Talk/Event Schedule

Thursday

This Schedule is tentative and may be changed at any time. Check at an Info Booth for the latest.

CON - cont...(00:00-15:59 PDT) - IoT Village CTF Creator's Contest -
CON - cont...(00:00-16:59 PDT) - ⚠️ Not all contests listed (yet) ⚠️ -
DC - cont...(07:00-19:59 PDT) - Human Registration Open
DC - cont...(08:00-14:30 PDT) - Merch (formerly swag) Area Open -- README -
PYV - cont...(09:00-13:59 PDT) - Payment Hacking Challenge -
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - djdead,Kampf,Merin MC,Pie & Darren,Rusty,s1gnsofl1fe
WS - cont...(09:00-12:59 PDT) - The Purple Malware Development Approach - Mauricio Velazco,Olaf Hartong
WS - cont...(09:00-12:59 PDT) - Network Hacking 101 - Ben Kurtz,Victor Graf
WS - cont...(09:00-12:59 PDT) - Protect/hunt/respond with Fleet and osquery - Guillaume Ross,Kathy Satterlee
WS - cont...(09:00-12:59 PDT) - Hands-On TCP/IP Deep Dive with Wireshark - How this stuff really works - Chris Greer

Thursday - 11:00 PDT

Return to Index - Locations Legend

Thursday - 12:00 PDT

Return to Index - Locations Legend

CON - cont...(00:00-15:59 PDT) - IoT Village CTF Creator's Contest -
CON - cont...(00:00-16:59 PDT) - ⚠️ Not all contests listed (yet) ⚠️ -
CON - The Gold Bug – Crypto and Privacy Village Puzzle -
DC - cont...(07:00-19:59 PDT) - Human Registration Open
DC - cont...(08:00-14:30 PDT) - Merch (formerly swag) Area Open -- README -
PYV - cont...(09:00-13:59 PDT) - Payment Hacking Challenge -
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - djdead,Kampf,Merin MC,Pie & Darren,Rusty,s1gnsofl1fe
SOC - Friends of Bill W -
WS - cont...(09:00-12:59 PDT) - The Purple Malware Development Approach - Mauricio Velazco,Olaf Hartong
WS - cont...(09:00-12:59 PDT) - Network Hacking 101 - Ben Kurtz,Victor Graf
WS - cont...(09:00-12:59 PDT) - Protect/hunt/respond with Fleet and osquery - Guillaume Ross,Kathy Satterlee
WS - cont...(09:00-12:59 PDT) - Hands-On TCP/IP Deep Dive with Wireshark - How this stuff really works - Chris Greer

Thursday - 13:00 PDT

Return to Index - Locations Legend

Thursday - 14:00 PDT

Return to Index - Locations Legend

CON - cont...(00:00-15:59 PDT) - IoT Village CTF Creator's Contest -
CON - cont...(00:00-16:59 PDT) - ⚠️ Not all contests listed (yet) ⚠️ -
DC - cont...(07:00-19:59 PDT) - Human Registration Open
DC - cont...(08:00-14:30 PDT) - Merch (formerly swag) Area Open -- README -
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - djdead,Kampf,Merin MC,Pie & Darren,Rusty,s1gnsofl1fe
WS - Introduction to Software Defined Radios and RF Hacking - Rich
WS - Pentesting Industrial Control Systems 101: Capture the Flag! - Alexandrine Torrents,Arnaud Soullie
WS - House of Heap Exploitation - Zachary Minneker,Maxwell Dulin,Kenzie Dolan,Nathan Kirkland
WS - Introduction to Azure Security - Nishant Sharma,Jeswin Mathai

Thursday - 15:00 PDT

Return to Index - Locations Legend

CON - cont...(00:00-15:59 PDT) - IoT Village CTF Creator's Contest -
CON - cont...(00:00-16:59 PDT) - ⚠️ Not all contests listed (yet) ⚠️ -
DC - cont...(07:00-19:59 PDT) - Human Registration Open
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - djdead,Kampf,Merin MC,Pie & Darren,Rusty,s1gnsofl1fe
WS - cont...(14:00-17:59 PDT) - Introduction to Software Defined Radios and RF Hacking - Rich
WS - cont...(14:00-17:59 PDT) - Pentesting Industrial Control Systems 101: Capture the Flag! - Alexandrine Torrents,Arnaud Soullie
WS - cont...(14:00-17:59 PDT) - House of Heap Exploitation - Zachary Minneker,Maxwell Dulin,Kenzie Dolan,Nathan Kirkland
WS - cont...(14:00-17:59 PDT) - Introduction to Azure Security - Nishant Sharma,Jeswin Mathai

Thursday - 16:00 PDT

Return to Index - Locations Legend

CON - cont...(00:00-16:59 PDT) - ⚠️ Not all contests listed (yet) ⚠️ -
DC - cont...(07:00-19:59 PDT) - Human Registration Open
DDV - DDV (Data Duplication Village) starts accepting drives for duplication -
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - djdead,Kampf,Merin MC,Pie & Darren,Rusty,s1gnsofl1fe
SOC - Queercon Mixer -
SOC - Toxic BBQ -
WS - cont...(14:00-17:59 PDT) - Introduction to Software Defined Radios and RF Hacking - Rich
WS - cont...(14:00-17:59 PDT) - Pentesting Industrial Control Systems 101: Capture the Flag! - Alexandrine Torrents,Arnaud Soullie
WS - cont...(14:00-17:59 PDT) - House of Heap Exploitation - Zachary Minneker,Maxwell Dulin,Kenzie Dolan,Nathan Kirkland
WS - cont...(14:00-17:59 PDT) - Introduction to Azure Security - Nishant Sharma,Jeswin Mathai

