DEF CON DC Talks List

In March, former national security advisor Mike Waltz accidentally invited a journalist into his war crimes Signal group with other senior Trump officials. “We are currently clean on OPSEC,” secretary of defense Pete Hegseth posted to the group. In May, Waltz was photographed clandestinely checking his Signal messages under the table during a cabinet meeting.

Only it turns out, Waltz was actually using a knock-off of Signal called TM SGNL. Immediately after that, TeleMessage (the company that makes TM SNGL) was hacked, and the hacker was able to access plaintext Signal messages. It was then hacked again, and the second hacker exfiltrated hundreds of gigabytes of data before TeleMessage took its service offline.

This talk is about the entire Signalgate saga: the journalist getting invited to the Signal group; Trump officials lying to Congress; the history of TeleMessage, which was founded by a former Israeli spook; an analysis of the TM SGNL source code that proves the company lied about supporting end-to-end encryption; the trivial exploit that was used to extract data from TeleMessage’s archive server; and an analysis of hundreds of gigabytes of memory dumps full of chat logs from TeleMessage customers.

References:

• My initial analysis, from May 2: link
• The source code I published, from May 3: link
• Article I cowrote in 404 Media about the hack, from May 4: link — it’s paywalled, you can see the whole thing at link
• My analysis of the source code that proves TeleMessage lied about E2EE, from May 6: link
• Senator Ron Wyden’s letter that references my research: link

Micah is a member of the Lockdown Systems collective. He’s a coder, a security researcher, and an independent journalist. He develops open source privacy and security tools, and he’s done a lot of work related to journalism and whistleblowing. He’s the former director of infosec for The Intercept. He wrote a book that teaches people how to analyze hacked and leaked datasets, Hacks, Leaks, and Revelations. He really doesn’t like the technofascist future we’ve all been forced into.

For 40 years, Phrack has published papers from the hacker underground. Join us as we discuss the evolution of hacking, hacker zines/culture, information security, and the role Phrack has played in all three. We will discuss the history of Phrack, the latest reboot and 40th anniversary production, followed by a panel of authors and contributors.

richinseattle grew up reading Phrack on BBSs and now is lucky enough to be included as part of Phrack Staff. richinseattle is also known for his Undercurrents(.io) BBS, co-founding Uninformed Journal, and doing a bunch of talks at Defcon, Black Hat, and others.

Netspooky is a security researcher and artist. He works on hacking zines Phrack & tmp.0ut, and runs the annual Binary Golf Grand Prix file format hacking party.

Chompie is a security researcher, exploit developer, and weird-machine mechanic. She leads X-Force Offensive Research (XOR). In her free time, she volunteers on Phrack Staff and other initiatives that support the hacker community.

Bloatware. We all hate it, and most of us are good at avoiding it. But some vendor tools – especially those managing critical drivers – can be useful when the Windows Update versions aren’t good enough for performance-critical computing.

What started as a routine driver update took a sharp turn when I confirmed a reboot modal… from my browser. Wait, my browser shouldn’t be able to do that!? To my disappointment (and maybe some surprise), it turned out to be arbitrary code execution – right from the browser. This kicked off a week-long deep dive, uncovering seven CVEs in seven days across several prominent vendors, all exploiting a common pattern: privileged services managing software on Windows with little regard for security.

In this talk, I’ll walk through the journey of discovery and exploitation of several vulnerabilities that lead to LPE/RCE. I’ll cover everything from the initial attack surface discovery, reverse engineering and finally exploitation of several vulnerabilities. By the end, participants will probably be uninstalling similar software mid-session. While the exploitation journey is fun and impactful, this isn’t the kind of “access everywhere” anyone wants. It’s 2025 – we have everything we need to do better.

References:

• 0
• 1
• 2
• 3
• 4
• 5
• 6
• 7
• 8
• 9
• 10
• 11
• 12
• 13
• 14
• 15
• 16
• 17

With over two decades in IT – 15 years focused on cybersecurity – Leon is the CTO of Orange Cyberdefense’s SensePost Team. His career has taken him from a Tier 1 ISP, a private investment bank and now into full-time consulting, giving him a broad, real-world view of security challenges across industries. Today, Leon spends his time researching and hacking everything from enterprise networks to web and mobile applications. Passionate about building and innovating, he’s a regular contributor to the InfoSec community, sharing tools, insights, and lessons learned to help push the field forward.

Is there a security boundary between Active Directory and Entra ID in a hybrid environment? The answer to this question, while still somewhat unclear, has changed over the past few years as there has been more hardening of how much “the cloud” trusts data from on-premises. The reason for this is that many threat actors, including APTs, have been making use of known lateral movement techniques to compromise the cloud. In this talk, we take a deep dive together into Entra ID and hybrid trust internals. We will introduce several new lateral movement techniques that allow us to bypass authentication, MFA and stealthily exfiltrate data using on-premises AD as a starting point, even in environments where the classical techniques don’t work. All these techniques are new, not really vulnerabilities, but part of the design. Several of them have been remediated with recent hardening efforts by Microsoft. Very few of them leave useful logs behind when abused. As you would expect, none of these “features” are documented. Join me for a wild ride into Entra ID internals, undocumented authentication flows and tenant compromise from on-premises AD.

References:

• link
• link
• link
• link

Dirk-jan Mollema is a security researcher focusing on Active Directory and Microsoft Entra (Azure AD) security. In 2022 he started his own company, Outsider Security, where he performs penetration tests and reviews of enterprise networks and cloud environments. He blogs at dirkjanm.io, where he publishes his research, and shares updates on the many open source security tools he has written over the years. He presented previously at TROOPERS, DEF CON, Black Hat and BlueHat, is a current Microsoft MVP and has been awarded as one of Microsoft’s Most Valuable Researchers multiple times.

The Commodore 64 home computer, which sold at least 12.5 million units from 1982 to 1994, was widely used during a formative early decade in the subcultures of hacking, phreaking, piracy, and cybercrime. Like ancient insects trapped in amber, discovered and studied millions of years later, ephemera of hacker history has been fortuitously preserved in the file system structures of C64 floppy disks from the 1980s and 90s.

Enthusiasts and researchers have created byte-for-byte copies of disks in order to preserve games, applications, and demos of the time period. What is less obvious, however, is that users of the time tended to reuse disks, deleting old files to make space for new programs. This and other use patterns have resulted in interesting data being retained in unallocated sectors alongside the overtly-accessible programs and data. Often, this data can be recovered and includes logs of online sessions, hacker text files, and more.

In this talk, Dr. McGrew describes software and workflow he developed to perform forensic processing and full-text indexing of over 650,000 unique C64 floppy disk images from publicly-accessible online archives. He will also present interesting findings from searches and analysis that illustrate, for the modern audience, day-to-day hacker communications and tools of the past.

References:

• Guiness Book of World Records – Most Computer Sales – link
• Jason Scott, Textfiles.com – link
• Wolfgang Moser, D64 (Electronic form of a physical 1541 disk), D64.TXT, Nov 7 2008, link
• Schepers, Forster, Disk File Layout (D64, D71, D81), DISK.TXT, Mar 11, 2004, link
• Immers, Neufeld, Inside Commodore DOS, 1985
• The Cutting Room Floor – link

Dr. Wesley McGrew is a house music DJ that also directs research, development, and offensive cyber operations as Senior Cybersecurity Fellow for MartinFederal. He has presented on topics of penetration testing and malware analysis at DEF CON and Black Hat USA and teaches self-designed courses on software reverse engineering and assembly language programming. Wesley has a Ph.D. in Computer Science from Mississippi State University for his research in vulnerability analysis of SCADA HMI systems.

Apple Intelligence, Apple’s newest AI product, is designed to enhance productivity with AI while maintaining Apple’s focus on user experience and privacy, often highlighting its use of localized models as a key advantage. But how well do these assurances hold up under scrutiny? While Apple emphasizes privacy as a core principle, my findings challenge some of these claims, illustrating the importance of scrutinizing AI-driven assistants before widespread adoption.

In this talk, we take a closer look at the data flows within Apple Intelligence, examining how it interacts with user data and the potential security and privacy risks that come with it. Using traffic analysis and OS inspection techniques, we explore what information is accessed, how it moves through the system, and where it gets transmitted. Our findings challenge common security assumptions of Apple, revealing unexpected behaviors and data leaks. From encrypted traffic to data leakage concerns, this presentation will provide practical insights for users and security professionals alike.

Yoav Magid is a security researcher at Lumia Security, where his work centers on AI security. Yoav’s other topics of interest are social engineering and embedded operating systems. With a solid foundation in cybersecurity, Yoav holds a B.Sc. in Computer Science and is currently preparing to pursue an MBA.

Bringing over seven years of cyber security experience, he has honed his skills in embedded research and programming, tackling real-world challenges in high-stakes environments. Yoav also founded a large-scale LGBTQIA+ Employee Resource Group (ERG) that fosters international collaboration and support in his last organization.

Electronic Frontier Foundation (EFF) is excited to be back at DEF CON. Our expert panelists will offer brief updates on EFF’s work defending your digital rights, before opening the floor for attendees to ask their questions. This dynamic conversation centers challenges DEF CON attendees actually face, and is an opportunity to connect on common causes.

This year you’ll meet:

• Moderator Hannah Zhao (she/her), Senior Staff Attorney on EFF’s Coders’ Rights Project; protecting hackers, researchers, and tinkerers.
• Alexis Hancock (she/her), EFF’s Director of Engineering, manages the much-beloved Certbot project and leads on encryption and consumer privacy research.
• Cooper Quintin (he/him), Senior Staff Technologist, aka Cyber Tiger, thwarts government surveillance with his research on EFF’s Threat Lab.
• Lisa Femia (she/her), Staff Attorney, focuses on surveillance, privacy, free speech, and the impact of technology on civil rights and civil liberties.
• Thorin Klosowski (he/him), Security and Privacy Activist, focuses on providing practical advice to protecting online security, including handling much of Surveillance Self-Defense.

Alexis is an expert technologist and researcher on the security vulnerabilities which plague consumer electronics, and can speak to the disparate impact they have on communities.

Cooper Quintin is a senior public interest technologist with the EFF Threat Lab. He has given talks about security research at prestigious security conferences including Black Hat, DEFCON, Shmoocon, and ReCon about issues ranging from IMSI Catcher detection to Femtech privacy issues to newly discovered APTs. He has two children and is very tired.

Cooper has many years of security research experience on tools of surveillance used by government agencies.

focuses on surveillance, privacy, free speech, and the impact of technology on civil rights and civil liberties

Thorin is the Security and Privacy Activist at EFF, where he focuses on providing practical advice to protecting online security, including handling much of Surveillance Self-Defense.

When confronted with malicious macOS binaries, analysts typically reach for a disassembler and immerse themselves in the complexities of low-level assembly. But what if this tedious process could be skipped entirely?

While many malware samples are distributed as native macOS binaries (easily run with a simple double-click), they frequently encapsulate scripts hidden within executable wrappers. Leveraging frameworks such as PyInstaller, Appify, Tauri, and Platypus, malware authors embed their scripts with binaries, complicating traditional analysis. Although these frameworks share the goal of producing natively executable binaries, each employs a distinct method to embed scripts, thus necessitating tailored extraction tools and approaches.

Using real-world macOS malware (such as Shlayer, CreativeUpdate, GravityRAT, and many others), we’ll first demonstrate how to identify these faux binaries and then how to efficiently extract or reconstruct their embedded scripts, bypassing the disassembler entirely!

References:

• P.Wardle: The Art of Mac Malware (Vol I: Analysis)
• “Reverse Engineering a Native Desktop Application (Tauri App)” link
• “From The DPRK With Love:analyzing a recent north korean macOS backdoor” link

Patrick Wardle is the founder of the Objective-See Foundation, the CEO/Cofounder of DoubleYou, and the author of “The Art of Mac Malware” book series. Having worked at NASA and the NSA, as well as presenting at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy. Passionate about macOS security, Patrick spends his days discovering Apple 0days, studying macOS malware, and releasing free open-source security tools to protect Mac users.

In Windows, the cornerstone of data protection is BitLocker, a Full Volume Encryption technology designed to secure sensitive data on disk. This ensures that even if an adversary gains physical access to the device, the data remains secure and inaccessible.

One of the critical aspects of any data protection feature is its ability to support recovery operations failure cases. To support BitLocker recovery, design changes were applied in the Windows Recovery Environment (WinRE). This led us to a pivotal question: did these changes introduce new attack surfaces impacting BitLocker?

In this talk, we will share our journey of researching a fascinating and mysterious component: WinRE. Our exploration begins with an overview of the WinRE architecture, followed by a retrospective analysis of the attack surfaces exposed with the introduction of BitLocker. We will then discuss our methodology for effectively researching and exploiting these exposed attack surfaces. Our presentation will reveal how we identified multiple 0-day vulnerabilities and developed fully functional exploits, enabling us to bypass BitLocker and extract all protected data in several different ways.

Finally, we will share the insights Microsoft gained from this research and explain our approach to hardening WinRE, which in turn strengthens BitLocker.

Alon Leviev (@alon_leviev) is a self-taught security researcher working with the Microsoft Offensive Research & Security Engineering (MORSE) team. Alon specializes in low-level vulnerability research targeting hardware, firmware, and Windows boot components. He has presented his findings at internationally-recognized security conferences such as DEF CON 32 (2024), Black Hat USA 2024, Black Hat EU 2023, CanSecWest 2024, and CONFidence 2024. Prior to his career in cybersecurity, Alon was a professional Brazilian jiu-jitsu athlete, winning several world and European titles.

Netanel Ben-Simon has been a security researcher for over eight years, and is currently working with the Microsoft Offensive Research & Security Engineering (MORSE) team. He specializes in low-level vulnerability research, fuzzing & Exploitation on various platform types such as Windows, Linux, and Embedded Devices. Over the past year, he has conducted in-depth vulnerability research on different UEFI components with a focus on Windows security posture around the boot environment, bug hunting and mitigations.

Tanker trailers? Turns out those aren’t just big, dumb hunks of metal. They have a powerline network, PLC4TRUCKS, which is unintentionally accessible wirelessly (CVEs 2020-14514 and 2022-26131). We found new trailer brake controllers using diagnostic protocol KWP2000, secured with access control by seed-key (a challenge-response protocol). We’ll show how to use Wireshark to analyze the diag. traffic. We’ll discuss why randomness is critical for any challenge-response protocol.

We’ll cover two ways to bypass this access control: using a SMT solver to crack the routine from a few request-response pairs (automated with AHK), and a classic reset attack that makes seeds entirely predictable. This second way allows for a blind, wireless attack, a finding now recognized as CVE-2024-12054. We’ll detail how we ran timing search ‘campaigns’ with a custom sigrok decoder to PoC it.

The trailer brake controller is also at risk from trailer-installed telematics devices too. We’ll show how to use Scapy Automotive’s UDS scanner on a faked CAN bus for PLC4TRUCKS (plus modify that for a known seed-key routine) so we can get a picture of that attack surface.

This and the previous CVEs are a result of the heavy vehicle testing we do. We’ll share some details of how we do onsite truck tests and how we do bench tests.

Ben is a Senior Cybersecurity Research Engineer at the National Motor Freight Traffic Association, Inc. (NMFTA)™ specializing in hardware and low-level software security. He has held security assurance and reversing roles at a global corporation, as well as worked in embedded software and systems engineering roles at several organizations.

Ben has conducted workshops and presentations at numerous cybersecurity events globally, including the CyberTruck Challenge, GENIVI security sessions, Hack in Paris, HackFest, escar USA and DEF CON.

Ben holds a M.Sc. Eng. in Applied Math & Stats from Queen’s University. In addition to speaking on the main stage at DEF CON, Ben is a volunteer at the DEF CON Hardware Hacking Village (DC HHV) and Car Hacking Village (CHV). He is GIAC GPEN and GICSP certified, chair of the SAE TEVEES18A1 Cybersecurity Assurance Testing TF (published J3322), a contributor to several American Trucking Associations (ATA) Technology & Maintenance Council (TMC) task forces, ISO WG11 committees, and a voting member of the SAE Vehicle Electronic Systems Security Committee.

It was the summer of 2016, and like everyone else, I was out playing Pokémon Go. Except my rural location barely spawned anything interesting. Naturally, I dove into the game’s code, reverse engineered its protocol, and built a custom Pokémon scanner.

But the story doesn’t end there. One day, a switch was flipped, enabling a fancy new anti-cheating feature that locked out any custom implementations.

In this talk, I’ll begin by exploring how mobile games like Pokémon Go handle communication through specialized protocols—and how I replicated that behavior to build a scanner. Then, I’ll walk you through a 4-day hacking marathon where I teamed up with a group of like-minded enthusiasts to overcome the anti-cheating mechanism that nearly broke our scanners.

We’ll examine how mobile games attempt to thwart such applications, unraveling the anti-cheating mechanism that was deployed by Pokemon Go. We’ll explore how we managed, through obfuscated cryptographic functions, unexpected use of smartphone peripherals and hidden protobuf definitions, to break the anti-cheating system and release a publicly available API for the game’s protocol.

Almost a decade later, the full story is ready to be told. Join me for an inside look at the anti-cheating mechanisms of online mobile games—and how to hack them.

References:

• Team Unknown 6 Github and Discord
• Arstechnica Article
• Blog covering some of the work

In the past decade, Tal turned his hacking hobby into a career. His experience covers reverse engineering, malware analysis, embedded security, web hacking, cryptography, and computational complexity. He also teaches a biannual workshop on assembly, reverse engineering x86/x64, and blackbox research.

Tal hold an M.Sc. in Theoretical Computer Science from the Weizmann Institute.

Currently, Tal is the Head of Research at Astrix Security, where, among other things, he discovers vulnerabilities in how cloud providers implement connectivity between (and by) non-human identities.

Some of things Tal did in a past: Hacked vehicle infotainment systems at his previous job Was a part of the “Unknown6” research group that broke PokemonGo’s anti-cheating system in 2016. Turned a OnePlus 5T whose screen he accidentally broke into an ad blocker for my home network, as well as a meta search engine focused on ultimate privacy. Presented at several conferences including DEFCON, RSAC, BSides, and OWASP chapters. Conducted an open-heart surgery on a (1 month off warranty) Nintendo Switch to replace a defective part, which highlights the importance of the “Right to Repair” movement.

Wi-Fi Easy Connect is a protocol introduced by the Wi-Fi Alliance as the core replacement for Wi-Fi Protected Setup (WPS). It is designed to simplify device provisioning using user-friendly methods such as QR code scanning or short-range wireless technologies like NFC and Bluetooth. In this paper, we present a comprehensive security and privacy assessment of Wi-Fi Easy Connect (version 3.0).

Our analysis uncovered several security issues, including aspects of the protocol’s design that may unintentionally expand the attack surface compared to WPS. Notably, we found that design choices intended to enhance usability can compromise security. All identified issues were disclosed to the Wi-Fi Alliance, and we incorporated their feedback regarding mitigations and risk acceptance into our evaluation.

This work underscores the critical balance between usability and security in protocol design and the dangers of prioritizing ease-of-use at the expense of robust security guarantees.

References:

1. Wi-Fi Alliance.Wi-Fi Protected Setup (WPS) Specification version 1.0h. 2006. link (2015)
2. Viehbck, S.: Wi-Fi Protected Setup online pin brute force vulnerability (2011)
3. Wi-Fi Alliance. Device provisioning protocol (dpp) specification, Technical Specification, Wi-Fi Alliance, Latest Version. link (2025). Accessed 02 Jan 2025
4. Wi-Fi Alliance. Wi-Fi Alliance product finder. link. Accessed 07 Jan 2023
5. Group, N.: Ble proximity authentication vulnerable to relay attacks. Available: link (2023). Accessed 02 Jan 2025
6. Nobles, P.: Vulnerability of IEEE802.11 WLANs to MAC layer DoS attacks. In: IET Conference Proceedings, pp. 14–14(1). link (2004)
7. Bernstein D.J., Hamburg, M., Krasnova, A., Lange, T.: Elligator: elliptic-curve points indistinguishable from uniform random strings. In: Proceedings of the 2013 ACM SIGSAC conference on Computer & Communications Security, pp. 967–980 (2013)
8. WiFi Alliance: WPA3 specification version 1.0. Available: link
9. Vanhoef, M., Ronen, E.: Dragonblood: analyzing the dragonfly handshake of WPA3 and EAP-pwd. In: IEEE Symposium on Security & Privacy (SP). IEEE (2020)
10. Chatzisofroniou, G., Kotzanikolaou, P.: Association attacks in IEEE 802.11: exploiting WiFi usability features. In: Proceedings of the International Workshop on Socio-Technical Aspects in Security and Trust (STAST). Springer , pp. 107–123 (2019)
11. National Institute of Standards and Technology (NIST): A closer look at revocation and key compromise in public key infrastructures. National Institute of Standards and Technology, Tech. Rep. link (2023). Accessed 02 Jan 2025
12. IEEE Standard for Local and Metropolitan Area Networks–PortBased Network Access Control, IEEE Std. 802.1X-2010. link (2010)
13. Common Vulnerability and Exposure database: CVE-2022-37660. link (2022)
14. Rondon, L.P., Babun, L., Aris, A., Akkaya, K., Uluagac, A.S.: Survey on enterprise internet-of-things systems (e-iot): a security perspective. Ad Hoc Networks, vol. 125, p. 102728. link (2022)
15. Vanhoef, M., Piessens, F.: Key reinstallation attacks: Forcing nonce reuse in wpa2. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’17. ACM, New York, NY, USA, pp. 1313–1328. link (2017)
16. Vanhoef, M.: A time-memory trade-off attack on wpa3’s sae-pk. In: Proceedings of the 9th ACM on ASIA Public-Key Cryptography Workshop, ser. APKC ’22, pp. 27–37. Association for Computing Machinery, New York, NY. link (2022)
17. Marais, S., Coetzee, M., Blauw, F.: Simultaneous deauthentication of equals attack. In: Wang, G., Chen, B., Li, W., Di Pietro, R., Yan, X., Han, H. (eds.) Security, Privacy, and Anonymity in Computation, Communication, and Storage, pp. 545–556. Springer, Cham (2021)
18. Kampourakis, V., Chatzoglou, E., Kambourakis, G., Dolmes, A., Zaroliagis, C.: Wpaxfuzz: sniffing out vulnerabilities in wi-fi implementations. In: Cryptography, vol. 6, no. 4. link (2022)
19. Chatzoglou, E., Kambourakis, G., Kolias, C.: How is your WiFi connection today? DoS attacks on WPA3-SAE. J. Inf. Secur. Appl. 64, 103058 (2022)
20. Chatzisofroniou, G., Kotzanikolaou, P.: Exploiting WiFi usability features for association attacks in IEEE 802.11: attack analysis and mitigation cont

George Chatzisofroniou is a computer security researcher and engineer specializing in Wi-Fi and wireless network security. He has conducted infrastructure and software security testing for Fortune 500 companies across Africa, Asia, Europe, and North America. His research has been presented at leading security conferences and has attracted media coverage for uncovering critical protocol-level vulnerabilities.

Browser extensions have become increasingly popular for enhancing the web browsing experience. Common examples are ad blockers, cryptocurrency wallets, and password managers. At the same time, modern websites frequently display intrusive elements, such as cookie consent banners, newsletter subscription modals, login forms, and other elements that require user interaction before the desired content can be displayed.

In this talk, I will present a new technique based on clickjacking principles that targets browser extensions, where I used fake intrusive elements to enforce user interaction. In my research, I tested this technique on the 11 most widely used password managers, which resulted in discovering multiple 0-day vulnerabilities that could affect tens of millions of users. Typically, just one click was required from a user to leak their stored private information, such as credit card details, personal data or login credentials (including TOTP). In some cases, it could lead to the exploitation of passkey authentication.

The described technique is general and can be applied to browser extensions beyond password managers, meaning other extensions may also be vulnerable to this type of attack. In addition to describing several methods of this technique, I will also recommend mitigations for developers to protect their extensions against this vulnerability.

Marek Tóth is a security researcher from the Czech Republic specializing in web application security. In his free time, he conducts independent research or reports critical vulnerabilities that could be exploited by attackers, with a recent focus on Czech companies. He shares interesting findings on his personal website, youtube channel or presents them at conferences, primarily at OWASP Chapter meetups.

Culture isn’t just found in galleries or libraries – it lives in code, on screens, and sometimes, in the viruses that once infected our machines. Building a Malware Museum tells the story behind creating the world’s first online Malware Museum and its evolution into the Museum of Malware Art in Helsinki.

Only we can save the culture of our time. And our culture is digital. Preserving digital culture is hard: Software rots. Hardware vanishes. File formats die. And some digital artifacts – like computer viruses – were never meant to survive.

