List of DEF CON talks in Tracks 1 thru 5
Villages and other Creators events are listed on the Creator Pages
One page DC Talks Long List with Descriptions
|
“We are currently clean on OPSEC”: The Signalgate Saga DC Talks Info |
|
40 Years Of Phrack: Hacking, Zines & Digital Dissent DC Talks Info |
|
7 Vulns in 7 Days: Breaking Bloatware Faster Than It’s Built DC Talks Info |
|
Advanced Active Directory to Entra ID lateral movement techniques DC Talks Info |
|
Amber64: Mining Hacker History from Over Half a Million Commodore 64 Disks DC Talks Info |
|
AppleStorm – Unmasking the Privacy Risks of Apple Intelligence DC Talks Info |
|
Ask EFF DC Talks Info |
|
Binary Facades: Reversing approaches to extract embedded scripts in compiled macOS malware DC Talks Info |
|
BitUnlocker: Leveraging Windows Recovery to Extract BitLocker Secrets DC Talks Info |
|
Blind Trailer Shouting DC Talks Info |
|
Breakin ‘Em All – Overcoming Pokemon Go’s Anti-Cheat Mechanism DC Talks Info |
|
Breaking Wi-Fi Easy Connect: A Security Analysis of DPP DC Talks Info |
|
Browser Extension Clickjacking: One Click and Your Credit Card Is Stolen DC Talks Info |
|
Building a Malware Museum DC Talks Info |
|
Can’t Stop the ROP: Automating Universal ASLR Bypasses for Windows DC Talks Info |
|
Carding, Sabotage & Survival: A Darknet Market Veteran’s Story DC Talks Info |
|
Cash, Drugs, and Guns: Why Your Safes Aren’t Safe DC Talks Info |
|
ChromeAlone: Transforming a Browser into a C2 Platform DC Talks Info |
|
Claude–Climbing a CTF Scoreboard Near You DC Talks Info |
|
Client or Server? The Hidden Sword of Damocles in Kafka DC Talks Info |
|
Contest Closing Ceremonies & Awards DC Talks Info |
|
CTRAPS: CTAP Impersonation and API Confusion Attacks on FIDO2 DC Talks Info |
|
Cyber Volunteering and Community Defense – DEF CON Franklin and the Cyber Resilience Corps 1 Year In DC Talks Info |
|
DC101 Panel DC Talks Info |
|
De-Virtualizing the Dragon: Automated Unpacking and Deobfuscation of Nested VM-Based Protectors using Symbolic Execution and Taint Tracking DC Talks Info |
|
Dead Made Alive Again: Bypassing Intent Destination Checks and Reintroducing LaunchAnyWhere Privilege Escalation DC Talks Info |
|
DEF CON Closing Ceremonies & Awards DC Talks Info |
|
Diamonds Are For Hackers – Building the first fully open source and hackable Quantum Sensor DC Talks Info |
|
Direct Memory, Access Everywhere DC Talks Info |
|
DisguiseDelimit: Exploiting Synology NAS with Delimiters and Novel Tricks DC Talks Info |
|
Edge of Tomorrow: Foiling Large Supply Chain Attacks By Taking 5k Abandoned S3 Buckets from Malware and Benign Software DC Talks Info |
|
Emulating Embedded Linux Devices at Scale with Light-Touch Firmware Rehosting DC Talks Info |
|
Escaping the Privacy Sandbox with Client-Side Deanonymization Attacks DC Talks Info |
|
Fireside Chat with DT and General Paul M. Nakasone DC Talks Info |
|
Firewalls Under Fire: China’s 5+ year campaign to penetrate perimeter network defenses DC Talks Info |
|
From Shanghai to the Shore: The Silent Threat in Global Shipping DC Talks Info |
|
From Spoofing to Tunneling: New Red Team’s Networking Techniques for Initial Access and Evasion DC Talks Info |
|
Gateways to Chaos – How We Proved Modems Are a Ticking Time Bomb That Hackers Can Access Everywhere DC Talks Info |
|
Ghost Calls: Abusing Web Conferencing for Covert Command & Control DC Talks Info |
|
Ghosts in the Machine Check – Conjuring Hardware Failures for Cross-ring Privilege Escalation DC Talks Info |
|
Ghosts of REvil: An Inside Look with the Hacker Behind the Kaseya Ransomware Attack DC Talks Info |
|
Hackers Dropping Mid-Heist Selfies: LLM Identifies Information Stealer Infection Vector and Extracts IoCs DC Talks Info |
|
Hacking Hotspots: Pre-Auth Remote Code Execution, Arbitrary SMS & Adjacent Attacks on 5G and 4G/LTE Routers DC Talks Info |
|
HaKCing OBD-II Emissions Testing DC Talks Info |
|
Help! Linux in my Webcam! (•_•) DC Talks Info |
|
How to Fake a Badge like a Pro: 11 Tips to Counterfeiting Event Credentials DC Talks Info |
|
How to secure unique ecosystem shipping 1 billion+ cores? DC Talks Info |
|
HTTP/1.1 Must Die! The Desync Endgame DC Talks Info |
|
Infecting the Boot to Own the Kernel: Bootkits and Rootkits Development DC Talks Info |
|
Inside Look at a Chinese Operational Relay Network DC Talks Info |
|
Invitation Is All You Need! Invoking Gemini for Workspace Agents with a Simple Google Calendar Invite DC Talks Info |
|
Jailbreaking the Hivemind: Finding and Exploiting Kernel Vulnerabilities in the eBPF Subsystem DC Talks Info |
|
Journey to the center of the PSTN: How I became a phone company, and why you should too. DC Talks Info |
|