Thursday - 17:00 PDT

Return to Index - Locations Legend

DC - cont...(07:00-19:59 PDT) - Human Registration Open
DDV - cont...(16:00-18:59 PDT) - DDV (Data Duplication Village) starts accepting drives for duplication -
SOC - cont...(09:00-17:59 PDT) - Chillout Lounge (with entertainment) - djdead,Kampf,Merin MC,Pie & Darren,Rusty,s1gnsofl1fe
SOC - cont...(16:00-17:59 PDT) - Queercon Mixer -
SOC - Friends of Bill W -
SOC - cont...(16:00-21:59 PDT) - Toxic BBQ -
WS - cont...(14:00-17:59 PDT) - Introduction to Software Defined Radios and RF Hacking - Rich
WS - cont...(14:00-17:59 PDT) - Pentesting Industrial Control Systems 101: Capture the Flag! - Alexandrine Torrents,Arnaud Soullie
WS - cont...(14:00-17:59 PDT) - House of Heap Exploitation - Zachary Minneker,Maxwell Dulin,Kenzie Dolan,Nathan Kirkland
WS - cont...(14:00-17:59 PDT) - Introduction to Azure Security - Nishant Sharma,Jeswin Mathai

Thursday - 18:00 PDT

Return to Index - Locations Legend

DC - cont...(07:00-19:59 PDT) - Human Registration Open
DDV - cont...(16:00-18:59 PDT) - DDV (Data Duplication Village) starts accepting drives for duplication -
SOC - Thursday Opening Party - Entertainment - Archwisp,DJ St3rling,Dr. McGrew,FuzzyNop,Magician Kody Hildebrand,NPC Collective,TRIODE,Ytcracker
SOC - DC702 Pwnagotchi Party -
SOC - cont...(16:00-21:59 PDT) - Toxic BBQ -

Thursday - 19:00 PDT

Return to Index - Locations Legend

DC - cont...(07:00-19:59 PDT) - Human Registration Open
SOC - cont...(18:00-20:59 PDT) - DC702 Pwnagotchi Party -
SOC - cont...(16:00-21:59 PDT) - Toxic BBQ -

Thursday - 20:00 PDT

Return to Index - Locations Legend

SOC - cont...(18:00-20:59 PDT) - DC702 Pwnagotchi Party -
SOC - cont...(16:00-21:59 PDT) - Toxic BBQ -

Thursday - 21:00 PDT

Return to Index - Locations Legend

SOC - Hallway Monitor Party - Entertainment - CodexMafia,DotOrNot,Heckseven,PankleDank,Tavoo
SOC - cont...(16:00-21:59 PDT) - Toxic BBQ -

Talk/Event Descriptions

CON - Thursday - 00:00-16:59 PDT

Title: ⚠️ Not all contests listed (yet) ⚠️
When: Thursday, Aug 11, 00:00 - 16:59 PDT
Where: Caesars Forum - Summit 206-208, 238, 237, 234 (Contest Area) - Map

Description:
Greetings, humans and inhumans! A brief note from your HackerTracker data-wrangler.

Accepted contests not yet posted on HackerTracker (or info.defcon.org):

Crack Me If You Can (CMIYC)
Telechallenge
The Hack-n-Attack Hacker Homecoming Heist Tin Foil Hat Contest

The above contests have been accepted and (to the best of my knowledge) will happen at DEF CON 30, but I'm missing crucial information required for the publishing process. If you are a contest organizer and you have Basecamp access, please reach out to me (@aNullValue) as soon as possible. If you do not have Basecamp access, please reach out to the DEF CON department lead or goon that is your primary point of contact.

Return to Index - Add to

- ics Calendar file

SOC - Thursday - 09:00-17:59 PDT

Title: Chillout Lounge (with entertainment)
When: Thursday, Aug 11, 09:00 - 17:59 PDT
Where: Caesars Forum - Forum 120-123, 129, 137 (Chillout) - Map
Speakers:djdead,Kampf,Merin MC,Pie & Darren,Rusty,s1gnsofl1fe

SpeakerBio:djdead
No BIO available

SpeakerBio:Kampf
No BIO available

SpeakerBio:Merin MC
No BIO available

SpeakerBio:Pie & Darren
No BIO available

SpeakerBio:Rusty
No BIO available

SpeakerBio:s1gnsofl1fe
No BIO available

Description:
The chillout lounge in Caesars Forum will have live music; all other chillout lounges will have music live-streamed from there.

All chillout lounges are planned to be open 09:00 - 18:00 for chillout purposes. Each may be open at other times for parties, meetups, etc.

Entertainment schedule:

09:00 to 12:00 - Pie & Darren
12:00 to 13:30 - Kampf
13:30 to 14:30 - s1gnsofl1fe
14:30 to 15:30 - Merin MC
15:30 to 16:30 - Rusty
16:30 to 18:00 - djdead

Return to Index - Add to

- ics Calendar file

SOC - Thursday - 18:00-20:59 PDT

Title: DC702 Pwnagotchi Party
When: Thursday, Aug 11, 18:00 - 20:59 PDT
Where: Caesars Forum - Summit 211-213 (Teacher's Lounge) - Map

Description:
Join DC702 for a Pwnagotchi party. The DC702 team will be auctioning off kits and donating the proceeds to the EFF, as well as providing instructions and guidance for assembly. Everyone is welcome to come by, and if you have your own assembled or unassembled kit, feel free to bring it!