Mikko Hypponen has been archiving malware since 1991, originally for research – but today, this collection also holds cultural value. These digital fossils now offer a glimpse into a forgotten world of underground creativity, early hacking culture, and unintended digital aesthetics. Thanks to modern emulation techniques, it’s now possible to safely relive how those early viruses looked, sounded, and behaved.

In November 2024, Mikko opened the world’s first Museum of Malware Art, in Helsinki. This art museum features modern art commissioned from artists around the world, all inspired by malware or cyber attacks.

This is a journey through preservation, nostalgia, and the art of archiving what was never meant to last. Because even malware is part of our history.

References:

• link
• link

Mikko Hypponen is a global security expert who has been working in malware research since 1991. He is currently the Chief Research Officer at WithSecure, a Helsinki-based security company. Mikko has published his research in The New York Times, Wired, and Scientific American. He has lectured at Oxford, Harvard, and MIT. Mr. Hypponen’s research team was the first to locate, analyze, and develop protection against the ILOVEYOU email worm – the largest malware outbreak in history. Mikko is also the curator for The Malware Museum at The Internet Archive and for The Museum of Malware Art in Helsinki.

High-entropy ASLR was supposed to make bypasses of ASLR on Windows virtually impossible – until now! This talk will debut nine novel bypasses of the strongest form of ASLR on Windows, which makes attacks such as brute-forcing totally infeasible. This talk showcases how mostly simple, easy-to-find ROP gadgets can be used to construct highly reliable, universal ASLR bypasses to key Windows system DLLs, allowing ROP gadgets from those DLLs to be used freely in exploits! The end result? The attack surface is greatly expanded, making it possible to do more attacks on binaries previously constrained by limited gadgets. What may have been impossible before due to insufficient ROP gadgets, now is quite possible! While this talk focuses primarily on ASLR bypass for x64, we will also briefly touch upon similar attacks for x86. As part of this talk, for the first time ever, I am also releasing and open-sourcing a new mini-tool that will generate complete, x64 ROP chains for each of these bypasses! We will see this ASLR bypass attack in action with demo. We conclude with recommendations to help remediate the problem. This talk is an in-depth technical deep dive into Windows internals and the design of this technique, but it will also be presented in an accessible way to beginners.

References:

• J. Thompson, “Six facts about address space layout randomization on Windows,” Aug. 2020. link
• Microsoft Security Response Center, “Software defense: Mitigating common exploitation techniques,” Dec. 2013. link
• INCIBE-CERT, “ASLR: Essential protection against memory exploitation,” Mar. 29, 2025. link
• L. Binosi, G. Barzasi, M. Carminati, S. Zanero, and M. Polino, “The illusion of randomness: An empirical analysis of address space layout randomization implementations,” arXiv preprint arXiv:2408.15107, 2024.
• J. Ganz and S. Peisert, “ASLR: How robust is the randomness?” IEEE, 2017.
• D. H. Aristizabal, D. M. Rodriguez, and R. Y. Guevara, “Measuring ASLR implementations on modern operating systems,” in 2013 47th International Carnahan Conference on Security Technology (ICCST), IEEE, 2013, pp. 1–6.
• R. Hund, C. Willems, and T. Holz, “Practical timing side channel attacks against kernel space ASLR,” in 2013 IEEE Symposium on Security and Privacy, IEEE, 2013, pp. 191–205.
• K. Lu, C. Song, B. Lee, S. P. Chung, T. Kim, and W. Lee, “ASLR-Guard: Stopping address space leakage for code reuse attacks,” in Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015, pp. 280–291.
• C. Miller, “Mobile attacks and defense,” IEEE Security & Privacy, vol. 9, no. 4, pp. 68–70, 2011.
• S. Liebergeld and M. Lange, “Android security, pitfalls and lessons learned,” in Information Sciences and Systems 2013: Proceedings of the 28th International Symposium on Computer and Information Sciences, Springer, 2013, pp. 409–417.
• D. Gruss, C. Maurice, A. Fogh, M. Lipp, and S. Mangard, “Prefetch side channel attacks: Bypassing SMAP and kernel ASLR,” in Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016, pp. 368–379.
• Microsoft Corporation, “High-Entropy VA / Support for 64-bit ASLR,” 2025. link
• R. V. Díaz, M. Rivera-Dourado, R. Pérez-Jove, P. V. Avendaño, and J. M. Vázquez-Naya, “Address space layout randomization comparative analysis on Windows 10 and Ubuntu 18.04 LTS,” Engineering Proceedings, vol. 7, no. 1, p. 26, 2021.
• Nergal, “The advanced return-into-lib(c) exploits: PaX case study,” Phrack Magazine, vol. 58, Dec. 2001.
• T. Durden, “Bypassing PaX ASLR protection,” Phrack Magazine, vol. 11, issue 59, Jul. 2002, Phile #0x09 of 0x12.
• M. A. Butt, Z. Ajmal, Z. I. Khan, M. Idrees, and Y. Javed, “An in-depth survey of bypassing buffer overflow mitigation techniques,” Applied Sciences, vol. 12, no. 13, p. 6702, 2022.
• X. Zhang, J. Huang, and Y. Feng, “A comprehensive approach to mitigate return-oriented programming attacks: Combining operating system protection mechanisms and hardware-assisted techniques,” in Proc. IEEE 8th Int. Conf. on Software Engineering and Computer Systems (ICSECS), 2023, pp. 453–458.
• R. Roemer, E. Buchanan, H. Shacham, and S. Savage, “Return-oriented programming: Systems, languages, and applications,” ACM Transactions on Information and System Security (TISSEC), vol. 15, no. 1, pp. 1–34, 2012.
• D. Dai Zovi, “Practical return-oriented programming,” Source Boston, 2010.
• M. Prandini and M. Ramilli, “Return-oriented programming,” IEEE Security & Privacy, vol. 10, no. 6, pp. 84–87, 2012.
• V. Pappas, “KBouncer: Efficient and transparent ROP mitigation,” vol. 1, pp. 1–2, Apr. 2012.
• E. Göktas, B. Kollenda, P. Koppe, E. Bosman, G. Portokalidis, T. Holz, H. Bos, and C. Giuffrida, “Position-independent code reuse: On the effectiveness of ASLR in the absence of information disclosure,” in IEEE European Symposium on Security and Privacy (EuroS&P), IEEE, 2018, pp. 227–242.

Dr. Bramwell Brizendine has a Ph.D. in Cyber Operations and is the Director of the VERONA Lab. Bramwell has regularly spoken at DEFCON and presented at all regional editions of Black Hat (USA, Europe, Asia, MEA), as well as at Hack in the Box Amsterdam and Wild West Hackin’ Fest. Bramwell received a $300,000 NSA research grant to create the SHAREM shellcode analysis framework, which brings unprecedented capabilities to shellcode analysis. He has additionally authored ShellWasp, which facilitates using Windows syscalls in shellcode, as well as two code-reuse attack frameworks, ROP ROCKET and JOP ROCKET. Bramwell has previously taught undergraduate, master’s, and Ph.D. courses on software exploitation, reverse engineering, offensive security, and malware analysis. He currently teaches cybersecurity courses at the University of Alabama in Huntsville.

For over 10 years, I’ve operated at every level of darknet markets – from carding forums to multi-million dollar platforms. This is the unfiltered reality they don’t teach you:

• The evolution of scams: From simple carding to sophisticated exit strategies that still work today
• Infrastructure insights: How markets really operate behind the scenes (and why they always collapse)
• Psychological warfare: How one forged document can destroy a marketplace overnight
• The Christmas Massacre: An inside look at the 45-minute market implosion that changed everything
• DEF CON’s darknet challenge: What really happened that year

I’ll share never-before-seen screenshots, chat logs, and operational details that reveal why no market lasts forever. Whether you’re a researcher, journalist, or just curious – this is the uncensored history of the darknet’s most infamous moments.

References:

• Wired — “The Most Dangerous People on the Internet”
• Darknet Diaries Podcast — Episodes on Youtube
• Dread Forum Archives — Market complaints, phishing post-mortems
• PGP-Verified Statements — Active market admins & Dread staff
• DEF CON 30 Darknet Contest Reports — Post-event analysis
• Chainalysis Crypto Crime Reports — Wallet manipulation trends

godman666 has operated in the darknet’s criminal underbelly for over a decade. Starting with carding at 16, he moved to spam operations before rising through Silk Road and Tor carding forums. He built phishing empires, sold hacking tools, and ran infrastructure for major markets—including engineering the darknet’s largest phishing operation after a fallout with Empire Market’s staff. A backend role at a top market later ended in financial sabotage (ask about Christmas 2019). Recognized in Wired’s “The Most Dangerous People on the Internet” (2022), he shifted to offshore legal warfare takedown arbitrage, Wikipedia edits, and creative compliance. DEF CON’s Darknet Market Contest? Sabotaged by a hangover.

When Liberty Safe was found to have provided safe unlock codes to authorities, it made us wonder; how was it even possible for Liberty to do this? Our talk will cover the vulnerabilities we found and journey into the various families of locks made by SecuRam, the OEM of safe locks used by Liberty Safe and other Safe vendors. Our exploration began with an “analog” lock from Liberty Safe but quickly expanded to SecuRam’s “digital” lock lines, where we found a debug port that allowed access to all firmware and data. Through this, we discovered that codes are stored on the externally accessible keypad, rather than securely inside the safe (as well as other issues). These locks, deployed widely in consumer, and commercial safes at major retail chains exhibit vulnerabilities that enable opening them in seconds with a Raspberry Pi. We invite you to our session to see us crack UL-certified High-Security Electronic Locks live!

References:

• Liberty Safe providing safe codes to LE link
  • fail0verflow blog on RL78/G13 dumping link
  • Past DEF CON talks on e-locks:
  • DEF CON 23 (2015) – Hacking Smart Safes – On the Brink of a Robbery – First talk about hacking into electronic safes
  • DEF CON 24 – Plore – Side channel attacks on high security electronic safe locks – First talk about attacks on very basic consumer electronic locks
  • Work done by Somerset Recon on the BLE version of Securam Lock (B01) link

See our slides for detailed citations.

Mark Omo is a professional security researcher and engineer, but mostly a fearless leader, a job which he definitely loves way more than actually hacking things. Mark has a background in Consumer and Medical and Aerospace products. He spends his days making PowerPoints and his nights hacking away on embedded hardware.

James Rowley is a professional security researcher and engineer who loves that job so much he does it in most of his free time too. Aside from cracking electronic safe locks, he has years of experience working on embedded security, and helping build better products there; he has presented on those topics at Hardwear.io in the past. He has been hacking and making things since childhood, eventually making it a career. Born, raised, and still living in the Southwest US, he loves exploring and photographing that desert environ almost as much as tearing down products.

A long time ago, browsers were wrappers for HTTP web requests and little else. The modern browser, however, is crammed with so many features that it is practically an operating system. This talk will demonstrate how to (ab)use years of legacy features along with recent additions to Google Chrome to mimic the capabilities of a conventional C2 implant while evading traditional endpoint protection.

We will introduce our new open-source framework “ChromeAlone” which implements features such as proxying raw TCP traffic, phishing for Yubikey USB codes, dumping cookies and credentials, keylogging browser windows, and executing shell commands from Chrome. Our implementation leverages Chrome’s built-in features, sideloads malicious components without user interaction, and obfuscates code using WebAssembly to evade detection. This research exposes significant security implications of Chrome’s expanding feature set and the challenges of securing modern browsers against abuse.

References:

• link – Matthew Bryant’s WONDERFUL public PoC of a malicious chrome extension for cookie theft / session riding.
• link – Sneaky Extensions: The MV3 Escape Artists – A presentation from last year’s DEFCON detailing how to evade manifest v3 protections in Chrome Extensions.

Michael Weber is a member of the Praetorian Security Labs team where he creates tools to help his fellow consultants not stay up until 2am hunting for material risks. He specializes in chrome shenanigans, malware development, vulnerability research, and online poker datamining.

Over the past few months, we’ve thrown Claude into the digital trenches of multiple cybersecurity competitions—from defending vulnerable networks at CCDC to cracking challenges in PicoCTF and HackTheBox. In this talk, I’ll take you through our journey deploying an AI assistant against human red teams and live CTF challenges. I’ll show you Claude’s unexpected wins (landing in the top 3% globally in PicoCTF and successfully fending off red team attacks at CCDC) alongside its entertaining fails (devolving into security philosophy when overwhelmed, making up flags for PlaidCTF when stuck).

Drawing on these results, I’ll break down the technical challenges we conquered, from building specialized tooling harnesses to keeping Claude coherent during 16+ hour competitions. This presentation will demonstrate how competitive environments reveal both the impressive capabilities and amusing limitations of today’s AI systems when operating in adversarial scenarios. Join me to see what happens when an assistant trained to be helpful gets dropped into the dynamic world of CTFs and defense competitions—and what this teaches us about AI’s true potential in cybersecurity.

References:

• PicoCTF 2025
• Hack The Box
• Western Regional Collegiate Cyber Defense Competition
• Palisade Research

Keane is a researcher on Anthropic’s Frontier Red Team focused on stress-testing AI model cybersecurity capabilities. Before joining Anthropic, Keane served as a Cyberspace Operations Officer in the US Air Force and earned his PhD at Carnegie Mellon, where his research focused on applying machine learning to malware detection.

Apache Kafka is an open-source distributed event streaming platform. At the heart of Kafka lies the Broker, which acts as the central server node in a Kafka cluster. Brokers are responsible for storing streams of data and managing the flow of messages between producers and consumers. The Kafka Server we often refer to is essentially the Kafka Broker.

While Kafka’s main system handles data streams well, its real strength comes from its growing ecosystem. The components in the ecosystem greatly expands its abilities: Confluent ksqlDB transforms raw streams into queryable tables for real-time analytics; Schema Registry standardizes data formats across microservices, and so on.

However, behind the rich components lie hidden security threats. Prior research has revealed Remote Code Execution (RCE) vulnerabilities in Kafka Client, yet notably absent were any exploitable RCE vulnerabilities in the Kafka Server — until now. In this work, we present the first-ever RCE vulnerability affecting Kafka Server itself. At the same time, we also used similar techniques to attack other components in the Kafka ecosystem. And these vulnerabilities can also affect the cloud service providers themselves. What’s more, Since Kafka users remain unaware of this risk, thousands of Kafka servers are now exposed to this RCE vulnerability.

Ji’an Zhou is a Security Engineer in Alibaba Cloud. He is focusing on Java security and cloud native security and his work helped many high-profile vendors improve their products’ security, including Google, Amazon, Cloudera, IBM, Microsoft, Oracle. He has previously spoken at Black Hat , Zer0Con, Off-by-One Con.

Ying Zhu is a Security Engineer in Alibaba Cloud. He is interested in Web application security, especially Java application security. He has reported many critical vulnerabilities to Amazon, Apache, Cloudera, Microsoft, etc.

Ziyang Li is a Security Engineer in Alibaba Cloud. He is focused on Java security and security products. He has reported many critical vulnerabilities to Amazon, Apache, Cloudera, Microsoft, etc.

FIDO2 is the de-facto standard for passwordless and 2FA authentication. FIDO2 relies on the Client-to-Authenticator Protocol (CTAP) to secure communications between clients (e.g., web browsers) and authenticators (e.g., USB dongles). In this talk, we perform a security assessment of CTAP and its Authenticator API. This API is a critical protocol-level attack surface that handles credentials and authenticator settings.

We investigate the standard FIDO2 setup (credentials stored by the relying party) and the most secure setup, where credentials are stored on the authenticator, protected from data breaches. We find that FIDO2 security mechanisms still rely on phishable mechanisms (i.e., PIN) and unclear security boundaries (e.g., trusting unauthenticated clients).

We introduce eleven CTRAPS attacks grouped into two novel classes: Client Impersonation and API Confusion. These attacks exploit CTAP vulnerabilities to wipe credentials, perform unauthorized factory resets, and track users. Our open-source toolkit implements the attacks on two Android apps, an Electron app, and a Proxmark3 script, supporting the USB HID and NFC transports. In our demos, we show how to use our CTRAPS toolkit to exploit popular authenticators, like YubiKeys, and relying parties, like Microsoft and Apple.

References:

• Casagrande, Marco and Antonioli, Daniele. CTRAPS: CTAP Client Impersonation and API Confusion on FIDO2. link, 2024.
• Ninja Lab. A Side Journey to Titan. link, 2024.
• Victor Lomne. An Overview Of The Security Of Some Hardware FIDO(2) Tokens. link, HardWear.io NL, 2022.
• Christiaan Brand. Advisory: Security Issue with Bluetooth Low Energy (BLE) Titan Security Keys. link, 2019.
• Jingjing Guan, Hui Li, Haisong Ye, and Ziming Zhao. A Formal Analysis of the FIDO2 Protocols. In European Symposium on Research in Computer Security (ESORICS), pages 3–21, 2022.
• Manuel Barbosa, André Cirne, and Luís Esquível. Rogue key and impersonation attacks on FIDO2: From theory to practice. In Proceedings of the 18th International Conference on Availability, Reliability and Security. Association for Computing Machinery, 2023.
• Ahmed Tanvir Mahdad, Mohammed Jubur, and Nitesh Saxena. Breaching Security Keys without Root: FIDO2 Deception Attacks via Overlays exploiting Limited Display Authenticators. In Proceedings of the ACM conference on computer and communications security (CCS), 2024.

Marco Casagrande is a postdoctoral researcher in cybersecurity at the KTH Royal Institute of Technology (Sweden). He specializes in the security of real-world smart devices, including fitness trackers, FIDO authenticators, and electric scooters.

Daniele Antonioli is an Assistant Professor at EURECOM in the software and system security (S3) group. He researches and teaches applied system security and privacy, with an emphasis on wireless communication, such as Bluetooth and Wi-Fi, embedded systems, such as cars and fitness trackers, mobile systems, such as smartphones, and cyber-physical systems, such as industrial control systems.

One year after launch, the DEF CON Franklin returns to the Mainstage with partners from the Cyber Resilience Corps with updates on their mission to empower local communities through cyber volunteering and grassroots defense. We’ll share key lessons learned from running on-the-ground volunteering programs and future plans for scaling civic cyber defense by joining forces. From helping small towns respond to ransomware to building rapid-response volunteer teams, this talk will highlight how hackers and technologists are stepping up to protect the public good—one community at a time.

References:

• link
• link
• link
• link
• link
• link
• link
• link
• link

Sarah Powazek is the Program Director of Public Interest Cybersecurity at the UC Berkeley Center for Long-Term Cybersecurity (CLTC), where she leads flagship research on defending low-resource organizations like nonprofits, municipalities, and schools from cyber attacks. She serves as Co-Chair of the Cyber Resilience Corps and is also Senior Advisor for the Consortium of Cybersecurity Clinics, advocating for the expansion of clinical cyber education around the world. Sarah hosts the Cyber Civil Defense Summit, an annual mission-based gathering of cyber defenders to protect the nation’s most vulnerable public infrastructure. Sarah previously worked at CrowdStrike Strategic Advisory Services, and as the Program Manager of the Ransomware Task Force. In her free time, she serves as Deputy Director of DistrictCon, a hacker conference based in D.C.

Jake Braun is the Executive Director of the Cyber Policy Initiative at the University of Chicago Harris School of Public Policy and Co-Founder of Cambridge Global Advisors, a national security consulting firm. He most recently served in The White House as acting Principal Deputy National Cyber Director. Prior to that role, Mr. Braun was appointed by The President as Senior Counselor to the Secretary of the Department of Homeland Security. Mr. Braun is the author of Democracy in Danger: How Hackers and Activists Exposed Fatal Flaws in the Election System (Rowman & Littlefield, 2019).

In addition to his role at the University of Chicago, Mr. Braun co-founded the DEF CON Voting Machine Hacking Village. In that capacity he co-authored two award-winning reports on the cyber security of our election infrastructure: the DEF CON 25 and 26 Voting Village Reports. Most recently, he partnered with DEF CON to launch “Franklin,” a program to memorialize the most innovative and impactful findings from DEF CON in the annual “Hackers’ Almanack.” “Franklin” also recruits cyber volunteers to support underresourced critical infrastructure.

Adrien spent his career in various cyber crisis response roles in Thales, the French and European Cybersecurity Agencies (ANSSI and ENISA), and the World Economic Forum. At the Institute, he oversees the provision of cybersecurity assistance to vulnerable populations. Adrien holds an MEng in telecommunication and information systems, an MSc in Global Security and has an MBA.

DEF CON Groups Dept 2nd Lead

Nikita works to ensure DEF CON runs as smoothly as one can expect from a hacker convention. In addition to planning a vast array of details prior to DEF CON and thwarting issues while onsite, she has retired from being the Director of Content for the CFP Review Board.

Nikita is not on the social mediaz.

Nicole Schwartz (a.k.a. CircuitSwan) speaks about Information Security, DevSecOps, Software Supply Chain Security, Agile, Diversity & Inclusion, and Women in Technology. She is the Senior Security Product Manager at ActiveState, the Chair of the Board for the Diana Initiative 501(c)3, Director of BSides Edmonton Information Security Foundation, and an organizer of SkyTalks village at BSidesLV.

Nina Alli is a cybersecurity and regulatory strategist whose work bridges medical technology, public policy, and grassroots security research. She has been the Executive Director of the Biohacking Village for the past decade—a pioneering community that explores the intersection of healthcare and cybersecurity through hands-on engagement, open collaboration, and public education.

With over 16 years of experience across biotechnology, biomedical engineering, and security, Nina has focused on modernizing legacy systems in healthcare, enhancing infrastructure, and improving the integration of electronic health records. Her work brings a systems-thinking approach to regulatory cybersecurity, particularly in high-stakes environments where patient care, clinical workflows, and connected devices intersect.

She emphasizes cross-sector collaboration, the advancement of responsible innovation, and building public trust in medical technologies—especially where vulnerabilities in connected systems can have human consequences. Through years of involvement in hacker spaces such as DEF CON, she has worked to bridge the cultural and technical gaps between healthcare institutions and security researchers.

Modern software protectors increasingly rely on complex, often nested, virtualization techniques (VMProtect, Themida, custom solutions) which significantly hinder static and dynamic analysis. This talk introduces DragonSlayer, an automated framework combining symbolic execution with fine-grained dynamic taint tracking to systematically lift obfuscated bytecode from these protectors. Our approach precisely identifies VM handlers, recovers original instruction semantics, automatically unpacks multiple virtualization layers, and reconstructs analyzable representations of protected code. We demonstrate DragonSlayer’s effectiveness against the latest commercial VM protectors and custom obfuscation solutions, significantly reducing analysis time from weeks to hours. This presentation includes technical deep-dives into our methodology, real-world case studies, and a demonstration of our tooling that helps reverse engineers slay the virtualization dragon.

References:

1. Blazytko, T., Contag, M., Aschermann, C., & Holz, T. (2017). Syntia: Synthesizing the semantics of obfuscated code. In 26th USENIX Security Symposium.
2. Yadegari, B., Johannesmeyer, B., Whitely, B., & Debray, S. (2015). A Generic Approach to Automatic Deobfuscation of Executable Code. In IEEE Symposium on Security and Privacy.
3. Ming, J., Xu, D., & Wu, D. (2017). VMHunt: A Verifiable Approach to Partially-Virtualized Binary Code Simplification. In ACM Conference on Computer and Communications Security (CCS).
4. Rolf, R., Luk, C.-K., & Debray, S. (2008). Symbolic/Concrete Execution to Find Bugs in Binary Programs. In IEEE/ACM International Conference on Automated Software Engineering.
5. Coogan, K., Lu, G., & Debray, S. (2011). Deobfuscation of Virtualization-Obfuscated Software. In ACM Conference on Computer and Communications Security (CCS).
6. Kinder, J. (2012). Towards Static Analysis of Virtualization-Obfuscated Binaries. In Working Conference on Reverse Engineering (WCRE).

Dr. Agostino “van1sh” Panico is a seasoned offensive security expert with over 15 years of experience specializing in advanced red teaming, exploit development, product security testing, and deception tactics. He is one of the few hundred globally to hold the prestigious GSE (GIAC Security Expert) certification. Driven by a passion for uncovering vulnerabilities, Agostino actively contributes to the security community as an organizer for BSides Italy, fostering collaboration and innovation.

The LaunchAnywhere vulnerability has long been a significant concern in Android security, allowing unprivileged applications to invoke protected activities, even with system-level privileges, and have been actively exploited in the wild in the past.

In response, Google and device vendors have implemented patches, primarily by introducing destination component checks within privileged code before launching Intents. These fixes appeared to have mitigated such risks—at least on the surface. But has the threat truly been eliminated?

