations, mission planning, space physiology, longitudinal surveillance of astronaut health, current and future missions, commercial space flight and new vehicles. Dr. Schmid will introduce the Holoportation Project, the first Holographic Transportation of humans to space, new technologies and opportunities for collaboration and problem solving with NASA.

Return to Index    -    Add to    -    ics Calendar file

 

ASV - Saturday - 16:00-16:50 PDT


Title: Space ISAC: Protecting Our Space Assets
When: Saturday, Aug 13, 16:00 - 16:50 PDT
Where: Caesars Forum - Forum 112-117 (Aerospace Village) - Map

Description:
Erin Miller, the Executive Director of Space ISAC, will lead a panel discussing the trends, data, intelligence, and threats that are affecting space systems and the satellite community.

Return to Index    -    Add to    -    ics Calendar file

 

CLV - Saturday - 12:00-12:30 PDT


Title: SquarePhish - Phishing Office 365 using QR Codes and Oauth 2.0 Device Code Flow
When: Saturday, Aug 13, 12:00 - 12:30 PDT
Where: Flamingo - Scenic Ballroom (Cloud Village) - Map
Speakers:Kamron Talebzadeh,Nevada Romsdahl

SpeakerBio:Kamron Talebzadeh
Kam Talebzadeh is a penetration tester and security researcher. He has developed and published several open-source offensive toolkits including o365spray, BridgeKeeper, and redirect.rules. Currently, he works as a Security Researcher for Secureworks. He holds the Offensive Security WebExpert (OSWE) certification.

SpeakerBio:Nevada Romsdahl
Nevada Romsdahl is currently a senior security researcher for Secureworks. In his 15 year information security career, Nevada has held the roles of security analyst, security architect, penetration tester and security researcher. He holds many offensive security certifications including OSCP, OSWP, OSWE, OSCE, and OSEE.
Twitter: @nevadaromsdahl

Description:
SquarePhish is a phishing tool that combines QR Codes and OAuth 2.0 Device Code Flow for Advanced Phishing Attacks against Office 365.

Return to Index    -    Add to    -    ics Calendar file

 

BICV - Saturday - 13:00-13:59 PDT


Title: State of the Model
When: Saturday, Aug 13, 13:00 - 13:59 PDT
Where: Virtual - BIC Village
Speakers:GACWR Team ,Jovonni Pharr

SpeakerBio:GACWR Team
No BIO available

SpeakerBio:Jovonni Pharr
No BIO available

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

GHV - Saturday - 16:30-16:59 PDT


Title: Staying Afloat in a Tsunami Of Security Inflormation
When: Saturday, Aug 13, 16:30 - 16:59 PDT
Where: Flamingo - Virginia City III (Girls Hack Village) - Map

SpeakerBio:Tracy Z. Maleeff
Tracy Z. Maleeff, aka @InfoSecSherpa, is a Security Researcher with the Krebs Stamos Group. She previously held the roles of Information Security Analyst at The New York Times Company and a Cyber Analyst for GlaxoSmithKline. Prior to joining the Information Security field, Tracy worked as a librarian in academic, corporate, and law firm libraries. She holds a Master of Library and Information Science degree from the University of Pittsburgh in addition to undergraduate degrees from both Temple University (magna cum laude) and the Pennsylvania State University. While a member of the Special Libraries Association, Tracy received the Dow Jones Innovate Award, the Wolters Kluwer Law & Business Innovations in Law Librarianship award and was named a Fellow. Tracy has been featured in the Tribe of Hackers: Cybersecurity Advice and Tribe of Hackers: Leadership books. She also received the Women in Security Leadership Award from the Information Systems Security Association. Tracy publishes a daily Information Security & Privacy newsletter and maintains an Open-Source Intelligence research blog at infosecsherpa.medium.com. She is a native of the Philadelphia area.
Twitter: @InfoSecSherpa

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

DL - Saturday - 10:00-11:55 PDT


Title: svachal + machinescli
When: Saturday, Aug 13, 10:00 - 11:55 PDT
Where: Caesars Forum - Committee Boardroom (Demo Labs) - Map

SpeakerBio:Ankur Tyagi
Ankur is working with Qualys Inc. as a Principal Engineer. On the Internet, he goes by the handle 7h3rAm and usually blogs here: http://7h3ram.github.io/.

Description:
Writeups for CTF challenges and machines are a critical learning resource for our community. For the author, it presents an opportunity to document their methodology, tips/tricks and progress. For the audience, it serves as reference material. Oftentimes, authors switch roles and become the audience to learn from their own work. This demo aims to showcase tools, svachal and machinescli, developed with these insights. These work in conjunction to help users curate their learning in .yml structured files, find insights and query this knowledge base as and when needed.

Audience: Offense/Defense


Return to Index    -    Add to    -    ics Calendar file

 

ICSV - Saturday - 11:30-11:59 PDT


Title: Taking MITRE ATT&CK for ICS to Sea
When: Saturday, Aug 13, 11:30 - 11:59 PDT
Where: Caesars Forum - Alliance 314 - 319 (ICS Village) - Map

SpeakerBio:Tyson B. Meadors , Cyber Warfare Engineer
LCDR Tyson B. Meadors is a Navy Cyber Warfare Engineer currently assigned to Cryptologic Warfare Activity SIXTY SEVEN. He previously served both afloat and ashore as a Surface Warfare Officer and Naval Intelligence Officer. From 2017-2018, he was a Director of Cyber Policy on the National Security Council Staff, where he advised the President, Vice President, and multiple National Security Advisors on cyber operations policy, technology, and threats and helped draft multiple national-level strategies and policies. Prior to commissioning from the US Naval Academy, worked as a journalist and taught English in the People’s Republic of China. He is the only naval officer to ever defeat a guided missile destroyer in a real-world engagement and is also the founder and CEO of Ex Mare Cyber, a cybersecurity consultancy.

Description:
The existing MITRE ATT&CK for ICS Framework largely describes the range of TTPs that could be leveraged against ships. Consequently, it has the potential to be an effective starting point for those charged with assessing the risks and potential detection and mitigation methodologies associated with mitigating those risks. That said, recent attempts at applying ATT&CK for ICS for shipboard cyber assessments has identified several key gaps and potential amplifications needed to more comprehensively cover the range of TTPs that can be leveraged by adversary actors against shipboard systems and networks. The presenter is currently collaborating with MITRE to add maritime specific TTPs and existing TTP applications into the upcoming release of the MITRE ATT&CK for ICS Framework.

Return to Index    -    Add to    -    ics Calendar file

 

SEV - Saturday - 17:00-17:30 PDT


Title: The aftermath of a social engineering pentest. - Are we being ethically responsible?”
When: Saturday, Aug 13, 17:00 - 17:30 PDT
Where: LINQ - 3rd flr - Social A (Social Engineering Community) - Map

SpeakerBio:Ragnhild “Bridget“ Sageng
Ragnhild “Bridget” Sageng has several years of experience in the IT industry, working with IT-support before transcending into a career within pentesting. Today, she works as an ethical hacker at Orange Cyberdefense in Norway. Prior to her IT career, “Bridget” educated herself in the field of human psychology and healthcare due to her interest in understanding the human mind. She has always had an interest in cybersecurity and completed her bachelor’s degree in Cybersecurity recently at Noroff University College. Due to her interest in both the human mind and IT security, “Bridget” specializes in social engineering and Open-source investigation (OSINT). In 2020, she won an international social engineering CTF hosted by Temple University. In 2021, “Bridget” became a Certified Social Engineering Pentest Professional (SEPP) and has since dedicated her focus toward social engineering pentesting. Her hands-on experience with social engineering pentesting has prompted her to further research the topics of ethically handling people affected by the tests.
Twitter: @ragnhild_bss

Description:
Pentesting humans using social engineering techniques has become increasingly important to many organizations, and rightfully so. While many focus on the performance of a social engineering engagement, fewer deal with the post-engagement process. When a hacker has done their job, how are the results handled? How does a target feel afterward knowing they have been duped, and who is helping them to overcome adversarial feelings in the wake of a test? A social engineering pentest tests humans, and not systems. The people affected can feel they have failed as humans and not just professionally. Distress, psychological strain, and self-blame are just some of the factors that can affect a human not being helped correctly in the aftermath. But it’s not just the victims that are at risk of negative outcomes, but hackers themselves too. This talk aims to start a dialogue about the aftermath of social engineering pentests. When are we doing it right, and when are we doing it wrong? Is there a right or wrong way? The possible pitfalls will be highlighted in handling the aftermath of social engineering engagements and exploring various challenges and proposed solutions to problems that may arise.

Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 15:00-15:20 PDT


Title: The Big Rick: How I Rickrolled My High School District and Got Away With It
When: Saturday, Aug 13, 15:00 - 15:20 PDT
Where: Caesars Forum - Forum 106-110, 138-139 (Track 2) - Map

SpeakerBio:Minh Duong , Student at University of Illinois at Urbana-Champaign
Minh Duong is an undergraduate studying Computer Science at the University of Illinois at Urbana-Champaign. Over the summer, he worked as an application security intern for Trail of Bits, focusing on compositor security and the Wayland protocol. In his free time, he plays CTFs with SIGPwny, UIUC's cybersecurity club. This will be his first time at DEF CON.
Twitter: @WhiteHoodHacker

Description:
What happens when you have networked projectors, misconfigured devices, and a bored high school student looking for the perfect senior prank? You get a massive rickroll spanning six high schools and over 11,000 students at one of the largest school districts in suburban Chicago.

This talk will go over the coordination required to execute a hack of this scale and the logistics of commanding a botnet of IoT systems. It will also describe the operational security measures taken so that you can evade detection, avoid punishment, and successfully walk at graduation.


Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 14:00-14:45 PDT


Title: The COW (Container On Windows) Who Escaped the Silo
When: Saturday, Aug 13, 14:00 - 14:45 PDT
Where: Caesars Forum - Academy 401-410, 421 (Track 3) - Map

SpeakerBio:Eran Segal , Security research team leader at SafeBreach
Eran Segal is a research team leader, with more than 7 years experience in cyber security research. Over the last three years, he has been researching security projects in SafeBreach Labs, after serving in various security positions in the IDF. He specializes in research on Windows and embedded devices.

Description:
Virtualization and containers are the foundations of cloud services. Containers should be isolated from the real host’s settings to ensure the security of the host.

In this talk we’ll answer these questions: “Are Windows process-isolated containers really isolated?” and “What can an attacker achieve by breaking the isolation?”

Before we jump into the vulnerabilities, we’ll explain how Windows isolates the container’s processes, filesystem and how the host prevents the container from executing syscalls which can impact the host. Specifically, we’ll focus on the isolation implementation of Ntoskrnl using server silos and job objects.

We’ll compare Windows containers to Linux containers and describe the differences between their security architectural designs. We’ll follow the scenario of an attacker-crafted container running with low privileges. We'll show in multiple ways how to gain privilege escalation inside the container to NT/System. After gaining NT/System permissions, we'll talk about how we escaped the isolation of the container and easily achieved a dump of the entire host’s kernel memory from within the container. If the host is configured with a kernel debugger, we can even dump the host’s Admin credentials.

We’ll finish by demonstrating how an attacker-crafted container with low privileges can read UEFI settings and then set them. Using this technique an attacker can communicate between containers and cause a permanent Denial-of-Service (DoS) to a host with default settings, through the UEFI interface.


Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 18:00-18:45 PDT


Title: The CSRF Resurrections! Starring the Unholy Trinity: Service Worker of PWA, SameSite of HTTP Cookie, and Fetch
When: Saturday, Aug 13, 18:00 - 18:45 PDT
Where: Caesars Forum - Academy 401-410, 421 (Track 3) - Map

SpeakerBio:Dongsung Kim , IT-Security Expert, Truesec
Dongsung (Donny) Kim is a security specialist at Truesec || an independent software developer. His software interests vary widely from frontend to DevSecOps, with research interests spanning from reverse engineering to web security. Equipped with both professional and academic experiences, he wants to reconcile two seemingly opposite ideas: understanding user-facing software problems without compromising security.
Twitter: @kid1ng

Description:
CSRF is (really) dead. SameSite killed it. Browsers protect us. Lax by default!

Sounds a bit too good to be true, doesn't it? We live in a world where browsers get constantly updated with brand new web features and new specifications. The complexity abyss is getting wider and deeper. How do we know web technologies always play perfectly nice with each other? What happens when something slips?

In this talk, I focus on three intertwined web features: HTTP Cookie's SameSite attribute, PWA's Service Worker, and Fetch. I will start by taking a look at how each feature works in detail. Then, I will present how the three combined together allows CSRF to be resurrected, bypassing the SameSite's defense. Also, I will demonstrate how a web developer can easily introduce the vulnerability to their web apps when utilizing popular libraries. I will end the talk by sharing the complex disclosure timeline and the difficulty of patching the vulnerability due to the interconnected nature of web specifications.


Return to Index    -    Add to    -    ics Calendar file

 

CPV - Saturday - 14:30-14:59 PDT


Title: The deadly state of surveillance capitalism in healthcare
When: Saturday, Aug 13, 14:30 - 14:59 PDT
Where: Flamingo - Vista Ballroom (Crypto Privacy Village) - Map
Speakers:Andrea Downing,Valencia Robinson,Mike Mittelman

SpeakerBio:Andrea Downing
Andrea Downing is a cancer advocate turned security researcher. Her work has been featured on CNN, Fortune, and The Verge, and has catalyzed an urgent dialogue on national health privacy policy and the need for protections outside of HIPAA. Andrea has co-founded a nonprofit called The Light Collective to work with vulnerable patient groups seeking digital rights and safe spaces for patient support communities on social media.

SpeakerBio:Valencia Robinson
Valencia Robinson is a breast cancer survivor, co-founding member of The Light Collective. As a patient advocate with 15 years experience working in the breast cancer community, Valencia is working to advance digital rights for patients and ensure technologies affecting the lives of her community have representation from people of color in the governance and design.

SpeakerBio:Mike Mittelman
No BIO available

Description:
Whether serving up medical misinformation through ads, or brokering patients into predatory startups like Cerebral - patients going through the trauma of a diagnosis experience harm as they seek knowledge online. This talk will focus on this specific research, and share a broader perspective on the deadly state of surveillance capitalism and ad targeting in healthcare.

In a recent study from researchers at Duke University and the patient privacy-focused group the Light Collective, patient advocates who are active in the hereditary cancer community and cancer support groups on Facebook—including three who are Facebook group admins—downloaded and analyzed their data from the platform's "Off Facebook Activity" feature in September and October. The tool shows what information third parties are sharing with Facebook and its parent company Meta about your activity on other apps and websites. Along with the retail and media sites that typically show up in these reports, the researchers found that several genetic-testing and digital-medicine companies had shared customer information with the social media giant for ad targeting.

This talk will not only share examples of harm, we will talk about what our patient-led collective is doing to help patients take back their privacy.


Return to Index    -    Add to    -    ics Calendar file

 

BTV - Saturday - 13:00-13:59 PDT


Title: The DFIR Report Homecoming Parade Panel
When: Saturday, Aug 13, 13:00 - 13:59 PDT
Where: Virtual - BlueTeam Village - Talks
Speakers:Ch33r10,Kostas,Justin Elze,nas_bench - Nasreddine Bencherchali,Jamie Williams,ICSNick - Nicklas Keijser

SpeakerBio:Ch33r10
Cybersecurity Analyst at a Fortune 500. DSc Cybersecurity, MBA IT Management, 8 x GIAC, and SANS Women’s Academy graduate.

SpeakerBio:Kostas
Kostas is a security researcher with many years of experience in the field. Coming from a technical background in incident response, he specializes in intrusion analysis and threat hunting.

Kostas devotes most of his spare time to supporting the information security community by producing free threat intelligence reports as part of the DFIRReport effort, of which he is a member.


SpeakerBio:Justin Elze
Justin is currently serving as CTO/Hacker at TrustedSec and possess a background in red teaming, pentesting, and offensive research.

SpeakerBio:nas_bench - Nasreddine Bencherchali
Avid learner, passionate about all things detection, malware, DFIR, and threat hunting.