Return to Index - Add to

- ics Calendar file

DDV - Thursday - 16:00-18:59 PDT

Title: DDV (Data Duplication Village) starts accepting drives for duplication
When: Thursday, Aug 11, 16:00 - 18:59 PDT
Where: Flamingo - Exec Conf Ctr - Lake Meade and Valley of Fire (Data Duplication Village) - Map

Description:
We start taking drives at 4:00pm local time on Thursday, August 11th. We'll keep accepting drives until we reach capacity (usually late Friday or early Saturday). Then we copy and copy all the things until we just can't copy any more - first come, first served. We run around the clock until we run out of time on Sunday morning with the last possible pickup being before 11:00am on Sunday.

Return to Index - Add to

- ics Calendar file

SOC - Thursday - 17:00-16:59 PDT

Title: Friends of Bill W
When: Thursday, Aug 11, 17:00 - 16:59 PDT
Where: Caesars Forum - Unity Boardroom - Map

Description:
For all those Friends of Bill W. looking for a meeting or just a quiet moment to regroup, we have you covered with meetings throughout #DEFCON - Noon & 5pm Thurs-Sat, Noon Sun.

Please note: the Caesars Forum Unity Ballroom is at the "front" of Caesars Forum, beside Demo Labs, across from room 216 (the Contest-CTF area).

Return to Index - Add to

- ics Calendar file

SOC - Thursday - 12:00-11:59 PDT

Title: Friends of Bill W
When: Thursday, Aug 11, 12:00 - 11:59 PDT
Where: Caesars Forum - Unity Boardroom - Map

Description:
For all those Friends of Bill W. looking for a meeting or just a quiet moment to regroup, we have you covered with meetings throughout #DEFCON - Noon & 5pm Thurs-Sat, Noon Sun.

Please note: the Caesars Forum Unity Ballroom is at the "front" of Caesars Forum, beside Demo Labs, across from room 216 (the Contest-CTF area).

Return to Index - Add to

- ics Calendar file

SOC - Thursday - 21:00-01:59 PDT

Title: Hallway Monitor Party - Entertainment
When: Thursday, Aug 11, 21:00 - 01:59 PDT
Where: Caesars Forum - Skybridge Entrance - Map
Speakers:CodexMafia,DotOrNot,Heckseven,PankleDank,Tavoo

SpeakerBio:CodexMafia
No BIO available

SpeakerBio:DotOrNot
No BIO available

SpeakerBio:Heckseven
No BIO available

SpeakerBio:PankleDank
No BIO available

SpeakerBio:Tavoo
No BIO available

Description:
21:00 - 22:00: heckseven
22:00 - 23:00: DotOrNot
23:00 - 00:00: Tavoo
00:00 - 01:00: CodexMafia
01:00 - 02:00: PankleDank

Return to Index - Add to

- ics Calendar file

WS - Thursday - 09:00-12:59 PDT

Title: Hands-On TCP/IP Deep Dive with Wireshark - How this stuff really works
When: Thursday, Aug 11, 09:00 - 12:59 PDT
Where: Harrah's - Reno (Workshops) - Map

SpeakerBio:Chris Greer , Network Analyst & Wireshark Instructor
Chris Greer is a Packet Head. He is a Packet Analyst and Trainer for Packet Pioneer, a Wireshark University partner, and has a passion for digging into the packet-weeds and finding answers to network and cybersecurity problems. Chris has a YouTube channel where he focuses on videos showing how to use Wireshark to examine TCP connections, options, and unusual behaviors, as well as spotting scans, analyzing malware, and other IOC’s in the traffic. His approach to training is that if you aren’t having fun doing something, you won’t retain what you are learning, so he strives to bring as much hands-on and humor to the classroom as possible. Chris remembers what it was like to look at Wireshark for the first time, and knows how complicated packet analysis can be. With that in mind, he has designed an easy-to-follow course that will appeal both to the beginner and more advanced Packet Person.
Twitter: @packetpioneer

Description:
Let's break out Wireshark and dig deep in to the TCP and IP protocols. This skill is critical for anyone interested in any area of cybersecurity, no matter the color of the hat. Almost all enumeration, scans, incident response, and traffic forensics require the analyst to dig into and interpret TCP conversations. When enumerating an environment, identifying key TCP/IP indicators in protocol headers can also help when passively fingerprinting systems.

In this workshop we will roll back our sleeves and learn how TCP/IP really works - the handshake, options, sequence/ack numbers, retransmissions, TTL, and much more. This workshop welcomes all cybersecurity and wireshark experience levels.

