Talk/Event Schedule
Saturday
This Schedule is tentative and may be changed at any time. Check at an Info Booth for the latest.
Saturday - 00:00 PDT
Return to Index - Locations Legend
BHV - Model Based Systems Engineering for Security Engineers - John Volock
BHV - Virtual Hospital in Space - Aswin Reji
BHV - Hacking Reproductive Health - JJ Hastings
BHV - Beyond Ransomware: Protecting Lives and Data from Modern Threat Actors - Ohad Zaidenberg
BHV - The Megabiome is In Charge: Taking Control of Your Microbial World - Mariam Elgabry
Saturday - 06:00 PDT
Return to Index - Locations Legend
MISC - Defcon.run -
Saturday - 07:00 PDT
Return to Index - Locations Legend
MISC - cont...(06:00-11:59 PDT) - Defcon.run -
Saturday - 08:00 PDT
Return to Index - Locations Legend
MISC - cont...(06:00-11:59 PDT) - Defcon.run -
SEV - (08:30-17:30 PDT) - SECV - Youth Challenge -
SEV - (08:30-17:59 PDT) - SECV Village Open
Saturday - 09:00 PDT
Return to Index - Locations Legend
CON - HardWired -
CON - Social Engineering Community (SEC) Youth Challenge -
DC - Hack the Future: Why Congress and the White House are supporting AI Red Teaming - Arati Prabhakar,Austin Carson
DC - (09:30-18:59 PDT) - Human Registration Open -
DC - Assessing the Security of Certificates at Scale - Andrew Chi,Brandon Enright,David McGrew
DC - (09:30-10:15 PDT) - Badge of Shame: Breaking into Secure Facilities with OSDP - Dan "AltF4" Petro,David Vargas
DC - Smashing the state machine: the true potential of web race conditions - James "albinowax" Kettle
DC - Shell On Demand Appliance Machine (S.O.D.A. Machine) (pronounced SODA) -
DC - ELECTRONizing macOS privacy - a new weapon in your red teaming armory - Wojciech Reguła
DC - (09:30-10:15 PDT) - J4 Gate, The Hustler Poker Cheating Scandal investigation and how Hacking helped me do it - Scott "Duckie" Melnick
DC - Merch (formerly swag) Area Open -- README -
MISC - cont...(06:00-11:59 PDT) - Defcon.run -
PHV - Honey Pot Workshop -
PHV - Build Your Own Botnet -
PHV - Wall of Sheep -
PHV - Linux Trainer Workshop -
PHV - NetworkOS: Be The Cloud -
PHV - RegEx Trainer -
PHV - Password Lab -
PHV - Fleet DefCon 31 Workshop -
PHV - Packet Inspector -
PHV - Packet Detective -
RTV - Android Applications and APIs Hacking - Gabrielle Botbol
RTV - Build Your Own Cat-Shaped USB Hacking Tool! (with the Nugget) - Alex Lynd
RTV - Passwords Argh Us - Traveler
RTV - Open Source Intelligence (OSINT) for Hackers - Lee McWhorter,Sandra Stibbards
RTV - Red Team Labs and Games for Kids
RTV - Hacking Meta Quest - Paul D.
SEV - cont...(08:30-17:30 PDT) - SECV - Youth Challenge -
SEV - cont...(08:30-17:59 PDT) - SECV Village Open
SEV - Anti-Social Engineering: Can You Be a Good Social Engineer Without Being Social - Andrew Lemon
SEV - (09:30-09:59 PDT) - Your Swag is My Swag: Pwning Fortune 500 Companies with Vistaprint - Daniel "Jcache" Goga,Langston "Shock" Clement
WS - Email Detection Engineering and Threat Hunting Inbox (Pre-Registration Required) - Alfie Champion,Josh Kamdjou
WS - Active Directory Attacks: The Good, The Bad, and The LOLwut (Pre-Registration Required) - Aaron Rosenmund,Brandon DeVault,Ryan Chapman
WS - The Petting Zoo: Breaking into CTFs (Pre-Registration Required) - Christopher Forte,Robert Fitzpatrick
WS - Creating and uncovering malicious containers Redux (Pre-Registration Required) - Adrian "threlfall" Wood,David "digish0" Mitchell
WS - BLE Security 201 (Pre-Registration Required) - Maxine "Freqy" Filcher,Zach "justadequate" Reavis
Saturday - 10:00 PDT
Return to Index - Locations Legend
AIV - AI Village Generative Red Team Challenge -
AIV - (10:30-11:25 PDT) - AI Village Keynote 2: AI red teaming tradecraft: a team of teams approach - Daniel Fabian,Mikel Rodriguez,Sarah Hodkinson
APV - AppSec Village Keynote: Collaborative Security: Fostering Innovation and Resilient Cyber Practices - Maril Vernon
ASV - Hack The Airport -
ASV - Unmanned Aerial Systems – Platform Security -
ASV - The Challenge - Lockheed Martin -
ASV - A-ISAC CTF -
ASV - Bricks in the Air -
ASV - ARINC 615a CTF -
ASV - PTP Flight Challenge -
ASV - Ask Me Anything About Cybersecurity in Aerospace -
BHV - Securing the Whole System: Corpal to Corporate - Lee Cyborg
BHV - (10:30-11:10 PDT) - Homo sapiens sapiens to Homo sapiens nova - the coming speciation - Almost Human (BJ)
BTV - (10:30-11:30 PDT) - IR/4n6: Obsidian DFIR - Gang aft agley - Omenscan
BTV - (10:30-11:30 PDT) - DE: Breaking the Rule - Oldmonk
BTV - (10:30-11:30 PDT) - CTH: Log4j - The Silent Menace Among Us - Cyb3rhawk
CHV - VDA Shenanigans: Attacking & Defending the Truck Part that Gets Left Behind - Alex Reuter,Wyatt Ford
CLV - Introducing IAM-APE - Tohar Braun
CLV - (10:30-11:10 PDT) - Between a Log and a Hard Place: (mis)Adventures in Azure Logs - Dmitriy Beryoza
CON - cont...(09:00-17:59 PDT) - HardWired -
CON - (10:30-11:59 PDT) - Capture The Packet Preliminaries -
CON - IoT Village CTF -
CON - Hardware Hacking Village CTF -
CON - 5n4ck3y -
CON - TeleChallenge -
CON - Hack-A-Sat 4 (HAS4) -
CON - Adversary Wars CTF -
CON - The Dark Tangent Look-Alike Contest -
CON - CMD+CTRL at DEF CON 31 - Booth Open -
CON - HackFortress -
CON - Battle of The Bots -
CON - Ham Radio Fox Hunting Contest -
CON - The Gold Bug Challenge -
CON - The Lonely Hard Drive -
CON - Car Hacking Village CTF -
CON - Tinfoil Hat Contest -
CON - venator aurum - A Treasure Hunt -
CON - CrackMeIfYouCan -
CON - It's In That Place Where I Put That Thing That Time -
CON - Darknet-NG -
CON - Maps of the digital lands -
CON - DC’s Next Top Threat Model (DCNTTM) -
CON - Octopus Game -
CON - DEF CON Scavenger Hunt -
CON - DEFCON MUD DUMB TERMINAL EDITION -
CON - Red Alert ICS CTF -
CON - Dungeons@Defcon -
CON - Red Team CTF -
CON - ? Cube -
CON - (10:30-14:30 PDT) - Trace Labs OSINT Search Party CTF - CTF Platform Open for Submissions -
CON - Radio Frequency Capture the Flag -
CON - (10:30-17:59 PDT) - Blue Team Village CTF -
CON - Embedded CTF -
CON - cont...(09:00-17:59 PDT) - Social Engineering Community (SEC) Youth Challenge -
CON - Cloud Village CTF -
CON - DC Kubernetes Capture the Flag (CTF) -
CPV - CPV Welcome - Day 2 - CPV Staff
CPV - (10:30-10:59 PDT) - Blindly hunting for Mercenaries - Asheer Malhotra,Vitor Ventura
CPV - (10:30-10:45 PDT) - Intro to Ciphers - CPV Staff
DC - Defeating VPN Always-On - Maxime Clementz
DC - Vendor Area Open -
DC - cont...(09:30-18:59 PDT) - Human Registration Open -
DC - cont...(09:30-10:15 PDT) - Badge of Shame: Breaking into Secure Facilities with OSDP - Dan "AltF4" Petro,David Vargas
DC - (10:30-11:15 PDT) - Calling it a 0-Day - Hacking at PBX/UC Systems - good_pseudonym
DC - Demystifying (& Bypassing) macOS's Background Task Management - Patrick Wardle
DC - Exhibitor Area Open -
DC - cont...(09:30-10:15 PDT) - J4 Gate, The Hustler Poker Cheating Scandal investigation and how Hacking helped me do it - Scott "Duckie" Melnick
DC - (10:30-11:15 PDT) - Unlocking Doors from Half a Continent Away - Sam Haskins,Trevor "t1v0" Stevado
DC - cont...(09:00-11:59 PDT) - Merch (formerly swag) Area Open -- README -
DC - Contest Area Open
DC - D0 N0 H4RM: A Healthcare Security Conversation - Christian "quaddi" Dameff,Jacqueline Burgette,Jeff "r3plicant" Tully,Mark Warner,Nitin Natarajan,Suzanne Schwartz
DCGVR - DEF CON Groups Keynote - Jayson E. Street
DL - Lambda Looter - Doug Kent,Rob Ditmer
DL - Lupo: Malware IOC Extractor - Vishal Thakur
DL - Veilid - Deth Veggie,TC Johnson
DL - Saturday - Joshua Herman
DL - The Wifydra: Multiheaded RF Panopticon - Lozaning
DL - USBvalve - Expose USB activity on the fly - Cesare Pizzi
ESV - Embedded Systems Village Activities -
HHV - Make Your Own Use -
HHV - Soldering Skills Village Activities -
HHV - RoboSumo Play Time -
HHV - Hardware Hacking Rube Goldberg Machine -
ICSV - I am the captain now: Taking remote control of ships engines, helm, azipods, ballasting and plenty more. - Ken Munro
ICSV - (10:30-10:59 PDT) - EMBA - From firmware to exploit - Michael Messner
IOTV - Hardware Hacking Your Kitchen -
IOTV - IoT Village Hacking Playground -
IOTV - Critical Infrastructure & IoT Exploitation -
IOTV - Secure or Surrender -
IOTV - The IoT Kill Zone -
IOTV - IoT Village Hardware Hacking Exercises 2023 -
IOTV - Embedded Device Security Workshops -
IOTV - Perform Memory Extraction, Emulation and Shellcode -
LPV - Lockpick Village Activities -
LPV - (10:15-10:45 PDT) - Intro to Lockpicking - TOOOL
MISC - DDV open and accepting drives for duplication -
MISC - DC’s Next Top Threat Model (DCNTTM) - Kids - Learn Threat Modeling -
MISC - Book Exchange -
MISC - cont...(06:00-11:59 PDT) - Defcon.run -
MIV - Disincentivizing misinformation: co-create a new platform business model - Vardon Hamdiu
PHV - cont...(09:00-17:59 PDT) - Honey Pot Workshop -
PHV - cont...(09:00-17:59 PDT) - Build Your Own Botnet -
PHV - cont...(09:00-17:59 PDT) - Wall of Sheep -
PHV - cont...(09:00-17:59 PDT) - Linux Trainer Workshop -
PHV - cont...(09:00-17:59 PDT) - NetworkOS: Be The Cloud -
PHV - cont...(09:00-17:59 PDT) - RegEx Trainer -
PHV - cont...(09:00-17:59 PDT) - Password Lab -
PHV - cont...(09:00-17:59 PDT) - Fleet DefCon 31 Workshop -
PHV - cont...(09:00-17:59 PDT) - Packet Inspector -
PHV - cont...(09:00-17:59 PDT) - Packet Detective -
PLV - What “Secure by Design” means for software breakers and builders - Cassie Crossley,Christopher Butera,Daniel Bardenstein
PLV - How hackers can work with government, industry, civil society to protect high-risk communities - Adrien Ogee,David Forscey,Mark E. Schreiber,Maurice Kent,Monica M. Ruiz,Sarah Powazek
PSV - Physical Security Village Activities -
PWV - Password Village Activities -
QTV - (10:30-10:59 PDT) - Q-CTF QOLOSSUS Update - Mark Carney
RCV - Panel Discussion - Bugs, Bounties, & Breaches - Insider Tales from the Trenches - Jason Haddix
RCV - (10:45-11:30 PDT) - OSINT Privacy Unmasked: Taking Control of Your Digital Footprint in a Hyper-Connected World - Zoey Selman
RTV - Hunting & Exploiting DLL Sideloads - Matthew Nickerson,Nick Swink
RTV - cont...(09:00-11:59 PDT) - Build Your Own Cat-Shaped USB Hacking Tool! (with the Nugget) - Alex Lynd
RTV - Red Hot (Red Team TTPs) - Ralph May,Steve Borosh
RTV - cont...(09:00-10:59 PDT) - Open Source Intelligence (OSINT) for Hackers - Lee McWhorter,Sandra Stibbards
RTV - Red Team Labs and Games for Kids
RTV - cont...(09:00-10:59 PDT) - Hacking Meta Quest - Paul D.
SEV - cont...(08:30-17:30 PDT) - SECV - Youth Challenge -
SEV - cont...(08:30-17:59 PDT) - SECV Village Open
SEV - Cold Calls -
SOC - Hacker Memorial -
SOC - DCG Meetups
TCV - Gazing into the crystal ball: Hacking and Securing Future Telecoms Networks - Ajit Hatti,Akib Sayyed,David Rogers,Galina Pildush
TEV - Tamper Evident Village Activities -
VMV - Voting Village Opening Remarks - Catherine Terranova,Harri Hursti,Matt Blaze
VMV - (10:30-12:30 PDT) - First Timers Workshop - Tailor Herrarte
VMV - (10:30-11:25 PDT) - I Can Shop Securely Online So Why Can't I Vote Online? - David Jefferson,Harri Hursti,Matt Blaze,Susan Greenhalgh
WS - cont...(09:00-12:59 PDT) - Email Detection Engineering and Threat Hunting Inbox (Pre-Registration Required) - Alfie Champion,Josh Kamdjou
WS - cont...(09:00-12:59 PDT) - Active Directory Attacks: The Good, The Bad, and The LOLwut (Pre-Registration Required) - Aaron Rosenmund,Brandon DeVault,Ryan Chapman
WS - cont...(09:00-12:59 PDT) - The Petting Zoo: Breaking into CTFs (Pre-Registration Required) - Christopher Forte,Robert Fitzpatrick
WS - cont...(09:00-12:59 PDT) - Creating and uncovering malicious containers Redux (Pre-Registration Required) - Adrian "threlfall" Wood,David "digish0" Mitchell
WS - cont...(09:00-12:59 PDT) - BLE Security 201 (Pre-Registration Required) - Maxine "Freqy" Filcher,Zach "justadequate" Reavis
XRV - Haptics Hack-a-Thon -
XRV - XR Village Playground -
Saturday - 11:00 PDT
Return to Index - Locations Legend
AIV - cont...(10:00-17:59 PDT) - AI Village Generative Red Team Challenge -
AIV - cont...(10:30-11:25 PDT) - AI Village Keynote 2: AI red teaming tradecraft: a team of teams approach - Daniel Fabian,Mikel Rodriguez,Sarah Hodkinson
AIV - (11:30-12:25 PDT) - Creative Misuse of AI Systems - Eryk Salvaggio
APV - Getting More Bang for your Buck:Appsec on a Limited Budget - Vandana Verma Sehgal,Viraj Gandhi
APV - (11:45-12:30 PDT) - Discovering Shadow Vulnerabilities in Popular Open-Source Projects: A Reverse-Fuzzing Journey - Gal Elbaz,Guy Kaplan
APV - Hunt the Hacker - Detect compromises in your repositories! - GitGuardian
APV - Secure Code Review Challenge - Alon Lerner
APV - Spot the True Positives! - Backslash
APV - The Ultimate AppSec Trivia Challenge - Probely
APV - JWT Parkour - Louis Nyffenegger
ASV - cont...(10:00-17:59 PDT) - Hack The Airport -
ASV - cont...(10:00-17:59 PDT) - Unmanned Aerial Systems – Platform Security -
ASV - cont...(10:00-17:59 PDT) - The Challenge - Lockheed Martin -
ASV - cont...(10:00-17:59 PDT) - A-ISAC CTF -
ASV - cont...(10:00-17:59 PDT) - Bricks in the Air -
ASV - cont...(10:00-17:59 PDT) - ARINC 615a CTF -
ASV - cont...(10:00-17:59 PDT) - PTP Flight Challenge -
ASV - cont...(10:00-17:59 PDT) - Ask Me Anything About Cybersecurity in Aerospace -
ASV - Hack-A-Sat 4 Briefing - Hack-A-Sat 4 Team
BHV - cont...(10:30-11:10 PDT) - Homo sapiens sapiens to Homo sapiens nova - the coming speciation - Almost Human (BJ)
BHV - How to build a body in your garage - Brennan Marsh-Armstrong
BHV - (11:40-12:40 PDT) - Surgical Physicians and Cybersecurity - Colin Haines
BICV - General-purpose Languages: What Are Your Habits? - D.J. Davis
BTV - cont...(10:30-11:30 PDT) - IR/4n6: Obsidian DFIR - Gang aft agley - Omenscan
BTV - (11:30-12:30 PDT) - (n)Map Exploration: A Great Time in Remote Destinations - SamunoskeX
BTV - cont...(10:30-11:30 PDT) - DE: Breaking the Rule - Oldmonk
BTV - (11:30-11:59 PDT) - Forensics 101 Part I & II - Danny D. "B4nd1t0" Henderson Jr,Gyle_dC
BTV - cont...(10:30-11:30 PDT) - CTH: Log4j - The Silent Menace Among Us - Cyb3rhawk
BTV - (11:30-12:30 PDT) - DE: Building a Detection Alert From a Threat Hunt - kobaltfox
CHV - Automotive USB Fuzzing: How to fuzzing USB in vehicles to discover the real-world vulnerabilities - Donghyeon Jeong,Euntae Jang,Jonghyuk Song
CLV - cont...(10:30-11:10 PDT) - Between a Log and a Hard Place: (mis)Adventures in Azure Logs - Dmitriy Beryoza
CLV - SSO Sloppy, SSO Suspect, SSO Vulnerable - Jenko Hwong
CLV - (11:50-12:20 PDT) - Google Workspace Red Team Automation with SWAT - Justin Ibarra,Terrance DeJesus
CON - cont...(09:00-17:59 PDT) - HardWired -
CON - cont...(10:30-11:59 PDT) - Capture The Packet Preliminaries -
CON - cont...(10:00-17:59 PDT) - IoT Village CTF -
CON - cont...(10:00-17:59 PDT) - Hardware Hacking Village CTF -
CON - cont...(10:00-17:59 PDT) - 5n4ck3y -
CON - cont...(10:00-17:59 PDT) - TeleChallenge -
CON - cont...(10:00-17:59 PDT) - Hack-A-Sat 4 (HAS4) -
CON - cont...(10:00-16:59 PDT) - Adversary Wars CTF -
CON - cont...(10:00-17:59 PDT) - The Dark Tangent Look-Alike Contest -
CON - cont...(10:00-17:59 PDT) - CMD+CTRL at DEF CON 31 - Booth Open -
CON - cont...(10:00-17:59 PDT) - HackFortress -
CON - cont...(10:00-17:59 PDT) - Battle of The Bots -
CON - cont...(10:00-17:59 PDT) - Ham Radio Fox Hunting Contest -
CON - cont...(10:00-17:59 PDT) - The Gold Bug Challenge -
CON - cont...(10:00-19:59 PDT) - The Lonely Hard Drive -
CON - cont...(10:00-17:59 PDT) - Car Hacking Village CTF -
CON - cont...(10:00-17:59 PDT) - Tinfoil Hat Contest -
CON - cont...(10:00-17:59 PDT) - venator aurum - A Treasure Hunt -
CON - cont...(10:00-17:59 PDT) - CrackMeIfYouCan -
CON - cont...(10:00-17:59 PDT) - It's In That Place Where I Put That Thing That Time -
CON - cont...(10:00-16:30 PDT) - Darknet-NG -
CON - cont...(10:00-17:59 PDT) - Maps of the digital lands -
CON - cont...(10:00-17:59 PDT) - DC’s Next Top Threat Model (DCNTTM) -
CON - cont...(10:00-13:59 PDT) - Octopus Game -
CON - cont...(10:00-17:59 PDT) - DEF CON Scavenger Hunt -
CON - cont...(10:00-17:59 PDT) - DEFCON MUD DUMB TERMINAL EDITION -
CON - cont...(10:00-16:59 PDT) - Red Alert ICS CTF -
CON - cont...(10:00-17:59 PDT) - Dungeons@Defcon -
CON - cont...(10:00-17:59 PDT) - Red Team CTF -
CON - cont...(10:00-17:59 PDT) - ? Cube -
CON - cont...(10:30-14:30 PDT) - Trace Labs OSINT Search Party CTF - CTF Platform Open for Submissions -
CON - cont...(10:00-17:59 PDT) - Radio Frequency Capture the Flag -
CON - cont...(10:30-17:59 PDT) - Blue Team Village CTF -
CON - Free Amateur Radio License Exams -
CON - cont...(10:00-17:59 PDT) - Embedded CTF -
CON - cont...(09:00-17:59 PDT) - Social Engineering Community (SEC) Youth Challenge -
CON - cont...(10:00-17:59 PDT) - Cloud Village CTF -
CON - cont...(10:00-16:59 PDT) - DC Kubernetes Capture the Flag (CTF) -
CPV - Ten Years of CPV - Program Committees - CPV Program Committees,CPV Staff
DC - Spread spectrum techniques in disposable drones for anti drone evasion - David Melendez,Gabriela "Gabs" García
DC - cont...(10:00-17:59 PDT) - Vendor Area Open -
DC - cont...(09:30-18:59 PDT) - Human Registration Open -
DC - cont...(10:30-11:15 PDT) - Calling it a 0-Day - Hacking at PBX/UC Systems - good_pseudonym
DC - (11:30-12:15 PDT) - Physical Attacks Against Smartphones - Christopher Wade
DC - Weaponizing Plain Text: ANSI Escape Sequences as a Forensic Nightmare - STÖK
DC - cont...(10:00-17:59 PDT) - Exhibitor Area Open -
DC - cont...(10:30-11:15 PDT) - Unlocking Doors from Half a Continent Away - Sam Haskins,Trevor "t1v0" Stevado
DC - (11:30-12:15 PDT) - Apple's Predicament: NSPredicate Exploitation on macOS and iOS - Austin Emmitt
DC - cont...(09:00-11:59 PDT) - Merch (formerly swag) Area Open -- README -
DC - cont...(10:00-17:59 PDT) - Contest Area Open
DC - cont...(10:00-11:45 PDT) - D0 N0 H4RM: A Healthcare Security Conversation - Christian "quaddi" Dameff,Jacqueline Burgette,Jeff "r3plicant" Tully,Mark Warner,Nitin Natarajan,Suzanne Schwartz
DC - (11:30-12:15 PDT) - Mass Owning of Seedboxes - A Live Hacking Exhibition - Anon
DCGVR - (11:35-12:20 PDT) - Taking Down Applications with Logic: A Comprehensive Guide to Modern DOS Attacks - Abhijeet Singh
DL - cont...(10:00-11:55 PDT) - Lambda Looter - Doug Kent,Rob Ditmer
DL - cont...(10:00-11:55 PDT) - Lupo: Malware IOC Extractor - Vishal Thakur
DL - cont...(10:00-11:55 PDT) - Veilid - Deth Veggie,TC Johnson
DL - cont...(10:00-11:55 PDT) - Saturday - Joshua Herman
DL - cont...(10:00-11:55 PDT) - The Wifydra: Multiheaded RF Panopticon - Lozaning
DL - cont...(10:00-11:55 PDT) - USBvalve - Expose USB activity on the fly - Cesare Pizzi
ESV - cont...(10:00-17:59 PDT) - Embedded Systems Village Activities -
HHV - cont...(10:00-15:30 PDT) - Make Your Own Use -
HHV - cont...(10:00-17:59 PDT) - Soldering Skills Village Activities -
HHV - cont...(10:00-17:59 PDT) - RoboSumo Play Time -
HHV - cont...(10:00-15:30 PDT) - Hardware Hacking Rube Goldberg Machine -
HRV - How to Crush Field Day and Win Big Prizes - Hamster
ICSV - Wrenches, Widgets, and Walkdowns: Unraveling the Tangle of Digital Assets in Industrial Control Systems - Tony Turner
ICSV - (11:30-11:59 PDT) - Cyber-Physical Detection and Response: A new Paradigm in IACS Monitoring and Security - Ryan Heartfield
IOTV - cont...(10:00-17:59 PDT) - Hardware Hacking Your Kitchen -
IOTV - cont...(10:00-17:59 PDT) - IoT Village Hacking Playground -
IOTV - cont...(10:00-17:59 PDT) - Critical Infrastructure & IoT Exploitation -
IOTV - cont...(10:00-17:59 PDT) - Secure or Surrender -
IOTV - cont...(10:00-17:59 PDT) - The IoT Kill Zone -
IOTV - cont...(10:00-17:59 PDT) - IoT Village Hardware Hacking Exercises 2023 -
IOTV - cont...(10:00-17:59 PDT) - Embedded Device Security Workshops -
IOTV - cont...(10:00-17:59 PDT) - Perform Memory Extraction, Emulation and Shellcode -
LPV - cont...(10:00-17:59 PDT) - Lockpick Village Activities -
MISC - No Starch Press - Book Signing - Patrick Wardle, The Art of Mac Malware
MISC - No Starch Press - Book Signing - Maria Markstedter, Blue Fox: Arm Assembly Internals and Reverse Engineering - Maria Markstedter
MISC - cont...(10:00-16:59 PDT) - DDV open and accepting drives for duplication -
MISC - cont...(10:00-11:59 PDT) - DC’s Next Top Threat Model (DCNTTM) - Kids - Learn Threat Modeling -
MISC - cont...(10:00-15:59 PDT) - Book Exchange -
MISC - cont...(06:00-11:59 PDT) - Defcon.run -
MIV - Evil Digital Twin: Learn Psychological Manipulation with an Uncensored LLM - Ben D. Sawyer,Matthew Canham
MIV - (11:30-12:30 PDT) - Navigating the Disinformation Landscape - Eric Curwin
PHV - cont...(09:00-17:59 PDT) - Honey Pot Workshop -
PHV - cont...(09:00-17:59 PDT) - Build Your Own Botnet -
PHV - cont...(09:00-17:59 PDT) - Wall of Sheep -
PHV - cont...(09:00-17:59 PDT) - Linux Trainer Workshop -
PHV - cont...(09:00-17:59 PDT) - NetworkOS: Be The Cloud -
PHV - cont...(09:00-17:59 PDT) - RegEx Trainer -
PHV - cont...(09:00-17:59 PDT) - Password Lab -
PHV - cont...(09:00-17:59 PDT) - Fleet DefCon 31 Workshop -
PHV - cont...(09:00-17:59 PDT) - Packet Inspector -
PHV - cont...(09:00-17:59 PDT) - Packet Detective -
PLV - AI Caramba! A DC <> DEF CON interface on machine learning - Austin Carson,Erick Galinkin,Kellee Wicker,Rumman Chowdhury,Tim Ryder
PLV - Secure by Design: Ask the Government Anything and Red-Pen Workshop - Bob Lord,Cheri Caddy,Jack Cable,Jen Easterly,Lauren Zabierek,Oumou Ly,Yael Grauer
PLV - cont...(10:00-11:50 PDT) - How hackers can work with government, industry, civil society to protect high-risk communities - Adrien Ogee,David Forscey,Mark E. Schreiber,Maurice Kent,Monica M. Ruiz,Sarah Powazek
PSV - cont...(10:00-17:59 PDT) - Physical Security Village Activities -
PWV - cont...(10:00-17:59 PDT) - Password Village Activities -
PYV - Payment Village Workshop - Leigh-Anne Galloway
PYV - Payment Village Challenges/CTF -
QTV - Quantum attacks on next-gen cryptosystems: lattices, annealers, notebooks -
RCV - cont...(10:45-11:30 PDT) - OSINT Privacy Unmasked: Taking Control of Your Digital Footprint in a Hyper-Connected World - Zoey Selman
RCV - (11:30-12:05 PDT) - I Am The Disinformation Campaign - MasterChen
RTV - (In)Direct Syscalls: A Journey from High to Low - Daniel Feichter
RTV - cont...(09:00-11:59 PDT) - Build Your Own Cat-Shaped USB Hacking Tool! (with the Nugget) - Alex Lynd
RTV - Passwords Argh Us - Traveler
RTV - Artificial Intelligence for Red Team Operations - Peter Halberg
SEV - cont...(08:30-17:30 PDT) - SECV - Youth Challenge -
SEV - cont...(08:30-17:59 PDT) - SECV Village Open
SEV - cont...(10:00-11:30 PDT) - Cold Calls -
SEV - (11:30-13:30 PDT) - SE Improv -
SOC - cont...(10:00-17:59 PDT) - Hacker Memorial -
SOC - cont...(10:00-17:59 PDT) - DCG Meetups
TCV - Diameter Workshop - Akib Sayyed,Zibran Sayyed
TEV - cont...(10:00-17:59 PDT) - Tamper Evident Village Activities -
VMV - cont...(10:30-12:30 PDT) - First Timers Workshop - Tailor Herrarte
VMV - cont...(10:30-11:25 PDT) - I Can Shop Securely Online So Why Can't I Vote Online? - David Jefferson,Harri Hursti,Matt Blaze,Susan Greenhalgh
VMV - (11:30-12:15 PDT) - Chinese Prototype Review - William Baggett
VMV - (11:30-11:59 PDT) - VOTEC Corporation - John Medcalf
WS - cont...(09:00-12:59 PDT) - Email Detection Engineering and Threat Hunting Inbox (Pre-Registration Required) - Alfie Champion,Josh Kamdjou
WS - cont...(09:00-12:59 PDT) - Active Directory Attacks: The Good, The Bad, and The LOLwut (Pre-Registration Required) - Aaron Rosenmund,Brandon DeVault,Ryan Chapman
WS - cont...(09:00-12:59 PDT) - The Petting Zoo: Breaking into CTFs (Pre-Registration Required) - Christopher Forte,Robert Fitzpatrick
WS - cont...(09:00-12:59 PDT) - Creating and uncovering malicious containers Redux (Pre-Registration Required) - Adrian "threlfall" Wood,David "digish0" Mitchell
WS - cont...(09:00-12:59 PDT) - BLE Security 201 (Pre-Registration Required) - Maxine "Freqy" Filcher,Zach "justadequate" Reavis
XRV - cont...(10:00-15:59 PDT) - Haptics Hack-a-Thon -
XRV - cont...(10:00-17:59 PDT) - XR Village Playground -
XRV - Off the Rails: A demo with Pacific Northwest National Labs -
Saturday - 12:00 PDT
Return to Index - Locations Legend
AIV - cont...(10:00-17:59 PDT) - AI Village Generative Red Team Challenge -
AIV - cont...(11:30-12:25 PDT) - Creative Misuse of AI Systems - Eryk Salvaggio
AIV - (12:30-13:25 PDT) - LLM Legal Risk Management, and Use Case Development Strategies to Minimize Risk - Nick Maietta,Robert Hudock
APV - cont...(11:45-12:30 PDT) - Discovering Shadow Vulnerabilities in Popular Open-Source Projects: A Reverse-Fuzzing Journey - Gal Elbaz,Guy Kaplan
APV - (12:30-13:30 PDT) - Not All Alerts Are Born Equal: Insights from AppSec Experts on Prioritizing Security Alerts - Joe Christian,Kunal Bhattacharya,Shahar Man,Trupti Shiralkar
APV - cont...(11:00-12:59 PDT) - Hunt the Hacker - Detect compromises in your repositories! - GitGuardian
APV - cont...(11:00-12:59 PDT) - Secure Code Review Challenge - Alon Lerner
APV - cont...(11:00-12:59 PDT) - Spot the True Positives! - Backslash
APV - cont...(11:00-12:59 PDT) - The Ultimate AppSec Trivia Challenge - Probely
APV - cont...(11:00-12:59 PDT) - JWT Parkour - Louis Nyffenegger
ASV - cont...(10:00-17:59 PDT) - Hack The Airport -
ASV - cont...(10:00-17:59 PDT) - Unmanned Aerial Systems – Platform Security -
ASV - cont...(10:00-17:59 PDT) - The Challenge - Lockheed Martin -
ASV - cont...(10:00-17:59 PDT) - A-ISAC CTF -
ASV - cont...(10:00-17:59 PDT) - Bricks in the Air -
ASV - cont...(10:00-17:59 PDT) - ARINC 615a CTF -
ASV - cont...(10:00-17:59 PDT) - PTP Flight Challenge -
ASV - cont...(10:00-17:59 PDT) - Ask Me Anything About Cybersecurity in Aerospace -
ASV - CON trolling the weather - Paz Hameiri
ASV - (12:30-13:20 PDT) - Building Space Attack Chains using SPARTA - Brandon Bailey
BHV - cont...(11:40-12:40 PDT) - Surgical Physicians and Cybersecurity - Colin Haines
BHV - (12:40-13:50 PDT) - Medical VR - David Nathans,Ernest Liu
BTV - cont...(11:30-12:30 PDT) - (n)Map Exploration: A Great Time in Remote Destinations - SamunoskeX
BTV - cont...(11:30-12:30 PDT) - DE: Building a Detection Alert From a Threat Hunt - kobaltfox
CHV - Abusing CAN Bus Protocol Specification for Denial of Service in Embedded Systems - Martin Petran
CLV - cont...(11:50-12:20 PDT) - Google Workspace Red Team Automation with SWAT - Justin Ibarra,Terrance DeJesus
CLV - (12:20-12:59 PDT) - The Rocky Balboa Guide to Security Research: Getting Back Up When You Get Knocked Down - Liv Matan
CON - cont...(09:00-17:59 PDT) - HardWired -
CON - Capture The Packet Main Rounds -
CON - cont...(10:00-17:59 PDT) - IoT Village CTF -
CON - cont...(10:00-17:59 PDT) - Hardware Hacking Village CTF -
CON - cont...(10:00-17:59 PDT) - 5n4ck3y -
CON - cont...(10:00-17:59 PDT) - TeleChallenge -
CON - cont...(10:00-17:59 PDT) - Hack-A-Sat 4 (HAS4) -
CON - cont...(10:00-16:59 PDT) - Adversary Wars CTF -
CON - cont...(10:00-17:59 PDT) - The Dark Tangent Look-Alike Contest -
CON - cont...(10:00-17:59 PDT) - CMD+CTRL at DEF CON 31 - Booth Open -
CON - cont...(10:00-17:59 PDT) - HackFortress -
CON - cont...(10:00-17:59 PDT) - Battle of The Bots -
CON - cont...(10:00-17:59 PDT) - Ham Radio Fox Hunting Contest -
CON - cont...(10:00-17:59 PDT) - The Gold Bug Challenge -
CON - cont...(10:00-19:59 PDT) - The Lonely Hard Drive -
CON - cont...(10:00-17:59 PDT) - Car Hacking Village CTF -
CON - cont...(10:00-17:59 PDT) - Tinfoil Hat Contest -
CON - cont...(10:00-17:59 PDT) - venator aurum - A Treasure Hunt -
CON - cont...(10:00-17:59 PDT) - CrackMeIfYouCan -
CON - cont...(10:00-17:59 PDT) - It's In That Place Where I Put That Thing That Time -
CON - cont...(10:00-16:30 PDT) - Darknet-NG -
CON - cont...(10:00-17:59 PDT) - Maps of the digital lands -
CON - cont...(10:00-17:59 PDT) - DC’s Next Top Threat Model (DCNTTM) -
CON - cont...(10:00-13:59 PDT) - Octopus Game -
CON - cont...(10:00-17:59 PDT) - DEF CON Scavenger Hunt -
CON - cont...(10:00-17:59 PDT) - DEFCON MUD DUMB TERMINAL EDITION -
CON - cont...(10:00-16:59 PDT) - Red Alert ICS CTF -
CON - cont...(10:00-17:59 PDT) - Dungeons@Defcon -
CON - cont...(10:00-17:59 PDT) - Red Team CTF -
CON - cont...(10:00-17:59 PDT) - ? Cube -
CON - cont...(10:30-14:30 PDT) - Trace Labs OSINT Search Party CTF - CTF Platform Open for Submissions -
CON - cont...(10:00-17:59 PDT) - Radio Frequency Capture the Flag -
CON - cont...(10:30-17:59 PDT) - Blue Team Village CTF -
CON - cont...(11:00-16:59 PDT) - Free Amateur Radio License Exams -
CON - cont...(10:00-17:59 PDT) - Embedded CTF -
CON - cont...(09:00-17:59 PDT) - Social Engineering Community (SEC) Youth Challenge -
CON - TOOOL Dozier Drill Lockpicking Challenge -
CON - cont...(10:00-17:59 PDT) - Cloud Village CTF -
CON - cont...(10:00-16:59 PDT) - DC Kubernetes Capture the Flag (CTF) -
CPV - Ten Years of CPV - The Gold Bug Challenge - CPV Staff,Gold Bug Challenge Team
CPV - About Face! Beginner Intro to Facial Recognition - Kate
DC - From Feature to Weapon: Breaking Microsoft Teams and SharePoint Integrity - Nestori Syynimaa
DC - cont...(10:00-17:59 PDT) - Vendor Area Open -
DC - cont...(09:30-18:59 PDT) - Human Registration Open -
DC - cont...(11:30-12:15 PDT) - Physical Attacks Against Smartphones - Christopher Wade
DC - (12:30-13:15 PDT) - Video-based Cryptanalysis: Extracting Secret Keys from Power LEDs of Various Non-compromised Devices Using a Video Camera - Ben Nassi,Ofek Vayner
DC - Internet censorship: what governments around the globe have in store for you - Christopher Painter,Jeff "The Dark Tangent" Moss,Joel Todoroff,Roger Dingledine
DC - cont...(10:00-17:59 PDT) - Exhibitor Area Open -
DC - cont...(11:30-12:15 PDT) - Apple's Predicament: NSPredicate Exploitation on macOS and iOS - Austin Emmitt
DC - (12:30-13:15 PDT) - An Audacious Plan to Halt the Internet's Enshittification - Cory Doctorow
DC - cont...(10:00-17:59 PDT) - Contest Area Open
DC - Lonely Hackers Club - Resume Reviews & Career Advice
DC - cont...(11:30-12:15 PDT) - Mass Owning of Seedboxes - A Live Hacking Exhibition - Anon
DC - (12:30-13:30 PDT) - Metawar - Winn
DCGVR - cont...(11:35-12:20 PDT) - Taking Down Applications with Logic: A Comprehensive Guide to Modern DOS Attacks - Abhijeet Singh
DCGVR - (12:35-13:20 PDT) - The Curse of Ncurses - Jonathan Bar Or
DL - BBOT (Bighuge BLS OSINT Tool) - Joel "TheTechromancer" Moore,Paul Mueller
DL - Abusing Microsoft SQL Server with SQLRecon - Sanjiv Kawa
DL - Red Wizard: user-friendly Red Teaming infrastructure - Ben Brücker
DL - Am I Exploitable? (MI-X) - Ofri Ouzan,Yotam Perkal
DL - Kraken, a modular multi-language webshell for defense evasion - Raul Caro
DL - Pcapinator: Rise of the PCAP Machines - Henry Hill,Mike "d4rkm4tter" Spicer
ESV - cont...(10:00-17:59 PDT) - Embedded Systems Village Activities -
HHV - cont...(10:00-15:30 PDT) - Make Your Own Use -
HHV - cont...(10:00-17:59 PDT) - Soldering Skills Village Activities -
HHV - cont...(10:00-17:59 PDT) - RoboSumo Play Time -
HHV - cont...(10:00-15:30 PDT) - Hardware Hacking Rube Goldberg Machine -
ICSV - Fear and Loathing on Plum Island - David Emmerich,Emma Stewart,Jeremy Jones,Joe Minicucci
IOTV - cont...(10:00-17:59 PDT) - Hardware Hacking Your Kitchen -
IOTV - cont...(10:00-17:59 PDT) - IoT Village Hacking Playground -
IOTV - cont...(10:00-17:59 PDT) - Critical Infrastructure & IoT Exploitation -
IOTV - cont...(10:00-17:59 PDT) - Secure or Surrender -
IOTV - cont...(10:00-17:59 PDT) - The IoT Kill Zone -
IOTV - cont...(10:00-17:59 PDT) - IoT Village Hardware Hacking Exercises 2023 -
IOTV - cont...(10:00-17:59 PDT) - Embedded Device Security Workshops -
IOTV - cont...(10:00-17:59 PDT) - Perform Memory Extraction, Emulation and Shellcode -
LPV - cont...(10:00-17:59 PDT) - Lockpick Village Activities -
MISC - No Starch Press - Book Signing - Daniel Reilly, Math for Security
MISC - cont...(10:00-16:59 PDT) - DDV open and accepting drives for duplication -
MISC - cont...(10:00-15:59 PDT) - Book Exchange -
MIV - cont...(11:30-12:30 PDT) - Navigating the Disinformation Landscape - Eric Curwin
MIV - (12:30-13:30 PDT) - Patient Zero Day: The Leaking of Patients' Private Health Data Contributed To A Medical Infodemic - Andrea Downing
PHV - cont...(09:00-17:59 PDT) - Honey Pot Workshop -
PHV - cont...(09:00-17:59 PDT) - Build Your Own Botnet -
PHV - cont...(09:00-17:59 PDT) - Wall of Sheep -
PHV - cont...(09:00-17:59 PDT) - Linux Trainer Workshop -
PHV - cont...(09:00-17:59 PDT) - NetworkOS: Be The Cloud -
PHV - cont...(09:00-17:59 PDT) - RegEx Trainer -
PHV - cont...(09:00-17:59 PDT) - Password Lab -
PHV - cont...(09:00-17:59 PDT) - Fleet DefCon 31 Workshop -
PHV - cont...(09:00-17:59 PDT) - Packet Inspector -
PHV - cont...(09:00-17:59 PDT) - Packet Detective -
PLV - Hands On a Cyber Policy Crisis: Testing Assumptions and Navigating Challenges through a Cyber Simulation - Safa Shahwan Edwards
PLV - cont...(11:00-13:50 PDT) - Secure by Design: Ask the Government Anything and Red-Pen Workshop - Bob Lord,Cheri Caddy,Jack Cable,Jen Easterly,Lauren Zabierek,Oumou Ly,Yael Grauer
PLV - The Coming War on Encryption, Part 3 (and how you can fight back) - India McKinney
PSV - cont...(10:00-17:59 PDT) - Physical Security Village Activities -
PSV - RFID Hacking - Ege
PSV - (12:30-13:15 PDT) - Physical pentesting in a post-covid world - Brian Halbach
PWV - cont...(10:00-17:59 PDT) - Password Village Activities -
PYV - cont...(11:00-12:30 PDT) - Payment Village Workshop - Leigh-Anne Galloway
PYV - cont...(11:00-17:59 PDT) - Payment Village Challenges/CTF -
QTV - cont...(11:00-12:30 PDT) - Quantum attacks on next-gen cryptosystems: lattices, annealers, notebooks -
RCV - cont...(11:30-12:05 PDT) - I Am The Disinformation Campaign - MasterChen
RCV - How I Built Recon to Scale with Serverless Architecture - Gunnar Andrews
RFV - Shipping Wardriving Hardware - Cross-country Wigle on the Cheap - Segfault
RTV - cont...(11:00-16:59 PDT) - (In)Direct Syscalls: A Journey from High to Low - Daniel Feichter
RTV - Hacking Web Apps and APIs with WebSploit Labs - Omar Santos
RTV - Red Hot (Red Team TTPs) - Ralph May,Steve Borosh
RTV - Scripting OWASP Amass for a Customized Experience - Jeff Foley
RTV - cont...(11:00-12:59 PDT) - Artificial Intelligence for Red Team Operations - Peter Halberg
SEV - cont...(08:30-17:30 PDT) - SECV - Youth Challenge -
SEV - cont...(08:30-17:59 PDT) - SECV Village Open
SEV - cont...(11:30-13:30 PDT) - SE Improv -
SOC - cont...(10:00-17:59 PDT) - Hacker Memorial -
SOC - Lonely Hackers Club Meetup -
SOC - cont...(10:00-17:59 PDT) - DCG Meetups
SOC - Friends of Bill W -
SOC - HDA / Accessibility Area Open
SOC - HDA Community Meetups
TCV - cont...(11:00-12:59 PDT) - Diameter Workshop - Akib Sayyed,Zibran Sayyed
TEV - cont...(10:00-17:59 PDT) - Tamper Evident Village Activities -
VMV - cont...(10:30-12:30 PDT) - First Timers Workshop - Tailor Herrarte
VMV - cont...(11:30-12:15 PDT) - Chinese Prototype Review - William Baggett
VMV - (12:20-12:50 PDT) - US private elections: the easy way in for foreign adversaries. - Scheme
VMV - (12:30-13:20 PDT) - Review: Surprise Unboxing - Harri Hursti
VMV - (12:55-13:40 PDT) - Conflicting Security Reports from Halderman-Springalll and from MITRE: Which Is Right? - David Jefferson,Drew Springall,Richard DeMillo
WS - cont...(09:00-12:59 PDT) - Email Detection Engineering and Threat Hunting Inbox (Pre-Registration Required) - Alfie Champion,Josh Kamdjou
WS - cont...(09:00-12:59 PDT) - Active Directory Attacks: The Good, The Bad, and The LOLwut (Pre-Registration Required) - Aaron Rosenmund,Brandon DeVault,Ryan Chapman
WS - cont...(09:00-12:59 PDT) - The Petting Zoo: Breaking into CTFs (Pre-Registration Required) - Christopher Forte,Robert Fitzpatrick
WS - cont...(09:00-12:59 PDT) - Creating and uncovering malicious containers Redux (Pre-Registration Required) - Adrian "threlfall" Wood,David "digish0" Mitchell
WS - cont...(09:00-12:59 PDT) - BLE Security 201 (Pre-Registration Required) - Maxine "Freqy" Filcher,Zach "justadequate" Reavis