In this session, we demonstrate that these defenses remain insufficient. We introduce a new exploitation technique, BadResolve, which bypasses these checks through multiple methods, enabling a zero-permission app to achieve LaunchAnywhere once again. We reveal high-severity vulnerabilities that affect all Android versions, including the latest Android 16 (at time of writing), which have been confirmed and patched by Google. Dead, made alive again— we show how the LaunchAnywhere vulnerability has been reborn. In addition to presenting new exploitation techniques, we tackle the challenge of efficiently and accurately identifying methods in the vast codebases of AOSP and vendor-specific closed-source implementations that could be exploited by BadResolve, using LLM Agents and MCP.

References:

• link
• link

Qidan He (a.k.a Edward Flanker, CISSP) is the winner of multiple Pwn2Own championships and Pwnie Award. He is now the Director & Chief Security Researcher at Dawn Security Lab, JD.com. He has spoken at conferences like Black Hat, DEFCON, RECON, CanSecWest, MOSEC, HITB, PoC, etc. He is also the committee and judge of GeekPwn&GeekCon.

Mr. Moss is an internet security expert and is the founder of Both the Black Hat Briefings and DEF CON Hacking conferences.

Learn how to build a state-of-the-art quantum sensor, no physics PhD necessary!

Quantum Technology may sound like a faraway ultra-neon cyber fever dream, and in the case of quantum computing it may be some time before we’re swapping QPUs on our laptops… But Quantum Sensing is here, and we felt the time was about right to break open this technology for all.

We designed and are releasing the first ever fully open source, hackable quantum sensor. Utilising common off the shelf parts, and a sample of Nitrogen-Vacancy Centre Diamond, we will be able to measure magnetic fields with light. We will show you how to build your own device, what tech is required, and how to get a signal from the diamond. We’ll discuss some of the use cases of these sensors, from medtech to defeating GPS jamming. Then we’ll show you how to hack with it, taking the first steps to using these sensors to infer the behaviour of a chip via magnetometry. #QuantumHackers

This talk is the main demonstration of this year’s Quantum Village Badge – an actual quantum sensor released for the International Year of Quantum. Whilst others will make you think that you need advanced degrees and an expensive lab, we’ll be building quantum sensors in our garages and pushing the limits of this brand new technology; Access All Atoms!

References:

• ChipWhisperer H-Field Probe: link
• Stegemann et al. – Modular low-cost 3D printed setup for experiments with NV centers in diamond – link
• Introduction to Quantum Sensing for HS students from Quantum Journal – link

Mark is a mathematician and Quantum Hacker. Working at the bleeding edge of technology for two decades, he- a has presented on an array of topics stemming from his work on quantum information, machine learning, cryptography and cybersecurity data science. He has presented at major conferences around the world and his work was recently nominated for Innovation of the Year at the SANS Difference Makers Awards. Mark co-founded Quantum Village.

Victoria has been hacking her way through tech over the years, making her first software tool aged 8. Victoria has a background in product design, has paid her dues in finance, has run startups using machine learning for cybersecurity & malware analysis and was an Entrepreneurial Lead on the NSF I-Corps Program. She studied art and design at Central Saint Martins and co-founded Quantum Village.

DMA vulnerabilities aren’t new – but they don’t seem to have gone anywhere. In the time software attacks have gone from a single bug to a multi-stage exploit chain, DMA attacks have gone from slipping some hardware into an internal slot of a computer to… plugging in an external device?

Despite decades of attacks, tooling, and even mitigations, most systems are still wide open to these attacks because of their perceived difficulty, poor system configuration, and lack of effective testing mechanisms.

Epic Erebus is a new tool that tries to address these issues. It’s small, portable, and easy to use. It can slip through most systems unless the hardware, bios, and operating system are properly configured (a rarity). Finally, it’s an entirely open PCIe implementation that gives you full control over Transaction Layer Packets – allowing you to reverse engineer the PCIe Bus and the DMA mitigations in place (Get it? RE-Bus… Erebus!)

You should come away understanding what erebus is capable of, the basics of how to use it, and what to look out for when properly implementing DMA attack mitigations.

References:

• link
• winlockpwn, Adam Boileau
• Thunderbolts and Lightning: Very Very Frightening, link
• link
• link
• link
• link
• link
• link

Joe FitzPatrick (@securelyfitz) is a Trainer and Researcher at SecuringHardware.com (@securinghw). Joe has spent most of his career working on low-level silicon debug, security validation, and penetration testing of CPUs, SoCs, and microcontrollers. He has spent decades developing and delivering hardware security related tools and training, instructing hundreds of security researchers, pen testers, and hardware validators worldwide. When not teaching Applied Physical Attacks training, Joe is busy developing new course content or working on contributions to the NSA Playset and other misdirected hardware projects, which he regularly presents at all sorts of fun conferences.

Grace Parrish (@BaelfireNightshd@infosec.exchange) is in her final year of a cybersecurity degree at Oregon State University. Grace has spent much of her career working with industrial control systems but has also dabbled in electrical engineering, FPGAs, microcontrollers, and a quick decade as a board level repair technician. In her spare time as a student, she has served as the team captain for a pentesting competition, has written custom Binary Ninja plugins, and has helped deliver hardware security training at Black Hat. Grace is looking forward to working in the offensive security space once she completes her degree.

Network Attached Storage (NAS) devices are indispensable in many corporate and home environments. These devices often live on the network edge, providing convenient remote access to confidential files and internal networks from the public internet. What happens when this goes terribly wrong?

In this presentation, I’ll discuss how I developed a zero-day exploit targeting dozens of Synology NAS products. At the time of discovery, the exploit facilitated unauthenticated root-level remote code execution on millions of NAS devices in the default configuration. My exploitation strategy centered around smuggling different types of delimiters that targeted multiple software components.

In the past, exploitation of the vulnerability’s bug class demanded additional primitives that weren’t available on my targets. While searching for alternative paths, I discovered a novel remote Linux exploitation technique. I’ll be presenting this technique, which can be used in other researchers’ exploit chains in the future. For the first time in public, I’ll also be discussing the details of my Synology vulnerability research, which won a $40,000 prize at the October 2024 Pwn2Own competition.

References:

I referenced these previous Synology offensive publications during my research:

• link
• link

Ryan Emmons is a Security Researcher on the Emergent Threat Response team at Rapid7. His work centers around n-day analysis of new vulnerabilities and zero-day research, primarily focused on network edge devices. Ryan enjoys attacking hardened targets and finding interesting bugs. He has disclosed vulnerabilities to major vendors like Oracle and Microsoft, and he recently competed at the 2024 Pwn2Own Ireland competition, where he won a $40,000 prize. In addition to vulnerability research, Ryan likes to participate in CTF competitions and compose music.

Eventually, a security researcher connects all dots and finds the source: compromised, abandoned AWS S3 buckets. The risk that researchers warned in the past materialized on a truly gigantic scale, 5155 buckets were affected.

Luckily, this incident has never happened. The buckets used in that hypothetical scenario were claimed by a security researcher and taken down by the Cloud provider.

In this talk, we will dissect the anatomy of such an attack. We will show that adversaries equipped with instruments of big data analysis and custom LLM-agents can take these scenarios to the next level by automating and scaling them. We will share statistical insights and 9 concrete stories illustrating potential victim profiles and attack vectors. Finally, we will discuss remediation actions that would eliminate the risk once and for all.

References:

1. link
2. link
3. link
4. link
5. link
6. link
7. link
8. link
9. link
10. link
11. link
12. link
13. link
14. link
15. link
16. link
17. link
18. link
19. link
20. link

Maksim is an offensive security researcher and engineer with more than a decade of experience in red teaming, malware analysis, and exploit development complemented by a PhD in machine code vulnerability detection. He loves searching for complex large-scale issues in modern technologies and outlining their impact.

Maksim is an author of open-source tools for scanning cloud infrastructure, fuzzing, and dynamic malware analysis which he presented at various conferences such as DEF CON, VirusBulletin, and BlackHat Arsenal.

We will present a higher-level “rehosting” approach to the emulation of embedded Linux systems.

While most existing embedded Linux emulation frameworks work in userspace, we try not to touch userspace or modify a firmware image at all. Instead, we take a higher-level and somewhat “hybrid” approach, which involves building patched Linux kernels and using modified or custom QEMU machines. We do this to model the terrain of a system as closely as possible to that which a userspace firmware image expects, allowing userspace to run essentially unimpeded.

This approach involves a considerable amount of reverse-engineering of userspace binaries and libraries, alongside poring over whatever GPL code we can find, in order to write kernel patches, dummy drivers and make QEMU changes “reactively”. Our goal is to end up with a rehosting environment which, from the perspective of userspace, looks almost exactly like the real system.

References:

All the following provided inspiration, although our methodology is different: – Firmguide – Firmadyne – EMUX – Jetset

Sigusr Polke is the single-use pseudonym of a security researcher, who’s spent a lot of time poking at embedded systems over the years.

Google’s Privacy Sandbox initiative aims to provide privacy-preserving alternatives to third-party cookies by introducing new web APIs. This talk will examine potential client-side deanonymization attacks that can compromise user privacy by exploiting vulnerabilities and misconfigurations within these APIs.

I will explore the Attribution Reporting API, detailing how debugging reports can bypass privacy mechanisms like Referrer-Policy, potentially exposing sensitive user information. I will also explain how destination hijacking, in conjunction with a side-channel attack using storage limit oracles, can be used to reconstruct browsing history, demonstrating a more complex deanonymization technique.

Additionally, I will cover vulnerabilities in the Shared Storage API, illustrating how insecure cross-site worklet code can leak data stored within Shared Storage, despite the API being deliberately designed to prevent direct data access. Real-world examples and potential attack scenarios will be discussed to highlight the practical implications of these vulnerabilities.

References:

• link

Eugene Lim is a security researcher and white hat hacker. From Amazon to Zoom, he has helped secure applications from a range of vulnerabilities. His work has been featured at top conferences such as Black Hat, DEF CON, and industry publications like WIRED and The Register.

Mr. Moss is an internet security expert and is the founder of Both the Black Hat Briefings and DEF CON Hacking conferences.

General Paul M. Nakasone, a retired U.S. Army four-star general, serves as the Founding Director of Vanderbilt University’s Institute of National Security.

From 2018 to 2024, General Nakasone led U.S. Cyber Command and the National Security Agency, overseeing national cyber defense and global signals intelligence operations. A career military leader with more than three decades of experience, he has commanded at all levels, with deployments to Iraq and Afghanistan, and has held key intelligence and joint staff roles.

A recognized authority on cyber operations and national security, General Nakasone continues to advance dialogue and research on emerging global security challenges, inspiring innovation and leadership in this critical field.

For more than five years, firewall vendors have been under persistent, cyclical struggle against a well-resourced and relentless China-based adversary that has expended considerable resources developing custom exploits and bespoke malware expressly for the purpose of compromising enterprise firewalls in customer environments. In this first-of-its-kind presentation, Andrew Brandt will walk attendees through the complete history of the campaign, detailing the full scope of attacks and the countermeasures one firewall vendor developed to derail the threat actors, including detail into the exploits targeting specific firewalls, and malware deployed inside the firewalls as a result of these attacks.

Fundamental to this presentation is the fact that the adversary behind this campaign has not targeted only one firewall vendor: Most of the large network security providers in the industry have been targeted multiple times, using many of the same tactics and tools. So this serves not merely as a warning to the entire security industry, but as an urgent call to the companies that make up this industry to collectively combat this ongoing problem. Because at the end of the day, we all face the same threat, and we cannot hope to withstand the tempo and volume of these attacks alone. We must work together.

References:

• link

Andrew Brandt is a former investigative journalist who switched careers to work in information security in 2007. He is an experienced malware analyst, network forensicator, and cyberattack untangler, who seeks to prevent cybercriminals from being able to victimize others. He has served as the director of threat research or as a principal researcher at several large cybersecurity companies, and currently serves on the board of World Cyber Health, the parent organization that operates the Malware Village at Defcon and other conferences. As the executive director of Elect More Hackers, he is active in cybersecurity and technology policy, and seeks to recruit likeminded folks to run for elected office. He lives in Boulder, Colorado.

Ship-to-shore cranes manufactured in China have faced increased scrutiny from the United States Congress in the past year due to concerns about potential supply chain vulnerabilities, pricing practices, and the global dependence on these critical infrastructure components produced by Chinese state-owned companies.

Coast Guard Cyber Protection Teams (CPTs) have been the US government’s primary resource doing technical cybersecurity work on these cranes – to include assessment, threat hunting, and incident response operations. This talk discusses findings and recommendations from over 11 crane missions conducted by US Coast Guard CPTs, to include the existence of surprise cellular modems and potential attack paths.

References:

• Joint Investigation into CCP-Backed Company Supplying Cranes to U.S. Ports Reveals Shocking Findings: link
• Investigation by Select Committee on the CCP, House Homeland Finds Potential Threats to U.S. Port Infrastructure Security from China: link

Lieutenant Commander Kenny Miltenberger currently serves as the first Commanding Officer of the 2003 Cyber Protection Team (CPT) in Alameda, CA. He is responsible for protecting the nation’s Marine Transportation System in cyberspace by conducting hunt, assess, and incident response operations. His team is the Coast Guard’s newest CPT and the only CPT geographically detached from Coast Guard Cyber Command (CGCYBER).

Kenny recently completed an assignment where he founded the Coast Guard’s Red Team and ran the Coast Guard’s Blue Team (cooperative assessments). During that tour he founded CGCYBER’s educational phishing capability, led cyber Opposing Forces for a major multinational exercise, and oversaw over 100 Red and Blue Team missions during his tour. Other notable positions include his work as an engineer for the U.S. Navy’s Naval Sea Systems Command, where he was a developer on a shipboard cyber security platform.

Kenny has a BS in Electrical Engineering from the Coast Guard Academy and an MS Electrical Engineering from University of Maryland College Park.

Kenny has also worked as part-time faculty at University of Maryland, College Park, where he taught Binary Exploitation in their Cyber Masters Program. Industry certifications include OSCP, GXPN, GCPN, GREM, GPEN, GNFA, GCIH, GISP, and CISSP.

Lieutenant Commander (LCDR) Nick Fredericksen currently serves as the first Commanding Officer of the 1790 Cyber Protection Team (CPT) in Washington, DC. He is responsible for protecting the nation’s Marine Transportation System (MTS) in cyberspace by conducting assess, hunt, and incident response operations. The 1790 CPT is the Coast Guard’s first CPT, reaching full operational status in Spring 2021.

Nick’s previous assignment was Deputy of Coast Guard Cyber Command’s Maritime Cyber Readiness Branch. His primary duties included leading a team of marine safety professionals trained in cybersecurity and dedicated to raising the consistency, competency, and capabilities of cybersecurity in the MTS. This included cybersecurity incident investigations; studying the Techniques, Tactics, and Procedures of threat actors; and providing critical stakeholders awareness publications and information sharing.

Other notable assignments include conducting IT project management where he led the Coast Guard’s first service migration to a modernized, software-as-a-service managed solution.

Nick has a BS degree in Operations Research and Computer Analysis and an MS in Information Systems Management from Florida Institute of Technology.

His cybersecurity certifications include CISSP, GCIH, GICSP, GCFA, and GPEN.

Gaining initial access to an intranet is one of the most challenging parts of red teaming. If an attack chain is intercepted by an incident response team, the entire operation must be restarted. In this talk, we introduce a technique for gaining initial access to an intranet that does not involve phishing, exploiting public-facing applications, or having a valid account. Instead, we leverage the use of stateless tunnels, such as GRE and VxLAN, which are widely used by companies like Cloudflare and Amazon. This technique affects not only Cloudflare’s customers but also other companies.

Additionally, we will share evasion techniques that take advantage of company intranets that do not implement source IP filtering, preventing IR teams from intercepting the full attack chain. Red teamers could confidently perform password spraying within an internal network without worrying about losing a compromised foothold. Also, we will reveal a nightmare of VxLAN in Linux Kernel and RouterOS. This affects many companies, including ISPs. This feature is enabled by default and allows anyone to hijack the entire tunnel, granting intranet access, even if the VxLAN is configured on a private IP interface through an encrypted tunnel. What’s worse, RouterOS users cannot disable this feature. This problem can be triggered simply by following the basic VxLAN official tutorial. Furthermore, if the tunnel runs routing protocols like BGP or OSPF, it can lead to the hijacking of internal IPs, which could result in domain compromises. We will demonstrate the attack vectors that red teamers can exploit after hijacking a tunnel or compromising a router by manipulating the routing protocols.

Lastly, we will conclude the presentation by showing how companies can mitigate these vulnerabilities. Red teamers can use these techniques and tools to scan targets and access company intranets. This approach opens new avenues for further research.

References:

I have seen discussions about source IP address spoofing with stateless tunnels, similar to research on CVE-2020-10136 which uses IPIP tunnels. However, this research omits the possibility of using stateless tunnels for initial access. The PoC only provides methods to launch DoS attacks such as UDP flooding, TCP SYN attacks, and ARP spoofing, which do not require a response. Notably, there is no method to find a stateless tunnel in previous research, making real-world attacks impractical.

Shu Hao, Tung (123ojp), a Threat Researcher at Trend Micro, specializing in Red Teaming. He mainly focuses on web, networking, and infrastructure vulnerabilities. He owns an ASN and is a bug hunter who has reported high-risk vulnerabilities via Bugcrowd.

Imagine your home modem as a loaded gun aimed at global security. Our research exposes critical vulnerabilities in ISP-supplied modems—ADSL, fiber, cable, 5G—that inherently threaten power grids, water systems, and ATMs. Over 35 severe flaws have been identified, rooted in outdated IoT SDKs, affecting millions globally. These issues allow attackers to manipulate essential services without direct hijacking.

Despite the severity of these vulnerabilities, manufacturers and ISPs consistently refuse to address them, leaving these devices as perpetual threats. We provide essential tools for detection and defense against such negligence.

In this session, you’ll learn how to identify these inherent weaknesses that compromise infrastructures through device flaws. Gain practical skills in vulnerability hunting and crafting defenses, while navigating the landscape of responsible disclosure amidst industry inertia.

Join us to confront a crisis long ignored. When hackers exploit these systemic failures, it’s not just personal data at risk—it’s the stability of our world’s crucial infrastructure.

References:

• Peter Geissler & Steven Ketelaar – 2013 HITB AMS
• link
• Sam Curry 2024 – DEFCON
• link

Chiao-Lin Yu (Steven Meow) currently serves as a Senior Red Team Cyber Threat Researcher at Trend Micro Taiwan. He holds numerous professional certifications including OSCE³, OSEP, OSWE, OSED, OSCP, CRTP, CARTP, CESP-ADCS, LPT, CPENT, GCP ACE. Steven has previously presented at events such as HITCON Training 2025, Security BSides Tokyo 2023, and CYBERSEC 2024, 2025. He has disclosed 30+ CVE vulnerabilities in major companies like VMware, D-Link, and Zyxel. His expertise spans Red Team exercises, Web security, IoT security and Meow Meow security.

Red teams often struggle with interactive C2 in monitored networks. Low-and-slow channels are stealthy but insufficient for high-bandwidth tasks like SOCKS proxying, pivoting, or hidden VNC. Our research solves this by using real-time collaboration protocols—specifically, whitelisted media servers from services like Zoom—to create short-term, high-speed C2 channels that blend into normal enterprise traffic.

We introduce TURNt, an open-source tool that automates covert traffic routing via commonly trusted TURN servers. Since many enterprises whitelist these conferencing IPs and exempt them from TLS inspection, TURNt sessions look just like a legitimate Zoom meeting. Operators can maintain a persistent, stealthy channel while periodically activating higher-bandwidth interactivity for time-sensitive operations.

This talk will show how to set up these “ghost calls,” discuss the trade-offs and detection challenges, and explore defensive countermeasures. Attendees will learn how to integrate short-term, real-time C2 into existing red team workflows—and how to identify and mitigate this emerging threat.

References:

• Servers for WebRTC: It is not all Peer to Peer (Kranky Geek WebRTC Brazil 2016)
• Microsoft Teams Covert Channels Research

Adam Crosser is a Staff Security Engineer at Praetorian, specializing in offensive security research and tooling development. He began his career in red team operations, honing his skills in adversary simulation and advanced attack techniques. Now part of the Praetorian Labs team, Adam focuses on vulnerability research, exploit development, and building custom offensive security capabilities to support red team engagements—pushing the boundaries of adversary tradecraft.

Catastrophic hardware failures. From an aging I/O device to cosmic ray bit flips, memory degradation to CPU fires. When an unrecoverable hardware error is detected, the common platform response is to generate a Machine Check Exception, and shut down before the problem gets worse.

In this talk, we’ll see what happens when we circumvent all the traditional fail safes. What happens when, instead of exceptionally rare failures from natural causes, we deliberately create these fatal events from software. When instead of a platform shutdown, we force the system to limp along, damaged but alive. We’ll show how carefully injecting these signals during privileged CPU operations can disrupt secure transitions, how those disruptions progress to cascading system failures, and how to ride the chaos to gain hardware privilege escalation. Finally, we’ll see how to undo the damage, recover from the unrecoverable, and let the system continue as if nothing happened – now with a foothold in privileged space, all through hardware failure events synthesized through software-only attacks.

We’ll conclude by showing how to use this vector to reveal all-new hardware vulnerabilities, and walk through a brave new world of machine check research opportunities – for both attackers and defenders – across technologies and architectures.

Christopher Domas (@xoreaxeaxeax) is a security researcher primarily focused on firmware, hardware, and low level processor exploitation. He is best known for releasing impractical solutions to non-existent problems, including the world’s first single instruction C compiler (M/o/Vfuscator), toolchains for generating images in program control flow graphs (REpsych), and Turing-machines in the vi text editor. His more relevant work includes the sandsifter processor fuzzer, rosenbridge backdoor, the binary visualization tool ..cantor.dust.., and the memory sinkhole privilege escalation exploit.

Yaroslav Vasinskyi was sentenced in 2024 to 13 years in U.S. federal prison for his role in the $700M Kaseya ransomware attack. But behind the headlines lies a more human and complex story. Over the past year, threat researcher Jon DiMaggio built a relationship with Vasinskyi, speaking with him regularly by phone and email. Joining him is John Fokker, Head of Threat Intelligence at Trellix and former Dutch cybercrime investigator involved in operations targeting the REvil gang with global law enforcement.

This talk reveals how REvil operated from the inside, what really happened behind the Kaseya attack, and how ego, greed, and betrayal tore the crew apart. The session also provides new information on the group’s leadership, who vanished and remain at large.

This isn’t theory or speculation. It is raw human intelligence, operational insight, and criminal context behind one of the most devastating ransomware attacks in history. It also tells Vasinskyi’s personal journey, revealing the often overlooked human side of ransomware crime.

Coinciding with the next Ransomware Diaries release, this talk exposes the inner workings and unraveling of one of the most infamous ransomware groups of all time. This is not a glorification, it is a reckoning.

References:

• 60 min (full episode): 4/14/2024: Scattered Spider; Knife; Tasmanian Tiger – CBS News
• 60 Min Overtime: Infiltrating ransomware gangs on the dark web – CBS News
• Ransomware Diaries:
  • Ransomware Diaries: Volume 1 | Analyst1
  • Ransomware Diaries V. 2: A Ransomware Hacker Origin Story (analyst1.com)
  • Ransomware Diaries V. 3: LockBit’s Secrets (analyst1.com)
  • Ransomware Diaries Volume 5: Unmasking LockBit (analyst1.com)
  • Ransomware Diaries Volume 6: Lie to me. A Bassterlord Ransomware Story (Analyst1.com)

Jon DiMaggio is the Chief Security Strategist at Analyst1 and a cybercrime hunter who doesn’t just follow ransomware gangs, he infiltrates them. A former U.S. intelligence analyst with a background in signals intelligence, Jon has spent his career going deep undercover inside some of the world’s most dangerous cybercrime syndicates. In 2024, he embedded himself within the notorious LockBit ransomware gang, gathering intelligence that helped law enforcement take down one of the most prolific cybercriminal operations in history.

His investigative series The Ransomware Diaries exposed LockBit’s inner workings and earned widespread recognition. Jon is the author of The Art of Cyberwarfare (No Starch Press), a two-time SANS Difference Makers Award winner, has appeared on 60 Minutes, and has been featured in The New York Times, Wired, and Bloomberg. He is also a regular speaker at DEFCON, RSA, and other major security conferences. Whether he’s chasing cybercriminals or telling their stories, Jon brings the kind of firsthand insight you only get when you’ve walked into the lion’s den, and walked out.

