Talk/Event Schedule


Thursday


This Schedule is tentative and may be changed at any time. Check at an Info Booth for the latest.

 

Thursday - 00:00 PDT


Return to Index  -  Locations Legend
CON - IoT Village CTF Creator's Contest -
CON - ⚠️ Not all contests listed (yet) ⚠️ -
CON - Octopus Game - Recruitment/Registration -

 

Thursday - 01:00 PDT


Return to Index  -  Locations Legend
CON - cont...(00:00-15:59 PDT) - IoT Village CTF Creator's Contest -
CON - cont...(00:00-16:59 PDT) - ⚠️ Not all contests listed (yet) ⚠️ -
CON - cont...(00:00-09:59 PDT) - Octopus Game - Recruitment/Registration -

 

Thursday - 02:00 PDT


Return to Index  -  Locations Legend
CON - cont...(00:00-15:59 PDT) - IoT Village CTF Creator's Contest -
CON - cont...(00:00-16:59 PDT) - ⚠️ Not all contests listed (yet) ⚠️ -
CON - cont...(00:00-09:59 PDT) - Octopus Game - Recruitment/Registration -

 

Thursday - 03:00 PDT


Return to Index  -  Locations Legend
CON - cont...(00:00-15:59 PDT) - IoT Village CTF Creator's Contest -
CON - cont...(00:00-16:59 PDT) - ⚠️ Not all contests listed (yet) ⚠️ -
CON - cont...(00:00-09:59 PDT) - Octopus Game - Recruitment/Registration -

 

Thursday - 04:00 PDT


Return to Index  -  Locations Legend
CON - cont...(00:00-15:59 PDT) - IoT Village CTF Creator's Contest -
CON - cont...(00:00-16:59 PDT) - ⚠️ Not all contests listed (yet) ⚠️ -
CON - cont...(00:00-09:59 PDT) - Octopus Game - Recruitment/Registration -

 

Thursday - 05:00 PDT


Return to Index  -  Locations Legend
CON - cont...(00:00-15:59 PDT) - IoT Village CTF Creator's Contest -
CON - cont...(00:00-16:59 PDT) - ⚠️ Not all contests listed (yet) ⚠️ -
CON - cont...(00:00-09:59 PDT) - Octopus Game - Recruitment/Registration -

 

Thursday - 06:00 PDT


Return to Index  -  Locations Legend
CON - cont...(00:00-15:59 PDT) - IoT Village CTF Creator's Contest -
CON - cont...(00:00-16:59 PDT) - ⚠️ Not all contests listed (yet) ⚠️ -
CON - cont...(00:00-09:59 PDT) - Octopus Game - Recruitment/Registration -

 

Thursday - 07:00 PDT


Return to Index  -  Locations Legend
CON - cont...(00:00-15:59 PDT) - IoT Village CTF Creator's Contest -
CON - cont...(00:00-16:59 PDT) - ⚠️ Not all contests listed (yet) ⚠️ -
CON - cont...(00:00-09:59 PDT) - Octopus Game - Recruitment/Registration -
DC - Human Registration Open

 

Thursday - 08:00 PDT


Return to Index  -  Locations Legend
CON - cont...(00:00-15:59 PDT) - IoT Village CTF Creator's Contest -
CON - cont...(00:00-16:59 PDT) - ⚠️ Not all contests listed (yet) ⚠️ -
CON - cont...(00:00-09:59 PDT) - Octopus Game - Recruitment/Registration -
DC - cont...(07:00-19:59 PDT) - Human Registration Open

 

Thursday - 09:00 PDT


Return to Index  -  Locations Legend
CON - cont...(00:00-15:59 PDT) - IoT Village CTF Creator's Contest -
CON - cont...(00:00-16:59 PDT) - ⚠️ Not all contests listed (yet) ⚠️ -
CON - cont...(00:00-09:59 PDT) - Octopus Game - Recruitment/Registration -
DC - cont...(07:00-19:59 PDT) - Human Registration Open
PYV - Payment Hacking Challenge -
SOC - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
WS - The Purple Malware Development Approach - Mauricio Velazco,Olaf Hartong
WS - Network Hacking 101 - Victor Graf,Ben Kurtz
WS - Protect/hunt/respond with Fleet and osquery - Guillaume Ross,Kathy Satterlee
WS - Hands-On TCP/IP Deep Dive with Wireshark - How this stuff really works - Chris Greer

 

Thursday - 10:00 PDT


Return to Index  -  Locations Legend
CON - cont...(00:00-15:59 PDT) - IoT Village CTF Creator's Contest -
CON - cont...(00:00-16:59 PDT) - ⚠️ Not all contests listed (yet) ⚠️ -
DC - cont...(07:00-19:59 PDT) - Human Registration Open
PYV - cont...(09:00-13:59 PDT) - Payment Hacking Challenge -
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
WS - cont...(09:00-12:59 PDT) - The Purple Malware Development Approach - Mauricio Velazco,Olaf Hartong
WS - cont...(09:00-12:59 PDT) - Network Hacking 101 - Victor Graf,Ben Kurtz
WS - cont...(09:00-12:59 PDT) - Protect/hunt/respond with Fleet and osquery - Guillaume Ross,Kathy Satterlee
WS - cont...(09:00-12:59 PDT) - Hands-On TCP/IP Deep Dive with Wireshark - How this stuff really works - Chris Greer

 