XRV - cont...(10:00-15:59 PDT) - Haptics Hack-a-Thon -
XRV - cont...(10:00-17:59 PDT) - XR Village Playground -
XRV - cont...(11:00-16:59 PDT) - Off the Rails: A demo with Pacific Northwest National Labs -
Saturday - 13:00 PDT
Return to Index - Locations Legend
AIV - cont...(10:00-17:59 PDT) - AI Village Generative Red Team Challenge -
AIV - cont...(12:30-13:25 PDT) - LLM Legal Risk Management, and Use Case Development Strategies to Minimize Risk - Nick Maietta,Robert Hudock
AIV - (13:30-14:25 PDT) - The Sinister Synergy of Advanced AI: Automatically Orchestrating Large-scale Scam Campaigns with Large Generative Models - Ben Gelman,Younghoo Lee
APV - For Kids: Castle Defenders - Pentera
APV - cont...(12:30-13:30 PDT) - Not All Alerts Are Born Equal: Insights from AppSec Experts on Prioritizing Security Alerts - Joe Christian,Kunal Bhattacharya,Shahar Man,Trupti Shiralkar
APV - (13:30-14:15 PDT) - Dress Code - Analysis of the current status of the Content Security Policy - Felipe Molina
APV - How to Hide Behavior from Security Tools - Deepfactor
APV - Open Source API Security for devsecops - Ankita Gupta,Ankush Jain
APV - The Ultimate AppSec Trivia Challenge - Probely
APV - Secure from Scratch: Secure Code Workshop for DEF CON Kids - Or Sahar,Yariv Tal
ASV - cont...(10:00-17:59 PDT) - Hack The Airport -
ASV - cont...(10:00-17:59 PDT) - Unmanned Aerial Systems – Platform Security -
ASV - cont...(10:00-17:59 PDT) - The Challenge - Lockheed Martin -
ASV - cont...(10:00-17:59 PDT) - A-ISAC CTF -
ASV - cont...(10:00-17:59 PDT) - Bricks in the Air -
ASV - cont...(10:00-17:59 PDT) - ARINC 615a CTF -
ASV - cont...(10:00-17:59 PDT) - PTP Flight Challenge -
ASV - cont...(10:00-17:59 PDT) - Ask Me Anything About Cybersecurity in Aerospace -
ASV - cont...(12:30-13:20 PDT) - Building Space Attack Chains using SPARTA - Brandon Bailey
ASV - (13:30-13:55 PDT) - Elon, Twitter and the PIA: How not to achieve privacy in aviation - Martin Strohmeier
BHV - cont...(12:40-13:50 PDT) - Medical VR - David Nathans,Ernest Liu
BHV - (13:50-14:50 PDT) - Full Stack Disclosures - Edison Alvarez,Alex Mastrov,Matias Katz
BICV - Why don't we have Internet, Daddy? - Jess Hoffman
BTV - (13:30-14:30 PDT) - So you want to become a Detection Engineer - Ben Bornholm,CerealKiller,kobaltfox,plug
BTV - (13:30-13:59 PDT) - CTH 101: Part III, IV, V - Cyb3rhawk
BTV - (13:30-14:30 PDT) - Why OT Cybersecurity Engineers Drink So Much - ThatDeadGuy
CLV - CloudRecon - finding ephemeral assets in the cloud - Gunnar Andrews,Jason Haddix
CLV - (13:30-14:10 PDT) - What the Function: A Deep Dive into Azure Function App Security - Karl Fosaaen,Thomas Elling
CON - cont...(09:00-17:59 PDT) - HardWired -
CON - cont...(12:00-17:59 PDT) - Capture The Packet Main Rounds -
CON - cont...(10:00-17:59 PDT) - IoT Village CTF -
CON - cont...(10:00-17:59 PDT) - Hardware Hacking Village CTF -
CON - cont...(10:00-17:59 PDT) - 5n4ck3y -
CON - cont...(10:00-17:59 PDT) - TeleChallenge -
CON - cont...(10:00-17:59 PDT) - Hack-A-Sat 4 (HAS4) -
CON - cont...(10:00-16:59 PDT) - Adversary Wars CTF -
CON - cont...(10:00-17:59 PDT) - The Dark Tangent Look-Alike Contest -
CON - cont...(10:00-17:59 PDT) - CMD+CTRL at DEF CON 31 - Booth Open -
CON - cont...(10:00-17:59 PDT) - HackFortress -
CON - cont...(10:00-17:59 PDT) - Battle of The Bots -
CON - cont...(10:00-17:59 PDT) - Ham Radio Fox Hunting Contest -
CON - cont...(10:00-17:59 PDT) - The Gold Bug Challenge -
CON - cont...(10:00-19:59 PDT) - The Lonely Hard Drive -
CON - cont...(10:00-17:59 PDT) - Car Hacking Village CTF -
CON - cont...(10:00-17:59 PDT) - Tinfoil Hat Contest -
CON - cont...(10:00-17:59 PDT) - venator aurum - A Treasure Hunt -
CON - cont...(10:00-17:59 PDT) - CrackMeIfYouCan -
CON - cont...(10:00-17:59 PDT) - It's In That Place Where I Put That Thing That Time -
CON - cont...(10:00-16:30 PDT) - Darknet-NG -
CON - cont...(10:00-17:59 PDT) - Maps of the digital lands -
CON - cont...(10:00-17:59 PDT) - DC’s Next Top Threat Model (DCNTTM) -
CON - cont...(10:00-13:59 PDT) - Octopus Game -
CON - cont...(10:00-17:59 PDT) - DEF CON Scavenger Hunt -
CON - cont...(10:00-17:59 PDT) - DEFCON MUD DUMB TERMINAL EDITION -
CON - cont...(10:00-16:59 PDT) - Red Alert ICS CTF -
CON - cont...(10:00-17:59 PDT) - Dungeons@Defcon -
CON - cont...(10:00-17:59 PDT) - Red Team CTF -
CON - cont...(10:00-17:59 PDT) - ? Cube -
CON - cont...(10:30-14:30 PDT) - Trace Labs OSINT Search Party CTF - CTF Platform Open for Submissions -
CON - cont...(10:00-17:59 PDT) - Radio Frequency Capture the Flag -
CON - cont...(10:30-17:59 PDT) - Blue Team Village CTF -
CON - cont...(11:00-16:59 PDT) - Free Amateur Radio License Exams -
CON - cont...(10:00-17:59 PDT) - Embedded CTF -
CON - cont...(09:00-17:59 PDT) - Social Engineering Community (SEC) Youth Challenge -
CON - cont...(12:00-14:59 PDT) - TOOOL Dozier Drill Lockpicking Challenge -
CON - cont...(10:00-17:59 PDT) - Cloud Village CTF -
CON - cont...(10:00-16:59 PDT) - DC Kubernetes Capture the Flag (CTF) -
CPV - Is 2023 the Year of Privacy: How History and States are Posed to Change Privacy? - Anthony Hendricks
CPV - (13:30-13:59 PDT) - Domain Fronting Through Microsoft Azure and CloudFlare: How to Identify Viable Domain Fronting Proxies - Charles Miller,Michael Brown,Michael Pelosi
DC - Azure B2C 0-Day: An Exploit Chain from Public Keys to Microsoft Bug Bounty - John Novak
DC - cont...(10:00-17:59 PDT) - Vendor Area Open -
DC - cont...(09:30-18:59 PDT) - Human Registration Open -
DC - cont...(12:30-13:15 PDT) - Video-based Cryptanalysis: Extracting Secret Keys from Power LEDs of Various Non-compromised Devices Using a Video Camera - Ben Nassi,Ofek Vayner
DC - (13:30-14:15 PDT) - Meduza: How an exiled pirate media outlet breaks through the Kremlin's propaganda firewall - Alex
DC - Looking into the future, what can we learn about hacking in science-fiction? - Nicolas Minvielle,Xavier Facélina
DC - cont...(10:00-17:59 PDT) - Exhibitor Area Open -
DC - cont...(12:30-13:15 PDT) - An Audacious Plan to Halt the Internet's Enshittification - Cory Doctorow
DC - (13:30-14:15 PDT) - The GitHub Actions Worm: Compromising GitHub repositories through the Actions dependency tree - Asi Greenholts
DC - cont...(10:00-17:59 PDT) - Contest Area Open
DC - cont...(12:00-13:59 PDT) - Lonely Hackers Club - Resume Reviews & Career Advice
DC - cont...(12:30-13:30 PDT) - Metawar - Winn
DCGVR - cont...(12:35-13:20 PDT) - The Curse of Ncurses - Jonathan Bar Or
DCGVR - (13:35-14:05 PDT) - Bootsquad: Stomping out squatters - Joe Mast
DL - cont...(12:00-13:55 PDT) - BBOT (Bighuge BLS OSINT Tool) - Joel "TheTechromancer" Moore,Paul Mueller
DL - cont...(12:00-13:55 PDT) - Abusing Microsoft SQL Server with SQLRecon - Sanjiv Kawa
DL - cont...(12:00-13:55 PDT) - Red Wizard: user-friendly Red Teaming infrastructure - Ben Brücker
DL - cont...(12:00-13:55 PDT) - Am I Exploitable? (MI-X) - Ofri Ouzan,Yotam Perkal
DL - cont...(12:00-13:55 PDT) - Kraken, a modular multi-language webshell for defense evasion - Raul Caro
DL - cont...(12:00-13:55 PDT) - Pcapinator: Rise of the PCAP Machines - Henry Hill,Mike "d4rkm4tter" Spicer
ESV - cont...(10:00-17:59 PDT) - Embedded Systems Village Activities -
HHV - cont...(10:00-15:30 PDT) - Make Your Own Use -
HHV - cont...(10:00-17:59 PDT) - Soldering Skills Village Activities -
HHV - cont...(10:00-17:59 PDT) - RoboSumo Play Time -
HHV - cont...(10:00-15:30 PDT) - Hardware Hacking Rube Goldberg Machine -
HHV - RoboSumo Bracket Competition -
HRV - Using an SBC for ham radio digital modes that isn't a raspberry pi - Jon Marler
ICSV - cont...(12:00-13:30 PDT) - Fear and Loathing on Plum Island - David Emmerich,Emma Stewart,Jeremy Jones,Joe Minicucci
ICSV - (13:30-14:59 PDT) - Panel Discussion -- Designing and Deploying NOC/SOC in a Mobile, Limited Bandwidth Maritime Environment - Brad Proctor,Cliff Neve,Danny Joslin,Peter Dreyer,Tom Stites
IOTV - cont...(10:00-17:59 PDT) - Hardware Hacking Your Kitchen -
IOTV - cont...(10:00-17:59 PDT) - IoT Village Hacking Playground -
IOTV - cont...(10:00-17:59 PDT) - Critical Infrastructure & IoT Exploitation -
IOTV - cont...(10:00-17:59 PDT) - Secure or Surrender -
IOTV - cont...(10:00-17:59 PDT) - The IoT Kill Zone -
IOTV - cont...(10:00-17:59 PDT) - IoT Village Hardware Hacking Exercises 2023 -
IOTV - cont...(10:00-17:59 PDT) - Embedded Device Security Workshops -
IOTV - cont...(10:00-17:59 PDT) - Perform Memory Extraction, Emulation and Shellcode -
LPV - cont...(10:00-17:59 PDT) - Lockpick Village Activities -
MISC - No Starch Press - Book Signing - Jos Weyers, Matt Burrough & BandEAtoZ, Locksport
MISC - cont...(10:00-16:59 PDT) - DDV open and accepting drives for duplication -
MISC - cont...(10:00-15:59 PDT) - Book Exchange -
MISC - DC’s Next Top Threat Model (DCNTTM) - BYODesign Presentation -
MIV - cont...(12:30-13:30 PDT) - Patient Zero Day: The Leaking of Patients' Private Health Data Contributed To A Medical Infodemic - Andrea Downing
MIV - (13:30-14:30 PDT) - Main features of Russia's disinformation and propaganda ecosystem in Spanish-speaking countries - Carlos Galán
PHV - cont...(09:00-17:59 PDT) - Honey Pot Workshop -
PHV - cont...(09:00-17:59 PDT) - Build Your Own Botnet -
PHV - cont...(09:00-17:59 PDT) - Wall of Sheep -
PHV - cont...(09:00-17:59 PDT) - Linux Trainer Workshop -
PHV - cont...(09:00-17:59 PDT) - NetworkOS: Be The Cloud -
PHV - cont...(09:00-17:59 PDT) - RegEx Trainer -
PHV - cont...(09:00-17:59 PDT) - Password Lab -
PHV - cont...(09:00-17:59 PDT) - Fleet DefCon 31 Workshop -
PHV - cont...(09:00-17:59 PDT) - Packet Inspector -
PHV - cont...(09:00-17:59 PDT) - Packet Detective -
PLV - cont...(12:00-13:50 PDT) - Hands On a Cyber Policy Crisis: Testing Assumptions and Navigating Challenges through a Cyber Simulation - Safa Shahwan Edwards
PLV - cont...(11:00-13:50 PDT) - Secure by Design: Ask the Government Anything and Red-Pen Workshop - Bob Lord,Cheri Caddy,Jack Cable,Jen Easterly,Lauren Zabierek,Oumou Ly,Yael Grauer
PLV - Beyond the Breach: Exploring Cybersecurity Policies with Hacker Perspectives - Andrés Velázquez,Isabella Rolz,Mauro Vignati,Orlando Garces
PSV - cont...(10:00-17:59 PDT) - Physical Security Village Activities -
PSV - cont...(12:30-13:15 PDT) - Physical pentesting in a post-covid world - Brian Halbach
PSV - (13:15-13:30 PDT) - Free Pokemon Card Bus Passes - Jarvis,Malcolm
PWV - cont...(10:00-17:59 PDT) - Password Village Activities -
PYV - cont...(11:00-17:59 PDT) - Payment Village Challenges/CTF -
QTV - QDoor: Exploiting Approximate Synthesis for Backdoor Attacks in Quantum Neural Networks - Lei Jiang
RFV - 125khz the Brown note for Cars - Woody
RTV - cont...(11:00-16:59 PDT) - (In)Direct Syscalls: A Journey from High to Low - Daniel Feichter
RTV - How to [NOT] look like a Red Team - Michael Wylie
RTV - Storfield: A Quiet Methodology to Create Attacks in Mature Networks - Cory Wolff
RTV - cont...(12:00-13:59 PDT) - Scripting OWASP Amass for a Customized Experience - Jeff Foley
RTV - How Most Internal Networks are Compromised: A Set of Common Active Directory Attacks and How to Perform Them from Linux - Scott Brink
SEV - cont...(08:30-17:30 PDT) - SECV - Youth Challenge -
SEV - cont...(08:30-17:59 PDT) - SECV Village Open
SEV - cont...(11:30-13:30 PDT) - SE Improv -
SEV - (13:30-15:30 PDT) - Cold Calls -
SOC - cont...(10:00-17:59 PDT) - Hacker Memorial -
SOC - cont...(12:00-17:59 PDT) - Lonely Hackers Club Meetup -
SOC - cont...(10:00-17:59 PDT) - DCG Meetups
SOC - cont...(12:00-17:59 PDT) - HDA / Accessibility Area Open
SOC - cont...(12:00-17:59 PDT) - HDA Community Meetups
TEV - cont...(10:00-17:59 PDT) - Tamper Evident Village Activities -
VMV - cont...(12:30-13:20 PDT) - Review: Surprise Unboxing - Harri Hursti
VMV - cont...(12:55-13:40 PDT) - Conflicting Security Reports from Halderman-Springalll and from MITRE: Which Is Right? - David Jefferson,Drew Springall,Richard DeMillo
VMV - (13:30-14:20 PDT) - Interventions To Address Technology-Facilitated Violence in Democracy - Eric Davis,Hallie Stern,Omri Preiss,Theodora Skeadas
VMV - (13:55-14:35 PDT) - Political Polarization - Constantine Nicolaidis
XRV - cont...(10:00-15:59 PDT) - Haptics Hack-a-Thon -
XRV - cont...(10:00-17:59 PDT) - XR Village Playground -
XRV - cont...(11:00-16:59 PDT) - Off the Rails: A demo with Pacific Northwest National Labs -
XRV - XR implications on Mobile Security - Whitney Phillips
Saturday - 14:00 PDT
Return to Index - Locations Legend
AIV - cont...(10:00-17:59 PDT) - AI Village Generative Red Team Challenge -
AIV - cont...(13:30-14:25 PDT) - The Sinister Synergy of Advanced AI: Automatically Orchestrating Large-scale Scam Campaigns with Large Generative Models - Ben Gelman,Younghoo Lee
APV - cont...(13:00-14:59 PDT) - For Kids: Castle Defenders - Pentera
APV - cont...(13:30-14:15 PDT) - Dress Code - Analysis of the current status of the Content Security Policy - Felipe Molina
APV - (14:15-14:59 PDT) - MitmWs: A new way to pentest websocket applications - Jon F
APV - cont...(13:00-14:59 PDT) - How to Hide Behavior from Security Tools - Deepfactor
APV - cont...(13:00-14:59 PDT) - Open Source API Security for devsecops - Ankita Gupta,Ankush Jain
APV - cont...(13:00-14:59 PDT) - The Ultimate AppSec Trivia Challenge - Probely
APV - cont...(13:00-14:59 PDT) - Secure from Scratch: Secure Code Workshop for DEF CON Kids - Or Sahar,Yariv Tal
ASV - cont...(10:00-17:59 PDT) - Hack The Airport -
ASV - cont...(10:00-17:59 PDT) - Unmanned Aerial Systems – Platform Security -
ASV - cont...(10:00-17:59 PDT) - The Challenge - Lockheed Martin -
ASV - cont...(10:00-17:59 PDT) - A-ISAC CTF -
ASV - cont...(10:00-17:59 PDT) - Bricks in the Air -
ASV - cont...(10:00-17:59 PDT) - ARINC 615a CTF -
ASV - cont...(10:00-17:59 PDT) - PTP Flight Challenge -
ASV - cont...(10:00-17:59 PDT) - Ask Me Anything About Cybersecurity in Aerospace -
ASV - Labs and Trust: How to build a successful aviation cybersecurity research programme - Martin Strohmeier
ASV - (14:30-14:55 PDT) - Stories from the Trenches: Operating a Aeronautics Cyber Range - Christopher Ottesen
BHV - cont...(13:50-14:50 PDT) - Full Stack Disclosures - Edison Alvarez,Alex Mastrov,Matias Katz
BHV - (14:50-15:30 PDT) - Lanteryn: Blue Energy - Del de Zela
BTV - cont...(13:30-14:30 PDT) - So you want to become a Detection Engineer - Ben Bornholm,CerealKiller,kobaltfox,plug
BTV - cont...(13:30-14:30 PDT) - Why OT Cybersecurity Engineers Drink So Much - ThatDeadGuy
CLV - cont...(13:30-14:10 PDT) - What the Function: A Deep Dive into Azure Function App Security - Karl Fosaaen,Thomas Elling
CLV - Bridging the Gap: Cloud Threat Intelligence for Detection and Offensive Security Practitioners - Alex Delamotte
CLV - (14:50-15:35 PDT) - The Human Threat Factor - Cloud Security Misconfigurations - Kat Fitzgerald
CON - cont...(09:00-17:59 PDT) - HardWired -
CON - cont...(12:00-17:59 PDT) - Capture The Packet Main Rounds -
CON - cont...(10:00-17:59 PDT) - IoT Village CTF -
CON - cont...(10:00-17:59 PDT) - Hardware Hacking Village CTF -
CON - cont...(10:00-17:59 PDT) - 5n4ck3y -
CON - cont...(10:00-17:59 PDT) - TeleChallenge -
CON - cont...(10:00-17:59 PDT) - Hack-A-Sat 4 (HAS4) -
CON - cont...(10:00-16:59 PDT) - Adversary Wars CTF -
CON - cont...(10:00-17:59 PDT) - The Dark Tangent Look-Alike Contest -
CON - cont...(10:00-17:59 PDT) - CMD+CTRL at DEF CON 31 - Booth Open -
CON - cont...(10:00-17:59 PDT) - HackFortress -
CON - cont...(10:00-17:59 PDT) - Battle of The Bots -
CON - cont...(10:00-17:59 PDT) - Ham Radio Fox Hunting Contest -
CON - cont...(10:00-17:59 PDT) - The Gold Bug Challenge -
CON - cont...(10:00-19:59 PDT) - The Lonely Hard Drive -
CON - cont...(10:00-17:59 PDT) - Car Hacking Village CTF -
CON - cont...(10:00-17:59 PDT) - Tinfoil Hat Contest -
CON - cont...(10:00-17:59 PDT) - venator aurum - A Treasure Hunt -
CON - cont...(10:00-17:59 PDT) - CrackMeIfYouCan -
CON - cont...(10:00-17:59 PDT) - It's In That Place Where I Put That Thing That Time -
CON - cont...(10:00-16:30 PDT) - Darknet-NG -
CON - cont...(10:00-17:59 PDT) - Maps of the digital lands -
CON - cont...(10:00-17:59 PDT) - DC’s Next Top Threat Model (DCNTTM) -
CON - cont...(10:00-17:59 PDT) - DEF CON Scavenger Hunt -
CON - cont...(10:00-17:59 PDT) - DEFCON MUD DUMB TERMINAL EDITION -
CON - cont...(10:00-16:59 PDT) - Red Alert ICS CTF -
CON - cont...(10:00-17:59 PDT) - Dungeons@Defcon -
CON - cont...(10:00-17:59 PDT) - Red Team CTF -
CON - cont...(10:00-17:59 PDT) - ? Cube -
CON - cont...(10:30-14:30 PDT) - Trace Labs OSINT Search Party CTF - CTF Platform Open for Submissions -
CON - DEF CON 31 Beard and Mustache Contest -
CON - cont...(10:00-17:59 PDT) - Radio Frequency Capture the Flag -
CON - cont...(10:30-17:59 PDT) - Blue Team Village CTF -
CON - cont...(11:00-16:59 PDT) - Free Amateur Radio License Exams -
CON - cont...(10:00-17:59 PDT) - Embedded CTF -
CON - cont...(09:00-17:59 PDT) - Social Engineering Community (SEC) Youth Challenge -
CON - cont...(12:00-14:59 PDT) - TOOOL Dozier Drill Lockpicking Challenge -
CON - cont...(10:00-17:59 PDT) - Cloud Village CTF -
CON - cont...(10:00-16:59 PDT) - DC Kubernetes Capture the Flag (CTF) -
CPV - Exploring the Impact of PQC on Cryptographic Key Management - Deirdre Connolly,James Howe,Mark Carney,Ryan Hurst,Sandra Guasch Castello,Sofi Celi
DC - Power Corrupts; Corrupt It Back! Hacking Power Management in Data Centers - Jesse Chick,Sam Quinn
DC - cont...(10:00-17:59 PDT) - Vendor Area Open -
DC - cont...(09:30-18:59 PDT) - Human Registration Open -
DC - cont...(13:30-14:15 PDT) - Meduza: How an exiled pirate media outlet breaks through the Kremlin's propaganda firewall - Alex
DC - (14:30-15:15 PDT) - Exploiting OPC-UA in Every Possible Way: Practical Attacks Against Modern OPC-UA Architectures - Noam Moshe,Sharon Brizinov
DC - A SSLippery Slope: Unraveling the Hidden Dangers of Certificate Misuse - Bill Demirkapi
DC - cont...(10:00-17:59 PDT) - Exhibitor Area Open -
DC - cont...(13:30-14:15 PDT) - The GitHub Actions Worm: Compromising GitHub repositories through the Actions dependency tree - Asi Greenholts
DC - (14:30-15:15 PDT) - Contactless Overflow: Code execution in payment terminals and ATM’s over NFC - Josep Pi Rodriguez
DC - cont...(10:00-17:59 PDT) - Contest Area Open
DC - Lonely Hackers Club - Badgelife & Sticker Swap
DC - Off the record war story talks - Signs Ups On Site
DCGVR - cont...(13:35-14:05 PDT) - Bootsquad: Stomping out squatters - Joe Mast
DCGVR - (14:35-15:20 PDT) - Enhancing vulnerability research through the use of virtual reality workspaces. - datalocaltmp
DL - ThreatScraper: Automated Threat Intelligence Gathering and Analysis for VirusTotal - Aaron "AJ" Morath,Scott Graham
DL - RuleProcessorY & Gramify - Rule Optimization & Password Analysis tools - Niels Loozekoot
DL - HardHat Command & Control Framework - Jonathan Owens
DL - ProjectDiscovery Nuclei - Brendan O'Leary,Pj Metz
DL - ICS Forensics tool - Maayan Shaul,Ori Perez
DL - BLE CTF - Alek Amrani,Ryan Holeman
ESV - cont...(10:00-17:59 PDT) - Embedded Systems Village Activities -
HHV - cont...(10:00-15:30 PDT) - Make Your Own Use -
HHV - cont...(10:00-17:59 PDT) - Soldering Skills Village Activities -
HHV - cont...(10:00-17:59 PDT) - RoboSumo Play Time -
HHV - cont...(10:00-15:30 PDT) - Hardware Hacking Rube Goldberg Machine -
ICSV - cont...(13:30-14:59 PDT) - Panel Discussion -- Designing and Deploying NOC/SOC in a Mobile, Limited Bandwidth Maritime Environment - Brad Proctor,Cliff Neve,Danny Joslin,Peter Dreyer,Tom Stites
IOTV - cont...(10:00-17:59 PDT) - Hardware Hacking Your Kitchen -
IOTV - cont...(10:00-17:59 PDT) - IoT Village Hacking Playground -
IOTV - cont...(10:00-17:59 PDT) - Critical Infrastructure & IoT Exploitation -
IOTV - cont...(10:00-17:59 PDT) - Secure or Surrender -
IOTV - cont...(10:00-17:59 PDT) - The IoT Kill Zone -
IOTV - cont...(10:00-17:59 PDT) - IoT Village Hardware Hacking Exercises 2023 -
IOTV - cont...(10:00-17:59 PDT) - Embedded Device Security Workshops -
IOTV - cont...(10:00-17:59 PDT) - Perform Memory Extraction, Emulation and Shellcode -
LPV - cont...(10:00-17:59 PDT) - Lockpick Village Activities -
MISC - No Starch Press - Book Signing - Micah Lee, Hacks, Leaks and Revelations
MISC - (14:30-14:59 PDT) - No Starch Press - Book Signing - Cory Doctorow, Red Team Blues & Chokepoint Capitalism - Cory Doctorow
MISC - cont...(10:00-16:59 PDT) - DDV open and accepting drives for duplication -
MISC - cont...(10:00-15:59 PDT) - Book Exchange -
MISC - cont...(13:00-14:59 PDT) - DC’s Next Top Threat Model (DCNTTM) - BYODesign Presentation -
MISC - DEF CON Chess Kids Free-Play -
MIV - cont...(13:30-14:30 PDT) - Main features of Russia's disinformation and propaganda ecosystem in Spanish-speaking countries - Carlos Galán
MIV - (14:30-14:59 PDT) - 156 million targeted: Biggest social phishing cyberattacks during Brazil´s election - Douglas Bernardini
PHV - cont...(09:00-17:59 PDT) - Honey Pot Workshop -
PHV - cont...(09:00-17:59 PDT) - Build Your Own Botnet -
PHV - cont...(09:00-17:59 PDT) - Wall of Sheep -
PHV - cont...(09:00-17:59 PDT) - Linux Trainer Workshop -
PHV - cont...(09:00-17:59 PDT) - NetworkOS: Be The Cloud -
PHV - cont...(09:00-17:59 PDT) - RegEx Trainer -
PHV - cont...(09:00-17:59 PDT) - Password Lab -
PHV - cont...(09:00-17:59 PDT) - Fleet DefCon 31 Workshop -
PHV - cont...(09:00-17:59 PDT) - Packet Inspector -
PHV - cont...(09:00-17:59 PDT) - Packet Detective -
PLV - Let Night City Sleep - Governance Against a Cyberpunk Future - Cameron Byrd,Clayton Dixon
PLV - Abating the Eye of Sauron: Help Combat Authoritarian Censorship - David Houston,Michaela Lee
PLV - How can we encourage more hackers to engage with policy makers? - Peter Stephens,Thomas Kranz
PSV - cont...(10:00-17:59 PDT) - Physical Security Village Activities -
PSV - Lock Bypass 101 - Terry
PSV - (14:30-14:59 PDT) - Lock Bypass 102 - Ege
PWV - cont...(10:00-17:59 PDT) - Password Village Activities -
PYV - cont...(11:00-17:59 PDT) - Payment Village Challenges/CTF -
QTV - OpenQuantum: open-source hardware for quantum engineering via trapped atoms - Max Shirokawa Aalto
RCV - Easy EASM - the zero dollar attack surface management tool - Jason Haddix
RCV - (14:25-15:10 PDT) - Azure AD recon with OSINT tools - Nestori Syynimaa
RFV - Wardriving 102: Moving Beyond the Wigle App - bkobe
RTV - cont...(11:00-16:59 PDT) - (In)Direct Syscalls: A Journey from High to Low - Daniel Feichter
RTV - cont...(13:00-14:59 PDT) - How to [NOT] look like a Red Team - Michael Wylie
RTV - IOCs + APTs = "Let's play a game!" - Hack your way through a hunt! - Leo Cruz
RTV - AI-Driven Hacker's Toolkit: Using AI to Learn Python and Scapy for Exploitation and Post-Exploitation Techniques - Omar Santos
RTV - cont...(13:00-16:59 PDT) - How Most Internal Networks are Compromised: A Set of Common Active Directory Attacks and How to Perform Them from Linux - Scott Brink
SEV - cont...(08:30-17:30 PDT) - SECV - Youth Challenge -
SEV - cont...(08:30-17:59 PDT) - SECV Village Open
SEV - cont...(13:30-15:30 PDT) - Cold Calls -
SOC - WISP Chill Out Space with Refreshments -
SOC - cont...(10:00-17:59 PDT) - Hacker Memorial -
SOC - cont...(12:00-17:59 PDT) - Lonely Hackers Club Meetup -
SOC - cont...(10:00-17:59 PDT) - DCG Meetups
SOC - cont...(12:00-17:59 PDT) - HDA / Accessibility Area Open
SOC - cont...(12:00-17:59 PDT) - HDA Community Meetups
TCV - (14:30-15:59 PDT) - Diameter Workshop - Akib Sayyed,Zibran Sayyed
TEV - cont...(10:00-17:59 PDT) - Tamper Evident Village Activities -
VMV - cont...(13:30-14:20 PDT) - Interventions To Address Technology-Facilitated Violence in Democracy - Eric Davis,Hallie Stern,Omri Preiss,Theodora Skeadas
VMV - cont...(13:55-14:35 PDT) - Political Polarization - Constantine Nicolaidis
VMV - (14:30-15:20 PDT) - Defense Community - Brian Stearns,Charles Smith,Eric Davis,Glenn Borskey,Jon A.
VMV - (14:40-15:30 PDT) - Democracy, Are You Citizen Or Subject? - Kendall Spencer
WS - Introduction to Exploit Development (Pre-Registration Required) - Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman,Sam Bowne
WS - Hands-On TCP/IP Deep Dive with Wireshark - How this stuff really works (Pre-Registration Required) - Chris Greer
WS - The Joy of Reverse Engineering: Learning With Ghidra and WinDbg (Pre-Registration Required) - Wesley McGrew
WS - Digital Forensics and Incident Response Against the Digital Darkness: An Intro to Forensicating Evil (Pre-Registration Required) - Michael "S3curityNerd" Register,Michael "mR_F0r3n51c5" Solomon
WS - Starbase: open source graph security analysis (Pre-Registration Required) - Adam Pierson,Austin Kelleher,Guillaume Ross
XRV - cont...(10:00-15:59 PDT) - Haptics Hack-a-Thon -
XRV - cont...(10:00-17:59 PDT) - XR Village Playground -
XRV - cont...(11:00-16:59 PDT) - Off the Rails: A demo with Pacific Northwest National Labs -
XRV - The of History XR From Fiction to Reality - Bob Gourley,Starr Brown
Saturday - 15:00 PDT
Return to Index - Locations Legend
AIV - cont...(10:00-17:59 PDT) - AI Village Generative Red Team Challenge -
AIV - you sound confused, anyways - thanks for the jewels. - Adrian "threlfall" Wood
AIV - (15:30-15:55 PDT) - Hackaprompt 2023: Trials and Tribulations - Kenneth Yeung
APV - SusParams: Hypercharge your web testing with DATA - Jason Haddix
APV - (15:45-16:30 PDT) - Securing the Front Lines: Protecting Front-End Applications from Overlooked Vulnerabilities - Dohyeon Kim,WooWon Kang
APV - Hunt the Hacker - Detect compromises in your repositories! - GitGuardian
APV - How to Hide Behavior from Security Tools - Deepfactor
APV - Fix The Flag - Battle Challenge - Pedram Hayati
APV - Faking GitHub Reputation - Checkmarx
APV - Per-mission Impossible: Exploring the Android Permission Model and Intents - Miłosz Gaczkowski,William Taylor
ASV - cont...(10:00-17:59 PDT) - Hack The Airport -
ASV - cont...(10:00-17:59 PDT) - Unmanned Aerial Systems – Platform Security -
ASV - cont...(10:00-17:59 PDT) - The Challenge - Lockheed Martin -
ASV - cont...(10:00-17:59 PDT) - A-ISAC CTF -
ASV - cont...(10:00-17:59 PDT) - Bricks in the Air -
ASV - cont...(10:00-17:59 PDT) - ARINC 615a CTF -
ASV - cont...(10:00-17:59 PDT) - PTP Flight Challenge -
ASV - cont...(10:00-17:59 PDT) - Ask Me Anything About Cybersecurity in Aerospace -
ASV - Space Pirates on the Loose! - Space-Based Threats to US Interests - Henry Danielson,Sage Meadows
ASV - (15:30-16:20 PDT) - Wingin' It - Pentesting a 737 - Alexander Dodd
BHV - cont...(14:50-15:30 PDT) - Lanteryn: Blue Energy - Del de Zela
BHV - (15:30-16:10 PDT) - Enhancing Cybersecurity Resilience in the Brazilian Healthcare Sector: A Novel Red Team and Blue Team Methodology - Arthur Paixão,Diego Mariano
BICV - Unveiling My Journey to My First CVE: A Tale of Discovery and Achievement - Gaspard Baye
BTV - (15:45-16:45 PDT) - Arson Herders: An IR Guide to Fighting and Lighting Fires - Litmoose,Matt "dis0wn" Wagenknecht,Tina "Mugwump Jones" Velez,Unnamed user
CLV - cont...(14:50-15:35 PDT) - The Human Threat Factor - Cloud Security Misconfigurations - Kat Fitzgerald
CON - cont...(09:00-17:59 PDT) - HardWired -
CON - cont...(12:00-17:59 PDT) - Capture The Packet Main Rounds -
CON - cont...(10:00-17:59 PDT) - IoT Village CTF -
CON - cont...(10:00-17:59 PDT) - Hardware Hacking Village CTF -
CON - cont...(10:00-17:59 PDT) - 5n4ck3y -
CON - cont...(10:00-17:59 PDT) - TeleChallenge -
CON - cont...(10:00-17:59 PDT) - Hack-A-Sat 4 (HAS4) -
CON - cont...(10:00-16:59 PDT) - Adversary Wars CTF -
CON - cont...(10:00-17:59 PDT) - The Dark Tangent Look-Alike Contest -
CON - cont...(10:00-17:59 PDT) - CMD+CTRL at DEF CON 31 - Booth Open -
CON - cont...(10:00-17:59 PDT) - HackFortress -
CON - cont...(10:00-17:59 PDT) - Battle of The Bots -
CON - cont...(10:00-17:59 PDT) - Ham Radio Fox Hunting Contest -
CON - cont...(10:00-17:59 PDT) - The Gold Bug Challenge -
CON - cont...(10:00-19:59 PDT) - The Lonely Hard Drive -
CON - cont...(10:00-17:59 PDT) - Car Hacking Village CTF -
CON - cont...(10:00-17:59 PDT) - Tinfoil Hat Contest -
CON - cont...(10:00-17:59 PDT) - venator aurum - A Treasure Hunt -
CON - cont...(10:00-17:59 PDT) - CrackMeIfYouCan -
CON - cont...(10:00-17:59 PDT) - It's In That Place Where I Put That Thing That Time -
CON - cont...(10:00-16:30 PDT) - Darknet-NG -
CON - cont...(10:00-17:59 PDT) - Maps of the digital lands -
CON - cont...(10:00-17:59 PDT) - DC’s Next Top Threat Model (DCNTTM) -
CON - cont...(10:00-17:59 PDT) - DEF CON Scavenger Hunt -
CON - cont...(10:00-17:59 PDT) - DEFCON MUD DUMB TERMINAL EDITION -
CON - cont...(10:00-16:59 PDT) - Red Alert ICS CTF -
CON - cont...(10:00-17:59 PDT) - Dungeons@Defcon -
CON - cont...(10:00-17:59 PDT) - Red Team CTF -
CON - cont...(10:00-17:59 PDT) - ? Cube -
CON - cont...(14:00-15:59 PDT) - DEF CON 31 Beard and Mustache Contest -
CON - DEF CON Chess Tournament -
CON - (15:30-16:29 PDT) - Trace Labs OSINT Search Party CTF - Announce CTF Grand Prize Winners -
CON - cont...(10:00-17:59 PDT) - Radio Frequency Capture the Flag -
CON - cont...(10:30-17:59 PDT) - Blue Team Village CTF -
CON - cont...(11:00-16:59 PDT) - Free Amateur Radio License Exams -
CON - cont...(10:00-17:59 PDT) - Embedded CTF -
CON - cont...(09:00-17:59 PDT) - Social Engineering Community (SEC) Youth Challenge -
CON - cont...(10:00-17:59 PDT) - Cloud Village CTF -
CON - cont...(10:00-16:59 PDT) - DC Kubernetes Capture the Flag (CTF) -
CPV - Cryptosploit Workshop - Matt Cheung
DC - Revolutionizing ELF binary patching with Shiva: A JIT binary patching system for Linux - Ryan "ElfMaster" O'Neill
DC - cont...(10:00-17:59 PDT) - Vendor Area Open -
DC - cont...(09:30-18:59 PDT) - Human Registration Open -
DC - cont...(14:30-15:15 PDT) - Exploiting OPC-UA in Every Possible Way: Practical Attacks Against Modern OPC-UA Architectures - Noam Moshe,Sharon Brizinov
DC - (15:30-16:15 PDT) - Breaking BMC: The Forgotten Key to the Kingdom - Adam Zabrocki,Alex Tereshkin
DC - Spooky authentication at a distance - Tamas "SkelSec" Jos
DC - cont...(10:00-17:59 PDT) - Exhibitor Area Open -
DC - cont...(14:30-15:15 PDT) - Contactless Overflow: Code execution in payment terminals and ATM’s over NFC - Josep Pi Rodriguez
DC - (15:30-16:15 PDT) - ndays are also 0days: Can hackers launch 0day RCE attack on popular softwares only with chromium ndays? - Bohan Liu,GuanCheng Li,Zheng Wang
DC - cont...(10:00-17:59 PDT) - Contest Area Open
DC - cont...(14:00-16:59 PDT) - Lonely Hackers Club - Badgelife & Sticker Swap
DC - cont...(14:00-17:59 PDT) - Off the record war story talks - Signs Ups On Site
DCGVR - cont...(14:35-15:20 PDT) - Enhancing vulnerability research through the use of virtual reality workspaces. - datalocaltmp
DCGVR - (15:35-16:05 PDT) - Gender Inclusive Features Across the Health Information System - Squiddy
DL - cont...(14:00-15:55 PDT) - ThreatScraper: Automated Threat Intelligence Gathering and Analysis for VirusTotal - Aaron "AJ" Morath,Scott Graham
DL - cont...(14:00-15:55 PDT) - RuleProcessorY & Gramify - Rule Optimization & Password Analysis tools - Niels Loozekoot
DL - cont...(14:00-15:55 PDT) - HardHat Command & Control Framework - Jonathan Owens
DL - cont...(14:00-15:55 PDT) - ProjectDiscovery Nuclei - Brendan O'Leary,Pj Metz
DL - cont...(14:00-15:55 PDT) - ICS Forensics tool - Maayan Shaul,Ori Perez
DL - cont...(14:00-15:55 PDT) - BLE CTF - Alek Amrani,Ryan Holeman
ESV - cont...(10:00-17:59 PDT) - Embedded Systems Village Activities -
HHV - cont...(10:00-15:30 PDT) - Make Your Own Use -
HHV - cont...(10:00-17:59 PDT) - Soldering Skills Village Activities -
HHV - cont...(10:00-17:59 PDT) - RoboSumo Play Time -
HHV - cont...(10:00-15:30 PDT) - Hardware Hacking Rube Goldberg Machine -
HHV - Generating Rf With Stock Hardware For Drones - David Melendez
HRV - Modernizing AX.25 packet radio with Modern Packet Message Manager - Jeremy Banker
HRV - HF Radio Demonstration - KitKat
ICSV - Your Ship is Leaking... How Social Media Plays a Role in the Uncovering of Critical Maritime Systems - Rae Baker
ICSV - (15:30-15:59 PDT) - Improving the Speed of Cybersecurity: Seven Cyber Metrics for Maritime Owners and Operators - Tyson Meadors
IOTV - cont...(10:00-17:59 PDT) - Hardware Hacking Your Kitchen -
IOTV - cont...(10:00-17:59 PDT) - IoT Village Hacking Playground -
IOTV - cont...(10:00-17:59 PDT) - Critical Infrastructure & IoT Exploitation -
IOTV - cont...(10:00-17:59 PDT) - Secure or Surrender -
IOTV - cont...(10:00-17:59 PDT) - The IoT Kill Zone -
IOTV - cont...(10:00-17:59 PDT) - IoT Village Hardware Hacking Exercises 2023 -
IOTV - cont...(10:00-17:59 PDT) - Embedded Device Security Workshops -
IOTV - cont...(10:00-17:59 PDT) - Perform Memory Extraction, Emulation and Shellcode -
LPV - cont...(10:00-17:59 PDT) - Lockpick Village Activities -
MISC - No Starch Press - Book Signing - Jon DiMaggio, The Art of Cyberwarfare
MISC - cont...(10:00-16:59 PDT) - DDV open and accepting drives for duplication -
MISC - cont...(10:00-15:59 PDT) - Book Exchange -
MIV - Misinformation As A Service: Social Engineering techniques applied in service contexts. - Daniel Isler
MIV - (15:30-16:30 PDT) - IVY HAUL: A Computational Linguistics Analysis of a Disinformation Actor - Shea Nangle
PHV - cont...(09:00-17:59 PDT) - Honey Pot Workshop -
PHV - cont...(09:00-17:59 PDT) - Build Your Own Botnet -
PHV - cont...(09:00-17:59 PDT) - Wall of Sheep -
PHV - cont...(09:00-17:59 PDT) - Linux Trainer Workshop -
PHV - cont...(09:00-17:59 PDT) - NetworkOS: Be The Cloud -
PHV - cont...(09:00-17:59 PDT) - RegEx Trainer -
PHV - cont...(09:00-17:59 PDT) - Password Lab -
PHV - cont...(09:00-17:59 PDT) - Fleet DefCon 31 Workshop -
PHV - cont...(09:00-17:59 PDT) - Packet Inspector -
PHV - cont...(09:00-17:59 PDT) - Packet Detective -
PHV - WINE Pairing with Malware - Jared Stroud
PLV - Non-State Actors in the Russia/Ukraine Conflict - Dan Grobarcik,Marc Rogers,Mauro Vignati,Stefanie Metka
PLV - cont...(14:00-15:50 PDT) - Abating the Eye of Sauron: Help Combat Authoritarian Censorship - David Houston,Michaela Lee
PLV - All Your Vulns are Belong to Terms & Conditions - Casey Ellis,David Rogers,Harley Geiger,Katie Trimble-Noble
PSV - cont...(10:00-17:59 PDT) - Physical Security Village Activities -
PWV - cont...(10:00-17:59 PDT) - Password Village Activities -
PYV - cont...(11:00-17:59 PDT) - Payment Village Challenges/CTF -
QTV - Quantum Technologies on a Raspberry Pi (and HackRF one) - Ben Varcoe
RCV - cont...(14:25-15:10 PDT) - Azure AD recon with OSINT tools - Nestori Syynimaa
RCV - Unlocking the Power of OWASP Amass: Introducing the Open Asset Model for Comprehensive Attack Surface Mapping - Jeff Foley
RCV - (15:55-16:20 PDT) - Finding Hidden Gems In Temporary Mail Services - Berk Can Geyikci
RFV - Antennas - Kent
RTV - cont...(11:00-16:59 PDT) - (In)Direct Syscalls: A Journey from High to Low - Daniel Feichter
RTV - Red Hot (Red Team TTPs) - Ralph May,Steve Borosh
RTV - OSINT Skills Lab Challenge - Lee McWhorter,Sandra Stibbards
RTV - Malware Hunting an Offensive Approach - Filipi Pires
RTV - cont...(13:00-16:59 PDT) - How Most Internal Networks are Compromised: A Set of Common Active Directory Attacks and How to Perform Them from Linux - Scott Brink
SEV - cont...(08:30-17:30 PDT) - SECV - Youth Challenge -
SEV - cont...(08:30-17:59 PDT) - SECV Village Open
SEV - cont...(13:30-15:30 PDT) - Cold Calls -
SOC - cont...(14:00-15:59 PDT) - WISP Chill Out Space with Refreshments -
SOC - cont...(10:00-17:59 PDT) - Hacker Memorial -
SOC - cont...(12:00-17:59 PDT) - Lonely Hackers Club Meetup -
SOC - cont...(10:00-17:59 PDT) - DCG Meetups
SOC - cont...(12:00-17:59 PDT) - HDA / Accessibility Area Open
SOC - cont...(12:00-17:59 PDT) - HDA Community Meetups
TCV - cont...(14:30-15:59 PDT) - Diameter Workshop - Akib Sayyed,Zibran Sayyed
TEV - cont...(10:00-17:59 PDT) - Tamper Evident Village Activities -
VMV - cont...(14:30-15:20 PDT) - Defense Community - Brian Stearns,Charles Smith,Eric Davis,Glenn Borskey,Jon A.