As Head of Threat Intelligence at Trellix and former head of cyber investigations at the Dutch National High Tech Crime Unit, I bring deep technical knowledge and operational experience bridging law enforcement, intelligence, and private sector perspectives. My work has helped coordinate international takedowns of ransomware infrastructure, and I have direct experience investigating REvil and its affiliates at the height of their operations. My contribution complements Jon’s HUMINT narrative with:

• Technical validation of the behind-the-scenes activities discussed in the talk

• Law enforcement and intelligence insights on affiliate operations, infrastructure, and monetization patterns

• An investigative trail linking Revil and GandCrab, through shared TTPs and operational overlaps

Together, our presentation fuses Hacking, CTI, HUMINT and investigative storytelling with forensic rigor, revealing how trust, betrayal, and ego brought down one of the most feared ransomware gangs in the world.

Information stealer malware is one of the most prolific and damaging threats in today’s cybercrime landscape, siphoning off everything from browser-stored credentials to session tokens. In 2024 alone, we witnessed more than 30 million stealer logs traded on underground markets. Yet buried within these logs is a goldmine: screenshots captured at the precise moment of infection. Think of it as a thief taking a selfie mid-heist, unexpected but convenient for us, right? Surprisingly, these crime scene snapshots have been largely overlooked until now. Leveraging them with Large Language Models (LLMs), we propose a new approach to identify infection vectors, extract indicators of compromise (IoCs) and track infostealer campaigns at scale. In our analysis, we will break down three distinct campaigns to illustrate their tactics to deliver malware and deceive victims.

With its live demonstration, this presentation shows how LLMs can be harnessed to extract IoCs at scale while addressing the challenges and costs of implementation. Attendees will walk away with a deeper understanding of the modern infostealer ecosystem and will want to apply LLM to any illicit artifacts to extract actionable intelligence.

Olivier Bilodeau, a principal researcher at Flare, brings 15+ years of cutting-edge infosec expertise in honeypot operations, binary reverse-engineering, and RDP interception. Passionate communicator, Olivier spoke at conferences like BlackHat, DEFCON, SecTor, Derbycon, and more. Invested in his community, he co-organizes MontréHack, is NorthSec’s President, and runs its Hacker Jeopardy.

Estelle is a Threat Intelligence Researcher at Flare. With a background in Mathematics and Criminology, Estelle lost her way into cybercrime and is now playing with lines of code to help computers make sense of the cyber threat landscape. She presented at conferences like ShmooCon 2025, Hack.lu 2024, eCrime APWG 2024 in Boston and the 23rd Annual European Society of Criminology Conference (EUROCRIM 2023) in Florence.

This research examines security oversights in a range of modern 4G/5G routers used in small businesses, industrial IoT, and everyday mobile deployments. Several of these routers contain vulnerabilities reminiscent of older security flaws, such as weak default credentials, inadequate authentication checks, and command injection pathways. By reverse-engineering firmware and testing for insecure endpoints, it was possible to demonstrate remote code execution, arbitrary SMS sending, and other serious exploits affecting Tuoshi and KuWFi devices.

Through practical examples, including Burp Suite requests and Ghidra disassembly, the talk highlights how these weaknesses can grant attackers root access, allow fraudulent activity, or compromise entire networks. In each case, mitigation strategies and best practices—like robust authentication, regular firmware updates, and network segmentation—are emphasized. Ultimately, this presentation underscores the importance of continuous security scrutiny, even for modern hardware, and encourages the community to stay vigilant and collaborate in uncovering and addressing such pervasive vulnerabilities.

References:

• Grichter, “Reverse Engineering 4G Hotspots for Fun, Bugs & Net Financial Loss,” DEF CON 27 Presentation, 2019. link
• Gao Shupeng, Huang Zheng, Xie Haikou, Zhang Ye, “All the 4G Modules Could Be Hacked,” DEF CON 27 Presentation, 2019. link

Edward Warren is an Information Security Analyst and Independent Security Researcher specializing in IoT and mobile application security. Over the past few years he has discovered critical (CVSS) 0-day vulnerabilities. Edward also earned a Hall of Fame acknowledgement from the Google Play Security Reward Program (GPSRP) and attribution in numerous CVE publications. He has presented his work at conferences such as BSides and ShmooCon. When not tracking down digital bugs, Edward can be found hiking rugged trails or exploring the seas through his newfound fascination for scuba diving.

We’re going to explore how OBD-II emissions testing works and how you might go about convincing the scanner that everything is fine.

References:

• link
• link

Long-time tech nerd, car enthusiast, and hardware hacker

In this talk, we dive into a world of webcams that secretly run Linux. What started as a casual curiosity turned into a deep dive into embedded Linux systems, obscure supply chains, and alarming security oversights.

Along the way, we discovered how decisions made far upstream – by silicon vendors and OEMs – can introduce vulnerabilities that quietly ship in tens of thousands of devices.

This presentation explores the broader implications of insecure firmware, broken update mechanisms, and the surprising autonomy of devices many assume to be simple peripherals.

We share how we traced the tech stack from brand-name distributors back to little-known chipset manufacturers, and what that journey revealed about responsibility, transparency, and the risks of neglecting security at the hardware-software boundary.

Come for curiosity, stay for the demos and laughs.

Mickey has been involved in security research for over a decade, specializing in breaking down complex concepts and identifying security vulnerabilities in unusual places. His experience spans a variety of topics, which he has presented at security conferences worldwide. His talks have covered areas ranging from web penetration testing to the intricacies of BIOS firmware.

Jesse is an experienced security researcher focused on vulnerability detection and mitigation who has worked at all layers of modern computing environments from exploiting worldwide corporate network infrastructure down to hunting vulnerabilities inside processors at the hardware design level. His primary areas of expertise include reverse engineering embedded firmware and exploit development. He has also presented research at DEF CON, Black Hat, PacSec, Hackito Ergo Sum, Ekoparty, and BSides Portland.

Anticounterfeiting is an obscure and private world. Companies tightly hold their secrets and rely heavily on security through obscurity. But banknotes and government IDs aren’t the only targets of counterfeiting. Live events are increasingly targeted as ticket prices increase. The fast moving and dynamic nature of live events makes both counterfeiting and anticounterfeiting a more complex challenge. The limited time before the event ends is a key defense for event producers.

But with a basic mix of social engineering, arts and crafts, and keen observation most of these credentials can be defeated using DIY techniques. Even advanced measures like UV ink or holograms can be defeated or avoided with techniques you might have learned in art class. But while copying a credential seems easy enough, there are numerous mistakes that would-be counterfeiters make.

This talk will reveal 11 beginner mistakes to credential copying and how to avoid them. With physical examples of real historical credentials from NASA, NATO, the US Navy, the NFL, and more, this talk will leave you ready to fake a badge like a pro.

References:

• Anticounterfeiting Techniques & DIY replications:
  • Holograms – link
  • Watermarks – link
  • EURion constellation – link
  • NFC cloning
  • Ultraviolet Ink – link
  • Security threads – article, video
• Event Credentialing Standards:
  • Public Venue Credentialing – link
  • Public Venue Security Screening – link
  • The Event Safety Guide & ANSI ES1.40 – 2023 Event Safety – Event Security – link

With over two decades of experience in the event and information security industries, Russell Phillips is a leader in event access control. Russell coordinates all aspects of event access control technology and leads the Information Security team at SXSW, and has been instrumental to the operational success of one of the largest cultural events in the world. His in depth field experience in the myriad hardware, software, and human complications provides him with nuanced insights into turning policy into practice. Running among the world’s largest mobile event access control deployment provides the perfect testing ground to hone training, implementation, and incident response.

A lifelong proponent of the hacker ethos, Russell remains fascinated with all technology weird and wonderful. Mesh SDR networks and at-home pulse dialing telephony are current personal project areas.

Russell is a Certified Information Security Systems Professional and a member of Telephone Collectors International.

Security research has been focused on securing well-known, widely replicated ecosystems where problems and solutions are shared across the industry. But what happens when you build something no one else has? How do you secure an architecture that’s both proprietary and deployed at billion-core scale?

In 2016, NVIDIA began transitioning its internal Falcon microprocessor, used in nearly all GPU products, to a RISC-V based architecture. Today, each chipset has 10-40 cores, and in 2024, NVIDIA surpassed 1 billion RISC-V cores shipped. This success came with unique security challenges, ones that existing models couldn’t solve.

To address them, we created a custom SW and HW security architecture from scratch. Including a purpose-built Separation Kernel SW, novel RISC-V ISA extensions like Pointer Masking, IOPMP (later ratified), and unique secure boot and attestation solution. But how do you future-proof a proprietary ecosystem against tomorrow’s threats?

In this talk, we’ll share what we learned, and what’s next. From HW-assisted memory safety (HWASAN, MTE) to control-flow integrity (CFI) and CHERI-like models, we’ll explore how NVIDIA is preparing not only its RISC-V ecosystem for the evolving threat landscape. If you care about real-world security at an unprecedented scale, this is a journey you won’t want to miss.

References:

• RISC-V Pointer Masking extension
• RISC-V CFI Extension
• RISC-V CHERI
• RISC-V HFI
• RISC-V Privileged spec
• Systematically Securing the RISCV – Secure Foundation for Embedded Functionality – Marko Mitic, NVIDIA

Adam ‘pi3’ Zabrocki is a Director of Offensive Security at NVIDIA and specializes in low-level security research. He created Linux Kernel Runtime Guard (LKRG) project defended by Openwall and has worked in Microsoft, European Organization for Nuclear Research (CERN), HISPASEC Sistemas (virustotal.com), Wroclaw Center for Networking and Supercomputing, Cigital and more. Adam has contributed to numerous projects, found vulnerabilities in various systems (including Hyper-V, KVM, RISC-V ISA, Intel’s Reference Code, Intel/NVIDIA vGPU, Linux kernel, FreeBSD, OpenSSH, gcc SSP/ProPolice, Apache), and published research in Phrack Magazine. He serves as Vice-Chair of the RISC-V J-extension group and has developed key security extensions for RISC-V (Pointer Masking/HWASAN, Control Flow Integrity) currently working on Memory Tagging. Coauthor of a Windows Internals and twice nominated for The Pwnie Awards, he has spoken at major security conferences like Blackhat and DEF CON, Security BSides, more

Marko is a Software Security Architect and System Software Manager focused on secure system design and product security, currently managing NVIDIA’s Core RISC-V team. For the past 10 years at NVIDIA he worked on designing key security aspects for the core system software architecture and drove offensive security practices for GPU system software. He was Security and Risk Officer and PSIRT lead responsible for driving and tracking PSIRT issues and developing remediation plans. In the recent years, his focus was RISC-V, where he has been driving NVIDIA’s RISCV security architecture and implementation, bringing NVRISCV TEE to fruition in shipping NVIDIA products. Motivated by incident response experience, he now passionately leads the adoption of Ada/SPARK, formally verifiable programming language, as powerful tools for reducing security risks in NVIDIA’s most critical software components.

Some people think the days of critical HTTP request smuggling attacks on hardened targets have passed. Unfortunately, this is an illusion propped up by wafer-thin mitigations that collapse as soon as you apply a little creativity.

In this session, I’ll introduce multiple new classes of desync attack, enabling mass compromise of user credentials across hundreds of targets including tech giants, SaaS providers, and CDNs, with one unplanned collaboration yielding over $100,000 in bug bounties in two weeks.

I’ll also share the research methodology and open-source toolkit that made this possible, replacing outdated probes with focused analysis that reveals each target’s unique weak spots. This strategy creates an avalanche of desync research leads, yielding results ranging from entire new attack classes, down to exotic implementation flaws that dump server memory heartbleed-style. You’ll witness attacks meticulously crafted from theoretical foundations alongside accidental exploits with a root cause so incomprehensible, the developers ended up even more confused than me.

You’ll leave this talk equipped with everything you need to join me in the desync research endgame: the mission to kill HTTP/1.

References:

• link
• link
• link
• link

James ‘albinowax’ Kettle is the Director of Research at PortSwigger, the makers of Burp Suite. He’s best-known for pioneering novel web attack techniques, and publishing them at major conferences like DEF CON and Black Hat USA, at which he’s presented for eight consecutive years. His most impactful research is HTTP Desync Attacks, which popularised HTTP Request Smuggling. Other popular attack techniques that can be traced back to his research include web cache poisoning, the single-packet attack, server-side template injection, and password reset poisoning.

He also loves exploring innovative tool concepts for security professionals, many of which have since become industry standard. Examples include introducing OAST via Burp Collaborator, bulk parameter discovery via Param Miner, billion-request attacks with Turbo Intruder, and human-style scanning with Backslash Powered Scanner. He’s also the designer behind many of the topics and labs that make up the Web Security Academy.

Bootkits and Rootkits represent some of the most complex and stealthy forms of malware, capable of achieving full system control before and after the OS is loaded. While often discussed in theory, their actual construction, interaction, and execution flow remain mostly hidden from public view. This talk sheds light on how these implants are built and how their components interact across boot stages and kernel space.

We’ll explore the internals of a fully functional UEFI Bootkit and Kernel-mode Rootkit, examining their modular design, runtime interactions, and the mechanisms used to hook critical parts of the Windows boot chain. Attendees will see how these implants operate across pre-boot and post-boot phases, including early internet connectivity from firmware, dynamic payload delivery, runtime service hooking, deep kernel control, and advanced capabilities like hiding files, processes, and network activity, blocking traffic, capturing keystrokes, and maintaining command and control directly from kernel space.

Everything shown on stage will be yours to explore: a complete Bootkit and Rootkit framework, fully customizable and ready to simulate real threats, test defenses, or build something even stealthier.

References:

• UEFI Specification, Version 2.11. Unified Extensible Firmware Interface Forum. link
• Alex Matrosov, Eugene Rodionov, Sergey Bratus – Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats.
• Pavel Yosifovich – Windows Kernel Programming, 2nd Edition.
• Pavel Yosifovich, Andrea Allievi, Alex Ionescu, Mark E. Russinovich, David A. Solomon – Windows Internals, Part 1 & 2, 7th Edition.
• Martin Smolár and Anton Cherepanov (ESET Research team) – UEFI threats moving to the ESP: Introducing ESPecter bootkit link
• Martin Smolár (ESET Research team) – BlackLotus UEFI bootkit: Myth confirmed link
• Lior Rochberger and Dan Yashnik (Palo Alto Networks Unit 42) – Diving Into Glupteba’s UEFI Bootkit link
• Takahiro Haruyama, Fabio Pagani, Yegor Vasilenko, Anton Ivanov, and Sam Thomas (Binarly Research team) – UEFI Bootkit Hunting: In-Depth Search for Unique Code Behavior link
• Alejandro Vazquez Vazquez – Awesome Bootkits & Rootkits Development (curated learning repository) link

Alejandro Vázquez Vázquez is a security researcher and Red Team Operator with deep expertise in Windows Internals, malware development, and advanced threat emulation. He is one of the few professionals who has publicly presented live bootkit and rootkit development, including real-world demos and open-source examples such as Abyss and Benthic.

He has been behind some of the most hands-on offensive projects out there: crafting custom malware for Red Team ops, deploying stealthy UEFI implants for long-term persistence, developing real OT honeypots to lure attackers targeting critical infrastructure, building AI-powered frameworks that automate and scale pentest workflows, and designing platforms to hunt and profile ransomware groups.

By day, he conducts offensive security operations while also serving as an instructor in several master’s degrees, teaching malware analysis, exploit development, bootkits, and rootkits to the next generation of cybersecurity professionals. By night, he writes implants that play nice with modern security mechanisms. From pre-boot to the kernel, if it runs low enough, he wants to control it. And if it’s undocumented, even better.

He doesn’t just give talks. He builds the tools, shares the code, and gives you the full presentation, so you can run it yourself and teach others.

Maria is a cybersecurity specialist working for the Guardia Civil, Spain’s national military police force. She has served in some of the most specialized cyber units within the organization, including the Cyberterrorism Group and, currently, the Cybercrime Department of the Central Operative Unit (UCO), where she focuses on cybercrime investigations and threat intelligence.

Before joining the Guardia Civil, Maria built a strong foundation as a software engineer, contributing to flight simulation systems for major air navigation entities such as ENAIRE (AENA) and ROMATSA (Romania).

Outside her official duties, she is passionate about malware analysis and reverse engineering, dedicating personal time to studying advanced threats and attack techniques. Her combined experience in software development and threat investigation gives her a unique, well-rounded perspective on both offensive and defensive security.

Operational relay box (ORB) networks are used by hackers to obscure their true origin, effectively turning a network of computers into their own private TOR network. This talk is an inside look at a relay network we believe to be based in the People’s Republic of China based entirely on public data we stumbled upon. It will contain an unprecedented level of detail into the specific tools, networks, and development techniques used to create and operate an ORB network.

If you’re a cloud provider trying to stop this type of abuse, a defender trying to understand how to detect when a relay is being used, or a wanna-be attacker, this is the talk for you. We name the cloud providers, data storage systems, software tools, domain names, email addresses, and passwords that they use to create, maintain, and operate their network.

References:

link link link

mtu, otherwise known as Michael Torres, is a security engineer focused on detecting bad things at scale. Michael is also a Staff Sergeant in the United States Marine Corps Reserve, where he has been responsible for planning and conducting both offensive and defensive cyber operations. He likes to learn new stuff, then share it to benefit others, and is an active volunteer for VetSec (veteransec.org), a charity focused on helping military veterans have successful careers in cybersecurity.

Earf, also known as Zane, is a DevOps Engineer that does vulnerability research in his free time. Zane recently left active duty as a U.S. Marine, where he did vulnerability research and tool development full time. He is also a certified airplane seamstress, qualified to operate industrial sewing machines to maintain aircraft equipment. He likes to hike, climb rocks, and tear apart devices with his hot air gun, soldering machine, and funny looking glasses.

Over the past two years, we have witnessed the emergence of a new class of attacks against LLM-powered systems known as Promptware.

Promptware refers to prompts (in the form of text, images, or audio samples) engineered to exploit LLMs at inference time to perform malicious activities within the application context.

While a growing body of research has already warned about a potential shift in the threat landscape posed to applications, Promptware has often been perceived as impractical and exotic due to the presumption that crafting such prompts requires specialized expertise in adversarial machine learning, a cluster of GPUs, and white-box access.

This talk will shatter this misconception forever.

In this talk, we introduce a new variant of Promptware called Targeted Promptware Attacks.

In these attacks, an attacker invites a victim to a Google Calendar meeting whose subject contains an indirect prompt injection.

By doing so, the attacker hijacks the application context, invokes its integrated agents, and exploits their permission to perform malicious activities.

We demonstrate 15 different exploitations of agent hijacking targeting the three most widely used Gemini for Workspace assistants: the web interface (www.gemini.google.com), the mobile application (Gemini for Mobile), and Google Assistant (which is powered by Gemini), which runs with OS permissions on Android devices.

We show that by sending a user an invitation for a meeting (or an email or sharing a Google Doc), attackers could hijack Gemini’s agents and exploit their tools to: Generate toxic content, perform spamming and phishing, delete a victim’s calendar events, remotely control a victim’s home appliances (connected windows, boiler, and lights), video stream a victim via Zoom, exfiltrate emails and calendar events, geolocate a victim, and launch a worm that tarets Gemini for Workspace clients.

Our demonstrations show that Promptware is capable to perform (1) inter-agent lateral movement (triggering malicious activity between different Gemini agents), and (2) inter-device lateral movement, escaping the boundaries of Gemini and leveraging applications installed on a victim’s smartphone to perform malicious activities with physical outcomes (e.g., activating the boiler and lights or opening a window in a victim’s apartment).

Finally, we assess the risk posed to end users using a dedicated threat analysis and risk assessment framework we developed.

Our findings indicate that 73% of the identified risks are classified as high-critical, requiring the deployment of immediate mitigations.

Dr. Ben Nassi (https://www.linkedin.com/in/ben-nassi-phd-68a743115/) is a Black Hat board member (Asia and Europe), a cybersecurity expert, and a consultant. Ben specializes in AI security, side channel attacks, cyber-physical systems, and threat analysis and risk assessment. His work has been presented at top academic conferences, published in journals and Magazines, and covered by international media. Ben is a frequent speaker at Black Hat (6), RSAC (2), and DEFCON (3) events and won the 2023 Pwnie Award for the Best Crypto Attack for Video-based Cryptanalysis.

Or Yair (@oryair1999) is a security research professional with seven years of experience, currently serving as the Security Research Team Lead at SafeBreach. His primary focus lies in vulnerabilities in the Windows operating system’s components, though his past work also included research of Linux kernel components and some Android components. Or’s research is driven by innovation and a commitment to challenging conventional thinking. He enjoys contradicting assumptions and considers creativity as a key skill for research. Or frequently presents his vulnerability and security research discoveries internationally at top conferences he speaks at such as Black Hat, DEF CON, RSAC, SecTor, and many more.

Stav Cohen is a Ph.D. student at the Technion – Israel Institute of Technology who investigates Cyber-Physical Systems (CPS) that integrate GenAI methodologies and feature Human-in-the-loop interactions, with a specific emphasis on their security and operational aspects. He conducts detailed analyses of GenAI models with the aim of identifying potential vulnerabilities and devising effective strategies to mitigate them. Additionally, he takes a proactive approach by exploring how GenAI methodologies can be utilized to improve both the security and operational efficiency of Cyber-Physical Systems.

Extended Berkeley Packet Filter (eBPF) has revolutionized Linux kernel programmability, but its complex verification and JIT compilation mechanisms present a significant attack surface. This talk provides a technical deep-dive into discovering and exploiting vulnerabilities in the eBPF subsystem, with three key contributions: state-aware fuzzing methodologies specifically designed for eBPF, focusing on verifier state tracking bugs, JIT compiler flaws, and helper function validation bypasses. These techniques go beyond traditional fuzzing by incorporating knowledge of the verifier’s internal state machine.

Systematic approach to weaponizing verifier bypasses into practical kernel exploits, including converting bounds calculation errors into arbitrary read/write primitives, bypassing KASLR via targeted information leaks, and achieving privilege escalation through carefully constructed memory corruption.

Security architecture of eBPF and provide concrete recommendations for hardening the subsystem against these attacks, including improvements to the verifier’s state tracking, JIT compiler security, and runtime validation.

References:

1. Alves, T., & Felton, D. (2023). “eBPF, a new Swiss Army knife for Linux.” USENIX ;login:, 48(1), 42-48.
2. Gershuni, E., Amit, N., Gurfinkel, A., Narodytska, N., Navas, J. A., Rinetzky, N., … & Wei, Y. (2019). “Simple and precise static analysis of untrusted Linux kernel extensions.” PLDI 2019: Programming Language Design and Implementation, 1069-1084.
3. Iannillo, A. K., & Natella, R. (2022). “Fuzzing eBPF JITs: Challenges and solutions for effective vulnerability discovery.” Network and Distributed System Security Symposium.
4. Jian, J., Chen, H., Jiang, Y., & Zou, W. (2021). “The Design and Implementation of a State-Aware eBPF Verifier Fuzzer.” IEEE Transactions on Dependable and Secure Computing, 18(5), 2342-2355.
5. Kolosick, J., Narayan, A., Conrad, E., & Tobin-Hochstadt, S. (2022). “SandTrap: Securing JavaScript Containers with eBPF.” USENIX Security Symposium 2022.
6. Linux Kernel Documentation. (2024). “BPF Documentation.” link

Dr. Agostino “van1sh” Panico is a seasoned offensive security expert with over 15 years of experience specializing in advanced red teaming, exploit development, product security testing, and deception tactics. He is one of the few hundred globally to hold the prestigious GSE (GIAC Security Expert) certification. Driven by a passion for uncovering vulnerabilities, Agostino actively contributes to the security community as an organizer for BSides Italy, fostering collaboration and innovation.

Whether you access the phone network over your cell phone, an SIP trunk, or via an old-school POTS line, the PSTN is an essential part of your day-to-day life and is a longstanding interest of the hacker community. Despite this interest, the regulatory and technical structures underlying this network are poorly understood, deliberately opaque, and dominated by large corporations.

This talk will demystify the network, starting with a brief overview of the history of the PSTN, followed by a deep dive into the inner functioning of the network. After this, the session will detail the regulatory structures that govern the network, and the technologies it employs. Next, the talk will continue with a practical guide detailing how anyone can form a full local exchange carrier to provide service to their community, covering the entire formation process through first-hand experience: regulatory approval, building interconnect with the PSTN, voice network design, and most importantly, user security and privacy.

With this knowledge in hand, the talk will briefly cover a range of exploits in the network, detailing how STIR/SHAKEN can be trivially bypassed, numbers can be hijacked, and how telecom fraud is monetized. The talk will conclude with a discussion of the future of the PSTN, and potential future issues.