SpeakerBio:Jamie Williams
Jamie is an adversary emulation engineer for The MITRE Corporation where he works with amazing people on various exciting efforts involving security operations and research, mostly focused on adversary emulation and behavior-based detections. He leads the development of MITRE ATT&CK® for Enterprise and has also led teams that help shape and deliver the “adversary-touch” within MITRE Engenuity ATT&CK Evaluations as well as the Center for Threat-Informed Defense (CTID).
Twitter: @jamieantisocial

SpeakerBio:ICSNick - Nicklas Keijser
Nicklas works as a Threat Research Analyst at the company Truesec, based in Stockholm/Sweden. Here he splits his time picking apart malware from threat actors and as a subject matter expert in Industrial Control System. Also a analyst contributor to The DFIR Report.

Description:
The DFIR Report Homecoming Parade will not discuss normal (BAU) CTI actions, such as searching the logs for hits on the IOCs or entering the IOCs into a Threat Intelligence Platform (TIP) or other alerting platform. Instead, the participants will focus on pivoting, TTPs, and how they would take the contents in the various DFIR Reports to the NEXT LEVEL! When the Panelists respond to the DFIR Reports, they are operating under the assumption that they performed the preliminary analysis and deemed the threat report relevant to their environment. The purpose of this assumption is to decrease the amount of debate on whether or not something is relevant to get to the part of the analysis that involves extracting actionable takeaways.

Follow along as we take the DEF CON Hacker Homecoming theme to the next level with a DFIR Report Homecoming Parade. The panel will provide additional context to various DFIR Reports released in the past year. Pick up some tips and tricks to up your game!


Return to Index    -    Add to    -    ics Calendar file

 

ASV - Saturday - 14:30-14:55 PDT


Title: The Emerging Space - Cyber Warfare Theatre
When: Saturday, Aug 13, 14:30 - 14:55 PDT
Where: Caesars Forum - Forum 112-117 (Aerospace Village) - Map

SpeakerBio:Eytan Tepper
Eytan Tepper is Visiting Assistant Professor and director of the Space Governance Lab at Indiana University Bloomington. He earned his doctorate from McGill University’s Institute of Air and Space Law and pursued a postdoc at NYU Law School. He teaches and leads research on space law & governance.

Description:
A combined space-cyber warfare theatre is emerging to become the primary battlefield in the twenty-first century and the main mode of space warfare. Cyberattacks on critical space-based infrastructure have already been launched by States, criminal organizations, and terrorist groups, and such attacks could even trigger a war. The risks are high, yet current multilateral regimes and most national policies do not address the emerging space-cyber nexus. A new project aims to identify shared norms

Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 12:00-12:20 PDT


Title: The Evil PLC Attack: Weaponizing PLCs
When: Saturday, Aug 13, 12:00 - 12:20 PDT
Where: Caesars Forum - Alliance 301-309, 321 (Track 4) - Map

SpeakerBio:Sharon Brizinov , Vulnerability Research Team Lead @ Claroty
Sharon Brizinov leads the vulnerability research at Claroty. Brizinov specializes in vulnerability research, malware analysis, network forensics, and ICS/SCADA security. In addition, Brizinov participated in well-known hacking competitions such as Pwn2Own (2020, 2022), and he holds a DEFCON black-badge for winning the ICS CTF (DEFCON 27).

Description:
These days, Programmable Logic Controllers (PLC) in an industrial network are a critical attack target, with more exploits being identified every day. But what if the PLC wasn’t the prey, but the predator? This presentation demonstrates a novel TTP called the "Evil PLC Attack", where a PLC is weaponized in a way that when an engineer is trying to configure or troubleshoot it, the engineer’s machine gets compromised.

We will describe how engineers diagnose PLC issues, write code, and transfer bytecode to PLCs for execution with industrial processes in any number of critical sectors, including electric, water and wastewater, heavy industry, and automotive manufacturing. Then we will describe how we conceptualized, developed, and implemented different techniques to weaponize a PLC in order to achieve code execution on an engineer’s machine.

The research resulted in working PoCs against ICS market leaders which fixed all the reported vulnerabilities and remediated the attack vector. Such vendors include Rockwell Automation, Schneider Electric, GE, B&R, Xinje, OVARRO and more.


Return to Index    -    Add to    -    ics Calendar file

 

ICSV - Saturday - 16:00-16:59 PDT


Title: The Geopolitical Implications of the Escalation and Weaponization of GPS and AIS Spoofing [[MARITIME]]
When: Saturday, Aug 13, 16:00 - 16:59 PDT
Where: Caesars Forum - Alliance 314 - 319 (ICS Village) - Map

Description:
Maritime transit relies on the set of global navigation satellite systems (GNSS); the position, navigation, and timing (PNT) systems they enable are crucial for traversing narrow straits and littoral waters. GNSS also facilitates the Automatic Identification System (AIS) for situational awareness; AIS tracings also provide the log of a ship’s movement. The Global Positioning System (GPS) and AIS contain a host of vulnerabilities, however, and vessels around the world, from the Black Sea to the Port of Shanghai, have been spoofed. Both AIS and GPS spoofing have escalated in their seriousness in the last five year, to the point where spoofing has become weaponized. These disruptions are provocative; adversary nations can create false AIS tracks to support virulent narratives, countering the interests of U.S. and our allies. Because of grave danger these threats entail, it is essential that policymakers and maritime operators understand the risks, mitigation techniques, and implications of GPS and AIS spoofing.

Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 12:30-12:50 PDT


Title: The hitchhacker’s guide to iPhone Lightning & JTAG hacking
When: Saturday, Aug 13, 12:30 - 12:50 PDT
Where: Caesars Forum - Forum 104-105, 135-136 (Track 1) - Map

SpeakerBio:stacksmashing , Hacker
stacksmashing is a security researcher with a focus on embedded devices: From hacking payment terminals, crypto-wallets, secure processors or Apple AirTags, he loves to explore embedded & IoT security. On his YouTube channel he attempts to make reverse-engineering & hardware hacking more accessible. He is known for trying to hack everything for under $5, which is probably related to him living in the stingiest part of Germany.
Twitter: @ghidraninja

Description:
Apple’s Lightning connector was introduced almost 10 years ago - and under the hood it can be used for much more than just charging an iPhone: Using a proprietary protocol it can also be configured to give access to a serial-console and even expose the JTAG pins of the application processor! So far these hidden debugging features have not been very accessible, and could only be accessed using expensive and difficult to acquire "Kanzi" and "Bonobo" cables. In this talk we introduce the cheap and open-source "Tamarin Cable", bringing Lightning exploration to the masses!

In this talk we are diving deep into the weeds of Apple Lightning: What’s “Tristar”, “Hydra” and “HiFive”? What’s SDQ and IDBUS? And how does it all fit together?

We show how you can analyze Lightning communications, what different types of cables (such as DCSD, Kanzi & co) communicate with the iPhone, and how everything works on the hardware level.

We then show how we developed the “Tamarin Cable”: An open-source, super cheap (~$5 and a sacrificed cable) Lightning explorer that supports sending custom IDBUS & SDQ commands, can access the iPhone’s serial-console, and even provides a full JTAG/SWD probe able to debug iPhones.

We also show how we fuzzed Lightning to uncover new commands, and reverse engineer some Lightning details hidden in iOS itself.


Return to Index    -    Add to    -    ics Calendar file

 

PSV - Saturday - 12:30-12:59 PDT


Title: The least secure biometric lock on Earth
When: Saturday, Aug 13, 12:30 - 12:59 PDT
Where: Caesars Forum - Summit 201-202 (Physical Security Village) - Map

SpeakerBio:Seth Kintigh
Hardware security engineer and cryptographer. Demoed the first NFMI attack: an over-the-air remote code exploit against the Defcon 27 badge.
Twitter: @Seth_Kintigh

Description:
"I demonstrate how to defeat a biometric padlock via USB with a laptop, or with your bare hands, or even with a Defcon badge.

While flipping through products a biometric lock caught my attention. It mentioned a back-up ""Morse code"" feature for unlocking it -- a series of 6 short or long presses, suggesting there were only 64 possible keys. Surely it couldn't be that easy... But wait, there's more! It had another backup unlock feature: a USB port and an app that can unlock it with a PIN, and a default PIN set for bonus stupidity. I had a feeling this was just the tip of the terrible-security-iceberg. I will demonstrate how to defeat this lock with some simple tools, with just your bare hands, and with a USB attack."