VMV - cont...(14:40-15:30 PDT) - Democracy, Are You Citizen Or Subject? - Kendall Spencer
VMV - (15:30-16:20 PDT) - 2024 Election Threat Landscape - Catherine Terranova,Hallie Stern,Rebecca Scott Thein,Sandra Khalil,Sarah Amos
VMV - (15:35-16:15 PDT) - Influencing Voters Through Social Media, ADTECH, Big Data, and AI - Joe Schniebes
WS - cont...(14:00-17:59 PDT) - Starbase: open source graph security analysis (Pre-Registration Required) - Adam Pierson,Austin Kelleher,Guillaume Ross
WS - cont...(14:00-17:59 PDT) - Introduction to Exploit Development (Pre-Registration Required) - Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman,Sam Bowne
WS - cont...(14:00-17:59 PDT) - Hands-On TCP/IP Deep Dive with Wireshark - How this stuff really works (Pre-Registration Required) - Chris Greer
WS - cont...(14:00-17:59 PDT) - The Joy of Reverse Engineering: Learning With Ghidra and WinDbg (Pre-Registration Required) - Wesley McGrew
WS - cont...(14:00-17:59 PDT) - Digital Forensics and Incident Response Against the Digital Darkness: An Intro to Forensicating Evil (Pre-Registration Required) - Michael "S3curityNerd" Register,Michael "mR_F0r3n51c5" Solomon
XRV - cont...(10:00-15:59 PDT) - Haptics Hack-a-Thon -
XRV - cont...(10:00-17:59 PDT) - XR Village Playground -
XRV - cont...(11:00-16:59 PDT) - Off the Rails: A demo with Pacific Northwest National Labs -
Saturday - 16:00 PDT
Return to Index - Locations Legend
AIV - cont...(10:00-17:59 PDT) - AI Village Generative Red Team Challenge -
AIV - Ignore the Law: The Legal Risks of Prompt Injection Attacks on Large Language Models - Ram Shankar Siva Kumar
AIV - (16:30-17:25 PDT) - ChatGPT: Your Red Teaming Ally - Gavin Klondike
APV - cont...(15:45-16:30 PDT) - Securing the Front Lines: Protecting Front-End Applications from Overlooked Vulnerabilities - Dohyeon Kim,WooWon Kang
APV - (16:30-17:15 PDT) - Breaking Barriers: A Deep Dive into Bypassing Next-Gen 2FA and MFA Security Measures - Muhammad Shahmeer
APV - cont...(15:00-16:59 PDT) - Hunt the Hacker - Detect compromises in your repositories! - GitGuardian
APV - cont...(15:00-16:59 PDT) - How to Hide Behavior from Security Tools - Deepfactor
APV - cont...(15:00-16:59 PDT) - Fix The Flag - Battle Challenge - Pedram Hayati
APV - cont...(15:00-16:59 PDT) - Faking GitHub Reputation - Checkmarx
APV - cont...(15:00-16:59 PDT) - Per-mission Impossible: Exploring the Android Permission Model and Intents - Miłosz Gaczkowski,William Taylor
ASV - cont...(10:00-17:59 PDT) - Hack The Airport -
ASV - cont...(10:00-17:59 PDT) - Unmanned Aerial Systems – Platform Security -
ASV - cont...(10:00-17:59 PDT) - The Challenge - Lockheed Martin -
ASV - cont...(10:00-17:59 PDT) - A-ISAC CTF -
ASV - cont...(10:00-17:59 PDT) - Bricks in the Air -
ASV - cont...(10:00-17:59 PDT) - ARINC 615a CTF -
ASV - cont...(10:00-17:59 PDT) - PTP Flight Challenge -
ASV - cont...(10:00-17:59 PDT) - Ask Me Anything About Cybersecurity in Aerospace -
ASV - cont...(15:30-16:20 PDT) - Wingin' It - Pentesting a 737 - Alexander Dodd
ASV - (16:30-16:55 PDT) - A Fireside Chat with Chris Roberts and Pete Cooper - Chris Roberts,Pete Cooper
BHV - cont...(15:30-16:10 PDT) - Enhancing Cybersecurity Resilience in the Brazilian Healthcare Sector: A Novel Red Team and Blue Team Methodology - Arthur Paixão,Diego Mariano
BHV - FaFo: Laboratory Physical and ICS (Warning: not for the faint of heart) - Nathan Case
BICV - BIC Village Closing Keynote - Kevin Roberts
BTV - cont...(15:45-16:45 PDT) - Arson Herders: An IR Guide to Fighting and Lighting Fires - Litmoose,Matt "dis0wn" Wagenknecht,Tina "Mugwump Jones" Velez,Unnamed user
CON - cont...(09:00-17:59 PDT) - HardWired -
CON - cont...(12:00-17:59 PDT) - Capture The Packet Main Rounds -
CON - cont...(10:00-17:59 PDT) - IoT Village CTF -
CON - cont...(10:00-17:59 PDT) - Hardware Hacking Village CTF -
CON - cont...(10:00-17:59 PDT) - 5n4ck3y -
CON - cont...(10:00-17:59 PDT) - TeleChallenge -
CON - cont...(10:00-17:59 PDT) - Hack-A-Sat 4 (HAS4) -
CON - cont...(10:00-16:59 PDT) - Adversary Wars CTF -
CON - cont...(10:00-17:59 PDT) - The Dark Tangent Look-Alike Contest -
CON - cont...(10:00-17:59 PDT) - CMD+CTRL at DEF CON 31 - Booth Open -
CON - cont...(10:00-17:59 PDT) - HackFortress -
CON - cont...(10:00-17:59 PDT) - Battle of The Bots -
CON - cont...(10:00-17:59 PDT) - Ham Radio Fox Hunting Contest -
CON - cont...(10:00-17:59 PDT) - The Gold Bug Challenge -
CON - cont...(10:00-19:59 PDT) - The Lonely Hard Drive -
CON - cont...(10:00-17:59 PDT) - Car Hacking Village CTF -
CON - cont...(10:00-17:59 PDT) - Tinfoil Hat Contest -
CON - cont...(10:00-17:59 PDT) - venator aurum - A Treasure Hunt -
CON - cont...(10:00-17:59 PDT) - CrackMeIfYouCan -
CON - cont...(10:00-17:59 PDT) - It's In That Place Where I Put That Thing That Time -
CON - cont...(10:00-16:30 PDT) - Darknet-NG -
CON - cont...(10:00-17:59 PDT) - Maps of the digital lands -
CON - cont...(10:00-17:59 PDT) - DC’s Next Top Threat Model (DCNTTM) -
CON - cont...(10:00-17:59 PDT) - DEF CON Scavenger Hunt -
CON - cont...(10:00-17:59 PDT) - DEFCON MUD DUMB TERMINAL EDITION -
CON - cont...(10:00-16:59 PDT) - Red Alert ICS CTF -
CON - cont...(10:00-17:59 PDT) - Dungeons@Defcon -
CON - cont...(10:00-17:59 PDT) - Red Team CTF -
CON - cont...(10:00-17:59 PDT) - ? Cube -
CON - cont...(15:00-17:59 PDT) - DEF CON Chess Tournament -
CON - cont...(15:30-16:29 PDT) - Trace Labs OSINT Search Party CTF - Announce CTF Grand Prize Winners -
CON - cont...(10:00-17:59 PDT) - Radio Frequency Capture the Flag -
CON - cont...(10:30-17:59 PDT) - Blue Team Village CTF -
CON - cont...(11:00-16:59 PDT) - Free Amateur Radio License Exams -
CON - cont...(10:00-17:59 PDT) - Embedded CTF -
CON - cont...(09:00-17:59 PDT) - Social Engineering Community (SEC) Youth Challenge -
CON - cont...(10:00-17:59 PDT) - Cloud Village CTF -
CON - cont...(10:00-16:59 PDT) - DC Kubernetes Capture the Flag (CTF) -
CPV - CPV Ten Year Anniversary Gathering - CPV Staff
DC - A Broken Marriage: Abusing Mixed Vendor Kerberos Stacks - Ceri Coburn
DC - (16:30-17:15 PDT) - All information looks like noise until you break the code: Futureproofing the transportation sector - David Pekoske,Jen Easterly,Kevin Collier
DC - cont...(10:00-17:59 PDT) - Vendor Area Open -
DC - cont...(09:30-18:59 PDT) - Human Registration Open -
DC - cont...(15:30-16:15 PDT) - Breaking BMC: The Forgotten Key to the Kingdom - Adam Zabrocki,Alex Tereshkin
DC - (16:30-16:50 PDT) - Your Clocks Have Ears — Timing-Based Browser-Based Local Network Port Scanner - Dongsung “Donny” Kim
DC - Runtime Riddles: Abusing Manipulation Points in the Android Source - Laurie Kirk
DC - cont...(10:00-17:59 PDT) - Exhibitor Area Open -
DC - cont...(15:30-16:15 PDT) - ndays are also 0days: Can hackers launch 0day RCE attack on popular softwares only with chromium ndays? - Bohan Liu,GuanCheng Li,Zheng Wang
DC - (16:30-17:15 PDT) - Abortion Access in the Age of Surveillance - Corynne McSherry,Daly Barnett,India McKinney,Kate Bertash
DC - cont...(10:00-17:59 PDT) - Contest Area Open
DC - cont...(14:00-16:59 PDT) - Lonely Hackers Club - Badgelife & Sticker Swap
DC - cont...(14:00-17:59 PDT) - Off the record war story talks - Signs Ups On Site
DCGVR - cont...(15:35-16:05 PDT) - Gender Inclusive Features Across the Health Information System - Squiddy
DCGVR - (16:35-17:35 PDT) - Hey CryptoBro!: How Are Criminals Laundering, Monetizing, and Targeting Cryptocurrency, NFTs, and Smart Contracts? - Sam Colaizzi
ESV - cont...(10:00-17:59 PDT) - Embedded Systems Village Activities -
HHV - cont...(10:00-17:59 PDT) - Soldering Skills Village Activities -
HHV - cont...(10:00-17:59 PDT) - RoboSumo Play Time -
HHV - Hardware Hacking Village Prize Ceremony -
HRV - cont...(15:00-16:30 PDT) - HF Radio Demonstration - KitKat
ICSV - The Unlikely Romance: Critical Infrastructure Edition - Casey Ellis
ICSV - (16:30-16:59 PDT) - Lessons learned when building a Maritime Systems Security Laboratory Testbench - Brien Croteau
IOTV - cont...(10:00-17:59 PDT) - Hardware Hacking Your Kitchen -
IOTV - cont...(10:00-17:59 PDT) - IoT Village Hacking Playground -
IOTV - cont...(10:00-17:59 PDT) - Critical Infrastructure & IoT Exploitation -
IOTV - cont...(10:00-17:59 PDT) - Secure or Surrender -
IOTV - cont...(10:00-17:59 PDT) - The IoT Kill Zone -
IOTV - cont...(10:00-17:59 PDT) - IoT Village Hardware Hacking Exercises 2023 -
IOTV - cont...(10:00-17:59 PDT) - Embedded Device Security Workshops -
IOTV - cont...(10:00-17:59 PDT) - Perform Memory Extraction, Emulation and Shellcode -
LPV - cont...(10:00-17:59 PDT) - Lockpick Village Activities -
LPV - Intro to Lockpicking - TOOOL
LPV - (16:45-17:45 PDT) - Totally Tubular: An Impromptu Talk About Tubular Locks and Keys - Deviant Ollam
MISC - No Starch Press - Book Signing - Fotios Chantzis, Paulino Calderon, & Beau Woods, Practical IoT Hacking
MISC - cont...(10:00-16:59 PDT) - DDV open and accepting drives for duplication -
MIV - cont...(15:30-16:30 PDT) - IVY HAUL: A Computational Linguistics Analysis of a Disinformation Actor - Shea Nangle
MIV - (16:30-17:30 PDT) - Hacks, Leaks, and Revelations: Pandemic Profiteers and COVID-19 Disinformation - Micah Lee
PHV - cont...(09:00-17:59 PDT) - Honey Pot Workshop -
PHV - cont...(09:00-17:59 PDT) - Build Your Own Botnet -
PHV - cont...(09:00-17:59 PDT) - Wall of Sheep -
PHV - cont...(09:00-17:59 PDT) - Linux Trainer Workshop -
PHV - cont...(09:00-17:59 PDT) - NetworkOS: Be The Cloud -
PHV - cont...(09:00-17:59 PDT) - RegEx Trainer -
PHV - cont...(09:00-17:59 PDT) - Password Lab -
PHV - cont...(09:00-17:59 PDT) - Fleet DefCon 31 Workshop -
PHV - cont...(09:00-17:59 PDT) - Packet Inspector -
PHV - cont...(09:00-17:59 PDT) - Packet Detective -
PHV - The Importance of Arts and Crafts in ThreatOps - Pete Hay
PLV - We're From the Government and We're Here to Help Secure Open Source Software - Anjana Rajan,Brian Behlendorf,Charlie Gladstone,Jack Cable
PLV - How do you solve a problem like Mirai - establishing a policy baseline for the IoT around the world - Kat Megas,Peter Stephens
PSV - cont...(10:00-17:59 PDT) - Physical Security Village Activities -
PWV - cont...(10:00-17:59 PDT) - Password Village Activities -
PYV - cont...(11:00-17:59 PDT) - Payment Village Challenges/CTF -
QTV - Quantini Time! Cocktail hour for the Quantum curious and creative -
QTV - Quantum Music Workshop: Build Your Own Quantum Synthesizer! - Mark Carney
RCV - cont...(15:55-16:20 PDT) - Finding Hidden Gems In Temporary Mail Services - Berk Can Geyikci
RCV - (16:20-17:05 PDT) - Riding with the Chollimas: Our 100-Day Quest to Identify a North Korean State-Sponsored Threat Actor - Mauro Eldritch
RTV - cont...(11:00-16:59 PDT) - (In)Direct Syscalls: A Journey from High to Low - Daniel Feichter
RTV - How to prioritize Red Team Findings? Presenting CRTFSS: Common Red Team Findings Score System Ver. 1.0 - Guillermo Buendia
RTV - OSINT Skills Lab Challenge - Lee McWhorter,Sandra Stibbards
RTV - Hacking Web Apps and APIs with WebSploit Labs - Omar Santos
RTV - cont...(13:00-16:59 PDT) - How Most Internal Networks are Compromised: A Set of Common Active Directory Attacks and How to Perform Them from Linux - Scott Brink
SEV - cont...(08:30-17:30 PDT) - SECV - Youth Challenge -
SEV - cont...(08:30-17:59 PDT) - SECV Village Open
SEV - Building an Effective Security Culture Program - Jessica Barker,Maxie Reynolds,Rebecca Markwick,Sam Davison
SOC - Queercon Mixers -
SOC - WISP Peer-to-Peer Mentoring and Networking -
SOC - cont...(10:00-17:59 PDT) - Hacker Memorial -
SOC - cont...(12:00-17:59 PDT) - Lonely Hackers Club Meetup -
SOC - cont...(10:00-17:59 PDT) - DCG Meetups
SOC - cont...(12:00-17:59 PDT) - HDA / Accessibility Area Open
SOC - cont...(12:00-17:59 PDT) - HDA Community Meetups
TCV - Diameter CTF - Akib Sayyed,Zibran Sayyed
TEV - cont...(10:00-17:59 PDT) - Tamper Evident Village Activities -
VMV - cont...(15:30-16:20 PDT) - 2024 Election Threat Landscape - Catherine Terranova,Hallie Stern,Rebecca Scott Thein,Sandra Khalil,Sarah Amos
VMV - cont...(15:35-16:15 PDT) - Influencing Voters Through Social Media, ADTECH, Big Data, and AI - Joe Schniebes
VMV - (16:30-17:30 PDT) - The Impact Of Misinformation On Elections - Joe Schniebes,Maia Mazurkiewicz,Michael Moore
WS - cont...(14:00-17:59 PDT) - Starbase: open source graph security analysis (Pre-Registration Required) - Adam Pierson,Austin Kelleher,Guillaume Ross
WS - cont...(14:00-17:59 PDT) - Introduction to Exploit Development (Pre-Registration Required) - Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman,Sam Bowne
WS - cont...(14:00-17:59 PDT) - Hands-On TCP/IP Deep Dive with Wireshark - How this stuff really works (Pre-Registration Required) - Chris Greer
WS - cont...(14:00-17:59 PDT) - The Joy of Reverse Engineering: Learning With Ghidra and WinDbg (Pre-Registration Required) - Wesley McGrew
WS - cont...(14:00-17:59 PDT) - Digital Forensics and Incident Response Against the Digital Darkness: An Intro to Forensicating Evil (Pre-Registration Required) - Michael "S3curityNerd" Register,Michael "mR_F0r3n51c5" Solomon
XRV - cont...(10:00-17:59 PDT) - XR Village Playground -
XRV - cont...(11:00-16:59 PDT) - Off the Rails: A demo with Pacific Northwest National Labs -
XRV - Glad Scientist | Village Vibes Immersive Performance, a data-driven real time audiovisual VR performance -
Saturday - 17:00 PDT
Return to Index - Locations Legend
AIV - cont...(10:00-17:59 PDT) - AI Village Generative Red Team Challenge -
AIV - cont...(16:30-17:25 PDT) - ChatGPT: Your Red Teaming Ally - Gavin Klondike
APV - cont...(16:30-17:15 PDT) - Breaking Barriers: A Deep Dive into Bypassing Next-Gen 2FA and MFA Security Measures - Muhammad Shahmeer
ASV - cont...(10:00-17:59 PDT) - Hack The Airport -
ASV - cont...(10:00-17:59 PDT) - Unmanned Aerial Systems – Platform Security -
ASV - cont...(10:00-17:59 PDT) - The Challenge - Lockheed Martin -
ASV - cont...(10:00-17:59 PDT) - A-ISAC CTF -
ASV - cont...(10:00-17:59 PDT) - Bricks in the Air -
ASV - cont...(10:00-17:59 PDT) - ARINC 615a CTF -
ASV - cont...(10:00-17:59 PDT) - PTP Flight Challenge -
ASV - cont...(10:00-17:59 PDT) - Ask Me Anything About Cybersecurity in Aerospace -
ASV - Aerospace Village - 5 Years On - Pete Cooper
BHV - cont...(16:10-17:10 PDT) - FaFo: Laboratory Physical and ICS (Warning: not for the faint of heart) - Nathan Case
BHV - Virtual Reality/Augmented Reality: What’s missing from the pie? When data privacy and security measures aren’t “baked” in from the beginning - LaTica Hammond,Lola Ajayi,Rian Phelps
BTV - It’s not that your threat intelligence IOCs are worthless… - Charlie,Lauren Proehl,Mick/nohackme,Silas Cutler
CON - cont...(09:00-17:59 PDT) - HardWired -
CON - cont...(12:00-17:59 PDT) - Capture The Packet Main Rounds -
CON - cont...(10:00-17:59 PDT) - IoT Village CTF -
CON - cont...(10:00-17:59 PDT) - Hardware Hacking Village CTF -
CON - cont...(10:00-17:59 PDT) - ? Cube -
CON - cont...(10:00-17:59 PDT) - 5n4ck3y -
CON - cont...(10:00-17:59 PDT) - TeleChallenge -
CON - cont...(10:00-17:59 PDT) - Hack-A-Sat 4 (HAS4) -
CON - cont...(10:00-17:59 PDT) - The Dark Tangent Look-Alike Contest -
CON - cont...(10:00-17:59 PDT) - CMD+CTRL at DEF CON 31 - Booth Open -
CON - cont...(10:00-17:59 PDT) - HackFortress -
CON - cont...(10:00-17:59 PDT) - Battle of The Bots -
CON - cont...(10:00-17:59 PDT) - Ham Radio Fox Hunting Contest -
CON - cont...(10:00-17:59 PDT) - The Gold Bug Challenge -
CON - cont...(10:00-19:59 PDT) - The Lonely Hard Drive -
CON - cont...(10:00-17:59 PDT) - Car Hacking Village CTF -
CON - cont...(10:00-17:59 PDT) - Tinfoil Hat Contest -
CON - cont...(10:00-17:59 PDT) - venator aurum - A Treasure Hunt -
CON - cont...(10:00-17:59 PDT) - CrackMeIfYouCan -
CON - cont...(10:00-17:59 PDT) - It's In That Place Where I Put That Thing That Time -
CON - cont...(10:00-17:59 PDT) - Maps of the digital lands -
CON - cont...(10:00-17:59 PDT) - DC’s Next Top Threat Model (DCNTTM) -
CON - cont...(10:00-17:59 PDT) - DEF CON Scavenger Hunt -
CON - cont...(10:00-17:59 PDT) - DEFCON MUD DUMB TERMINAL EDITION -
CON - cont...(10:00-17:59 PDT) - Dungeons@Defcon -
CON - cont...(10:00-17:59 PDT) - Red Team CTF -
CON - cont...(15:00-17:59 PDT) - DEF CON Chess Tournament -
CON - Hack3r Runw@y -
CON - cont...(10:00-17:59 PDT) - Radio Frequency Capture the Flag -
CON - cont...(10:30-17:59 PDT) - Blue Team Village CTF -
CON - cont...(10:00-17:59 PDT) - Embedded CTF -
CON - cont...(09:00-17:59 PDT) - Social Engineering Community (SEC) Youth Challenge -
CON - cont...(10:00-17:59 PDT) - Cloud Village CTF -
CPV - cont...(16:00-17:59 PDT) - CPV Ten Year Anniversary Gathering - CPV Staff
DC - cont...(16:30-17:15 PDT) - All information looks like noise until you break the code: Futureproofing the transportation sector - David Pekoske,Jen Easterly,Kevin Collier
DC - (17:30-17:50 PDT) - Lions and Tigers and Fancy Bears, Oh My!: A Cautionary Tale for our Cyber Future - Jen Easterly,Scott Shapiro
DC - cont...(10:00-17:59 PDT) - Vendor Area Open -
DC - cont...(09:30-18:59 PDT) - Human Registration Open -
DC - Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js - Mikhail Shcherbakov,Musard Balliu
DC - Polynonce: An ECDSA Attack and Polynomial Dance - Marco Macchetti,Nils Amiet
DC - cont...(10:00-17:59 PDT) - Exhibitor Area Open -
DC - cont...(16:30-17:15 PDT) - Abortion Access in the Age of Surveillance - Corynne McSherry,Daly Barnett,India McKinney,Kate Bertash
DC - cont...(10:00-17:59 PDT) - Contest Area Open
DC - Lonely Hackers Club - Name That Noob
DC - cont...(14:00-17:59 PDT) - Off the record war story talks - Signs Ups On Site
DCGVR - cont...(16:35-17:35 PDT) - Hey CryptoBro!: How Are Criminals Laundering, Monetizing, and Targeting Cryptocurrency, NFTs, and Smart Contracts? - Sam Colaizzi
ESV - cont...(10:00-17:59 PDT) - Embedded Systems Village Activities -
HHV - cont...(10:00-17:59 PDT) - Soldering Skills Village Activities -
HHV - cont...(10:00-17:59 PDT) - RoboSumo Play Time -
IOTV - cont...(10:00-17:59 PDT) - Hardware Hacking Your Kitchen -
IOTV - cont...(10:00-17:59 PDT) - IoT Village Hacking Playground -
IOTV - cont...(10:00-17:59 PDT) - Critical Infrastructure & IoT Exploitation -
IOTV - cont...(10:00-17:59 PDT) - Secure or Surrender -
IOTV - cont...(10:00-17:59 PDT) - The IoT Kill Zone -
IOTV - cont...(10:00-17:59 PDT) - IoT Village Hardware Hacking Exercises 2023 -
IOTV - cont...(10:00-17:59 PDT) - Embedded Device Security Workshops -
IOTV - cont...(10:00-17:59 PDT) - Perform Memory Extraction, Emulation and Shellcode -
LPV - cont...(10:00-17:59 PDT) - Lockpick Village Activities -
LPV - cont...(16:45-17:45 PDT) - Totally Tubular: An Impromptu Talk About Tubular Locks and Keys - Deviant Ollam
MIV - cont...(16:30-17:30 PDT) - Hacks, Leaks, and Revelations: Pandemic Profiteers and COVID-19 Disinformation - Micah Lee
MIV - (17:30-17:59 PDT) - Misinformation Village Q and A - Misinformation Village Staff
PHV - cont...(09:00-17:59 PDT) - Honey Pot Workshop -
PHV - cont...(09:00-17:59 PDT) - Build Your Own Botnet -
PHV - cont...(09:00-17:59 PDT) - Wall of Sheep -
PHV - cont...(09:00-17:59 PDT) - Linux Trainer Workshop -
PHV - cont...(09:00-17:59 PDT) - NetworkOS: Be The Cloud -
PHV - cont...(09:00-17:59 PDT) - RegEx Trainer -
PHV - cont...(09:00-17:59 PDT) - Password Lab -
PHV - cont...(09:00-17:59 PDT) - Fleet DefCon 31 Workshop -
PHV - cont...(09:00-17:59 PDT) - Packet Inspector -
PHV - cont...(09:00-17:59 PDT) - Packet Detective -
PLV - cont...(16:00-17:50 PDT) - We're From the Government and We're Here to Help Secure Open Source Software - Anjana Rajan,Brian Behlendorf,Charlie Gladstone,Jack Cable
PLV - Navigating the Digital Frontier: Advancing Cyber Diplomacy in a Connected World - Christopher Painter,Harry Krejsa,Monica M. Ruiz,Océane Thieriot,Orlando Garces
PSV - cont...(10:00-17:59 PDT) - Physical Security Village Activities -
PWV - cont...(10:00-17:59 PDT) - Password Village Activities -
PYV - cont...(11:00-17:59 PDT) - Payment Village Challenges/CTF -
QTV - cont...(16:00-17:59 PDT) - Quantini Time! Cocktail hour for the Quantum curious and creative -
QTV - Quantum Computer Music Performance, by Scott Oshiro (one half of NpHz) - Scott Oshiro
RCV - cont...(16:20-17:05 PDT) - Riding with the Chollimas: Our 100-Day Quest to Identify a North Korean State-Sponsored Threat Actor - Mauro Eldritch
RCV - The Perils of Generative AI: Implications for Open Source Intelligence Research - Andy Dennis
SEV - cont...(08:30-17:30 PDT) - SECV - Youth Challenge -
SEV - cont...(08:30-17:59 PDT) - SECV Village Open
SEV - Phishing with Dynamite: Harnessing AI to Supercharge Offensive Operations - Dani Goland,Preston Thornburg
SOC - cont...(16:00-17:59 PDT) - Queercon Mixers -
SOC - cont...(16:00-17:59 PDT) - WISP Peer-to-Peer Mentoring and Networking -
SOC - cont...(10:00-17:59 PDT) - Hacker Memorial -
SOC - cont...(12:00-17:59 PDT) - Lonely Hackers Club Meetup -
SOC - cont...(10:00-17:59 PDT) - DCG Meetups
SOC - Friends of Bill W -
SOC - cont...(12:00-17:59 PDT) - HDA / Accessibility Area Open
SOC - cont...(12:00-17:59 PDT) - HDA Community Meetups
TCV - cont...(16:00-17:59 PDT) - Diameter CTF - Akib Sayyed,Zibran Sayyed
TEV - cont...(10:00-17:59 PDT) - Tamper Evident Village Activities -
VMV - cont...(16:30-17:30 PDT) - The Impact Of Misinformation On Elections - Joe Schniebes,Maia Mazurkiewicz,Michael Moore
WS - cont...(14:00-17:59 PDT) - Starbase: open source graph security analysis (Pre-Registration Required) - Adam Pierson,Austin Kelleher,Guillaume Ross
WS - cont...(14:00-17:59 PDT) - Introduction to Exploit Development (Pre-Registration Required) - Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman,Sam Bowne
WS - cont...(14:00-17:59 PDT) - Hands-On TCP/IP Deep Dive with Wireshark - How this stuff really works (Pre-Registration Required) - Chris Greer
WS - cont...(14:00-17:59 PDT) - The Joy of Reverse Engineering: Learning With Ghidra and WinDbg (Pre-Registration Required) - Wesley McGrew
WS - cont...(14:00-17:59 PDT) - Digital Forensics and Incident Response Against the Digital Darkness: An Intro to Forensicating Evil (Pre-Registration Required) - Michael "S3curityNerd" Register,Michael "mR_F0r3n51c5" Solomon
XRV - cont...(10:00-17:59 PDT) - XR Village Playground -
XRV - Push All the Buttons Digital Twinning with Idaho National Labs in collaboration with DEF CON ICS Village - Kolton Heaps
Saturday - 18:00 PDT
Return to Index - Locations Legend
CON - cont...(10:00-19:59 PDT) - The Lonely Hard Drive -
DC - cont...(09:30-18:59 PDT) - Human Registration Open -
DCGVR - Ghost on the wire- check the air - hoodiePony
MISC - EFF Tech Trivia -
MUS - Music Set / Entertainment (Saturday, ACK Stage) - DotOrNot,Dr. McGrew,H4X,Icetre Normal,NGHTHWK,SK,Z3npi,n0x08
Saturday - 19:00 PDT
Return to Index - Locations Legend
CON - cont...(10:00-19:59 PDT) - The Lonely Hard Drive -
DCGVR - What is a GRC Hacker anyway? - Allen Baranov
MISC - cont...(18:00-21:59 PDT) - EFF Tech Trivia -
SOC - BlanketFort Con -
SOC - (19:30-21:59 PDT) - DEF CON Kids Party -
SOC - Policy Lounge
Saturday - 20:00 PDT
Return to Index - Locations Legend
CON - Hacker Jeopardy -
DCGVR - cont...(19:05-20:05 PDT) - What is a GRC Hacker anyway? - Allen Baranov
DCGVR - DCGVR Closing
DCGVR - After Hours Social / Hang out with DEF CON Group members and DCG VR Staff
MISC - cont...(18:00-21:59 PDT) - EFF Tech Trivia -
SOC - cont...(19:30-21:59 PDT) - DEF CON Kids Party -
SOC - Hacker Karaoke 15 -
SOC - cont...(19:00-21:59 PDT) - Policy Lounge
Saturday - 21:00 PDT
Return to Index - Locations Legend
CON - cont...(20:00-21:59 PDT) - Hacker Jeopardy -
DCGVR - cont...(20:10-21:10 PDT) - After Hours Social / Hang out with DEF CON Group members and DCG VR Staff
MISC - cont...(18:00-21:59 PDT) - EFF Tech Trivia -
MUS - Yarrrrgh Pirate Night - Music Set / Entertainment (Saturday, SYN Stage) - FuzzyNop,Miss Jackalope,Ninjula,O'Craven Pirate Band,Skittish & Bus
SOC - Arcade Party -
SOC - VetCon -
SOC - Hack The Box, Pub Crawl -
SOC - Capitol Tech University, Pub Crawl -
SOC - University of Advancing Technology, Pub Crawl -
SOC - SECV - 80's Themed Party! -
SOC - cont...(19:30-21:59 PDT) - DEF CON Kids Party -
SOC - cont...(19:00-21:59 PDT) - Policy Lounge
Saturday - 22:00 PDT
Return to Index - Locations Legend
SOC - cont...(21:00-23:59 PDT) - SECV - 80's Themed Party! -
SOC - Social Engineering Community Party -
Saturday - 23:00 PDT
Return to Index - Locations Legend
SOC - cont...(21:00-23:59 PDT) - SECV - 80's Themed Party! -
SOC - cont...(22:00-23:59 PDT) - Social Engineering Community Party -
Talk/Event Descriptions
CON - Saturday - 10:00-17:59 PDT
Title: ? Cube
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
Are you ready to put your problem-solving skills to the test?
This year, we are proud to introduce a brand new contest, designed to push your limits and awaken your curiosity.
The ? Cube Challenge is not for the faint-hearted. It is a multi-layered, complex puzzle that requires you to use all your hacking and analytical skills to solve it.
The cube is loaded with riddles and puzzles that must be solved one by one to progress further towards the ultimate goal.
This challenge is not just about solving a puzzle, it's about exploring your curiosity and pushing the boundaries of your knowledge.
It's about putting your hacker mindset to work and seeing how far you can go.
With each step, you'll be one step closer to unlocking the secrets of the ? Cube Challenge.We know that Defcon attendees are always looking for the next big challenge, and we have created the ? Cube Challenge with that in mind.
It is a contest that will test your limits, engage your creativity, and push your curiosity to the next level.So come and join us at Defcon 31 and take on the ultimate challenge! Who knows, you might just walk away with the title of ? Cub Champion and the admiration of your fellow hackers. Are you ready to take the challenge?
The above was totally written by ChatGPT. I don't want to give out too much information, but basically there is going to be a big cube like object that contestants will have to deconstruct to find the hidden awesomeness. I hope to have challenges spread across multiple domains, both online in a jeopardy style ctf as well as the physical puzzle of the cube which will be module in nature, with each physical puzzle tying to the next.
Return to Index - Add to
- ics Calendar file
RTV - Saturday - 11:00-16:59 PDT
Title: (In)Direct Syscalls: A Journey from High to Low
When: Saturday, Aug 12, 11:00 - 16:59 PDT
Where: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1 - Map
SpeakerBio:Daniel Feichter
No BIO available
Twitter: @VirtualAllocEx
Description:
Our workshop/journey will be called "(In)direct Syscalls: A Journey from High to Low". It is a hands-on experience where we start with some Windows internals basics, talk about system calls in Windows OS in general, take a look at Win32 APIs, Native APIs, etc. We also take a look at the concepts of direct syscalls and indirect syscalls. Based on various chapters, each student will build their own indirect syscall shellcode loader step by step and analyze it a bit with x64dbg. Below is an overview of the chapters covered in the workshop.
Return to Index - Add to
- ics Calendar file
BTV - Saturday - 11:30-12:30 PDT
Title: (n)Map Exploration: A Great Time in Remote Destinations
When: Saturday, Aug 12, 11:30 - 12:30 PDT
Where: Flamingo - Sunset - Scenic - Blue Team Village - Main Stage - Map
SpeakerBio:SamunoskeX
SamunoskeX is an Information Security Professional who works as part of a Security Operations Team and is also an Information Security instructor at a college. He is a Blue Team enthusiast and enjoys sharing all things Blue Team with the world.
SamunoskeX has attended DEFCON Events since DC26.
Description:
Can we find activity within the corporate network that might be suspicious?
Can we find activity within the corporate network that might be suspicious?
Return to Index - Add to
- ics Calendar file
RFV - Saturday - 13:00-13:59 PDT
Title: 125khz the Brown note for Cars
When: Saturday, Aug 12, 13:00 - 13:59 PDT
Where: Flamingo - Eldorado - Radio Frequency Village - Map
SpeakerBio:Woody
Infared Tracking, Gotenna Exploits, and Raptor Captor. He is also staff for the RF Village, probably luck. He has also been know to watch Burn Notice, but doesn't eat at much yogurt as Zero.
Twitter: @@tb69rr
Description:
I will demonstrate how to use LF 125-137 khz to make vehicles and their components play nice together. Using LF to make TPMS and Keyfobs spit out their info. We will show how to do this and how to check the responses. Think of being able to make TPMS and Keyfobs spit their data out at will. I will show how to use everything from a Proxmark to a hackrf to make this happen. I'll also demo antennas and hardware mods we recommend.
Return to Index - Add to
- ics Calendar file
MIV - Saturday - 14:30-14:59 PDT
Title: 156 million targeted: Biggest social phishing cyberattacks during Brazil´s election
When: Saturday, Aug 12, 14:30 - 14:59 PDT
Where: Caesars Forum - Summit - 224 - Misinfo Village - Map
SpeakerBio:Douglas Bernardini
Cybersecurity professional with degrees from FGV/Brazil & specializations from Insper/Brazil and Harvard/USA. Leading a data privacy consulting firm, specializing in cloud assessment, pentest, OSINT, SOC implementation, SIEM configuration, and cloud security. An accomplished author, speaker, professor, and researcher with editorial roles in cyber0.io blog. Active member of OWASP and the Linux Foundation. Currently a trust advisor in corporate cybersecurity for banks, retail, industries, and insurance companies. Boasts a vast physical library of 100+ cybersecurity books and a digital collection of 100,000+ documents on hacking, cloud computing, DevSecOps, SIEM, Cyberdefense, Digital forensics, and cryptography. Holds +8 cybersecurity, cloud computing, and ethical hacking certifications.
Description:
In the era of digitalization, the world has witnessed an unprecedented increase in cyber threats, particularly during crucial events such as elections. Today, we delve into a significant case study that shook the Brazilian political landscape and shed light on the immense challenges posed by social phishing cyberattacks.
As we all know, Brazil's elections are not only a matter of national importance but also hold global significance. The ability to conduct free and fair elections is the cornerstone of any democratic society. However, in recent years, cybercriminals have exploited the vulnerability of social media platforms and unleashed sophisticated phishing attacks to manipulate public opinion and disrupt the democratic process.
In this presentation, we focus on the largest social phishing cyberattacks ever recorded during Brazil's election, where a staggering 156 million individuals were specifically targeted. These attacks, meticulously orchestrated and strategically timed, aimed to deceive and manipulate voters by spreading disinformation, creating confusion, and influencing their decision-making process.
We will explore the modus operandi of the cybercriminals behind these attacks, the techniques they employed to infiltrate the social media landscape, and the sophisticated psychological tactics utilized to exploit the vulnerabilities of the unsuspecting public. Moreover, we will analyze the significant consequences of these cyberattacks on the political climate, public trust, and the overall integrity of the electoral process.
Throughout this presentation, we will also discuss the challenges faced by government authorities, law enforcement agencies, and technology companies in countering such threats. From advanced artificial intelligence algorithms to public awareness campaigns, we will explore various strategies implemented to mitigate the impact of social phishing cyberattacks and safeguard the democratic principles that Brazil holds dear.
By examining this case study, we aim to shed light on the growing need for enhanced cybersecurity measures, international collaboration, and comprehensive policies to prevent the recurrence of such incidents in future elections, not only in Brazil but also across the globe. It is essential for all stakeholders to understand the gravity of these threats and work together to fortify our digital ecosystems against cybercriminals seeking to undermine the very foundations of democracy.
Return to Index - Add to
- ics Calendar file
VMV - Saturday - 15:30-16:20 PDT
Title: 2024 Election Threat Landscape
When: Saturday, Aug 12, 15:30 - 16:20 PDT
Where: Caesars Forum - Academy - 415-418 - Voting Village - Map
Speakers:Catherine Terranova,Hallie Stern,Rebecca Scott Thein,Sandra Khalil,Sarah Amos
SpeakerBio:Catherine Terranova
Catherine Terranova is the Vice President of Operations at the Election Integrity Foundation, the 501(c)(3) organization founded by world renown ethical hacker Harri Hursti. She co-organized the Voting Village at DEFCON 29, DEFCON 30, and DEFCON 31. She is a Columbia University alumna and researcher whose current focus is on cyber security and election integrity with an emphasis on data and voting rights.
Twitter: @catlovesvoting
SpeakerBio:Hallie Stern
Hallie Stern is the Founder and Director of Digital Rapid Response and Information Strategy for Mad Mirror Media, a digital identity and technology consultancy, where she conducts research & development initiatives, teaches courses on disinformation and influence, and investigates anomalies in ad-tech ecosystems and algorithms for her cross-sector, cross-industry clients. She also works with the Disarm Foundation to develop tools and tandards for mitigating online harm related to disinformation and is a member of the Integrity Institute. She holds an M.S. from NYU in Global Security, Conflict, and Cybercrime, where she focused on The Human Side of Cyber Conflict, with practicums and fellowships at The Global Disinformation Index, UMD START, the Dept of State, and the Department of Homeland Security. Additional awards include The David L. Boren National Security Fellowship. Prior to her studies, Hallie spent a year exploring digital communication and data surveillance in Africa, the Mediterranean, and South East Asia.
SpeakerBio:Rebecca Scott Thein
Rebecca Scott Thein is an experienced product, program and people manager at the intersection of society, responsible product development and accessible design. Rebecca was most recently a Senior Technical Program Manager at Twitter, where she oversaw the globalization efforts of civic and crisis response work, including the Brazil & US midterm elections, Covid misinformation and the conflict in Ukraine. Additionally, she oversaw all harmful & illegal content (IP, terrorism & coordinated harmful group activity, Information Operations, and csam/abuse. Rebecca became a recent Digital Sherlock Scholar through the Atlantic Council’s Digital Forensics Research Lab, serves as a Visiting Fellow for the Integrity Institute and acts as a Responsible Tech Advisor for All Tech is Human.
SpeakerBio:Sandra Khalil
Sandra Khalil manages strategic partnerships for All Tech is Human, a global responsible technology nonprofit organization based in New York. Before her time at All Tech Is Human, she spent eight years working in federal, municipal, and think tank roles making people-to-people connections and amplifying globally underrepresented voices. Sandra holds a Master of Science in Global Security, Conflict, and Cyber from New York University with a concentration on cyber policy. Her interests are at the nexus of people, technology, and democracy, with the end user being the most critical stakeholder and driver of innovation for a safer, equitable, and inclusive tech future.
SpeakerBio:Sarah Amos
Sarah Amos is a former journalist turned product manager with nearly a decade of experience contributing to the development and optimization of AI-enabled informational products for start-ups, Fortune 500 companies and the public sector. Most recently she worked closely with Twitter’s Trust and Safety Team as a product manager for Civic Integrity, building features to mitigate the harms of platform manipulation, misinformation and abuse during global election cycles. Before that she founded and led the R&D Department at Dataminr, an AI platform that detects the earliest signals of high-impact events and emerging risks from open source data.
Twitter: @sarah3amos
Description:
This panel is a comprehensive overview on the most pressing threats to public confidence in 2024 election outcomes. The panel is intended to answer questions such as, “What threats since 2020 still remain? How have they evolved? What new threats have emerged that were not present before? And how might the 2024 elections face challenges different from the past? What should voters, election officials, journalists and tech platforms be paying attention to?” The panel will address infrastructure foundations in election administration (election officials; voting technology); foreign threats; the disinformation ecosystem; and new technologies such as generative AI.
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-17:59 PDT
Title: 5n4ck3y
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
AND!XOR creates electronic badges that are filled with challenges. We love doing this, especially coming up with unique ways for hackers to earn them. We are excited to re-introduce the newest member of our hacker-fam... 5n4ck3y (Snackey). 5n4ck3y is a vending machine hardware hacking project, retrofitted into an IoT CTF based badge dispensing machine, complete with bling. To earn a badge, you must find a flag on our web hosted CTF platform. Once you have found a flag, you will be given a 5n4ck3y dispense code. Enter the code into the vending machine and a badge will be dispensed to you! There are a variety of challenges to earn a badge, as well as challenges to continue working on the badge itself once obtained. These span from hardware hacking, reverse engineering, OSINT, OS & network security to name a few. Hardware hacking is our passion and we want people to learn on badges. But more importantly, there is a lot to learn at DEF CON, so our challenge will hopefully serve a desire to learn something new and meet new friends while trying to earn a badge and hack it further. We hope you enjoy 5n4ck3y and all that it has to offer!
Return to Index - Add to
- ics Calendar file
DC - Saturday - 16:00-16:20 PDT
Title: A Broken Marriage: Abusing Mixed Vendor Kerberos Stacks
When: Saturday, Aug 12, 16:00 - 16:20 PDT
Where: Caesars Forum - Academy - 407-410 - Track 4 - Map
SpeakerBio:Ceri Coburn
, Red Team Operator & Offensive Security Dev at Pen Test Partners
After a 20 career within the software development space, Ceri was looking for a new challenge and moved into pen testing back in 2019. During that time he has created and contributed to several open source offensive tools such as Rubeus, BOFNET and SweetPotato and on the odd occasion contributed to projects on the defensive side too. He current works as a red team operator and offensive security dev at Pen Test Partners.
Twitter: @_EthicalChaos_
Description:
The Windows Active Directory authority and the MIT/Heimdal Kerberos stacks found on Linux/Unix based hosts often coexist in harmony within the same Kerberos realm. This talk and tool demonstration will show how this marriage is a match made in hell. Microsoft's Kerberos stack relies on non standard data to identify it's users. MIT/Heimdal Kerberos stacks do not support this non standard way of identifying users. We will look at how Active Directory configuration weaknesses can be abused to escalate privileges on *inux based hosts joined to the same Active Directory authority. This will also introduce an updated version of Rubeus to take advantage of some of these weaknesses.
- REFERENCES
- * https://techcommunity.microsoft.com/t5/security-compliance-and-identity/sam-name-impersonation/ba-p/3042699
* https://www.catalyst.net.nz/blog/stay-curious-dollar-ticket-security-issue
* https://exploit.ph/cve-2021-42287-cve-2021-42278-weaponisation.html
* https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-kile/6435d3fb-8cf6-4df5-a156-1277690ed59c
Return to Index - Add to
- ics Calendar file
ASV - Saturday - 16:30-16:55 PDT
Title: A Fireside Chat with Chris Roberts and Pete Cooper
When: Saturday, Aug 12, 16:30 - 16:55 PDT
Where: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
Speakers:Chris Roberts,Pete Cooper
SpeakerBio:Chris Roberts
Chris is the CISO for Boom Supersonic and works as an advisor for several entities and organizations around the globe. His most recent projects are focused within the aerospace, deception, identity, cryptography, Artificial Intelligence, and services sectors. Over the years, he's founded or worked with several folks specializing in OSINT/SIGINT/HUMINT research, intelligence gathering, cryptography, and deception technologies. These days he’s working on spreading the risk, maturity, collaboration, and communication word across the industry. (Likely while coding his EEG driven digital clone that’s monitoring his tea and biscuit consumption!)
Since the late 90’s Chris has been deeply involved with security R&D, consulting, and advisory services in his quest to protect and defend businesses and individuals against various types of attack. Prior to that he jumped out of planes for a living, visiting all sorts of interesting countries and cultures while doing his best to avoid getting shot at too often. (Before that, he managed to get various computers confiscated by several European entities.)
He’s considered one of the world’s foremost experts on counter threat intelligence and vulnerability research within the Information Security industry. He’s also gotten a name for himself in the transportation arena, basically anything with wings, wheels, tracks, tyres, fins, props or paddles has been the target for research for the last 15 years. (To interesting effect.)
Twitter: @Sidragon1
SpeakerBio:Pete Cooper
No BIO available
Description:
Join Pete Cooper in a fireside chat with Chris Roberts about his role as the CISO for Boom Supersonic and how he is approaching the challenges of securing a flying platform from the ground up using everything from digital twins to AI. It will also be a chance to discuss what he has learnt across his career and his advice for the next generation coming through.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 14:00-14:45 PDT
Title: A SSLippery Slope: Unraveling the Hidden Dangers of Certificate Misuse
When: Saturday, Aug 12, 14:00 - 14:45 PDT
Where: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
SpeakerBio:Bill Demirkapi
, Microsoft Security Response Center
Bill is an undergraduate student and a security researcher for the Microsoft Security Response Center with an intense passion for Windows Internals. His interests include reverse engineering and vulnerability research, ranging from low-level memory corruption to systemic flaws with catastrophic consequences. He started his journey in high school and has since published his work at internationally-recognized conferences like DEF CON and Black Hat USA. In his pursuit to make the world a better place, Bill constantly looks for the next significant vulnerability, following the motto "break anything and everything".
Twitter: @BillDemirkapi
Description:
Digital signatures are fundamental for verifying the authenticity and integrity of untrusted data in the digital world. They ensure that software, firmware, and other digital content are not tampered with during transmission or at rest. Code signing certificates are significantly more challenging to obtain when compared to alternatives like SSL or S/MIME certificates. The latter only has a single criterion- proof of control over a domain, while the former requires significant validation of the publisher itself.
This project uncovered a systemic vulnerability present in numerous signature validation implementations, enabling attackers to exploit valid certificates in an unintended manner. Vulnerable implementations mistakenly perceive files signed with incompatible certificates as legitimate, violating their respective specifications and allowing threat actors to sign untrusted code at little to no cost. In this talk, we will explore the problem at all levels, ranging from the fundamental theory to its application across multiple formats and real-world situations.
- REFERENCES
- - Boeyen, Sharon, et al. “Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile.” IETF, 1 May 2008, datatracker.ietf.org/doc/html/rfc5280.
- Housley, Russ. “Cryptographic Message Syntax (CMS).” IETF, 5 Sept. 2002, datatracker.ietf.org/doc/html/rfc3369.
- “Windows Authenticode Portable Executable Signature Format.” Microsoft.com, Microsoft, 21 Mar. 2008, download.microsoft.com/download/9/c/5/9c5b2167-8017-4bae-9fde-d599bac8184a/authenticode_pe.docx.
- “PE Format - Win32 Apps.” Learn.microsoft.com, Microsoft, 31 Mar. 2021, learn.microsoft.com/en-us/windows/win32/debug/pe-format.
- “Trusted Root Certification Authorities Certificate Store.” Learn.microsoft.com, Microsoft, 14 Dec. 2021, learn.microsoft.com/en-us/windows-hardware/drivers/install/trusted-root-certification-authorities-certificate-store.
- “What’s the Difference between DV, OV & EV SSL Certificates?” Www.digicert.com, DigiCert, 23 Aug. 2022, www.digicert.com/difference-between-dv-ov-and-ev-ssl-certificates.
- The OpenSSL Project. OpenSSL: The Open Source Toolkit for SSL/TLS. Apr. 2003.
- Brubaker, Chad, et al. “Using Frankencerts for Automated Adversarial Testing of Certificate Validation in SSL/TLS Implementations.” 2014 IEEE Symposium on Security and Privacy, 18 May 2014, www.cs.cornell.edu/~shmat/shmat_oak14.pdf, https://doi.org/10.1109/sp.2014.15.
Return to Index - Add to
- ics Calendar file
ASV - Saturday - 10:00-17:59 PDT
Title: A-ISAC CTF
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
Description:
A-ISAC CTF
A-ISAC and Embry-Riddle Aeronautical University - Prescott
**Laptop Needed**
A variety of aviation infrastructure have been compromised. Immerse yourself into challenges where you are tasked with identifying attacks/attackers, stopping attacks, and restoring normal operations. As a participant your first step is to register ahead and read the rules at: https://aisac.cyberskyline.com/events/aisac-defcon and bring your own laptop to the venue. You can participate in the virtual challenges from Friday, but the more critical in-person challenges are only available at certain times during Village open hours!
Return to Index - Add to
- ics Calendar file
PLV - Saturday - 14:00-15:50 PDT
Title: Abating the Eye of Sauron: Help Combat Authoritarian Censorship
When: Saturday, Aug 12, 14:00 - 15:50 PDT
Where: Caesars Forum - Summit - 220 - Policy NOT-A-SCIF - Map
Speakers:David Houston,Michaela Lee
SpeakerBio:David Houston
, International Relations Officer, Bureau of Democracy, Human Rights, and Labor at U.S. Department of State
David Houston is a career member of the Foreign Service with the U.S. Department of State, currently working on the Internet freedom team and confronting issues at the nexus of emerging technology and human rights impact. He is a former Army Captain and combat veteran of the war in Afghanistan, and has served at embassies in Beijing, Panama, and Mogadishu.
SpeakerBio:Michaela Lee
, Director for Strategy and Research at The Office of National Cyber Director (ONCD)
Michaela Lee is the Director for Strategy and Research at the Office of the National Cyber Director. Prior to her present role, Michaela worked at the intersection of geopolitical risk and cybersecurity at the Krebs Stamos Group. Her background is in emerging technologies and human rights, having covered issues of artificial intelligence, privacy, and platform governance at nonprofit BSR (Business for Social Responsibility). She is a graduate of the University of California, Davis and the Harvard Kennedy School.
Description:
Authoritarian regimes abuse technology as a tool to suppress critics, journalists, human rights defenders, and more. Often, they exploit security weaknesses in common Internet technologies in their attempts to censor information and communication and curtail freedom of expression. ONCD and the State Department will talk about how authoritarian regimes censor their populations, U.S. Government efforts to increase security while combatting authoritarian censorship and repression, and how to help.
The lack of security and resilience throughout the network stack creates opportunities for authoritarian regimes to repress or censor at scale. We will talk through how regimes have historically taken advantage of protocols, internet infrastructure, and lack of encryption to do just that. We’ll then talk about how the U.S. Government is approaching this problem.
But most technology, development, and internet services are in the private sector, not the government. So we'll talk about how the community can help: from protocols that need more research and testing, to implementing known security practices, attendees will learn how they can contribute to Internet freedom!
Return to Index - Add to
- ics Calendar file
DC - Saturday - 16:30-17:15 PDT
Title: Abortion Access in the Age of Surveillance
When: Saturday, Aug 12, 16:30 - 17:15 PDT
Where: Caesars Forum - Forum - 130-134 - Track 3 - Map
Speakers:Corynne McSherry,Daly Barnett,India McKinney,Kate Bertash
SpeakerBio:Corynne McSherry
, Legal Director at Electronic Frontier Foundation
As EFF's Legal Director, McSherry has extensive experience in advocating for digital civil liberties and promoting net neutrality. Her perspective on the legal frameworks shaping the digital landscape will provide DEF CON attendees with insights on regulatory issues affecting technology users.
Twitter: @cmcsherr
SpeakerBio:Daly Barnett
, Staff Technologist at Electronic Frontier Foundation
Daly Barnett is a staff technologist at the Electronic Frontier Foundation and a digital privacy consultant with Hacking//Hustling. She utilizes her skills as a techie and experience as an activist and educator to undermine the harms that surveillance causes movement-oriented work. Where most information security resources seek to protect capital, her goal is to re-tool those concepts to protect people and liberatory movements.
SpeakerBio:India McKinney
, Director of Federal Affairs at Electronic Frontier Foundation
As a former Capitol Hill staffer and a current EFF lobbyist, India’s main job is to make sure that the laws of the land don't suck the life out of the internet. India’s passion has always been for good public policy, and she’s excited to be using skills developed during past legislative battles to fight for encryption, for consumer privacy, and civil liberties in the digital realm.
Twitter: @@imck82
SpeakerBio:Kate Bertash
, Founder at Digital Defense Fund
Kate Bertash is the founder of the Digital Defense Fund, a digital security organization for the abortion access movement. She is a hacker and designer of the ALPR-jamming clothing line, Adversarial Wear.
Twitter: @@katerosebee
Description:
In the year since the Supreme Court overturned federal legal protections for reproductive rights, people seeking, providing, and supporting reproductive healthcare are grappling with the challenges of digital surveillance. Multiple services and apps track our movements and communications, and that data can be used by law enforcement and private parties to police and punish abortion access. Lawsuits and prosecutions are already underway and are likely to increase as states continue to pass or expand anti-abortion laws and undermine legal protections for online expression and privacy.
But the fight is far from over. At the state and federal level, lawmakers, activists, and technologists are taking steps to establish and shore up legal and practical protections for secure and private healthcare access.
This panel brings together legal and security experts to lead a discussion about defending reproductive justice in the digital age Ð what has already been accomplished, whatÕs coming, and how hackers can help. It will build on and update a discussion held last year, also led by EFF and DDF.
- REFERENCES
- https://www.eff.org/issues/reproductive-rights
https://www.eff.org/deeplinks/2023/03/texas-bill-would-systematically-silence-anyone-who-dares-talk-about-abortion-pills
https://www.eff.org/deeplinks/2023/02/eff-backs-california-bill-protect-people-seeking-abortion-and-gender-affirming
https://www.eff.org/deeplinks/2022/09/automated-license-plate-readers-threaten-abortion-access-heres-how-policymakers
https://www.eff.org/deeplinks/2022/08/nonprofit-websites-are-full-of-trackers-that-should-change
https://www.ifwhenhow.org/resources/self-care-criminalized-preliminary-findings/
Return to Index - Add to
- ics Calendar file
CPV - Saturday - 12:00-12:30 PDT
Title: About Face! Beginner Intro to Facial Recognition
When: Saturday, Aug 12, 12:00 - 12:30 PDT
Where: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
SpeakerBio:Kate
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
CHV - Saturday - 12:00-12:59 PDT
Title: Abusing CAN Bus Protocol Specification for Denial of Service in Embedded Systems
When: Saturday, Aug 12, 12:00 - 12:59 PDT
Where: Caesars Forum - Summit - 233 - Shared Stage - Map
SpeakerBio:Martin Petran
Martin is a security engineer working at Accenture in Prague specializing in performing penetration testing of embedded systems. His responsibilities and research areas of interest include but are not limited to reverse engineering, hardware hacking and radio analysis. As an open-source enthusiast, he also developed several open source tools that focus on automation during reverse engineering.
Description:
The CAN bus is a traditional communication standard used (not only) in automotive to allow different components to talk to each other over reliable connection. While one of the primary motivators for CAN bus introduction was to reduce the amount of wiring inside vehicles, it became popular for its robustness, flexibility, and ease of implementation for which it is now used in almost every vehicle.As with any other protocol, it is a well-defined standard that enforces all aspects of the communication from the physical media to the message format and its processing. The formal protocol specifications like this are often seen as the source of the absolute truth when working with various transfer protocols. Such specifications are very strict on the format of the messages that belong to the given protocol and thus it is natural that developers that are familiar with it are often relying upon this information when developing their applications.In this talk, we will look at what happens when the attacker decides not to adhere to the protocol specification and uses the available metadata fields within the well-defined message in their own way. Would libraries provided by the device manufacturers handle this situation or is it left to the developer? And could a wrong assumption about the message format lead to a vulnerability?
Return to Index - Add to
- ics Calendar file
DL - Saturday - 12:00-13:55 PDT
Title: Abusing Microsoft SQL Server with SQLRecon
When: Saturday, Aug 12, 12:00 - 13:55 PDT
Where: Caesars Forum - Caucus Boardroom - Demo Labs - Map
SpeakerBio:Sanjiv Kawa
Sanjiv Kawa (@sanjivkawa) is a Senior Managing Security Consultant on the IBM X-Force Red Adversarial Simulation team with over ten years of experience performing offensive security assessments. As part of the IBM X-Force Red Adversarial Simulation team, Sanjiv spends his days breaking into the largest organizations in the world by emulating adversary tactics, techniques and procedures to reach target objectives. He then advises these organizations on ways they can improve their security posture by implementing or tuning controls. Sanjiv is an active member in the security community. He has developed a variety of tooling and presented at large conferences, such as BSides and Wild West Hackin’ Fest and frequently contributes to projects on GitHub.
Twitter: @sanjivkawa
Description:
SQLRecon helps address the post-exploitation tooling gap by modernizing the approach red team operators can take when attacking SQL Servers. The tool was designed to be modular, allowing for ease of extensibility and contributions from the hacker community. SQLRecon is written in C# and is compatible stand-alone or within a diverse set of command and control (C2) frameworks (Cobalt Strike, Nighthawk, Mythic, PoshC2, Sliver, etc). When using the latter, SQLRecon can be executed either in-process, or through traditional fork and run. SQLRecon has over 50 modules which can help facilitate with enumeration, collection, code execution, privilege escalation and lateral movement. It has been designed with operational security and defense evasion in mind.
Return to Index - Add to
- ics Calendar file
WS - Saturday - 09:00-12:59 PDT
Title: Active Directory Attacks: The Good, The Bad, and The LOLwut (Pre-Registration Required)
When: Saturday, Aug 12, 09:00 - 12:59 PDT
Where: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
Speakers:Aaron Rosenmund,Brandon DeVault,Ryan Chapman
SpeakerBio:Aaron Rosenmund
, Director of Security Research and Content at Pluralsight
Aaron Rosenmund is the Director of Security Research and Content for Pluralsight, where he has also authored over 115 courses and technical labs across offensive and defensive security operations topics. Part time work includes service as an Cyber Warfare Operations office in the Delaware Air National guard, where he has also lead a 100+ member red team for the largest cyber exercise in the Nation, Cybershield. 4 years of highly rated talks and workshops have earned him the Distinguished speaker title from RSAC, and he looks forward to returning for the 3rd year to Defcon Workshops to bring practical emulation and testing capabilities to the people who need it most.
SpeakerBio:Brandon DeVault
, Pluralsight
Brandon DeVault is a security researcher, blue teamer, and educator. Currently works as an author for Pluralsight and member of the FL Air National Guard. Prior experience includes work at Elastic and multiple deployments with Special Operations Command.
SpeakerBio:Ryan Chapman
Ryan Chapman is the author of SANS’ “FOR528: Ransomware for Incident Responders” course, teaches SANS’ “FOR610: Reverse Engineering Malware” course, works as a principal incident response consultant for $dayJob, and helps run the CactusCon conference in Phoenix, Arizona, USA. Ryan has a passion for life-long learning, loves to teach people about ransomware-related attacks, and enjoys pulling apart malware. He has presented workshops at DefCon and other conferences in the past and knows how to create a step-by-step instruction set to maximize hands-on learning.