Thursday - 11:00 PDT


Return to Index  -  Locations Legend
CON - cont...(00:00-15:59 PDT) - IoT Village CTF Creator's Contest -
CON - cont...(00:00-16:59 PDT) - ⚠️ Not all contests listed (yet) ⚠️ -
DC - cont...(07:00-19:59 PDT) - Human Registration Open
PYV - cont...(09:00-13:59 PDT) - Payment Hacking Challenge -
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
WS - cont...(09:00-12:59 PDT) - The Purple Malware Development Approach - Mauricio Velazco,Olaf Hartong
WS - cont...(09:00-12:59 PDT) - Network Hacking 101 - Victor Graf,Ben Kurtz
WS - cont...(09:00-12:59 PDT) - Protect/hunt/respond with Fleet and osquery - Guillaume Ross,Kathy Satterlee
WS - cont...(09:00-12:59 PDT) - Hands-On TCP/IP Deep Dive with Wireshark - How this stuff really works - Chris Greer

 

Thursday - 12:00 PDT


Return to Index  -  Locations Legend
CON - cont...(00:00-15:59 PDT) - IoT Village CTF Creator's Contest -
CON - cont...(00:00-16:59 PDT) - ⚠️ Not all contests listed (yet) ⚠️ -
DC - cont...(07:00-19:59 PDT) - Human Registration Open
PYV - cont...(09:00-13:59 PDT) - Payment Hacking Challenge -
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - Friends of Bill W -
WS - cont...(09:00-12:59 PDT) - The Purple Malware Development Approach - Mauricio Velazco,Olaf Hartong
WS - cont...(09:00-12:59 PDT) - Network Hacking 101 - Victor Graf,Ben Kurtz
WS - cont...(09:00-12:59 PDT) - Protect/hunt/respond with Fleet and osquery - Guillaume Ross,Kathy Satterlee
WS - cont...(09:00-12:59 PDT) - Hands-On TCP/IP Deep Dive with Wireshark - How this stuff really works - Chris Greer

 

Thursday - 13:00 PDT


Return to Index  -  Locations Legend
CON - cont...(00:00-15:59 PDT) - IoT Village CTF Creator's Contest -
CON - cont...(00:00-16:59 PDT) - ⚠️ Not all contests listed (yet) ⚠️ -
DC - cont...(07:00-19:59 PDT) - Human Registration Open
PYV - cont...(09:00-13:59 PDT) - Payment Hacking Challenge -
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe

 

Thursday - 14:00 PDT


Return to Index  -  Locations Legend
CON - cont...(00:00-15:59 PDT) - IoT Village CTF Creator's Contest -
CON - cont...(00:00-16:59 PDT) - ⚠️ Not all contests listed (yet) ⚠️ -
DC - cont...(07:00-19:59 PDT) - Human Registration Open
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
WS - Introduction to Software Defined Radios and RF Hacking - Rich
WS - Pentesting Industrial Control Systems 101: Capture the Flag! - Arnaud Soullie,Alexandrine Torrents
WS - House of Heap Exploitation - Nathan Kirkland,Zachary Minneker,Kenzie Dolan,Maxwell Dulin
WS - Introduction to Azure Security - Nishant Sharma,Jeswin Mathai

 

Thursday - 15:00 PDT


Return to Index  -  Locations Legend
CON - cont...(00:00-15:59 PDT) - IoT Village CTF Creator's Contest -
CON - cont...(00:00-16:59 PDT) - ⚠️ Not all contests listed (yet) ⚠️ -
DC - cont...(07:00-19:59 PDT) - Human Registration Open
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
WS - cont...(14:00-17:59 PDT) - Introduction to Software Defined Radios and RF Hacking - Rich
WS - cont...(14:00-17:59 PDT) - Pentesting Industrial Control Systems 101: Capture the Flag! - Arnaud Soullie,Alexandrine Torrents
WS - cont...(14:00-17:59 PDT) - House of Heap Exploitation - Nathan Kirkland,Zachary Minneker,Kenzie Dolan,Maxwell Dulin
WS - cont...(14:00-17:59 PDT) - Introduction to Azure Security - Nishant Sharma,Jeswin Mathai

 

Thursday - 16:00 PDT


Return to Index  -  Locations Legend
CON - cont...(00:00-16:59 PDT) - ⚠️ Not all contests listed (yet) ⚠️ -
DC - cont...(07:00-19:59 PDT) - Human Registration Open
DDV - DDV starts accepting drives for duplication -
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - Queercon Mixer -
SOC - Toxic BBQ -
WS - cont...(14:00-17:59 PDT) - Introduction to Software Defined Radios and RF Hacking - Rich
WS - cont...(14:00-17:59 PDT) - Pentesting Industrial Control Systems 101: Capture the Flag! - Arnaud Soullie,Alexandrine Torrents
WS - cont...(14:00-17:59 PDT) - House of Heap Exploitation - Nathan Kirkland,Zachary Minneker,Kenzie Dolan,Maxwell Dulin
WS - cont...(14:00-17:59 PDT) - Introduction to Azure Security - Nishant Sharma,Jeswin Mathai

 

Thursday - 17:00 PDT


Return to Index  -  Locations Legend
DC - cont...(07:00-19:59 PDT) - Human Registration Open
DDV - cont...(16:00-18:59 PDT) - DDV starts accepting drives for duplication -
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe
SOC - cont...(16:00-17:59 PDT) - Queercon Mixer -
SOC - Friends of Bill W -
SOC - cont...(16:00-21:59 PDT) - Toxic BBQ -
WS - cont...(14:00-17:59 PDT) - Introduction to Software Defined Radios and RF Hacking - Rich
WS - cont...(14:00-17:59 PDT) - Pentesting Industrial Control Systems 101: Capture the Flag! - Arnaud Soullie,Alexandrine Torrents
WS - cont...(14:00-17:59 PDT) - House of Heap Exploitation - Nathan Kirkland,Zachary Minneker,Kenzie Dolan,Maxwell Dulin
WS - cont...(14:00-17:59 PDT) - Introduction to Azure Security - Nishant Sharma,Jeswin Mathai