References:

• Alliance for Telecommunications Industry Solutions. (2022). Extending STIR/SHAKEN over TDM ATIS-1000095.v002.
• Bluhm, P., & Lichtenberg, S. (2011). Fundamentals of Telecommunications Regulation: Markets, Jurisdiction, and Challenges. link
• Coll, S. (2017). The deal of the century : the breakup of AT&T. Open Road Media.
• Cruz, D. (2021). NPSTN Docs. Npstn.us. link
• Davis, V., Michael, E., & Clements. (1996). The National Regulatory Research Institute CONVERGENCE AND CONTROVERSY IN EARLY INTERCONNECTION AGREEMENTS.
• Federal Communications Commission. (n.d.). Inter-Service Provider LNP Operations Flows -Narratives. Retrieved April 16, 2025, from link
• Federal Communications Commission. (2011, November 18). 2011 USF/ICC Transformation Order. link
• Federal Communications Commission. (2023). Updating the Intercarrier Compensation Regime to Eliminate Access Arbitrage Second Report and Order. link
• Frankel, D. (2021, April 22). Money: The Fuel Behind Illegal Robocalls – Legal Calls Only. Legal Calls Only. link
• Lancaster, M. (2016). NARUC Nationwide Number Portability.
• Maruzzelli, G. (2015). Load Balancing FreeSWITCHes. ClueCon. link
• Nick. (2024, March 11). SMS over Diameter for Roaming SMS. Nickvsnetworking.com. link
• Telecommunications Act of 1996, (1996). link
• PapaLegba2012. (2012). Afterburn: Results of Burning Man 2012 Test Network. Archive.org. link
• Saunders, M. (2022). SCAM ROBOCALLS: TELECOM PROVIDERS PROFIT (C. Frascella, Ed.). link
• STI-GA. (2023). Secure Telephone Identity Governance Authority Policy Decision 002: Certificate Policy.
• Stratton, N. (2000, October 4). How to become a CLEC. Robotics.net. link
• THE CAMPAIGN REGISTRY. (2025). THE CAMPAIGN REGISTRY CSP USER GUIDE. link
• TransNexus. (2017). Introduction to telecom fraud. TransNexus. link
• ZipDx. (2024, March 4). Robocall Radar – Legal Calls Only. Legal Calls Only. link

Enzo Damato is a Rice University researcher and lifelong hacker with over 7 years of experience with telecommunications, network administration, and security. He founded Rice Telecom Corporation, a facilities-based CLEC, to further research telecommunications security and robocall mitigation. Enzo has also worked extensively with mainframe systems, winning a best session award at the SHARE conference for his presentation on DIY mainframe acquisition, installation, and configuration. Following this, he has developed and is currently teaching Rice University’s first course on mainframe computing. In addition, Enzo manages AS25944, an IX-peered ASN providing connectivity for his extensive personal lab.

Throughout our Red Team operations, we’ve focused our research on advancing techniques to gain direct access to physical memory and achieve execution with the highest privileges (Kernel-mode). This talk presents the current state of the art in stealthy post-exploitation, sharing innovative approaches and refined methodologies developed over recent years. Topics include: bypassing modern EDR solutions via physical memory access primitives, physical access techniques and advanced post-exploitation techniques in Windows systems. We will demonstrate how low-level access vectors often overlooked can enable persistent, undetectable control over targeted systems. The session is tailored for cybersecurity professionals interested in cutting-edge Red Team tactics and emerging hardware/software threats. Practical demos will be included, along with tools and methodologies applicable across multiple scenarios. This is a deeply technical talk, showcasing real world tradecraft and threat modeling beyond traditional offensive security.

References:

• ESET. (s. f.). Machine Learning and UEFI. [link]](https://web-assets.esetstatic.com/wls/en/papers/white-papers/ESET_Machine_Learning_UEFI.pdf)
• HackingThings. (s. f.). SignedUEFIShell [GitHub repository]. GitHub. link
• SOC Investigation. (2023). UEFI persistence via wpbbin: Detection & response. link
• Sophos. (2023, junio 2). Researchers claim Windows backdoor affects hundreds of Gigabyte motherboards. link
• tandasat. (s. f.). WPBT-Builder [GitHub repository]. GitHub. link
• Persistence Info. (s. f.). WPBBin. link
• Unified Extensible Firmware Interface Forum. (s. f.). UEFI Revocation List File. link
• Microsoft. (s. f.). secureboot_objects [GitHub repository]. GitHub. link
• HackingThings. (s. f.). OneBootloaderToLoadThemAll [GitHub repository]. GitHub. link
• Knopper, K. (s. f.). Knoppix and UEFI. link
• br-sn. (n.d.). Removing Kernel Callbacks Using Signed Drivers. Retrieved from link
• br-sn. (n.d.). CheekyBlinder [GitHub repository]. GitHub. Retrieved from link
• VL. (2021). Removing Process Creation Kernel Callbacks. Medium. Retrieved from link
• lawiet47. (n.d.). STFUEDR [GitHub repository]. GitHub. Retrieved from link
• hfiref0x. (n.d.). KDU (Kernel Driver Utility) [GitHub repository]. GitHub. Retrieved from link
• TheCruZ. (n.d.). kdmapper [GitHub repository]. GitHub. Retrieved from link
• Sophos. (2022, October 4). BlackByte ransomware returns, abuses RTCore64.sys driver to disable kernel callbacks. Sophos News. Retrieved from link

Red Team Operator and Security Researcher with over ten years of experience in offensive cybersecurity. Throughout his career, he has worked hands-on in assessing, exploiting and mitigating security vulnerabilities, developing proof-of-concepts, offensive and defensive tools, and conducting in-depth security research on commercial and proprietary solutions. His approach is based on a combination of applied research and real-world experience, emphasizing continuous learning and optimization of defense and attack strategies.

Computer security has been a passion for him for as long as he can remember. He is self-taught and seeks to learn something new every day, both professionally and personally. Specialist with more than 9 years of experience in pentesting, Red Team and Research, having a highly versatile profile. He is also a CTF player.

Four years ago, Chris found a vulnerability with a murder for hire site on the dark net. He could exploit that vulnerability to intercept the murder orders that were being placed: names, addresses, pattern of life information, photos, and, in some cases, bitcoin payments. He reached out to Carl for help, and a small team was built in secret to intercept and triage these orders. However, after their warnings to the police fell on deaf ears, they ultimately decided to warn the targets on the kill list directly. After an initial series of successes, the investigation expanded rapidly and they formed a global cooperation with the FBI and police forces around the world, resulting over 175 murder orders being disclosed, 34 arrests 28 convictions and over 180 years of prison time being sentenced. This talk will be about those years: about the dangers and threats the team had to navigate, the times of isolation when the police wouldn’t take them seriously, about raids in Romania to uncover the cyber-criminal gang running the site and the psychological impact of racing against time to try to stop people getting murdered.

References:

• This talk draws on a podcast series called Kill List, published here: [link]https://podcasts.apple.com/gb/podcast/kill-list/id1769072368)

Carl Miller is a technologist, journalist and writer. He is the founder of the Centre for the Analysis of Social Media at Demos and the information integrity lab CASM Technology, a Visiting Fellow at the Department of War Studies, King’s College London, a Senior Fellow at the Institute for Strategic Dialogue and a Senior Research Fellow at RAND Europe. He is the author of the The Death of the Gods: The New Global Power Grab which won the Transmission Prize, and is the co-writer and host of the podcast Kill List, which reached #1 in seven countries. It was named the Guardian’s best podcast of 2024, named Podcast of the Year 2025 by the Broadcast Press Guild Awards and was nominated for an Aria and Ambie

Chris is a dark web investigator, ethical hacker and systems administrator for a major company based in London.

Killnet built its reputation as a decentralized Russian hacktivist force – loud, chaotic, and conveniently aligned with Kremlin objectives. But under the surface, it was something else entirely: a centralized operation controlled by a small group, using noise and hate as cover.

This is the inside story of how a team of just nine people delivered a kill shot to destroy this illusion.

Through targeted investigation and direct engagement, we exposed Killnet’s critical weakness: a financial link to Solaris, at that time, one of Russia’s largest dark web drug markets. By publicly tying their operations to organized cybercrime – we disrupted their narrative, broke internal trust, and triggered full collapse. The result? Loss of state support, severed financial channels, and a rapid implosion of the group’s infrastructure.

We’ll walk through how we tracked Killnet’s leadership, exposed its frontman “KillMilk,” and uncovered the criminal network behind the public facade. Along the way, you’ll get a firsthand look at the real tactics – OSINT, infiltration, pressure points – that brought down one of the most visible cyber collectives.

This isn’t just a postmortem. It’s a case study in strategic disruption, showing how small teams can go head-to-head with well-funded adversaries – and win.

References:

• link

Alex Holden is the founder and CISO of Hold Security, LLC. Under his leadership, Hold Security played a pivotal role in information security and threat intelligence, becoming one of the most recognizable names in its field. Mr. Holden researches minds and techniques of cyber criminals and helps our society to build better defenses against cyber-attacks.

Everyone knows not to trust pickle files, but what about .onnx, .h5, or .npz? This talk explores how trusted file formats used in AI and large language model workflows can be weaponized to deliver reverse shells and stealth payloads. These attacks rely solely on the default behavior of widely used machine learning libraries and do not require exploits or unsafe configuration.

The presentation focuses on formats that are not typically seen as dangerous: ONNX, HDF5, Feather, YAML, JSON, and NPZ. These formats are commonly used across model sharing, training pipelines, and inference systems, and are automatically loaded by tools such as onnx, h5py, pyarrow, and numpy. A live demo will show a healthcare chatbot executing code silently when these formats are deserialized, with no user interaction and no alerts. This is a demonstration of how trusted data containers can become malware carriers in AI systems. Attendees will leave with a clear understanding of the risks introduced by modern ML workflows, and practical techniques for payload delivery, threat detection, and hardening against this type of tradecraft.

References:

• Parzian, Cyrus. Turning a Healthcare Chatbot into a Reverse Shell – A Deep Dive into Pickle Exploitation. iRedTeam.ai. link
• Trail of Bits. Fickling: A Pickle Inspection and Manipulation Tool. link
• TensorFlow Developers. SavedModel Format Overview. link
• ONNX Project. ONNX Model Format Documentation. link
• Apache Arrow Project. Feather and Parquet Format Specification. link
• Hugging Face. Transformers File Formats and Model Loading. link
• NumPy Developers. NumPy NPZ and NPY Format Documentation. link
• PyYAML Documentation. YAML Deserialization and UnsafeLoader. link
• OWASP. Deserialization Cheat Sheet. link
• DEF CON and Black Hat Archives. Past Talks on Serialization, Supply Chain, and Model Abuse. link / link

Cyrus Parzian is an AI Red Team Lead with over a decade of experience in offensive security, red teaming, and AI risk testing. He has led AI red team assessments targeting model serialization abuse, data leakage prevention, prompt injection, and LLM jailbreak resistance. Cyrus has created standardized reporting frameworks, built payload testing infrastructure, and designed internal training focused on exploitation of AI-powered systems. He has conducted over 100 offensive operations across internal networks, cloud environments, and LLM-integrated applications. His work includes large-scale phishing campaigns, persistent C2 infrastructure, and exploitation of automation platforms like Power Automate. Cyrus shares his research on iRedTeam.ai, where he focuses on weaponizing trusted model formats and exposing blind spots in AI-driven systems. He has spoken at ArcticCon and served as organizer of Fiestacon.

Limitations can result in creative solutions. For most hackers I know, this is core to why we do what we do. Being an artist has taught me to do the challenging and ridiculous at all costs. Most of the time, these values align, but sometimes they result in fabulous disasters. As of this writing, this is not the latter.

This talk is a reflection on badge creation, challenges, the badge curse, and the blurred lines between art and hacking. It examines how we perceive and value creation and making, inside and outside of our own circles.

Mar has spent over 15 years contributing to DEF CON, ranging from illustration, badges & interactive experiences to art direction. Last year they designed & directed the creation of the DEF CON 32 Raspberry Pi badge, on which attendees played a custom game of the convention itself in real-time.

Mar has helped found, and has chaired hackerspaces and an art collective. They’ve painted public murals in the US and abroad, and held a residency at the Denver Art Museum, which explored the relationships between people and their identities online.

This year they open “Feral Gallery” in Denver, focused on queer and indigenous works. You can find Mar (and support their art!) at the Arts & Entertainment booth at con.

In this talk, the speaker details how a threat actor’s OPSEC slip—testing their own keylogger and infostealer on their hacking machine—provided a real-time view into a cybercrime operation. By intercepting Telegram-based command-and-control (C2) communications, the speaker obtained hundreds of screenshots and keylogs of the threat actors desktop, revealing the entire cybercrime operation. The session also covers the creation of Telegram bot tokens, which were then embedded in malware to enable covert data exfiltration and remote control.

Through automated analysis techniques, including VirusTotal and custom YARA rules, the speaker tracked samples communicating with Telegram’s API, extracted thousands of bot tokens that were used to forward stolen data, used these to intercept communications, and mapped backend infrastructure through screenshots of the threat actors desktop. This process led to the discovery of links to broader phishing and malware campaigns, underscoring how trusted platforms like Telegram can be abused by malicious actors.

References:

• Analysis of the malware
• Analysis of the stolen C2 communications

Ben Folland is a Security Operations Analyst at Huntress, where he manages hands-on-keyboard intrusions and dismantles active threats daily. Before that, he worked at one of Accenture’s SOCs, defending UK Critical National Infrastructure, gaining deep experience in high-stakes environments. He’s all about DFIR, malware analysis, and threat hunting—and has a knack for exposing adversary tradecraft. Ben’s spoken at over 10 conferences (including six BSides), taught SOC workshops at universities, is GIAC GCFA certified, and was a finalist for the UKs national cyber team. Whether it’s CTFs or live incidents, Ben thrives on the chase and brings a hacker mindset to everything he does.

Five years after Apple radically empowered third-party security developers on macOS with the introduction of Endpoint Security, most developers grasp its fundamentals, but subtle nuances remain, and advanced features are still underutilized. And as the framework continues to evolve, even experienced developers can struggle to keep pace with its rapidly expanding capabilities.

This talk explores critical areas that frequently trip up developers, such as caching behaviors and authorization deadlines, before diving into Endpoint Security’s more advanced features like mute inversions. We’ll also cover recently introduced capabilities—including the long-awaited TCC event monitoring which offer unprecedented visibility into permission-related activity often targeted by malware.

Each topic will include practical code examples, demonstrated and validated against sophisticated macOS malware.

Join us to move beyond the basics and unlock the full power of Apple’s Endpoint Security framework.

References:

• link
• “The Art of Mac Malware, Volume 2: Detecting Malicious Software” No Starch Press

Patrick Wardle is the founder of the Objective-See Foundation, the CEO/Cofounder of DoubleYou, and the author of “The Art of Mac Malware” book series. Having worked at NASA and the NSA, as well as presenting at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy. Passionate about macOS security, Patrick spends his days discovering Apple 0days, studying macOS malware, and releasing free open-source security tools to protect Mac users.

Bare metal cloud providers are rapidly gaining popularity among organizations deploying high-performance machine learning workloads. While the promise of dedicated hardware and enhanced security may appear attractive, a closer look revealed that these environments are vulnerable to decades-old attacks that are sure to trigger nostalgia.

This talk investigates the hidden risks posed by the “bare metal” trend, illustrating how weaknesses in firmware, hardware, and the network can lead to catastrophic multi-tenant compromise. We’ll walk through real-world case examples demonstrating how attackers can leverage these vulnerabilities including hijacking provisioning processes, installing persistent firmware implants, intercepting sensitive network data, and compromising secure machine learning workflows.

Attendees will gain insight into the unique attack surfaces of bare metal environments, understand why seemingly outdated techniques remain highly effective, and learn how major cloud providers mitigate these threats. Expect technical demonstrations, practical advice on evaluating providers, and recommendations for protecting your organization’s critical infrastructure.

References:

1 2 3 4 5 6 7 8 9 10 11 12 13

Bill is a security researcher with a passion for finding bugs at scale. His interests include reverse engineering and vulnerability research, ranging from low-level memory corruption to systemic flaws with catastrophic consequences. He started his journey in high school and has since published his work at internationally-recognized conferences like DEF CON and Black Hat USA. In his pursuit to make the world a better place, Bill constantly looks for the next significant vulnerability, following the motto “break anything and everything”.

In this session, Tobias Diehl will demonstrate a critical vulnerability in Microsoft’s CoPilot AI, exposing how data voids can be hijacked to manipulate AI-generated responses. By exploiting CoPilot’s reliance on limited data sources, Tobias will show how attackers can inject persistent malicious content, associating it with legitimate Microsoft topics, and how AI fails to validate key terms. The presentation will cover the mechanics of key term association attacks, data void exploitation, and their real-world implications, including the risk of CoPilot delivering dangerous installation instructions for command-and-control (C2) beacons for initial access. Using a proof-of-concept from Microsoft’s Zero Day Quest event, attendees will see how the hijacking process works in practice, how threat actors can target enterprise users, and how AI systems can be tricked into guiding users toward compromised actions.

References:

• link (Released by Microsofts Bing Team)
• link (Research by related Security Researchers)

Tobias Diehl is a security researcher and offensive security engineer with a background spanning red team operations, penetration testing, cloud security, and adversarial AI research. Over the past decade, he has worked across both private and public sectors, supporting enterprise defense teams and developing offensive tooling used to uncover high-impact vulnerabilities in modern systems. He is recognized as a Microsoft Most Valuable Researcher (MVR) for his continued contributions to vulnerability discovery and responsible disclosure across Microsoft platforms.

OPC UA is a standardized communication protocol that is widely used in the areas of industrial automation and IoT. It is used within and between OT networks, but also as a bridge between IT and OT environments or to connect field systems with the cloud. Traditionally, VPN tunnels are used to secure connections between OT trust zones (especially when they cross the internet), but this is often considered not to be neccessary when using OPC UA because the protocol offers its own cryptographic authentication and transport security layer.

This makes OPC UA a valuable target for attackers, because if they could hijack an OPC UA server they might be able to wreak havoc on whatever industrial systems are controlled by it.

I decided to take a look at the cryptography used by the protocol, and managed to identify two protocol flaws which I could turn into practical authentication bypass attacks that worked against various implementations and configurations. These attacks involve signing oracles, signature spoofing padding oracles and turning “RSA-ECB” into a “timing side channel amplifier”.

In this talk, I will explore the protocols and the issues I identified, as well as the process of turning two theoretical crypto flaws into highly practical exploits.

References:

• OPC UA Specifications, OPC Foundation, link
• “Chosen ciphertext attacks against protocols based on the RSA encryption standard PKCS# 1.”, Daniel Bleichenbacher, Advances in Cryptology—CRYPTO’98: 18th Annual International Cryptology Conference Santa Barbara, California
• Prior OPC UA research work by the Claroty Research Team, link

Tom Tervoort is a Principal Security Specialist for Secura, a security company based in the Netherlands. Tom regularly performs network pentests, web/mobile application assessments, as well as code, configuration and design reviews for large Dutch companies and institutions. Tom’s primary areas of interest include cryptographic protocols and cryptography engineering, advanced web attacks and Windows AD pentesting. Besides doing security assessments, Tom also develops and gives cryptography and secure programming courses to software developers. In December 2020, Tom won a Pwnie award for Best Cryptographic Attack, due to his discovery of the Zerologon vulnerability. Tom has spoken at various conferences, including Black Hat USA 2021 and 2023, Black Hat Europe 2022 and ONE Conference 2021.

Every once in a while, we get a grim reminder that the open-source trust model that enables developers to use each other’s code and resources can be abused by attackers.

GitHub users recently suffered from such a wake-up call. In March 2025, the highly-publicized “tj-actions” incident came to light, throwing many GitHub organizations and users into panic, as their credentials were leaked via their supply chain. But while the masses were scared about the massive credential exposure, we were able to piece together evidence to show that the leakage wasn’t the primary goal of this attack, and that the initial buzz was just the tip of the iceberg. Our investigations indicate that more highly-popular projects were targeted as part of this campaign, and DefCon will be the first place that we reveal the newly-discovered details.

We’ll reveal how the attack began months earlier than initially believed, with the attacker compromising multiple open-source projects utilizing them for lateral movement. We’ll detail how the adversary maintained a low profile, patiently waiting to spear-target Coinbase. We will dissect the sophisticated evasion techniques employed and the attacker’s modus operandi, showing how the open-source access and trust model were weaponized to deliver a precise and calculated supply chain attack.

References:

• link

Security researcher and experienced software engineer with a great passion for algorithms (graph-theory specifically), security research (vulnerability research, bug bounties), chaos engineering (YES!), frontends, backends, web services, systems architecture, infras, clouds(making them rain), and more 🙂 Today, researching at Palo Alto Networks. Oh yea I also DJ

Encrypted radios promise off-grid privacy and security, but what if their core trust anchors can be broken with one message? Our latest research shows that a single, unauthenticated RF packet can overwrite any public keys goTenna Pro stores for peer-to-peer and group chats, silently substituting attacker-controlled keys so that every AES-256 encrypted message is now readable only to the attacker, not the intended recipient; by repeating the swap on both ends the attacker becomes an undetectable man-in-the-middle who alone can forward, alter, or drop traffic, leaving victims blind to compromise. We will live-demo three outcomes: pulling teams into GPS dead zones by injecting phantom coordinates; impersonating a surveillance teammate to feed disinformation and fracture cohesion; and detonating a network-wide blackout that forces operators onto weaker radio communication that allows easy direction-finding. The audience will watch us craft the packet, poison key stores, pivot between victims, and restore normalcy – all from commodity SDR hardware and open-source code released at the session. We close with a hardening guidance and a patch in goTenna Pro version 2.0.3 (CVE-2024-47130) proving once again that cryptography is only as strong as the key lifecycle surrounding it.

Erwin is an experienced security researcher specializing in both hardware and software reverse engineering, binary analysis, and exploit development across a range of processor architectures. He has notable experience in implementing complex Radio Frequency (RF) waveforms using Software Defined Radios (SDRs) for cybersecurity applications, complemented by his proficiency in designing, simulating, and fabricating antennas tailored for such applications. His past work includes extensive TCP/IP networking experience, designing worldwide secure communication systems. Erwin holds a number of prestigious certifications, including OSCP, OSCE, OSWE, OSEE, and CCIE Enterprise Infrastructure. Erwin is also a staff member in the RF Hacker Sanctuary and a member of Security Tribe.

Woody thinks Linux is a member of the Charlie Brown gang who can lift heavy things but not always spell them. He has had some success with RF exploits in the past with the first ever goTenna exploit talk in the RF wireless village as well as the first attack against Ford Raptor key fobs with RaptorCaptor exploit. Woody’s unique background, familiar to some, gives him a creative aspect to the impact of goTenna Pro research in the physical and RF world. Woody is also a staff member in the RFHacker Sanctuary, a member of Security Tribe, and has appeared on a few episodes of Hak5 describing novel device attacks.

In this talk we present a collection of attacks against the most widely used EV charging protocol, by exploiting flaws in the underlying power-line communication technologies affecting almost all EVs and chargers.

Specifically, we target the QCA 7000 Homeplug modem series, used by the two most popular EV charging systems, CCS and NACS.

We demonstrate multiple new vulnerabilities in the modems, enabling persistent denial of service.

To better understand the scope of these issues, we conduct a study of EV chargers and vehicles, and show widespread insecurities in existing deployments.

We show a variety of practical real-world scenarios where the HomePlug link can be used to hijack EV charging communications, even at a distance.

Finally, we present results from reverse engineering the firmware and how we can gain code execution.

References:

• Marcell Szakály, Sebastian Köhler, and Ivan Martinovic, “Short: PIBuster: Exploiting a Common Misconfiguration in CCS EV Chargers”, at 3rd USENIX Symposium on Vehicle Security and Privacy (VehicleSec ’25)
• Marcell Szakály, Sebastain Köhler, and Ivan Martinovic, “Current Affairs: A Security Measurement Study of CCS EV Charging Deployment”, at 34th USENIX Security Symposium 2025
• Sebastian Köhler, Richard Baker, Martin Strohmeier and Ivan Martinovic, “Brokenwire : Wireless Disruption of CCS Electric Vehicle Charging”, at Network and Distributed System Security (NDSS) Symposium 2023
• Richard Baker and Ivan Martinovic. “Losing the car keys: Wireless PHY-Layer insecurity in EV charging”, at 28th USENIX Security Symposium (USENIX Security 19), pp. 407-424. 2019.
• Sébastien Dudek, Jean-Christophe Delaunay and Vincent Fargues, “V2G Injector: Whispering to cars and charging units through the Power-Line”, in Proceedings of the SSTIC (Symposium sur la sécurité des technologies de l’information et des communications), Rennes, France. 2019.