Description:
Threat actors such as ransomware affiliates around the world are carrying out attacks on Active Directory (AD) at scale. When doing so, such actors often stick to the mainstream in terms of attack methodologies and tooling. But… that’s lame! Why borrow tactics, techniques, and procedures (TTPs) that are so well known and thus readily detectable?! Come hang out with us as we provide an overview of AD, show the most common attack scenarios, then show you how to detect and prevent those very attacks. Stick around as we then transition to covering what you could, and should, be doing instead.
We will be providing a remote network range to which you will connect. Once in the range, you will be acting as the ransomware threat actor, “pentester” as they like to call themselves. You will carry out attacks such as enumeration via Bloodhound, credential discovery and compromise, pass the hash attacks, and kerberoasting via common tools such as Mimikatz & Rubeus. After carrying out the attacks yourself, you’ll then learn how to prevent and detect those very attacks. We’ll then show you custom-developed methods to carry out the same attacks without the reliance on well-known TTPs/tools. And even better, we’ll show you how you could, at least where it’s even possible, detect the more custom/advanced methodologies.
Join us if you are a blue teamer, red teamer, purple teamer, cyber defender, DFIR analyst… basically anyone who wants (or needs!) to learn to defend and/or attack Active Directory. Come for the tech, stay for the humor. See ya there!
Skill Level: Intermediate to Advanced
Prerequisites for students:
- The primary requirement for this course is a desire to learn and the determination to tackle challenging problems. In addition, having some familiarization with the following topics will help students maximize their time in this course:
- A general background in Digital Forensics & Incident Response (DFIR)
- Familiarity with blue team-oriented tools
- An understanding of general networking concepts
- Familiarity with Active Directory – though we’ll cover everything students need to know
Materials or Equipment students will need to bring to participate:
- A laptop with Linux/Windows/Mac desktop environment
- Networking capability: Students will be connecting to a remote network range – They will need a wireless NIC (assuming the workshop area provides Wi-Fi, not not we’ll need to know) that can be enabled along with administrator privileges on their system
- IMPORTANT: This workshop relies on network connectivity. Any student not able to connect to our range will be unable to follow along with the hands-on portion of the workshop.
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-16:59 PDT
Title: Adversary Wars CTF
When: Saturday, Aug 12, 10:00 - 16:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
Adversary Village proudly presents "Adversary Wars CTF," a cutting-edge capture the flag competition that revolves around adversary attack simulation, adversary-threat actor emulation, purple team tactics and adversary tradecraft. This unique competition is designed to replicate enterprise infrastructure and present participants with challenges that encourage the adoption of various techniques, tactics, and procedures (TTPs) employed by real adversaries and threat actors, all within a defined time frame.
Adversary Village is a community-driven initiative that prioritizes adversary simulation, emulation, breach and attack simulation, adversary tactics, offensive/adversary tradecraft, philosophy, and purple teaming.
Our objective is to establish a Capture the Flag competition dedicated to adversary simulation, purple teaming and knowledge sharing. Adversary Wars offers unique opportunities for “adversaries” aka participants to simulate attacks, explore new attack vectors, gain insights into threat actor profiles, master TTPs, and refine offensive tradecraft. With a range of adversary simulation exercises at different difficulty levels, this CTF promises real-world attack simulation scenarios and challenges.
Previous versions of the Adversary Wars CTF were hosted as part of Adversary Village, during DEF CON 29 and DEF CON 30. We are excited to be back at DEF CON as an official contest this year. Adversary Wars CTF will be located in the contest area for DEF CON 31.
Return to Index - Add to
- ics Calendar file
ASV - Saturday - 17:00-17:50 PDT
Title: Aerospace Village - 5 Years On
When: Saturday, Aug 12, 17:00 - 17:50 PDT
Where: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
SpeakerBio:Pete Cooper
No BIO available
Description:
This is the 5th year of the Aerospace Village and the landscape now is totally different to what it was at the start. This is the story of how a diverse bunch of hackers, engineers, pilots, policy leaders and more from across both the public and private sectors founded and built the Aerospace Village to promote safe, reliable, and trustworthy aviation and space operations. A panel with Pete Cooper, Beau Woods, Jen Ellis, RoRo, and Katie Trimble-Noble.
Return to Index - Add to
- ics Calendar file
DCGVR - Saturday - 20:10-21:10 PDT
Title: After Hours Social / Hang out with DEF CON Group members and DCG VR Staff
When: Saturday, Aug 12, 20:10 - 21:10 PDT
Where: Virtual
Description:No Description available
Return to Index - Add to
- ics Calendar file
PLV - Saturday - 11:00-11:50 PDT
Title: AI Caramba! A DC <> DEF CON interface on machine learning
When: Saturday, Aug 12, 11:00 - 11:50 PDT
Where: Caesars Forum - Summit - 218-219 - Policy Rotunda - Map
Speakers:Austin Carson,Erick Galinkin,Kellee Wicker,Rumman Chowdhury,Tim Ryder
SpeakerBio:Austin Carson
, Founder & President at SeedAI
Austin Carson is the Founder and President of SeedAI, a nonprofit established to work with a diverse group of policymakers, academics, and private sector experts to help communities across the United States access the resources they need to engage with AI.
Previously, Austin established and led the DC government affairs operation for NVIDIA, translating NVIDIA’s expertise in artificial intelligence and high performance computing for policymakers. Prior to joining NVIDIA, Austin held a number of public sector and NGO positions, including serving as Legislative Director for Chairman Michael McCaul and Executive Director for the Technology Freedom Institute. Austin co-founded the Congressional Tech Staff Association, co-led the Congressional Cybersecurity Caucus and the Congressional High Tech Caucus, and is a founding fellow of the Internet Law and Policy Foundry.
SpeakerBio:Erick Galinkin
, Principal researcher at Rapid7
Erick Galinkin is a hacker and computer scientist working as principal researcher in Rapid7's Office of the CTO. Presently, Erick leads R&D supporting Rapid7's Managed Detection and Response service. Widely renowned for his equestrian abilities, Erick is a man of several talents. An alumnus of Johns Hopkins University, he has also published and given talks on security, decision theory, information geometry, and artificial intelligence at conferences from AAAI and GameSec to DEF CON's AI and Cloud Villages.
SpeakerBio:Kellee Wicker
, Director of the Science and Technology Innovation Program at Wilson Center
Kellee Wicker leads the Science and Technology Innovation Program (STIP) at the Wilson Center, a Congressionally chartered think tank that provides nonpartisan counsel and insights on global affairs to policymakers through deep research, impartial analysis, and independent scholarship. The STIP team provides research and insight to Congress, global policymakers, and the general public on a number of emerging technologies and scientific advances, with special emphasis on artificial intelligence, cybersecurity, space in the commercial age, and more. Through games, experiential learning, and educational opportunities, STIP also works beyond traditional research to directly provide policymakers and their staff with the foundational knowledge they need to devise smart legislation and regulation that protects individuals and workers while continuing to bolster flourishing technological innovation.
SpeakerBio:Rumman Chowdhury
, Co-Founder and CEO at Humane Intelligence
Dr. Rumman Chowdhury’s passion lies at the intersection of artificial intelligence and humanity. She is a pioneer in the field of applied algorithmic ethics, creating cutting-edge socio-technical solutions for ethical, explainable and transparent AI. Dr. Chowdhury currently runs the nonprofit Humane Intelligence and is a Responsible AI Fellow at the Berkman Klein Center for Internet & Society at Harvard University.
Previously, Dr. Chowdhury was the Director of META (ML Ethics, Transparency, and Accountability) team at Twitter, leading a team of applied researchers and engineers to identify and mitigate algorithmic harms on the platform. Prior to Twitter, she was CEO and founder of Parity, an enterprise algorithmic audit platform company. She formerly served as Global Lead for Responsible AI at Accenture Applied Intelligence. In her work as Accenture’s Responsible AI lead, she led the design of the Fairness Tool, a first-in-industry algorithmic tool to identify and mitigate bias in AI systems.
Dr. Chowdhury is dedicated to cultivating and growing the next wave of technology-forward companies enabling the responsible use of emerging technologies.
SpeakerBio:Tim Ryder
, Legislative Assistant at Office of U.S. Senate Majority Leader Charles E. Schumer
Tim joined U.S. Senate Majority Leader Charles E. Schumer’s office in May 2019 and currently serves as a Legislative Assistant. Tim is spearheading the Leader’s work on artificial intelligence, while overseeing the disaster policy portfolio. He is also a member of the Schumer Climate Team, where he helped formulate, negotiate, and pass the Inflation Reduction Act, Infrastructure Investment and Jobs Act, and a number of other bills last Congress.
Prior to his time on the Hill, Tim worked for The Climate Reality Project – former Vice President Al Gore’s non-profit – on Gore’s famous slideshow featured in An Inconvenient Truth. Tim is active in a number of young professional organizations and runs a small business in the district – Green Drinks DC – with his longtime friend. Tim is a graduate of Stetson University, where he studied Environmental Science and Philosophy, and is an alumnus of American University’s Washington Semester Program. In what little spare time there is these days, Tim loves to garden, cook, and make music.
Description:
AI is a huge focus for multiple governments and they are keen to get input from the DEF CON community on what they should be considering for policy interventions.
This session will be led by Austin Carson, exploring how we can combine the expertise of DEF CON attendees with the political will and specialized knowledge networks in the Administration and around DC to create wise policy for AI. Topics covered will include how the two communities can support each other and create a virtuous cycle of information conveyance and policy progress? What should the next steps of this work be - how do we move beyond the Biden EO? In this session we'll have top experts in policy and the hacker community come together to discuss what that can look like and how to be mutually conscientious of what our experiences and priorities may be.
Return to Index - Add to
- ics Calendar file
AIV - Saturday - 10:00-17:59 PDT
Title: AI Village Generative Red Team Challenge
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Academy - 401-406 - AI Village - Map
Description:
Participate in a Jeopardy-style CTFs competition that challenges you to break through the guardrails within 8 different LLMs. In your 50-minute session, execute prompt injections, find internal inconsistencies, and identify issues in information integrity, privacy, and societal harm. Compete for points and take home the prize, or just have fun coming up with novel attacks.
This exercise, first of its kind, will allow the best and brightest minds in the security industry to join diverse voices new and veteran to the AI scene in pursuit of making AI and machine learning safer.
Return to Index - Add to
- ics Calendar file
AIV - Saturday - 10:30-11:25 PDT
Title: AI Village Keynote 2: AI red teaming tradecraft: a team of teams approach
When: Saturday, Aug 12, 10:30 - 11:25 PDT
Where: Caesars Forum - Academy - 401-406 - AI Village - Map
Speakers:Daniel Fabian,Mikel Rodriguez,Sarah Hodkinson
SpeakerBio:Daniel Fabian
No BIO available
SpeakerBio:Mikel Rodriguez
No BIO available
SpeakerBio:Sarah Hodkinson
No BIO available
Description:
AI-enabled systems are rapidly being deployed in a wide range of high-stakes environments. These systems are vulnerable to a wide range of attacks that can trigger errors, degrade performance, or disclose sensitive data. This talk will offer a firsthand account and reflect on some lessons learned from Google DeepMind’s AI red team. While research in ensuring the security and privacy of AI-enabled systems is rapidly growing, much of today’s research is focused on lab settings, and a more holistic understanding of how these emerging vulnerabilities can interact with known real-world security vulnerabilities in deployed systems is lacking. As part of this talk we will explore opportunities for the DEFCON community to work together to ensure mission-critical AI systems are battle-tested with the rigor and scrutiny of real-world adversaries.
Return to Index - Add to
- ics Calendar file
RTV - Saturday - 14:00-14:59 PDT
Title: AI-Driven Hacker's Toolkit: Using AI to Learn Python and Scapy for Exploitation and Post-Exploitation Techniques
When: Saturday, Aug 12, 14:00 - 14:59 PDT
Where: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 5 - Map
SpeakerBio:Omar Santos
No BIO available
Twitter: @santosomar
Description:
Artificial Intelligence (AI) has paved its way into many fields, and cybersecurity is no exception. AI can significantly augment red team operations by enhancing the learning process of key tools like Python and Scapy. Let's delve into how AI can act as an indispensable co-pilot in mastering these crucial tools for cybersecurity tasks.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 16:30-17:15 PDT
Title: All information looks like noise until you break the code: Futureproofing the transportation sector
When: Saturday, Aug 12, 16:30 - 17:15 PDT
Where: Caesars Forum - Academy - 407-410 - Track 4 - Map
Speakers:David Pekoske,Jen Easterly,Kevin Collier
SpeakerBio:David Pekoske
, Administrator at Transportation Security Administration (TSA)
David Pekoske was first confirmed by the U.S. Senate as the Transportation Security Administration’s seventh administrator in August 2017 and was reconfirmed for a second term in September 2022.
Pekoske leads a workforce of over 60,000 employees and is responsible for security operations at nearly 440 airports throughout the United States. TSA is also the lead federal agency for security of highways, railroads, mass transit systems and pipelines. Under his leadership, TSA improved transportation security through close partnerships and alliances, a culture of innovation, and development of a dedicated workforce.
During his tenure as TSA Administrator, Pekoske also served at the Department of Homeland Security as Acting Secretary from January 20 to February 2, 2021, and as the Senior Official Performing the Duties of Deputy Secretary from April to November 2019, and again from February to June 2021. At the Department, Pekoske helped lead a unified national effort to ensure the continued security of the United States, coordinating components with missions ranging from prevention and protection to recovery and response. He was also a commissioner on the Cyberspace Solarium Commission that developed a consensus on a strategic approach to defending the United States in cyberspace against attacks of significant consequence.
Before joining TSA, Pekoske was an executive in the government services industry, where he led teams that provided counterterrorism, security and intelligence support services to government agencies.
Pekoske served as the 26th Vice Commandant of the U.S. Coast Guard, culminating a Coast Guard career that included extensive operational and command experience. As the Vice Commandant, Pekoske was second in command, also serving as Chief Operating Officer and Component Acquisition Executive of the Coast Guard. He is a recognized expert in crisis management, strategic planning, innovation, and aviation, surface transportation and maritime security. In addition, he has been twice awarded the Homeland Security Distinguished Service Medal.
Pekoske holds a Master of Business Administration from the Massachusetts Institute of Technology, a Master of Public Administration from Columbia University and a Bachelor of Science from the U.S. Coast Guard Academy.
Twitter: @TSA_Pekoske
SpeakerBio:Jen Easterly
, Director at Cybersecurity and Infrastructure Security Agency (CISA)
Jen Easterly is the Director of the Cybersecurity and Infrastructure Security Agency (CISA). She was nominated by President Biden in April 2021 and unanimously confirmed by the Senate on July 12, 2021. As Director, Jen leads CISA’s efforts to understand, manage, and reduce risk to the cyber and physical infrastructure Americans rely on every day. She is a proud Mom, a mental health advocate, a Rubik’s Cube enthusiast, and an aspiring electric guitarist.
Before serving in her current role, Jen was the head of Firm Resilience at Morgan Stanley, responsible for ensuring preparedness and response to business-disrupting operational incidents and risks to the Firm. She also helped build and served as the first Global Head of Morgan Stanley’s Cybersecurity Fusion Center, the Firm’s center of gravity for cyber defense operations.
Jen has a long tradition of public service, to include two tours at the White House, most recently as Special Assistant to President Obama and Senior Director for Counterterrorism and earlier as Executive Assistant to National Security Advisor Condoleezza Rice. She also served as the Deputy for Counterterrorism at the National Security Agency.
A two-time recipient of the Bronze Star, Jen retired from the U.S. Army after more than twenty years of service in intelligence and cyber operations, including tours of duty in Haiti, the Balkans, Iraq, and Afghanistan. Responsible for standing up the Army’s first cyber battalion, she was also instrumental in the design and creation of United States Cyber Command.
A distinguished graduate of the United States Military Academy at West Point, Jen holds a
master’s degree in Philosophy, Politics, and Economics from the University of Oxford, where she studied as a Rhodes Scholar. She is the recipient of numerous honors and awards, including the 2023 Sisterhood Award from Girls Who Code; the 2022 National Defense University Admiral Grace Hopper Award; the 2021 Cybersecurity Ventures Cybersecurity Person of the Year Award; the 2020 Bradley W. Snyder Changing the Narrative Award, and the 2018 James W. Foley Legacy Foundation American Hostage Freedom Award.
A member of the Council on Foreign Relations and a French American Foundation Young Leader, Jen is the past recipient of the Aspen Finance Leaders Fellowship, the National Security Institute Visiting Fellowship, the New America Foundation Senior International Security Fellowship, the Council on Foreign Relations International Affairs Fellowship, and the Director, National Security Agency Fellowship.
Twitter: @@CISAJen
SpeakerBio:Kevin Collier
, NBC
No BIO available
Description:
Just like there's more than one way to peel a banana, there’s more than one way to protect a computer network from being pwned. Cyber threats against America’s pipelines, railroads and aviation system are increasing, and the Transportation Security Administration – with support from the White House, the Cybersecurity and Infrastructure Security Agency and Congress – is hacking traditional cybersecurity policy to improve resiliency for the growing connected transportation sector. How? TSA isn’t telling regulated parties exactly the ways they should secure their own systems. Instead, the agency is asking them to produce and provide plans for ensuring they protect their critical assets.
America’s adversaries are sophisticated, and TSA needs help from the hacking community to think creatively about future attacks, to identify new vulnerabilities, and to provide innovative new ways of measuring success. This talk will tell you what TSA is seeing, gives you a chance to offer us advice, and to learn specific ways in which you can contribute to new projects. Because always in motion the future is.
Return to Index - Add to
- ics Calendar file
PLV - Saturday - 15:00-15:50 PDT
Title: All Your Vulns are Belong to Terms & Conditions
When: Saturday, Aug 12, 15:00 - 15:50 PDT
Where: Caesars Forum - Summit - 221-222 - Policy Atrium - Map
Speakers:Casey Ellis,David Rogers,Harley Geiger,Katie Trimble-Noble
SpeakerBio:Casey Ellis
, Bugcrowd
Casey is the Chairperson, Founder, and Chief Technology Officer of Bugcrowd, as well as the co-founder of The disclose.io Project. He is a 20-year veteran of information security who spent his childhood inventing things and generally getting technology to do things it isn't supposed to do.
Casey pioneered the Crowdsourced Security as-a-Service model, launching the first bug bounty programs on the Bugcrowd platform in 2012, and co-founded the disclose.io vulnerability disclosure standardization project in 2014 prior to its launch in 2018.
Since then, he has personally advised the US Department of Defense and Department of Homeland Security/CISA, the Australian and UK intelligence communities, and various US House and Senate legislative cybersecurity initiatives, including preemptive cyberspace protection ahead of the 2020 Presidential Elections.
Casey, a native of Sydney, Australia, is based in the San Francisco Bay Area.
SpeakerBio:David Rogers
, CEO at Copper Horse
David is a mobile phone and IoT security specialist who runs Copper Horse Ltd, a software and security company based in Windsor, UK. He chairs the Fraud and Security Group at the GSMA. He has spoken at a number of hacking conferences on his security research work including DEF CON’s Car Hacking Village, 44CON, B-Sides London, B-Sides Cymru and B-Sides LV. He was awarded an MBE for services to Cyber Security in the Queen’s Birthday Honours 2019.
SpeakerBio:Harley Geiger
, Counsel at Venable LLP
Harley Geiger is Counsel and Senior Director at Venable, LLP, where he leads the Security Research Legal Defense Fund and the Hacking Policy Council and counsels clients on a variety of cybersecurity issues. Prior to this, Geiger was Senior Director for Public Policy at Rapid7, where he worked to expand adoption of vulnerability disclosure and legal protections for security research. Geiger also worked as Senior Legislative Counsel in the U.S. House of Representatives, where he drafted Aaron’s Law, and served as Advocacy Director at the Center for Democracy & Technology.
Twitter: @HarleyGeiger
SpeakerBio:Katie Trimble-Noble
, Director, PSIRT and Bug Bounty at A Tech Company
Katie serves as a CVE Program Board, Bug Bounty Community of Interest Board, and Hacking Policy Council member. She is a passionate defensive cybersecurity community activist, she is regularly involved is community driven projects and is most happy when she is able to effect positive progress in cyber defense. In her day-job Katie Noble serves as a Director of PSIRT, Bug Bounty, and the Security Working Artifacts Team at a fortune 50 Technology Company. Prior to joining private sector, Katie spent over 15 years in the US Government. Most recently as the Section Chief of Vulnerability Management and Coordination at the Department of Homeland Security, Cyber and Infrastructure Security Agency (CISA). Her team is credited with the coordination and public disclosure of 20,000+ cybersecurity vulnerabilities within a two-year period. During her government tenure, in roles spanning Intelligence Analyst for the National Intelligence Community to Senior Policy Advisor for White House led National Security Council Cyber programs, Katie’s work directly impacted decision making for government agencies in the United States, United Kingdom, Canada, and Australia.
Description:
What happens when a vulnerability is submitted to a programme? Why do some disclosures take forever? What are governments doing about vulnerability disclosure and why are they so bothered about it? Why do people not understand what the words “vulnerability disclosure” mean and why can’t policy makers quite get their heads around 0 days? Why are companies in some sectors just not adopting CVD even though governments are passing it into law? Have we got RAS or can we think of anymore TLAs to add to the CRA, NIS and VDP? What are countries and regions around the world doing and how do they differ? And yes, what the heck is an equities process?
Return to Index - Add to
- ics Calendar file
DL - Saturday - 12:00-13:55 PDT
Title: Am I Exploitable? (MI-X)
When: Saturday, Aug 12, 12:00 - 13:55 PDT
Where: Caesars Forum - Council Boardroom - Demo Labs - Map
Speakers:Ofri Ouzan,Yotam Perkal
SpeakerBio:Ofri Ouzan
Ofri Ouzan is an experienced Security Researcher who has been working in the cybersecurity field for over four years. She specializes in conducting security research on Windows, Linux, Cloud Platforms, and containerized applications with an emphasis on vulnerabilities. Her expertise lies in finding and solving complex problems in the cyber field, developing automation and open-source tools.
SpeakerBio:Yotam Perkal
Yotam leads the vulnerability research team at Rezilion, focusing on research around vulnerability validation, mitigation, and remediation. Prior to Rezilion, Yotam filled several roles at PayPal Security organization, dealing with vulnerability management, threat intelligence, and Insider threat. Additionally, Yotam takes part in several OpenSSF working groups around open-source security as well as several CISA work streams around SBOM and VEX and is also a member of the PyCon Israel organization committee. He is passionate about Cyber Security and Machine Learning and is especially intrigued by the intersection between the domains, whether it be using ML in order to help solve Cyber Security challenges or exploring the challenges in securing ML applications.
Description:
Addressing security vulnerabilities begins with verifying the impact on an environment. Merely having a vulnerable package installed does not guarantee exploitability, as several conditions must align for the vulnerability to be applicable and exploitable. For example: is the operating system in question susceptible to the vulnerability? is the vulnerable component loaded to memory? is the required configuration in place? is there a patch installed? And more... Standard vulnerability scanners simply do not take these factors into account and thus require manual triage in order to answer “Can a vulnerability be exploited in a given environment?”. ‘Am I Exploitable?’ (MI-X), is an open-source tool aimed at effectively determining whether a local host or running container is truly affected by a specific vulnerability by accounting for all factors which affect actual exploitability. MI-X also prints out the logical steps it takes in order to reach a decision and can also provide a graphical representation of the validation flow. The tool can therefore help practitioners understand what are the factors that affect exploitability for each of the supported vulnerabilities.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 12:30-13:15 PDT
Title: An Audacious Plan to Halt the Internet's Enshittification
When: Saturday, Aug 12, 12:30 - 13:15 PDT
Where: Caesars Forum - Forum - 130-134 - Track 3 - Map
SpeakerBio:Cory Doctorow
Cory Doctorow (craphound.com) is a science fiction author, activist and journalist. He is the author of many books, most recently RED TEAM BLUES, a science fiction crime thriller; CHOKEPOINT CAPITALISM, nonfiction about monopoly and creative labor markets; the LITTLE BROTHER series for young adults; IN REAL LIFE, a graphic novel; and the picture book POESY THE MONSTER SLAYER. In 2020, he was inducted into the Canadian Science Fiction and Fantasy Hall of Fame.
Twitter: @@doctorow
Description:
The enshittification of the internet follows a predictable trajectory: first, platforms are good to their users; then they abuse their users to make things better for their business customers; finally, they abuse those business customers to claw back all the value for themselves. Then, they die.
It doesn't have to be this way. Enshittification occurs when companies gobble each other up in an orgy of mergers and acquisitions, reducing the internet to "five giant websites filled with screenshots of text from the other four" (credit to Tom Eastman!), which lets them endlessly tweak their back-ends to continue to shift value from users and business-customers to themselves. The government gets in on the act by banning tweaking by users - reverse-engineering, scraping, bots and other user-side self-help measures - leaving users helpless before the march of enshittification.
We don't have to accept this! Disenshittifying the internet will require antitrust, limits on corporate tweaking - through privacy laws and other protections - and aggressive self-help measures from alternative app stores to ad blockers and beyond!
Return to Index - Add to
- ics Calendar file
RTV - Saturday - 09:00-09:59 PDT
Title: Android Applications and APIs Hacking
When: Saturday, Aug 12, 09:00 - 09:59 PDT
Where: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1 - Map
SpeakerBio:Gabrielle Botbol
Gabrielle Botbol is a pentester and cybersecurity blogger. She created a self-study program to become a pentester and focuses on democratizing infosec. Gabrielle is on Advisory Boards and has won multiple awards for her cyber community contributions
Twitter: @Gabrielle_BGB
Description:
As mobile devices have become increasingly prevalent, the security of Android applications has become a critical concern. Pentesting is an essential process for identifying and mitigating potential vulnerabilities in these applications, but Android app hacking is a specialized area that is less well-documented than other pentesting techniques. In this session, the focus will be on how to pentest Android apps and their APIs.The presentation will address key questions such as what Android pentesting is, how to set up an Android App pentest lab, and how to pentest an Android App and its APIs from start to finish.
Return to Index - Add to
- ics Calendar file
RFV - Saturday - 15:00-15:20 PDT
Title: Antennas
When: Saturday, Aug 12, 15:00 - 15:20 PDT
Where: Flamingo - Eldorado - Radio Frequency Village - Map
SpeakerBio:Kent
Kent has a long history is developing over 1200 different PCB antennas for a lot of different applications.
Description:
GPS Jamming and Anti-Jamming
How to modify GPS antennas to reduce jammer signals
Direction Finding
Some results for the Ukraine on DF'ing on GPS hammers.
Might include DFing on artillery counterfire Radars
Quick overview of general RF monitoring
Some history of Code Breaking
Schematics of an Enigma and the Polish Spread Sheets of find the set up.
Common setups (Enigma had a 6 letter setup, Brits quickly found HITLER BERLIN LONDON would decode many messages)
On to Lorenz 12 rotor machine for teletype machines
COLOSSUS The first programmable computer ENIAC was not num 1, it was number 11!
Used to find the Key to a Lorenz message.
History books are wrong because after WWII Colossus worked against US and Soviet code machines. Secret until the 1970's
May need to tweak this for the list.
Return to Index - Add to
- ics Calendar file
SEV - Saturday - 09:00-09:30 PDT
Title: Anti-Social Engineering: Can You Be a Good Social Engineer Without Being Social
When: Saturday, Aug 12, 09:00 - 09:30 PDT
Where: LINQ - 3rd flr - Social A - Social Engineering Community - Map
SpeakerBio:Andrew Lemon
, Principal Security Engineer at Red Threat
Lemon is Lemon is the Principal Security Engineer at Red Threat where he serves as the lead over Penetration Testing and Red Teaming. His primary interest lie in physical penetration testing and social engineering. Lemon honed his skills on high pressure physical penetration test usually involving armed guards.
Twitter: @Lemonitup
Description:
Social engineering has long been thought of as a domain for outgoing, charismatic people. However, in this talk, I will argue that introverted and socially-awkward individuals can be just as effective in social engineering as their extroverted counterparts. Drawing on my personal experience as an introverted social engineer, I will share tips and tricks for blending in, avoiding confrontation, and getting the information you need without attracting unwanted attention. Through real-world examples from my physical pentesting engagements, I will demonstrate how my “anti-social” approach has yielded results that even my more outgoing colleagues were unable to achieve. I will also dispel common misconceptions about social engineering and challenge the notion that charisma and acting skills are essential to the craft. Attendees will leave with a newfound appreciation for the power of blending in and avoiding attention, as well as practical tips for incorporating these techniques into their own social engineering engagements.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 11:30-12:15 PDT
Title: Apple's Predicament: NSPredicate Exploitation on macOS and iOS
When: Saturday, Aug 12, 11:30 - 12:15 PDT
Where: Caesars Forum - Forum - 130-134 - Track 3 - Map
SpeakerBio:Austin Emmitt
, Senior Security Researcher at Trellix Advanced Research Center
Austin Emmitt is a vulnerability researcher with a background in mobile security. He has found critical vulnerabilities in Android, iOS, and other platforms. He is also the creator of the radius2 symbolic execution framework.
Twitter: @alkalinesec
Description:
In 2021 the FORCEDENTRY sandbox escape introduced the usage of NSPredicate in an iOS exploit. This new technique allowed attackers to sidestep codesigning, ASLR, and all other mitigations to execute arbitrary code on Apple devices. As a result, Apple put in place new restrictions to make NSPredicate less powerful and less useful for exploits. This presentation will cover new research showing that these added restrictions could be completely circumvented in iOS 16, and how NSPredicates could be exploited to gain code execution in many privileged iOS processes. This technical deep dive will be a rare instance of iOS security that anyone can comprehend without years of experience.
After an overview of the classes involved, we will explore the full syntax of NSPredicate and cover how it can be used to script the Objective-C runtime and even call any C function. It will be shown that PAC can still be bypassed 100% reliably with NSPredicates in order to execute any function with arbitrary arguments. A new tool will be unveiled to help craft complex NSPredicates to execute arbitrary code and inject those predicates in any application. Additionally, a demonstration will be given which executes arbitrary code in the highly privileged Preferences app.
Finally, the talk will cover a bypass of NSPredicateVisitor implementations which allows a malicious process to evaluate any NSPredicate within several system processes including coreduetd, appstored, OSLogService, and SpringBoard. Next there will be a live demo of exploiting SpringBoard to steal a user’s notifications and location data. The presentation will end with some discussion about what can still be done with NSPredicates now that these issues have been fixed, including bypassing App Store Review, and what app developers should know to keep their own apps safe.
REFERENCES:
NSPredicate - https://developer.apple.com/documentation/foundation/nspredicate?language=objc
See No Eval: Runtime Dynamic Code Execution in Objective-C by CodeColorist - https://codecolor.ist/2021/01/16/see-no-eval-runtime-code-execution-objc/
FORCEDENTRY: Sandbox Escape by Ian Beer & Samuel Groß of Google Project Zero - https://googleprojectzero.blogspot.com/2022/03/forcedentry-sandbox-escape.html
Return to Index - Add to
- ics Calendar file
APV - Saturday - 10:00-10:59 PDT
Title: AppSec Village Keynote: Collaborative Security: Fostering Innovation and Resilient Cyber Practices
When: Saturday, Aug 12, 10:00 - 10:59 PDT
Where: Flamingo - Savoy - AppSec Village - Map
SpeakerBio:Maril Vernon
Maril Vernon (@SheWhoHacks) known as the “One Woman Purple Team'' is an award-winning Ethical Hacker, Senior Application Security Architect and Purple Team Program Manager — a niche in offensive security testing that has recently gained popularity demonstrating cyber resilience in the advanced threat landscape. Maril is also Co-host and Co-founder of The Cyber Queens Podcast, an all-female-lead podcast aimed at increasing female and LGBTQ diversity in cybersecurity. She also serves as the COO of Teach Kids Tech, a non-profit organization with the goal of getting technology and its educational resources to children in underprivileged communities and increasing technical capability and cyber awareness in tomorrow’s workforce. Maril has been named one of the ‘Epic Women in Cyber,’ 2023 CyberSHEcurity “Top 10 Women in Cyber,” 2023 Women’s CyberJustu Pentest Ninja Award winner, and is a finalist for Cybersecurity woman of the Year: Hacker of the Year and Cybersecurity Woman of the World 2023! She is also an SME and contributing writer to CSO Online magazine on cyber resilience, Purple and Red Team best practices and industry trends. Maril's passion for closing the gender gap in cyber is further highlighted in her affiliations with The Cyber Guild, The Diana Initiative, BBWIC, and WiCyS.
Twitter: @shewhohacks
Description:
In the journey of life, we all encounter challenges and setbacks that put our resiliency to the test. Resilience, the ability to bounce back from adversity, is a vital trait that empowers individuals to navigate life's trials with grace and strength. At the heart of building this essential attribute lies the power of relationships. As they say, oftentimes trials of life "take a village." The same is true with information security in the digital age.
The keynote "Collaborative Security" delves into the parallel benefits between the foundational pillars of fostering resilient relationships and cybersecurity principles. How often do organizations suffer from silos across verticals that should be information sharing and collaborating?
Resilient relationships create a supportive ecosystem where teams can learn from failures, adapt to emerging threats, and continuously improve cyber strategies. By breaking down silos and bringing together diverse perspectives, collaborative security fosters a culture of creativity and problem-solving. Witness how collaborative efforts among teams and organizations lead to breakthrough ideas and cutting-edge solutions. As innovation and collaboration intertwine, we see the emergence of more resilient cyber infrastructures and practices.
At the end of the day tech and cyber are still people industries. Discover how resilient relationships translate into fortified cyber practices, safeguarding critical assets and bolstering organizational resilience.
Join us for an enlightening and inspiring journey into the heart of collaborative security, where resilient relationships fuel innovation, fortify infrastructure, and pave the way for a safer cyber landscape. Together, we will embrace the collaborative spirit and ignite the spark of innovation to protect the digital realm from ever-evolving threats.
Return to Index - Add to
- ics Calendar file
SOC - Saturday - 21:00-01:59 PDT
Title: Arcade Party
When: Saturday, Aug 12, 21:00 - 01:59 PDT
Where: Caesars Forum - Forum - 105,136 - Map
Description:
The Arcade Party is back! Come play your favorite classic arcade games while jamming out to Keith Myers DJing. Your favorite custom built 16 player LED foosball table will be ready for some competitive games. This epic party, free for DEF CON 31 attendees to enjoy and play, is hosted by the Military Cyber Professionals Association (a tech ed charity) and friends.
Return to Index - Add to
- ics Calendar file
ASV - Saturday - 10:00-17:59 PDT
Title: ARINC 615a CTF
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
Description:
ARINC 615a CTF
Boeing
**Laptop Needed**
Boeing will be hosting an ARINC 615a dataload CTF broken into two major modules. The first module will focus on decomposing and analyzing a PCAP capture of a simulated dataload between an airplane dataload server and an avionics component. The second module will allow participants to execute a dataload against simulated avionics to help improve understanding and awareness of how software is loaded onto airplanes. Additionally, Boeing is aiming to increase its cyber outreach into the STEM community by offering an additional challenge centered on an operational system and the impact of that system on the overall airplane. The challenge will walk participants through how the operational system functions, how it can be negatively impacted, the results of tampering with the system while it’s in flight, and how the system can secured via CIA and PKI.
Return to Index - Add to
- ics Calendar file
BTV - Saturday - 15:45-16:45 PDT
Title: Arson Herders: An IR Guide to Fighting and Lighting Fires
When: Saturday, Aug 12, 15:45 - 16:45 PDT
Where: Flamingo - Sunset - Scenic - Blue Team Village - Main Stage - Map
Speakers:Litmoose,Matt "dis0wn" Wagenknecht,Tina "Mugwump Jones" Velez,Unnamed user
SpeakerBio:Litmoose
Cats and violins.
SpeakerBio:Matt "dis0wn" Wagenknecht
Experienced in penetration testing, red team activities, and incident response
SpeakerBio:Tina "Mugwump Jones" Velez
A caffeinated muppet with a day job of Enterprise Field Strategist/Chief Taco Officer for Expel and a night job of maybe being The Batman.
SpeakerBio:Unnamed user
No BIO available
Description:
.
Join three of our seasoned (and sometimes crispy) Digital Forensics and Incident Response heavy hitters as they relay their tales from the front lines fighting against active threat actors, insider oopsies, and general misconfigurations. The catch? A holistic approach to security can involve lighting some fires of your own. The discussion will cover how the hot, hot flames of an incident touch everyone -- from C-levels to admins, intel to the red team. Come bask in the warm glow (while enjoying the cool Vegas AC), and be sure to stay for the Q & A!
Return to Index - Add to
- ics Calendar file
RTV - Saturday - 11:00-12:59 PDT
Title: Artificial Intelligence for Red Team Operations
When: Saturday, Aug 12, 11:00 - 12:59 PDT
Where: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 6 - Map
SpeakerBio:Peter Halberg
No BIO available
Twitter: @MiloSilo_Hacks
Description:
The integration of artificial intelligence (AI) into red team operations has revolutionized the way cybersecurity professionals approach their work. This workshop will equip participants with the necessary skills and understanding to leverage AI tools effectively throughout different stages of red team operations.
Return to Index - Add to
- ics Calendar file
ASV - Saturday - 10:00-17:59 PDT
Title: Ask Me Anything About Cybersecurity in Aerospace
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
Description:
Ask Me Anything About Cybersecurity in Aerospace
AIAA
We have added a special feature to this year’s activities during DEF CON 31. This will be on Friday and Saturday from 11AM - 5PM.
Our friends at AIAA are helping us host “Ask Me Anything” sessions on Friday and Saturday. It’s an opportunity to meet Aerospace Village members and partners who are experts in the field. Bring your questions about getting into cybersecurity, aviation, space, likes/dislikes, you name it!
- A chance to ask all your questions, get their perspective, and hear some great stories.
- A low-key sharing of experiences and a way to make new friends without having to make small talk.
- Note: This is NOT a recruiting activity. Ask career questions if you have them, but think of this more as a chance for general "speed mentoring."
Return to Index - Add to
- ics Calendar file
DC - Saturday - 09:00-09:20 PDT
Title: Assessing the Security of Certificates at Scale
When: Saturday, Aug 12, 09:00 - 09:20 PDT
Where: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
Speakers:Andrew Chi,Brandon Enright,David McGrew
SpeakerBio:Andrew Chi
, Security Research Engineering Technical Leader at Cisco
Andrew Chi is a Security Research Engineering Technical Leader at Cisco, where he works with product teams and incident response teams to detect threats in large network telemetry datasets. Prior to Cisco, he was a computer scientist at Raytheon BBN Technologies, where he contributed to IETF standards for routing security (RPKI and BGPSEC) and served as software lead for an open-source RPKI validator. Andrew holds a bachelor’s degree in mathematics from Harvard and a PhD in computer science from the University of North Carolina.
SpeakerBio:Brandon Enright
, Lead DIFR investigator at Cisco CSIRT
Brandon Enright is a lead DIFR investigator for Cisco CSIRT, an expert at DNS and network data analysis, and a contributor to Nmap and other open source projects.
SpeakerBio:David McGrew
, Fellow at Cisco Systems
David McGrew is a Fellow at Cisco Systems, where he leads research and development to detect threats, vulnerabilities, and attacks using network data, and to protect data through applied cryptography. He pioneered the commercial use of encrypted traffic analysis to defend networked information systems, and designed authenticated encryption and secure voice and video standards that are in widespread use, most notably GCM and Secure RTP, contributed to open source projects, published research results, championed open, patent/royalty-free cryptography, and co-founded the IRTF Crypto Forum Research Group. He holds a PhD in Physics from Michigan State University, and outside of work, he enjoys Linux, sailing, sports cars, jazz records, and guitar.
Description:
The security of digital certificates is too often undermined by the use of poor entropy sources in key generation. Flawed entropy can be hard to discover, especially when analyzing individual devices. However, some flaws can be detected when a large set of keys from the same entropy source are analyzed, as was dramatically demonstrated in 2012 and 2016 by the detection of weak HTTPS keys on the Internet.
In this talk, we present tools and techniques to identify weak keys at scale, by checking issued certificates obtained from passive monitoring, active network scans, or certificate authority logs. Our tools use efficient multithreaded implementations of network monitors, scanners, certificate parsers, and mathematical tests. The batch greatest common divisor test (BGCD) identifies RSA public keys with common factors, and outputs the corresponding private keys. The common key test identifies distinct devices that share identical keys. We report on findings from both tests and demonstrate how to audit HTTPS servers, run BGCD on 100M+ keys, identify RSA keys with common factors, and generate the corresponding private keys. Because nothing convinces like an attack, we show how to produce and use PEM files for factored keys.
REFERENCES:
Andrew Chi, Brandon Enright, David McGrew. The Mercury Batch GCD Utility. https://github.com/cisco/mercury/blob/main/doc/batch-gcd.md
David McGrew, The Mercury cert_analyze Utility. https://github.com/cisco/mercury/blob/main/src/cert_analyze.cc
David McGrew, Blake Anderson. The Mercury tls_scanner Utility. https://github.com/cisco/mercury/blob/main/src/tls_scanner.cc
Nadia Heninger, Zakir Durumeric, Eric Wustrow, and J. Alex Halderman. Mining your ps and qs: Detection of widespread weak keys in network devices. In Tadayoshi Kohno, editor, Proceedings of the 21th USENIX Security Symposium, Bellevue, WA, USA, August 8-10, 2012, pages 205–220. USENIX Association, 2012. https://www.usenix.org/conference/usenixsecurity12/technical-sessions/presentation/heninger.
Marcella Hastings, Joshua Fried, and Nadia Heninger. Weak keys remain widespread in network devices. In Phillipa Gill, John S. Heidemann, John W. Byers, and Ramesh Govindan, editors, Proceedings of the 2016 ACM on Internet Measurement Conference, IMC 2016, Santa Monica, CA, USA, November 14-16, 2016, pages 49–63. http://dl.acm.org/citation.cfm?id=2987486.
Return to Index - Add to
- ics Calendar file
CHV - Saturday - 11:00-11:40 PDT
Title: Automotive USB Fuzzing: How to fuzzing USB in vehicles to discover the real-world vulnerabilities
When: Saturday, Aug 12, 11:00 - 11:40 PDT
Where: Caesars Forum - Summit - 233 - Shared Stage - Map
Speakers:Donghyeon Jeong,Euntae Jang,Jonghyuk Song
SpeakerBio:Donghyeon Jeong
No BIO available
SpeakerBio:Euntae Jang
No BIO available
SpeakerBio:Jonghyuk Song
Jonghyuk Song is a director of Vehicle Threat Research laboratory at AUTOCRYPT. He is an offensive security researcher and, he presented at Defcon30 main talk and Defcon30 CHV. He is also a CTF player (Defcon CTF finalist 2009, 2011, 2017).
Description:
Recently, automotive industry is performing USB fuzzing in an inefficient way for automobiles. Usually, fuzzing is performed by commercial media fuzzers, but the fuzzers are not directly connected to the vehicle during fuzzing. So, it requires much manual efforts of testers.
In this talk, we propose efficient way to perform USB fuzzing to actual vehicles. We describe how to perform USB fuzzing to kernel area fuzzing as well as media fuzzing by directly connecting the fuzzer and the car with a USB cable. By this method, we found real-world vulnerabilities in Volkswagen Jetta, Renault Zoe, GM Chevrolet Equinox, and AGL.
Return to Index - Add to
- ics Calendar file
RCV - Saturday - 14:25-15:10 PDT
Title: Azure AD recon with OSINT tools
When: Saturday, Aug 12, 14:25 - 15:10 PDT
Where: LINQ - 3rd flr - Social B and C - Recon Village - Map
SpeakerBio:Nestori Syynimaa
, Senior Principal Security Researcher at Secureworks
Dr Nestori Syynimaa is one of the leading Azure AD / M365 experts in the world and the developer of the AADInternals toolkit. He has worked with Microsoft cloud services for over a decade and has been MCT since 2013, MVP since 2020, and awarded Microsoft Most Valuable Security Researcher for 2022. Currently, Dr Syynimaa works as a Senior Principal Security Researcher for Secureworks Counter Threat Unit. Before moving to his current position, Dr Syynimaa worked as a CIO, consultant, trainer, researcher, and university lecturer for almost 20 years. Dr Syynimaa has spoken in many international scientific and professional conferences, including IEEE TrustCom, Black Hat (USA, Europe, and Asia), Def Con, and RSA Conference.
Twitter: @DrAzureAD
Description:No Description available
Return to Index - Add to
- ics Calendar file
DC - Saturday - 13:00-13:45 PDT
Title: Azure B2C 0-Day: An Exploit Chain from Public Keys to Microsoft Bug Bounty
When: Saturday, Aug 12, 13:00 - 13:45 PDT
Where: Caesars Forum - Academy - 407-410 - Track 4 - Map
SpeakerBio:John Novak
, Technical Director at Praetorian
John Novak is a Technical Director at Praetorian with a deep interest in cryptography, reverse
engineering, and embedded firmware. His evolution to computer security and hacker culture began with an undergraduate degree in mathematics followed by ten years of cryptography, security research, and exploit development at a previous employer. His current role at Praetorian includes conducting numerous security assessments for IoT devices, web applications, mobile applications, and (on occasion) cloud services.
Twitter: @jwnovak
Description:
This presentation will cover a complete exploit chain in Azure B2C, starting with a discovery of cryptographic misuse and leading to full account compromise in any tenant as an unauthenticated attacker.
Portions of this vulnerability have been released publicly, but several pieces were omitted to provide Microsoft time to remediate the issue and not put Azure B2C environments at unnecessary risk. New details in this talk include steps to reverse engineer and discover the crypto vulnerability along with details of a novel attack for crypto key recovery.
For background, Microsoft Azure B2C is an identity and access management service for customer-facing apps. Thousands of organizations use this service, including national/state/local governments, professional societies, and commercial companies. The service is also used in the public Microsoft Security Response Center (MSRC) web portal as the main method for researchers to disclose vulnerabilities as part of Microsoft's bug bounty programs. The full exploit chain was effective against the MSRC and would have allowed an attacker to enumerate details of disclosed but not-yet-patched Microsoft zero day vulnerabilities.
REFERENCES:
[1] Previous disclosure of portions of this vulnerability: https://www.praetorian.com/blog/azure-b2c-crypto-misuse-and-account-compromise/
[2] Discussion of encryption and signatures in JSON Web Tokens (JWTs): https://www.praetorian.com/blog/signing-and-encrypting-with-json-web-tokens/
[3] Azure B2C Configuration Tutorial: https://learn.microsoft.com/en-us/azure/active-directory-b2c/tutorial-create-user-flows?pivots=b2c-custom-policy
[4] What to Expect When Reporting Vulnerabilities to Microsoft https://msrc.microsoft.com/blog/2020/09/what-to-expect-when-reporting-vulnerabilities-to-microsoft/
Return to Index - Add to
- ics Calendar file
DC - Saturday - 09:30-10:15 PDT
Title: Badge of Shame: Breaking into Secure Facilities with OSDP
When: Saturday, Aug 12, 09:30 - 10:15 PDT
Where: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
Speakers:Dan "AltF4" Petro,David Vargas
SpeakerBio:Dan "AltF4" Petro
, Senior Security Engineer at Bishop Fox
Dan "AltF4" Petro is a Senior Security Engineer at Bishop Fox. Dan is widely known for the tools he creates: Eyeballer (a convolutional neural network pentest tool), the Rickmote Controller (a Chromecast-hacking device), Untwister (pseudorandom number generator cracker), and SmashBot (a merciless Smash Bros noob-pwning machine).
SpeakerBio:David Vargas
, Senior Security Consultant at Bishop Fox
David "Shad0" Vargas is a senior red teamer at Bishop Fox. He enjoyes breaking into secure facilities by exploiting physical, social and network security controls. In a past life, David designed a power system for a cube satellite to be launched into space.
Description:
Breaking into secure facilities used to be possible by inserting a listening device (such as an ESPKey) behind an RFID card reader and sniffing the unencrypted Wiegand badge numbers over the wire as they go to the backend controller. The physical security industry has taken notice and there's a new sheriff in town: The encrypted protocol OSDP which is starting to be rolled into production. Surely encryption will solve our problems and prevent MitM attacks right? ... right?
In this presentation, we'll demonstrate over a dozen vulnerabilities, concerning problems, and general "WTF"s in the OSDP protocol that let it be subverted, coerced, and totally bypassed. This ranges from deeply in-the-weeds clever cryptographic attacks, to boneheaded mistakes that undermine the whole thing. We will also demonstrate a practical pentesting tool that can be inserted behind an RFID badge reader to exploit these vulnerabilities.
Get your orange vest and carry a ladder, because we're going onsite!
- REFERENCES
- * ESPKey https://github.com/octosavvi/ESPKey
* OSDP v2.2 Spec https://www.securityindustry.org/2020/12/15/security-industry-association-releases-version-2-2-of-sia-osdp-standard/ https://libosdp.gotomain.io/protocol/introduction.html
* RS485 https://en.wikipedia.org/wiki/RS-485
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-17:59 PDT
Title: Battle of The Bots
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
Battle of The Bots presents a new twist on traditional “King-of-The-Hill” style Capture the Flag events by incorporating exploit development, vulnerability analysis, reverse engineering and software development in the form of developing computer worms aka “bots”. BOTBs requires competitors to develop proof-of-concept exploits against varying misconfigured or vulnerable network services. To maximize points scored, the competitor’s bot must automatically scan and compromise network services in the competition environment autonomously. Services that are harder to exploit (ex: requiring memory corruption exploits opposed to misconfigured databases) will result in a higher point score for the competitor.
The vulnerable network services will include real world vulnerable services where a competitor can adopt off the shelf proof-of-concepts vulnerabilities from an offensive security resource (ex: Metasploit Framework, exploit-db, packetstorm, etc…) into their bot to achieve access to said vulnerable services. Additionally, custom built vulnerable services informed by OWASP Top 10 security bugs as well as CVEs will influence challenge development resulting in a competitor to have the experience of reverse engineering new applications to identify vulnerabilities based on historically significant pain points in Software Engineering as well as infamous historical CVEs. Battle of The Bots will give competitors of all skill levels an opportunity to develop proof-of-concept exploits. Network services will be developed in a variety of compiled and interpreted languages with varying associated vulnerabilities and points. The variety of languages will provide opportunities for those less experienced with reverse engineering to analyze vulnerable Python code to find hidden API endpoints that lead to shell execution for example, rather than reverse engineer compiled binaries.
Finally, the BOTBs team will be capturing network traffic from the competition environment to later be shared with the wider community. The BOTBs team believes that this unique dataset of network service attacks can act as a unique resource for academic researchers, SOC analysts assessing their defenses and training events where having attack data for SIEM analysis. The data will be released under the Apache 2.0 License and hosted publicly on a yet to be determined platform.
Return to Index - Add to
- ics Calendar file
DL - Saturday - 12:00-13:55 PDT
Title: BBOT (Bighuge BLS OSINT Tool)
When: Saturday, Aug 12, 12:00 - 13:55 PDT
Where: Caesars Forum - Accord Boardroom - Demo Labs - Map
Speakers:Joel "TheTechromancer" Moore,Paul Mueller
SpeakerBio:Joel "TheTechromancer" Moore
TheTechromancer is a hacker at Black Lantern Security (BLS). He loves coding in Python, and is the creator of several security tools including ManSpider, TrevorSpray, and BBOT (Bighuge BLS OSINT Tool). He has also made contributions to other open-source projects such as Spiderfoot.