 

Thursday - 18:00 PDT


Return to Index  -  Locations Legend
DC - cont...(07:00-19:59 PDT) - Human Registration Open
DDV - cont...(16:00-18:59 PDT) - DDV starts accepting drives for duplication -
SOC - Thursday Opening Party - Entertainment - FuzzyNop,Dr. McGrew,Ytcracker,DJ St3rling,Archwisp,TRIODE,NPC Collective,Magician Kody Hildebrand
SOC - DC702 Pwnagotchi Party -
SOC - cont...(16:00-21:59 PDT) - Toxic BBQ -

 

Thursday - 19:00 PDT


Return to Index  -  Locations Legend
DC - cont...(07:00-19:59 PDT) - Human Registration Open
SOC - cont...(18:00-20:59 PDT) - DC702 Pwnagotchi Party -
SOC - cont...(16:00-21:59 PDT) - Toxic BBQ -

 

Thursday - 20:00 PDT


Return to Index  -  Locations Legend
SOC - cont...(18:00-20:59 PDT) - DC702 Pwnagotchi Party -
SOC - cont...(16:00-21:59 PDT) - Toxic BBQ -

 

Thursday - 21:00 PDT


Return to Index  -  Locations Legend
SOC - Hallway Monitor Party - Entertainment - DotOrNot,CodexMafia,Heckseven,PankleDank,Tavoo
SOC - cont...(16:00-21:59 PDT) - Toxic BBQ -

Talk/Event Descriptions


 

CON - Thursday - 00:00-16:59 PDT


Title: ⚠️ Not all contests listed (yet) ⚠️
When: Thursday, Aug 11, 00:00 - 16:59 PDT
Where: Caesars Forum - Summit 206-208, 238, 237, 234 (Contest Area) - Map

Description:
Greetings, humans and inhumans! A brief note from your HackerTracker data-wrangler.

Accepted contests not yet posted on HackerTracker (or info.defcon.org):

Crack Me If You Can (CMIYC)
Hack Fortress
PTFS Presents: Mayhem Industries - Outside the Box Red Alert ICS CTF
Telechallenge 
The Gold Bug – Crypto and Privacy Village Puzzle The Hack-n-Attack Hacker Homecoming Heist The Schemaverse Championship
Tin Foil Hat Contest
Trace Labs OSINT Search Party CTF 

The above contests have been accepted and (to the best of my knowledge) will happen at DEF CON 30, but I'm missing crucial information required for the publishing process. If you are a contest organizer and you have Basecamp access, please reach out to me (@aNullValue) as soon as possible. If you do not have Basecamp access, please reach out to the DEF CON department lead or goon that is your primary point of contact.


Return to Index    -    Add to    -    ics Calendar file

 

SOC - Thursday - 09:00-17:59 PDT


Title: Chillout Lounge (with entertainment)
When: Thursday, Aug 11, 09:00 - 17:59 PDT
Where: Caesars Forum - Forum 120-123, 129, 137 (Chillout) - Map
Speakers:Rusty,djdead,Kampf,Merin MC,Pie & Darren,s1gnsofl1fe

SpeakerBio:Rusty
No BIO available

SpeakerBio:djdead
No BIO available

SpeakerBio:Kampf
No BIO available

SpeakerBio:Merin MC
No BIO available

SpeakerBio:Pie & Darren
No BIO available

SpeakerBio:s1gnsofl1fe
No BIO available

Description:
The chillout lounge in Caesars Forum will have live music; all other chillout lounges will have music live-streamed from there.

All chillout lounges are planned to be open 09:00 - 18:00 for chillout purposes. Each may be open at other times for parties, meetups, etc.

Entertainment schedule:

09:00 to 12:00 - Pie & Darren
12:00 to 13:30 - Kampf
13:30 to 14:30 - s1gnsofl1fe
14:30 to 15:30 - Merin MC
15:30 to 16:30 - Rusty
16:30 to 18:00 - djdead


Return to Index    -    Add to    -    ics Calendar file

 

SOC - Thursday - 18:00-20:59 PDT


Title: DC702 Pwnagotchi Party
When: Thursday, Aug 11, 18:00 - 20:59 PDT
Where: Caesars Forum - Summit 211-213 (Teacher's Lounge) - Map

Description:
Join DC702 for a Pwnagotchi party. The DC702 team will be auctioning off kits and donating the proceeds to the EFF, as well as providing instructions and guidance for assembly. Everyone is welcome to come by, and if you have your own assembled or unassembled kit, feel free to bring it!

Return to Index    -    Add to    -    ics Calendar file

 

DDV - Thursday - 16:00-18:59 PDT


Title: DDV starts accepting drives for duplication
When: Thursday, Aug 11, 16:00 - 18:59 PDT
Where: Flamingo - Exec Conf Ctr - Lake Meade and Valley of Fire (Data Duplication Village) - Map

Description:
We start taking drives at 4:00pm local time on Thursday, August 11th. We'll keep accepting drives until we reach capacity (usually late Friday or early Saturday).  Then we copy and copy all the things until we just can't copy any more - first come, first served.  We run around the clock until we run out of time on Sunday morning with the last possible pickup being before 11:00am on Sunday.