Return to Index    -    Add to    -    ics Calendar file

 

APV - Saturday - 11:00-11:59 PDT


Title: The Log4J Rollercoaster - from an incident response perspective
When: Saturday, Aug 13, 11:00 - 11:59 PDT
Where: Flamingo - Twilight Ballroom - AppSec Village - Main Stage - Map
Speakers:Brenton Morris,Guy Barnhart-Magen

SpeakerBio:Brenton Morris
Sr Incident Responder at Profero. From cloud sophisticated attackers to ransomware events. Brenton has a unique set of security research and devops experience allowing him to resolve cyber-attacks while understanding the impact on production systems.

SpeakerBio:Guy Barnhart-Magen
Guy is Profero's CTO and Co-Founder, BSidesTLV chairman, and Public speaker (SAS, t2, 44CON, BSidesLV, AppSecVillage, to name a few), and the recipient of the Cisco “black belt” security ninja honor – Cisco’s highest cybersecurity advocate rank.

Description:
Log4J was a merry Christmas call for many teams around the world. This talk will share our story of how we were among the first to respond to in-the-wild attacks, helping the community manage and understand how to prepare for such an incident.

Log4J did not catch us unaware, but we did not connect the dots at first. Who would have guessed that chatter of a new vulnerability in Minecraft is related to a wave of coinminer incidents we responded to?

This talk will cover the line between threat intelligence, responding to cyber incidents, releasing open-source tools, and helping our customers and the community!

We will not focus on the technical analysis of the vulnerability (there are plenty of talks like that already). Instead, our focus is on how an organization prepares for such incidents ahead of time. For example, laying the pieces in place to be ready for the unknown (e.g., being aware of vulnerabilities in vendor appliances before they are!)


Return to Index    -    Add to    -    ics Calendar file

 

ICSV - Saturday - 15:00-15:59 PDT


Title: The Perfect Storm: Deception, Manipulation, and Obfuscation on the High Seas
When: Saturday, Aug 13, 15:00 - 15:59 PDT
Where: Caesars Forum - Alliance 314 - 319 (ICS Village) - Map

SpeakerBio:Rae Baker , Senior OSINT Analyst
Rae Baker is a Senior OSINT Analyst for a large consulting firm with a personal interest in maritime OSINT. Additionally, she an OSINT Curious Executive Board member, Trace Labs DEFCON29 Black Badge & MVO winner, and Wiley Tech Author.

Description:
Using real-world examples, we will walk through the exciting and often illicit maritime space. We will learn the techniques being used for evading sanctions, moving illegal goods, manipulating identities, and intimidation; as well as the OSINT tactics used to uncover these activities.

Return to Index    -    Add to    -    ics Calendar file

 

AIV - Saturday - 14:00-14:50 PDT


Title: The Use of AI/ML in Offensive Security Operations
When: Saturday, Aug 13, 14:00 - 14:50 PDT
Where: Caesars Forum - Summit 228->236 (AI Village) - Map

Description:
The Red Team Village and the AI Village will host a panel from different industry experts to discuss the use of artificial intelligence and machine learning in offensive security operations. More details coming soon!

Return to Index    -    Add to    -    ics Calendar file

 

AVV - Saturday - 14:00-14:30 PDT


Title: The Way of The Adversary
When: Saturday, Aug 13, 14:00 - 14:30 PDT
Where: Flamingo - Scenic Ballroom (Adversary Village) - Map

SpeakerBio:Phillip Wylie
Phillip Wylie is a cybersecurity professional and offensive security SME with over 18 years of experience, over half of his career in offensive security. Wylie is the Tech Evangelism & Enablement Manager at CyCognito.

He is a former college adjunct instructor and published author. He is the concept creator and co-author of The Pentester Blueprint: Starting a Career as an Ethical Hacker and was featured in the Tribe of Hackers: Red Team.

Twitter: @phillipwylie

Description:
The adversary philosophy and mindset are important when trying to emulate a threat actor during a red team operation or offensive cybersecurity assessment or trying to understand them as a defender. In this talk, we will take a look at the philosophy and mindset of an adversary as well as what motivates them.

Return to Index    -    Add to    -    ics Calendar file

 

SKY - Saturday - 11:40-12:30 PDT


Title: This one time, at this Hospital, I got Ransomware
When: Saturday, Aug 13, 11:40 - 12:30 PDT
Where: LINQ - BLOQ (SkyTalks 303) - Map

SpeakerBio:Eirick Luraas
Eirick spends his days discovering and mitigating vulnerabilities, occasionally doing Incident Response, and once in a while tracking down bad actors. Sometimes he gets to compromise systems to show Executives that Hospitals are horribly insecure.

Eirick earned a Master's Degree in Cybersecurity, and he has spoken several times about the dangers technology creates in healthcare. Eirick helps bring awareness of the risks we are unknowingly taking every time we visit a Hosptial and works every day to reduce those dangers.

Eirick grew up in Montana and lived in Panama during his military service. He bounced around a few states in the US. He recently relocated to Tucson, Az where he is rediscovering his passion for photography. You can follow Eirick on twitter @tyercel.

Twitter: @tyercel

Description:
Most people don't know how Hospitals go through a ransomware incident. This lack of understanding creates a false sense of security for the places we rely on to help us when we are at our most vulnerable. This talk will describe what happened during a ransomware incident at a small midwestern hospital.

Return to Index    -    Add to    -    ics Calendar file

 

BTV - Saturday - 11:00-11:59 PDT


Title: Threat Hunt Trilogy: A Beast in the Shadow!
When: Saturday, Aug 13, 11:00 - 11:59 PDT
Where: Virtual - BlueTeam Village - Talks

SpeakerBio:Dr. Meisam Eslahi
Meisam is a technical cybersecurity practitioner with solid expertise in providing strategies and technical directions, building new service/business lines, diverse teams, and capabilities. He has over 20 years of experience in information technology, with 16 years dedicated to cybersecurity in leadership and technical roles leading a wide range of services for multi-national clients mainly in Red Teaming, Threat Hunting, DFIR, Cyber Drill, Compromise Assessment, and Penetration Testing. He is also a security researcher [MITRE D3FEND contributor], blogger [cybermeisam.medium.com], mentor, and speaker in many global events and conferences such as Defcon, BSidesSG, and NASSCOM.

Description:
Although file-less threats may require some sort of files to operate or indirectly use them in some part of their lifecycle (e.g., infection chain), their malicious activities are conducted only in the memory. The adversaries misuse the trusted applications or native utilities such as PowerShell and WMI to download and load malicious codes directly into memory and execute them without touching the hard disk.

The newly discovered file-less threat campaign utilizes an innovative technique for the first time to store and hide its shellcode in the Windows event logs, which will be loaded and used by a dropper in the last stage of the infection lifecycle. To put it simply, the file-less threat could be a nightmare for blue teams and threat hunters.

This technical talk will briefly explain the different categories of file-less threats; however, as the title suggests, the focus of this trilogy will be a file-less threat hunt via three different approaches as follows:

• System Live Analysis: A few techniques such as running processes and lineage analysis, command-line Strings, masquerading and obfuscation, and port to process mapping will be used to look for the file-less threat traces on a live active system.

• Memory Forensics: This is one of the most exciting parts as it dives into the main territory of file-less threats and examines PowerShell execution, process tree, hierarchy, and handles to look for any potential signs of threats.

• Network Packet Investigation: Network conversations, malicious HTTP requests, files transferred, and adversaries' commands will be extracted from network packets (i.e., a sample PCAP file) to hunt the files-less threat used in the previous parts.

Finally, a comparative review discusses the advantages and disadvantages of the above techniques. All the three approaches will be conducted using open-source and free tools, native operating system commands, and built-in utilities. The threat hunt hypothesis and educated guesses will be formulated based on the industrial test cases provided by MITRE ATT&CK, D3fend, and CAR [Cyber Analytics Repository].

File-less threats operate in silence and stealth, enabling adversaries to bypass automated cybersecurity, lurk in our digital wonderland, and avoid standard detections. They are hidden beasts in shadow! This technical talk will briefly explain the different types of file-less threats and the importance of threat hunting to combat them. A Windows-based file-less threat will also be hunted via the live system, memory, and network packet analysis, followed by a comparative discussion about each method's capabilities. The threat hunts' hypotheses used in this presentation are practical, and all will be mapped with MITRE knowledge bases.