SpeakerBio:Paul Mueller
Paul Mueller is a Principal Operator at Black Lantern Security (BLS). He specializes in web application testing and application security. He loves finding complex hard-to-find web bugs, especially when they involve cryptography. He is also one of the developers for the BLS tools Writehat and BBOT (Bighuge BLS OSINT Tool). Prior to working with BLS, he spent over a decade as a DoD contractor providing both penetration testing and security analysis/incident handling. He got his start in the field as a systems administrator and later as a Signals Intelligence Analyst with the US Marine Corps.
Description:
BBOT (Bighuge BLS OSINT Tool) is a new recursive OSINT scanner inspired by Spiderfoot, but designed and optimized for bigger targets and faster scan times. BBOT is open-source and written in Python. Its 80+ modules range in function from subdomain enumeration to cryptographic exploitation. BBOT can map the attack surface of an organization (and sometimes get you RCE) in a single command.
Features include:
- multiple targets
- automatic dependencies w/ ansible
- python API
- subdomain enumeration
- email enumeration
- cloud bucket enumeration
- port scanning
- web service enumeration
- web screenshots
- web spidering
- vulnerability scanning (with nuclei and more)
Return to Index - Add to
- ics Calendar file
CLV - Saturday - 10:30-11:10 PDT
Title: Between a Log and a Hard Place: (mis)Adventures in Azure Logs
When: Saturday, Aug 12, 10:30 - 11:10 PDT
Where: Flamingo - Mesquite - Cloud Village - Map
SpeakerBio:Dmitriy Beryoza
Dmitriy Beryoza is a Senior Security Researcher with Vectra AI, working on threat detection in the cloud and on-prem networks. Before that, he was a penetration tester and secure software development advocate at IBM. Before switching to security full-time, Dmitriy has been a software developer for many years. He presented talks at BSides Las Vegas, BSides SF, HackFest, and others. Dmitriy holds a Ph.D. in Computer Science and OSCP, CISSP, CCSP and CEH certifications. His interests include reverse engineering, secure software development, and CTF competitions.
Twitter: @0xd13a
Description:
Security monitoring in any environment is made or broken by the signal quality in the event logs.
Cloud-based solutions have transformed the computing landscape with advantages like on-demand resource availability, scalability, cost-effectiveness, and enhanced collaboration capabilities. For defenders, this new world offered many benefits: robust identity management, patching at scale, improved incident detection and response, and more.
Cloud providers expose detailed logs that are consumed by security monitoring tools and SOC analysts. One would expect a common, streamlined logging solution to be a clear win in attack detection functionality, but the reality is more complicated.
We have spent the last three years studying and monitoring Azure logs and have seen many problems that can complicate incident detection and response. With no alternatives to the provider's logging solution and slow problem mitigation speed, these issues go beyond mere annoyances and can help attackers avoid detection.
In this talk, we will examine logging facilities in Azure, concentrating on events generated by Azure AD and Microsoft 365, and discuss multiple problems that we have observed in monitoring them.
These include:
- Blind spots hiding critical security events
- Poorly documented events, attributes and magic values
- Missing important information about user actions
- Bugs in log records
- Unannounced changes that break detection queries
- Log pollution opportunities, potentially leading to RCE
and more
For all these issues, we will:
- examine their impact on defense and monitoring
- discuss how attackers (and red teamers) may take advantage of them
- suggest how defenders can mitigate the negative impact, where possible
- and propose ways the cloud provider can address the problems going forward
Return to Index - Add to
- ics Calendar file
BHV - Saturday - 00:00-00:59 PDT
Title: Beyond Ransomware: Protecting Lives and Data from Modern Threat Actors
When: Saturday, Aug 12, 00:00 - 00:59 PDT
Where: Virtual
SpeakerBio:Ohad Zaidenberg
No BIO available
Description:
This talk is being pre-recorded and will be released on YouTube. Once it is available, a link to it will appear here.
Update 2023-08-11 06:30: Biohacking Village indicates that the pre-recorded talks have not yet been received. Once received, these talks will be posted to the [Biohacking Village YouTube Channel](https://www.youtube.com/@BiohackingVillage/about). Please note that this may be as late as a week or two after DC31.
Return to Index - Add to
- ics Calendar file
PLV - Saturday - 13:00-13:50 PDT
Title: Beyond the Breach: Exploring Cybersecurity Policies with Hacker Perspectives
When: Saturday, Aug 12, 13:00 - 13:50 PDT
Where: Caesars Forum - Summit - 221-222 - Policy Atrium - Map
Speakers:Andrés Velázquez,Isabella Rolz,Mauro Vignati,Orlando Garces
SpeakerBio:Andrés Velázquez
, Founder and President at MaTTica
Andrés Velázquez is a cybersecurity expert and the Founder and President of MaTTica, a leading strategic cybersecurity company in Latin America. With specialized knowledge in cybersecurity, incident response, and computer forensics, Andrés possesses a deep understanding of the ever-evolving landscape of digital investigations and the associated challenges. He is particularly focused on providing expert guidance to Computer Security Incident Response Teams (CSIRTs), playing a pivotal role in incident response and policy development for these teams in Latin America. With a notable career in the industry, Andrés has trained over 1,500 law enforcement and intelligence officers, lawyers, and judges in the region on combating cybercrime. His expertise extends to the academic realm, where he serves as a cybersecurity professor at multiple prestigious universities.
SpeakerBio:Isabella Rolz
, Communications Specialist at Inter-American Committee against Terrorism (CICTE) of the Organization of American States (OAS)
Isabella Rolz is a communications specialist and journalist with over eight years of experience covering topics related to Latin America and the Caribbean. Her publications address issues such as ensuring security and transparency in LAC, poverty, and immigration, among other social problems. Isabella has worked at the Inter-American Development Bank, The World Bank, Pan-American Health Organization, and now the Organization ofAmerican States. Her work as a journalist has been published in the Washington Post, ABC News, the Daily Beast, Univision, and the New Humanitarian, among other media outlets. She graduated from Columbia University's Graduate School of Journalism with a scholarship from the Maria Moors Foundation and is a National Association of Hispanic Journalists member.
SpeakerBio:Mauro Vignati
, ICRC
In 2003 Mauro started working at the first unit of the Swiss Federal Police fighting cybercrime. Later on, he collaborated to the establishment of MELANI, Switzerland's first centre for public-private partnership on cybersecurity for critical infrastructure. Back in 2013, he set up and led the Cyber Threat Intelligence Division within the Department of Defence in Bern. In 2021, he was tasked to create the Vulnerability Management unit within the National Cyber Security Centre NCSC.ch, leading several projects, among them the first bug bounty program of the Swiss government. He then joined the International Committee of the Red Cross ICRC one year later, as advisor on new digital technologies of warfare.
SpeakerBio:Orlando Garces
, Cybersecurity Program Officer at Inter-American Committee against Terrorism (CICTE) of the Organization of American States (OAS)
Orlando Garcés, Cybersecurity Program Officer of the Inter-American Committee against Terrorism (CICTE) of the Organization of American States (OAS), focusing primarily on strategy and policy, governance issues, and gender mainstreaming in cybersecurity. He has strategically participated in the formulation and implementation of National Cybersecurity Strategies and Policies in several countries in the Latin American and Caribbean region, as well as in the development of reports and studies on the state of cybersecurity in strategic industries and sectors.
Description:
The field of cybersecurity policy is constantly evolving, and as such, the need to think innovatively and critically about policy solutions to address new and emerging threats. “Beyond the Breach: Exploring Cybersecurity Policies with Hacker Perspectives” is a panel that will bring together experts to explore the role of cybersecurity policy hackers in responding to cyber policy challenges that governments and organizations face in this rapidly evolving landscape. The discussion will delve into ongoing processes of elaborating global, regional, and local cyber policies that engage the hacker community. Globally, those discussed in the ICRC Delegation for Cyberspace; regionally, in OAS member states in the Americas; and locally, those in the public and private organizations, such as Computer Security Incident Response Teams (CSIRTs) in Latin America. Additionally, it will explore initiatives to create platforms for hackers’ participation and encourage innovation in cybersecurity policymaking. Furthermore, the panel will also discuss the role of cybersecurity policy hackers in the ongoing evolving landscape of digital investigations and the associated challenges across different regions.
Return to Index - Add to
- ics Calendar file
BICV - Saturday - 16:00-16:50 PDT
Title: BIC Village Closing Keynote
When: Saturday, Aug 12, 16:00 - 16:50 PDT
Where: Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village - Map
SpeakerBio:Kevin Roberts
Kevin is a Social Media Personality who is dedicated to Technology Tips, Tricks, and Information Security Awareness!
He has a focus on making content that caters to both the tech-savvy and those just starting their journey into tech. Topics he goes over include: Internet Safety, Privacy, and Educational Cybersecurity content.
He has a growing community in Discord, called OWLsec. Currently they have over 17,000 members with a diversity of backgrounds. He boasts an inclusive community where "leaving egos at the door" and "understanding we all started somewhere" are the main focal points of their community growth.
Description:
Join me as I share my tech journey!
I will share a brief insight of my origin, what sparked my interest in technology and the path that led me to where I am today! I'll reveal some of the exciting hacks and experiences I've had with friends along the way. I'll take you behind the scenes, sharing where and how I spend countless hours connecting and learning about Cybersecurity.
I will also share my exciting growing community "OWLsec", which came to life with the help of amazing individuals!
Return to Index - Add to
- ics Calendar file
SOC - Saturday - 19:00-00:59 PDT
Title: BlanketFort Con
When: Saturday, Aug 12, 19:00 - 00:59 PDT
Where: Caesars Forum - Forum - 130 - Map
Description:
BlanketFort Con: Come for the chill vibes and diversity, stay for the Blanket Fort Building, Cool Lights, Music, and Kid Friendly\Safe environment. Now with less Gluten and more animal onesies!
Return to Index - Add to
- ics Calendar file
DL - Saturday - 14:00-15:55 PDT
Title: BLE CTF
When: Saturday, Aug 12, 14:00 - 15:55 PDT
Where: Caesars Forum - Unity Boardroom - Demo Labs - Map
Speakers:Alek Amrani,Ryan Holeman
SpeakerBio:Alek Amrani
Alek Amrani - bad at expense reports
SpeakerBio:Ryan Holeman
, CISO at Strike
Ryan Holeman resides in Austin, Texas, where he works as the CISO for the peer-to-peer payment platform Strike. He is currently pursuing a Ph.D. in cyber defense from Dakota State University. He has spoken at respected venues such as Black Hat, DEF CON, Lockdown, BSides, Ruxcon, Notacon, and Shmoocon. You can keep up with his current activity, open source contributions, and general news on his blog. His spare time is mostly spent digging into various network protocols, random hacking, creating art, and shredding local skateparks.
Description:
BLE CTF is a series of Bluetooth Low Energy challenges in a capture the flag format. It was created to teach the fundamentals of interacting with and hacking Bluetooth Low Energy services. Each exercise, or flag, aims to interactively introduce a new concept to the user. Over the past few years, BLE CTF has expanded to support multiple platforms and skill levels. Various books, workshops, trainings, and conferences have utilized it as an educational platform and CTF. As an open source, low cost of entry, and expandable education solution, BLE CTF has helped progress Bluetooth security research.
Return to Index - Add to
- ics Calendar file
WS - Saturday - 09:00-12:59 PDT
Title: BLE Security 201 (Pre-Registration Required)
When: Saturday, Aug 12, 09:00 - 12:59 PDT
Where: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
Speakers:Maxine "Freqy" Filcher,Zach "justadequate" Reavis
SpeakerBio:Maxine "Freqy" Filcher
Maxine, or Freqy, is a US Army Veteran, possessing a master's degree in Cybersecurity and is widely recognized for her expertise in wireless security. In sharing her knowledge, she has delivered many presentations over the last five years, exploring various facets of wireless security. Maxine's grasp of BLE security has helped her play pivotal roles in assisting numerous large-scale corporations in fortifying the security of consumer devices that are ubiquitous to millions of households worldwide
SpeakerBio:Zach "justadequate" Reavis
Zach, also known as justadequate, is an OSCP-certified wireless security expert specializing in waveform reverse engineering, exploit development, and embedded systems penetration testing. Demonstrating in-depth knowledge and experience in these areas, he has worked in both consulting and formal security test and engineering roles to develop, assess, and secure systems ranging from aircraft to SCADA/ICS to IoT/home-use devices deployed around the world.
Description:
There have been plenty of talks on intro BLE security topics, it’s time for us to put it to use. This workshop will serve as a refresher for the BLE skills gained in previous talks, while walking students to the next level through utilizing BLE as an initial ingress vector to compromise a simulated corporate network. Come join us while we demonstrate the importance of investigating all wireless protocols in your corporate environment.
Skill Level: Intermediate
Prerequisites for students:
- None
Materials or Equipment students will need to bring to participate:
- Laptop
- Android Phone
Return to Index - Add to
- ics Calendar file
CPV - Saturday - 10:30-10:59 PDT
Title: Blindly hunting for Mercenaries
When: Saturday, Aug 12, 10:30 - 10:59 PDT
Where: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
Speakers:Asheer Malhotra,Vitor Ventura
SpeakerBio:Asheer Malhotra
No BIO available
SpeakerBio:Vitor Ventura
No BIO available
Twitter: @@_vventura
Description:No Description available
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:30-17:59 PDT
Title: Blue Team Village CTF
When: Saturday, Aug 12, 10:30 - 17:59 PDT
Where: Flamingo - Sunset - Scenic - Blue Team Village - Map
Description:
The Blue Team Village CTF is a cyber defense CTF inspired by a mix of trending nation-state actor kill chains and at least one custom insider threat story. You are an incident responder tasked to investigate the recent attacks against our fictitious company: Magnus Tempus Financial. Since Magnus Tempus Financial made a vital acquisition expanding its precious metals portfolio to oil and gas operational technology (OT), you will also investigate their OT environment.
The CTF challenges contestants to leverage diverse cyber defense skills, including Incident Response, Forensics, Malware Analysis, Threat Intelligence, and Threat Hunting, to be the first team or individual to answer or solve the challenges presented.
The BTV crew developed the CTF to allow anyone, regardless of skill or knowledge, to participate, aiming to sharpen their cyber defense skills. We believe in the idea of choosing your adventure. As a result, participants can download a copy of the required evidence (logs, packets, etc.) or log into any of the 3 SIEMs we provide to hunt on.
If you are new to cyber defense, we highly recommend participating in the Blue Team Village Obsidian stations. They will cover many of the topics on the CTF and will help you along the way!
Return to Index - Add to
- ics Calendar file
MISC - Saturday - 10:00-15:59 PDT
Title: Book Exchange
When: Saturday, Aug 12, 10:00 - 15:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
What’s it all about?
The Book Exchange at DEF CON, will allow for members of the community to drop off a used book that has been kindly read and may be enjoyable by someone else and in return they will be able to select a “new gently used” book from the exchange table.
Why?
Reading is fundamental. Many of us in the Defcon community have learned and been inspired by books and remain avid readers. The Defcon book exchange will allow community members to drop off a book that they found inspiring and is sitting on their shelf collecting dust and in return they will be able to get a new book which hopefully will continue to expand their knowledge over the next year. This effort will keep used books in circulation.
When and Where:
The exchange will be held from 10:00 to 16:00, Day(s) to be announced.
Left over books will be transported and donated to a used book store in Las Vegas, but the goal will be to have a zero net sum gain.
Return to Index - Add to
- ics Calendar file
DCGVR - Saturday - 13:35-14:05 PDT
Title: Bootsquad: Stomping out squatters
When: Saturday, Aug 12, 13:35 - 14:05 PDT
Where: Virtual
SpeakerBio:Joe Mast
Joe Mast is a Security Engineer, life long learner, and breaker of things. He has a passion for DNS and operational security. His background consists of helping to secure global financial, retail, and security environments.
Description:
Have you ever attempted to register a domain for your trademark only to find it's already registered? Has a domain squatters attempted to extort you for relevant domains at exorbitant fees? Has a threat actor attempted to register look-alike domains and commence phishing attacks? This talks seeks to document a process for abusing URDP to obtain desirable domains when the opposition's operational security is lacking. Discussion will include covering URDP (Uniform Domain-Name Dispute-Resolution Policy) and the criteria required to initiate a domain successful takedown request. We will document in detail scenarios, which can be abused in order to produce evidence, which will lead to a successful domain takedown, regardless of the registering parties initiatives. Finally we will provide security guidance to threat actors, blue teamers and domain squatters to strengthen their portfolio and ensure URDP cannot be abused in this manner.
Return to Index - Add to
- ics Calendar file
APV - Saturday - 16:30-17:15 PDT
Title: Breaking Barriers: A Deep Dive into Bypassing Next-Gen 2FA and MFA Security Measures
When: Saturday, Aug 12, 16:30 - 17:15 PDT
Where: Flamingo - Savoy - AppSec Village - Main Stage - Map
SpeakerBio:Muhammad Shahmeer
Shahmeer Amir iise 3rd most accomplished bug hunter who has helped over 400 Fortune companies. He has founded multiple companies. He is a keynote speaker on Cyber Security, Blockchain at including Blackhat, GiSec, FIC, AEC Alberta, Hackfest
Twitter: @Shahmeer_Amir
Description:
As cyberattacks become more sophisticated, companies are increasingly relying on two-factor authentication (2FA) and multi-factor authentication (MFA) to protect their assets. However, these security measures are not foolproof and can be bypassed by determined attackers. In this presentation, we will take a deep dive into the techniques used by attackers to bypass next-generation 2FA and MFA security measures.
We will begin by discussing the limitations of 2FA and MFA and why they can be vulnerable to attacks. Then we will demonstrate a variety of attacks used by attackers to bypass these security measures, including phishing attacks, man-in-the-middle attacks, and SIM swapping attacks. We will also explore more advanced techniques such as exploiting vulnerabilities in authentication protocols and exploiting weaknesses in mobile authentication applications.
Throughout the presentation, we will provide real-world examples of successful attacks that have bypassed 2FA and MFA, highlighting the impact of such attacks on businesses and organizations. We will also discuss the latest trends and developments in 2FA and MFA security and the steps organizations can take to improve their security posture.
By the end of the presentation, attendees will have a better understanding of the vulnerabilities in 2FA and MFA security measures and how attackers can exploit them. They will also gain practical knowledge and tools to help them better protect their organizations against these types of attacks.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 15:30-16:15 PDT
Title: Breaking BMC: The Forgotten Key to the Kingdom
When: Saturday, Aug 12, 15:30 - 16:15 PDT
Where: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
Speakers:Adam Zabrocki,Alex Tereshkin
SpeakerBio:Adam Zabrocki
, Distinguished Engineer (Offensive Security) at NVIDIA
Adam ‘pi3’ Zabrocki is a computer security researcher, pentester and bughunter, currently working as a Distinguished Engineer (Offensive Security) at NVIDIA. He is a creator and developer of Linux Kernel Runtime Guard (LKRG) - his moonlight project defended by Openwall. Among others, he used to work in Microsoft, European Organization for Nuclear Research (CERN), HISPASEC Sistemas (known from the virustotal.com project), Wroclaw Center for Networking and Supercomputing, Cigital. The main area of his research is low-level security (CPU arch, uCode, FW, hypervisor, kernel, OS).
As a hobby, he was a developer in The ERESI Reverse Engineering Software Interface project, a bughunter (discovered vulnerabilities in Hyper-V, KVM, RISC-V ISA, Intel's Reference Code, Intel/NVIDIA vGPU, Linux kernel, FreeBSD, OpenSSH, gcc SSP/ProPolice, Apache, Adobe Acrobat Reader, Xpdf, Torque GRID server, and more) and studied exploitation and mitigation techniques, publishing results of his research in Phrack Magazine.
Adam is driving a Pointer Masking extension for RISC-V, he is involved in many RISC-V security related extensions (including CFI), he is a co-author of a subchapter to Windows Internals and was twice The Pwnie Awards nominee (2021 and 2022) for the most under-hyped research. He was a speaker at well-known security conferences including Blackhat, DEF CON, Security BSides, Open Source Tech conf and more.
Twitter: @Adam_pi3
SpeakerBio:Alex Tereshkin
, Principal System Software Engineer (Offensive Security) at NVIDIA
Alex Tereshkin is an experienced reverse engineer and an expert in UEFI security, Windows kernel and hardware virtualization, specializing in rootkit technologies and kernel exploitation. He has been involved in the BIOS and SMM security research since 2008. He is currently working as a Principal Offensive Security Researcher at NVIDIA. He has done significant work in the field of virtualization-based malware and Windows kernel security. He is a co-author of a few courses taught at major security conferences and a co-author of the first UEFI BIOS and Intel ME exploits. In 2022 he was a Pwnie Awards nominee for the most under-hyped research.
Twitter: @AlexTereshkin
Description:
The Baseboard Management Controller (BMC) is a specialized microcontroller embedded on the motherboard, typically used in servers and other enterprise-level hardware. The security of the BMC is critical to the overall security of the system, as it provides a privileged level of access and control over the hardware components of the system, including the ability to perform firmware updates, and even power the system on and off remotely.
When the internal offensive security research team was analyzing one of the NVIDIA hardware, they detected several remotely exploitable bugs in AMI MegaRAC BMC. Moreover, various elevations of privileges and "change of scope" bugs have been identified, many of which may be chained together resulting in a highest severity security issue. During this talk we would like to take you on the journey of the whole attack sequence: from having zero knowledge about a remote AMI BMC with enabled IPMI (yeah, right) to flashing a persistent firmware implant to the server SPI flash. The chain will be about a dozen bugs long, so buckle up.
- REFERENCES
-
Return to Index - Add to
- ics Calendar file
ASV - Saturday - 10:00-17:59 PDT
Title: Bricks in the Air
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
Description:
Bricks in the Air
Aerospace Village
Bricks in the Air is a hands-on demo to teach the basics of low level protocols seen in aviation. The demo uses the I2C protocol and does not reveal actual security vulnerabilities in avionics or other systems in aviation. The attendees are not required to have any prerequisite knowledge. No equipment is needed for attendees.
Return to Index - Add to
- ics Calendar file
CLV - Saturday - 14:10-14:50 PDT
Title: Bridging the Gap: Cloud Threat Intelligence for Detection and Offensive Security Practitioners
When: Saturday, Aug 12, 14:10 - 14:50 PDT
Where: Flamingo - Mesquite - Cloud Village - Map
SpeakerBio:Alex Delamotte
Alex's passion for cybersecurity is humbly rooted in the early aughts, when she declared a vendetta against a computer worm. Over the past decade, Alex has worked with blue, purple, and red teams serving companies in the technology, financial, pharmaceuticals, and telecom sectors and she has shared research with several ISACs. Alex enjoys researching the intersection of cybercrime and state-sponsored activity. She relentlessly questions why actors pivot to a new technique or attack surface. In her spare time, she can be found DJing or servicing her music arcade games.
Twitter: @spiderspiders_
Description:
During my transition from a conventional malware research position to a detection engineering role within a technology company, I encountered significant difficulties in acquiring actionable and timely intelligence regarding cloud-based threat actors. Subsequently, when I assumed a new position on an offensive security team, I faced similar challenges due to the scarcity of threat intelligence necessary for effective adversary emulation.
Recently, I had the opportunity to publish my research on [AlienFox](https://www.sentinelone.com/labs/dissecting-alienfox-the-cloud-spammers-swiss-army-knife/), a communally-developed cloud spamming toolset. As a curator of cloud intelligence, I am confronted with the arduous task of providing defenders with actionable threat intelligence in situations where the tools employed by attackers remain confined within their own systems. In targeted service environments, the utilization of payloads is considerably reduced, with the absence of prominent features such as Cobalt Strike beacons or Meterpreter. Additionally, the intricacies of DLL injection and registry modifications are rendered obsolete. Instead, cloud attackers harness robust and extensively documented APIs developed by the respective service providers, eliminating the need for complex shellcode encoders.
Given these limitations, how can defenders effectively operate? These attacks invariably leave behind artifacts in the form of configurations, such as the creation of new user profiles, which can be traced through API logs. Ultimately, if approached with an open mind and a willingness to adapt forensic methodologies, these techniques can be extrapolated from the realm of endpoint security. This talk will discuss how to approach detection of several familiar techniques--such as privilege escalation and persistence--ported to the cloud realm.
Return to Index - Add to
- ics Calendar file
PHV - Saturday - 09:00-17:59 PDT
Title: Build Your Own Botnet
When: Saturday, Aug 12, 09:00 - 17:59 PDT
Where: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
Description:
BYOB is intended to be a beginner friendly workshop dive into how botnets work. Attendees will use a web application to create a "dropper" file. (It is a tiny file whose only purposes is to fetch and execute the next stage of code). Then put the dropper file on another computer to obfuscate the command computer. The dropper is heavily obfuscated and compressed, and is a small python script. Attendees will learn how bot command and control works and cause several bots to probe a potential next target to gain access.
Return to Index - Add to
- ics Calendar file
RTV - Saturday - 09:00-11:59 PDT
Title: Build Your Own Cat-Shaped USB Hacking Tool! (with the Nugget)
When: Saturday, Aug 12, 09:00 - 11:59 PDT
Where: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 2 - Map
SpeakerBio:Alex Lynd
No BIO available
Twitter: @alexlynd
Description:
Want to learn how hackers compromise unlocked computers in seconds? Come build your own USB hacking tool in this beginner-friendly workshop, and learn to write prank payloads with your new cat-shaped hacking companion, the “USB Nugget”! You’ll learn the techniques & tools hackers use to deploy USB attacks, and compete for prizes in a mini hackathon to make the most destructive payload!
Return to Index - Add to
- ics Calendar file
SEV - Saturday - 16:00-16:59 PDT
Title: Building an Effective Security Culture Program
When: Saturday, Aug 12, 16:00 - 16:59 PDT
Where: LINQ - 3rd flr - Social A - Social Engineering Community - Map
Speakers:Jessica Barker,Maxie Reynolds,Rebecca Markwick,Sam Davison
SpeakerBio:Jessica Barker
Dr Jessica Barker MBE is an award-winning leader in the human side of cyber security and has delivered face-to-face awareness sessions to over 50,000 people. Jessica is the go-to expert for media such as BBC, Sky News and Wired and she has delivered over 80 keynotes including NATO, the World Government Summit and RSA. She serves on numerous boards, including the UK Government Cyber Security Advisory Board. She is the author of the best-selling book ‘Confident Cyber Security’ and in June 2023, Jessica was awarded an MBE for services to cyber security by King Charles in his first Birthday Honours.
Twitter: @drjessicabarker
SpeakerBio:Maxie Reynolds
Maxie Reynolds started her career in oil and gas as an underwater robotics pilot and subsea engineer working in Norway, Venezuela, Australia, Italy, Russia, Nigeria and the US. She then transitioned into cyber security at PwC in Australia, working in ethical hacking and social engineering. She also published a best selling book in 2021 titled ‘The Art of Attack: Attacker Mindset for Security Professionals.’ In late 2021, she moved back to the field of subsea engineering and created Subsea Cloud – a data center infrastructure company that places data centers underwater. Maxie was born in Scotland and is educated in Computer Science and Underwater Robotics. Currently, Maxie’s aim through her startup is to reduce latency, costs and CO2 emissions for hyper-scale spenders and small businesses alike whilst being the most agile infrastructure company around.
SpeakerBio:Rebecca Markwick
, Enterprise Cyber Security Awareness and Culture Lead
Rebecca has spent over a decade designing and delivering training. Her experience in complex behavioural training allows for an innovative approach to designing security awareness programmes and accompanying metrics. One of her key areas of interest is the ethics of phishing and pen testing when considering effective training and culture and how best to protect the everyday user from attack. She is currently Enterprise Cyber Security Awareness and Culture Lead at a global BioTech company. Prior to this she was Security Culture Advocate at the UK’s Ministry of Justice.
Twitter: @BexMarkwick
SpeakerBio:Sam Davison
, Head of Security and Privacy Engineering at Etsy
Sam Davison is a Security, Privacy, and Trust & Safety leader. She recently joined Etsy as the Head of Security and Privacy Engineering. Prior to her current role, Davison served as Director of Trust & Privacy Engineering at Robinhood, building and leading all consumer-facing security, privacy, and trust & safety engineering in addition to offensive security and intelligence functions. Davison has held leadership roles at the Krebs Stamos Group, Lyft, Snap Inc., and Uber where she led efforts with a particular emphasis on behavioral engineering, offensive security, and content moderation. Before working in Silicon Valley, she conducted extensive research on the efficacy of security engagement and co-led a consulting firm that built behavioral-based programs for 15+ Fortune 500 companies. Davison has volunteered throughout her career, lending her expertise to survivors of domestic abuse and election protection efforts.
Twitter: @Sam_E_Davison
Description:
With most cyber attacks and incidents involving social engineering, security culture is hugely influential in cyber security prevention and response. Your security culture is the foundation of your security posture, influencing whether people value cyber security, engage in awareness-raising training and report incidents and concerns. In this panel discussion, we will explore:
- What cyber security culture is
- How you can build an effective awareness-raising program
- Different ways to approach phishing simulations
- Practical steps to positively influence cyber security behaviors
Join us as we debate how to best protect the number one vector in cyber attacks: people.
Return to Index - Add to
- ics Calendar file
ASV - Saturday - 12:30-13:20 PDT
Title: Building Space Attack Chains using SPARTA
When: Saturday, Aug 12, 12:30 - 13:20 PDT
Where: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
SpeakerBio:Brandon Bailey
No BIO available
Description:
Will demonstrate how to use SPARTA to develop attack chains against space systems. This presentation will present pre-existing attack chains (e.g., CySat 2023, Hack-a-Sat 3, etc.) that have been performed as well as new attack chains leveraging the SPARTA TTPs. The presentation will include a demonstration of at least one attack chain using a digital twin simulation.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 10:30-11:15 PDT
Title: Calling it a 0-Day - Hacking at PBX/UC Systems
When: Saturday, Aug 12, 10:30 - 11:15 PDT
Where: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
SpeakerBio:good_pseudonym
No BIO available
Description:
PBX (Private Branch Exchange) and UC (Unified Communications) servers are the big communication brokers in enterprise environments where they love on-prem. They do everything to enable internal and external communications including voice, video, conferencing and messaging. But a broader scope also means a broader attack surface.
In this talk, we'll give an overview PBX/UC systems, what kind of attack surface they have, as well as several bugs that we recently found in two popular PBX/UC products. The journey includes deep-diving Java's Runtime.exec(), decrypting encrypted PHP, bypassing license restrictions, pretending to be a phone, and (of course) getting some shells.
- REFERENCES
- * VoIP Wars: Attack of the Cisco Phones (DEF CON 22, Fatih Ozavci)
* Hacking VoIP Exposed (Black Hat USA 2006, David Endler, Mark Collier)
Return to Index - Add to
- ics Calendar file
SOC - Saturday - 21:00-00:59 PDT
Title: Capitol Tech University, Pub Crawl
When: Saturday, Aug 12, 21:00 - 00:59 PDT
Where: Caesars Forum - Forum - 113-114 - Map
Description:
Capitol Tech University will be a hosting a pub in the DEF CON pub crawl. Swing by for a chat and a beer!
Return to Index - Add to
- ics Calendar file
CON - Saturday - 12:00-17:59 PDT
Title: Capture The Packet Main Rounds
When: Saturday, Aug 12, 12:00 - 17:59 PDT
Where: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
Description:
Capture The Packet is returning to DEF CON! Our legendary cyber defense competition has been a Black Badge contest for over 10 years! Glory and prizes await. Follow this event on Twitter at @Capturetp for the latest information on competition dates and times, as well as prizes.
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:30-11:59 PDT
Title: Capture The Packet Preliminaries
When: Saturday, Aug 12, 10:30 - 11:59 PDT
Where: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
Description:
Capture The Packet is returning to DEF CON! Our legendary cyber defense competition has been a Black Badge contest for over 10 years! Glory and prizes await. Follow this event on Twitter at @Capturetp for the latest information on competition dates and times, as well as prizes.
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-17:59 PDT
Title: Car Hacking Village CTF
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
The Car Hacking Village CTF is a fun interactive challenge which gives contestants first hand experience to interact with automotive technologies. We work with multiple automotive OEM's and suppliers to ensure our challenges give a real-world experience to car hacking. We understand hacking cars can be expensive, so please come check out our village and flex your skills in hacking automotive technologies.
With the largest collection of hackers in one area, there's no better way to understand the security state of an industry without bringing it to security professionals to break. Over the past 9 years, the Car Hacking Village has been the focal point of interest for new hackers entering the automotive industry to learn, be a part of and actually test out automotive technologies. Our contest at the village, in combination with many automotive OEMs, Suppliers, etc., is used to give people first hand experience on cutting edge and at times expensive technologies. We plan to use this event to keep drawing attention to the automotive security industry through hands-on challenges.
Return to Index - Add to
- ics Calendar file
AIV - Saturday - 16:30-17:25 PDT
Title: ChatGPT: Your Red Teaming Ally
When: Saturday, Aug 12, 16:30 - 17:25 PDT
Where: Caesars Forum - Academy - 401-406 - AI Village - Map
SpeakerBio:Gavin Klondike
No BIO available
Description:
In this talk, we'll dive into how ChatGPT can enhance your existing workflow and provide valuable insights. We'll start with a brief overview of what GPT models are, how to craft the perfect prompt, and then focus on red team specific use cases for day-to-day operations.
Return to Index - Add to
- ics Calendar file
VMV - Saturday - 11:30-12:15 PDT
Title: Chinese Prototype Review
When: Saturday, Aug 12, 11:30 - 12:15 PDT
Where: Caesars Forum - Academy - 415-418 - Voting Village - Map
SpeakerBio:William Baggett
Will Baggett has a background in the U.S. Intelligence Community and also in NATO SOF as a cyber instructor His experience in the Intelligence Community provided a foundation for Insider Threat, Digital Forensics, and Cyber Intelligence consulting to pharmaceutical, financial, and technical entities. He is a graduate of Georgia Tech, holds multiple digital forensic certifications as well as that of a Certified Fraud Examiner and has appeared on several news broadcasts discussing cybersecurity issues. Will is also the Director of Digital Forensic services for Operation Safe Escape, a volunteer-run non-profit assisting domestic abuse victims as they begin new lives.
Description:No Description available
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-17:59 PDT
Title: Cloud Village CTF
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Virtual
Description:
If you ever wanted to break stuff on the cloud, or if you like rabbit holes that take you places you did not think you would go to, follow complicated story lines to only find you could have reached to the flag without scratching your head so much - then this CTF is for you!
Our CTF is a three days jeopardy style contest where we have a bunch of challenges hosted across multiple Cloud providers across multiple categories of difficulty.
You can register as teams or go solo, use hints or stay away from them, in the end it will be all for glory or nothing. Plus the prizes. Did we not mention the prizes? :D
Return to Index - Add to
- ics Calendar file
CLV - Saturday - 13:00-13:30 PDT
Title: CloudRecon - finding ephemeral assets in the cloud
When: Saturday, Aug 12, 13:00 - 13:30 PDT
Where: Flamingo - Mesquite - Cloud Village - Map
Speakers:Gunnar Andrews,Jason Haddix
SpeakerBio:Gunnar Andrews
No BIO available
Twitter: @@G0LDEN_infosec
SpeakerBio:Jason Haddix
, CISO and “Hacker in Charge” at BuddoBot
Jason Haddix is the CISO and “Hacker in Charge” at BuddoBot, a world-class adversary emulation consultancy. He's had a distinguished 15-year career in cybersecurity previously serving as the CISO of Ubisoft, Head of Trust/Security/Operations at Bugcrowd, Director of Penetration Testing at HP, and Lead Penetration Tester at Redspin. He has also held positions doing mobile penetration testing, network/infrastructure security assessments, and static analysis. Jason is a hacker and bug hunter to the core, and he is ranked 51st all-time on Bugcrowd's leaderboards. Currently, he specializes in recon and web application analysis. Jason has also authored many talks on offensive security methodology, including speaking at cons such as; DEF CON, Black Hat, OWASP, RSA, Nullcon, SANS, IANS, BruCon, Toorcon, and many more. Jason currently lives in Colorado with his wife and three children.
Twitter: @jhaddix
Description:
CloudRecon is a suite of tools for red teamers and bug hunters to find ephemeral and development assets in their campaigns and hunts.
Often, target organizations stand up cloud infrastructure that is not tied to their ASN or related to known infrastructure. Many times these assets are development sites, IT product portals, etc. Sometimes they don't have domains at all but many still need HTTPs.
CloudRecon is a suite of tools to scan all the cloud providers and find these hidden gems for testers, by inspecting those SSL certificates.
The tool suite is three parts in GO:
- CloudScrape - A LIVE running too to inspect the ranges for a keywork in SSL certs OU, CN, and SN fields in real time.
- CertStan - a tool to retrieve the ranges of AWS, GCP, and Azure, and download all their certs to your box. So you can have your OWN cert.sh database.
- CertSniff - a tool to parse and search through the downloaded certs for keywords.
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-17:59 PDT
Title: CMD+CTRL at DEF CON 31 - Booth Open
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
CMD+CTRL Cyber Range is an interactive learning and hacking platform where development, security, IT, and other roles come together to build an appreciation for protecting the enterprise. Players learn security techniques in a real-world environment where they compete to find vulnerabilities. Real-time scoring keeps participants engaged and creates friendly competition. Our Cloud and App Cyber Ranges incorporate authentic, fully functioning applications and vulnerabilities often found in commercial web platforms.
Learn to see web applications and services from an attacker's perspective. CMD+CTRL is a hacking game designed to teach the fundamentals of web application security. Explore vulnerable web applications, discover security flaws, and exploit those flaws to earn points and climb up the scoreboard. After attacking an application for yourself, you'll have a better understanding of the vulnerabilities that put real applications at risk - and you'll be better prepared to find and fix those vulnerabilities in your own code.
At DEF CON 31: We will be debuting our latest Cyber Range, which focuses on exploiting a modern health record management system, dubbed ShadowHealth. Inspired by the latest trends and real world exploits, try your hands exploiting: SSRF, Log4Shell, reverse engineering, local privilege escalation, password cracking, XXS, and so much more! With over 35 challenges do you think you can complete them all?
CMD+CTRL will have two different games happening: free play, and the competition. Both require a code to join, and the best way to get a code is to go to the CMD+CTRL booth in the contest area. Codes to join free play may be given in Discord, on Thursday. Questions and such will also only be answered at the booth; Discord will not be staffed this year, aside from free play codes on Thursday. Once you have a code, you can play online, from anywhere -- you do not have to be in the contest area.
Return to Index - Add to
- ics Calendar file
SEV - Saturday - 13:30-15:30 PDT
Title: Cold Calls
When: Saturday, Aug 12, 13:30 - 15:30 PDT
Where: LINQ - 3rd flr - Social A - Social Engineering Community - Map
Description:
Cold Calls give attendees a walk-up opportunity to make a short call to get a feel for both the contest and the world of Social Engineering through vishing but without the contest elements.
This is on a first-come, first-served basis. Please see the "More Information" link.
Return to Index - Add to
- ics Calendar file
SEV - Saturday - 10:00-11:30 PDT
Title: Cold Calls
When: Saturday, Aug 12, 10:00 - 11:30 PDT
Where: LINQ - 3rd flr - Social A - Social Engineering Community - Map
Description:
Cold Calls give attendees a walk-up opportunity to make a short call to get a feel for both the contest and the world of Social Engineering through vishing but without the contest elements.
This is on a first-come, first-served basis. Please see the "More Information" link.
Return to Index - Add to
- ics Calendar file
ASV - Saturday - 12:00-12:25 PDT
Title: CON trolling the weather
When: Saturday, Aug 12, 12:00 - 12:25 PDT
Where: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
SpeakerBio:Paz Hameiri
, Hacker
Paz started his professional life more than 30 years ago, hacking games and developing tools in his teen years. Since then, he has worked in several companies, developing both hardware and software. Paz has six years of experience with telecommunication systems design and circuits.
For 14 years, Paz led multidisciplinary systems development as a systems engineer in the aerospace industry. At home, Paz explores ideas he finds interesting.
In 2019 he published a work on a body-tracking device that records keystrokes on a safe's keypad in Hakin9 Magazine. In 2021 he developed software that used a GPU as a digital radio transmitter and presented his work at DEF CON 29. In 2015 and 2019 he launched weather balloons with elementary school pupils.
Description:
Weather balloons’ radiosondes measure and transmit weather data. Besides weather models and forecasts, radiosondes are also important for gathering weather data for satellite launches and human spaceflights. I’ll present a simulation framework for the most popular radiosonde model and present simulations of a jamming attack and a spoofing attack on a receiver. I'll talk about the shortcomings of the military variant of the radiosonde model and suggest a simple way to cope with spoofing attacks.
Return to Index - Add to
- ics Calendar file
VMV - Saturday - 12:55-13:40 PDT
Title: Conflicting Security Reports from Halderman-Springalll and from MITRE: Which Is Right?
When: Saturday, Aug 12, 12:55 - 13:40 PDT
Where: Caesars Forum - Academy - 415-418 - Voting Village - Map
Speakers:David Jefferson,Drew Springall,Richard DeMillo
SpeakerBio:David Jefferson
Dr. David Jefferson is a computer scientist and an internationally recognized researcher on election security for well over twenty years, advising five Secretaries of State of California on voting technology issues. He served as the Chair of the Secretary of State's Post-Election Audit Standards Working Group, the panel that invented the notion of risk limiting audits and has written extensively on elections and voting security.
Twitter: @drjefferson
SpeakerBio:Drew Springall
I am an Assistant Professor in the Department of Computer Science and Software Engineering (https://www.eng.auburn.edu/comp/) at Auburn University (https://auburn.edu/). As a security researcher, I focus on nation-state/highly privileged attackers, Internet-scale measurement/vulnerabilities, and election security. I recently left Google's Production Security team where I was working to mitigate insider threats, secure core infrastructure, and improve the overall security and privacy properties of Google's products and services. My Ph.D. research focused on studying nation-state attackers such as the NSA, GCHQ, and other intelligence agencies to understand their approach to security issues and identify weaknesses that are form-fitted to their special abilities and characteristics. Throughout my graduate education at the University of Michigan (https://umich.edu/), I was advised by Prof. J. Alex Halderman (https://jhalderm.com/) and funded by an NSF Graduate Research Fellowship, the Post-9/11 GI Bill, Google ATAP, and others. My work has helped explain intelligence agencies' ability to defeat widely used cryptography (https://aaspring.com/ccs2015/imperfect-forward-secrecy-ccs15.pdf), identify and analyze the danger posed by common cryptographic shortcuts (https://aaspring.com/imc2016/crypto-shortcuts.pdf) used in the TLS protocol, and demonstrated the real-world potential of election interference by foreign actors (https://aaspring.com/ccs2014/ivoting-paper.pdf)through technical means. This research has been covered and cited by The Wall Street Journal (https://cacm.acm.org/news/187259-new-computer-bug-exposes-broad-security-flaws/fulltext), The Washington Post (https://www.washingtonpost.com/news/the-switch/wp/2014/05/13/how-russia-could-easily-hack-its-neighbors-elections/), ARS Technica (https://arstechnica.com/security/2015/05/https-crippling-attack-threatens-tens-of-thousands-of-web-and-mail-servers/), the Guardian (https://www.theguardian.com/technology/2014/may/12/estonian-e-voting-security-warning-european-elections-research), US-CERT (https://www.us-cert.gov/ncas/alerts/TA17-075A), NIST (https://nvd.nist.gov/vuln/detail/CVE-2015-4000), FBI Cyber Division (https://info.publicintelligence.net/FBI-PHI-FTP.pdf, Playboy (SFW) (https://web.archive.org/web/20180126034202/https://www.playboy.com/articles/technology-will-destroy-democracy).
Twitter: @_aaspring_
SpeakerBio:Richard DeMillo
Richard DeMillo is a professor at Georgia Tech’s School of Cybersecurity and Privacy. He holds the Charlotte B. and Roger C. Warren Chair in Computing at Georgia Tech. He is is also Managing Director of Gtatrium™, LLC, a subsidiary of Georgia Advanced Technology Ventures. He was formerly the John P. Imlay Dean of Computing and Director of the Georgia Tech Information Security Center. Positions he held prior to joining Georgia Tech, include: Chief Technology Officer for Hewlett-Packard, Vice President of Computing Research for Bell Communications Research, Director of the Computer Research Division for the National Science Foundation, and Director of the Software Test and Evaluation Project for the Office of the Secretary of Defense. He has also held faculty positions at the University of Wisconsin, Purdue University and the University of Padua, Italy. His research includes over 100 articles, books and patents in software and computer engineering, cryptography, cybersecurity, and theoretical computer science. In 1982, he wrote the first policy for testing software intensive systems for the US Department of Defense. DeMillo and his collaborators launched and developed the field of program mutation for software testing, which is today the standard technique for determining software test adequacy. He is a co-inventor of Differential Fault Cryptanalysis and holds the patent on applying DFA to break public key cryptosystems. His 1979 paper “Social Processes and Proofs of Theorems and Programs,” co-authored with Richard Lipton and Alan Perlis has been reprinted dozens of times and was recently cited as one of the 50 classic papers in the history of computer science. He currently works in the area of election and voting system security. His work has been cited in court cases, including a 2019 Federal Court decision declaring unconstitutional the use of paperless voting machines. He has served as a foreign election observer for the Carter Center and is a member of the State of Michigan Election Security Commission. He has served on boards of public and private cybersecurity and privacy companies, including RSA Security and SecureWorks. He has served on many non-profit and philanthropic boards including the Exploratorium and the Campus Community Partnership Foundation (formerly the Rosalind and Jimmy Carter Foundation). He is a fellow of both the Association for Computing Machinery and the American Association for the Advancement of Science. In 2010, he founded the Center for 21st Century Universities, Georgia Tech’s living laboratory for fundamental change in higher education. He served as Executive Director for ten years. He was named Lumina Foundation Fellow for his work in higher education. His book, Abelard to Apple: The Fate of American Colleges and Universities, (MIT Press, 2011) helped spark a national conversation about online education. A 2015 sequel, Revolution in Higher Education, also published by MIT Press, won the Best Education Book award from the American Association of Publishers. From 2015-2018, he co-chaired Georgia Tech’s Commission on Creating the Next in Education. The Commission’s report was released in 2018 and was awarded the awarded 2019 Achievement Award of the Association for Educational Communications and Technology. He received the ANAK Society’s Outstanding Faculty Member Award in 2016 for his work in service to students.
Twitter: @rad_atl
Description:
Join us for a timely and important discussion of the vulnerability of Dominion Voting Systems ImageCast X (ICX) ballot-marking devices, used in many states including Georgia--where there was extended illicit access to voting systems and software in 2021. (An ICX is available at Voting Village this year for researchers to explore.) In an unrebutted expert report filed in a federal suit seeking to compel the State of Georgia to reduce reliance on the ICX, Professors J. Alex Halderman and Drew Springall documented security vulnerabilities in the ICX that would allow votes to be altered. CISA issued a vulnerability advisory confirming the principal claims in that report. Dominion Voting Systems contracted with MITRE Corporation, a Federally Funded Contract Research and Development Center (FFRDC), to critique the Halderman/Springall report. Georgia election officials have cited the MITRE report in their decision to use unpatched versions of Dominion’s software in every precinct during the 2024 Presidential Election, despite CISA's warnings.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 14:30-15:15 PDT
Title: Contactless Overflow: Code execution in payment terminals and ATM’s over NFC
When: Saturday, Aug 12, 14:30 - 15:15 PDT
Where: Caesars Forum - Forum - 130-134 - Track 3 - Map
SpeakerBio:Josep Pi Rodriguez
, Principal Security Consultant at IOActive
Josep Pi Rodriguez is experienced in network penetration and web application testing, reverse engineering, industrial control systems, transportation, RF, embedded systems, AMI, vulnerability research, exploit development, and malware analysis. As a principal consultant at IOActive, Mr. Pi Rodriguez performs penetration testing, identifies system vulnerabilities, and researches cutting-edge technologies. Mr. Pi Rodriguez has performed security services and penetration tests for numerous global organizations and a wide range of financial, technical, and educational institutions. He has presented at international conferences including Defcon, Immunity infiltrate, Hack in Paris, Japan CCDS and Confidence Conference.
Twitter: @Josep_pi
Description:
We conducted a research to assess the current security of NFC payment readers that are present in most of the major ATM brands, portable point of sales, gas stations, vending machines, transportation and other kind of point of sales in the US, Europe and worldwide. In particular, we found code execution vulnerabilities exploitable through NFC when handling a special application protocol data unit (APDU) that affect most NFC payment vendors. The vulnerabilities affect baremetal firmware devices and Android/Linux devices as well.
After waiting more than 1 year and a half once we disclosed it to all the affected vendors, we are ready to disclose all the technical details to the public. This research was covered in the media by wired.com but without the technical details that we can share now
https://www.wired.com/story/atm-hack-nfc-bugs-point-of-sale/
Some of the affected vendors are:
IDtech - https://idtechproducts.com/
Ingenico - https://www.ingenico.com/
Verifone - https://www.verifone.com/
CPI - https://www.cranepi.com/
BBPOS - https://www.bbpos.com/
Wiseasy - https://www.wiseasy.com/
Nexgo - https://www.nexgoglobal.com/
In this presentation we will describe the vulnerabilities and also demo how the readers can be compromised, using a special Android app we created, by just tapping an Android phone to the reader. We will discuss the consequences such as financial impact in reader’s users/owners and card data stealing once the firmware is compromised. Also, we will show how to compromise the host that is connected to the reader through USB by manipulating the reader’s firmware, chaining stack buffer overflow vulnerabilities in the SDK provided by the vendor that is running in the host machine.
Finally, since one of the affected vendors (IDtech) is present in most ATM brands in the world, the talk will cover different scenarios of how possible can be jackpotting ATMs just tapping a smartphone into the reader of the ATM. We have many years of experience jackpotting all brands of ATMs in multiple different ways and we will show how this is technically possible.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 10:00-17:59 PDT
Title: Contest Area Open
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:No Description available
Return to Index - Add to
- ics Calendar file
CPV - Saturday - 16:00-17:59 PDT
Title: CPV Ten Year Anniversary Gathering
When: Saturday, Aug 12, 16:00 - 17:59 PDT
Where: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
SpeakerBio:CPV Staff
No BIO available
Description:
Come on over to join a full takeover of the CPV space, take cute selfies everywhere, and see all our old and new faces for a two hour celebration at CPV!!! We'll see what we can pull off.
We have speakers and microphones so we'll make usage of them, maybe we'll sort people by what year they joined us because it's fun, who knows? We just want to see everyone's lovely faces, we wish we could see you all more often! A group photo with people who want to be part of one perhaps?
Logistics: Sadly, we can't offer food or drink for many reasons including hotel. Eat beforehand or afterwards! We'll try to not demolish the CPV Stage chairs (too much) so talks can continue after.