Return to Index    -    Add to    -    ics Calendar file

 

SOC - Thursday - 12:00-11:59 PDT


Title: Friends of Bill W
When: Thursday, Aug 11, 12:00 - 11:59 PDT
Where: Caesars Forum - Unity Boardroom - Map

Description:
For all those Friends of Bill W. looking for a meeting or just a quiet moment to regroup, we have you covered with meetings throughout #DEFCON - Noon & 5pm Thurs-Sat, Noon Sun.

Please note: the Caesars Forum Unity Ballroom is at the "front" of Caesars Forum, beside Demo Labs, across from room 216 (the Contest-CTF area).


Return to Index    -    Add to    -    ics Calendar file

 

SOC - Thursday - 17:00-16:59 PDT


Title: Friends of Bill W
When: Thursday, Aug 11, 17:00 - 16:59 PDT
Where: Caesars Forum - Unity Boardroom - Map

Description:
For all those Friends of Bill W. looking for a meeting or just a quiet moment to regroup, we have you covered with meetings throughout #DEFCON - Noon & 5pm Thurs-Sat, Noon Sun.

Please note: the Caesars Forum Unity Ballroom is at the "front" of Caesars Forum, beside Demo Labs, across from room 216 (the Contest-CTF area).


Return to Index    -    Add to    -    ics Calendar file

 

SOC - Thursday - 21:00-01:59 PDT


Title: Hallway Monitor Party - Entertainment
When: Thursday, Aug 11, 21:00 - 01:59 PDT
Where: Caesars Forum - Skybridge Entrance - Map
Speakers:DotOrNot,CodexMafia,Heckseven,PankleDank,Tavoo

SpeakerBio:DotOrNot
No BIO available

SpeakerBio:CodexMafia
No BIO available

SpeakerBio:Heckseven
No BIO available

SpeakerBio:PankleDank
No BIO available

SpeakerBio:Tavoo
No BIO available

Description:
21:00 - 22:00: heckseven
22:00 - 23:00: DotOrNot
23:00 - 00:00: Tavoo
00:00 - 01:00: CodexMafia
01:00 - 02:00: PankleDank

Return to Index    -    Add to    -    ics Calendar file

 

WS - Thursday - 09:00-12:59 PDT


Title: Hands-On TCP/IP Deep Dive with Wireshark - How this stuff really works
When: Thursday, Aug 11, 09:00 - 12:59 PDT
Where: Harrah's - Reno (Workshops) - Map

SpeakerBio:Chris Greer , Network Analyst & Wireshark Instructor
Chris Greer is a Packet Head. He is a Packet Analyst and Trainer for Packet Pioneer, a Wireshark University partner, and has a passion for digging into the packet-weeds and finding answers to network and cybersecurity problems. Chris has a YouTube channel where he focuses on videos showing how to use Wireshark to examine TCP connections, options, and unusual behaviors, as well as spotting scans, analyzing malware, and other IOC’s in the traffic. His approach to training is that if you aren’t having fun doing something, you won’t retain what you are learning, so he strives to bring as much hands-on and humor to the classroom as possible. Chris remembers what it was like to look at Wireshark for the first time, and knows how complicated packet analysis can be. With that in mind, he has designed an easy-to-follow course that will appeal both to the beginner and more advanced Packet Person.
Twitter: @packetpioneer

Description:
Let's break out Wireshark and dig deep in to the TCP and IP protocols. This skill is critical for anyone interested in any area of cybersecurity, no matter the color of the hat. Almost all enumeration, scans, incident response, and traffic forensics require the analyst to dig into and interpret TCP conversations. When enumerating an environment, identifying key TCP/IP indicators in protocol headers can also help when passively fingerprinting systems.

In this workshop we will roll back our sleeves and learn how TCP/IP really works - the handshake, options, sequence/ack numbers, retransmissions, TTL, and much more. This workshop welcomes all cybersecurity and wireshark experience levels.

Materials
Just a laptop with a copy of Wireshark. I will provide the sample pcaps for analysis.
Prereq
None

Return to Index    -    Add to    -    ics Calendar file

 

WS - Thursday - 14:00-17:59 PDT


Title: House of Heap Exploitation
When: Thursday, Aug 11, 14:00 - 17:59 PDT
Where: Harrah's - Goldfield + Tonopah (Workshops) - Map
Speakers:Nathan Kirkland,Zachary Minneker,Kenzie Dolan,Maxwell Dulin

SpeakerBio:Nathan Kirkland
Raised on a steady diet of video game modding, when Nathan found programming as a teenager, he fit right into it. Legend says he still keeps his coffee (and tear) stained 1980s edition of The C Programming Language by K&R stored in a box somewhere. A few borrowed Kevin Mitnick books later, he had a new interest, and began spending more and more time searching for buffer overflows and SQL injections. Many coffee fueled sleepless nights later, he had earned OSCP, and graduated highschool a few months later. After a few more years of working towards a math degree and trying fervently to teach himself cryptanalysis, he decided to head back to the types of fun hacking problems that were his real first love, and has worked at Security Innovation ever since.