Kill Chain Reloaded: Abusing legacy paths for stealth persistence DC Talks Info |
|
Kill List: Hacking an Assassination Site on the Dark Web DC Talks Info |
|
Killing Killnet DC Talks Info |
|
Loading Models, Launching Shells: Abusing AI File Formats for Code Execution DC Talks Info |
|
Making the DEF CON 33 Badge DC Talks Info |
|
Man-in-the-Malware: Intercepting Adversarial Communications DC Talks Info |
|
Mastering Apple’s Endpoint Security for Advanced macOS Malware Detection DC Talks Info |
|
Metal-as-a-Disservice: Exploiting Legacy Flaws in Cutting-Edge Clouds DC Talks Info |
|
Mind the Data Voids: Hijacking Copilot Trust to Deliver C2 Instructions with Microsoft Authority DC Talks Info |
|
No VPN Needed? Cryptographic Attacks Against the OPC UA Protocol DC Talks Info |
|
Not Just a Pipeline Leak: Reconstructing the Real Attack Behind tj-actions DC Talks Info |
|
One Key, Two Key, I Just Stole Your goTenna Key DC Talks Info |
|
One Modem to Brick Them All: Exploiting Vulnerabilities in the EV Charging Communication DC Talks Info |
|
Original Sin of SSO: macOS PRT Cookie Theft & Entra ID Persistence via Device Forgery DC Talks Info |
|
Orion – fuzzing workflow automation DC Talks Info |
|
OverLAPS: Overriding LAPS Logic DC Talks Info |
|
Passkeys Pwned: Turning WebAuthn Against Itself DC Talks Info |
|
Patching Critical Infrastructure: Announcing the Winners of DARPA’s AI Cyber Challenge DC Talks Info |
|
Paywall Optional: Stream for Free with a New Technique, Recursive Request Exploits (RRE) DC Talks Info |
|
Planting C4: Cross-Compatible External C2 for All Your Implants DC Talks Info |
|
Playing Dirty Without Cheating – Getting Banned for Fun and No Profit DC Talks Info |
|
RATs & Socks abusing Google Services DC Talks Info |
|
Rebadged, Relabeled, and Rooted: Pwnage via the Solar Supply Chain DC Talks Info |
|
Recording PCAPs from Stingrays With a $20 Hotspot DC Talks Info |
|
Remote code execution via MIDI messages DC Talks Info |
|
ReVault! Compromised by your Secure SoC DC Talks Info |
|
Rusty pearls: Postgres RCE on cloud databases DC Talks Info |
|
Safe Harbor or Hostile Waters: Unveiling the Hidden Perils of the TorchScript Engine in PyTorch DC Talks Info |
|
SCCM: The tree that always bears bad fruits DC Talks Info |
|
Shaking Out Shells with SSHamble DC Talks Info |
|
Silent Leaks: Harvesting Secrets from Shared Linux Environments DC Talks Info |
|
Silent Signals: Exploiting Security and Privacy Side-Channels in End-to-End Encrypted Messengers DC Talks Info |
|
Siri-ously Leaky: Exploring Overlooked Attack Surfaces Across Apple’s Ecosystem DC Talks Info |
|
So Long, and Thanks for All the Phish DC Talks Info |
|
SSH-nanigans: Busting Open the Mainframes Iron Fortress through Unix DC Talks Info |
|
Stories from a Tor dev DC Talks Info |
|
The (Un)Rightful Heir: My dMSA Is Your New Domain Admin DC Talks Info |
|
The 2025 Pwnie Awards DC Talks Info |
|
The DOMino Effect: Automated Detection and Exploitation of DOM Clobbering Vulnerability at Scale DC Talks Info |
|
The One Bitcoin Heist: Making a custom Hashcat module to solve a decade-old puzzle challenge DC Talks Info |
|
The Ultimate Hack: Applying Lessons Learned from the loss of TITAN to Maritime Cybersecurity DC Talks Info |
|
Thinking Like a Hacker in the Age of AI DC Talks Info |
|
TSPU: Russia’s Firewall and Defending Against the Future of Digital Repression DC Talks Info |
|
Turning Camera Surveillance on its Axis DC Talks Info |
|
Turning Microsoft’s Login Page into our Phishing Infrastructure DC Talks Info |
|
Turning your Active Directory into the attacker’s C2: modern Group Policy Objects enumeration and exploitation DC Talks Info |
|
Unexpected Connections: How a vulnerability in obscure dealer software could have unlocked your car from anywhere DC Talks Info |
|
Unmasking the Snitch Puck: the creepy IoT surveillance tech in the school bathroom DC Talks Info |
|
Virtualization-Based (In)security – Weaponizing VBS Enclaves DC Talks Info |
|
Voice Cloning Air Traffic Control: Vulnerabilities at Runway Crossings DC Talks Info |
|
Weaponizing Trust: Investigating a Threat Actor Targeting Security Researchers and Academics DC Talks Info |
|
Welcome to DEF CON 33! DC Talks Info |
|
What is Dead May Never Die: The Ghost of Internet Explorer in Windows: MapUrlToZone DC Talks Info |
|
Where’s My Crypto, Dude? The Ultimate Guide to Crypto Money Laundering (and How to Track It) DC Talks Info |
|
Win-DoS Epidemic: A crash course in abusing RPC for Win-DoS & Win-DDoS DC Talks Info |
|
You snooze you lose: RPC-Racer winning RPC endpoints against services DC Talks Info |
|
Zero Trust, Total Bust – Breaking into thousands of cloud-based VPNs with one bug DC Talks Info |