Return to Index    -    Add to    -    ics Calendar file

 

BICV - Saturday - 15:00-15:30 PDT


Title: Threat hunting? Ain’t nobody got time for that...
When: Saturday, Aug 13, 15:00 - 15:30 PDT
Where: Virtual - BIC Village

SpeakerBio:Nick Gobern
No BIO available

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

ICSV - Saturday - 17:00-17:59 PDT


Title: Thrice Is Nice: Evaluating the Ukrainian Power Events from BlackEnergy to Industroyer2
When: Saturday, Aug 13, 17:00 - 17:59 PDT
Where: Caesars Forum - Alliance 314 - 319 (ICS Village) - Map

SpeakerBio:Joe Slowik , Threat Intelligence & Detections Engineering Lead
Joe Slowik has over a decade of experience across multiple facets of information security and offensive computer network operations. Currently leading threat intelligence and detection engineering work at Gigamon, Joe has previously performed cyber threat intelligence research at DomainTools and Dragos, and spent several years in both the US Department of Energy and as an Officer in the US Navy.
Twitter: @jfslowik

Description:
The only publicly known electric system disruption events to ever take place have all impacted Ukraine. In 2015, 2016, and again in 2022, Ukrainian system operators experienced cyber-nexus disruptive events targeting various aspects of electric system operations. While each event has been explored individually, various technical and operational details exist that link these incidents and highlight how the adversary behind them effectively learned and adjusted offensive actions over time. In this presentation, we will explore these three incidents (and some intermediate events) in wider context to show both how the perpetrators adjusted operations in response to impacts as well as what lessons critical infrastructure and industrial asset owners and operators should learn from events.

Return to Index    -    Add to    -    ics Calendar file

 

MIV - Saturday - 10:00-10:45 PDT


Title: Tools for Fighting Disinformation
When: Saturday, Aug 13, 10:00 - 10:45 PDT
Where: Caesars Forum - Summit 221->236 (Misinformation Village) - Map

SpeakerBio:Preslav Nakov
Dr. Preslav Nakov leads the Tanbih mega-project (http://tanbih.qcri.org/), developed in collaboration with MIT. The project's aim is to build a news aggregator that limits the effect of fake news, propaganda and media bias by helping users step out of their bubble and achieve a healthy news diet. He is also the lead-PI of a QCRI-MIT collaboration project on Arabic Speech and Language Processing for Cross-Language Information Search and Fact Verification, and he was a co-PI of another QCRI-MIT collaboration project on Speech and Language Processing for Arabic (2013-2016). Dr. Nakov is Secretary of ACL SIGLEX and also a Secretary of ACL SIGSLAV.

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 15:30-16:15 PDT


Title: Tor: Darknet Opsec By a Veteran Darknet Vendor & the Hackers Mentality
When: Saturday, Aug 13, 15:30 - 16:15 PDT
Where: Caesars Forum - Forum 106-110, 138-139 (Track 2) - Map

SpeakerBio:Sam Bent , KS LLC
Former admin and co-founder on Dread Forum (Darknet), staff on multiple Darknet sites, Darknet vendor: 2happytimes2, lockpicker, hacker, hak5 enthusiast, haxme.org admin (Clearnet), Sam Bent spends his days writing technical manuals and doing graphics (using all Adobe Products) for the company he works for, while also doing federal prison consulting on the side. He is a certificated paralegal. Runs his blog where he does federal prison consulting, is currently about to publish a book on compassionate release for federal prisoners, and runs multiple youtube channels. He is a student in college,

He has been in the scene for almost 20 years. He has written multiple guides and published numerous whitepapers and how-to’s on hacking, including one article written in combination with r4tdance (of #suidrewt) published on packetstomsecurity called A Newbies Guide To The Underground Volume 2. Sam Bent’s former handles include killab, 2happytimes, 2happytimes2, and most recently, DoingFedTime.

Twitter: @DoingFedTime

Description:
The hacking subculture's closest relative is that of the Darknet. Both have knowledgeable people, many of whom are highly proficient with technology and wish to remain somewhat anonymous. They are both composed of a vast amount of introverts and abide by the same first rule: “Don’t get caught."

Over the past decade, there have been many DEF CON talks that have discussed topics related to Tor and the Darknet. Having an IT, Infosec, and hacking background, the goal is to present a unique perspective from a hacker turned Darknet Vendor, who then learned about the law and–using metaphorical privilege escalation and social engineering–got himself out of federal prison after a year and a half by acting as his own lawyer.

The focus of this talk will surround operational security policies that a skilled Darknet Market Vendor (DMV) implements to avoid compromising their identity. We will look at tactics used by Law Enforcement and common attacks prevalent on the Darknet, ranging from linguistic analysis and United States Postal Inspector operations all the way to correlation attacks and utilizing long-range wifi antennas to avoid detection as a failsafe.

By focusing less on the basics of Tor and more on how insiders operate within it, we will uncover what it takes to navigate this ever-evolving landscape with clever OpSec.


Return to Index    -    Add to    -    ics Calendar file

 

CPV - Saturday - 16:15-16:59 PDT


Title: Toto, I’ve a feeling we’re not on a VPN anymore
When: Saturday, Aug 13, 16:15 - 16:59 PDT
Where: Flamingo - Vista Ballroom (Crypto Privacy Village) - Map

SpeakerBio:Jonathan Tomek
Jonathan Tomek serves as VP of Research and Development with Digital Envoy, parent company of Digital Element. His expertise is in threat intelligence, network forensics, incident handling, and malware analysis.

He is a former Marine, a co-founder of THOTCON (Chicago’s biggest hacking event), and CTF creator. You may remember him from such films as "That one Sake Bomb" or "Hackers Go West! Part Deux" You can find him on Twitter: @sakebomb

Twitter: @sakebomb

Description:
You are savvy enough to have a virtual private network aka VPN. Maybe you did a bit of research and bought one that lets you be “anonymous” and lets you stream your favorite streaming service from anywhere while you travel.

How much do you know about or trust your VPN provider? Have you considered that your VPN provider could be doing things you didn’t expect? Let's look at consumer VPNs, free VPNs, even VPNs that pay you!

After analyzing hundreds of VPNs, their service offerings, and their code, you will have a deeper understanding of what actually is happening behind the scenes. Could you be supporting malware? Maybe something worse? This may be a talk you don’t want to hear, but you will come out of it with a better understanding of the world that says it is here to protect you.


Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 12:00-12:20 PDT


Title: Tracking Military Ghost Helicopters over our Nation's Capital
When: Saturday, Aug 13, 12:00 - 12:20 PDT
Where: Caesars Forum - Forum 106-110, 138-139 (Track 2) - Map

SpeakerBio:Andrew Logan
Andrew Logan is an audio engineer, videographer and DJ based in Washington, D.C. He is an aerospace and radio nerd, and a fierce defender of the First Amendment.
Twitter: @HelicoptersofDC

Description:
There's a running joke around Washington D.C. that the "State Bird" is the helicopter. Yet 96% of helicopter noise complaints from 2018-2021 went unattributed: D.C. Residents can not tell a news helicopter from a black hawk. Flight tracking sites remove flights as a paid service to aircraft owners and government agencies; even in the best case these sites do not receive tracking information from most military helicopters due to a Code of Federal Regulations exemption for "sensitive government mission for national defense, homeland security, intelligence or law enforcement." This makes an enormous amount of helicopter flights untraceable even for the FAA and leaves residents in the dark.

What if we could help residents identify helicopters? What if we could crowd source helicopter tracking? What if we could collect images to identify helicopters using computer vision? What if we could make aircraft radio as accessible as reading a map? What if we could make spotting helicopters a game that appeals to the competitive spirit of Washingtonians? And what if we could do all of this... on Twitter?


Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 16:00-16:45 PDT


Title: Trailer Shouting: Talking PLC4TRUCKS Remotely with an SDR
When: Saturday, Aug 13, 16:00 - 16:45 PDT
Where: Caesars Forum - Forum 104-105, 135-136 (Track 1) - Map
Speakers:Ben Gardiner,Chris Poore

SpeakerBio:Ben Gardiner , Senior Cybersecurity Research Engineer, National Motor Freight Traffic Association Inc.,
Ben Gardiner is a Senior Cybersecurity Research Engineer contractor at the National Motor Freight Traffic Association, Inc. (NMFTA) specializing in hardware and low-level software security. Prior to joining the NMFTA team in 2019, Gardiner held security assurance and reversing roles at a global corporation, as well as worked in embedded software and systems engineering roles at several organizations. He is a DEF CON Hardware Hacking Village and Car Hacking Village volunteer. He also participates in and contributes to working groups in SAE and ATA TMC.