SpeakerBio:Zachary Minneker , Senior Security Engineer, Security Innovation
Zachary Minneker is a senior security engineer and security researcher at Security Innovation. His first computer was a PowerPC Macintosh, an ISA which he continues to defend to this day. At Security Innovation, he has performed security assessments on a variety of systems, including robots for kids, audio transcription codecs, and electronic medical systems. He has previous experience administrating electronic medical systems, and deep experience in fuzzing, reverse engineering, and protocol analysis. His research has focused on techniques for in-memory fuzzing, IPC methods, and vulnerability discovery in electronic medical record systems and health care protocols. In his free time he works on music and synthesizers.
Twitter: @seiranib

SpeakerBio:Kenzie Dolan , Security Engineer
Kenzie Dolan (they/she) works for Security Innovation as a Security Engineer focusing on engagements ranging from IoT hacking to kiosk exploitation. His current research interests include emerging threats against Mobile and IoT devices. He has a degree in Computer and Information Science from University of Oregon. In his free time, James enjoys composing music, playing video games or hiking in the greater Seattle area.

SpeakerBio:Maxwell Dulin , Security Engineer
Maxwell Dulin (Strikeout) is a senior security consultant hacking all things under the sun, from garage doors to web applications to operating systems. Maxwell has published many articles/talks for a plethora of heap exploitation techniques, assorted web application exploits and IoT devices. He has previously spoken at DEF CON 27s IoT Village, ToorCon, CanSecWest, Hackfest and DEF CON workshops. His research is focused on custom RF protocols and binary exploitation methods. In his free time, he plays with RF toys, hikes to fire lookouts and catches everything at dodgeball.
Twitter: @Dooflin5

Description:
Materials
Laptop with enough power for a moderately sized Linux VM Administrative access to the laptop 8GB RAM minimum 30GB harddrive space Virtualbox or another virtualization platform installed
Prereq
Basic computer science background (x86_64 assembly, stack, programming skills in C & Python) Basic binary exploitation skills (buffer overflow exploitation, ROP, ASLR, etc.) - Familiar with Linux developer tools such as the command line, Python scripting and GDB.

Return to Index    -    Add to    -    ics Calendar file

 

WS - Thursday - 14:00-17:59 PDT


Title: Introduction to Azure Security
When: Thursday, Aug 11, 14:00 - 17:59 PDT
Where: Harrah's - Silver (Workshops) - Map
Speakers:Nishant Sharma,Jeswin Mathai

SpeakerBio:Nishant Sharma , Security Research Manager
Nishant Sharma is a Security Research Manager at INE, where he manages the development of next-generation on-demand labs. Before INE, he worked as R&D Head of Pentester Academy (Acquired by INE), where he led a team of developers/researchers to create content and platform features for AttackDefense. He has also developed multiple gadgets for WiFi pentesting/monitoring such as WiMonitor, WiNX, and WiMini. With over 9+ years of experience in development and content creation, he has conducted trainings/workshops at Blackhat Asia/USA, HITB Amsterdam/Singapore, OWASP NZ day, and DEFCON USA villages. He has presented/published his work at Blackhat USA/Asia Arsenal, DEFCON USA/China, Wireless Village, Packet Village and IoT village. He has also conducted WiFi Pentesting training at Blackhat USA 2019, 2021. He had started his career as a firmware developer at Mojo Networks (Acquired by Arista) where he worked on new features for the enterprise-grade WiFi APs and maintenance of state-of-the-art WIPS. He has a Master degree in Information Security from IIIT Delhi. He has also published peer-reviewed academic research on HMAC security. His areas of interest include WiFi, Azure, and Container security.

SpeakerBio:Jeswin Mathai , Senior Security Researcher
Jeswin Mathai is a Senior Security Researcher at INE. Prior to joining INE, He was working as a senior security researcher at Pentester Academy (Acquired by INE). At Pentester Academy, he was also part of the platform engineering team who was responsible for managing the whole lab infrastructure. He has published his work at DEFCON China, RootCon, Blackhat Arsenal, and Demo labs (DEFCON). He has also been a co-trainer in classroom trainings conducted at Black Hat Asia, HITB, RootCon, OWASP NZ Day. He has a Bachelor degree from IIIT Bhubaneswar. He was the team lead at InfoSec Society IIIT Bhubaneswar in association with CDAC and ISEA, which performed security auditing of government portals, conducted awareness workshops for government institutions. His area of interest includes Cloud Security, Container Security, and Web Application Security.

Description:
In recent times, Azure has become one of the dominant cloud service providers. Most enterprises today have some infrastructure if not all deployed on the cloud and attackers are constantly on the hunt for finding a way into the infrastructure.

Among the recent cloud hacks, around 97 percent are due to misconfigurations and various surveys suggest that in most cases, people were not aware of how misconfiguration can happen in various circumstances. Azure security is a mammoth in itself and a lot of people struggle in getting started with it, for the same reason many cloud administrators and developers are not aware of how misconfigurations and vulnerable applications can be leveraged to get a foothold on the account.

This workshop is a power course for Azure security, we will first cover the fundamentals and building blocks of Azure then we will take a look at the threatscape and attack vectors.

Materials
A laptop with the latest web browser and network connectivity A Kali VM (Virtual Box, VMWare, WSL)
Prereq
Basic knowledge of Linux and Networking

Return to Index    -    Add to    -    ics Calendar file

 

WS - Thursday - 14:00-17:59 PDT


Title: Introduction to Software Defined Radios and RF Hacking
When: Thursday, Aug 11, 14:00 - 17:59 PDT
Where: Harrah's - Elko (Workshops) - Map

SpeakerBio:Rich , Research Scientist
Rich currently works as a research scientist focusing on radio communications and digital signals processing applications. Before making the jump to research, he was a RF engineer and embedded software developer working on prototype radio systems and DSP tools. He is passionate about radios and wireless technology and will happily talk for hours on the subject.