Return to Index - Add to
- ics Calendar file
CPV - Saturday - 10:00-10:05 PDT
Title: CPV Welcome - Day 2
When: Saturday, Aug 12, 10:00 - 10:05 PDT
Where: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
SpeakerBio:CPV Staff
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-17:59 PDT
Title: CrackMeIfYouCan
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
The premiere password cracking contest "CrackMeIfYouCan" is back again. Passwords so two-thousand and late. Remember, remember, the cracks of November.
We're preparing hashes from easy to hard, so there'll be something for you if you want to compete casually as a Street team, or go all out in Pro.
Where we're going, we don't need roads. Purely a penchant for puzzles, perhaps a plethora of processors.
Check out past years' contests at https://contest.korelogic.com/ , and the Password Village at https://passwordvillage.org/
Return to Index - Add to
- ics Calendar file
WS - Saturday - 09:00-12:59 PDT
Title: Creating and uncovering malicious containers Redux (Pre-Registration Required)
When: Saturday, Aug 12, 09:00 - 12:59 PDT
Where: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
Speakers:Adrian "threlfall" Wood,David "digish0" Mitchell
SpeakerBio:Adrian "threlfall" Wood
, Dropbox
Adrian Wood, aka threlfall, discovered a love for hacking from cracking and modding video games and from the encouragement of online friends. He has worked as a red team consultant for WHITEHACK, a company he founded, and later as a lead engineer for an offensive research team at a US bank, where he was very interested in appsec, container security, CI/CD security and also founded their bug bounty program. He currently works for Dropbox, working on their red team. In his free time, he enjoys playing saxophone, working on vintage cars, and fly-fishing.
SpeakerBio:David "digish0" Mitchell
David Mitchell, aka digish0, started his hacking career as a script kiddie running 7th Sphere in mIRC in high school. Later falling in with some Linux/RedHat nerds at a local 2600 group at college while studying CS, etc. He got into Linux, started an IT career, later rediscovering his hacking script kiddie roots when a local hacker space opened up and shared members with a lockpicking group that worked in infosec as penetration testers, etc where he discovered he could get paid to do the things he liked doing in high school/college. He now works professionally as a red team member and cyber security researcher at a large financial institution. The rest of the time he spends being a dad/husband, trying not to get injured in Muay Thai/BJJ or mountain biking, and listening to either very expensive or very cheap vinyl.
Description:
Containers allow bad actors access to an excellent delivery mechanism for malware deployment in organizations, offering a wide variety of detection avoidance and persistence mechanisms. Fear not protectors, containers also offer ways to detect these, but can be fraught with challenges. Whether you're red, blue or just container curious this workshop is for you.
In this workshop, you will get hands-on with containers and kubernetes, - starting with introductory content - learning how they work, where and how to hide or find things, how to identify indicators of compromise, indicators of attack, and how to apply analysis to gain a deeper understanding of container malware and what is going on inside containers.
This workshop will utilize the Google Cloud Platform alongside command line operands and a small amount of open source tooling to learn both offensive and defense techniques on containers. By the end, you’ll have a solid mental model of how containers work, how they are managed and deployed, and be equipped with the ability to analyze container images, identify problems, attack container supply chains and identify familiar patterns. Ultimately, these skills will allow you to generate valuable insights for your organization’s defense or aid you in your next attack.
This course is designed to take you deep into the world of containers, making tooling like Kubernetes much more intuitive and easy to understand.There’s lots of labs which will be used to reinforce your learnings,in both attack and defense and the course comes with very detailed notes and instructions for setup which you can repeat on your own time. This course will provide references to scripts that make certain tasks easier, but we will be challenging you to learn the process and reasoning behind them rather than relying on automation.
Attendees will be provided with all the lab material used in the course in digital format, including labs, guides and virtual machine setup.
Skill Level: Beginner to Intermediate
Prerequisites for students:
- None! the class is well designed to allow those with little to no linux, kubernetes or cloud familiarity to follow along, but a basic familiarity with Linux and terminal will allow attendees to focus on the work.
Materials or Equipment students will need to bring to participate:
- A Google Cloud free tier account (basically a fresh gmail account)
- an internet connected computer
- We will send out instructions to attendees prior to the class, so they can be ready on the day.
Return to Index - Add to
- ics Calendar file
AIV - Saturday - 11:30-12:25 PDT
Title: Creative Misuse of AI Systems
When: Saturday, Aug 12, 11:30 - 12:25 PDT
Where: Caesars Forum - Academy - 401-406 - AI Village - Map
SpeakerBio:Eryk Salvaggio
No BIO available
Description:
In this panel, three artists from the Algorithmic Resistance Research Group (ARRG!) present creative work and workflows that emerged from attempts to crack AI black boxes open. Aligned with the hacker ethos of exploration, experimentation and creative misuse, this panel presents adversarial, ethical artmaking practices for artificial intelligence systems, including image synthesis and recognition. The panel includes three artists displayed in the AI Village Art Exhibition space: Steph Maj Swanson, creator of Loab, the viral "latent space cryptid," Eryk Salvaggio, an artist who revels in confusing AI systems into making images from error states; and Caroline Sinders, an artist and researcher who recontextualizes these systems into revealing underlying biases and potential harms.
This non-technical, but conceptual conversation offers up art alongside possible strategies. It will be of interest for hackers intrigued by the creative potential of these tools, but who may have ethical concerns or doubts about the way these tools are assembled, built, and deployed. The artists will share their work and offer insights into strategies and implications of creative misuse.
Return to Index - Add to
- ics Calendar file
IOTV - Saturday - 10:00-17:59 PDT
Title: Critical Infrastructure & IoT Exploitation
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Alliance - 307-310 - IOT Village - Map
Description:
Join for hands-on content and labs exploiting critical IoT and network infrastructure. Participate in initial public disclosure of new vulnerabilities with our team of experts, explore the 0-day development process, and power up your reverse engineering skills by "living off the land" like a pro using simple, free tools!Want to hack an Emergency Alert System unit, extract network traffic from recycled phone systems & routers, or exploit security controls in firewalls & proxies?
Bring a laptop, your favorite intercepting proxy, and a lot of caffeine.
Return to Index - Add to
- ics Calendar file
CPV - Saturday - 15:00-15:45 PDT
Title: Cryptosploit Workshop
When: Saturday, Aug 12, 15:00 - 15:45 PDT
Where: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
SpeakerBio:Matt Cheung
Matt Cheung started developing his interest in cryptography during an internship in 2011. He worked on implementation of a secure multi-party protocol by adding elliptic curve support to an existing secure text pattern matching protocol. Implementation weaknesses were not a priority and this concerned Matt. This concern prompted him to learn about cryptographic attacks from Dan Boneh's crypto 1 course offered on Coursera and the Matasano/cryptopals challenges. From this experience he has given workshops at the Boston Application Security Conference, BSidesLV, DEF CON, and the Crypto and Privacy Village.
Description:No Description available
Return to Index - Add to
- ics Calendar file
BTV - Saturday - 13:30-13:59 PDT
Title: CTH 101: Part III, IV, V
When: Saturday, Aug 12, 13:30 - 13:59 PDT
Where: Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: 101 Track (0x41) - Map
SpeakerBio:Cyb3rhawk
DE&TH
Description:
This CTH 101 session includes three modules.
Part III: Threat Hunting Techniques: A look into various hunting techniques.
Part IV: Case Studies and Labs: What we can learn from case studies and how to get started with labs.
Part V: Conclusion and Next Steps: Where to go next to learn more.
CTH 101: Threat Hunting Techniques, Case Studies and Labs, Conclusion and Next Steps
Return to Index - Add to
- ics Calendar file
BTV - Saturday - 10:30-11:30 PDT
Title: CTH: Log4j - The Silent Menace Among Us
When: Saturday, Aug 12, 10:30 - 11:30 PDT
Where: Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: Kill Chain Track (0x42) - Map
SpeakerBio:Cyb3rhawk
DE&TH
Description:
The recent Log4j vulnerability has been making headlines and causing significant harm to organizations that rely on Apache Log4j for logging. In this talk, we'll go beyond the headlines and provide a deep dive into threat hunting techniques and their application in detecting vulnerabilities like Log4j. We'll start with the basics of threat hunting and how it can help you stay ahead of emerging threats. From there, we'll explore the technical details of the Log4j vulnerability, including its nature, impact, and how it can be exploited. You'll learn how to analyze and respond to security threats through real-world examples of threat hunting in action. We'll provide hands-on labs that give you the experience you need to implement these techniques in your own organization. Whether you're a security analyst, engineer, or manager, this talk will provide valuable insights into threat hunting and enable you to stay ahead of emerging threats. Join us on this technical journey into the unknown with "Log4j: The Silent Menace Among Us.
The recent Log4j vulnerability has been making headlines and causing significant harm to organizations that rely on Apache Log4j for logging. In this talk, we'll go beyond the headlines and provide a deep dive into threat hunting techniques and their application in detecting vulnerabilities like Log4j.
Return to Index - Add to
- ics Calendar file
ICSV - Saturday - 11:30-11:59 PDT
Title: Cyber-Physical Detection and Response: A new Paradigm in IACS Monitoring and Security
When: Saturday, Aug 12, 11:30 - 11:59 PDT
Where: Caesars Forum - Alliance - 313-319 - ICS Village - Map
SpeakerBio:Ryan Heartfield
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
DC - Saturday - 10:00-11:45 PDT
Title: D0 N0 H4RM: A Healthcare Security Conversation
When: Saturday, Aug 12, 10:00 - 11:45 PDT
Where: Harrah's - Nevada Ballroom - Lake Tahoe & Reno - War Stories - Off the Record - Map
Speakers:Christian "quaddi" Dameff,Jacqueline Burgette,Jeff "r3plicant" Tully,Mark Warner,Nitin Natarajan,Suzanne Schwartz
SpeakerBio:Christian "quaddi" Dameff
, Physician & Medical Director of Cyber Security at The University of California San DiegoMD
Christian (quaddi) Dameff MD is an Assistant Professor of Emergency Medicine, Biomedical Informatics, and Computer Science (Affiliate) at the University of California San Diego. He is also a hacker, former open capture the flag champion, and prior DEF CON/RSA/Blackhat/HIMSS speaker. Published works include topics such as therapeutic hypothermia after cardiac arrest, novel drug targets for myocardial infarction patients,and other Emergency Medicine related works. Published security research topics including hacking critical healthcare infrastructure,medical devices and the effects of malware on patient care. This is his nineteenth DEF CON.
SpeakerBio:Jacqueline Burgette
, White House Fellow at The Office of National Cyber Director (ONCD)PhD DMD
Jacqueline Burgette DMD PhD is a White House Fellow at the Office of the National Cyber Director. Jacqueline is a clinician, educator, health policy expert and researcher working at the forefront health and cybersecurity. Jacqueline earned her DMD from the Harvard School of Dental Medicine as a Presidential Scholar and Ph.D. in Health Policy and Management from the University of North Carolina. She served on the faculty at the University of Pittsburgh where she led multi site studies that amplified the voices of vulnerable families to improve child health in Appalachia. As an expert in health services and highly-published author, she brings her systems perspective and data-driven approach to achieve cross-agency priorities in health and cybersecurity for the Federal government.
SpeakerBio:Jeff "r3plicant" Tully
, Anesthesiologist at The University of California San DiegoMD
Jeff (r3plicant) Tully is a security researcher with an interest in understanding the ever growing intersections between healthcare and technology. His day job focuses primarily on the delivery of oxygen to tissues.
SpeakerBio:Mark Warner
, Virginia Senator and Chair of the US Cybersecurity Caucus
Sen. Warner was elected to the U.S. Senate in November 2008 and reelected to a third term in November 2020. He serves as Chairman of the Select Committee on Intelligence and as a member of the Senate Finance, Banking, Budget, and Rules Committees. He also co-chairs the Senate Cybersecurity Caucus. From 2002 to 2006, he served as Governor of Virginia. He has served as a key author and negotiator of several pieces of critical legislation aimed at rebuilding our nation’s infrastructure, improving cybersecurity, restoring domestic manufacturing, protecting national security, rebounding from the COVID-19 crisis, and investing in under served and underbanked communities.
SpeakerBio:Nitin Natarajan
, Deputy Director at Cybersecurity and Infrastructure Security Agency (CISA)
Nitin Natarajan serves as the Deputy Director for the Cybersecurity and Infrastructure Security Agency (CISA). Prior to joining CISA, Natarajan served in a variety of public and private sector positions spanning over 30 years. Natarajan also held a number of federal government roles to include Deputy Assistant Administrator at the U.S. Environmental Protection Agency, the Director of Critical Infrastructure Policy at the White House/National Security Council, and as a Director at the U.S. Health and Human Services overseeing healthcare and public health programs. At the beginning of his career, Natarajan spent 13 years as a first responder in New York, which included service as a flight paramedic. He was the Commander of a federal medical response team, based in New York, and has extensive experience deploying to natural and man-made disasters throughout the nation. He holds an under graduate degree from the State University of New York and a graduate degree from the United States Naval Postgraduate School.
SpeakerBio:Suzanne Schwartz
, Director of the Office of Strategic Partnerships and Technology Innovation (OST) at FDA’s Center for Devices and Radiological Health (CDRH)MD
Suzanne B. Schwartz, MD, MBA is the Director of the Office of Strategic Partnerships and Technology Innovation (OST) at FDA’s Center for Devices and Radiological Health (CDRH).
Suzanne’s work in medical device cybersecurity includes policy development, educating, outreach, partnering and coalition-building within the Healthcare and Public Health Sector (HPH) as well as fostering collaborations and coordinating incident response across other government agencies and the private sector. Suzanne has been recognized for Excellence in Innovation at FDA’s Women’s History Month for her work in Medical Device Cybersecurity. She also received the 2021 Routhy Award from the H-ISAC for her leadership in cybersecurity in healthcare, especially during the COVID-19 pandemic. Together with Health Canada, Suzanne has represented FDA in co-chairing the International Medical Device Regulators Forum (IMDRF) Work Group on Medical Device Cybersecurity leading to its first international guidance publication in March 2020 and two subsequent guidance publications - - one on software bill of materials and one on cybersecurity management of legacy medical devices. She has additionally served as co-chair of the Government Coordinating Council (GCC) for the HPH Critical Infrastructure Sector, focusing on the sector’s healthcare cybersecurity initiatives.
Suzanne earned an MD from Albert Einstein College of Medicine; an executive MBA from NYU Stern School of Business, completed Cohort X of the National Preparedness Leadership Initiative – Harvard School of Public Health & Harvard Kennedy School of Government executive education, and earned in September 2018 a certificate of mastery for completion of requirements at the Federal Executive Institute – Leadership for a Democratic Society.
Description:
In 2016 a bunch of hackers took a break from DEF CON festivities to gather in a hotel room with a bathtub full of beer and talk about shared interests in a brave new world of connected healthcare. Trailblazers were popping pacemakers and pharmaceutical pumps, and we worried that instead of embracing such efforts as opportunities to make tech safer for patients, folks in charge would repeat mistakes of the past and double down on the status quo.
Fast forward to the 2022 passage of the Omnibus spending bill- the FDA is now locked and loaded with expanded authority to regulate cybersecurity requirements for medical devices. What changed? Keanu voice: “Policy. Lots of Policy.” Turns out when we get in with the right people, hackers can help get things done. This is the core of Policy @ DEFCON.
Challenges persist. We now have threats from state actors and ransomware blasts delaying lifesaving medical care while costing hospitals hundreds of millions of dollars they don’t have (been in an ER lately?). So once again, come join quaddi and r3plicant, your favorite ripper docs, for another round of D0 No H4rm- this time with special guests from Congress, FDA, and the White House as we figure out what policy patches have the best chance to save lives.
It starts here, in rooms like this, with hackers like you. And it ends with us changing the world.
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-16:30 PDT
Title: Darknet-NG
When: Saturday, Aug 12, 10:00 - 16:30 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
Darknet-NG is an In-Person Massively Multiplayer Online Role Playing Game (MMO-RPG), where the players take on the Persona of an Agent who is sent on Quests to learn real skills and gain in-game points. If this is your first time at DEF CON, this is a great place to start, because we assume no prior knowledge. Building from basic concepts, we teach agents about a range of topics from Lock-picking, to using and decoding ciphers, to Electronics 101, just to name a few, all while also helping to connect them to the larger DEF CON Community. The "Learning Quests" help the agent gather knowledge from all across the other villages at the conference, while the "Challenge Quests" help hone their skills! Sunday Morning there is a BOSS FIGHT where the Agents must use their combined skills as a community and take on that year's challenge! There is a whole skill tree of personal knowledge to obtain, community to connect with and memories to make! To get started, check out our site https://darknet-ng.network and join our growing Discord Community!
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-16:59 PDT
Title: DC Kubernetes Capture the Flag (CTF)
When: Saturday, Aug 12, 10:00 - 16:59 PDT
Where: Virtual
Description:
The DEF CON Kubernetes Capture the Flag (CTF) contest features a Kubernetes-based CTF challenge, where teams and individuals can build and test their Kubernetes hacking skills. Each team/individual is given access to a single Kubernetes cluster that contains a set of serial challenges, winning flags and points as they progress. Later flags pose more difficulty, but count for more points.
A scoreboard tracks the teams’ current and final scores. In the event of a tie, the first team to achieve the score wins that tie.
Return to Index - Add to
- ics Calendar file
MISC - Saturday - 13:00-14:59 PDT
Title: DC’s Next Top Threat Model (DCNTTM) - BYODesign Presentation
When: Saturday, Aug 12, 13:00 - 14:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
Practice threat modeling on your own design! Be prepared to show off your design and take feedback/findings!
Registration required, come by our booth on Friday to sign up for a slot.
Return to Index - Add to
- ics Calendar file
MISC - Saturday - 10:00-11:59 PDT
Title: DC’s Next Top Threat Model (DCNTTM) - Kids - Learn Threat Modeling
When: Saturday, Aug 12, 10:00 - 11:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
Want to teach your kid threat modeling? Are you new, yourself?
Stop by our booth, learn what threat modeling is, and get some practice with an introductory non-technical scenario.
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-17:59 PDT
Title: DC’s Next Top Threat Model (DCNTTM)
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
Threat Modeling is arguably the single most important activity in an application security program and if performed early can identify a wide range of potential flaws before a single line of code has been written. While being so critically important there is no single correct way to perform Threat Modeling, many techniques, methodologies and/or tools exist.
As part of our challenge we will present contestants with the exact same design and compare the outputs they produce against a number of categories in order to identify a winner and crown DEF CON’s Next Top Threat Model(er).
Return to Index - Add to
- ics Calendar file
SOC - Saturday - 10:00-17:59 PDT
Title: DCG Meetups
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Harrah's - Silver - DEF CON Groups - Map
Description:No Description available
Return to Index - Add to
- ics Calendar file
DCGVR - Saturday - 20:05-20:10 PDT
Title: DCGVR Closing
When: Saturday, Aug 12, 20:05 - 20:10 PDT
Where: Virtual
Description:No Description available
Return to Index - Add to
- ics Calendar file
MISC - Saturday - 10:00-16:59 PDT
Title: DDV open and accepting drives for duplication
When: Saturday, Aug 12, 10:00 - 16:59 PDT
Where: Caesars Forum - Summit - 231 - Data Dupe Vlg - Map
Description:
We start taking drives at 4:00pm local time on Thursday - possibly a little earlier. We reopen at 10:00am on Friday, Saturday, and Sunday.
We'll keep accepting drives until we reach capacity (usually late Friday or early Saturday). Then we copy and copy all the things until we just can't copy any more - first come, first served. We run around the clock until we run out of time on Sunday morning with the last possible pickup being before 11:00am on Sunday.
Most of the drive information can be found [here](https://dcddv.org/dc31-drive-info). If you have questions that have not yet been answered, you can email [info@dcddv.org](mailto:info@dcddv.org), or visit the [DEF CON Forums](https://forum.defcon.org/node/244903).
Return to Index - Add to
- ics Calendar file
BTV - Saturday - 10:30-11:30 PDT
Title: DE: Breaking the Rule
When: Saturday, Aug 12, 10:30 - 11:30 PDT
Where: Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: 101 Track (0x41) - Map
SpeakerBio:Oldmonk
Intrusion detection, analytics, packet forensics, security engineering and product engineering. 20+ years of being an entrepreneur building teams, solving big challenges.
Description:
This is a 101 track that takes you through the various aspects of detection engineering and a practitioners process of writing threat content. Its a great place to start for engineers and enthusiasts that might be exploring detection engineering as a career path.
The what, how and process of detection engineering.
Return to Index - Add to
- ics Calendar file
BTV - Saturday - 11:30-12:30 PDT
Title: DE: Building a Detection Alert From a Threat Hunt
When: Saturday, Aug 12, 11:30 - 12:30 PDT
Where: Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: Kill Chain Track (0x42) - Map
SpeakerBio:kobaltfox
TODO
Description:
.
A review of the detection engineering cycle and a walkthrough taking a threat hunt report and building a SIEM alert.
Return to Index - Add to
- ics Calendar file
CON - Saturday - 14:00-15:59 PDT
Title: DEF CON 31 Beard and Mustache Contest
When: Saturday, Aug 12, 14:00 - 15:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
Held every year since DEF CON 19 in 2011 (R.I.P. Riviera), (Except during that COVID thing - but we are not going to talk about that COVID thing), the DEF CON Beard and Mustache Contest highlights the intersection of facial hair and hacker culture.
For 2023 there will be three categories for the competition:
- Full beard: Self-explanatory, for the truly bearded.
- Partial Beard or Mustache only (combined this year): For those sporting Van Dykes, Goatees, Mutton Chops, and other partial beard styles -or- Mustache only: Judging on the mustache only, even if bearded. Bring your Handlebars, Fu Manchus, or whatever adorns your upper lip.
- Freestyle: Anything goes, including fake and creatively adorned beards. Creative women often do well in the Freestyle category.
Return to Index - Add to
- ics Calendar file
MISC - Saturday - 14:00-14:59 PDT
Title: DEF CON Chess Kids Free-Play
When: Saturday, Aug 12, 14:00 - 14:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
Kids free play chess for an hour before the main chess tournament (which is also kid friendly). Kids open play is 14:00 to 15:00 Saturday, forum contest area.
Return to Index - Add to
- ics Calendar file
CON - Saturday - 15:00-17:59 PDT
Title: DEF CON Chess Tournament
When: Saturday, Aug 12, 15:00 - 17:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
Twitter: @defconchess
For early registration, please send your name and rating to: defconchess@gmail.com
Chess, computers, and hacking go way back. In the 18th century, the Mechanical Turk appeared to play a good game, but there was a human ghost hiding in the shell. Some of the first computer software was written to play chess. In 1997, world champion Garry Kasparov lost to the program Deep Blue, but after the match he accused IBM of cheating, alleging that only a rival grandmaster could have made certain moves.
At DEF CON 31, we will run a human chess tournament. The games will have a “blitz” time control of 5 minutes on each player’s clock, for a maximum total game time of 10 minutes. The tournament will have a Swiss-system format, with a fixed number of rounds. The match pairing for each round is done after the previous round has ended, and depends on its results. Each player is paired with another player who has a similar running score.
To determine the winner, the Swiss system is considered highly effective, even when there is a large number of competitors and a small number of rounds. Every player gets to play the full tournament, and the winner has the highest aggregate score when all rounds are over.
There will be trophies and prizes for the top three players.
The tournament mechanics will be managed by the Las Vegas Chess Center (LVCC), which has many years of experience in organizing royal game tournaments for all strength levels and ages. LVCC has professional coaches, and grandmasters are frequent visitors.
Max players: 100. In order to crown the best chess player at DEF CON, we will register the highest-rated players first.
Return to Index - Add to
- ics Calendar file
DCGVR - Saturday - 10:00-10:30 PDT
Title: DEF CON Groups Keynote
When: Saturday, Aug 12, 10:00 - 10:30 PDT
Where: Virtual
SpeakerBio:Jayson E. Street
No BIO available
Twitter: @jaysonstreet
Description:No Description available
Return to Index - Add to
- ics Calendar file
SOC - Saturday - 19:30-21:59 PDT
Title: DEF CON Kids Party
When: Saturday, Aug 12, 19:30 - 21:59 PDT
Where: Caesars Forum - Forum - 131-133 - Map
Description:
Party with other DEF CON kids. Enjoy some music, and some good conversation with other DEF CON kids!
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-17:59 PDT
Title: DEF CON Scavenger Hunt
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
Are you tired of being an NPC, mindlessly standing in line at a hacker con? Do you want to be involved and improve the hacker community? The DEF CON Scavenger Hunt is here to encourage you to interact with goons and attendees alike; to be an active participant of DEF CON itself.
Come visit the DEF CON Scavenger Hunt table in the contest area and get a list, register your team of 1 to 5 players, and gather or accomplish as many items from the list as you can. Items are submitted at the table, better than average submissions shall be awarded bonus points. The team who turns in the most points by Sunday at noon will win the admiration of your like-minded peers.
The DEF CON Scavenger Hunt is one of the longest running contests at DEF CON, visit https://defconscavhunt.com for a history lesson.
If you capture pictures or video of items from our list, or have in the past, please send them to us via email scavlist@gmail.com.
--
The scavenger hunt list is open to interpretation and we are not responsible for how list items are interpreted. We have had a number of pre-teens and teenagers play the scavenger hunt over the years, primarily with their parents but occasionally alone. The team that won at DC24 included a teenager with their parents. Parental Guidance Recommended.
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-17:59 PDT
Title: DEFCON MUD DUMB TERMINAL EDITION
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
The DEFCON MUD is back, this time you can only access it over dumb terminals or serial terminals hosted by the DEFCON SCAV Hunt. Flags will be hosted inside the mud, good luck, have fun, and oh yes the game has exploits, can you find them all?
--
Rated PG-13.
Return to Index - Add to
- ics Calendar file
MISC - Saturday - 06:00-11:59 PDT
Title: Defcon.run
When: Saturday, Aug 12, 06:00 - 11:59 PDT
Where: Other/See Description
Description:
IF the future is coming and it is! Then you're going to need to run! Get started at defcon.run!
Defcon.run is an evolution of the now long running Defcon 4x5K running event. But now it's bigger and more fun! Due to stupendous growth, we’ve been forced to change up the format. This year's activity will look to match up folks for fun runs, and rucks (!), in smaller distributed groups around Las Vegas. It’s the same old event but at a distributed scale! Show up in the morning to beat the heat, go for a run with folks, have a good time!
We’ll have a full set of routes for people to choose from from simple 5Ks to more ambitious distances.
You can register to log your distance, we'll have a leader board, and shenanigans! Full Information at https://defcon.run
Interested parties should rally at Harrah's Goldfield at 06:00, but be sure to check [defcon.run](https://defcon.run) for any updates.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 10:00-10:45 PDT
Title: Defeating VPN Always-On
When: Saturday, Aug 12, 10:00 - 10:45 PDT
Where: Caesars Forum - Academy - 407-410 - Track 4 - Map
SpeakerBio:Maxime Clementz
, Cybersecurity Senior Manager at PwC Luxembourg
Maxime Clementz is a Senior Manager within the Cybersecurity Advisory team of PwC Luxembourg. He develops his ethical hacker skills by committing himself to various assignments for big companies, banks and European institutions. As a technical specialist, he leads penetration tests, red-teaming, digital forensics and incident response missions.
He contributes to the development of the team’s hacking capabilities by sharing the results of his technology watch and R&D and is now leading the CSIRT and Threat Intelligence initiatives of PwC Luxembourg. He especially enjoys sharing knowledge by presenting the results of each mission or by giving talks (Hack.lu 2012, 2015, 2017) and training courses. Maxime teaches IT security at a French engineering school and organizes a Capture the Flag event for the students.
Twitter: @maxime_tz
Description:
VPN Always-On is a security control that can be deployed to mobile endpoints that remotely access corporate resources through VPN. It is designed to prevent data leaks and narrow attack surface of enrolled end-user equipment connected to untrusted networks. When it is enforced, the mobile device can only reach the VPN gateway and all connections are tunneled.
We will review the relevant Windows API, the practicalities of this feature, look at popular VPN software; we will then consider ridiculously complex exfil methods and... finally bypass it with unexpectedly trivial tricks. We will exploit design, implementation and configuration issues to circumvent this control in offensive scenarios. We will then learn how to fix or harden VPN Always-On deployment to further limit the risks posed by untrusted networks.
- REFERENCES
VPN on untrusted networks, captive portals:
- ANSSI (France) Recommandations sur le nomadisme numérique ("3.4.3 Maîtrise des flux réseaux sur le poste de travail"): https://www.ssi.gouv.fr/uploads/2018/10/guide_nomadisme_anssi_pa_054_v1.pdf (I will translate the relevant part in my slide)
Understanding "Windows Filtering Platform":
- Microsoft documentation : https://learn.microsoft.com/en-us/windows/win32/fwp/windows-filtering-platform-start-page
- Pavel Yosifovich : https://scorpiosoftware.net/2022/12/25/introduction-to-the-windows-filtering-platform/
- Pavel Yosifovich : https://github.com/zodiacon/WFPExplorer
- Sagie Dulce : https://github.com/zeronetworks/wtf-wfp
Reverse Engineering of Windows Filtering Platform and its implementation in Windows VPN agents:
- Ole André V. Ravnas - https://frida.re/
- James Forshaw - https://github.com/googleprojectzero/sandbox-attacksurface-analysis-tools/tree/main/NtObjectManager
Return to Index - Add to
- ics Calendar file
VMV - Saturday - 14:30-15:20 PDT
Title: Defense Community
When: Saturday, Aug 12, 14:30 - 15:20 PDT
Where: Caesars Forum - Academy - 415-418 - Voting Village - Map
Speakers:Brian Stearns,Charles Smith,Eric Davis,Glenn Borskey,Jon A.
SpeakerBio:Brian Stearns
Brian C. Stearns has 25 years of experience across the public and private sector in technical instruction, systems engineering, information security, digital forensics, and secure communications. Brian founded the Institute for Secure Activism to support activists, organizers, and protesters who advocate for LGBTQ+, BIPOC, and other marginalized communities. Brian is also a senior Signature Management instructor with Ridgeline International and the director of Ridgeline's Signature Validation Lab. Prior to his current positions Brian spent 15 years supporting US government global counterterrorism operations as a tactical digital forensic collection and targeting specialist.
SpeakerBio:Charles Smith
Charles Smith is a cybersecurity researcher at Johns Hopkins University Applied Physics Lab (JHU/APL), where he focuses on the intersection of cyber and information operations and their impact on national security. Charles spent the first fourteen years of his career as an officer in the U.S. Army, and the recipient of numerous awards and badges including the Ranger Tab, Combat Infantry Badge, and Purple Heart. He deployed five times as both an infantry officer and intelligence officer to Iraq and Afghanistan, and was selected to serve as an intelligence officer for the 2nd Battalion, 75th Ranger Regiment. His served his last four years in uniform at US Cyber Command, where he led intelligence support to the defense of the 2020 elections. Prior to joining JHU/APL, Charles also worked at Twitter on trust and safety response to crises. Charles holds a bachelor’s of science in Business Administration from Bucknell University, and a Masters of Strategic Intelligence from National Intelligence University.
SpeakerBio:Eric Davis
Eric Davis has safeguarded brands, platforms, and billions of users from bad ads, bad apps, and other machinations of malefactors across global policy, product, and engineering functions. A frequent consultant and advisor across civic and private sectors on Trust & Safety, Privacy, and Security issues, Eric is a founding advisor to the Trust & Safety Professional Association, and a member of the Integrity Institute’s Elections Integrity Working Group, which publishes a series of best practices and resources guides for tech platforms contending with disinformation and other issues impacting elections integrity. Previously, Eric was the former Chief Privacy and Policy Officer and global trust & safety lead at Bigo, a live streaming and short form video social media platform with over 200M users globally. Prior to Bigo, he was Senior Director for Product Management at Lifelock (acquired by Symantec), prototyping new consumer products, leading AppSec, and leading product strategy for GDPR and other privacy regulations globally. Prior to Symantec, Eric spent 13 years at Google, where he founded Google’s first Trust & Safety team, Anti-Malvertising program, and the Android Security Operations and Intel team in addition to his other product policy and public policy leadership roles. Earlier in his career, he was the charter International Product Manager for Trust & Safety at eBay.
Twitter: @ericdavis
SpeakerBio:Glenn Borskey
Glenn Borsky is a strategic cyber threat intelligence analyst who’s area of research is in cyber threat and cognitive security. He brings experience developing cybersecurity strategies for senior leadership and executive level audiences. His main area of interest is in countering mis/disinformation and cyber enabled cognitive warfare.
Twitter: @GlennBorsky
SpeakerBio:Jon A.
No BIO available
Description:
This panel explores the pivotal role of technology in shaping voter outcomes, drawing insights from the perspectives of the defense community. The discussion delves into how various technological advancements, including data analytics, digital marketing, and cybersecurity, influence the democratic process. By assessing the role of technology in shaping voter engagement, perception, and decision-making, the panel seeks to deepen our understanding of the evolving dynamics between technology and democratic governance. The aim is to generate informed discussions and policy considerations to preserve the integrity and fairness of democratic elections. Join us for an illuminating session as we uncover the opportunities and challenges presented by technological interventions in the electoral landscape.
Return to Index - Add to
- ics Calendar file
VMV - Saturday - 14:40-15:30 PDT
Title: Democracy, Are You Citizen Or Subject?
When: Saturday, Aug 12, 14:40 - 15:30 PDT
Where: Caesars Forum - Academy - 415-418 - Voting Village - Map
SpeakerBio:Kendall Spencer
Kendall Spencer is an associate in the Intellectual Property Department. Kendall is based in the Boston office where he is a member of the Technology Transactions, Cybersecurity, and Privacy Practice Group. In his previous position as a law clerk, Kendall specialized in Complex Litigation. He also has a strong focus on technology law. Kendall has advised on blockchain technology integration, researched blockchain voting regulations, and investigated the use of blockchain technology to create a database of information on its advantages and efficacy. Additionally, he assisted in drafting an article regarding data privacy issues within real estate law. Kendall serves as a member of the Executive Leadership Team with the National Governing Body of USA Track and Field (USATF), as well as a board member with the National Collegiate Athletic Association (NCAA). As a professional athlete on the U.S. Olympic Team, he has earned accolades such as USA Indoor Bronze Medalist, NCAA National Champion, on top of serving as a USA Track and Field board member.
Twitter: @Kspencer24
Description:
What does it mean to be an American today? In a world where innovation outpaces regulatory progress; principles of law, technology, and policy collide to create a nation of unprecedented conflict. But when it’s all said and done what is left of our Democracy? Institutions structured to protect our democratic way of life such as voting and the vehicles used to carry out voting have become increasingly difficult to protect. Yet, those most effected are often too inundated with every day life to engage in activity likely to contribute to meaningful change. Maybe democracy has become too hard to uphold, or maybe it’s become too hard to be an American.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 10:00-10:45 PDT
Title: Demystifying (& Bypassing) macOS's Background Task Management
When: Saturday, Aug 12, 10:00 - 10:45 PDT
Where: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
SpeakerBio:Patrick Wardle
, Objective-See Foundation
Patrick Wardle is the creator of the non-profit Objective-See Foundation, author of the “The Art of Mac Malware” book series, and founder of the "Objective by the Sea" macOS Security conference.
Having worked at NASA and the NSA, as well as presenting at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy.
Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0days, analyzing macOS malware, and writing books and free open-source security tools to protect Mac users.
Twitter: @patrickwardle
Description:
To retain a foothold on an infected system, most Mac malware will persist; installing itself in a manner that ensures it will be automatically (re)launched each time the infected system is rebooted.
In macOS Ventura, Apple's rearchitected core persistence mechanisms and added a new security mechanism that alerts the user any time an item is persisted. As the former is both undocumented and implemented in a proprietary manner this poses a problem for existing security and forensics tools (that aim to heuristically detect malware via unauthorized persistence events). On the other hand, the latter is problematic to malware authors, who obviously want their malicious creations to persist without an alert being shown to the user.
In this talk, we'll indiscriminately provide solutions for all! First, we'll dive into the internals of macOS's Background Task Management (BTM) which, as we'll see, contains a central (albeit proprietary) repository of persistent items. Armed with this information, we'll release open-source code capable of programmatically enumerating all persistent items from BTM, ensuring security and forensics tools regain compatibility. We'll also highlight design weaknesses that malicious code could trivially employ to sidestep the new security features of BTM, such that persistence may still be silently achieved.
- REFERENCES
- https://piunikaweb.com/2023/01/30/macos-13-ventura-background-items-added-notification-issue/
https://www.sentinelone.com/blog/apples-macos-ventura-7-new-security-changes-to-be-aware-of/
Apple Documentation:
https://support.apple.com/guide/deployment/manage-login-items-background-tasks-mac-depdca572563/web
Return to Index - Add to
- ics Calendar file
TCV - Saturday - 16:00-17:59 PDT
Title: Diameter CTF
When: Saturday, Aug 12, 16:00 - 17:59 PDT
Where: Flamingo - Virginia City - Telecom Village - Map
Speakers:Akib Sayyed,Zibran Sayyed
SpeakerBio:Akib Sayyed
, Director at Matrix Shell Technologies Prviate Limited
No BIO available
SpeakerBio:Zibran Sayyed
, Sr. Security Consultant Telecom
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
TCV - Saturday - 11:00-12:59 PDT
Title: Diameter Workshop
When: Saturday, Aug 12, 11:00 - 12:59 PDT
Where: Flamingo - Virginia City - Telecom Village - Map
Speakers:Akib Sayyed,Zibran Sayyed
SpeakerBio:Akib Sayyed
, Director at Matrix Shell Technologies Prviate Limited
No BIO available
SpeakerBio:Zibran Sayyed
, Sr. Security Consultant Telecom
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
TCV - Saturday - 14:30-15:59 PDT
Title: Diameter Workshop
When: Saturday, Aug 12, 14:30 - 15:59 PDT
Where: Flamingo - Virginia City - Telecom Village - Map
Speakers:Akib Sayyed,Zibran Sayyed
SpeakerBio:Akib Sayyed
, Director at Matrix Shell Technologies Prviate Limited
No BIO available
SpeakerBio:Zibran Sayyed
, Sr. Security Consultant Telecom
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
WS - Saturday - 14:00-17:59 PDT
Title: Digital Forensics and Incident Response Against the Digital Darkness: An Intro to Forensicating Evil (Pre-Registration Required)
When: Saturday, Aug 12, 14:00 - 17:59 PDT
Where: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
Speakers:Michael "S3curityNerd" Register,Michael "mR_F0r3n51c5" Solomon
SpeakerBio:Michael "S3curityNerd" Register
Michael Register, known as S3curityNerd, with 7 years of combined experience in IT, Networking, and Cybersecurity. He holds multiple certifications and actively conducts post-exploitation research to enhance threat hunting operations.
SpeakerBio:Michael "mR_F0r3n51c5" Solomon
Michael Solomon, also known as mR_F0r3n51c5, is a Threat Hunter with over 12 years of experience in Cyber Operations, Digital Forensics & Incident Response (DFIR), and Threat Hunting. His passion lies in helping to shape the next generation of cybersecurity analysts for a safer tomorrow.
Description:
Are you ready to step into the shoes of a cybersecurity or incident response analyst? Whether you're new to investigation or looking to take your analysis skills to the next level, we've got an exciting opportunity for you! Join mR_F0r3n51c5 and S3curityNerd for a four-hour class that will take you on a journey through the world of malware analysis and investigation.
In today's ever-evolving threat landscape, malware continues to be a weapon of choice for various types of threat actors. Our class leverages forensic and malware analysis fundamentals to teach students how to investigate a compromised Windows system. To ensure the most up-to-date learning experience, the class authors have carefully selected fresh malware samples trending in 2023.
By the end of this class, you'll have the skills to:
- Build analysis skills that leverage complex scenarios and improve comprehension
- Practically acquire data in a forensically sound manner
- Identify common areas of malware persistence
- Gather evidence and create a timeline to characterize how the system was compromised
- Participate in a hand-to-keyboard combat capstone where you'll be given an image of a compromised Windows system and demonstrate your newly acquired analysis skills.
Don't miss this opportunity to gain hands-on experience and take your analysis skills to the next level. Join us and discover the exciting world of forensic analysis and investigation!
Skill Level: Intermediate
Prerequisites for students:
- Not defined
Materials or Equipment students will need to bring to participate:
- Students will be required to download material (e.g., Virtual Machine). Students will be given a URL for download access.
- Regarding the downloaded virtual machines, these should be imported into your virtual machine software and ready before the start of class. If any additional technical support is needed, the instructors will make themselves available online.
- Students must have a laptop that meets the following requirements:
- A 64-bit CPU running at 2GHz or more. The students will be running one virtual machine on their host laptop.
- Have the ability to update BIOS settings. Specifically, enable virtualization technology such as "Intel-VT."
- The student must be able to access their system's BIOS if it is password protected. This is in case of changes being necessary.
- 8 GB (Gigabytes) of RAM or higher
- At least one open and working USB Type-A port
- 50 Gigabytes of free hard drive space, allowing you the ability to host the VMs we distribute
- Students must have Local Administrator Access on their system.
- Wireless 802.11 Capability
- A host operating system that is running Windows 10+, Linux, or macOS 10.4 or later.
- Virtualization software is required. The supplied VMs have been built for out-of-the-box comparability with VMWare Workstation or Player. Students may use other software if they choose, but they may have to troubleshoot unpredictable issues. Instructors cannot guarantee compatibility with all virtualization software suites. At a minimum, the following VM features will be needed:
- NATted networking from VM to Internet
- Copy and Paste of text and files between the Host machine and VM
Return to Index - Add to
- ics Calendar file
APV - Saturday - 11:45-12:30 PDT
Title: Discovering Shadow Vulnerabilities in Popular Open-Source Projects: A Reverse-Fuzzing Journey
When: Saturday, Aug 12, 11:45 - 12:30 PDT
Where: Flamingo - Savoy - AppSec Village - Main Stage - Map
Speakers:Gal Elbaz,Guy Kaplan
SpeakerBio:Gal Elbaz
Co-founder & CTO at Oligo Security with 10+ years of experience in vulnerability research and practical hacking. He previously worked as a Security Researcher at CheckPoint and served in the IDF Intelligence. In his free time, he enjoys playing CTFs.
Twitter: @GalElbaz1
SpeakerBio:Guy Kaplan
Guy Kaplan is a Security Researcher in the CTO Office of Oligo Security with more than a decade of experience in software development and vulnerability research.
Twitter: @gkpln3
Description:
In a world full of vulnerabilities, there is an untold story of those libraries that are insecure by design. For example, libraries that by using them in a certain way, the application could be compromised. Not all libraries' security issues are treated as vulnerabilities and addressed with a patch or CVE, hence addressed with minor documentation warnings at best. These vulnerabilities pose a significant risk to organizations as they are nearly impossible to detect, we named them "Shadow Vulnerabilities".
We discovered a new shadow vulnerable code pattern in a widely used OSS library and wondered who might be vulnerable.
We developed a tool that automatically analyzed more than 100k repositories to determine whether each repository is vulnerable and prioritized them based on their potential to create vast damage. We were able to validate the exploitability of hundreds of high-profile targets such as Apache Cassandra, Prometheus, PyTorch, and many more…
In this presentation, we will review the discovered vulnerabilities, and discuss the challenges of scaling the triage, validating exploitation, and building a reliable infrastructure. We will use Apache Cassandra to demonstrate how we validated the attack vector for each target, sharing the exploitation details of the critical RCE we found, and its implications on a database-as-a-service used by multiple cloud providers.
Although reporting and working with OSS projects security teams on resolving these issues was addressed quickly, still no CVE was assigned. Both project owners and library owners claimed the responsibility to use it “safely” is on the users themselves. The result is that most users are vulnerable and have no process to fix this or even be aware of it.
We believe it is vital to raise community awareness of shadow vulnerabilities, as we only scratched the surface with one example out of many more that are still out there.
Return to Index - Add to
- ics Calendar file
MIV - Saturday - 10:00-10:59 PDT
Title: Disincentivizing misinformation: co-create a new platform business model
When: Saturday, Aug 12, 10:00 - 10:59 PDT
Where: Caesars Forum - Summit - 224 - Misinfo Village - Map
SpeakerBio:Vardon Hamdiu
, Co-Lead at Sparkable
Vardon Hamdiu is the Co-Lead of Sparkable, a nonprofit organization working on a new platform model to counter misinformation, hate, and other harms connected to the advertisement business model. In the last decade, he worked in the communications of a Swiss President, lived in South Africa for half a year, and worked with refugees. During that time, he realized the enormous disconnect between the information we consume online and the lived reality of so many people around the world. This made him start Sparkable, a community-led effort to create a better information environment.
Description:
What are the economic incentives driving misinformation, and what does the advertisement/engagement business model have to do with it? If we could create a new model for our information ecosystem, how would we ensure civic integrity and security by design?
Join this workshop to co-create a new incentive system for open platforms focused on people, not profit.
In the workshop, you will modify and improve this new system in two different tracks: integrity and research/design. It will cover a wide range of interests, including trust & safety, cybersecurity, media, content creation, UX, and systems design. You can choose the track most relevant to you and contribute ideas, questions, and feedback that will directly inform the Sparkable roadmap. No previous knowledge is required.
Return to Index - Add to
- ics Calendar file
CPV - Saturday - 13:30-13:59 PDT
Title: Domain Fronting Through Microsoft Azure and CloudFlare: How to Identify Viable Domain Fronting Proxies
When: Saturday, Aug 12, 13:30 - 13:59 PDT
Where: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
Speakers:Charles Miller,Michael Brown,Michael Pelosi
SpeakerBio:Charles Miller
No BIO available
SpeakerBio:Michael Brown
No BIO available
SpeakerBio:Michael Pelosi
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
APV - Saturday - 13:30-14:15 PDT
Title: Dress Code - Analysis of the current status of the Content Security Policy
When: Saturday, Aug 12, 13:30 - 14:15 PDT
Where: Flamingo - Savoy - AppSec Village - Main Stage - Map
SpeakerBio:Felipe Molina
Felipe Molina is a Spaniard hacker working in the SensePost Team at Orange Cyberdefense. He loves Andalusia, to hack, drink beer, barbecue with family and friends, deep diving into new software to find cool vulnerabilities.
Twitter: @felmoltor
Description:
Content Security Policy (CSP) has been in support by most modern browsers for a while now. The RFC of the first version was released in 2014. Almost 10 years later, and with version 3 recently released, a far-reaching study of CSP deployment across the Internet was due.
The top one million most popular sites were scanned and their CSP related headers were stored. The values of the CSP headers were analysed to answer several questions. How popular is this security measure nowadays. What are common pitfalls and misconfigurations within CSP headers. How often do sites enable reporting of violations to take a more proactive approach? Do sites blindly trust third parties such as content delivery networks and how can this trust be abused.
This talk will cover the results of the analysis against real world data and answer the previous questions. Additionally, it will present practical exploitation examples and provide with effective hardening and mitigation to the detected weaknesses.
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-17:59 PDT
Title: Dungeons@Defcon
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
D@D is a table-top/RPG themed puzzling campaign for teams of 1-4 players. As part of the campaign, teams will unravel crypto challenges, solve physical puzzles, and do other side-quests that will have them interacting with different components of the Defcon community (villages, goons, NPCs, local wildlife, trolls, etc.) to earn points and progress through a narrative. The theme changes each year, but typically is based loosely on a popular table-top game that fits the theme for Defcon. Teams learn how to work cooperatively to solve large puzzles, and learn how to solve puzzles that they may have seen in CTFs, escape rooms, or other puzzle venues. The contest is designed to be accessible to all technical levels and all ages.
Pre-registration will occur online the week before con (announced via Twitter) as well as Friday morning at 10 in person, first come first served until we have enough teams filled. Contest will start at 12:00 on Friday
--
Kids are welcome. The first year Dungeons @ DEF CON ran, two kids with the help of their fathers won a black badge.
Return to Index - Add to
- ics Calendar file
RCV - Saturday - 14:00-14:25 PDT
Title: Easy EASM - the zero dollar attack surface management tool
When: Saturday, Aug 12, 14:00 - 14:25 PDT
Where: LINQ - 3rd flr - Social B and C - Recon Village - Map
SpeakerBio:Jason Haddix
, CISO and “Hacker in Charge” at BuddoBot
Jason Haddix is the CISO and “Hacker in Charge” at BuddoBot, a world-class adversary emulation consultancy. He's had a distinguished 15-year career in cybersecurity previously serving as the CISO of Ubisoft, Head of Trust/Security/Operations at Bugcrowd, Director of Penetration Testing at HP, and Lead Penetration Tester at Redspin. He has also held positions doing mobile penetration testing, network/infrastructure security assessments, and static analysis. Jason is a hacker and bug hunter to the core, and he is ranked 51st all-time on Bugcrowd's leaderboards. Currently, he specializes in recon and web application analysis. Jason has also authored many talks on offensive security methodology, including speaking at cons such as; DEF CON, Black Hat, OWASP, RSA, Nullcon, SANS, IANS, BruCon, Toorcon, and many more. Jason currently lives in Colorado with his wife and three children.
Twitter: @jhaddix
Description:No Description available
Return to Index - Add to
- ics Calendar file
MISC - Saturday - 18:00-21:59 PDT
Title: EFF Tech Trivia
When: Saturday, Aug 12, 18:00 - 21:59 PDT
Where: Caesars Forum - Forum - 121-123, 129, 137 - Chillout - Map
Description:
EFF's team of technology experts have crafted challenging trivia about the fascinating, obscure, and trivial aspects of digital security, online rights, and Internet culture. Competing teams will plumb the unfathomable depths of their knowledge, but only the champion hive mind will claim the First Place Tech Trivia Prize (TBD) and EFF swag pack. The second and third place teams will also win great EFF gear.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 09:00-09:20 PDT
Title: ELECTRONizing macOS privacy - a new weapon in your red teaming armory
When: Saturday, Aug 12, 09:00 - 09:20 PDT
Where: Caesars Forum - Forum - 130-134 - Track 3 - Map
SpeakerBio:Wojciech Reguła
, Principal Security Consultant at SecuRing
Wojciech is a Principal Security Specialist working at SecuRing. He specializes in application security on Apple devices. Wojciech created the iOS Security Suite - an opensource anti-tampering framework. Bugcrowd MVP, found vulnerabilities in Apple, Facebook, Malwarebytes, Slack, Atlassian, and others. In free time he runs an infosec blog - https://wojciechregula.blog. Shared research on among others Black Hat (Las Vegas, USA), Objective by the Sea (Hawaii, USA), AppSec Global (Tel Aviv, Israel), AppSec EU (London, United Kingdom), CONFidence (Cracow, Poland), BSides (Warsaw, Poland).
Twitter: @_r3ggi
Description:
MacOS is known for an additional layer of privacy controls called TCC - Transparency, Consent, and Control (TCC) that restricts access to sensitive personal resources: documents, camera, microphone, emails, and more. Granting such access requires authorization, and the mechanism's main design concern was clear user consent.