SpeakerBio:Chris Poore , Senior Reverse Engineer, Assured Information Security
Chris Poore is a Senior Reverse Engineer at Assured Information Security in Rome, NY. He has expertise discovering vulnerabilities in wireless systems, gaining access to systems via RF, reverse engineering RF protocols, forensically testing cybersecurity systems, and administering RF collection events. He has experience writing code for software-defined radios and GNU Radio to reverse-engineer RF communication protocols and perform sophisticated attacks. Chris is excitable when working with the community to draw out ideas and takes advantage of networking opportunities with both humans and computers.

Description:
Ben Gardiner, Chris Poore and other security researchers have been analyzing signals and performing research against trailers and Power Line Communication for multiple years. This year the team was able to disclose two vulnerabilities focused on the ability to remotely inject RF messages onto the powerline and in turn send un-authenticated messages to the brake controller over the link. The team will discuss the details of PLC4TRUCKS, identify what led to this research and the discovery of the vulnerabilities, and then highlight the details of the SDR and software used to perform the attack. The talk will conclude with the demonstration of a remotely induced brake controller solenoid test using an FL2K and the release of the GNU radio block used to perform the test to the community to promote further research in the area.

Return to Index    -    Add to    -    ics Calendar file

 

SEV - Saturday - 17:30-17:59 PDT


Title: Truthsayer: Make a remote lie detector and become irresistible on Zoom calls
When: Saturday, Aug 13, 17:30 - 17:59 PDT
Where: LINQ - 3rd flr - Social A (Social Engineering Community) - Map

SpeakerBio:Fletcher Heisler
Fletcher Heisler runs the YouTube channel Everything Is Hacked, where he explores projects such as a face-controlled keyboard and a video filter to add pants when you forget to put them on. By day, Fletcher is the Director of Developer Enablement at Veracode. He previously founded Hunter2 to give developers hands-on appsec training through interactive labs. He also founded Real Python, a community and set of online training resources that have taught practical programming and web development skills to hundreds of thousands of students around the world.
Twitter: @fheisler

Description:
Reveal the hidden state of the person on the other end of your video call, using some Python code. In the age of remote work, we miss the nuances of face-to-face communication. But with videoconferencing, we also gain a surprising amount of information that’s normally hidden to a human observer. A new set of tools will allow you to detect the heart rate, attention, and inner mood of any face on your screen. You can then receive real-time feedback to subtly mirror your conversation partner. These tools also work on recordings, allowing us to analyze the inner states of politicians, interviewees, and anyone else in front of a high-resolution camera.

Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 12:30-13:15 PDT


Title: UFOs, Alien Life, and the Least Untruthful Things I Can Say.
When: Saturday, Aug 13, 12:30 - 13:15 PDT
Where: Caesars Forum - Forum 106-110, 138-139 (Track 2) - Map

SpeakerBio:Richard Thieme , ThiemeWorks
Richard Thieme is an author/professional speaker who addresses “the human in the machine,” technology-related security and intelligence issues as they come home to our humanity. He has published hundreds of articles, dozens of stories, seven books, and delivered hundreds of speeches, including for NSA, FBI, the Secret Service, etc. He spoke in 2021 at Def Con for the 25th year and has keynoted security conferences in 15 countries. His latest book about an intelligence professional, "Mobius: A Memoir," is a novel receiving over-the-top reviews.
Twitter: @neuralcowboy

Description:
I have explored the subject of UFOs seriously and in depth and detail for 44 years. I have worked with some of the best and brightest in the "invisible college" to do academic research and reach conclusions based on the evidence. I contributed to the celebrated history, "UFOs and Government: A Historical Inquiry," the gold standard for historical research into the subject now in over 100 university libraries. This talk more than updates the latest government statements on the subject--it is the most complete, honest, and forthright presentation I can make. I will tell the most truth I can, based on data and evidence. As an NSA analyst told me, "Richard, they are here. They're here."

Return to Index    -    Add to    -    ics Calendar file

 

DL - Saturday - 12:00-13:55 PDT


Title: unblob - towards efficient firmware extraction
When: Saturday, Aug 13, 12:00 - 13:55 PDT
Where: Caesars Forum - Caucus Boardroom (Demo Labs) - Map
Speakers:Quentin Kaiser,Florian Lukavsky

SpeakerBio:Quentin Kaiser
Quentin Kaiser is an ex-penetration tester who turned binary analysis nerd. He's currently working as a security researcher at the ONEKEY Research Lab, where he focuses on binary exploitation of embedded devices and bug finding automation within large firmware.

SpeakerBio:Florian Lukavsky
Florian Lukavsky started his hacker career in early ages, bypassing parental control systems. Since then, he has reported numerous zero-day vulnerabilities responsibly to software vendors and has conducted hundreds of pentests and security reviews of IoT devices as a CREST certified, ethical hacker. Today, Florian Lukavsky aid organizations with IoT security automation as CTO of ONEKEY, the leading European platform for automated security analyses of IoT firmware.

Description:
Unblob is a command line extraction tool to obtain content from any kind of binary blob. It has been initially developed for the sound and safe extraction of arbitrary firmware images. It has been built as a modular framework where anyone can develop and submit new format handlers and extractors. Its public version already supports a large number of filesystems, archive, and compression formats: https://github.com/onekey-sec/unblob

Audience: Reverse Engineers, Embedded Security


Return to Index    -    Add to    -    ics Calendar file

 

ICSV - Saturday - 12:00-12:59 PDT


Title: Understanding AIS Protocols and the GRACE Console [[Maritime]]
When: Saturday, Aug 13, 12:00 - 12:59 PDT
Where: Caesars Forum - Alliance 314 - 319 (ICS Village) - Map

SpeakerBio:Gary Kessler , Principal Consultant
Fathom5 will be hosting a number of Grace Maritime Cyber Testbed consoles at the ICS Village to support the SeaTF activity. This "lunchtime tutorial" will discuss the protocols associated with the Automatic Identification System (AIS), the widely-used maritime situational awareness system and part of the Grace Navigation console. This mini-tutorial will describe the AIS protocol and transmission format used between vessels using radio transmission.

Description:
Fathom5 will be hosting a number of Grace Maritime Cyber Testbed consoles at the ICS Village to support the SeaTF activity. This "lunchtime tutorial" will discuss the protocols associated with the Automatic Identification System (AIS), the widely-used maritime situational awareness system and part of the Grace Navigation console. This mini-tutorial will describe the AIS protocol and transmission format used between vessels using radio transmission.

Return to Index    -    Add to    -    ics Calendar file

 

VMV - Saturday - 12:00-12:30 PDT


Title: United We Stand
When: Saturday, Aug 13, 12:00 - 12:30 PDT
Where: Caesars Forum - Alliance 313-314, 320 (Voting Village) - Map

SpeakerBio:Michael Moore
Michael Moore s the Information Security Officer for the Maricopa County Recorder’s office. Maricopa County is the fourth most populous county and the second largest voting district in the United States. He has worked at Maricopa County for 14 years, focusing on Information Security for the past 8. After volunteering to be a poll worker, he developed a passion for Election Security. When the Information Security Officer position was created at the Recorder’s Office he was able to utilize years of experience performing security assessments to rapidly increase the security maturity of the organization. Michael believes it is only through effective federal, state, and local government partnerships, as well as assistance from trusted vendors that we can protect our democracy and fulfill our duty to the American voter. The greatest threats to elections are MDM and the resulting insider threat caused by radicalized citizens. The best protection against these threats is combatting lies with the truth, developing secure and resilient systems that prevent attacks whenever possible, allow for detections of compromise and facilitate accurate and rapid recovery. Michael has pushed forward these initiatives in his own organization as well as across the Elections community. Michael is an alumnus of Arizona State University with a B.S. in Mathematics and a B.A. in Education and is a CISSP, Certified Election Official (CEO) and Certified Public Manager (CPM).