Description:
This class is a beginner's introduction to practical Software Defined Radio (SDR) applications and development with an emphasis on hands-on learning. If you have ever been curious about the invisible world of radio waves and signals all around you, but didn’t know where to begin, then this workshop is for you. Students can expect to learn about basic RF theory and SDR architecture before moving on to hands-on development with real radios. The instructor will guide students through progressively more complicated RF concepts and waveforms, culminating in a small capstone exercise. For this workshop, you must provide your own laptop and SDR. You can either purchase a RTL-SDR dongle kit which includes an antenna, small tripod, and a receive-only USB SDR for this class beforehand and bring it to the conference, or use a commercial SDR you already own. VMs will be made available to students to download before class, along with an OS setup guide for those that prefer a bare-metal install. The VM/OS will have all the required drivers and frameworks to interface with the radio hardware. My intent for this class is to lower the barrier of entry associated with RF topics, and for that reason I would like to emphasize that the workshop is geared toward complete beginner students with no prior experience working with SDRs; DEF CON attendees who already have experience with SDRs will likely find this course too simple.
Materials
Students will need to come with the following: A laptop capable of running an Ubuntu VM (or an install of Ubuntu). The VM/OS installation guide will be given out before Defcon. Digital Signals Processing is typically very computationally intensive, so I recommend a laptop with a 4 core processor and 8GB of RAM.

A Software Defined Radio, as this workshop is bring-your-own-device. I highly recommend a RTL2832 chip based kit that comes with a USB-powered SDR and an antenna mount. Two brands to consider are RTL-SDR and Nooelec. They are essentially the same, and I would pick whatever SDR is in stock at the time. Make sure to pick the kit that comes with the antenna accessories and not just the USB dongle. It should be between $40 to $50 USD: https://www.rtl-sdr.com/buy-rtl-sdr-dvb-t-dongles/ https://www.nooelec.com/store/sdr/sdr-receivers/nesdr-smart.html

If you already own a SDR (like a HackRF or one of the RTL-chip dongles) you can also use that. Just make sure to bring/buy an antenna.

Due to supply-chain issues, if you need to purchase a SDR for this workshop I highly recommend doing so ASAP.

Prereq
None, this is a workshop for complete beginners, although having some basic python knowledge would be a plus

Return to Index    -    Add to    -    ics Calendar file

 

CON - Thursday - 00:00-15:59 PDT


Title: IoT Village CTF Creator's Contest
When: Thursday, Aug 11, 00:00 - 15:59 PDT
Where: Caesars Forum - Alliance 311, 320 (IoT Village) - Map

Description:
Got a cool new exploit on an IoT device and don’t know what to do with it? The CTF Creators Contest is just the thing! Show us your research, put the device in the CTF and see if others can pop it. Oh, and did we mention the great prizes? Check out the IoT Village website for submission criteria https://iotvillage.org/defcon.html#ctfCreatorsContest

Return to Index    -    Add to    -    ics Calendar file

 

WS - Thursday - 09:00-12:59 PDT


Title: Network Hacking 101
When: Thursday, Aug 11, 09:00 - 12:59 PDT
Where: Harrah's - Ely (Workshops) - Map
Speakers:Victor Graf,Ben Kurtz

SpeakerBio:Victor Graf , Hacker
Victor is a hacker and software engineer from Seattle with a love of network security and cryptography. He most recently worked for a blockchain company designing and building peer-to-peer protocols and systems for non-custodial account recovery. Building and breaking networks was his first love in the world of computers, and he built the Naumachia platform starting in 2017 to bring network hacking to CTFs. With that he has hosted Network Hacking 101 workshops in San Francisco and now in Seattle.

SpeakerBio:Ben Kurtz , Hacker
Ben Kurtz is a hacker, a hardware enthusiast, and the host of the Hack the Planet podcast (symbolcrash.com/podcast). After his first talk, at DefCon 13, he ditched development and started a long career in security.

He has been a pentester for IOActive, head of security for an MMO company, and on the internal pentest team for the Xbox One at Microsoft. Along the way, he volunteered on anti-censorship projects, which resulted in his conversion to Golang and the development of the ratnet project (github.com/awgh/ratnet). A few years ago, he co-founded the Binject group to develop core offensive components for Golang-based malware, and Symbol Crash, which focuses on sharing hacker knowledge through trainings for red teams, a free monthly Hardware Hacking workshop in Seattle, and podcasts. He is currently developing a ratnet-based handheld device for mobile encrypted mesh messaging (www.crowdsupply.com/improv-labs/meshinger).


Description:
Come learn how to hack networks without needing to piss off your local coffee shop, housemates, or the Feds! Bring your laptop and by the end of this workshop, everyone can walk away having intercepted some packets and popped some reverse shells.

In the workshop you’ll solve a series of challenges, each in a contained virtualized network where it’s just you and your targets. We’ll start with a networking crash course to introduce you to packets and their layers, as well as how to use Wireshark to dig in and explore further. We'll practice network sniffing and scanning to find your targets, and of course how to execute a man-in-the-middle attack via ARP spoofing to intercept local network traffic. With those techniques, we'll go through challenges including extracting plaintext passwords, TCP session hijacking, DNS poisoning, and SMTP TLS downgrade. All together, this workshop aims to give you the tools you need to start attacking systems at the network layer.