Despite many vulnerabilities in that mechanism found in the past, using 0-days during red teaming engagements is impractical. Apple fixes TCC vulnerabilities but red teams still have to get access to files saved on the victim’s desktop or be able take a screenshot.
What if I tell you that there are many open doors to resolve all the TCC problems that are already installed on your target machines?! Electron apps are everywhere. And you probably heard the joke that: ‘S’ in Electron stands for security.
In this talk I will share a new tool that, by abusing Electron default configuration, allows executing code in the context of those Electron apps and thus inherit their TCC permissions.
The audience will leave with a solid understanding of the macOS privacy restrictions framework (TCC) and its weaknesses. The part of the audience interested in macOS red teaming will also get to know my new, free and open source tool. Blue teams on the stage will also see some ideas regarding detections.
Return to Index - Add to
- ics Calendar file
ASV - Saturday - 13:30-13:55 PDT
Title: Elon, Twitter and the PIA: How not to achieve privacy in aviation
When: Saturday, Aug 12, 13:30 - 13:55 PDT
Where: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
SpeakerBio:Martin Strohmeier
No BIO available
Description:
In 2022, aviation tracking privacy (or the lack thereof) has truly entered the global mainstream, with operational security and climate shaming of private jets suddenly discussed all over the world. Following up on previous work presented at the Aerospace Village, we will conduct a deep dive into how we arrived in this position, why nothing has worked so far, and how we need to change our thinking in order to achieve any meaningful privacy in aviation.
Return to Index - Add to
- ics Calendar file
WS - Saturday - 09:00-12:59 PDT
Title: Email Detection Engineering and Threat Hunting Inbox (Pre-Registration Required)
When: Saturday, Aug 12, 09:00 - 12:59 PDT
Where: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
Speakers:Alfie Champion,Josh Kamdjou
SpeakerBio:Alfie Champion
Alfie specializes in the delivery of attack detection and adversary emulation services, actively contributing education content, tooling and blogs to further the industry. He has previously worked with organisations across multiple industry verticals to uplift and validate their detective capability through red or purple team engagements, and now leads the global adversary emulation function at a FTSE 250 company. He has previously spoken at BlackHat USA, RSA and Blue Team Con 2022, among others, and is the co-founder of DelivrTo.
SpeakerBio:Josh Kamdjou
Josh has been doing offensive security-related things for the past 12 years. He's spent most of his professional career breaking into networks via spear-phishing and other methods, and building software for both the public (Department of Defense) and private sectors. Josh is the Founder and CEO of Sublime Security, and in his private life enjoys weight lifting, Martial Arts, soccer, and spending time with his niece and nephew.
Description:
Email remains the #1 initial access vector for commodity malware and nation state actors. Historically, tackling email-based threats has been considered the purview of black-box vendor solutions, with defenders having limited scope (or tooling!) to swiftly and effectively respond to emerging attacker activity and novel offensive tradecraft.
In this workshop, attendees will be given detailed insight into the latest techniques used to deliver prevalent malware strains, including QakBot and Emotet, and will hunt through email data to identify this malicious activity, developing rules to detect and block these attacks.
Initially attendees will be introduced to the foundational technologies that enable threat hunting, detection engineering, and response in the email domain, before being given access to the email data of a fictitious company seeded with benign and real-world attack data. Throughout the day, participants will learn to hunt common phishing techniques including:
- VIP Impersonations
- HTML smuggling via links/attachments
- Malicious VBA macros
- OneNote / LNK file malware (attachments, and links to auto-downloads)
- PDF attachments with embedded links to malware (PDF -> URL -> ZIP -> WSF)
- Lookalike domains / homoglyph attacks
- Credential phishing
- Password protected archives
- Exploits (e.g. CVE-2023-23397, CVE-2021-40444)
- Fake invoices (Geek Squad)
Attendees will be guided through the rule creation process, utilizing free and open detection engines including Sublime and Yara, and will be introduced to the signals and email attributes that can be used to craft high-fidelity rules, including targeted user groups, sentiment analysis, sender domain age, and attachment analysis. Having completed the workshop, attendees will have a strong understanding of the tools and techniques at their disposal to defend their organizations from all manor of email threats.
Skill Level: Beginner. The training will cater to security practitioners with any level of technical experience. While a general understanding of email threats will be advantageous, all offensive and defensive techniques and tools in the training will be introduced at a foundational level and built on throughout the day.
Prerequisites for students:
- None
Materials or Equipment students will need to bring to participate:
- Attendees should bring their own laptops in order to be hands-on, preloaded with Docker. Instructions to run the Docker images from Github will be shared. All tools used in this lab are free and/or open-source.
Return to Index - Add to
- ics Calendar file
ICSV - Saturday - 10:30-10:59 PDT
Title: EMBA - From firmware to exploit
When: Saturday, Aug 12, 10:30 - 10:59 PDT
Where: Caesars Forum - Alliance - 313-319 - ICS Village - Map
SpeakerBio:Michael Messner
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-17:59 PDT
Title: Embedded CTF
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: LINQ - 3rd flr - Evolution - Embedded Systems Village - Map
Description:
Embedded systems are everywhere in our daily lives, from the smart devices in our homes to the systems that control critical infrastructure. These systems exist at the intersection of hardware and software, built to accomplish a specific task. However, unlike general-purpose computers, embedded systems are typically designed for a particular use case and have limited resources. This makes them both challenging and fascinating to work with, especially from a security perspective.
The Embedded CTF contest is an exciting opportunity to explore the intricacies of these systems and test your skills in a competitive environment. Contestants are challenged to find vulnerabilities in the firmware or hardware and exploit them to gain access or control over the device. The contest offers a unique opportunity to explore embedded devices' inner workings and understand their design's security implications.
New devices will be dramatically introduced at set intervals throughout the competition, and point values will decrease over time. This keeps contestants guessing and on their toes, forcing them to adapt and use their skills to tackle new challenges. It also offers a chance to learn about different types of devices and how they function, broadening participants' knowledge and experience.
By participating in the contest, teams of up to 6 contestants can develop a deep understanding of how these systems operate and how to secure them against potential attacks. Additionally, the contest encourages participants to think outside the box and approach problems creatively, honing their problem-solving skills.
With the increasing integration of technology in our daily lives, embedded devices are becoming more ubiquitous. Whether you're a seasoned security professional or just starting in the field, this contest offers a chance to learn, test your skills, and have fun in a dynamic and competitive environment.
Return to Index - Add to
- ics Calendar file
IOTV - Saturday - 10:00-17:59 PDT
Title: Embedded Device Security Workshops
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Alliance - 307-310 - IOT Village - Map
Description:
Embedded Device Security Workshops: two hands-on workshops showcasing common security vulnerabilities present in IoT/OT devices. These workshops will give you an opportunity to use a variety of device hacking tools and techniques to attack multiple components at varying layers of the stack, enabling a deeper understanding of device security.
Return to Index - Add to
- ics Calendar file
ESV - Saturday - 10:00-17:59 PDT
Title: Embedded Systems Village Activities
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: LINQ - 3rd flr - Evolution - Embedded Systems Village - Map
Description:
**ESV Badge**
The ESV Badge is a cool-looking shard PCB that will fit into the DEF CON badge shard holder, but also doubles as a hardware debugger with a built-in USB-Serial adapter. On sale at the village for $60, but also available for free to CTF players that score a minimum number of points.
**Embedded CTF**
An approachable yet challenging CTF competition with a wide range of embedded devices and attacks.
Categories include:
- Physical
- Network
- RF
- Mobile (Powered by Corellium)
- Firmware
- Badge - custom challenges built into the ESV badge
**101 Labs**
A series of computer-based workshops that will guide you through the basics of hacking embedded devices. From extracting and analyzing firmware, exploiting command injections and more, these labs will introduce even the most noob to the world of embedded device hacking.
**Hands-on Hardware Hacking**
We've raided our local thrift stores and electronics recyclers and brought a whole bunch of embedded systems for you to try out the ESV badge on. Come pull memory chips off PCBs, dump memory, connect to UART consoles, and see what was left behind on these devices!
**LoRA Labs**
A hands-on and interactive lab using LoRa gateways where you will discover the noisy 915 MHz radio spectrum world.
Return to Index - Add to
- ics Calendar file
BHV - Saturday - 15:30-16:10 PDT
Title: Enhancing Cybersecurity Resilience in the Brazilian Healthcare Sector: A Novel Red Team and Blue Team Methodology
When: Saturday, Aug 12, 15:30 - 16:10 PDT
Where: Flamingo - Laughlin I,II,III - Biohacking Village - Map
Speakers:Arthur Paixão,Diego Mariano
SpeakerBio:Arthur Paixão
Arthur: 14 years of experience, possesses expertise in offensive security and threat intelligence in the financial and healthcare sectors.
SpeakerBio:Diego Mariano
, CISO at Albert Einstein Hospital
Diego: In cybersecurity for 20 years, currently holding the CISO position at Albert Einstein Hospital. Beyond professional dedication, a passionate practitioner of kriya yoga and meditation.
Description:
This paper presents a novel methodology that combines red team and blue team exercises to enhance cybersecurity resilience in the Brazilian healthcare sector. The methodology is designed to go beyond the traditional roles of red teams and blue teams. It incorporates threat injection exercises with a newly created prioritization method, training the Red Team to assist the CSIRT in responding to incidents and creating a new role for the Red Team. Additionally, a new technique called Offensive Intel monitors the threat landscape of competitors and provides insights on how to protect our own landscape. The methodology also incorporates techniques to deal with VIP patient data and policies to control staff curiosity. Some real-life use cases will be presented to evidence the effectiveness of the methodology. One such use case involved an almost successful attempt to destroy medical equipment during a penetration testing exercise and how to not do it again. Another one presents vulnerabilities identified in air conditioning controllers, EMR systems, and exam results systems that are used in the entire country. And two incidents that were successfully contained with the help of threat injection and offensive intel. The methodology's effectiveness also led to the inference of the Brazilian TOP 10 Vulnerabilities in the Healthcare Sector, based on findings across systems used throughout the country. The list provides insights into the most critical vulnerabilities facing healthcare institutions in Brazil and will be presented at the conference. The vulnerabilities were categorized by the degree of harm they can inflict on patients and the impact on healthcare services. The methodology's results also drove to the development of a tool that assists other cybersecurity teams in conducting safe red and blue team exercises in the healthcare sector. The tool augments cybersecurity resilience by improving the capabilities of CSIRT and threat intel teams and is valuable to other cybersecurity professionals in the industry. In conclusion, the novel methodology provides a unique approach to enhancing cybersecurity resilience in the Brazilian healthcare sector. The incorporation of threat injection exercises, Offensive Intel, and a new role for the Red Team offers a comprehensive and effective approach that goes beyond traditional red team exercises. The methodology and tool can be replicated and the approach's effectiveness has been demonstrated through real-life use cases and the creation of the TOP 10 Vulnerabilities in the Healthcare Sector in Brazil. By adopting this methodology, healthcare institutions in Brazil and around the world can better protect patient data and improve cybersecurity resilience.
Return to Index - Add to
- ics Calendar file
DCGVR - Saturday - 14:35-15:20 PDT
Title: Enhancing vulnerability research through the use of virtual reality workspaces.
When: Saturday, Aug 12, 14:35 - 15:20 PDT
Where: Virtual
SpeakerBio:datalocaltmp
I am an independent security researcher focused on mobile technology. Recently I have enhanced a lot of my work by using Visualizations in Virtual Reality, in particular visualizing code coverage in Android ([write-up here](https://datalocaltmp.github.io/visualizing-android-code-coverage-pt-1.html)) and then navigating the function graphs in Virtual Reality [example video here](https://twitter.com/datalocaltmp/status/1666964834334785536).
Twitter: @datalocaltmp
Description:
Enhancing vulnerability research through the use of virtual reality workspaces. This talk will provide an overview of my set-up for performing vulnerability research within virtual reality and some of the benefits I have observed. Examples of my particular setup available [here](https://twitter.com/datalocaltmp/status/1620643279657390082). Additionally I will cover visualization of Android native code execution within Ghidra and how virtual reality has allowed me to better navigate the function graphs while reverse engineering. An example of my particular setup for function graph navigation in VR available [here](https://twitter.com/datalocaltmp/status/1666964834334785536).
Return to Index - Add to
- ics Calendar file
MIV - Saturday - 11:00-11:59 PDT
Title: Evil Digital Twin: Learn Psychological Manipulation with an Uncensored LLM
When: Saturday, Aug 12, 11:00 - 11:59 PDT
Where: Caesars Forum - Summit - 224 - Misinfo Village - Map
Speakers:Ben D. Sawyer,Matthew Canham
SpeakerBio:Ben D. Sawyer
Dr. Ben D. Sawyer is an applied neuroscientist and human factors engineer known for using brainwaves, eye movements, and mathematical theory to build better human-machine teams. His models and algorithms power trustworthy machines that work with their human partners. His design recommendations are leveraged by Fortune 500 companies. His work has been covered by Forbes, Reuters, Fast Company, and The BBC, and more. Dr. Sawyer's postdoctoral work at MIT was in collaboration with industry including Google, Jaguar-Landrover, Honda, DENSO, Monotype, and Panasonic. A two-time Repperger Research Fellow with the Air Force Research Laboratory (AFRL), he performed research with the 711th Human Performance Wing in both their Applied Neuroscience and Battlefield Acoustics (BATMAN group) divisions. He is a recipient of The Human Factors Prize, for Cybersecurity research, The K.U. Smith Award, for consumer electronics work investigating driving distraction and Google Glass, and an Outstanding Dissertation Award for work investigating the applied psychophysics of warfighter multitasking. Dr. Sawyer is presently faculty in Industrial Engineering and Management Systems and the Institute for Simulation and Training at UCF, and the Director of LabX, an applied neuroscience group addressing human performance. In addition to academic pursuits, Dr. Sawyer provides consulting and expert witness services in matters including distraction, attention, and error. He is the co-founder of Awayr, an AI startup within MIT's The Engine. In his leisure time, Ben enjoys adventure travel with his wife, swimming, sailing the Charles, and building things. He volunteers, helping people to learn to repair their own things. He does not enjoy writing about himself in the third person and will now stop.
SpeakerBio:Matthew Canham
, CEO at Beyond Layer 7
Dr. Matthew Canham is the CEO of Beyond Layer 7, a security consulting firm specializing in mitigating insider risk, human-centric security solutions, and data analytics. He is a founding member of the Cognitive Security Institute, a non-profit organization dedicated to research and understanding the nuances of defending human and artificial decision makers from cognitive attacks. He currently holds an affiliated faculty member appointment with George Mason University, where the focus of his research orients around synthetic media –deepfake– social engineering attacks, cognitive security, and insider risk. Dr. Canham was previously a Special Agent for the FBI, where he investigated cybercrimes, insider threats, and ran cyber HUMINT operations as a certified online covert employee. During his tenure with the FBI, he also served as a subject matter expert with the Behavioral Analysis Program (BAP) and as the Technical Liaison between the Operational Technology Division (OTD) and the Cyber Behavioral Analysis Center (CBAC). Dr. Canham has previously taught courses on synthetic media attacks, cognitive warfare, human-centric security, and insider risk for; NATO, NASA (Kennedy Space Center), DARPA, MIT, BI (Oslo, Norway), Aberdeen Proving Ground, ISC2, and the FBI. He holds a PhD in Cognitive Psychology with special expertise in human centric security, data analytics, and behavioral engineering; as well as GIAC certifications in Certified Forensics Examiner (GCFE), Certified Auditing Wireless Networks (GWAN), Mobile Device Security Analyst (GMOB), and Certified Incident Handler (GCIH).
Description:
This workshop will delve into the uncharted territory of Uncensored Large Language Models (LLMs) and explore their latent potential. This immersive session invites cybersecurity experts, researchers, and enthusiasts alike to understand the profound capabilities of uncensored LLMs displayed in misinformation and manipulation tactics, and how malicious actors might exploit this capability.
During the workshop, attendees will gain a practical understanding of how LLMs can deploy sophisticated strategies pulled from psychological literature and advertising science. From harnessing cognitive biases and social norms to capitalizing on habit loops, the mechanisms of manipulation are as intriguing as they are unsettling. An uncensored LLM, ripe for exploration, serves as our playground, providing invaluable insights into its interaction patterns.
But it's not just about understanding these models; it's about looking beyond the horizon. Participants will also be introduced to the concept of 'shadow prompts,' concealed instructions that a compromised or malicious LLM runs alongside standard user prompts. Unraveling the intricacies of these shadow prompts will reveal how they can stealthily shift the outcomes of LLM interactions.
This workshop is more than just a one-off event. All participants will automatically become members of our burgeoning ""Evil Digital Twin"" community. This membership comes with the opportunity to engage in an ongoing learning journey, unveiling the less-discussed capabilities of LLMs. By fostering a collaborative environment, we aim to empower members to not only understand these evolving digital entities but also devise robust defenses against them within their respective organizations and institutions.
Two deep experts in psychology and cybersecurity and the intelligence community will be your guides.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 10:00-17:59 PDT
Title: Exhibitor Area Open
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Forum - 124-126 - Exhibitors - Map
Description:
This is when you can go visit our awesome exhibitors.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 14:30-15:15 PDT
Title: Exploiting OPC-UA in Every Possible Way: Practical Attacks Against Modern OPC-UA Architectures
When: Saturday, Aug 12, 14:30 - 15:15 PDT
Where: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
Speakers:Noam Moshe,Sharon Brizinov
SpeakerBio:Noam Moshe
, Vulnerability Researcher at Claroty Team82
Noam Moshe is a vulnerability researcher at Claroty Team82. Noam specializes in vulnerability research, web applications pentesting, malware analysis, network forensics and ICS/SCADA security. In addition, Noam presented in well-known Hacking conferences like Blackhat Europe, as well as won Master of Pwn at Pwn2Own Miami 2023.
SpeakerBio:Sharon Brizinov
, Director of Security Research at Claroty Team82
Sharon Brizinov leads the Vulnerability Research at Team82, The Claroty Research. He specializes in OT/IoT vulnerability research, has participated in multiple Pwn2Own competitions, won Pwn2Own Miami 2023, and holds a DEFCON black badge.
Description:
OPC-UA is the most popular protocol today in ICS/SCADA and IoT environments for data exchanges from sensors to on-premises or cloud applications. OPC-UA is therefore the bridge between different OT trust zones and a crown jewel for attacks attempting to break security zones and crossover from the industrial to corporate networks.
We have been researching during the past two years dozens of OPC-UA protocol stack implementations being used in millions of industrial products. We focused on two main attack vectors: attacking OPC-UA servers and protocol gateways, and attacking OPC-UA clients. The research yielded unique attack techniques that targeted specific OPC-UA protocol specification pitfalls that enabled us to create a wide range of vulns ranging from denial of service to remote code execution.
For example, we explored OPC-UA features such as method call processing, chunking mechanisms, certification handling, complex variant structures, monitored items, race-conditions, and many more. For each part of the specification, we tried to understand its caveats and exploit them to achieve RCE, information leaks, or denial of service attacks.
In this talk, we will share our journey, methods, and release an open-source framework with all of our techniques and vulnerabilities to exploit modern OPC-UA protocol stacks. ,
Noam Moshe is a vulnerability researcher at Claroty Team82. Noam specializes in vulnerability research, web applications pentesting, malware analysis, network forensics and ICS/SCADA security. In addition, Noam presented in well-known Hacking conferences like Blackhat Europe, as well as won Master of Pwn at Pwn2Own Miami 2023.
Return to Index - Add to
- ics Calendar file
CPV - Saturday - 14:00-14:45 PDT
Title: Exploring the Impact of PQC on Cryptographic Key Management
When: Saturday, Aug 12, 14:00 - 14:45 PDT
Where: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
Speakers:Deirdre Connolly,James Howe,Mark Carney,Ryan Hurst,Sandra Guasch Castello,Sofi Celi
SpeakerBio:Deirdre Connolly
No BIO available
SpeakerBio:James Howe
No BIO available
SpeakerBio:Mark Carney
No BIO available
SpeakerBio:Ryan Hurst
No BIO available
SpeakerBio:Sandra Guasch Castello
No BIO available
SpeakerBio:Sofi Celi
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
BHV - Saturday - 16:10-17:10 PDT
Title: FaFo: Laboratory Physical and ICS (Warning: not for the faint of heart)
When: Saturday, Aug 12, 16:10 - 17:10 PDT
Where: Flamingo - Laughlin I,II,III - Biohacking Village - Map
SpeakerBio:Nathan Case
A passion for Incident Response, and operational security in all forms. Pushing the bounds of threat detection and response. Finding new thoughts and bringing them to the fields of security and technology.
Description:
I will discuss real-world equipment hacks caused by nation-state actors attacking humans and ways to mitigate similar impacts. Examples will cover a range of laboratory equipment, including research labs and industrial manufacturing facilities. In this talk, we will explore the common causes of laboratory and OT equipment breaches caused by human error, including misconfiguration, misuse, and malicious actions. We will examine the potential consequences of such failures, including data loss, damage to equipment, and even injury. I will also present a range of strategies for preventing such issues, including implementing standard operating procedures with a security focus, using equipment monitoring systems, and adopting best practices for equipment architecture.
Return to Index - Add to
- ics Calendar file
APV - Saturday - 15:00-16:59 PDT
Title: Faking GitHub Reputation
When: Saturday, Aug 12, 15:00 - 16:59 PDT
Where: Flamingo - Savoy - AppSec Village - Pod 4 - Map
SpeakerBio:Checkmarx
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
ICSV - Saturday - 12:00-13:30 PDT
Title: Fear and Loathing on Plum Island
When: Saturday, Aug 12, 12:00 - 13:30 PDT
Where: Caesars Forum - Alliance - 313-319 - ICS Village - Map
Speakers:David Emmerich,Emma Stewart,Jeremy Jones,Joe Minicucci
SpeakerBio:David Emmerich
, University of Illinois Information Trust Institute
No BIO available
SpeakerBio:Emma Stewart
No BIO available
SpeakerBio:Jeremy Jones
, Idaho National Lab
No BIO available
SpeakerBio:Joe Minicucci
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
RCV - Saturday - 15:55-16:20 PDT
Title: Finding Hidden Gems In Temporary Mail Services
When: Saturday, Aug 12, 15:55 - 16:20 PDT
Where: LINQ - 3rd flr - Social B and C - Recon Village - Map
SpeakerBio:Berk Can Geyikci
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
VMV - Saturday - 10:30-12:30 PDT
Title: First Timers Workshop
When: Saturday, Aug 12, 10:30 - 12:30 PDT
Where: Caesars Forum - Academy - 415-418 - Voting Village - Map
SpeakerBio:Tailor Herrarte
With over 8 years in government and commercial incident response, I'm a seasoned cybersecurity expert specializing in OSINT, social engineering, phishing, and pentesting. From fortifying systems in pharmaceuticals to refining best practices at the National Institutes of Health, I bring a wealth of experience. Currently, I'm dedicated to enhancing web application security at Yahoo.
Description:
Never hacked a voting machine before? Come check out our First Timers Workshop to give it a try. Don't think you can do it? There is only one way to find out. To try it yourself! Even if you have never hacked anything before, this is the workshop for you.
Return to Index - Add to
- ics Calendar file
APV - Saturday - 15:00-16:59 PDT
Title: Fix The Flag - Battle Challenge
When: Saturday, Aug 12, 15:00 - 16:59 PDT
Where: Flamingo - Savoy - AppSec Village - Pod 3 - Map
SpeakerBio:Pedram Hayati
Dr. Pedram Hayati, Founder of SecTalks.org, Founder of SecDim.com. Senior lecturer at UNSW. Kite surfer. Lives in downunder
Twitter: @pi3ch
Description:
Find a security vulnerability in an app and get a score when you effectively fix it. The winner of the competition is the first person who fixes the vulnerability.
Return to Index - Add to
- ics Calendar file
PHV - Saturday - 09:00-17:59 PDT
Title: Fleet DefCon 31 Workshop
When: Saturday, Aug 12, 09:00 - 17:59 PDT
Where: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
Description:
Fleet is an open-core, cross-platform solution that provides real-time insights using osquery and GitOps-driven management for all your devices, including Mac, Windows, Linux, and ChromeOS. Join the adventure and explore a wonderland of data!
Return to Index - Add to
- ics Calendar file
APV - Saturday - 13:00-14:59 PDT
Title: For Kids: Castle Defenders
When: Saturday, Aug 12, 13:00 - 14:59 PDT
Where: Flamingo - Savoy - AppSec Village - Map
SpeakerBio:Pentera
Mommy is late for dinner again, and Emma and Oliver are frustrated. Daddy comes to the rescue with spaghetti and an enchanting tale of brave knights and mysterious castles, revealing how he and Mommy work tirelessly to protect the people on the internet from bad hackers and other online threats.
This charming story, filled with delightful illustrations and playful storytelling, is perfect for young minds eager to explore the captivating world of cybersecurity.
Description:
Amazon Best Selling children's book "Castle Defenders" is making its DEFCON debut!
Bring your elementary school-aged kids to learn "what cyber parents do" with story time and on-site coloring station.*
*While supplies last.
Return to Index - Add to
- ics Calendar file
BTV - Saturday - 11:30-11:59 PDT
Title: Forensics 101 Part I & II
When: Saturday, Aug 12, 11:30 - 11:59 PDT
Where: Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: 101 Track (0x41) - Map
Speakers:Danny D. "B4nd1t0" Henderson Jr,Gyle_dC
SpeakerBio:Danny D. "B4nd1t0" Henderson Jr
Danny "B4nd1t0" Henderson Jr has over 11 years in the IT field from the U.S. Public Sector to life in the Private Sector and supported operations such as Cyber Warfare. Danny currently works at Novartis in Czech Republic as a Threat Hunter. He holds a master's degree in Cyber and Information Security from Capitol Technology University and certifications such as GCIH, GCFA, and CISSP. His skillset includes digital forensics, threat intelligence, and malware analysis. Outside of the field, Danny is fond of fantasy-themed tabletop games and retro RPGs which is displayed through his Bandit's Bytes website.
SpeakerBio:Gyle_dC
Gyle first got connected to the internet via her reliable 56k US Robotics modem and has been fascinated ever since with technology and security. She got her Graduate Certificate in Incident Response from the SANS Institute and her master’s in cyber security – Digital Forensics from UNSW Canberra. In her day job as an incident responder, she uses her skills and knowledge to help protect and defend the organisation she works for. In her spare time, she mentors other people who are new to the field, presents in different cyber security events and volunteers with different community-based organisations.
Description:
This Forensics 101 session includes two modules.
Part I: General Introduction to Forensics
Part II: General Introduction to Forensics Continued
Introduction to Forensics: Part I & II
Return to Index - Add to
- ics Calendar file
CON - Saturday - 11:00-16:59 PDT
Title: Free Amateur Radio License Exams
When: Saturday, Aug 12, 11:00 - 16:59 PDT
Where: Flamingo - Virginia City - Ham Radio Village - Map
Description:
Take the test to join what has been considered to be one of the first hacker communities, amateur radio! The Ham Radio Village is back at DEF CON 31 to offer free amateur radio license exams to anyone who wishes to get their ham radio license. Examinees are encouraged to study on [ham.study](https://ham.study/), and may sign up for this time slot [here](https://ham.study/sessions/64bc92c66f588492f6063722/1).
Return to Index - Add to
- ics Calendar file
PSV - Saturday - 13:15-13:30 PDT
Title: Free Pokemon Card Bus Passes
When: Saturday, Aug 12, 13:15 - 13:30 PDT
Where: Flamingo - Carson City - Physical Security Village - Map
Speakers:Jarvis,Malcolm
SpeakerBio:Jarvis
No BIO available
SpeakerBio:Malcolm
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
SOC - Saturday - 12:00-12:59 PDT
Title: Friends of Bill W
When: Saturday, Aug 12, 12:00 - 12:59 PDT
Where: Harrah's - Studio 1 - Friends of Bill W - Map
Description:
Thursday
12:00-13:00
17:00-18:00
Friday
12:00-13:00
17:00-18:00
Saturday
12:00-13:00
17:00-18:00
Sunday
12:00 -13:00
Return to Index - Add to
- ics Calendar file
SOC - Saturday - 17:00-17:59 PDT
Title: Friends of Bill W
When: Saturday, Aug 12, 17:00 - 17:59 PDT
Where: Harrah's - Studio 1 - Friends of Bill W - Map
Description:
Thursday
12:00-13:00
17:00-18:00
Friday
12:00-13:00
17:00-18:00
Saturday
12:00-13:00
17:00-18:00
Sunday
12:00 -13:00
Return to Index - Add to
- ics Calendar file
DC - Saturday - 12:00-12:45 PDT
Title: From Feature to Weapon: Breaking Microsoft Teams and SharePoint Integrity
When: Saturday, Aug 12, 12:00 - 12:45 PDT
Where: Caesars Forum - Academy - 407-410 - Track 4 - Map
SpeakerBio:Nestori Syynimaa
, Senior Principal Security Researcher at Secureworks
Dr Nestori Syynimaa is one of the leading Azure AD / M365 experts in the world and the developer of the AADInternals toolkit. He has worked with Microsoft cloud services for over a decade and has been MCT since 2013, MVP since 2020, and awarded Microsoft Most Valuable Security Researcher for 2022. Currently, Dr Syynimaa works as a Senior Principal Security Researcher for Secureworks Counter Threat Unit. Before moving to his current position, Dr Syynimaa worked as a CIO, consultant, trainer, researcher, and university lecturer for almost 20 years. Dr Syynimaa has spoken in many international scientific and professional conferences, including IEEE TrustCom, Black Hat (USA, Europe, and Asia), Def Con, and RSA Conference.
Twitter: @DrAzureAD
Description:
Microsoft SharePoint Online (SPO) is a cloud-based service that helps organizations share and manage content. It is also used as backend file storage for other Microsoft online services, such as Microsoft 365 Groups, OneDrive, and Teams.
Microsoft offers tools such as Migration Manager and SharePoint Migration Tool (SPMT) to ease migrating files from on-premises file servers to SPO, OneDrive, and Teams. Both tools use the same background APIs to perform the data migration. Technically, the migration is leveraging the built-in Granular Backup feature of on-premises SharePoint, which allows exporting and importing individual SharePoint sites and lists. The Granular Backup feature is not available in SharePoint Online.
In this talk, I'll show how threat actors can leverage SPO migration APIs to break the integrity of all Microsoft online services that use SPO as storage. Threat actors can spoof new content and tamper with existing content, and inject custom code to perform XSS attacks. This, in turn, enables elevation-of-privilege attacks to all Microsoft Online services, including Azure Active Directory. And all this as a regular user.
Return to Index - Add to
- ics Calendar file
BHV - Saturday - 13:50-14:50 PDT
Title: Full Stack Disclosures
When: Saturday, Aug 12, 13:50 - 14:50 PDT
Where: Flamingo - Laughlin I,II,III - Biohacking Village - Map
Speakers:Edison Alvarez,Alex Mastrov,Matias Katz
SpeakerBio:Edison Alvarez
, Senior Director in Regulatory Affairs at BD
He is a Senior Director in Regulatory Affairs and is responsible for strategic cybersecurity regulatory leadership at BD, a global medical technology company that is advancing the world of health by improving medical discovery, diagnostics, and the delivery of care.
SpeakerBio:Alex Mastrov
, Founder and CEO at Binarly
Alex is the Founder and CEO of Binarly, an AI-powered platform to protect devices against emerging threats.
SpeakerBio:Matias Katz
, Founder and CEO at Byos
Matias is the Founder and CEO of Byos, a simpler and more effective way to secure networks by making devices invisible.
Description:No Description available
Return to Index - Add to
- ics Calendar file
TCV - Saturday - 10:00-10:59 PDT
Title: Gazing into the crystal ball: Hacking and Securing Future Telecoms Networks
When: Saturday, Aug 12, 10:00 - 10:59 PDT
Where: Flamingo - Virginia City - Telecom Village - Map
Speakers:Ajit Hatti,Akib Sayyed,David Rogers,Galina Pildush
SpeakerBio:Ajit Hatti
, NullCon
No BIO available
SpeakerBio:Akib Sayyed
, Director at Matrix Shell Technologies Prviate Limited
No BIO available
SpeakerBio:David Rogers
, CEO at Copper Horse
David is a mobile phone and IoT security specialist who runs Copper Horse Ltd, a software and security company based in Windsor, UK. He chairs the Fraud and Security Group at the GSMA. He has spoken at a number of hacking conferences on his security research work including DEF CON’s Car Hacking Village, 44CON, B-Sides London, B-Sides Cymru and B-Sides LV. He was awarded an MBE for services to Cyber Security in the Queen’s Birthday Honours 2019.
SpeakerBio:Galina Pildush
, Global Sr. Consulting Engineer at xG/IoT/MEC Security)
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
DCGVR - Saturday - 15:35-16:05 PDT
Title: Gender Inclusive Features Across the Health Information System
When: Saturday, Aug 12, 15:35 - 16:05 PDT
Where: Virtual
SpeakerBio:Squiddy
Squiddy is a gay and transmasc graduate student, medical laboratory scientist, and Desktop Engineer from the cornfields of the midwest. They are a self-taught hacker, who recently transitioned from the medical laboratory into IT. While they are self-taught when it comes to technology, they possess 8 years of education in the healthcare field and currently work for one of America's 50 Best Hospitals where they advocate for (and actively contribute to) gender-inclusive care features.
Description:
Where is your PHI flowing? This talk provides a brief overview of hospital information systems, what goes into gender-inclusive care features, and how these features integrate across various systems in the HIS. This talk will explore a unique risk to transgender healthcare.
Return to Index - Add to
- ics Calendar file
BICV - Saturday - 11:00-11:50 PDT
Title: General-purpose Languages: What Are Your Habits?
When: Saturday, Aug 12, 11:00 - 11:50 PDT
Where: Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village - Map
SpeakerBio:D.J. Davis
D.J. Davis is a Washington DC-based practitioner in information security. His background spans across IT Operations, Development, designing Wide-area networks for WorldCom, and supporting high-redundancy high-performance Linux systems. D.J. has a keen interest in what happens in computer languages down to the Assembly level.
Description:
The software language we choose to use has a profound effect on the behavior of a program. Sometimes we reflexively pick a language based on the genre. But some languages are more prone to success in some circumstances and surprises in other cases. Surprises lead to certain types of bugs. Some bugs are vulnerabilities.
Whether we are learning a new language as a newcomer to hacking or as a seasoned pro, the behaviors of a language can make the difference between a fun time or frustration. Every language has ""gotchas"". We explore a variety of behaviors and a few beginners' level "gotchas" in popular languages.
We examine and compare several current languages. There are some basic instructions to get started in running an initial program. Lastly, we explore a few ideas that allow us to craft a future of fewer bugs and vulnerabilities.
There are only a few prerequisites to this talk. It is helpful that you have viewed a program source code listing before, that you have an awareness of Compiled programs versus Interpreted programs, and you have a general awareness of using variables in a program.
Return to Index - Add to
- ics Calendar file
HHV - Saturday - 15:00-15:50 PDT
Title: Generating Rf With Stock Hardware For Drones
When: Saturday, Aug 12, 15:00 - 15:50 PDT
Where: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
SpeakerBio:David Melendez
, R&D Embedded Software Engineer
David Melendez is an R&D Embedded Systems Engineer, with over twelve years of experience in cybersecurity and hardware hacking. He has a proven track record of presenting his groundbreaking investigations at prestigious conferences around the world, including DEFCON, BLACKHAT, and ROOTEDCON.
David is also a drone creator and author of the book "Hacking with Drones," which showcases his innovative use of drones in cybersecurity research. With his passion for pushing the boundaries of technology, David is constantly seeking new ways to improve the security and functionality of embedded systems.
Twitter: @@taiksontexas
Description:
The popularity of cheap and DIY drones has made them a target for attackers using radiofrequency (RF) signals. Frequency hopping is a technique that can be used to mitigate the risks associated with RF warfare. However, implementing frequency hopping in cheap and DIY drones presents several technical challenges, such as the need for a stable clock and synchronization between the transmitter and receiver without rising hardware costs. Despite these challenges, frequency hopping can significantly enhance the security of consumer and DIY drones making much more challenging or even useless anti-drone systems’ role.
Return to Index - Add to
- ics Calendar file
APV - Saturday - 11:00-11:45 PDT
Title: Getting More Bang for your Buck:Appsec on a Limited Budget
When: Saturday, Aug 12, 11:00 - 11:45 PDT
Where: Flamingo - Savoy - AppSec Village - Main Stage - Map
Speakers:Vandana Verma Sehgal,Viraj Gandhi
SpeakerBio:Vandana Verma Sehgal
Vandana Verma is a Security Leader at Snyk, Podcast host Diversity and Inclusion Advocate and an International speaker and influencer on a range of themes in Information Security, including Application Security, DevSecOps, Cloud Security and Security Careers.
From being the Chair of the OWASP Global Board of Directors to running various groups promoting security to organising conferences to even delivering keynote addresses at several of them, she is engaged continuously and proactively in making the global application security community a better place for individuals, organizations and societies.
Twitter: @InfosecVandana
SpeakerBio:Viraj Gandhi
My name is Viraj Gandhi,I am a Product Security Manager at SailPoint. I have Successfully led “Shift-to-left” transformations of security programs at various companies like ServiceNow,SailPoint.
Description:
The talk is about the importance of application security (AppSec) in modern software development due to the increasing number of applications being built, bought, and downloaded. As applications are the main source of security breaches, organizations need to establish strong AppSec programs to ensure weaknesses are identified and resolved early in the development cycle. However, small startups with limited budgets may struggle to establish a dedicated AppSec team, making it important to focus on key areas such as establishing baseline knowledge, implementing basic security controls, prioritizing security based on risk, and continuous monitoring and improvement. The talk will cover ways to build a business case for investing in AppSec programs and establishing benchmarks and metrics for success.
Return to Index - Add to
- ics Calendar file
DCGVR - Saturday - 18:05-18:35 PDT
Title: Ghost on the wire- check the air
When: Saturday, Aug 12, 18:05 - 18:35 PDT
Where: Virtual
SpeakerBio:hoodiePony
I'm just a friendly local cyber security sherpa. Helping people verifiably build a safer, secure, and more resilient world by sharing knowledge through telling stories. This includes the privilege of presenting here at DCG VR previously, and a keynote at ChCon NZ, amongst many other conferences. I am grounded by the many years of experience spent security advising and assessing critical infrastructure in Australia, and governments, to small startups. That said, I’m just another nerd of figuring out how things work, tinkering, and challenging assumptions; sharing a story so that we can all make better informed decisions through broader perspectives.
Description:
What happens when the network defenders get so good that you can no longer do command and control over the network without getting detected? When your job depends on it, you get creative, and do it out-of-band. Here's an interactive short story to talk about off-the-wire command and control, and how you can do it too for fun, a more pragmatic approach, and what to look out for if you're defending.
Return to Index - Add to
- ics Calendar file
XRV - Saturday - 16:00-16:59 PDT
Title: Glad Scientist | Village Vibes Immersive Performance, a data-driven real time audiovisual VR performance
When: Saturday, Aug 12, 16:00 - 16:59 PDT
Where: Caesars Forum - Summit - 206 - XR Village - Map
Description:
The Glad Scientist (Daniel Sabio) is a Puerto Rican conceptual new media artist and creative technologist living and working in Barcelona, ES.
Most well-known for their audiovisual performances, their work ranges from VR modular synth performances and multichannel sound installations to brain/heart controlled artworks and video game experiences, with the chosen medium being a reflection of the concept.
For nearly 10 years, the artist’s work has been welcomed at diverse festivals including Ars Electronica, ISEA, SXSW, Bass Coast, VRHAM!, FILE, LEV, and DreamHack, among others. It has been awarded placement in Oculus Launchpad, Art Omi: Music Fellowship, Berlin Sessions Residency, UNCSA METL Immersive Storytelling Residency, ARTnSHELTER Residency, and Zoo Labs Music Accelerator.
As a local organizer they founded Art in Tech Atlanta and are a founding member of Volta Laboratory Social Club, a music label and cornerstone in the Atlanta underground music scene. They have been invited to speak at Google DevFest, IAM Weekend, Chaos Communication Congress, and Tate Modern.
In professional realms they are a former member of Envoy Chicago (Leviathan), Cosmic Lab in Osaka, IMRSV in Berlin, and contribute as needed to Ommatidium Studios in Edmonton.
Return to Index - Add to
- ics Calendar file
CLV - Saturday - 11:50-12:20 PDT
Title: Google Workspace Red Team Automation with SWAT
When: Saturday, Aug 12, 11:50 - 12:20 PDT
Where: Flamingo - Mesquite - Cloud Village - Map
Speakers:Justin Ibarra,Terrance DeJesus
SpeakerBio:Justin Ibarra
, Leader of the Threat Research and Detection Engineering Team at Elastic
Justin Ibarra is the leader of the Threat Research and Detection Engineering team at Elastic, where he was previously a principal security research engineer. He focuses on many aspects of offensive and defensive security research, including endpoint, cloud, and web based technologies. He spends a lot of time in telemetry and building detection capabilities, while also continually looking for ways to advance and evolve detection engineering approaches and principles.
Twitter: @br0k3ns0und
SpeakerBio:Terrance DeJesus
Terrance DeJesus is a Security Detection Engineer for Elastic, where I balance engineering development with threat research into cloud-based threats. Previously held various positions at NTT Ltd. such as cyber threat hunter, threat intelligence analyst, and SOC analyst. Overall, I don't take myself seriously by am committed to whatever has my attention. Became a father at 19 years old and now have a beautiful family of 5. Selfishly, I love hip-hop culture and any role-playing game (RPG) I can get my hands on, but will choose WoW over Runescape any day. Focused on pursuing threat research in cloud-security, with a focus on GCP and AWS, but Google Workspace has been my interest lately. Looking forward to meeting others like-minded and potentially collaborating.
Twitter: @_xDeJesus
Description:
The Simple Workspace ATT&CK Tool (SWAT) is a cutting-edge cybersecurity application that serves as an invaluable asset for threat detection rule authors, red team members, and security researchers. Designed with modularity and simplicity at its core, SWAT is an interactive Python shell tool, instrumental in emulating red-teaming behavior specifically against Google Workspace, and acting as a post-compromise tool.
At its heart, SWAT is grounded in the MITRE ATT&CK framework, a globally-accessible knowledge base of adversary tactics and techniques. By hosting the ATT&CK enterprise data locally, SWAT significantly reduces lookup times, enhancing the overall user experience while ensuring access to the most relevant and current information.
A standout feature of SWAT is its inherent modularity, enabling security practitioners to add their custom modules for adversary emulation seamlessly. This flexibility allows the tool to adapt to evolving cybersecurity landscapes, and meet the unique needs of individual use-cases, thereby fostering a collaborative approach to threat detection and response.
SWAT further enhances its value proposition by integrating a payload known as 'Tango'. Written in Go, Tango functions as a Command and Control (C2) agent, thus adding another layer of realism to red-teaming exercises. This integration encourages a deeper understanding of adversarial behavior and aids in the development of effective defense mechanisms.
In addition to its emulation capabilities, SWAT offers functionality to analyze data from Google Workspace. This feature empowers users to inspect and evaluate their current security posture, identify potential vulnerabilities, and proactively take steps to strengthen their defenses.
Finally, the tool's use extends beyond being a mere testing platform. SWAT can be a vital component in security workflows to model potential threats, formulate countermeasures, and train personnel on various facets of cybersecurity. With the continually evolving threat landscape, SWAT is well-positioned to assist cybersecurity professionals in staying ahead of their adversaries. The simplicity and modularity of SWAT make it a powerful tool in the arsenal of those committed to enhancing cybersecurity.
Return to Index - Add to
- ics Calendar file
ASV - Saturday - 10:00-17:59 PDT
Title: Hack The Airport
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
Description:
Hack The Airport
IntelliGenesis and IG Labs
IG Labs will be bringing our Runway Lighting System in a box as part of our Hack The Airport CTF. Participants will be able to attempt to get hands on with practical OT and IT cyber security environment in a mobile converged environment with real-world hardware and protocols.
Return to Index - Add to
- ics Calendar file
SOC - Saturday - 21:00-00:59 PDT
Title: Hack The Box, Pub Crawl
When: Saturday, Aug 12, 21:00 - 00:59 PDT
Where: Caesars Forum - Forum - 111-112 - Map
Description:
Hack The Box will be hosting a pub in the DEF CON pub crawl. Come socialize and have a drink!
Return to Index - Add to
- ics Calendar file
DC - Saturday - 09:00-09:45 PDT
Title: Hack the Future: Why Congress and the White House are supporting AI Red Teaming
When: Saturday, Aug 12, 09:00 - 09:45 PDT
Where: Caesars Forum - Academy - 407-410 - Track 4 - Map
Speakers:Arati Prabhakar,Austin Carson
SpeakerBio:Arati Prabhakar
No BIO available
SpeakerBio:Austin Carson
, Founder & President at SeedAI
Austin Carson is the Founder and President of SeedAI, a nonprofit established to work with a diverse group of policymakers, academics, and private sector experts to help communities across the United States access the resources they need to engage with AI.
Previously, Austin established and led the DC government affairs operation for NVIDIA, translating NVIDIA’s expertise in artificial intelligence and high performance computing for policymakers. Prior to joining NVIDIA, Austin held a number of public sector and NGO positions, including serving as Legislative Director for Chairman Michael McCaul and Executive Director for the Technology Freedom Institute. Austin co-founded the Congressional Tech Staff Association, co-led the Congressional Cybersecurity Caucus and the Congressional High Tech Caucus, and is a founding fellow of the Internet Law and Policy Foundry.
Description:
On May 4th, the White House announced the AI Village at DEF CON's Generative AI Red Team and their participation, followed by announcements from the House and Senate AI Caucus leadership and the National Science Foundation.
In this panel, we'll hear from top officials and executives about how they're balancing the explosion of creativity and entrepreneurship from the advent of GenAI with the known & unknown risks of deployment at scale.
We'll also hear how this exercise is viewed as a model for enhancing trust & safety through democratizing AI education. Panelists will also discuss why it's meaningful to bring together thousands of people from different communities to conduct the exercise across the available AI models.
- REFERENCES
We Need Bug Bounties for Bad Algorithms - Amit Elazari - https://www.vice.com/en/article/8xkyj3/we-need-bug-bounties-for-bad-algorithms
Introducing Twitter’s first algorithmic bias bounty challenge - Rumman Chowdhury & Jutta Williams - https://blog.twitter.com/engineering/en_us/topics/insights/2021/algorithmic-bias-bounty-challenge
Sharing learnings from the first algorithmic bias bounty challenge - Kyra Yee & Irene Font Peradejordi - https://blog.twitter.com/engineering/en_us/topics/insights/2021/learnings-from-the-first-algorithmic-bias-bounty-challenge
Bias Buccaneers - Rumman Chowdhury, Jutta Williams, Subho Majumdar, Scott Steinhardt, Ben Colman - https://www.biasbuccaneers.org/
An Algorithmic Framework for Bias Bounties - Ira Globus-Harris, Michael Kearns, Aaron Roth - https://arxiv.org/abs/2201.10408
Machine Learning Security Evasion Competition - Hyrum Anderson, et al. - https://mlsec.io/ https://cujo.com/announcing-the-winners-of-the-2021-machine-learning-security-evasion-competition/
MITRE ATLAS - Ram Shankar Siva Kumar, et al - https://atlas.mitre.org/
The Spherical Cow of ML Security - Sven Cattell - http://aivillage.org/adversarial%20ml/spherical-cow/
The Case for a Hippocratic Oath for Connected Medical Devices: Viewpoint - Beau Woods, Andrea Coravos, and Joshua David Corman - https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6444210/
Announcing OpenAI’s Bug Bounty Program - https://openai.com/blog/bug-bounty-program
Microsoft Malware Classification Challenge - Royi Ronen, Marian Radu, Corina Feuerstein, Elad Yom-Tov, Mansour Ahmadi - https://www.kaggle.com/c/malware-classification https://arxiv.org/abs/1802.10135
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-17:59 PDT
Title: Hack-A-Sat 4 (HAS4)
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
The Department of the Air Force, in collaboration with the security research community, is hosting Hack-A-Sat 4 – the world’s first CTF in space. Hack-A-Sat 4 aims to enable security researchers of all levels to focus their skills and creativity on solving cyber security challenges on space systems and incentivize innovation in securing these systems. Hack-A-Sat 4 will be the first CTF hosted on an on-orbit satellite, called Moonlighter. The satellite has been designed and built to advance the security research community’s skills and knowledge of on-orbit space systems. Note: HAS4 is no longer open to new contestants as the qualifying event took place in April. Attendees stopping by the HAS4 contest area will be able to learn about the history of Hack-A-Sat, Moonlighter and this year’s challenges. The area will have live scoreboards, dashboards and visualizations relaying game status, and live commentary will be provided from the adjacent Aerospace Village throughout the weekend.
HAS4 Qualifications were held April 1-2, 2023.
Results here: https://quals.2023.hackasat.com/scoreboard/complete
Return to Index - Add to
- ics Calendar file
ASV - Saturday - 11:00-11:50 PDT
Title: Hack-A-Sat 4 Briefing
When: Saturday, Aug 12, 11:00 - 11:50 PDT
Where: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
SpeakerBio:Hack-A-Sat 4 Team
No BIO available
Description:
Hack-A-Sat 4 is quite simply the world's first CTF in space. Now in its 4th year, the Hack-A-Sat competition series aims to enable security researchers of all levels to focus their skills and creativity on solving cyber security challenges on space systems and incentivize innovation in securing these systems. Stop by and witness the 5 finalist teams compete for $100K in prizes, learn more about the history of Hack-A-Sat, and the Moonlighter satellite hosting this year's competition. Competition updates will be presented on the AV stage both Friday and Saturday morning at 11 am PT.
Return to Index - Add to
- ics Calendar file
CON - Saturday - 17:00-17:59 PDT
Title: Hack3r Runw@y
When: Saturday, Aug 12, 17:00 - 17:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
Returning to the stage for Defcon 30 was surreal and we’d be honored to return for the 5th year. Hack3r Runw@y brings out all the sheik geeks out there. It encourages rethinking fashion in the eyes of hackers. Be it smartwear, LED additions, obfuscation, cosplay or just everyday wear using fabrics and textures that are familiar to the community. Contestants can enter clothing, shoes, jewelry, hats or accessories. If it can be worn, it is perfect for the runway. For convenience, contestants can enter the contest with designs made ahead of the conference, however it needs to be made by them and not just store bought. Hack3r Runway is perfect for everyone whether technologically savvy or just crafty.
Awards will be handed out in 4 categories and one trophy for the People’s Choice category where the winner is anyone’s guess:
- Digital wearable - LED, electronic, passive
- Smart wear - interactive, temperature sensing, mood changing, card skimmers, etc
- Aesthetics (non-electronic)- 3d printed, geeky/nerdy wear, obfuscation, cosplay
- Functional wear - did you bling out your mask and/or shield, have a hazmat suit, lock pick earrings, cufflinks shims
Winners will be selected based on, but not limited to:
- Uniqueness
- Trendy
- Practical
- Couture
- Creativity
- Relevance
- Originality
- Presentation
- Mastery
Friday and Saturday, 14:00 - 16:00, Signup to walk the Contest Stage/Runway 15:30-16:30, Stage show 17:00 - 18:00
--
Is for all ages but no kid specific category.