Description:
Election security is largely not cybersecurity – we’ll review some of the checks and balances in place: Logic and Accuracy testing, Post-Election statistically significant hand count, air gapped EMS. We’ll also review improvements we've worked towards including physical security hardening, threat intelligence sharing, incorporating least privilege methodologies, advocating for security improvements from the EAC as well as our EMS vendors, and being the originators of the EMS Gateway CIS benchmark.

Lastly, we’ll inform the audience on how they can do their part - fight MDM, demand intellectual integrity from themselves and those around them, normalize requesting citations, volunteer to work for elections and speak up if something seems wrong!


Return to Index    -    Add to    -    ics Calendar file

 

CLV - Saturday - 13:40-14:20 PDT


Title: us-east-1 Shuffle: Lateral Movement and other Creative Steps Attackers Take in AWS Cloud Environments and how to detect them
When: Saturday, Aug 13, 13:40 - 14:20 PDT
Where: Flamingo - Scenic Ballroom (Cloud Village) - Map

SpeakerBio:Felipe Espósito
Felipe Espósito also known as Pr0teus, graduated in Information Technology at UNICAMP and has a master's degree in Systems and Computing Engineering from COPPE-UFRJ, both among the top technology universities in Brazil. He has over ten years of experience in information security and IT, with an emphasis on security monitoring, networking, data visualization, threat hunting, and Cloud Security. Over the last years he has worked as a Security Researcher for Tenchi Security, a Startup focused in secure the cloud, he also presented at respected conferences such as Hackers 2 Hackers Conference, BHACK, BSides (Las Vegas and Sπo Paulo), FISL, Latinoware, SecTor, SANS SIEM Summit, and Defcon's CloudSec Village.
Twitter: @Pr0teusBR

Description:
Attackers do not always land close to their objectives (data to steal). Consequently, they often need to move laterally to accomplish their goals. That is also the case in cloud environments, where most organizations are increasingly storing their most valuable data. So as a defender, understanding the possibilities of lateral movements in the cloud is a must.

Because the control plane APIs are exposed and well documented, attackers can move between networks and AWS accounts by assuming roles, pivoting, and escalating privileges. It is also possible for attackers to move relatively easily from the data plane to the control plane and vice-versa.

In this talk, we are going to explore how attackers can leverage AWS Control and Data Planes to move laterally and achieve their objectives. We will explore some scenarios that we discovered with our clients and how we approached the problem. We will also share a tool we created to help us visualize and understand those paths.


Return to Index    -    Add to    -    ics Calendar file

 

ROV - Saturday - 12:30-13:30 PDT


Title: Verbal Steganography Re-Loaded
When: Saturday, Aug 13, 12:30 - 13:30 PDT
Where: LINQ - 3rd flr - Evolution (Rogues Village) - Map
Speakers:Jax,Four Suits Co,Zac

SpeakerBio:Jax
No BIO available

SpeakerBio:Four Suits Co
No BIO available
Twitter: @foursuits_co

SpeakerBio:Zac
No BIO available

Description:
AxJay & AcZay illway emonstrateday a pularpay ediumisticmay untstay omfray the 1900s — show you how stage mystics utilize code to convey secret information, and spark your mind for creative methods of deployment for your own security uses. (It’s not pig-latin, btw).

Return to Index    -    Add to    -    ics Calendar file

 

SOC - Saturday - 21:00-01:59 PDT


Title: VETCON
When: Saturday, Aug 13, 21:00 - 01:59 PDT
Where: Caesars Forum - Forum 106, 139 - Map

Description:
Co-founded in 2018 by Jim McMurry and William Kimble, the founders of Milton Security and Cyber Defense Technologies, respectively, the VETCON conference is the official Veteran event of the DEFCON Hacker Conference. VETCON, through its Discord server and in person events, we connect and support veterans in the Information Security field. The event is open to all DEFCON attendees with a focus on military veterans.

VETCON Is a Conference for Veterans, Run by Veterans, During the Largest Hacker Conference, DEFCON


Return to Index    -    Add to    -    ics Calendar file

 

DC - Saturday - 10:00-17:59 PDT


Title: Village Areas Open (Generally)
When: Saturday, Aug 13, 10:00 - 17:59 PDT
Where: Other/See Description

Description:
These are the general operating hours for villages, across all locations. Refer to each village's location to see their specific hours or activities.

Return to Index    -    Add to    -    ics Calendar file

 

SEV - Saturday - 09:00-11:59 PDT


Title: Vishing Competition (SECVC) - LIVE CALLS
When: Saturday, Aug 13, 09:00 - 11:59 PDT
Where: LINQ - 3rd flr - Social A (Social Engineering Community) - Map

Description:
In this competition, teams go toe to toe by placing live vishing (voice phishing) phone calls in front of the Social Engineering Community audience at DEF CON. These calls showcase the duality of ease and complexity of the craft against the various levels of preparedness and defenses by actual companies.

Teams can consist of 1-3 individuals, which we hope allows for teams to utilize novel techniques to implement different Social Engineering tactics. Each team is provided limited time to place as many calls as possible from a soundproof booth. During that time, their goal is to elicit from the receiver as many objectives as possible. Whether you’re an attacker, defender, business executive, or brand new to this community, you can learn by witnessing firsthand how easy it is for some competitors to schmooze their way to their goals and how well prepared some companies are to shut down those competitors!


Return to Index    -    Add to    -    ics Calendar file

 

SEV - Saturday - 13:00-15:59 PDT


Title: Vishing Competition (SECVC) - LIVE CALLS
When: Saturday, Aug 13, 13:00 - 15:59 PDT
Where: LINQ - 3rd flr - Social A (Social Engineering Community) - Map

Description:
In this competition, teams go toe to toe by placing live vishing (voice phishing) phone calls in front of the Social Engineering Community audience at DEF CON. These calls showcase the duality of ease and complexity of the craft against the various levels of preparedness and defenses by actual companies.

Teams can consist of 1-3 individuals, which we hope allows for teams to utilize novel techniques to implement different Social Engineering tactics. Each team is provided limited time to place as many calls as possible from a soundproof booth. During that time, their goal is to elicit from the receiver as many objectives as possible. Whether you’re an attacker, defender, business executive, or brand new to this community, you can learn by witnessing firsthand how easy it is for some competitors to schmooze their way to their goals and how well prepared some companies are to shut down those competitors!


Return to Index    -    Add to    -    ics Calendar file

 

SKY - Saturday - 12:45-13:35 PDT


Title: Voter Targeting, Location Data, and You
When: Saturday, Aug 13, 12:45 - 13:35 PDT
Where: LINQ - BLOQ (SkyTalks 303) - Map

SpeakerBio:l0ngrange
No BIO available
Twitter: @l0ngrange

Description:
Voter targeting firms use “microtargeting” to help campaigns target individual voters to get them to go vote (or stay home and not vote). Data brokers buy your location data from scummy apps and resell it in bulk, claiming the data is anonymized. Now, location data brokers are giving these voter targeting firms unfettered access to the non-anonymized location data of hundreds of millions of voters to further this chicanery.

Return to Index    -    Add to    -    ics Calendar file

 

ASV - Saturday - 14:00-14:25 PDT


Title: Vulnerability Assessment of a Satellite Simulator
When: Saturday, Aug 13, 14:00 - 14:25 PDT
Where: Caesars Forum - Forum 112-117 (Aerospace Village) - Map

SpeakerBio:Henry Haswell
Mr. Haswell is a Research Engineer at Southwest Research Institute (SwRI), supporting projects focusing on embedded software development and cyber security. He has performed penetration testing on satellite systems, automotive components, embedded systems, and automotive applications. 

Description:
This research performed a vulnerability assessment of a realistic satellite system, demonstrated some of these vulnerabilities on a high-fidelity satellite simulator, and proposed security solutions for discovered vulnerabilities. If the attacks successfully performed against our satellite simulator were to be performed against a real satellite, it would have significantly harmful effects, including loss of data confidentiality, reduced functionality, or a total loss of access to the satellite

Return to Index    -    Add to    -    ics Calendar file

 

PHV - Saturday - 10:00-17:59 PDT


Title: Wall of Sheep
When: Saturday, Aug 13, 10:00 - 17:59 PDT
Where: Caesars Forum - Academy 411-414, 420 (Packet Hacking Village) - Map

Description:
We passively monitor the #DEFCON network looking for insecure network traffic. Drop by and see just how easy it can be! We strive to educate the “sheep” we catch: a friendly reminder that security matters.