Materials
A laptop with Linux or a Linux VM (MacOS can also work, but have a VM installed as a backup). These software tools (detailed installation instructions will be provided in the materials ahead of DEFCON):
Prereq
Basic experience with Linux command-line tools

Basic familiarity with networking (e.g. you know what IP and MAC addresses are, you could set up your home router, and host a LAN party)


Return to Index    -    Add to    -    ics Calendar file

 

CON - Thursday - 00:00-09:59 PDT


Title: Octopus Game - Recruitment/Registration
When: Thursday, Aug 11, 00:00 - 09:59 PDT
Where: Other/See Description

Description:
Are you the next Octopus Champion? Find out at DEF CON 30! Enter here: https://www.mirolabs.info/octopusgame

Once entered, contestants are provided a random opponent. Locate your opponent and challenge them to a contest: rock-paper-scissors, Ddakji, staring contest, etc. Winners receive their opponents’ targets and the game continues until we reach the top 4. The Octopus Champion is then decided at a special tournament with events designed by the Octopus Master.

Phases:

Recruitment/Registration: until Friday Aug 12 10:00 Mandatory On-site Sign-in: Friday Aug 12 10:00 - 12:00 Individual Phase: Friday Aug 12 12:00 - Sunday Aug 14 10:00 Final 8 Phase: Sunday Aug 14 10:00 - 11:00


Return to Index    -    Add to    -    ics Calendar file

 

PYV - Thursday - 09:00-13:59 PDT


Title: Payment Hacking Challenge
When: Thursday, Aug 11, 09:00 - 13:59 PDT
Where: Virtual - Payment Village

Description:
Try yourself in ATM, Online bank, POS and Cards hacking challenges

Return to Index    -    Add to    -    ics Calendar file

 

WS - Thursday - 14:00-17:59 PDT


Title: Pentesting Industrial Control Systems 101: Capture the Flag!
When: Thursday, Aug 11, 14:00 - 17:59 PDT
Where: Harrah's - Ely (Workshops) - Map
Speakers:Arnaud Soullie,Alexandrine Torrents

SpeakerBio:Arnaud Soullie , Senior Manager
Arnaud Soullié (@arnaudsoullie) is a Senior Manager at Wavestone, a global consulting company. For 12 years, he has been performing security assessments and pentests on all types of targets. He started specializing in ICS cybersecurity 10 years ago. He spoke and taught workshops at numerous security conferences on ICS topics : BlackHat Europe, BruCon, CS3STHLM, BSides Las Vegas, DEFCON... He is also the creator of the DYODE project, an open­source data diode aimed at ICS. He has been teaching ICS cybersecurity training since 2015.
Twitter: @arnaudsoullie

SpeakerBio:Alexandrine Torrents , Security Consultant
Alexandrine Torrents is a cybersecurity consultant at Wavestone, a French consulting company. She started as a penetration tester, and performed several cybersecurity assessments on ICS. She worked on a few ICS models to demonstrate attacks on PLCs and developed a particular tool to request Siemens PLCs. Then, she started working at securing ICS, especially in the scope of the French military law, helping companies offering a vital service to the nation to comply with security rules. Now, Alexandrine works with different industrial CISOs on their cybersecurity projects: defining secure architectures, hardening systems, implementing detection mechanisms. She is also IEC 62443 certified and still performs assessments on multiple environments.

Description:
Do you want to learn how to hack Industrial Control Systems? Let’s participate in the one and only CTF in which you really have to capture a flag, by hacking PLCs and taking control of a robotic arm! We’ll start by explaining the basics of Industrial Control Systems : what are the components, how they work, the protocols they use… We’ll learn how PLC work, how to program them, and how to communicate with them using Modbus, S7comm and OPCUA.

Then we’ll start hacking! Your goal will be to take control of a model train and robotic arms to capture a real flag! The CTF will be guided so that everyone learns something and gets a chance to get most flags!

Materials
Just a laptop with a modern web browser. Students will be provided with cloud VMs to perform the exercises.
Prereq
None

Return to Index    -    Add to    -    ics Calendar file

 

WS - Thursday - 09:00-12:59 PDT


Title: Protect/hunt/respond with Fleet and osquery
When: Thursday, Aug 11, 09:00 - 12:59 PDT
Where: Harrah's - Goldfield + Tonopah (Workshops) - Map
Speakers:Guillaume Ross,Kathy Satterlee

SpeakerBio:Guillaume Ross , Head of Security
Guillaume started hacking away in the early 90s. Whereby hacking, we mean "understanding how pkzip works so he could fit this game on his ridiculous HDD". He then went on to work in IT, focusing on large scale endpoint deployments for a few years. He then became a security consultant, working with all types of different organizations, doing endpoint security, mobile security, and cloud security until he started leading security in startups. Guillaume is currently the Head of Security at Fleet Device Management, the company behind the open source project Fleet. Guillaume dislikes doing meaningless "best practices" work that has no practical value and enjoys leveraging great open source software available to all of us to improve security.

Guillaume has spoken and given workshops at various conferences like BSidesLV, BsidesSF, DEF CON, RSAC, Thotcon and Northsec on many topics, including mobile security, endpoint security, logging and monitoring.


SpeakerBio:Kathy Satterlee , Developer Advocate
Kathy is a Developer Advocate at Fleet Device Management. She generally has a pretty good idea of how Fleet and osquery work together and what people are doing with them. She also usually knows who to reach out to when she doesn’t have a clue.