Materials: Just a laptop with a copy of Wireshark. I will provide the sample pcaps for analysis.
Prereq: None

Return to Index - Add to

- ics Calendar file

WS - Thursday - 14:00-17:59 PDT

Title: House of Heap Exploitation
When: Thursday, Aug 11, 14:00 - 17:59 PDT
Where: Harrah's - Goldfield + Tonopah (Workshops) - Map
Speakers:Zachary Minneker,Maxwell Dulin,Kenzie Dolan,Nathan Kirkland

SpeakerBio:Zachary Minneker , Senior Security Engineer, Security Innovation
Zachary Minneker is a senior security engineer and security researcher at Security Innovation. His first computer was a PowerPC Macintosh, an ISA which he continues to defend to this day. At Security Innovation, he has performed security assessments on a variety of systems, including robots for kids, audio transcription codecs, and electronic medical systems. He has previous experience administrating electronic medical systems, and deep experience in fuzzing, reverse engineering, and protocol analysis. His research has focused on techniques for in-memory fuzzing, IPC methods, and vulnerability discovery in electronic medical record systems and health care protocols. In his free time he works on music and synthesizers.
Twitter: @seiranib

SpeakerBio:Maxwell Dulin , Security Engineer
Maxwell Dulin (Strikeout) is a senior security consultant hacking all things under the sun, from garage doors to web applications to operating systems. Maxwell has published many articles/talks for a plethora of heap exploitation techniques, assorted web application exploits and IoT devices. He has previously spoken at DEF CON 27s IoT Village, ToorCon, CanSecWest, Hackfest and DEF CON workshops. His research is focused on custom RF protocols and binary exploitation methods. In his free time, he plays with RF toys, hikes to fire lookouts and catches everything at dodgeball.
Twitter: @Dooflin5

SpeakerBio:Kenzie Dolan , Security Engineer
Kenzie Dolan (they/she) works for Security Innovation as a Security Engineer focusing on engagements ranging from IoT hacking to kiosk exploitation. His current research interests include emerging threats against Mobile and IoT devices. He has a degree in Computer and Information Science from University of Oregon. In his free time, James enjoys composing music, playing video games or hiking in the greater Seattle area.

SpeakerBio:Nathan Kirkland
Raised on a steady diet of video game modding, when Nathan found programming as a teenager, he fit right into it. Legend says he still keeps his coffee (and tear) stained 1980s edition of The C Programming Language by K&R stored in a box somewhere. A few borrowed Kevin Mitnick books later, he had a new interest, and began spending more and more time searching for buffer overflows and SQL injections. Many coffee fueled sleepless nights later, he had earned OSCP, and graduated highschool a few months later. After a few more years of working towards a math degree and trying fervently to teach himself cryptanalysis, he decided to head back to the types of fun hacking problems that were his real first love, and has worked at Security Innovation ever since.

Description:

Materials: Laptop with enough power for a moderately sized Linux VM Administrative access to the laptop 8GB RAM minimum 30GB harddrive space Virtualbox or another virtualization platform installed
Prereq: Basic computer science background (x86_64 assembly, stack, programming skills in C & Python) Basic binary exploitation skills (buffer overflow exploitation, ROP, ASLR, etc.) - Familiar with Linux developer tools such as the command line, Python scripting and GDB.

Return to Index - Add to

- ics Calendar file

WS - Thursday - 14:00-17:59 PDT

Title: Introduction to Azure Security
When: Thursday, Aug 11, 14:00 - 17:59 PDT
Where: Harrah's - Silver (Workshops) - Map
Speakers:Nishant Sharma,Jeswin Mathai

SpeakerBio:Nishant Sharma , Security Research Manager
Nishant Sharma is a Security Research Manager at INE, where he manages the development of next-generation on-demand labs. Before INE, he worked as R&D Head of Pentester Academy (Acquired by INE), where he led a team of developers/researchers to create content and platform features for AttackDefense. He has also developed multiple gadgets for WiFi pentesting/monitoring such as WiMonitor, WiNX, and WiMini. With over 9+ years of experience in development and content creation, he has conducted trainings/workshops at Blackhat Asia/USA, HITB Amsterdam/Singapore, OWASP NZ day, and DEFCON USA villages. He has presented/published his work at Blackhat USA/Asia Arsenal, DEFCON USA/China, Wireless Village, Packet Village and IoT village. He has also conducted WiFi Pentesting training at Blackhat USA 2019, 2021. He had started his career as a firmware developer at Mojo Networks (Acquired by Arista) where he worked on new features for the enterprise-grade WiFi APs and maintenance of state-of-the-art WIPS. He has a Master degree in Information Security from IIIT Delhi. He has also published peer-reviewed academic research on HMAC security. His areas of interest include WiFi, Azure, and Container security.

SpeakerBio:Jeswin Mathai , Senior Security Researcher
Jeswin Mathai is a Senior Security Researcher at INE. Prior to joining INE, He was working as a senior security researcher at Pentester Academy (Acquired by INE). At Pentester Academy, he was also part of the platform engineering team who was responsible for managing the whole lab infrastructure. He has published his work at DEFCON China, RootCon, Blackhat Arsenal, and Demo labs (DEFCON). He has also been a co-trainer in classroom trainings conducted at Black Hat Asia, HITB, RootCon, OWASP NZ Day. He has a Bachelor degree from IIIT Bhubaneswar. He was the team lead at InfoSec Society IIIT Bhubaneswar in association with CDAC and ISEA, which performed security auditing of government portals, conducted awareness workshops for government institutions. His area of interest includes Cloud Security, Container Security, and Web Application Security.

Description:
In recent times, Azure has become one of the dominant cloud service providers. Most enterprises today have some infrastructure if not all deployed on the cloud and attackers are constantly on the hunt for finding a way into the infrastructure.