Marcell Szakály is a PhD student in the Systems Security Lab at the University of Oxford. His research focuses on the security of the EV charging infrastructure. He received his masters degree in Physics, and worked on superconducting magnet design. His work now involves RF hardware, SDRs, and digital electronics.

Jan Berens aka SP3ZN45 has been a goon in the QM department for several years now and is working full time as a redteamer at alpitronic SLR the leading manufacturer for DC chargers in Europe. His background is security consulting and penetration testing for critical infrastructures and industrial installations in Europe. Doing mostly non publicly disclosed security research and mentoring of beginners in the security domain.

While the theft of Primary Refresh Token (PRT) cookies on Windows has been extensively studied, similar attacks on macOS remain unexplored. As organizations increasingly use Microsoft Intune to manage both Windows and macOS devices, a critical question arises: can attackers also extract PRT cookies from macOS?

In this talk, we present our research into Microsoft’s SSO implementation within the Intune Company Portal for macOS. We compare authentication flows and security controls between Windows and macOS, exposing weaknesses that allow attackers to bypass process validation and obtain authentication tokens under certain conditions.

Another obstacle for attackers has been Microsoft’s efforts to make it more difficult to register new devices using stolen credentials for persistence. Our research introduces a novel technique: once an attacker acquires a token with an MFA claim on the device, they can still register new devices and generate new tokens without concern for the original stolen token’s expiration.

We will demonstrate PRT Cookie extraction on macOS and release a proof-of-concept tool, showing not only how credential theft techniques can now extend beyond Windows to macOS environments, but also how attackers can leverage these techniques for long-term persistence.

References:

• This research was inspired by these previous studies, which sparked our interest in investigating the theft of PRT cookies on macOS and exploring new persistence techniques.
• This research inspired us to consider that macOS might be a valuable target for in-depth security analysis.
• “Attacking Primary Refresh Tokens using their macOS implementation” link
• The theft of Windows PRT cookies led us to consider the possibility of conducting similar attacks on macOS. However, our investigation revealed that macOS implements more complex and robust security protections.
• “Bypassing Entra ID Conditional Access Like APT: A Deep Dive Into Device Authentication Mechanisms for Building Your Own PRT Cookie” link
• This study helped us understand the state-of-the-art hardening measures that Microsoft has implemented to prevent the use of stolen credentials for registering new devices and platform credentials (Windows Hello for Business keys)
• “(Windows) Hello from the other side” link
• We did not discover this article until after we had identified the new persistence technique. From our perspective, Microsoft did not fix this vulnerability properly. However, Microsoft no longer considers our similar issue a vulnerability anymore.
• “A valid Microsoft session can be abused to reset the user’s password and remove multi-factor authentication (MFA) to take over an account.” link

Shang-De Jiang is a deputy director of the research team of CyCraft. Currently, he focuses on research on Incident Response and Endpoint Security and Microsoft Security. He has presented technical presentations in non-academic technical conferences, such as TROOPERS, HITB, HITCON, CodeBlue, Blue Team Summit and BlackHat USA. He is the co-founder of UCCU Hacker the private hacker group in Taiwan.

Kazma is a university student from Taiwan and cybersecurity intern of CyCraft. His current work focuses on how Microsoft Entra ID integrates and behaves on macOS, diving deep into binary internals and real-world authentication logic. He’s also a CTF player with the B33F 50UP team, with a passion for reverse engineering and binary exploitation.

Echo is a cybersecurity researcher at CyCraft Technology, specializing in network and cloud security. He has presented at industry conferences, including DEVCORECONF, HITCON ENT, ROOTCON, InfoSec Taiwan, and CyberSec.

“Fuzzing” is an automated software testing technique essential for detecting security vulnerabilities, effectively identifying over 100,000 bugs across the industry.

While fuzzing has proven effective in uncovering critical issues, software teams often face challenges when implementing the fuzzing process. Teams must spend significant time identifying targets for fuzzing and creating test harnesses with initial inputs. Finally, engineering teams must analyze and fix issues detected by fuzzing.

We created an automated fuzzing solution that leverages LLMs for the codebase analysis to identify optimal fuzzing targets, generating precise fuzzing test harnesses and initial seed inputs.

Our solution automates the reproduction of bugs discovered during fuzzing and generates patches for the affected code.

We achieved significant improvements across all targeted areas, demonstrating the effectiveness of integrating LLMs and automatic code analysis into the fuzzing process.

References:

1. Google published some work on the smart harness generation with LLMs – link
2. Google published work on identifying fuzzing targets (without LLMs) – link

Max Bazalii is a Principal Engineer on the NVIDIA DriveOS Offensive Security team, where he leads AI automation projects focusing on software security and formal verification. Prior to joining NVIDIA, he specialized in the security research of mobile operating systems. He has authored numerous publications and delivered technical presentations on jailbreaking Apple platforms, including the first public jailbreak of the Apple Watch. He also served as a lead security researcher on the Trident exploits during the first Pegasus iOS spyware incident. Max holds a Ph.D. in Computer Science, with a focus on software security.

Marius Fleischer is a security engineer at the NVIDIA DriveOS offensive security team. He is passionate about applying advancements in AI to tackle security challenges and has a deep interest in low-level software. Previously, Marius worked at the Security Lab of UC Santa Barbara, where he contributed to advancing the state-of-the-art in automated vulnerability detection for operating system kernels.

Local Administrator Password Solution (LAPS) automates local admin password rotation and secure storage in Active Directory (AD) or Microsoft Entra ID. It ensures that each system has a unique and strong password.

In OverLAPS: Overriding LAPS Logic, we will revisit and extend our previous research (Malicious use of “Local Administrator Password Solution”, Hack.lu 2017) by exposing client-side attacks in Windows LAPS (“LAPSv2”). After a brief overview of LAPS’s evolution, from clear-text fields in AD with Microsoft LAPS (“LAPSv1”) to encrypted AD attributes or Entra ID storage with Windows LAPS, we will explore the client-side logic of Windows LAPS. Unlike prior work that exfiltrates passwords only after directory compromise, we will focus on abusing LAPS to maintain presence on compromised endpoints, both on-prem and Entra-joined devices.

We will leverage PDB symbols and light static analysis to understand how LAPS works internally, then use Frida for dynamic hooking to capture, manipulate, and rotate admin passwords on demand. We will also reproduce Frida proof-of-concepts using Microsoft Detours for in-process hooks.

Attendees will gain practical insights into new attack vectors against Windows LAPS, enabling them to assess, reproduce, and defend against client-side attacks in their own environments.

References:

• Microsoft documentation on Windows LAPS:
  • What is Windows LAPS? – link
  • Key concepts in Windows LAPS – link
• Existing attacks and tools:
  • HackTricks page on LAPS – link
  • Karl Fosaaen (kfosaaen) for NetSPI Blog, Running LAPS Around Cleartext Passwords – link
  • Karl Fosaaen (kfosaaen) “Get‑LAPSPasswords” PowerShell script – link
  • Leo Loobeek (leoloobeek) “LAPSToolkit” PowerShell script – link
  • Adam Chester blog post on Windows LAPS, LAPS 2.0 Internals – link
  • BloodHound “ReadLAPSPassword” page – link
  • NetExec LAPS module – link
• Tools & Frameworks:
  • Frida by Ole André Vadla Ravnås – link
  • Ghidra by the NSA – link
  • Detours by Microsoft – link
• Prior work and reference materials:
  • Maxime Clementz and Antoine Goichot, Malicious use of “Local Administrator Password Solution”, Hack.lu, October 2017 – link
  • Microsoft security advisory: Local Administrator Password Solution (LAPS) now available: May 1, 2015 – link
  • LAPS Operations Guide, LAPS Technical Specification – link
  • Local admin password management solution MSDN Code Gallery page (archive from September 2017) – link
  • Jiri Formacek (jformacek) / GreyCorbel “AdmPwd” solution (release 5.2.0) – link

Antoine Goichot is a French cybersecurity professional and Ethical Hacker working in Luxembourg. With ten years of hands-on experience and some certifications (CRTO/CRTL, GPEN/GXPN, GDAT), he has been into hacking since junior high school. He was always trying to find clever ways to solve technical problems and tweak his computer. In high school, he jailbroke a dozen PSPs so friends could play homebrew games between classes. He later studied computer science and networks at TELECOM Nancy. Now as Senior Manager at PwC Luxembourg, Antoine leads projects for a large variety of clients including major corporations, banks, European institutions, and insurance companies. Beyond his day job, he has uncovered several vulnerabilities in Windows VPN clients, Cisco AnyConnect (CVE-2020-3433/3434/3435, CVE-2020-27123, CVE-2021-1427) and Ivanti Secure Access (CVE-2023-38042). These issues have been fixed by vendors after coordinated disclosure. Antoine has contributed to the cybersecurity community through a conference paper co-authored during his studies, blog posts, articles in the MISC magazine (French periodical), etc. He also co-presented at Hack.lu in October 2017 on “Malicious use of ‘Local Administrator Password Solution'”

Over the past three years, passkeys have gained widespread adoption among major vendors like Apple, Google, and Microsoft, aiming to replace passwords with a more secure authentication method. However, passkeys haven’t yet faced the extensive scrutiny that passwords have endured over decades. As they become central to enterprise identity, it’s crucial to examine their resilience.

This presentation demonstrates how attackers can proxy WebAuthn API calls to forge passkey registration and authentication responses. We’ll showcase this using a browser extension as an example, but the same technique applies to any website vulnerable to client-side script injection, such as XSS or misconfigured widgets. The extension serves merely as a controlled means to proxy credential flows and manipulate the WebAuthn process.

We’ll delve into the underlying theory, present the exploit code, and provide a live demonstration of an attack that succeeds on sites relying on passkeys without enforcing attestation or metadata checks—a common scenario among vendors. If you’re relying on passkeys, this is the side of the flow you don’t usually get to see.

References:

• Web Authentication API – mdn web docs – for API documentation
• link and link– for trying out the passkey flow easily
• Passwordless login with passkeys by Google Identity – link
• Passkey AAGUIDs list – link

Shourya Pratap Singh is responsible for building SquareX’s security-focused extension and conducts research on countering web security risks. As a rising figure in cybersecurity, Shourya has presented his work on global stages including the DEFCON main stage, Recon Village, and Adversary Village, as well as at Black Hat Arsenal EU. He has also delivered several workshops at prestigious events such as the Texas Cyber Summit. Shourya earned his bachelor’s degree from IIIT Bhubaneswar and holds a patent. His professional interests focus on strengthening the security of browser extensions and web applications.

Jonny Lin is a frontend engineer on the extension team at SquareX, where he works on browser security challenges like data loss prevention and detecting web-based vulnerabilities. Before joining SquareX, he was a founding engineer at Velt (YC W23), building collaborative frontend infrastructure for real-time apps. He holds a computer science degree from Santa Clara University and has a strong interest in browsers and pushing the limits of what’s possible on the frontend.

Daniel Seetoh currently works on the development of SquareX’s browser extension and web app. With a focus on the frontend, Daniel brings a versatile skillset that augments his approach towards cybersecurity. He has earned his degrees from Nanyang Technological University, and enjoys building out products and providing value to users.

DARPA and ARPA-H joined forces for the AI Cyber Challenge (AIxCC), a two-year competition aimed at revolutionizing cybersecurity through AI-driven solutions. AIxCC asks the nation’s top talent in AI and cybersecurity to develop Cyber Reasoning Systems capable of automatically finding and fixing software vulnerabilities to secure critical software. During this talk, we will announce the winners of the competition, deep dive on the challenges teams faced and lessons learned, and discuss what it will take to achieve widespread deployment of AIxCC-developed tools, which will be open sourced after DEF CON. The first-place team will receive $4 million, the second-place team will receive $3 million, and the third-place team will receive $1.5 million.

Andrew Carney, Program Manager, AI Cyber Challenge, DARPA and Program Manager, Resilient Systems, Advanced Research Projects Agency – Health (ARPA-H)

Andrew Carney is program manager for the DARPA AI Cyber Challenge (AIxCC) and a program manager at the Advanced Research Projects Agency for Health (ARPA-H) where he leads programs and projects to improve health cybersecurity.

Carney was previously a technical advisor and contractor for the Defense Advanced Research Projects Agency (DARPA). At DARPA, he supported research efforts focused on reverse engineering, program analysis, human-machine teaming, and automated program repair. Carney has over 15 years of experience in software and hardware vulnerability research, technical education and training, and Capture the Flag (CTF) competitions. He holds a master’s degree in computer science from The Johns Hopkins University.

Stephen Winchell joined DARPA as its 24th Director in May 2025. Prior to this appointment, he led the artificial intelligence and autonomy portfolio for the Defense Department’s Strategic Capabilities Office. Previously, he was chief engineer for the Pentagon’s Algorithmic Warfare Cross-Functional Team, commonly known as Project Maven. He is a graduate of the U.S. Naval Academy, where he later taught as a faculty member in the electrical and computer engineering department. He also served as a submarine officer in the U.S. Navy and continues to serve as an officer in the U.S. Navy Reserve. He has been a Presidential Innovation Fellow at the Intelligence Advanced Research Projects Activity and worked with a venture-backed start-up focused on AI security. He received a master’s in business administration from the University of Virginia, a master’s degree in systems engineering from the Johns Hopkins University, and a master’s degree in applied physics from the U.S. Naval Postgraduate School.

Modern web applications don’t just expose APIs, they expose attack paths. Recursive Request Exploits (RRE) are a new class of attack that weaponizes interdependent web requests to systematically bypass authentication, authorization, and payment controls.

This talk introduces RRE, a methodology that automates recursive request discovery, maps hidden relationships between API and web calls, and exploits overlooked logic flaws. Using a real-world case study, we’ll show how this technique was used to bypass premium paywalls on a major streaming platform without requiring authentication or hacking DRM.

But this isn’t just a one-off streaming exploit, RRE exposes a fundamental flaw in how checkout logic is enforced across e-commerce and digital subscriptions. By chaining requests together in unintended ways, attackers can exploit blind spots in authentication, entitlement, and payment flows to gain unauthorized access. What was once considered security through obscurity is now an active attack surface.

We’ll release exploit code, via a Burp Suite extension, that automates RRE discovery and exploitation, giving security professionals the tools to both weaponize and defend against these attacks.

Farzan Karimi has 20 years experience in offensive security. He is currently the Senior Director of Attack Operations at Moderna. Formerly, he managed the Android Red Team at Google and the red team at Electronic Arts.

Farzan has been interviewed by Wired Magazine and was featured on Ted Danson’s Advancements. He is an avid speaker at security conferences such as DEFCON and Black Hat USA, where he presented on the topics of Pixel exploitation and cellular security.

Let’s face it — traditional HTTP C2 is burning out. Between aging domains, TLS cert management, sandbox fingerprinting, and blue teams getting smarter at categorizing traffic and infrastructure, your “custom C2” feels less covert and more like a liability. Red teams and threat actors alike are shifting toward living off legitimate services — AWS, GitHub, Box, Notion, whatever blends in — but building solutions that are custom to a single C2 framework? Let’s stop doing that. Let’s share the fun!

C4 (Cross-Compatible Command & Control) is here to change that. It’s a modular toolkit of WASM-powered plugins that makes external C2 easy to implement, regardless of your implant’s language or target OS. Whether you’re writing in C, Rust, Go, Python, C#, or something else entirely, C4 plugins can be loaded directly into your implant and run on Windows, macOS, or Linux.

But the real game-changer? C4 provides a single, centralized collection of numerous fully-documented, operationally-ready external C2 modules — not just proof-of-concepts, but production-level integrations with trusted sites that fly under the radar. No more hunting through GitHub repos, hand-rolling fragile API calls, or hacking together glue code for every new environment.

Stop reinventing external C2 and start planting some C4 in your implants!

Scott Taylor is a Senior Red Team Operator on Sony’s Global Threat Emulation team. Scott has previously worked at the MITRE Corporation and T. Rowe Price focused on emulating adversary behaviors. While Scott has been a technical professional for a decade, only the second half was focused on offensive security. He started as a Linux system administration intern where he learned to build before later learning to break. Scott leverages his system administration background in his offensive security career where he passionately researches command and control (C2) infrastructure for red team operations. Open-source publications by Scott include custom C2 channels for popular C2 frameworks, leveraging cloud services for C2, and automating red team infrastructure deployment.

Welcome to the world’s worst let’s-play: if you’ve ever wanted to get yourself or your friends banned from a game: Stick around. We explore how modern anti-cheat systems work, and practically show how to get banned in the most innovative and hilarious ways possible—all without launching a single real cheat.

We also dive into Hardware ID bans, and how machine ‘fingerprints’ are collected and enforced. With this knowledge at hand, we demonstrate how to remotely poison innocent machines — capturing a target’s HWID, spoofing it, and getting it burned. BIOS flashing, RAM SPD rewriting, and other fun tricks included. Join our masterclass in making yourself and others appear guilty online.

References:

• Books
  • Windows Internals, Part 1, 7th Edition
  • Windows Internals, Part 2, 7th Edition
• Cheating in General
  • UnKnoWnCheaTs link
  • Secret Club link
  • Guided Hacking link
  • MPGH link
  • Game Hacking Academy link
  • Reddit link
  • Hypercall link
• Talks
  • BH EU-19 Unveiling the Underground World of Anti-Cheat link
  • DEFCON 15 Virtual World Real Hacking link
  • DEFCON 32 Intro To Game Hacking link
• Game Hacking Technical References
  • General Game Hacking Methods link
  • Static Analysis link
  • Dynamic Analysis link
  • Code Injection link
• Anti-Cheat Technical References
  • General Anticheat Guide link
  • HWID Bans link
  • File Integrity Checks link
  • Memory Integrity Checks link
  • Code Injection Countermeasures link
  • Obfuscation link
  • Anti-Debug link
  • Anti-VM link
  • Process Scanning link
  • Kernel Anti-Cheat link
  • Kernel Injection link
• SPD Rewriting link
• Our Dataset link

Sam is a PhD research student studying at the University of Birmingham UK with an interest in attacks and defences in the Man-At-The-End-Scenario found in anti-cheat systems. He also works in teaching reverse engineering and binary analysis via game hacking. As part of this he developed an impossible to beat multiplayer video game for undergraduate students to hack as coursework. During his research he has been banned from every competitive shooter title and will happily offer this as a service for anyone who plays too much Fortnite and would like to stop.

Marius Muench is an assistant professor at the University of Birmingham. His research interests cover (in-)security of embedded systems, binary & microarchitectural exploitation, and defenses. He obtained his PhD from Sorbonne University in cooperation with EURECOM and worked as a postdoctoral researcher at the Vrije Universiteit Amsterdam. He developed and maintains avatar2, a framework for analyzing embedded systems firmware, and FirmWire, an emulation and fuzzing platform for cellular basebands. Throughout his career, Marius publicly shared his findings and presented at venues such as Black Hat, Reverse.io, REcon, and Hardwear.io.

Tom Chothia is a Professor of Cyber Security at the University of Birmingham, UK. His research involves the development of new mathematical analysis techniques, and the application of these techniques to real world cyber security problems. His past work on the security of EMV, ApplePay, banking apps, pacemakers and video game cheats have all received widespread media coverage.

This talk revisits Google Calendar RAT (GCR), a proof-of-concept released in 2023 by the speaker, demonstrating how Google Calendar can be abused for stealthy Command&Control (C2) communication. A similar technique was recently observed in the wild, used by the APT41 threat group during a real-world campaign, which highlights the growing interest in abusing trusted cloud services for covert operations.

Building on that concept, the talk introduces a new Golang-based tool that enables SOCKS tunneling over Google services, establishing covert data channels.

The session explores how common cloud platforms can be repurposed to support discreet traffic forwarding and evade traditional network monitoring. While some familiarity with tunneling and cloud services may be helpful, the talk is designed to be accessible and will walk attendees through all key concepts.

Whether you’re a penetration tester, red teamer, or simply curious about creative abuse of cloud infrastructure, you’ll leave with fresh ideas and practical insights.

References:

• link
• link
• link

Valerio “MrSaighnal” Alessandroni is a seasoned offensive security professional with a lifelong passion for hacking. A former member of the Italian Army’s cyber units, he now leads EY Italy’s Offensive Security team, focusing on advanced red teaming and threat emulation.

He’s behind open-source tools like Google Calendar RAT (GCR) and he holds certifications including OSCP, OSEP, OSWE, OSWP, CRTO, eWPTX, eCPTX and more.

His bug bounty research has earned recognition from Microsoft, NASA, Harvard, and others. Off the keyboard, he rolls on the mat in Brazilian Jiu Jitsu and dreams of space exploration.

Residential solar promises energy independence, but behind the panels lies a chaotic mess of insecure firmware, exposed APIs, and rebadged devices phoning home to mystery servers. This talk exposes how today’s solar microgrids can be hijacked through unauthenticated cloud APIs, unsigned firmware updates, hardcoded root credentials, and even vendor-enabled kill switches. No custom exploits. No insider access. Just publicly documented APIs, leaked serial numbers, and a shocking lack of basic security controls.

We will walk through real-world attacks, account takeover via brute-forced PINs, remote access to power dashboards with zero authentication, firmware tampering for persistent implants, and replay attacks against plaintext MODBUS traffic. Our research reveals how vulnerabilities silently propagate across cloned OEMs and shared cloud infrastructure, turning a single bug into an industry-wide risk. If you thought solar made you off-grid, this talk will change your threat model.

References:

• link
• link
• link

Dr. Anthony “Coin” Rose is the Director of Security Research and Chief Operating Officer at BC Security, as well as a professor at the Air Force Institute of Technology, where he serves as an officer in the United States Air Force. His doctorate in Electrical Engineering focused on building cyber defenses using machine learning and graph theory. Anthony specializes in adversary tactic emulation planning, Red and Blue Team operations, and embedded systems security. Anthony has presented at security conferences, including Black Hat, DEF CON, HackMiami, RSA, HackSpaceCon, Texas Cyber Summit, and HackRedCon. He also leads the development of offensive security tools, including Empire and Moriarty.

Jake “Hubble” Krasnov is the Red Team Operations Lead and Chief Executive Officer of BC Security, with a distinguished career spanning engineering and cybersecurity. A U.S. Air Force veteran, Jake began his career as an Astronautical Engineer, overseeing rocket modifications, leading test and evaluation efforts for the F-22, and conducting red team operations with the 57th Information Aggressors. He later served as a Senior Manager at Boeing Phantom Works, where he focused on aviation and space defense projects. A seasoned speaker and trainer, Jake has presented at conferences including DEF CON, Black Hat, HackRedCon, HackSpaceCon, and HackMiami.

What if you could use Wireshark on the connection between your cellphone and the tower it’s connected to?

In this talk we present Rayhunter, a cell site simulator detector built on top of a cheap cellular hotspot. It works by collecting and analyzing real-time control plane traffic between a cellular modem and the base station it’s connected to. We will outline the hardware and the software developed to get low level information from the Qualcomm DIAG protocol, as well as go on a deep dive into the methods we think are used by modern cell-site simulators. We’ll present independently validated results from tests of our device in a simulated attack environment and real world scenarios. Finally, we will discuss how we hope to put this device into the hands of journalists, researchers, and human rights defenders around the world to answer the question: how often are we being spied on by cell site simulators?

References:

• link
• link
• link
• link
• link
• link

Cooper Quintin is a senior public interest technologist with the EFF Threat Lab. He has given talks about security research at prestigious security conferences including Black Hat, DEFCON, Shmoocon, and ReCon about issues ranging from IMSI Catcher detection to Femtech privacy issues to newly discovered APTs. He has two children and is very tired.

Cooper has many years of security research experience on tools of surveillance used by government agencies.

oopsbagel is not a bagel but may be eating one while you read this. oops loves contributing to open source software, running wireshark, reversing, hardware hacking, breaking Kubernetes, and floaking.

I’m sure you’ve heard of MIDI – it’s a protocol and file format that’s used to exchange audio generation data such as “note on” and “note off” events. But what if I told you that there’s a MIDI implementation out there in the wild that, when excited in just the right ways, can do stuff the original product designers never intended to do? In this talk, we’ll dive into the wonderful world that is hardware reverse engineering. We’ll explore what JTAG and UART are and how we can use them to hack modern digital devices. We’ll dump the firmware of a Yamaha music keyboard and discover what is essentially a backdoor in the MIDI implementation – and exploit it to play Bad Apple on the keyboard’s dot matrix LCD.