Description:
In this workshop, we will learn how to use Fleet and osquery to ensure systems are protected, detect suspicious activity, hunt for attackers, and respond to incidents. First, we'll see how to deploy Fleet to manage osquery agents. Then, we will use shared Fleet instances to track the security posture of systems, inventory vulnerable applications, and perform threat hunting. These Fleet instances will be connected to a shared Slack workspace, where we will generate custom alerts to ensure insecure systems can be dealt with. These shared Fleet instances will output data to centralized logging (Graylog), which we will use to create dashboards as well as alerting for suspicious activity. At the end of this workshop, you'll know how to use Fleet and osquery to ensure your workstations and servers are secure, to quickly find vulnerable systems as well as discover attackers performing techniques such as establishing persistence and privilege escalation.
Materials
A laptop with internet access, a web browser, virtualization app such as VirtualBox or VMware, and Docker (on main OS or in a VM). We recommend bringing at least one or two VMs (Mac, Windows or Linux) ready to use as osquery clients.
Prereq
Basic understanding of operating systems and networking. No knowledge of Fleet or osquery itself is needed.

Return to Index    -    Add to    -    ics Calendar file

 

SOC - Thursday - 16:00-17:59 PDT


Title: Queercon Mixer
When: Thursday, Aug 11, 16:00 - 17:59 PDT
Where: Caesars Forum - Forum 120-123, 129, 137 (Chillout) - Map

Description:
The lgbtqia+ community in InfoSec is throwing a party to bring our folk together and have a good time. Meet others like you or hang out with those you’ve met over the years. This is a safe and inclusive space meant to make you feel comfortable and help you socialize with others like you.

Return to Index    -    Add to    -    ics Calendar file

 

WS - Thursday - 09:00-12:59 PDT


Title: The Purple Malware Development Approach
When: Thursday, Aug 11, 09:00 - 12:59 PDT
Where: Harrah's - Elko (Workshops) - Map
Speakers:Mauricio Velazco,Olaf Hartong

SpeakerBio:Mauricio Velazco , Principal Threat Research Engineer
Mauricio Velazco (@mvelazco) is a Principal Threat Research Engineer at Splunk. Prior to Splunk, he led the Threat Management team at a Fortune 500 organization. Mauricio has presented and hosted workshops at conferences like Defcon, BlackHat, Derbycon, BSides and SANS. His main areas of focus include detection engineering, threat hunting and adversary simulation.
Twitter: @mvelazco

SpeakerBio:Olaf Hartong , Defensive Specialist
Olaf Hartong is a Defensive Specialist and security researcher at FalconForce. He specializes in understanding the attacker tradecraft and thereby improving detection. He has a varied background in blue and purple team operations, network engineering, and security transformation projects. Olaf has presented at many industry conferences including WWHF, Black Hat, DEF CON, DerbyCon, Splunk .conf, FIRST, MITRE ATT&CKcon, and various other conferences. Olaf is the author of various tools including ThreatHunting for Splunk, ATTACKdatamap and Sysmon-modular.

Description:
This workshop merges offensive and defensive lab exercises to provide attendees hands-on experience on custom malware development as well as live malware analysis and response. The workshop has a total of 5 hands-on exercises and each contains a Red and a Blue section. In the Red section attendees write custom payloads using C# and C++ with different techniques to obtain a reverse shell on a Windows victim endpoint. In the Blue section attendees investigate the infection by reviewing events and logs using open source static and dynamic malware analysis tools like CFFExplorer, Pe-Studio, dnSpy, Process Explorer, Process Monitor, Sysmon, Frida, Velociraptor, etc..
Materials
Laptop with virtualization software. A Windows virtual machine A Kali Linux Virtual Machine.
Prereq
Beginner to intermediate programming/scripting skills. Prior experience with C# helps but not required. Beginner static and dynamic malware analysis skills.

Return to Index    -    Add to    -    ics Calendar file

 

SOC - Thursday - 18:00-01:59 PDT


Title: Thursday Opening Party - Entertainment
When: Thursday, Aug 11, 18:00 - 01:59 PDT
Where: Caesars Forum - Forum 120-123, 129, 137 (Chillout) - Map
Speakers:FuzzyNop,Dr. McGrew,Ytcracker,DJ St3rling,Archwisp,TRIODE,NPC Collective,Magician Kody Hildebrand

SpeakerBio:FuzzyNop
No BIO available

SpeakerBio:Dr. McGrew
No BIO available

SpeakerBio:Ytcracker
No BIO available

SpeakerBio:DJ St3rling
No BIO available

SpeakerBio:Archwisp
No BIO available

SpeakerBio:TRIODE
No BIO available

SpeakerBio:NPC Collective
No BIO available

SpeakerBio:Magician Kody Hildebrand
No BIO available

Description:
18:00 - 19:00: Hildebrand Magic
19:00 - 20:00: NPC Collective
20:00 - 21:00: Archwisp
21:00 - 22:00: Dr. McGrew
22:00 - 23:00: DJ St3rling
23:00 - 00:00: ytcracker
00:00 - 01:00: TRIODE
01:00 - 02:00: FuzzyNop

Return to Index    -    Add to    -    ics Calendar file

 

SOC - Thursday - 16:00-21:59 PDT


Title: Toxic BBQ
When: Thursday, Aug 11, 16:00 - 21:59 PDT
Where: Other/See Description

Description:
16:00- 22:00 Thursday, Off-site at Sunset Park, Pavilion F, (36.0636, -115.1178)

The humans of Vegas invite you to the 16th in-carne-tion of this unofficial welcome party. Go AFK 4 BBQ off-Strip and make us the first stop on your DC30 reunion tour. Burgers and dogs are provided; attendees are encouraged to pitch in with more food, drinks, volunteer labor, rides, and and everything that makes this cookout something to remember.

Grab flyers from an Info Booth after Linecon, check out https://www.toxicbbq.org for the history of this event, and watch #ToxicBBQ on Twitter for the latest news.


Return to Index    -    Add to    -    ics Calendar file