Among the recent cloud hacks, around 97 percent are due to misconfigurations and various surveys suggest that in most cases, people were not aware of how misconfiguration can happen in various circumstances. Azure security is a mammoth in itself and a lot of people struggle in getting started with it, for the same reason many cloud administrators and developers are not aware of how misconfigurations and vulnerable applications can be leveraged to get a foothold on the account.

This workshop is a power course for Azure security, we will first cover the fundamentals and building blocks of Azure then we will take a look at the threatscape and attack vectors.

Materials: A laptop with the latest web browser and network connectivity A Kali VM (Virtual Box, VMWare, WSL)
Prereq: Basic knowledge of Linux and Networking

Return to Index - Add to

- ics Calendar file

WS - Thursday - 14:00-17:59 PDT

Title: Introduction to Software Defined Radios and RF Hacking
When: Thursday, Aug 11, 14:00 - 17:59 PDT
Where: Harrah's - Elko (Workshops) - Map

SpeakerBio:Rich , Research Scientist
Rich currently works as a research scientist focusing on radio communications and digital signals processing applications. Before making the jump to research, he was a RF engineer and embedded software developer working on prototype radio systems and DSP tools. He is passionate about radios and wireless technology and will happily talk for hours on the subject.

Description:
This class is a beginner's introduction to practical Software Defined Radio (SDR) applications and development with an emphasis on hands-on learning. If you have ever been curious about the invisible world of radio waves and signals all around you, but didn’t know where to begin, then this workshop is for you. Students can expect to learn about basic RF theory and SDR architecture before moving on to hands-on development with real radios. The instructor will guide students through progressively more complicated RF concepts and waveforms, culminating in a small capstone exercise. For this workshop, you must provide your own laptop and SDR. You can either purchase a RTL-SDR dongle kit which includes an antenna, small tripod, and a receive-only USB SDR for this class beforehand and bring it to the conference, or use a commercial SDR you already own. VMs will be made available to students to download before class, along with an OS setup guide for those that prefer a bare-metal install. The VM/OS will have all the required drivers and frameworks to interface with the radio hardware. My intent for this class is to lower the barrier of entry associated with RF topics, and for that reason I would like to emphasize that the workshop is geared toward complete beginner students with no prior experience working with SDRs; DEF CON attendees who already have experience with SDRs will likely find this course too simple.

Materials: Students will need to come with the following: A laptop capable of running an Ubuntu VM (or an install of Ubuntu). The VM/OS installation guide will be given out before Defcon. Digital Signals Processing is typically very computationally intensive, so I recommend a laptop with a 4 core processor and 8GB of RAM.

A Software Defined Radio, as this workshop is bring-your-own-device. I highly recommend a RTL2832 chip based kit that comes with a USB-powered SDR and an antenna mount. Two brands to consider are RTL-SDR and Nooelec. They are essentially the same, and I would pick whatever SDR is in stock at the time. Make sure to pick the kit that comes with the antenna accessories and not just the USB dongle. It should be between $40 to $50 USD: https://www.rtl-sdr.com/buy-rtl-sdr-dvb-t-dongles/ https://www.nooelec.com/store/sdr/sdr-receivers/nesdr-smart.html

If you already own a SDR (like a HackRF or one of the RTL-chip dongles) you can also use that. Just make sure to bring/buy an antenna.

Due to supply-chain issues, if you need to purchase a SDR for this workshop I highly recommend doing so ASAP.

Prereq: None, this is a workshop for complete beginners, although having some basic python knowledge would be a plus

Return to Index - Add to

- ics Calendar file

CON - Thursday - 00:00-15:59 PDT

Title: IoT Village CTF Creator's Contest
When: Thursday, Aug 11, 00:00 - 15:59 PDT
Where: Caesars Forum - Alliance 311, 320 (IoT Village) - Map

Description:
Got a cool new exploit on an IoT device and don’t know what to do with it? The CTF Creators Contest is just the thing! Show us your research, put the device in the CTF and see if others can pop it. Oh, and did we mention the great prizes? Check out the IoT Village website for submission criteria https://iotvillage.org/defcon.html#ctfCreatorsContest

Return to Index - Add to

- ics Calendar file

DC - Thursday - 08:00-14:30 PDT

Title: Merch (formerly swag) Area Open -- README
When: Thursday, Aug 11, 08:00 - 14:30 PDT
Where: Caesars Forum - Summit 229 (Merch) - Map

Description:
All merch sales are USD CASH ONLY. No cards will be accepted.

The published hours for the merch area are only an approximation: supplies are limited, and when merch is sold out, the merch area will close. (We intend to update this schedule to reflect their true operating status, but this is strictly best-effort.)

Return to Index - Add to

- ics Calendar file

WS - Thursday - 09:00-12:59 PDT

Title: Network Hacking 101
When: Thursday, Aug 11, 09:00 - 12:59 PDT
Where: Harrah's - Ely (Workshops) - Map
Speakers:Ben Kurtz,Victor Graf

SpeakerBio:Ben Kurtz , Hacker
Ben Kurtz is a hacker, a hardware enthusiast, and the host of the Hack the Planet podcast (symbolcrash.com/podcast). After his first talk, at DefCon 13, he ditched development and started a long career in security.