References:

Architecture of Yamaha entry-level synths MIDI specification MIDI SysEx ID allocation table ARM7TDMI Technical Reference Manual

Anna “porta” has been playing around with Arduinos and whatnots since about 2017, when she was 13 years old. She’s made countless hobbyist projects with AVR, STM32 and ESP32 microcontrollers to learn more about the wonderful world of digital electronics. Today, she’s a professional embedded firmware engineer with an interest in hardware reverse engineering, operating system development and distributed fault-tolerant systems.

We all love security, right? And when we trust a security component to safeguard our most valuable assets such as passwords, key material and biometrics, we want to believe they’re doing a good job at it. But what happens when this assumption is flawed, and the chip that was going to protect our assets turns against us?

In this talk we’ll present the ReVault attack that targets the [REDACTED] chip embedded in over 100 different laptops models from [VENDOR]. We will demonstrate how a low privilege user can fully compromise the chip, plunder its secrets, gain persistence on its application firmware and even hack Windows back. Are you ready for the heist?

Philippe Laulheret is a Senior Vulnerability Researcher at Cisco Talos. With a focus on Reverse Engineering and Vulnerability Research, Philippe uses his background in Embedded Security and Software Engineering to poke at complex systems and get them to behave in interesting ways. Philippe presented multiple projects covering hardware hacking, reverse engineering and exploitation at DEF CON, Hardwear.io, Eko Party and more. In his spare time, Philippe enjoys playing CTFs, immersing himself in the beauty of the Pacific Northwest, and exploring the realm of Creative Coding. Philippe holds a MSc in Computer Science from Georgia Tech and a MSc in Electrical and Computer Engineering from Supélec (France).

In this session, we will delve into CVE-2024-10979, discovered by Varonis Threat Labs, and explain how it can be exploited to execute arbitrary code on cloud-hosted databases. Join us to gain insights into this significant Remote Code Execution (RCE) vulnerability and learn strategies for defending and testing managed databases for vulnerabilities.

References:

• link

Tal Peleg, also known as TLP, is a senior security researcher and cloud security team lead at Varonis. He is a full-stack hacker with experience in malware analysis, Windows domains, SaaS applications, and cloud infrastructure. His research is currently focused on cloud applications and APIs.

Coby Abrams is a cloud security researcher at Varonis, specializing in Azure and IaaS research, and in-depth overviews of various services. He brings over five years of experience in various types of security research.

PyTorch is a machine learning library based on the Torch library, used for applications such as computer vision and natural language processing. It is one of the most popular deep learning frameworks.

However, beneath its powerful capabilities lies a potential security risk. Initially, PyTorch used pickle to save models, but due to the insecurity of pickle deserialization, there was a risk of Remote Code Execution (RCE) when loading models. Subsequently, PyTorch introduced the weights_only parameter to enhance security. The official documentation states that weights_only=True is considered safe and recommends using it over weights_only=False.

For years, the security of weights_only=True remained unchallenged. Our research, however, uncovered unsettling truths. We discovered that torch.load with weights_only=True supports TorchScript, leading us to delve into TorchScript’s inner workings. After a period of research, we discovered several vulnerabilities and ultimately achieved RCE. We promptly reported this finding to PyTorch, who acknowledged the vulnerability and assigned us CVE-2025-32434. This revelation overturns established understandings and has profound implications for numerous AI applications. We will provide an in-depth analysis of the impact of this vulnerability.

In this sharing, we will introduce how we gained inspiration and discovered this interesting vulnerability. Meanwhile, our findings once again confirm the statement, “The Safe Harbor you once thought was actually Hostile Waters.”

Ji’an Zhou is a Security Engineer in Alibaba Cloud. He is focusing on Java security and cloud native security and his work helped many high-profile vendors improve their products’ security, including Google, Amazon, Cloudera, IBM, Microsoft, Oracle. He has previously spoken at Black Hat , Zer0Con, Off-by-One Con.

Li’shuo Song is a Security Engineer at Alibaba Cloud. He focuses on browser security and has found several security bugs in Google Chrome.

Microsoft Configuration Manager, better known as SCCM, has become my go-to target for red team operations. While multiple attack paths were uncovered recently, companies still struggle to close all security gaps. This is largely due to the solution’s complexity and historical technical debt, which make it challenging to effectively address and mitigate all security vulnerabilities. Moreover, as it primarily manages computers, taking over an SCCM deployment often leads to the full compromise of the Active Directory, with less hassle than traditional attack paths.

In this talk, I’ll be sharing insights gained from my research on the solution that led to the discovery of multiple 0 Day vulnerabilities, such as CVE-2024-43468, an unauthenticated SQL injection. After introducing key concepts, I’ll delve into various techniques for performing reconnaissance, tips for understanding the hierarchy and tricks for bypassing certain security boundaries. The session will also cover the discovered vulnerabilities that can lead to the compromise of the deployment.

After showcasing post-exploitation techniques from database access, I’ll introduce a battle-tested open-source tool that implements them. And for those interested in persistence, a technique for installing a backdoor as a legitimate servicing endpoint will be shared.

I’m a red team operator working at Synacktiv, a French firm dedicated to offensive information security. With over 7 years of experience, I’ve started my journey on the blue team before transitioning to an offensive role. Today, I conduct adversary simulation engagements for large companies in France, as well as international organizations.

Secure Shell (SSH) is finally fun again! After a wild two years, including a near-miss backdoor, clever cryptographic failures, unauthenticated remote code execution in OpenSSH, and piles of state machine bugs and authentication bypass issues, the security of SSH implementations has never been more relevant. This session is an extension of our 2024 work (Unexpected Exposures in the Secure Shell) and includes new research as well as big updates to our open source research and assessment tool, SSHamble.

References:

• link
• link
• link
• link
• link
• Metasploit: ssh_identify_pubkeys (2012)
• regreSSHion: link
• Terrapin: link
• link
• link
• link
• link
• Kannisto, J., Harju, J. (2017). The Time Will Tell on You: Exploring Information Leaks in SSH Public Key Authentication. In: Yan, Z., Molva, R., Mazurczyk, W., Kantola, R. (eds) Network and System Security. NSS 2017. Lecture Notes in Computer Science(), vol 10394. Springer, Cham. link
• West, J.C., Moore, T. (2022). Longitudinal Study of Internet-Facing OpenSSH Update Patterns. In: Hohlfeld, O., Moura, G., Pelsser, C. (eds) Passive and Active Measurement. PAM 2022. Lecture Notes in Computer Science, vol 13210. Springer, Cham. link
• Neef, S. (2022). Source & result datasets for “Oh SSH-it, what’s my fingerprint? A Large-Scale Analysis of SSH Host Key Fingerprint Verification Records in the DNS” [Data set]. Zenodo. link
• link
• link
• link
• [link](https://badkeys.info/ & https://github.com/badkeys/badkeys)
• link
• link
• link

HD Moore is a pioneer of the cybersecurity industry who has dedicated his career to vulnerability research, network discovery, and software development since the 1990s. He is most recognized for creating Metasploit and is a passionate advocate for open-source software and vulnerability disclosure. HD serves as the CEO and founder of runZero, a provider of cutting-edge attack surface management and exposure management software. Prior to founding runZero, he held leadership positions at Atredis Partners, Rapid7, and BreakingPoint. HD’s professional journey began with exploring telephone networks, developing exploits for the Department of Defense, and breaking into financial institutions. When he’s not working, he enjoys hacking on weird Go projects, building janky electronics, running in circles, and playing single-player RPGs.

You don’t need a kernel exploit to cross security boundaries in Linux, and all it takes is what the system already gives you. In this talk, I’ll expose a class of quiet yet dangerous vulnerabilities where common system features in multi-user Linux environments leak sensitive information between users by default.

We’ll explore how standard process inspection mechanisms and insecure scripting practices in real-world infrastructures, especially those used by large hosting panel providers can expose database passwords, API tokens, internal URLs, and other secrets to unprivileged users. I’ll demonstrate how simple, legitimate system behaviors can be passively weaponized to gather intelligence, fingerprint users, and pivot across services. All without ever escalating privileges or exploiting a single bug. This talk shows how misconfigurations and design oversights can open the door to unintended visibility.

Whether you’re a sysadmin, penetration tester, or just someone who lives in a shell, you’ll leave with a better understanding of what your environment might be silently exposing and how to lock it down.

Ionut Cernica began his security journey through Facebook’s bug bounty program and quickly made a name for himself by responsibly disclosing vulnerabilities to major companies including Google, Microsoft, Yahoo, AT&T, eBay, and VMware. With over nine years of experience in web application security and penetration testing, he has built a solid reputation in both offensive and defensive security research.

Beyond bug bounty, Ionut is a seasoned CTF competitor, having participated in over 100 security competitions worldwide. He has represented the PwnThyBytes team in high-profile finals such as Codegate, Trend Micro, and DEF CON. Among his individual accomplishments, he won the mini CTF at the very first edition of AppSec Village at DEF CON.

Currently, Ionut is an Application Security Engineer at UiPath, where he focuses on product security and AI security research.

With billions of users worldwide, mobile messaging apps like WhatsApp and Signal have become critical for personal and professional communication. While these platforms promise security and privacy, our research uncovers two significant vulnerabilities that expose users to stealthy tracking and security degradation.

First, we reveal how delivery receipts –commonly used to confirm message delivery– can be exploited to track a user’s online status, screen activity, and device usage without their knowledge. This technique enables passive surveillance, draining a target’s battery and data allowance while remaining entirely invisible to them.

Second, we demonstrate a novel attack on WhatsApp’s implementation of the Signal Protocol, specifically targeting its Perfect Forward Secrecy (PFS) mechanism. By depleting a victim’s stash of ephemeral encryption keys, an attacker can weaken message security, disrupt communication, and exploit flaws in the prekey refilling process.

Both attacks require nothing more than the victim’s phone number and leverage fundamental design choices in these widely used platforms.

This talk will provide an in-depth analysis of these vulnerabilities, their implications, and potential mitigations — challenging the security assumptions of modern encrypted messaging.

References: – Careless Whisper: Exploiting End-to-End Leakage in Mobile Instant Messengers, Gabriel K. Gegenhuber, Maximilian Günther, Markus Maier, Aljosha Judmayer, Florian Holzbauer, Philipp É. Frenzel, Johanna Ullrich; link – Prekey Pogo: Investigating Security and Privacy Issues in WhatsApp’s Handshake Mechanism, USENIX WOOT 2025, Gabriel K. Gegenhuber, Philipp É. Frenzel, Maximilian Günther, Aljosha Judmayer; link

Gabriel is a PhD candidate at the University of Vienna, Austria. He received a bachelor’s degree in Software & Information Engineering and a master’s degree in Software Engineering & Internet Computing at the TU Wien. Gabriel is conducting research in the area of cellular and mobile networks. This includes Internet measurement technologies, traffic classification systems (e.g., deep packet inspection) and technical measures that are used to detect net neutrality and privacy violations. Furthermore, he’s working on improving the MobileAtlas measurement platform for cellular networks.

Max Guenther is master student at University of Vienna. He is a cybersecurity nerd and part-time full stack engineer at Intigriti. Previously, he was security analyst at Austrian Power Grid and security researcher at the Austrian Armed Forces.

Apple champions user privacy and security, but beneath its glossy screens and polished interfaces lies an overlooked field of subtle vulnerabilities lurking within trusted, everyday features: Siri, Spotlight, Safari, Apple Intelligence, and Apple’s official support systems. This talk dives deeply into multiple zero-day issues discovered on fully updated, non-jailbroken iPhones—no specialized tools required. I’ll demonstrate how missing lock-state checks, Siri context confusion, race conditions, faulty Unicode parsing, incomplete patches, and other subtle oversights enabled me to bypass Face ID locks, retrieve sensitive user data, spoof emails, and trigger daemon crashes. Specifically, I’ll show you how I disclosed sensitive data on locked devices via Siri (CVE-2025-24198) and Spotlight (CVE-2024-44235), bypassed Safari’s Face ID protection on private tabs (CVE-2025-30468), executed deceptive email spoofing (CVE-2025-24225), leaked Apple Intelligence internal prompts and Private Cloud Compute data to ChatGPT, and exploited an unresolved IDOR vulnerability on Apple’s support site to retrieve almost any customer data.

References:

• Apple Inc. (March 2025). “About the security content of iOS 18.4 and iPadOS 18.4.” link (CVE-2025-24198, Additional recognition)
• Apple Inc. (March 2025). “About the security content of macOS Sequoia 15.4.” link (CVE-2025-24198)
• Apple Inc. (March 2025). “About the security content of macOS Ventura 13.7.5.” link (CVE-2025-24198)
• Apple Inc. (March 2025). “About the security content of visionOS 2.4.” link (Accessibility vulnerability)
• Apple Inc. (December 2024). “About the security content of iOS 18.2 and iPadOS 18.2.” link (Safari authentication bypass)
• Apple Inc. (December 2024). “About the security content of macOS Sequoia 15.2.” link (Safari authentication bypass)
• Apple Inc. (December 2024). “About the security content of visionOS 2.2.” link (Safari authentication bypass)
• Apple Inc. (October 2024). “About the security content of iOS 18.1 and iPadOS 18.1.” link (CVE-2024-44235)
• Apple Inc. (September 2024). “About the security content of iOS 18 and iPadOS 18.” link (Passwords app Wi-Fi password disclosure in App Switcher)
• Apple Inc. (September 2024). “About the security content of macOS Sequoia 15.” link (Passwords app Wi-Fi password disclosure in App Switcher)
• Apple Inc. (September 2024). “About the security content of visionOS 2.” link (Passwords app Wi-Fi password disclosure in App Switcher)
• Apple Developer Documentation: link
• Apple Platform Security Guide: link
• The iPhone Wiki: link
• Burp Suite Documentation (Intruder module): link
• Common US Surnames (US Census Bureau): link
• CVE Database (MITRE): link
• OpenAI Bugcrowd Program: link

Richard Hyunho Im (@richeeta) is a senior security engineer and independent vulnerability researcher at Route Zero Security. Currently ranked among the top 25 researchers in OpenAI’s bug bounty program, Richard has also received security acknowledgements from Apple (CVE-2025-24198, CVE-2025-24225, CVE-2025-30468, and CVE-2024-44235), Microsoft, Google, and the BBC. His research highlights overlooked attack surfaces, focusing on practical exploitation that challenges assumptions about everyday software security.

A rare look behind the scenes of a global phishing-as-a-service operation. We tell the story of how we infiltrated a phishing group, cracked their software, exploited a hidden backdoor, and followed an OSINT rabbit hole to uncover the identify of the primary software developer.

Harrison is a software and application security specialist with experience in embedded devices and IoT. He has worked closely with penetration testing, incident response, embedded security, and vulnerability management. He has a passion for cybersecurity research and has had work featured in publications such as TechCrunch, PC Magazine, The Register, Ars Technica, Hackaday, Aftenposten, and NRK.

Erlend is a man of many towels (and talents)—a security consultant and retired bus driver, electrical engineer, and masters degree in technical societal safety. Erlend has gravitated towards hacking and IT since his teens and spent more than a decade at mnemonic as a security consultant, where he performs penetration testing, red teaming and conducts security research. A handful of CVEs have his name on it and some are even favored by the usual APTs—and in the spirit of Douglas Adams, there’s no need to panic.

You may have heard tales of mainframe pentesting and exploitation before – mostly from us! Those stories often focused on the MVS/ISPF side of the IBM z/OS. But did you know that all those same tricks (and more!) can be pulled off in z/OS Unix System Services (OMVS) as well? I bet you didn’t even know z/OS had a UNIX side!

Over the years we’ve discovered multiple unique attack paths when it comes to Unix on the mainframe. In this talk, we’ll present live demos of real-world scenarios we’ve encountered during mainframe penetration tests. These examples will showcase what can happen with poor file hygiene leading to database compromises, inadequate file permissions enabling privilege escalation, lack of ESM resource understanding allowing for privileged command execution, and how dataset protection won’t save you from these attacks. We’ll also be demonstrating what can happen when we overflow the buffer in an APF authorized dataset.

Attendees will learn how to test these controls themselves using freely available open-source tools and how to (partially) detect these attacks. While privesc in UNIX isn’t game over for your mainframe, it’s pretty close. By the end, it will be clear that simply granting superuser access to Unix can be just as dangerous, if not more so, than giving access to TSO on the mainframe.

Philip Young, aka Soldier of FORTRAN, Director of Mainframe Penetration Testing Services at NetSPI is an oldschool hacker. He started out on with an Amiga 500 and a modem and never looked back, cutting his teeth on Datapac (the Canadian X.25 network) he eventually grew to searching the internet for interesting things. Later in his career he started taking a serious look at mainframe cybersecurity and realized how far behind mainframes had fallen when compared to their more open system (Windows/Linux). At that point he made it his lifes mission to raise awareness and produce tooling to aid in the testing of these critical resources to help keep them safe. Since then he has given talks around the world at places like BlackHat, DEFCON, RSA, has taught multiple workshops and was even under investigation by the Swedish secret police. In addition he has released countless opensources tools to pentest mainframes.

What is it actually like to support and balance a global anonymity network, with users ranging from political dissidents to national security analysts? You say it’s important to teach law enforcement and governments about privacy and end-to-end encryption, but how do those conversations go in practice? I heard you accidentally got Russia to block all of Azure for a day? Are you ever going to do a Tor talk in China? Wait, who exactly tried to bribe you to leave bugs in Tor to support their criminal schemes?

Historically I’ve tried to downplay some of the excitement from operating the Tor network and teaching the world about Tor, but this year I’m going to try my hand at the “war stories” track.

References:

• Talking to law enforcement and governments over the years.
  • link
  • link
  • link
  • link aka link
• Tor network denial-of-service issues + fixes
  • link
  • link
• Tor’s onion service NFT
  • link

Roger Dingledine is co-founder and original developer of the Tor Project, a nonprofit that develops free and open source software to protect people from tracking, censorship, and surveillance online. Roger works with journalists and activists on many continents to help them understand and defend against the threats they face, and he is a lead researcher in the online anonymity field. EFF picked him for a Pioneer Award, and Foreign Policy magazine chose him as one of its top 100 global thinkers.

Delegated Managed Service Accounts (dMSA) are Microsoft’s shiny new addition to Active Directory in Windows Server 2025. Their primary goal was to improve the security of domain environments. As it turns out, that didn’t go so well.

In this talk, we introduce BadSuccessor – an attack that abuses dMSAs to escalate privileges in Active Directory. Crucially, the attack works even if your domain doesn’t use dMSAs at all.

We’ll demonstrate how a very common, and seemingly benign, permission in Active Directory can allow us to trick a Domain Controller into issuing a Kerberos ticket for any principal – including Domain Admins and Domain Controllers. Then we’ll take it a step further, showing how the same technique can be used to obtain the NTLM hash of every user in the domain – without ever touching the domain controller.

We’ll walk through how we found this attack, how it works, and its potential impact on AD environments

References:

• Rubeus with dMSA support, thanks to Joe Dibley: link

Yuval Gordon is a Security Researcher at Akamai Technologies, specializing in Active Directory security and identity-based attacks. Yuval’s research is focused on offensive security, malware analysis, and threat hunting.

The Pwnies are an annual awards ceremony celebrating and making fun of the achievements and failures of security researchers and the wider security community. Every year, members of the infosec community nominate the best research and exploits they’ve seen. The Pwnie Award nominations are judged by a panel of respected security researchers and former pwnie award recipients – the closest to a jury of peers a hacker is likely to ever get. At this event DEF CON attendees will get a first person look at some of the most groundbreaking research and hacks in the cyber security community of the past year, and the winners get some well deserved recognition from the broader community for the great work they’ve done.

DOM Clobbering is a type of code-reuse attack on the web that exploits naming collisions between DOM elements and JavaScript variables for malicious consequences, such as Cross-site Scripting.

In this talk, we present a novel systematization of DOM Clobbering exploitation in four stages, integrating existing techniques while introducing new clobbering primitives. Based on this foundation, we introduce Hulk, the first dynamic analysis tool to automatically detect DOM Clobbering gadgets and generate working exploits end-to-end.

Our evaluation revealed an alarming prevalence of DOM Clobbering vulnerabilities across the web ecosystem. We discovered 497 zero-day DOM Clobbering gadgets in the Tranco Top 5,000 sites, affecting popular client-side libraries, including Google Client API, Webpack, Vite, Rollup, and Astro—all of which have since acknowledged and patched the issue.

To complete our exploitation chain, we further study its trigger—HTML Injection vulnerability. Our systematic analysis of HTML Injection uncovered over 200 websites vulnerable to HTML injection. By combining them with our discovered gadgets, we demonstrated complete attack chains in popular applications like Jupyter Notebook/JupyterLab, HackMD.io, and Canvas LMS. This research has resulted in 19 CVE identifiers being assigned to date.

Zhengyu Liu is a Ph.D. student in Computer Science at Johns Hopkins University, advised by Prof. Yinzhi Cao. His research focuses on Web Security, with an emphasis on systematic vulnerability study through automated program analysis techniques, including static/dynamic analysis, and LLM-integrated approaches. His first-author work has been published in top-tier venues such as IEEE S&P 2024 and USENIX Security 2025, and has received the Best Student Paper Award at ICICS 2022. His research has led to the discovery of many zero-day vulnerabilities in widely used software such as Azure CLI, Google Client API Library, and Jupyter Notebook/JupyterLab, resulting in over 30 CVEs in popular open-source projects (>1K Stars in Github) and acknowledgments from Microsoft, Google, Meta, and Ant Group.

Jianjia Yu is a PhD student at Johns Hopkins University. Her research focuses on the security and privacy of web and mobile applications, using program analysis. She received a Distinguished Paper Award at CCS 2023 for her work on browser extension vulnerabilities.

In 2014, someone by the name of Spencer Lucas released the “One Bitcoin Book“, a set of 20 clues that when solved, unlocked a bitcoin wallet containing one bitcoin (then valued at ~$400). Over 10 years and a six-figure price tag later, it remained unclaimed. In December 2024, the prize was finally claimed through a combination of human-solved solutions and a custom module for Hashcat designed to test various combinatorial possibilities for the unknown or uncertain clues.

This talk will cover the puzzle itself, how the answers unlocked the prize (through the brainwallet process), and the development of a custom Hashcat module to crack brainwallet passphrases using cheap, cloud-based GPU power. It will also discuss the challenges encountered along the way and the troubleshooting approaches used to overcome them.

References:

• [link[(https://hashcat.net/hashcat/) (and relevant github repo)
• DEF CON 23 – Ryan Castellucci – Cracking CryptoCurrency Brainwallets
• link

Joseph Gabay is a security researcher, hardware hacker, and robotics engineer with a passion for reverse engineering and tackling unique challenges. At DEF CON 29, they presented DoS: Denial of Shopping, where they analyzed and exploited shopping cart immobilization systems, and expanded further upon that work at DEF CON 31. Their work and research focuses on integrating knowledge from a diverse set of domains to deeply understand systems and uncover unique insights about their design and potential vulnerabilities.

The 2023 loss of the Titan submersible was a tragic wake-up call that exposed dangerous gaps in safety oversight, design practices, and regulation in extreme maritime environments. As leader of the international search-and-rescue response, I witnessed firsthand the human consequences of operating innovative technologies in legal gray zones without sufficient safeguards. Titan’s creators leveraged regulatory loopholes to push design boundaries, dismissing expert warnings and bypassing standard safety certifications. This same pattern of unchecked innovation, inadequate oversight, and hubris mirrors critical vulnerabilities now facing maritime cybersecurity. Just as Titan’s passengers unknowingly placed trust in untested designs, vessels today rely increasingly on digitally interconnected yet inadequately secured systems, creating risks that could lead to catastrophic failures. Harsh environmental conditions and remote operations compound the potential impacts of maritime cyber incidents, paralleling Titan’s tragic fate. This paper connects the painful lessons from the Titan tragedy to urgent maritime cybersecurity needs—arguing for clear international regulation, rigorous independent testing, and proactive incident response planning—to prevent similar disasters at sea.

References:

This presentation will be a combination of my own experiences, the evidence collected during the TITAN Marine Board of Investigation and reports from U.S. Coast Guard cyber command and other sources regarding maritime cybersecurity. The TITAN investigation is available here: link

Maritime Cybersecurity references are available here: link

Rear Admiral John W. Mauger, USCG (Ret.) is a seasoned executive with over 33 years of leadership experience in the maritime industry, national security, and cyber operations. Known for his foresight, innovative approach to problem solving, and ability to drive change, John has left an indelible mark on every role he’s undertaken—from commanding complex Coast Guard operations to shaping the future of cyber defense.

As Commander of the First Coast Guard District, he led over 12,000 people and oversaw critical port operations in New England, deploying innovative technologies like counter-drone systems to enhance security. John’s leadership during the TITAN capsule search and recovery at the TITANIC site highlighted his ability to lead complex crises in the international spotlight.