Return to Index    -    Add to    -    ics Calendar file

 

ICSV - Saturday - 13:00-13:30 PDT


Title: We Promise Not to Brick It... But If We Do...
When: Saturday, Aug 13, 13:00 - 13:30 PDT
Where: Caesars Forum - Alliance 314 - 319 (ICS Village) - Map
Speakers:Todd Keller,Marissa Costa

SpeakerBio:Todd Keller
No BIO available

SpeakerBio:Marissa Costa , Industrial Penetration Tester II
No BIO available

Description:
There is an ongoing industry stigma that you cannot, or should not, penetration testing in OT environments. Looking back, it took over a decade to normalize IT penetration testing as a valuable proof of vulnerability and detectability. However, while asset owners sit back and wait, the offensive community is already full steam ahead at developing exploitation tools to use within these environments. We hope to use 2-3 OT relevant examples of what can be done and what we believe should be done within OT environments to better understand how to defend and detect within them.

Return to Index    -    Add to    -    ics Calendar file

 

MIV - Saturday - 14:45-15:15 PDT


Title: Web Monetization: A privacy-preserving and open way to earn from Content
When: Saturday, Aug 13, 14:45 - 15:15 PDT
Where: Caesars Forum - Summit 221->236 (Misinformation Village) - Map

SpeakerBio:Uchi Uchibeke
No BIO available

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

BTV - Saturday - 11:00-14:59 PDT


Title: Web Shell Hunting
When: Saturday, Aug 13, 11:00 - 14:59 PDT
Where: Virtual - BlueTeam Village - Workshops

SpeakerBio:Joe Schottman
Joe Schottman has worn most hats in IT and Security, ranging from application development to DevOps to offensive and defensive security. The nexus of this experience is research into Web Shells. He's spoken and given training on topics such as Purple Teams, API security, Web Shells, Web Threat Hunting, and more at AppSec Village at DEF CON, OWASP Global, SANS Summits, various BSides, Circle City Con, and other events.

Description:
This workshop will provide the basics of what web shells are, how they are typically used, defensive strategies to prevent them, and ways they can be detected in different layers of security. The detection layers that will be covered are antivirus/endpoint protection, file integrity monitoring, file system analysis, log analysis, network traffic analysis, and endpoint anomaly detection.

Participants will be provided with a virtual machine image that they could both exploit with web shells and perform threat hunting on.

The breakdown is roughly this:
60-80 minutes - what web shells are, what they're used for, ways they can be detected 20 minutes - overview of my perspective on what web threat hunting is and how it varies from conventional threat hunting (TLDR - if you're on the internet, you're always going to be attacked so it's not a matter of picking up an unknown threat so much as filtering through evidence to determine if an attack is actually dangerous) 90+ minutes - hands-on exercises covering various ways to detect web shells such as file integrity monitoring, deobfuscation, YARA, dirty words, time stomping, etc. And then exploiting a vulnerable application and uploading a Web Shell and showing how it can be used to plunder data.

Web Shells are malicious web applications used for remote access. They've been used in many of the recent prominent breaches/vulnerabilities including Equifax, SolarWinds, and ProxyLogon and are used by APTs and other threats. With ProxyLogon, the FBI was authorized to remove them from victim machines.

This session will help you avoid telling your employer that the FBI is now doing volunteer admin work by teaching you about Web Shells, how to hunt for them, and doing hands-on hunting in a VM. A little groundwork goes a long way and this class will show what to do.


Return to Index    -    Add to    -    ics Calendar file

 

GHV - Saturday - 11:00-11:30 PDT


Title: What is the Info Sec Color Wheel?
When: Saturday, Aug 13, 11:00 - 11:30 PDT
Where: Flamingo - Virginia City III (Girls Hack Village) - Map

SpeakerBio:Saman Fatima
Saman Fatima is a Data Engineer at Macquarie Group with 5+ years of comprehensive experience in software development and Cybersecurity.

Trained in Identity and Access Management, she has always been a Cybersecurity enthusiast and is an active member of a lot of cyber communities: - Management Lead & Vice Chair of Board - BBWIC Foundation - Committee member - OWASP WIA (Women in AppSec) - Instructor - CyberPreserve Community
- Global Member, Mentor, Mentee - Women in Cybersecurity (WiCyS) - Ambassador and Advisor - Women In Cloud - Snyk Ambassador

She started her career in early 2017 with TCS on Gartner's Tool - SailPoint and entered the world of Cyber Security. Ex Delhi Chapter Lead for Infosecgirls and then being a part of many communities - she has come a long way to being a Data Engineer with Macquarie Group.

She loves to learn and grow in the Cybersecurity field and has been a speaker at conferences like SANS New2cyber Summit 2022, OWASP Appsec 2021, DevSecCon 2021, c0c0n 2021, Rainbow Secure Cyber Symposium 2021, Tech(k)now Day 2021 & 2022, The Hackers Meetup, and various local and virtual meetups.


Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

SKY - Saturday - 10:35-11:25 PDT


Title: What your stolen identity did on its CoViD vacation
When: Saturday, Aug 13, 10:35 - 11:25 PDT
Where: LINQ - BLOQ (SkyTalks 303) - Map

SpeakerBio:Judge Taylor
The Hon., Rev., Dr. Taylor, Esq., J.D. (because fucking titles.. am I right?), Judge, Firearms Law Attorney, drafter of fine old fashioned legislation, righter of wrongs, and fucking cripple; is annoyed, loud, and as funny as your worst enemy's heart attack; is an expert in what the government ought not to do.. but the government keeps doing anyway.
Twitter: @mingheemouse

Description:
A judge tells you how and why Billions of U.S. taxpayer dollars were stolen by domestic and foreign hackers and scammers, with the help of the U.S. government. If you saw an attorney annihilate a bunch of hostile watermelons with a $19 homemade gun and homemade ammunition at the 2017 SkyTalks.. Well he's a Judge now.. and he has to deal with unemployment appeals from identity theft victims who are wondering why they mysteriously have to pay back unemployment programs in 6 different States. Oh.. and GUNS.. he talks about GUNS too..

Return to Index    -    Add to    -    ics Calendar file

 

BICV - Saturday - 10:00-10:45 PDT


Title: When The "IT" Hits The Fan, Stick To the Plan
When: Saturday, Aug 13, 10:00 - 10:45 PDT
Where: Flamingo - Twilight Ballroom (Blacks In Cybersecurity Village) - Map

SpeakerBio:Levone Campbell
No BIO available

Description:No Description available

Return to Index    -    Add to    -    ics Calendar file

 

CLV - Saturday - 10:40-11:20 PDT


Title: Who Contains the “Serverless” Containers?
When: Saturday, Aug 13, 10:40 - 11:20 PDT
Where: Flamingo - Scenic Ballroom (Cloud Village) - Map

SpeakerBio:Daniel Prizmant
Daniel started out his career developing hacks for video games and soon became a professional in the information security field. He is an expert in anything related to reverse engineering, vulnerability research, and the development of fuzzers and other research tools. To this day Daniel is passionate about reverse engineering video games at his leisure. Daniel holds a Bachelor of Computer Science from Ben Gurion University.
Twitter: @pushrsp

Description:
What is Serverless? Serverless computing is a cloud computing execution model in which the cloud provider allocates machine resources on-demand, taking care of the servers on behalf of their customers.

"Serverless" is a misnomer in the sense that servers are still used by cloud service providers to execute code for developers.

How does Serverless work? Where is this Serverless code executed? Who's in charge of securing it? There are many questions surrounding the topic of Serverless computing.

In this talk, I will present to you my research on Serverless Functions. I will show you how I managed to break the serverless interface barrier and what is hidden behind it. I will also show you how I managed to break out of the container that was supposed to contain my possibly malicious code and get to the underlying host.

I will start by explaining what is Serverless and the idea behind it. I will show some prime examples of what Serverless is supposed to be used for. I will continue with a break out of the cloud provider interface to show you the infrastructure of the machine, the server of the serverless function, that is actually running the code.

After that, I will begin walking you through my research and journey from the point of view of an attacker. I will show you how I discovered the image that the container was running and the steps I took to reverse engineer it.

From there, the path to an elevation of privileges to root to escaping the container was short. I will walk you through a very old but useful exploit I used to escalate my containerized root access to