He has been a pentester for IOActive, head of security for an MMO company, and on the internal pentest team for the Xbox One at Microsoft. Along the way, he volunteered on anti-censorship projects, which resulted in his conversion to Golang and the development of the ratnet project (github.com/awgh/ratnet). A few years ago, he co-founded the Binject group to develop core offensive components for Golang-based malware, and Symbol Crash, which focuses on sharing hacker knowledge through trainings for red teams, a free monthly Hardware Hacking workshop in Seattle, and podcasts. He is currently developing a ratnet-based handheld device for mobile encrypted mesh messaging (www.crowdsupply.com/improv-labs/meshinger).

SpeakerBio:Victor Graf , Hacker
Victor is a hacker and software engineer from Seattle with a love of network security and cryptography. He most recently worked for a blockchain company designing and building peer-to-peer protocols and systems for non-custodial account recovery. Building and breaking networks was his first love in the world of computers, and he built the Naumachia platform starting in 2017 to bring network hacking to CTFs. With that he has hosted Network Hacking 101 workshops in San Francisco and now in Seattle.

Description:
Come learn how to hack networks without needing to piss off your local coffee shop, housemates, or the Feds! Bring your laptop and by the end of this workshop, everyone can walk away having intercepted some packets and popped some reverse shells.

In the workshop you’ll solve a series of challenges, each in a contained virtualized network where it’s just you and your targets. We’ll start with a networking crash course to introduce you to packets and their layers, as well as how to use Wireshark to dig in and explore further. We'll practice network sniffing and scanning to find your targets, and of course how to execute a man-in-the-middle attack via ARP spoofing to intercept local network traffic. With those techniques, we'll go through challenges including extracting plaintext passwords, TCP session hijacking, DNS poisoning, and SMTP TLS downgrade. All together, this workshop aims to give you the tools you need to start attacking systems at the network layer.

Materials

A laptop with Linux or a Linux VM (MacOS can also work, but have a VM installed as a backup). These software tools (detailed installation instructions will be provided in the materials ahead of DEFCON):

OpenVPN: Connect to the challenges you will be hacking
Wireshark (tcpdump also works): Capture and dissect network traffic
netcat (nc): Swiss-army-knife of networking
nmap: Scan and search for vulnerable targets
bettercap: Man-in-the-middle attack tool and network attack platform
python3 (optional): Build new attack tools

Prereq

Basic experience with Linux command-line tools

Basic familiarity with networking (e.g. you know what IP and MAC addresses are, you could set up your home router, and host a LAN party)

Return to Index - Add to

- ics Calendar file

CON - Thursday - 00:00-09:59 PDT

Title: Octopus Game - Recruitment/Registration
When: Thursday, Aug 11, 00:00 - 09:59 PDT
Where: Other/See Description

Description:
Are you the next Octopus Champion? Find out at DEF CON 30! Enter here: https://www.mirolabs.info/octopusgame

Once entered, contestants are provided a random opponent. Locate your opponent and challenge them to a contest: rock-paper-scissors, Ddakji, staring contest, etc. Winners receive their opponents’ targets and the game continues until we reach the top 4. The Octopus Champion is then decided at a special tournament with events designed by the Octopus Master.

Phases:

Recruitment/Registration: until Friday Aug 12 10:00 Mandatory On-site Sign-in: Friday Aug 12 10:00 - 12:00 Individual Phase: Friday Aug 12 12:00 - Sunday Aug 14 10:00 Final 8 Phase: Sunday Aug 14 10:00 - 11:00

Return to Index - Add to

- ics Calendar file

PYV - Thursday - 09:00-13:59 PDT

Title: Payment Hacking Challenge
When: Thursday, Aug 11, 09:00 - 13:59 PDT
Where: Virtual - Payment Village

Description:
Try yourself in ATM, Online bank, POS and Cards hacking challenges.

Please join the DEF CON Discord and see the #payv-labs-text channel for more information.

Return to Index - Add to

- ics Calendar file

WS - Thursday - 14:00-17:59 PDT

Title: Pentesting Industrial Control Systems 101: Capture the Flag!
When: Thursday, Aug 11, 14:00 - 17:59 PDT
Where: Harrah's - Ely (Workshops) - Map
Speakers:Alexandrine Torrents,Arnaud Soullie

SpeakerBio:Alexandrine Torrents , Security Consultant
Alexandrine Torrents is a cybersecurity consultant at Wavestone, a French consulting company. She started as a penetration tester, and performed several cybersecurity assessments on ICS. She worked on a few ICS models to demonstrate attacks on PLCs and developed a particular tool to request Siemens PLCs. Then, she started working at securing ICS, especially in the scope of the French military law, helping companies offering a vital service to the nation to comply with security rules. Now, Alexandrine works with different industrial CISOs on their cybersecurity projects: defining secure architectures, hardening systems, implementing detection mechanisms. She is also IEC 62443 certified and still performs assessments on multiple environments.

SpeakerBio:Arnaud Soullie , Senior Manager
Arnaud Soullié (@arnaudsoullie) is a Senior Manager at Wavestone, a global consulting company. For 12 years, he has been performing security assessments and pentests on all types of targets. He started specializing in ICS cybersecurity 10 years ago. He spoke and taught workshops at numerous security conferences on ICS topics : BlackHat Europe, BruCon, CS3STHLM, BSides Las Vegas, DEFCON... He is also the creator of the DYODE project, an opensource data diode aimed at ICS. He has been teaching ICS cybersecurity training since 2015.
Twitter: @arnaudsoullie

Description:
Do you want to learn how to hack Industrial Control Systems? Let’s participate in the one and only CTF in which you really have to capture a flag, by hacking PLCs and taking control of a robotic arm! We’ll start by explaining the basics of Industrial Control Systems : what are the components, how they work, the protocols they use… We’ll learn how PLC work, how to program them, and how to communicate with them using Modbus, S7comm and OPCUA.