At U.S. Cyber Command, John revolutionized cyber training, developing a cloud-based environment that modernized cyber exercises and increased readiness. John also served as the Coast Guard’s first Executive Champion the National Naval Officers Association, mentoring future leaders and driving organizational change.

Earlier in his career, John led key regulatory projects for both domestic and international shipping. His work protected mariners and the environment, created new markets for alternative fuels, and established a new international code to safeguard vital Polar regions.

Now leading (PORTS) LLC, John uses his diverse expertise to help clients plan for and navigate complex challenges in the maritime and critical infrastructure industries while enhancing personnel and team performance through effective training.

The accelerating evolution of technology, specifically AI, has created a “meta-system” so complex and intertwined with all domains of knowledge and human life that it effectively operates on a meta-level, shaping our reality and exceeding our control. The meta-system requires collaboration among all of its parts for effect management. We need to think on a meta-level because the meta-system is thinking about us in its own unique terms. We must adopt a “hacker” mindset – thinking critically, creatively, collaboratively, and systematically – to navigate this new reality.

Richard Thieme who has published numerous articles and short stories, thirteen books, and has delivered hundreds of speeches. His recent Mobius Trilogy illuminates the impacts of security and intelligence work on practitioners. The trilogy was lauded by a 20-year CIA veteran as one of the five best works of serious spy fiction–ever. He spoke in 2022 at Def Con – which he is an uber-contributor-for the 26th year and keynoted the first two Black Hats. He has keynoted security conferences in 15 countries and clients range from GE, Microsoft, Medtronic, Bank of America, Allstate Insurance, and Johnson Controls to the NSA, FBI, US Dept of the Treasury. Los Alamos National Lab, the Pentagon Security Forum, and the US Secret Service.

When the first measurement studies of the GFW came out in the early 2000s, computation and power consumption were 30,000X greater than they are today. Because of this, China’s GFW resided deeper in the network and further away from homes and data centers. The substantial increase in computational efficiency has made processing and filtering in-path and near connection end-points viable while the volume of network traffic in today’s Internet has made this design a virtual necessity. Russia’s censorship apparatus, the TSPU, has emerged as a state-of-the-art system, on par with the GFW, and a potentially more significant threat, particularly for users of Russian apps and data centers. There are two reasons for this. First, Russia’s design, which places censors in-path and closer to end-hosts (residential modems and data center connections), permits more granular, targeted attacks. Second, according to the Russian government, sanctions have compelled them to build their own certificate authority and require all Russian software to trust this certificate authority. Combining these two factors implies major threats to users interacting with Russian data centers and software. Fortunately, research has identified cases where the TSPU can be circumvented. New tools based on these ideas could be the future of circumvention.

References:

1 2 3 4 5 6 7 8 9 10 11 12

Censorship of VPNs today, link

I am a security researcher focused on Internet Freedom, censorship circumvention, and pwning middleboxes, firewalls, and other devices that are supposed to keep me “safe”. I have developed attacks against VPN software. The one relevant to this presentation is CVE-2021-3773. This vulnerability affects VPNs but is actually because of issues in the firewall/connection tracking framework (e.g., Netfilter) of the underlying OS running the VPN. An attacker can use this vulnerability to redirect packets in various ways and can even let an attacker escalate from adjacent to-in-path between the victim and VPN server. I applied insights I gained while developing this attack to testing the TSPU and was able to develop bypass strategies. This is because the underlying design of connection tracking frameworks, such as how they track TCP states and direction, is basically the same for both network layer VPNs like OpenVPN and WireGuard and firewalls like the TSPU.

What are the consequences if an adversary compromises the surveillance cameras of thousands of leading Western organizations and companies? As trust in Chinese-made IoT devices declines, organizations face limited alternatives—especially in video surveillance. Many governments have already banned Dahua and Hikvision products in sensitive facilities, further narrowing their choices. This concern drove our research, revealing that surveillance platforms can be double-edged swords.

We focused on Axis Communications, a major player in video surveillance widely used by U.S. government agencies, schools, medical facilities, and Fortune 500 companies.

In our talk, we will present an in-depth analysis of the Axis.Remoting communication protocol, uncovering critical vulnerabilities that allow attackers to achieve pre-auth RCE on Axis platforms. This access could serve as a gateway into an organization’s internal network via its surveillance infrastructure. Additionally, we identified a novel technique for passive data exfiltration, enabling attackers to map organizations using this equipment—potentially aiding in targeted attacks.

Noam Moshe is a vulnerability researcher and Team Lead at Claroty Team82. Noam specializes in vulnerability research, web applications pentesting, malware analysis, network forensics and ICS/SCADA security. In addition, Noam presented in well-known Hacking conferences like Blackhat/Defcon, as well as won Master of Pwn at Pwn2Own Miami 2023

Microsoft Entra ID – one of the most used identity providers in the enterprise market. Or from our perspective: the most targeted platform in phishing attacks. Getting our phishing infrastructure up and running is usually the easy part. The real challenge is often keeping it online long enough to deliver the phishing link and collect credentials without detection before it gets burned.

But what if we could use Microsoft’s official login domain for our phishing purposes? And no, I’m not talking about the heavily mitigated OAuth Consent or Device Code Phishing techniques, or simply hosting a phishing page on Azure Web App subdomains. I’m talking about stealing credentials directly from the legitimate login.microsoftonline.com domain.

In this talk, I will share multiple novel methods that can be used to achieve this. And the best of all? It all relies on legitimate functionality, making it mostly unpatchable. 😈

References:

• link
• link
• link
• link

Keanu Nys (aka RedByte) is an information security researcher from Belgium, and currently leads spotit’s offensive security team. While he has a passion for all offensive cybersecurity topics, he mostly specializes in Active Directory, Microsoft Entra ID (Azure AD), and Social Engineering.

He is the author of the Microsoft 365 and Entra attack toolkit GraphSpy. Additionally, Keanu is the trainer for the Certified Azure Red Team Expert (CARTE) bootcamps at Altered Security, and has presented at hacker conferences such as BruCON.

He has presented at security conferences such as BruCon, and is the author of the Microsoft 365 and Entra attacking toolkit GraphSpy. He is an instructor for various Azure Red Teaming courses with Altered Security – a company focusing on hands-on enterprise security learning – https://www.alteredsecurity.com/

The implementation of Active Directory environments is, by essence, not unlike a command-and-control infrastructure allowing to centrally coordinate and control network assets. As an attacker, why not make it your own ?

As far as the C2 capabilities of Active Directory go, Group Policy Objects (GPOs) are a key functionality that can be leveraged by attackers for a surprisingly wide range of offensive actions. From enumeration, to persistence, to impactful privilege escalation in mature segmented environments, abusing GPOs amounts to abusing the C2 capabilities of Active Directory itself – a powerful attack primitive.

And yet, GPOs received comparatively little attention by the pentesting and research community. GPOs exploitation knowledge and tooling is scarce, whether because implementation may seem kind of obscure, or since exploitation can be seen as risky. Concerns that well-equipped attackers may not have to worry about.

This presentation aims at demonstrating the full extent of possibilities offered by Group Policy Objects. It will dive deep into GPOs implementation, enumeration potential and advanced exploitation techniques introduced or implemented by the speakers these last few years. It will also be accompanied by the release of two enumeration and exploitation tools developed by the speakers.

References:

• link
• link
• link
• link

Quentin Roland is a 28-year-old pentester working for a bit more than 3 years for Synacktiv, a French firm dedicated to offensive information security.

He enjoys working on Active Directory, releasing open-source exploitation tools or enhancing existing tooling. He worked on known, trendy Active Directory exploitation primitives as well as on more obscure research topics.

A fun fact about him: he actually studied law and used to work as a lawyer, before turning to penetration testing.

Wilfried Bécard is a hacker and researcher working at Synacktiv. With a particular interest in Active Directory and Azure exploitation, his passion lies in uncovering new techniques to enhance cybersecurity in these areas. Constantly experimenting, testing, and collaborating with the security community, he aims at continuously improve his knowledge in these fields.

Dealers are a vital part of the automotive industry – intentionally separate entities from the manufacturers, but highly interconnected. Most dealers use platforms built by the manufacturers that can be used to order cars, view/store customer information, and manage their day-to-day operations. Earlier this year, new vulnerabilities were discovered in a top automaker’s dealer platform that enabled the creation of a national admin account. This level of access, a privilege reserved for a select few corporate users, opened the door to a wide range of fun exploits.

Want to start a car? Forget VINs – all you needed was someone’s name. Access to the enrollment systems made it possible to reassign ownership of cars and access remote control functionality.

Want to find out who owns that sleek ride next to you? A quick glance at the VIN on the windshield was all you needed to pull down the owner’s personal information using the customer lookup tool.

Want to impersonate the owner of a dealership to gain full access to everything? A user impersonation function was uncovered that made this possible – negating all the two-factor authentication systems.

All of this and much more was made possible through API flaws in a centralized dealer system. A system used by more than 1,000 dealers in the USA that you didn’t even know existed. A system that you would never have thought would be the unexpected connection to your car. We break down the full exploit from recon to initial access, from viewing PII to the satisfying roar of an engine coming to life.

Eaton is a senior security research engineer at Traceable by Harness. As a member of the ASPEN Labs team, he has contributed to the security of some of the world’s largest organizations by finding and responsibly disclosing many critical vulnerabilities. He is best known for his high-profile security disclosures in the automotive space: 1, 2, 3.

Roshan Piyush leads Security Research at Traceable by Harness, where he also oversees Aspen Labs — Harness’s dedicated initiative for advancing modern application and API security. He is at the forefront of developing next-generation security platforms that deliver deep protection across the software lifecycle, from code to runtime.

With over a decade of experience in cybersecurity and a recent focus on API security, Roshan researches cutting-edge detection and prevention techniques across CI/CD pipelines, software supply chains, runtime environments, and cloud-native architectures. His work powers enterprise-grade security solutions that help organizations stay ahead of evolving threats.

An active contributor to the open-source security community, Roshan has been involved with projects like OWASP crAPI and Coraza WAF. He frequently shares his insights through technical talks, tools, and collaborations, helping drive progress across the broader AppSec ecosystem.

With the commoditization of IoT surveillance technology, private and public entities alike have been rushing to put every facet of our lives under surveillance. Unfortunately, schools are no exception in the ongoing privacy race to the bottom. In this talk, we present our analysis of a popular line of IoT vape detectors marketed primarily to schools. Rey first learned of the existence of this device while he was a student in high school, scanning the local network during his lunch break. He became obsessed with the idea of reverse-engineering it, and a couple of years later he got an opportunity when a specimen appeared on eBay.

This talk will cover our journey of acquiring the device and doing a hardware teardown. Then, we’ll talk about dumping the firmware, examining its behavior, and doing some light reverse-engineering to uncover some fun appsec vulnerabilities. We’ll discuss implications of our findings on this particular series of devices, as well as on the ed-tech surveillance industry as a whole.

We will release a copy of the device filesystem, as well as our scripts for decrypting OEM firmware and packing custom firmware updates.

Rey started out finding bugs and holes in websites at 15. He began attending local infosec meetups in Portland, Oregon—like RainSec and PDX2600—soaking up everything he could. After stumbling across a creepy surveillance device at his high school, he drifted into hardware security and reverse engineering. He’s determined to keep learning and digging deeper.

nyx is a Portland-based hacker, engineer, and self-described cyberpunk. As an unwilling participant in the late-capitalist, mass-surveillance dystopia, he is passionate about digital privacy, data self-custody, and running his own infra. Ultimately, he hopes to wrest control of his online life back from the megacorps and help others do the same. He holds the OSCP, and in his professional life he develops system software for a Fortune 100 tech company’s internal consulting team, specializing in security, networks, and devops. When not making a living looking at the bad screen, in his free time he enjoys looking at the good screen.

Virtualization Based Security (VBS) is one of the most fascinating security advancements of recent years – the ability to isolate critical components of the OS enabled Microsoft to achieve substantial security improvements with features like Credential Guard and HVCI.

One of the more interesting features enabled through VBS are VBS Enclaves – a technology that allows a process to isolate a region of its memory, making it completely inaccessible to other processes, the process itself, and even the kernel.

While VBS enclaves can have a wide range of security applications, they can also be very appealing to attackers – running malware in an isolated region, out of the reach of EDRs and security analysts? Sign us up!

With this research we set out to explore the concept of enclave malware. We will dive into VBS enclaves while exploring previously undocumented behaviors, and describe the different scenarios that can enable attackers to run malicious code inside enclaves.

We will then work towards weaponizing VBS enclaves – we will describe the different techniques that could be used by malware running within enclaves, and show how they enable creating stealthy implants that can go completely undetected.

References:

Microsoft VBS enclave documentation Windows Internals 7th edition, part 1 Windows Internals 7th edition, part 2 CVE-2023-36880 exploit VBS enclave exploitation

Ori David is a senior security researcher at Akamai, his research is focused on offensive security, malware analysis, and threat hunting.

Voice cloning technology has advanced significantly, enabling the creation of convincing voice replicas using consumer-grade devices and publicly available tools. This poses critical challenges to aviation communication, where trust between pilots and air traffic controllers is paramount. The reliance on AM radio, with its low fidelity and lack of authentication, exacerbates the risk of fraudulent communications. This talk examines trust factors within aviation’s air traffic control system, focusing on how air traffic controllers’ voices can be cloned and where planes are most at risk. The talk explores FCC enforcement techniques for locating malicious actors, historical perspectives on alternative radio technologies, and the secondary systems pilots employ during communication failures. Simulated attacks will demonstrate how these vulnerabilities could disrupt operations, particularly at critical points such as runway crossings and in low-visibility conditions.

To mitigate these risks, this talk evaluates existing safeguards, including the Traffic Collision Avoidance System (TCAS), and discusses emerging technologies such as stop bars and guided runway lighting.

References:

• Huber, M. (2024, May 21). Weaponized air traffic controller calls threaten African Air Safety: Ain. Aviation International News. link
• Tackling Runway Risks. Flight Safety Foundation. (2019 May 17) link
• Cooper, C. (2018, October 1). Charles Cooper. Pirate Radio and FCC Enforcement. YouTube. link

Andrew Logan is an audio engineer, independent aviation journalist and developer @HelicoptersofDC who presented Tracking Military Ghost Helicopters over Washington DC at Def Con 30. Since then his advocacy urging lawmakers to review ADS-B exemptions for government aircraft has been cited by the Senate in the wake of the Flight 5342 crash.

You patch vulnerabilities, sandbox malware, and audit code. You know not to click suspicious links. But what if the real threat isn’t in phishing emails or zero-days—but in the very tools and research you’re relying on? In late 2024, we uncovered a new threat actor, MUT-1244, targeting security professionals, red teamers, and academics. They use trojanized proof-of-concept exploits and fake software updates to exploit trust in open-source tools and research environments.

During our investigation, we discovered over 390,000 leaked credentials that MUT-1244 exfiltrated from a compromised actor, revealing the scale of their operation. In this talk, we’ll reveal how MUT-1244 operates through fake GitHub profiles and showcase our use of OSINT to map their infrastructure and tactics. We’ll also share our attribution findings and methodology.

Attendees can expect to hear technical details of the campaigns conducted by this threat actor, some notes on attribution, ideas for detecting this activity in your environment and the story of how the speakers discovered over 390,000 credentials inadvertently stolen from unrelated threat actors by MUT-1244.

References:

• link
• link
• link
• link
• link
• link
• link

Christophe lives in Switzerland and works on cloud security research and open source at Datadog. He previously worked as a software developer, penetration tester and cloud security engineer. Christophe is the maintainer of several open-source projects such as Stratus Red Team, GuardDog, CloudFlair, Adaz, and the Managed Kubernetes Auditing Toolkit (MKAT).

Matt is a security researcher with a passion for UNIX and UNIX-like operating systems. He previously worked as a macOS malware analyst and his background includes experience in the areas of digital forensics, DevOps, and operational cyber security. Matt enjoys technical writing and has published research including the discovery of the first malware family to target AWS Lambda, emerging cloud-focused botnets, and a series of novel Linux malware campaigns.

Mr. Moss is an internet security expert and is the founder of Both the Black Hat Briefings and DEF CON Hacking conferences.

In 2023, Microsoft detected a nation state actor (Forest Blizzard/STRONTIUM) exploiting a “zero-click” remote code execution vulnerability in Outlook by sending a malicious email. Microsoft fixed this in part by adding a call to the MapUrlToZone API, which determines where a path is located so callers can make a trust decision. Critical components like Outlook, Office, Windows Shell and sandboxes rely on MapUrlToZone to make intelligent security decisions, but little research has historically focused on MapUrlToZone itself. Microsoft Security Response Center has a unique role in analyzing systemic trends in areas like this and drive deep technical research to remediate security issues. This talk will focus on MSRC’s review of the MapUrlToZone API which identified several novel ways to trick Windows into thinking that a remote untrusted file exists on the local machine. We will talk about how we approached this research and exploited key differences in how MapUrlToZone and the Windows filesystem parse file paths. In total, this research identified a dozen CVEs across various vulnerability types. All of the issues covered have been fixed with CVEs in early 2025. In addition to the individual fixes for this component, we’ll also cover how MSRC worked with internal teams to build more comprehensive mitigations.

References:

• There is very little prior research on MapUrlToZone. Our main reference point was Ben Barnea’s recent research link, link.

George is passionate about Windows Security and improving the security landscape for all Windows users. Over the past five years as a member of MSRC’s Vulnerabilities and Mitigations Team, George has investigated various components in Windows, hunting for and remediating the most pervasive vulnerabilities in the ecosystem.

Rohit Mothe is a Security Researcher on the Vulnerabilities & Mitigations team at the Microsoft Security Response Center (MSRC) and has experience researching and exploiting vulnerabilities for over a decade in various roles.

Cryptocurrency is everywhere now. Billion-dollar companies are built on it, entire economies run on Bitcoin, and cybercriminals love using it to finance their operations or hide stolen money. Cryptocurrencies promise anonymity, yet blockchain transactions are fully public, and make it tricky to hide funds.

In February 2025, the Bybit breach exposed two advanced attack vectors. First, a third-party wallet tool was compromised through malicious JavaScript injected into its logic, allowing attackers to manipulate smart contract behavior. Second, a SAFE Wallet developer was tricked through social engineering into running a fake Docker container, giving attackers persistent access to his machine.

With control established, they hijacked proxy contracts and executed stealth withdrawals of ETH and ERC-20 tokens. The stolen assets were laundered through decentralized exchanges, split across multiple wallets, bridged to Bitcoin, and passed through mixers like Wasabi Wallet.

So how do attackers manage to launder crypto, and how can we stop them? Using the 1.46 billion dollar Bybit hack by North Korea’s Lazarus Group as a case study, this talk breaks down each laundering step and explains how to automate tracking and accelerate investigations using AI.

References:

• link
• link
• link
• link

Thomas Roccia is a Senior Security Researcher at Microsoft with over 15 years of experience in the cybersecurity industry. His work focuses on threat intelligence and malware analysis.

Throughout his career, he has investigated major cyberattacks, managed critical outbreaks, and collaborated with law enforcement while tracking cybercrime and nation-state campaigns. He has traveled globally to respond to threats and share his expertise.

Thomas is a regular speaker at leading security conferences and an active contributor to the open-source community. Since 2015, he has maintained the Unprotect Project, an open database of malware evasion techniques. In 2023, he published Visual Threat Intelligence: An Illustrated Guide for Threat Researchers, which became a bestseller and won the Bronze Foreword INDIES Award in the Science & Technology category.

DCs are organizations’ core. A successful DoS attack against them can break authentication and paralyze operations.

Following our LdapNightmare release, the first public DoS exploit for CVE-2024-49113, we found two new DoS-style attack surfaces on DCs: new critical DoS vulnerabilities, and creating a botnet harnessing public DCs for DDoS. Our goal: create the Win-DoS epidemic – infect DCs with Win-DoS and make them infect others, forming Win-DDoS.

Building on LDAPNightmare, we explored client-side targeting, often exposing weaker code. By turning DCs into LDAP clients via NetLogon RPC, using LDAP referrals, we redirected them to chosen domains/ports, matching our goals.

Moreover, we knew DDoS was powerful, but aimed to replicate its effect from a single machine. We focused on RPC servers – abundant in Windows with wide attack surfaces, especially those not requiring authentication. By abusing security gaps in RPC bindings, we hit the same RPC server relentlessly from one system, far surpassing standard concurrency limits! and WOW, found vulns crashing any Windows: servers and endpoints alike!

We present “Win-DoS Epidemic” – DoS tools exploiting four new Win-DoS and one Win-DDoS zero-click vulns! Crash any Windows endpoint/server, including DCs, or launch a botnet using public DCs for DDoS. The epidemic has begun

References:

• link

Or Yair (@oryair1999) is a security research professional with seven years of experience, currently serving as the Security Research Team Lead at SafeBreach. His primary focus lies in vulnerabilities in the Windows operating system’s components, though his past work also included research of Linux kernel components and some Android components. Or’s research is driven by innovation and a commitment to challenging conventional thinking. He enjoys contradicting assumptions and considers creativity as a key skill for research. Or frequently presents his vulnerability and security research discoveries internationally at top conferences he speaks at such as Black Hat, DEF CON, RSAC, SecTor, and many more.

Shahak, Currently serving as the Research Lead at SafeBreach, with over seven years of experience in security research. My background includes extensive expertise in Linux kernel and embedded systems, with more than one year of focused research on Windows platforms.

The RPC protocol allows executing functions on remote servers. An interface is identified by a UUID, and clients contact specific RPC endpoints to communicate with it. Some endpoints may be well-known to clients, but some are provided through the EPM (Endpoint Mapper). These are called Dynamic Endpoints.

As servers request to map UUIDs to their Dynamic Endpoints, we wondered what stops us from mapping a UUID of a trusted RPC interface to an endpoint that we control, leading to our own malicious RPC interface.

We discovered that nothing stops unprivileged users from imposing as a well-known RPC server! However, to have clients connect to us, we needed to register first. We, as the underdog racer, need to beat services in their home race track.

We examined the status of RPC servers at certain points during boot and mapped several interfaces we can abuse. We then took a shot racing their services and won the gold medal! Various high integrity processes and some even PPLs trusted us to be their RPC server!

In this talk, we’ll present “RPC-Racer” – a toolset for finding insecure RPC services and winning the race against them! We’ll show it manipulating a PPL process to authenticate the machine account against any server we want! Finally, we’ll describe how to validate the integrity of RPC servers, to mitigate this issue.

References:

• link
• link
• link
• link

Ron (@RonB_Y) is a security researcher at SafeBreach with 10 years of experience. He works in vulnerability research and has knowledge in forensic investigations, malware analysis and reverse engineering. Ron previously worked in the development of security products and spoke several times at DEFCON

Many organisations are moving to Zero Trust Network Access (ZTNA) and Secure Access Service Edge (SASE) solutions in response to the real and well-documented risks associated with traditional VPNs. These cloud-era alternatives promise improved security through finer-grained access controls and better posture enforcement. But are these ‘next-gen’ cloud VPNs truly secure? In this 45-minute session, we present new research revealing that many leading ZTNA platforms – including offerings from ZScaler, Netskope and Check Point – inherit legacy VPN weaknesses while introducing fresh cloud-based attack surfaces.

We demonstrate the process of external recon, bypassing authentication and device posture checks (including hardware ID spoofing) and abuse insecure inter-process communication (IPC) between ZTNA client components to achieve local privilege escalation. We show it is possible to circumvent traffic steering to reach blocked content, exploit flaws in authentication flows to undermine device trust, and even run malicious ZTNA servers that execute code on connecting clients. Throughout the presentation, we highlight previously undisclosed vulnerabilities identified during our research. Zero trust does not mean zero risk.

References:

• Building on our previous work on SSL VPNs link
• Previous work by Sander di Wit (@sander_dewit on X).

Red Team Operator at AmberWolf (formerly with NCC Group). Co-presenter of ‘Very Pwnable Networks: Exploiting the Top Corporate VPN Clients for Remote Root and SYSTEM Shells’ at SANS HackFest Hollywood 2024. David has led red team operations uncovering critical flaws in enterprise remote access tools and has a passion for reverse engineering security products.

Red Team Operator at AmberWolf and Microsoft Top 100 Security Researcher (formerly with NCC Group). Co-presenter of ‘Very Pwnable Networks: Exploiting the Top Corporate VPN Clients…’ at HackFest Hollywood 2024. Richard has a track record of discovering novel vulnerabilities in VPN and zero-trust clients and has contributed to multiple high-profile vulnerability disclosures and tools in the offensive security community.