Then we’ll start hacking! Your goal will be to take control of a model train and robotic arms to capture a real flag! The CTF will be guided so that everyone learns something and gets a chance to get most flags!

Materials: Just a laptop with a modern web browser. Students will be provided with cloud VMs to perform the exercises.
Prereq: None

Return to Index - Add to

- ics Calendar file

WS - Thursday - 09:00-12:59 PDT

Title: Protect/hunt/respond with Fleet and osquery
When: Thursday, Aug 11, 09:00 - 12:59 PDT
Where: Harrah's - Goldfield + Tonopah (Workshops) - Map
Speakers:Guillaume Ross,Kathy Satterlee

SpeakerBio:Guillaume Ross , Head of Security
Guillaume started hacking away in the early 90s. Whereby hacking, we mean "understanding how pkzip works so he could fit this game on his ridiculous HDD". He then went on to work in IT, focusing on large scale endpoint deployments for a few years. He then became a security consultant, working with all types of different organizations, doing endpoint security, mobile security, and cloud security until he started leading security in startups. Guillaume is currently the Head of Security at Fleet Device Management, the company behind the open source project Fleet. Guillaume dislikes doing meaningless "best practices" work that has no practical value and enjoys leveraging great open source software available to all of us to improve security.

Guillaume has spoken and given workshops at various conferences like BSidesLV, BsidesSF, DEF CON, RSAC, Thotcon and Northsec on many topics, including mobile security, endpoint security, logging and monitoring.

SpeakerBio:Kathy Satterlee , Developer Advocate
Kathy is a Developer Advocate at Fleet Device Management. She generally has a pretty good idea of how Fleet and osquery work together and what people are doing with them. She also usually knows who to reach out to when she doesn’t have a clue.

Description:
In this workshop, we will learn how to use Fleet and osquery to ensure systems are protected, detect suspicious activity, hunt for attackers, and respond to incidents. First, we'll see how to deploy Fleet to manage osquery agents. Then, we will use shared Fleet instances to track the security posture of systems, inventory vulnerable applications, and perform threat hunting. These Fleet instances will be connected to a shared Slack workspace, where we will generate custom alerts to ensure insecure systems can be dealt with. These shared Fleet instances will output data to centralized logging (Graylog), which we will use to create dashboards as well as alerting for suspicious activity. At the end of this workshop, you'll know how to use Fleet and osquery to ensure your workstations and servers are secure, to quickly find vulnerable systems as well as discover attackers performing techniques such as establishing persistence and privilege escalation.

Materials: A laptop with internet access, a web browser, virtualization app such as VirtualBox or VMware, and Docker (on main OS or in a VM). We recommend bringing at least one or two VMs (Mac, Windows or Linux) ready to use as osquery clients.
Prereq: Basic understanding of operating systems and networking. No knowledge of Fleet or osquery itself is needed.

Return to Index - Add to

- ics Calendar file

SOC - Thursday - 16:00-17:59 PDT

Title: Queercon Mixer
When: Thursday, Aug 11, 16:00 - 17:59 PDT
Where: Caesars Forum - Forum 120-123, 129, 137 (Chillout) - Map

Description:
The lgbtqia+ community in InfoSec is throwing a party to bring our folk together and have a good time. Meet others like you or hang out with those you’ve met over the years. This is a safe and inclusive space meant to make you feel comfortable and help you socialize with others like you.

Return to Index - Add to

- ics Calendar file

CON - Thursday - 12:00-09:59 PDT

Title: The Gold Bug – Crypto and Privacy Village Puzzle
When: Thursday, Aug 11, 12:00 - 09:59 PDT
Where: Virtual

Description:
Love puzzles? Need a place to exercise your classical and modern cryptography skills? This puzzle will keep you intrigued and busy throughout Defcon - and questioning how deep the layers of cryptography go. The Gold Bug an annual Defcon puzzle hunt, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto. Accessible to all - and drop by for some kids’ puzzles too!PELCGBTENCUL VF UNEQ

This puzzle can be done virtually, but if you’re on-site, you’re welcome to stop by the village to discuss it as well!

Return to Index - Add to

- ics Calendar file

WS - Thursday - 09:00-12:59 PDT

Title: The Purple Malware Development Approach
When: Thursday, Aug 11, 09:00 - 12:59 PDT
Where: Harrah's - Elko (Workshops) - Map
Speakers:Mauricio Velazco,Olaf Hartong

SpeakerBio:Mauricio Velazco , Principal Threat Research Engineer
Mauricio Velazco (@mvelazco) is a Principal Threat Research Engineer at Splunk. Prior to Splunk, he led the Threat Management team at a Fortune 500 organization. Mauricio has presented and hosted workshops at conferences like Defcon, BlackHat, Derbycon, BSides and SANS. His main areas of focus include detection engineering, threat hunting and adversary simulation.
Twitter: @mvelazco

SpeakerBio:Olaf Hartong , Defensive Specialist
Olaf Hartong is a Defensive Specialist and security researcher at FalconForce. He specializes in understanding the attacker tradecraft and thereby improving detection. He has a varied background in blue and purple team operations, network engineering, and security transformation projects. Olaf has presented at many industry conferences including WWHF, Black Hat, DEF CON, DerbyCon, Splunk .conf, FIRST, MITRE ATT&CKcon, and various other conferences. Olaf is the author of various tools including ThreatHunting for Splunk, ATTACKdatamap and Sysmon-modular.

Description:
This workshop merges offensive and defensive lab exercises to provide attendees hands-on experience on custom malware development as well as live malware analysis and response. The workshop has a total of 5 hands-on exercises and each contains a Red and a Blue section. In the Red section attendees write custom payloads using C# and C++ with different techniques to obtain a reverse shell on a Windows victim endpoint. In the Blue section attendees investigate the infection by reviewing events and logs using open source static and dynamic malware analysis tools like CFFExplorer, Pe-Studio, dnSpy, Process Explorer, Process Monitor, Sysmon, Frida, Velociraptor, etc..

Materials: Laptop with virtualization software. A Windows virtual machine A Kali Linux Virtual Machine.
Prereq: Beginner to intermediate programming/scripting skills. Prior experience with C# helps but not required. Beginner static and dynamic malware analysis skills.

Return to Index - Add to

- ics Calendar file

SOC - Thursday - 18:00-01:59 PDT

Title: Thursday Opening Party - Entertainment
When: Thursday, Aug 11, 18:00 - 01:59 PDT
Where: Caesars Forum - Forum 120-123, 129, 137 (Chillout) - Map
Speakers:Archwisp,DJ St3rling,Dr. McGrew,FuzzyNop,Magician Kody Hildebrand,NPC Collective,TRIODE,Ytcracker

SpeakerBio:Archwisp
No BIO available

SpeakerBio:DJ St3rling
No BIO available

SpeakerBio:Dr. McGrew
No BIO available

SpeakerBio:FuzzyNop
No BIO available

SpeakerBio:Magician Kody Hildebrand
No BIO available

SpeakerBio:NPC Collective
No BIO available

SpeakerBio:TRIODE
No BIO available

SpeakerBio:Ytcracker
No BIO available

Description:
18:00 - 19:00: Hildebrand Magic
19:00 - 20:00: NPC Collective
20:00 - 21:00: Archwisp
21:00 - 22:00: Dr. McGrew
22:00 - 23:00: DJ St3rling
23:00 - 00:00: ytcracker
00:00 - 01:00: TRIODE
01:00 - 02:00: FuzzyNop

Return to Index - Add to

- ics Calendar file

SOC - Thursday - 16:00-21:59 PDT

Title: Toxic BBQ
When: Thursday, Aug 11, 16:00 - 21:59 PDT
Where: Other/See Description

Description:
16:00- 22:00 Thursday, Off-site at Sunset Park, Pavilion F, (36.0636, -115.1178)

The humans of Vegas invite you to the 16th in-carne-tion of this unofficial welcome party. Go AFK 4 BBQ off-Strip and make us the first stop on your DC30 reunion tour. Burgers and dogs are provided; attendees are encouraged to pitch in with more food, drinks, volunteer labor, rides, and and everything that makes this cookout something to remember.

Grab flyers from an Info Booth after Linecon, check out https://www.toxicbbq.org for the history of this event, and watch #ToxicBBQ on Twitter for the latest news.

Return to Index - Add to

- ics Calendar file

Talk/Event Schedule

Thursday

Thursday - 00:00 PDT

Thursday - 01:00 PDT

Thursday - 02:00 PDT

Thursday - 03:00 PDT

Thursday - 04:00 PDT

Thursday - 05:00 PDT

Thursday - 06:00 PDT

Thursday - 07:00 PDT

Thursday - 08:00 PDT

Thursday - 09:00 PDT

Thursday - 10:00 PDT

Thursday - 11:00 PDT

Thursday - 12:00 PDT

Thursday - 13:00 PDT

Thursday - 14:00 PDT

Thursday - 15:00 PDT

Thursday - 16:00 PDT

Thursday - 17:00 PDT

Thursday - 18:00 PDT

Thursday - 19:00 PDT

Thursday - 20:00 PDT

Thursday - 21:00 PDT

Talk/Event Descriptions

CON - Thursday - 00:00-16:59 PDT

SOC - Thursday - 09:00-17:59 PDT

SOC - Thursday - 18:00-20:59 PDT

DDV - Thursday - 16:00-18:59 PDT

SOC - Thursday - 17:00-16:59 PDT

SOC - Thursday - 12:00-11:59 PDT

SOC - Thursday - 21:00-01:59 PDT

WS - Thursday - 09:00-12:59 PDT

WS - Thursday - 14:00-17:59 PDT

WS - Thursday - 14:00-17:59 PDT

WS - Thursday - 14:00-17:59 PDT

CON - Thursday - 00:00-15:59 PDT

DC - Thursday - 08:00-14:30 PDT

WS - Thursday - 09:00-12:59 PDT

CON - Thursday - 00:00-09:59 PDT

PYV - Thursday - 09:00-13:59 PDT

WS - Thursday - 14:00-17:59 PDT

WS - Thursday - 09:00-12:59 PDT

SOC - Thursday - 16:00-17:59 PDT

CON - Thursday - 12:00-09:59 PDT

WS - Thursday - 09:00-12:59 PDT

SOC - Thursday - 18:00-01:59 PDT

SOC - Thursday - 16:00-21:59 PDT