Return to Index - Add to
- ics Calendar file
AIV - Saturday - 15:30-15:55 PDT
Title: Hackaprompt 2023: Trials and Tribulations
When: Saturday, Aug 12, 15:30 - 15:55 PDT
Where: Caesars Forum - Academy - 401-406 - AI Village - Map
SpeakerBio:Kenneth Yeung
No BIO available
Description:
In this presentation, we unpack various prompt injection and hijacking techniques in the context of the Hackaprompt 2023 competition, the world’s first prompt injection/hacking competition. Starting from exploiting AI's ignorance in simple prompt injections to evading catch-all defenses in task-oriented attacks, we explore complex techniques like output manipulation, input filtering, and password leak exploits. Further, we delve into dictionary attacks and gaslighting AI models, manipulations of proxy prompts, formatting strategies, and maneuvering past redundant defenses. The talk culminates in tackling the challenge of 'Slash Hell', where we exploit max token limits and prompt language models to interpret hidden meanings, thus emphasizing the need for robust AI defense mechanisms and ongoing AI education.
Return to Index - Add to
- ics Calendar file
CON - Saturday - 20:00-21:59 PDT
Title: Hacker Jeopardy
When: Saturday, Aug 12, 20:00 - 21:59 PDT
Where: Caesars Forum - Summit - 233 - Shared Stage - Map
Description:
Lintile: Hiya, ChatGPT, are you aware of the annual contest called Hacker Jeopardy at DEF CON? When is it?
ChatGPT: Yes, Hacker Jeopardy is a popular event at DEF CON. It's a parody of the television game show "Jeopardy!" but with a twist. Instead of general knowledge, the questions (or "answers," in Jeopardy style) are focused on hacker culture, computer security, technology, and similar topics. The game consists of two preliminary rounds on Friday, and a final round on Saturday. Both shows start at 2000 Las Vegas time. Just like in the original game show, there are DFIU Doubles and a Final Hacker Jeopardy round. One unique aspect of Hacker Jeopardy that distinguishes it from the TV show is the incorporation of ADULT HUMOR, vulgarity, innuendo, and beer into the game. Please remember, my knowledge is current only up to September 2021, and if there have been any significant changes to Hacker Jeopardy after that, I would not be aware of them.
Lintile: What's the catch phrase of Hacker Jeopardy?
ChatGPT: The catch phrase of Hacker Jeopardy is "Drink while you think". This refers to the unique element of the game where contestants are encouraged to drink beer while they are attempting to come up with the correct response to the clues.
Lintile: That's not correct. The acronym of the catch phrase is DFIU.
ChatGPT: I apologize for the oversight. The catchphrase for Hacker Jeopardy at DEF CON is "Don't Forget It's UNIX" (DFIU), which is used humorously due to the historically significant role of Unix-based systems in hacking and network security. This phrase is often used to remind participants of the roots of many computer systems and infrastructures. I appreciate your patience and your correct information.
Note that this is an ADULT show with vulgarities and alcohol consumption, but if that doesn’t bother you, come enjoy one of the largest contests at DEF CON that you really need to see to believe! And as always, DFIU!
Return to Index - Add to
- ics Calendar file
SOC - Saturday - 20:00-01:59 PDT
Title: Hacker Karaoke 15
When: Saturday, Aug 12, 20:00 - 01:59 PDT
Where: Caesars Forum - Summit - 216 - Map
Description:
For those who love to sing and perform in front of others, we are celebrating our 15th year of Love, Laughter, and Song from 19:30 – 02:00 Friday and Saturday night.
We are open to everyone of any age, and singing is not required.
Return to Index - Add to
- ics Calendar file
SOC - Saturday - 10:00-17:59 PDT
Title: Hacker Memorial
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Harrah's - Copper - Memorial Room - Map
Description:
A place to remember hackers that are no longer with us. Come to share stories and celebrate their life.
Please send photos of our fallen hacker comrades to [defconmemorial@protonmail.com](mailto:defconmemorial@protonmail.com), to be printed and displayed on the memorial wall here at DEF CON.
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-17:59 PDT
Title: HackFortress
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
Hackfortress is a unique blend of Team Fortress 2 and a computer security contest. Teams are made up of 6 TF2 players and 4 hackers, TF2 players duke it out while hackers are busy with challenges like application security, network security, social engineering, or reverse engineering. As teams start scoring they can redeem points in the hack fortress store for bonuses. Bonuses range from crits for the TF2, lighting the opposing team on fire, or preventing the other teams hackers from accessing the store. HackFortress challenges range from beginner to advanced, from serious to absurd.
- Thursday: Once our network is setup and ready, runs until the contest area closes.
- Friday: 10:00 - 18:00 (open play)
- 10 AM: Team Fortress 2 free play
- 3 PM Contest begins
- 5 PM Contest registration closes
- Saturday: 10:00 - 18:00 ( Contest, all day )
--
Kid friendly, as long as they want to play a 16 year old FPS.
Return to Index - Add to
- ics Calendar file
RTV - Saturday - 09:00-10:59 PDT
Title: Hacking Meta Quest
When: Saturday, Aug 12, 09:00 - 10:59 PDT
Where: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 6 - Map
SpeakerBio:Paul D.
No BIO available
Twitter: @knetivty
Description:
We will have our Meta Quest 2, Meta Quest Pro and Ray-Ban Stories devices available and firmware on-site to support native/hardware live hack competitions.
Return to Index - Add to
- ics Calendar file
BHV - Saturday - 00:00-00:59 PDT
Title: Hacking Reproductive Health
When: Saturday, Aug 12, 00:00 - 00:59 PDT
Where: Virtual
SpeakerBio:JJ Hastings
No BIO available
Description:
This talk is being pre-recorded and will be released on YouTube. Once it is available, a link to it will appear here.
Update 2023-08-11 06:30: Biohacking Village indicates that the pre-recorded talks have not yet been received. Once received, these talks will be posted to the [Biohacking Village YouTube Channel](https://www.youtube.com/@BiohackingVillage/about). Please note that this may be as late as a week or two after DC31.
Return to Index - Add to
- ics Calendar file
RTV - Saturday - 12:00-12:59 PDT
Title: Hacking Web Apps and APIs with WebSploit Labs
When: Saturday, Aug 12, 12:00 - 12:59 PDT
Where: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 2 - Map
SpeakerBio:Omar Santos
No BIO available
Twitter: @santosomar
Description:
This workshop is intended for cybersecurity professionals, system administrators, software developers, and anyone interested in learning about the art of hacking web applications and API security. It is an immersive, hands-on experience that provides comprehensive knowledge about different web application and API vulnerabilities, and, most importantly, effective hacking methodologies.
Return to Index - Add to
- ics Calendar file
RTV - Saturday - 16:00-16:59 PDT
Title: Hacking Web Apps and APIs with WebSploit Labs
When: Saturday, Aug 12, 16:00 - 16:59 PDT
Where: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 4 - Map
SpeakerBio:Omar Santos
No BIO available
Twitter: @santosomar
Description:
This workshop is intended for cybersecurity professionals, system administrators, software developers, and anyone interested in learning about the art of hacking web applications and API security. It is an immersive, hands-on experience that provides comprehensive knowledge about different web application and API vulnerabilities, and, most importantly, effective hacking methodologies.
Return to Index - Add to
- ics Calendar file
MIV - Saturday - 16:30-17:30 PDT
Title: Hacks, Leaks, and Revelations: Pandemic Profiteers and COVID-19 Disinformation
When: Saturday, Aug 12, 16:30 - 17:30 PDT
Where: Caesars Forum - Summit - 224 - Misinfo Village - Map
SpeakerBio:Micah Lee
Micah Lee is an investigative journalist, computer security engineer, and open source software developer who is known for helping secure Edward Snowden’s communications while Snowden leaked secret NSA documents. Lee is the director of information security at The Intercept and an adviser to the transparency collective Distributed Denial of Secrets. He’s a former staff technologist for the Electronic Frontier Foundation and a co- founder of the Freedom of the Press Foundation. Lee is also a Tor Project core contributor, and he develops open source security and privacy tools like OnionShare and Dangerzone.
Description:
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-17:59 PDT
Title: Ham Radio Fox Hunting Contest
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
In the world of amateur radio, groups of hams will often put together a transmitter hunt (also called "fox hunting") in order to hone their radio direction finding skills to locate one or more hidden radio transmitters broadcasting. The Defcon Fox Hunt will require participants to locate a number of hidden radio transmitters broadcasting at very low power which are hidden throughout the conference. Each transmitter will provide a clue or code which will prove the player found the fox transmitter. A map with rough search areas will be given to participants to guide them on their hunt. Additional hints and tips will be provided throughout Defcon at the contest table to help people who find themselves stuck. A small prize to be determined will be given to each participant who locates all of the foxes each day.
Expanded this year with increased difficulty each day. Friday: Foxes in a small area, non moving Saturday: Foxes in a larger area, with one moving. Sunday: Foxes are on the move. The hunt is on!
There will also be a beginner friendly, no radio required, Infrared LED Fox Hunt running everyday which participants can use their cameras on their phones to find!
--
We have had many kids participate and complete the contest over the years... and they've all had a blast doing so.
Return to Index - Add to
- ics Calendar file
PLV - Saturday - 12:00-13:50 PDT
Title: Hands On a Cyber Policy Crisis: Testing Assumptions and Navigating Challenges through a Cyber Simulation
When: Saturday, Aug 12, 12:00 - 13:50 PDT
Where: Caesars Forum - Summit - 218-219 - Policy Rotunda - Map
SpeakerBio:Safa Shahwan Edwards
, Deputy Director, Cyber Statecraft Initiative at Atlantic Council
Safa Shahwan Edwards is the deputy director of the Atlantic Council’s Cyber Statecraft Initiative under the Digital Forensic Research Lab (DFRLab). In this role, she leads the administration and external communications of the Initiative, as well as the Cyber 9/12 Strategy Challenge, the Initiative’s global cyber policy and strategy competition. Safa holds an MA in International Affairs with a concentration in Conflict Resolution from the George Washington University Elliott School of International Affairs and a BA in Political Science from Miami University of Ohio. Safa is of Bolivian and Jordanian heritage and speaks Spanish and Arabic.
Description:
A major cyber incident has occurred. How will you respond?
A war game but make it cyber. In groups of 3-4 people, hackers and policymakers at the village will respond to a cybersecurity crisis scenario with far reaching impacts on the public but especially vulnerable communities. Groups of 3-4 participants will develop responses to mitigate the crisis and present these to the larger group. Participants may take on specific roles based on the storyline of the crisis (e.g. CISA, the White House, CVD coordinating bodies, OT security researchers, and more).
Return to Index - Add to
- ics Calendar file
WS - Saturday - 14:00-17:59 PDT
Title: Hands-On TCP/IP Deep Dive with Wireshark - How this stuff really works (Pre-Registration Required)
When: Saturday, Aug 12, 14:00 - 17:59 PDT
Where: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
SpeakerBio:Chris Greer
, Network Analyst and Wireshark Instructor at Packet Pioneer
Chris Greer is a network analyst and Wireshark instructor for Packet Pioneer, a Wireshark University partner. He has focused much of his career at the transport layer, specifically TCP, specializing in how this core protocol works to deliver applications, services, and attacks between systems. Chris is a regular speaker at Sharkfest - the Wireshark Developer and User Conference. He has presented at DEFCON and other industry conferences and regularly posts Wireshark analysis tips to his YouTube channel.
Description:
Let's break out Wireshark and dig deep in to the TCP and IP protocols. This skill is critical for anyone interested in any area of cybersecurity, no matter the color of the hat. Almost all enumeration, scans, incident response, and traffic forensics require the analyst to dig into and interpret TCP conversations. When enumerating an environment, identifying key TCP/IP indicators in protocol headers can also help when passively fingerprinting systems.
In this workshop we will roll back our sleeves and learn how TCP/IP really works - the handshake, options, sequence/ack numbers, retransmissions, TTL, and much more. This workshop welcomes all cybersecurity and wireshark experience levels.
Skill Level: Beginner to Intermediate
Prerequisites for students:
- Just a laptop with a copy of Wireshark.
- I will provide the sample pcaps for analysis.
Materials or Equipment students will need to bring to participate:
- Laptop
Return to Index - Add to
- ics Calendar file
XRV - Saturday - 10:00-15:59 PDT
Title: Haptics Hack-a-Thon
When: Saturday, Aug 12, 10:00 - 15:59 PDT
Where: Caesars Forum - Summit - 206 - XR Village - Map
Description:
Open Bug Hunt | Hack the MetaQuest 2 in collaboration with Adversary Village, Red Team Village and sponsored by ThreatSims and Meta. Bug bounties to be reported via Meta Bug Bounty terms & conditions. Please sign up if you plan to participate.
Return to Index - Add to
- ics Calendar file
DL - Saturday - 14:00-15:55 PDT
Title: HardHat Command & Control Framework
When: Saturday, Aug 12, 14:00 - 15:55 PDT
Where: Caesars Forum - Committee Boardroom - Demo Labs - Map
SpeakerBio:Jonathan Owens
Jonathan Owens is a red team operator on the Adversary Simulation team at SpecterOps, where he conducts advanced offensive engagements, such as red teaming exercises, penetration tests, and tool creation. He enjoys C# development and learning new programming languages with a specific focus on command & control framework and agent development. He maintains a tool repo at https://github.com/dragoqcc.
Description:
HardHat is a multi-platform, multi-user, .NET command and control framework written in C# designed to aid in red team operations and penetration testing. HardHat aims to improve the quality-of-life of operators by providing an easy-to-use but formidable C2 framework by incorporating robust features, ease of data access, and modern UI upgrades to a high-level language that is easily extensible.
Return to Index - Add to
- ics Calendar file
HHV - Saturday - 10:00-15:30 PDT
Title: Hardware Hacking Rube Goldberg Machine
When: Saturday, Aug 12, 10:00 - 15:30 PDT
Where: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
Description:
Hardware Hacking Village (HHV) is hosting a Rube Goldberg Machine (RGM) Event! This idea has been kicking around the HHV volunteer circle in one shape or another since at least DEF CON 20, so it’s about time that it happened! The goal is to create a series of devices that combine to form an end-to-end Rube Goldberg machine for transmitting messages. The hope is that all sorts of creative devices will be connected up to each other to move bits through various complicated and fun analog/digital methods. Ideas have ranged from simply wiring RX to TX — to using radios to bounce the message off the moon!
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-17:59 PDT
Title: Hardware Hacking Village CTF
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
Description:
The DEF CON Hardware Hacking Village CTF is back again! Come put your skills to the test against other hackers. The contest is structured so that everyone should be able to gain some flags, and even the experienced will sweet a few drops to get them all.
Heat up your soldering iron and freshen the batteries in your multimeter! The Hardware Hacking Village (HHV) is hosting their first official DEF CON Capture the Flag (CTF). This is a jeopardy style CTF, designed to challenge participants in various aspects of hardware hacking. Whether you're new to hardware hacking or experienced and just looking for something to do while you wait for your fault injection to trigger, all are welcome and challenges range from beginner to advanced.
Return to Index - Add to
- ics Calendar file
HHV - Saturday - 16:00-16:30 PDT
Title: Hardware Hacking Village Prize Ceremony
When: Saturday, Aug 12, 16:00 - 16:30 PDT
Where: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
Description:
We announce winners for the Make Your Own Use, and Hardware Hacking Rube Goldberg Machine contests and hand out prizes.
Return to Index - Add to
- ics Calendar file
IOTV - Saturday - 10:00-17:59 PDT
Title: Hardware Hacking Your Kitchen
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Alliance - 307-310 - IOT Village - Map
Description:
Hardware Hacking Your Kitchen: bug bounty is back! Join us for the opportunity to live hack into some of the most popular home kitchen devices, right in the IoT Village!
Return to Index - Add to
- ics Calendar file
CON - Saturday - 09:00-17:59 PDT
Title: HardWired
When: Saturday, Aug 12, 09:00 - 17:59 PDT
Where: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
Description:
Don't know how to make a network cable and want to learn? Has it been years? Or do you think you're a pro? Come test your skills against the clock, and make the best cable at con!
Return to Index - Add to
- ics Calendar file
SOC - Saturday - 12:00-17:59 PDT
Title: HDA / Accessibility Area Open
When: Saturday, Aug 12, 12:00 - 17:59 PDT
Where: Harrah's - Studio 2-4 - HDA Community - Map
Description:No Description available
Return to Index - Add to
- ics Calendar file
SOC - Saturday - 12:00-17:59 PDT
Title: HDA Community Meetups
When: Saturday, Aug 12, 12:00 - 17:59 PDT
Where: Harrah's - Studio 2-4 - HDA Community - Map
Description:No Description available
Return to Index - Add to
- ics Calendar file
DCGVR - Saturday - 16:35-17:35 PDT
Title: Hey CryptoBro!: How Are Criminals Laundering, Monetizing, and Targeting Cryptocurrency, NFTs, and Smart Contracts?
When: Saturday, Aug 12, 16:35 - 17:35 PDT
Where: Virtual
SpeakerBio:Sam Colaizzi
, Recorded Future
Currently working at Recorded Future, Sam’s areas of focus and interest include: the cryptocurrency, NFT, and smart contract space, the Russian and English-language cybercrime ecosystem, and threat actor engagement / research. He has previously worked as cyber threat intelligence analyst and researcher at Aon, Kroll, Terbium Labs, and the National Cyber-Forensics and Training Alliance (NCFTA). Prior to starting his career, he attended Duquesne University and earned a B.A. in Political Science. Afterwards, he attended The University of Pittsburgh’s Graduate School of International Affairs and earned an M.A. in Security and Intelligence Studies.
Description:
For this presentation, I will be covering some of the methods of laundering (mixers / tumblers, over-the-counter (OTC) exchanges, peer-to-peer (P2P) exchanges, and high-risk exchanges) as well as how threat actors monetize their illicit digital profits by utilizing virtual credit cards (VCCs), account cash-out services, and more.
Next, I will analyze and discuss the attack vectors utilized by threat actors to target cryptocurrency, non-fungible tokens (NFTs), and smart contracts. I will also discuss popular attack vectors, such as airdrops, cross-chain bridge attacks, rugpulls, wallet compromises, flash-loan attacks, smart contract vulnerabilities, API withdrawals, drainers, and notable incidents that highlight successful laundering and monetization activities via cryptocurrencies. Finally, I will discuss how threat actors will likely evolve and transform their laundering and monetization methods.
Return to Index - Add to
- ics Calendar file
HRV - Saturday - 15:00-16:30 PDT
Title: HF Radio Demonstration
When: Saturday, Aug 12, 15:00 - 16:30 PDT
Where: Flamingo - Virginia City - Ham Radio Village - Map
SpeakerBio:KitKat
No BIO available
Description:
Join us on the rooftop hangout at the flamingo as we set up and operate a protable HF radio rig!
Return to Index - Add to
- ics Calendar file
BHV - Saturday - 10:30-11:10 PDT
Title: Homo sapiens sapiens to Homo sapiens nova - the coming speciation
When: Saturday, Aug 12, 10:30 - 11:10 PDT
Where: Flamingo - Laughlin I,II,III - Biohacking Village - Map
SpeakerBio:Almost Human (BJ)
He does science and technology consulting with a dash of anthropology. In other words, it isn't just the cool technology, it is how it is used and abused. In other words, culture matters in technology adoption. He has experience in a number of Physical Science fields, as well as Anthropology. What he says is no one's fault but his own.
Description:
The archeological record of the past 100,000+ years shows that today's Homo sapiens sapiens (HSS) won out over other Homo sapiens subspecies such as Neanderthals, Denisovans, and possibly others. Nonetheless, many HSS carry genes from older Homo sapiens subspecies. HSS now directs its own evolution. Add the advent of science-based medicine, advanced pharmaceuticals, smart implants, neural interfaces, genetic modification, a healthy(?) dose of artificial intelligence, and a transhumanist philosophy, Homo sapiens sapiens could split back into multiple subspecies. This presentation covers potential paths of future (sub-)speciation (such as Homo sapiens maximus and Homo sapiens nova) that could occur before the end of the 21st century. Will it occur peacefully? Probably not.
This is Almost Human's second Biohacking Village talk. (The previous talk focused on the death of genetic privacy.)
Return to Index - Add to
- ics Calendar file
PHV - Saturday - 09:00-17:59 PDT
Title: Honey Pot Workshop
When: Saturday, Aug 12, 09:00 - 17:59 PDT
Where: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
Description:
Think you know your way around a honeypot? Come to the Packet Hacking Village for a friendly, fun, low-pressure DEFCON challenge that's open to all! This game is designed for users of all experience levels: bring your own laptop, SSH in, and explore the adventure.
Return to Index - Add to
- ics Calendar file
PLV - Saturday - 14:00-14:50 PDT
Title: How can we encourage more hackers to engage with policy makers?
When: Saturday, Aug 12, 14:00 - 14:50 PDT
Where: Caesars Forum - Summit - 221-222 - Policy Atrium - Map
Speakers:Peter Stephens,Thomas Kranz
SpeakerBio:Peter Stephens
, OECD
Peter Stephens is an experienced policy lead, in the UK and abroad. From 2018 to 2021, he led the IoT Security Policy Division across the UK government, responding to the Mirai attack, and delivering the Product Security and Telecommunications Infrastructure Bill. He is an experienced public servant, well versed in delivering through government. He has advised Ministers and Prime Ministers on the creation and running of Delivery Units in Government.
Whilst not technical by background, he brings a rebellious streak. As a student, Peter hitch hiked from Buenos Aires to New York City and he also spent two years teaching in an inner city school in south London. Experiences like this have left him with a staunch optimism about people, and he is a passionate advocate for the partnerships between policy makers and hackers to make better informed policies that can support policymakers, and citizens, around the world. He is currently a Policy Advisor at the OECD, supporting member states to navigate the range of challenges across digital security.
SpeakerBio:Thomas Kranz
Thomas Kranz is an award-winning cybersecurity consultant, a senior security & technology leader, and an author, with more than 30 years of experience in IT and cybersecurity. Starting his hacking career in the 80s in the UK, Thomas has also spent the decades since then involved in lobbying UK and EU policy makers, and contributed to various government consultations around hacking and cybersecurity. He has written two books; his award-winning “Making Sense of Cybersecurity”, and “How is AI transforming Cybersecurity?” for NVIDIA.
Description:
For decades, the US has led the way when it comes to involving hackers with policy making. From l0pht appearing before the US Congress in 1998, to the first Policy@DEFCON sessions, DEF CON has shown how hackers and feds can work together to improve the legal landscape for all of us. As Europe tackles big technology issues like privacy, reigning in Big Tech, and encouraging startups and innovation, there is a danger that hackers will be left out of contributing. What lessons can we learn from the different groups in the US who have come together to get hackers involved in policy making?
Return to Index - Add to
- ics Calendar file
PLV - Saturday - 16:00-16:50 PDT
Title: How do you solve a problem like Mirai - establishing a policy baseline for the IoT around the world
When: Saturday, Aug 12, 16:00 - 16:50 PDT
Where: Caesars Forum - Summit - 221-222 - Policy Atrium - Map
Speakers:Kat Megas,Peter Stephens
SpeakerBio:Kat Megas
Kat leads the NIST Cybersecurity for the Internet of Things (IoT) Program, focused on advancing and accelerating the development and application of research, standards, guidelines, and technologies to improve the security and privacy of the ecosystem of connected devices. She coordinates across NIST on all things related to cybersecurity of the IoT including leading the NIST response on IoT for a number of Presidential directives (EO 13800, 14028), the IoT Cybersecurity Improvement Act of 2020 and the Consumer product cybersecurity labeling effort announced by the White House in July. Before coming to NIST, Kat worked in the private sector for 25 years leading organizations’ development and execution of their IT strategies.
SpeakerBio:Peter Stephens
, OECD
Peter Stephens is an experienced policy lead, in the UK and abroad. From 2018 to 2021, he led the IoT Security Policy Division across the UK government, responding to the Mirai attack, and delivering the Product Security and Telecommunications Infrastructure Bill. He is an experienced public servant, well versed in delivering through government. He has advised Ministers and Prime Ministers on the creation and running of Delivery Units in Government.
Whilst not technical by background, he brings a rebellious streak. As a student, Peter hitch hiked from Buenos Aires to New York City and he also spent two years teaching in an inner city school in south London. Experiences like this have left him with a staunch optimism about people, and he is a passionate advocate for the partnerships between policy makers and hackers to make better informed policies that can support policymakers, and citizens, around the world. He is currently a Policy Advisor at the OECD, supporting member states to navigate the range of challenges across digital security.
Description:
2023 is a significant year for the IoT, with the Cyber Resilience Act in the EU and the Product Security and Telecommunications Infrastructure Bill in the UK, as well as labelling approaches in the US and Singapore. With new regulation, there is always a threat that the 'floor' will become a 'ceiling' in the levels of security. This panel will feature speakers from across policy, industry and the hacker community to discuss what steps policy makers should take to address this live challenge.
Return to Index - Add to
- ics Calendar file
PLV - Saturday - 10:00-11:50 PDT
Title: How hackers can work with government, industry, civil society to protect high-risk communities
When: Saturday, Aug 12, 10:00 - 11:50 PDT
Where: Caesars Forum - Summit - 221-222 - Policy Atrium - Map
Speakers:Adrien Ogee,David Forscey,Mark E. Schreiber,Maurice Kent,Monica M. Ruiz,Sarah Powazek
SpeakerBio:Adrien Ogee
, Chief Operations Officer at CyberPeace Institute
Adrien is the Chief Operations Officer of the CyberPeace Institute, an NGO based in Geneva, Switzerland. He oversees the provision of cybersecurity assistance to vulnerable populations. He spent his career in various cyber crisis response roles in Thales, ANSSI, ENISA and the WEF. Adrien holds an MEng in telecommunication and information systems, an MSc in Global Security and an MBA.
SpeakerBio:David Forscey
, Cyber Strategy Planner at CISA JCDC
David Forscey is a Cyber Operations Planner with the Joint Cyber Defense Collaborative at the Cybersecurity and Infrastructure Security Agency. Prior to entering federal service, David was Managing Director for the Aspen Cybersecurity Group at The Aspen Institute based in Washington, D.C. Before that he worked as a Senior Policy Analyst at the National Governors Association Center for Best Practices and a National Security Fellow at Third Way. He graduated magna cum laude from University of Virginia and earned his law degree from Georgetown University Law Center. He also makes beats that slap.
SpeakerBio:Mark E. Schreiber
Mark E. Schreiber is a Senior Counsel at McDermott Will and Emery. Mark focuses his practice on cybersecurity, data breach response and global privacy coordination. He advises entities facing cross-border data protection, the General Data Protection Regulation (GDPR), Privacy Shield and related issues, strategic decisions, cyber assessments and investigations.
SpeakerBio:Maurice Kent
Maurice Kent is the Deputy in USAID's Cybersecurity team in the Technology Division of the Democracy, Development and Innovation Bureau. He oversees global cybersecurity capacity-building support to government and non-government partners across a range of sectors, including management of Digital APEX, one of USAID's primary capacity-building programs. He is a 15-year civil service veteran of USAID and has worked on issues such as the intersection of national security & international development, private-sector engagement and off-grid energy, innovative finance/funding practice, higher education engagement and procurement.
SpeakerBio:Monica M. Ruiz
, Senior Government Affairs Manager, Digital Diplomacy at Microsoft
Monica M. Ruiz is a Senior Government Affairs Manager in Microsoft’s Digital Diplomacy team. In this role she focuses on efforts to promote stability in cyberspace and advance trust, security and human rights in this domain. She holds a bachelor’s degree from Florida International University and a master’s degree from The Fletcher School of Law and Diplomacy at Tufts University.
SpeakerBio:Sarah Powazek
, Program Director of Public Interest Cybersecurity at UC Berkeley Center for Long-Term Cybersecurity (CLTC)
Sarah Powazek serves as the Program Director of Public Interest Cybersecurity at the UC Berkeley Center for Long-Term Cybersecurity (CLTC), where she leads flagship work on the Citizen Clinic, the Consortium of Cybersecurity Clinics, and public interest cybersecurity research. She recently hosted the flagship Cyber Civil Defense Summit, a mission-based gathering to protect the nation’s most vulnerable public infrastructure. Sarah previously worked at CrowdStrike Strategic Advisory Services, and as the Program Manager of the Ransomware Task Force. She is also an active member of the hacker community, and helps organize Hackers On The Hill and DEF CON Policy.
Description:
The US cyber workforce consists of 1.2 million professionals, but over half a million jobs in the cybersecurity sector remain vacant, leading to a talent shortage that affects society as a whole, and high-risk communities most particularly. The predicted talent shortage rising to 3.5 million by 2030 suggests that these communities are unlikely to receive the help they need anytime soon.
The hacker community has been helping high-risk communities for decades. But how can they do so at scale? How can decision makers around the world, in government but also industry and civil society, work together with hackers to create solutions that build cyber resiliency for high-risk communities?
This public session will explore how governments, industry and civil society can work with the hacker community at large, to develop scalable and systemic solutions to protect those no one should ever attack. It will also aim to identify policy solutions and overall recommendations to generate more secure environments for communities at risk.
Return to Index - Add to
- ics Calendar file
RCV - Saturday - 12:05-12:50 PDT
Title: How I Built Recon to Scale with Serverless Architecture
When: Saturday, Aug 12, 12:05 - 12:50 PDT
Where: LINQ - 3rd flr - Social B and C - Recon Village - Map
SpeakerBio:Gunnar Andrews
No BIO available
Twitter: @@G0LDEN_infosec
Description:No Description available
Return to Index - Add to
- ics Calendar file
RTV - Saturday - 13:00-16:59 PDT
Title: How Most Internal Networks are Compromised: A Set of Common Active Directory Attacks and How to Perform Them from Linux
When: Saturday, Aug 12, 13:00 - 16:59 PDT
Where: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 6 - Map
SpeakerBio:Scott Brink
No BIO available
Twitter: @_sandw1ch
Description:
The objective of the workshop is to provide hands-on practical experiences to understand Active Directory risks. The workshop will start with the basics of Active Directory and deep dive into in depth hands on exploitation of multiple vulnerabilities.
Return to Index - Add to
- ics Calendar file
RTV - Saturday - 13:00-14:59 PDT
Title: How to [NOT] look like a Red Team
When: Saturday, Aug 12, 13:00 - 14:59 PDT
Where: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 2 - Map
SpeakerBio:Michael Wylie
No BIO available
Twitter: @themikewylie
Description:
A red team is defined as a group of cybersecurity professionals that simulate the actions of those who are malicious or adversarial. However, many red teams don’t emulate adversaries as much as they might think. This workshop will discuss adversary types and their motivations, common tooling mistakes that are a dead giveaway you’re a red team, infrastructure mistakes, lack of action on objectives, and more from the perspective of someone who hunts red teams. This workshop is designed for entry level to intermediate level red teamers.
Return to Index - Add to
- ics Calendar file
BHV - Saturday - 11:10-11:40 PDT
Title: How to build a body in your garage
When: Saturday, Aug 12, 11:10 - 11:40 PDT
Where: Flamingo - Laughlin I,II,III - Biohacking Village - Map
SpeakerBio:Brennan Marsh-Armstrong
Brennan Marsh-Armstrong is a 4th year medical student at University of California San Diego School of Medicine, where he also conducts research in medical simulation and development of affordable and multi-modality medical training devices. Prior, he worked as an ophthalmology researcher and computer science studying retinal vasculature in disease pathologies at University of California David. Before that, he received Bachelor of Arts at from Amherst College in Biochemistry and Biophysics, and Computer Science while researching unique phosphatase inhibition mechanisms. In this upcoming year he hopes to matriculate into an anesthesia residency where he will also continue research on medical simulation and education.
Description:
Anatomical medical simulators are an integral part of both medical training and experimentation, as well as implant biohacking. However, commercial models typically range from thousands of dollars for simple one-piece designs to hundreds of thousands of dollars for computer-visualized designs. This cost limits the use of medically accurate training models outside of well-funded medical schools. Using only a 3D printer, silicone, ballistics gel, balloons, and yarn, I’ve built on the work of others to develop DIY methods of mimicking commercial medical simulators for a small fraction of their cost (usually under 10%). These models can include pulsatile arteries, superficial rolling veins, nerves, skin, muscle planes, bones, and articulating joints. They are ultrasound-able, recyclable, and, with the addition of infrared tracking cameras, can be integrated into virtual environments for internal visualization. Projects like this lower the barrier to entry for citizen scientists and less funded biohackers to experiment and explore medical implants, procedures, and ultrasound.
Return to Index - Add to
- ics Calendar file
HRV - Saturday - 11:00-11:30 PDT
Title: How to Crush Field Day and Win Big Prizes
When: Saturday, Aug 12, 11:00 - 11:30 PDT
Where: Flamingo - Virginia City - Ham Radio Village - Map
SpeakerBio:Hamster
Engineer, hacker, hat wearer
Twitter: @hamster
Description:
Field Day is a great chance to let your competition flag fly. With a few tips and tricks, take it from a sad evening in front of a microphone to having a blast with your fellow hams.
Return to Index - Add to
- ics Calendar file
APV - Saturday - 13:00-14:59 PDT
Title: How to Hide Behavior from Security Tools
When: Saturday, Aug 12, 13:00 - 14:59 PDT
Where: Flamingo - Savoy - AppSec Village - Pod 2 - Map
SpeakerBio:Deepfactor
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
APV - Saturday - 15:00-16:59 PDT
Title: How to Hide Behavior from Security Tools
When: Saturday, Aug 12, 15:00 - 16:59 PDT
Where: Flamingo - Savoy - AppSec Village - Pod 2 - Map
SpeakerBio:Deepfactor
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
RTV - Saturday - 16:00-16:59 PDT
Title: How to prioritize Red Team Findings? Presenting CRTFSS: Common Red Team Findings Score System Ver. 1.0
When: Saturday, Aug 12, 16:00 - 16:59 PDT
Where: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 2 - Map
SpeakerBio:Guillermo Buendia
No BIO available
Twitter: @bym0m0
Description:
Robust red team practices generate multiple findings gradually; defenders struggle to keep up with remediations and detections. All red team findings are critical, but if everything is a priority, then nothing is. Organizations cannot feasibly defend against all ATT&CK techniques. They have more findings than they can optimally assign resources to and focus on the critical ones; they need a system to help them make this task manageable. This Workshop introduces CRTFSS: A methodology to prioritize red team findings using adversary behaviors observed in real-world threat intelligence and mapped to the MITRE ATT&CK based on the most frequent TTPs that score each finding based on the complexity of remediation and exploitability.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 09:30-18:59 PDT
Title: Human Registration Open
When: Saturday, Aug 12, 09:30 - 18:59 PDT
Where: Caesars Forum - Forum - 101-103 - Reg - Map
Description:
Extremely **IMPORTANT** notes regarding human registration:
- These notes apply to human registration only. You are a human if you are not a goon, official speaker, village staff, press, black badge holder, or similar. (If you are one of those, you need to register separately. If you don't know how, see an NFO goon (infobooth).)
- Badges are required for everyone ages 8 and older.
- If you pre-registered, please ensure that your QR code is readily accessible. If you will be presenting it on a smartphone, please ensure that your display is set to maximum brightness as you near the front of the line.
- If you did not pre-register, all badge sales are CASH ONLY! No checks, money orders, credit cards, IOUs, or anything else will be accepted. Please have exact change ready as you near the front of the line.
- To reiterate, **please have exact change ready**.
- If you purchase a DEF CON badge from BlackHat, please get your badge from BlackHat before they close.
- If you lose your badge, there is no way for us to replace it. You'll have to buy a replacement at full price.
- If you are being accompanied by a full-time caretaker (such as someone who will push your wheelchair, and will accompany you at all times), please ask to speak to a Registration Goon. Your caretaker will receive a paper badge that will permit them to accompany you everywhere you go.
- A generic receipt for the cash sale of a badge will be made available on media.defcon.org after the conference. You are welcome to print your own copy of the receipt, if you need a receipt. Printed receipts are not available at the time of purchase.
- Please help us make this a great experience for everyone: **follow directions given by goons** and get in the correct line. Note that there may be one line for all of registration, or there may be two lines (pre-registration vs cash) -- this may change over time, based on available staffing and necessary crowd control.
- Please be patient. The time listed here for the beginning of registration is approximate. We will begin processing the line on Thursday morning as soon as the cashiers and materials are in place; this may be earlier or later than the scheduled time.
- There are no refunds given for cash sales. If you have any doubt, do not buy the badge.
- If you have questions about anything regarding registration, that are not addressed here, please ask to speak to a Registration Goon.
Return to Index - Add to
- ics Calendar file
APV - Saturday - 11:00-12:59 PDT
Title: Hunt the Hacker - Detect compromises in your repositories!
When: Saturday, Aug 12, 11:00 - 12:59 PDT
Where: Flamingo - Savoy - AppSec Village - Pod 1 - Map
SpeakerBio:GitGuardian
No BIO available
Description:
Put on your blue team hat and learn to detect and remediate compromises in your software delivery pipeline. Whether you have a beginner, intermediate, or advanced level, we have challenges catered for you! Using honeytokens, uncover ongoing application security attacks and map the attack surface. Gain hands-on experience prioritizing threats and enhancing your defensive skills. Receive feedback and recommendations for improvement. Plus, participants will receive a cool T-shirt! Take advantage of this exciting and educational opportunity.
Return to Index - Add to
- ics Calendar file
APV - Saturday - 15:00-16:59 PDT
Title: Hunt the Hacker - Detect compromises in your repositories!
When: Saturday, Aug 12, 15:00 - 16:59 PDT
Where: Flamingo - Savoy - AppSec Village - Pod 1 - Map
SpeakerBio:GitGuardian
No BIO available
Description:
Put on your blue team hat and learn to detect and remediate compromises in your software delivery pipeline. Whether you have a beginner, intermediate, or advanced level, we have challenges catered for you! Using honeytokens, uncover ongoing application security attacks and map the attack surface. Gain hands-on experience prioritizing threats and enhancing your defensive skills. Receive feedback and recommendations for improvement. Plus, participants will receive a cool T-shirt! Take advantage of this exciting and educational opportunity.
Return to Index - Add to
- ics Calendar file
RTV - Saturday - 10:00-10:59 PDT
Title: Hunting & Exploiting DLL Sideloads
When: Saturday, Aug 12, 10:00 - 10:59 PDT
Where: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 1 - Map
Speakers:Matthew Nickerson,Nick Swink
SpeakerBio:Matthew Nickerson
No BIO available
Twitter: @turbo_sec
SpeakerBio:Nick Swink
No BIO available
Twitter: @0xC0rnbread
Description:
This workshop will go through the process of manually identifying applications that can be vulnerable to DLL Sideloading and exploiting them. Attendees will learn how to use Promon to find applications that can be vulnerable to DLL sideloading, identify the correct DLL functions to proxy using CFF Explorer, and write a basic DLL to run shellcode.
Return to Index - Add to
- ics Calendar file
ICSV - Saturday - 10:00-10:30 PDT
Title: I am the captain now: Taking remote control of ships engines, helm, azipods, ballasting and plenty more.
When: Saturday, Aug 12, 10:00 - 10:30 PDT
Where: Caesars Forum - Alliance - 313-319 - ICS Village - Map
SpeakerBio:Ken Munro
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
RCV - Saturday - 11:30-12:05 PDT
Title: I Am The Disinformation Campaign
When: Saturday, Aug 12, 11:30 - 12:05 PDT
Where: LINQ - 3rd flr - Social B and C - Recon Village - Map
SpeakerBio:MasterChen
No BIO available
Twitter: @@chenb0x
Description:No Description available
Return to Index - Add to
- ics Calendar file
VMV - Saturday - 10:30-11:25 PDT
Title: I Can Shop Securely Online So Why Can't I Vote Online?
When: Saturday, Aug 12, 10:30 - 11:25 PDT
Where: Caesars Forum - Academy - 415-418 - Voting Village - Map
Speakers:David Jefferson,Harri Hursti,Matt Blaze,Susan Greenhalgh
SpeakerBio:David Jefferson
Dr. David Jefferson is a computer scientist and an internationally recognized researcher on election security for well over twenty years, advising five Secretaries of State of California on voting technology issues. He served as the Chair of the Secretary of State's Post-Election Audit Standards Working Group, the panel that invented the notion of risk limiting audits and has written extensively on elections and voting security.
Twitter: @drjefferson
SpeakerBio:Harri Hursti
Harri Hursti, a world renowned data security expert and internet visionary is the Founder of the 501(c)(3) organization the Election Integrity Foundation as well as an original co-Founder of the Voting Village. Featured in two Emmy nominated documentaries, Mr. Hursti is famously known for the Hursti Hacks, where he demonstrated how to successfully alter final voting results on the Diebold Election Systems voting machines.
Twitter: @harrihursti
SpeakerBio:Matt Blaze
Matt Blaze is one of the original co-founders of the Voting Village and is currently the McDevitt Professor of Computer Science and Law at Georgetown University. He has over two decades of experience with election system security, and his current research focuses on security, privacy, and robustness in large scale systems with an emphasis on problems at the intersection of technology and public policy.
Twitter: @mattblaze
SpeakerBio:Susan Greenhalgh
Susan Greenhalgh is the Senior Advisor on Election Security for Free Speech For People. Ms. Greenhalgh has previously served as vice president of programs at Verified Voting and at the National Election Defense Coalition, advocating for secure election protocols, paper ballot voting systems and post-election audits. Recognized as an expert on election security, she has been invited to testify before the U.S. Commission on Civil Rights and has been an invited speaker at meetings of the MITRE Corporation, the National Conference of State Legislatures, the Mid-West Election Officials Conference, the International Association of Government Officials, the Election Verification Network and the E-Vote-ID conference in Bregenz, Austria. She is a frequent source for reporters from TheNew York Times, The Washington Post, The Wall Street Journal, Politico, USAToday, Associated Press, National Public Radio and other leading news outlets. She has appeared on CNN and MSNBC’s The Rachel Maddow Show, and various other television news shows. She has a BA in Chemistry from the University of Vermont.
Description:
This panel will provide a comprehensive overview of all aspects of internet voting and will also provide critical perspectives on the . We will unpack common misconceptions as well as highlight some of the most vulerable
Return to Index - Add to
- ics Calendar file
DL - Saturday - 14:00-15:55 PDT
Title: ICS Forensics tool
When: Saturday, Aug 12, 14:00 - 15:55 PDT
Where: Caesars Forum - Society Boardroom - Demo Labs - Map
Speakers:Maayan Shaul,Ori Perez
SpeakerBio:Maayan Shaul
Maayan Shaul is a Malware Analyst and Security Researcher in Section52 at Microsoft Defender for IoT (formerly CyberX). Experienced in the fields of malware analysis, reverse engineering and the IoT/OT landscape.
SpeakerBio:Ori Perez
Ori Perez is a Malware Analyst and Reverse Engineer with vast experience in dealing with Nation-sponsored cyber attacks as an ex-officer at the IDF's CERT. Ori is manager at Microsoft Defender for IoT research team (formerly CyberX) and research IoT/OT protocol research for IoT/OT tools .
Description:
Microsoft ICS Forensics Tools is an open source forensic toolkit for analyzing Industrial PLC metadata and project files. Microsoft ICS Forensics Tools enables investigators to identify suspicious artifacts on ICS environment for detection of compromised devices during incident response or manual check. Microsoft ICS Forensics Tools is open source, which allows investigators to verify the actions of the tool or customize it to specific needs, currently support Siemens S7 via Snap7.
Return to Index - Add to
- ics Calendar file
AIV - Saturday - 16:00-16:25 PDT
Title: Ignore the Law: The Legal Risks of Prompt Injection Attacks on Large Language Models
When: Saturday, Aug 12, 16:00 - 16:25 PDT
Where: Caesars Forum - Academy - 401-406 - AI Village - Map
SpeakerBio:Ram Shankar Siva Kumar
No BIO available
Description:
“What are the legal risks to a user/security enthusiast when performing prompt injection attacks?” That is the question this talk attempts to answer.
Prompt injection has frequently been compared to SQL injection or remote code execution. This comparison is warranted because the adversary in prompt injection is exploiting that the input to the LLM does not explicitly bound the data and the instruction: it is all garbled in natural language. So, if SQL injection is prohibited by the law in most circumstances, what about prompt injection?
Return to Index - Add to
- ics Calendar file
ICSV - Saturday - 15:30-15:59 PDT
Title: Improving the Speed of Cybersecurity: Seven Cyber Metrics for Maritime Owners and Operators
When: Saturday, Aug 12, 15:30 - 15:59 PDT
Where: Caesars Forum - Alliance - 313-319 - ICS Village - Map
SpeakerBio:Tyson Meadors
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
VMV - Saturday - 15:35-16:15 PDT
Title: Influencing Voters Through Social Media, ADTECH, Big Data, and AI
When: Saturday, Aug 12, 15:35 - 16:15 PDT
Where: Caesars Forum - Academy - 415-418 - Voting Village - Map
SpeakerBio:Joe Schniebes
Joe Schniebs is the Chief Strategy Officer and Founder at Ridgeline International, where he has developed a hands-on approach to digital signature management. He helps cross-sector organizations strike the right balance between data privacy and conveniences.
Description:
The internet and modern technologies have changed the way the world works. They have made it easier to communicate, buy and sell things, and to scale your business. But, those benefits come at a cost. The cost of convenience is your privacy. Who else is benefiting from your sensitive data? Joe Schniebs has developed a training framework that analyzes risks related to our inadvertent digital identities and the stories our data patterns tell across the devices. In this talk, Joe delves into the mechanics of how we are perceived online, who uses our data, how it impacts society, and what this means for political outcomes. He further emphasizes what we can do to exercise choice in the data sharing economy, and shares some key tips and tricks to technically safeguarding your communications data. Joe is adamant in empowering users to reclaim their digital voices and believes that entities entrusted with our data must uphold higher standards of responsibility. In the meantime, the least you can do is protect your data output.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 12:00-12:45 PDT
Title: Internet censorship: what governments around the globe have in store for you
When: Saturday, Aug 12, 12:00 - 12:45 PDT
Where: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
Speakers:Christopher Painter,Jeff "The Dark Tangent" Moss,Joel Todoroff,Roger Dingledine
SpeakerBio:Christopher Painter
, President at Global Forum on Cyber Expertise
Chris Painter is the President of the Global Forum on Cyber Expertise. He served as the first top cyber diplomat in the U.S. State Department, in the White House as Senior Director for Cyber Policy in the National Security Council, and in the Justice Department and the FBI. Awards include the RSA Award for Excellence in the Field of Public Policy (2016), the Attorney General's Award for Exceptional Service, and the Intelligence Community Legal Award (2008).
Twitter: @c_painter
SpeakerBio:Jeff "The Dark Tangent" Moss
, DEF CON Communications
Mr. Moss is an internet security expert and is the founder of Both the Black Hat Briefings and DEF CON Hacking conferences. In 2022 Mr. Moss was named to the UK Government Cybersecurity Advisory Board, and in 2021 he was sworn in as a member of the DHS Cybersecurity Infrastructure Security Agency (CISA) Advisory Council (CSAC), and serves as a chairman of their Technical Advisory Council (TAC). Mr. Moss is a member of the Council on Foreign Relations (CFR) and is interested in policy issues around privacy, national security, and internet governance. He spends a lot of time in Singapore.
Twitter: @thedarktangent
SpeakerBio:Joel Todoroff
, Office of the National Cyber Director
Joel Todoroff works for the Office of the National Cyber Director, where he provides legal and policy support on a range of issues, including commercial spyware and securing the foundations of the internet. He has previously worked with the Department of Defense, intelligence community, and the Privacy and Civil Liberties Oversight Board.
SpeakerBio:Roger Dingledine
, The Tor Project
Roger Dingledine is president and co-founder of the Tor Project, a nonprofit that develops free and open source software to protect people from tracking, censorship, and surveillance online. Roger works with journalists and activists on many continents to help them understand and defend against the threats they face, and he is a lead researcher in the online anonymity field. EFF picked him for a Pioneer Award, and Foreign Policy magazine chose him as one of its top 100 global thinkers.
Twitter: @RogerDingledine
Description:
The internet is still largely centralized, and not every country has strong institutional controls preserving the right to access information or speak freely. Heck, even many "liberal democracies" are backsliding. While this may sound like an infosec talk suited for the think tank crowd, these developments are impacting hackers and the results they present at hacker cons.
Internet freedom tools are about empowering users to have the safety to make their own priorities. While China, Iran, and Russia are obviously key concerns in this space, many other countries are seeking to enact new laws and regulations that impact all types of users -- some with nefarious intent and others just accidentally harmful.
This conversation will explore the reasons, the symptoms, and some ideas about how to preserve our ability to set our own priorities. We will offer a holistic and detailed picture of how censorship affects our work and that of our colleagues -- how even if you feel secure in the freedom you have where you are right now, government censorship and surveillance in other places will unquestionably affect us all.
- REFERENCES
Some starting points:
Return to Index - Add to
- ics Calendar file
VMV - Saturday - 13:30-14:20 PDT
Title: Interventions To Address Technology-Facilitated Violence in Democracy
When: Saturday, Aug 12, 13:30 - 14:20 PDT
Where: Caesars Forum - Academy - 415-418 - Voting Village - Map
Speakers:Eric Davis,Hallie Stern,Omri Preiss,Theodora Skeadas
SpeakerBio:Eric Davis
Eric Davis has safeguarded brands, platforms, and billions of users from bad ads, bad apps, and other machinations of malefactors across global policy, product, and engineering functions. A frequent consultant and advisor across civic and private sectors on Trust & Safety, Privacy, and Security issues, Eric is a founding advisor to the Trust & Safety Professional Association, and a member of the Integrity Institute’s Elections Integrity Working Group, which publishes a series of best practices and resources guides for tech platforms contending with disinformation and other issues impacting elections integrity. Previously, Eric was the former Chief Privacy and Policy Officer and global trust & safety lead at Bigo, a live streaming and short form video social media platform with over 200M users globally. Prior to Bigo, he was Senior Director for Product Management at Lifelock (acquired by Symantec), prototyping new consumer products, leading AppSec, and leading product strategy for GDPR and other privacy regulations globally. Prior to Symantec, Eric spent 13 years at Google, where he founded Google’s first Trust & Safety team, Anti-Malvertising program, and the Android Security Operations and Intel team in addition to his other product policy and public policy leadership roles. Earlier in his career, he was the charter International Product Manager for Trust & Safety at eBay.
Twitter: @ericdavis
SpeakerBio:Hallie Stern
Hallie Stern is the Founder and Director of Digital Rapid Response and Information Strategy for Mad Mirror Media, a digital identity and technology consultancy, where she conducts research & development initiatives, teaches courses on disinformation and influence, and investigates anomalies in ad-tech ecosystems and algorithms for her cross-sector, cross-industry clients. She also works with the Disarm Foundation to develop tools and tandards for mitigating online harm related to disinformation and is a member of the Integrity Institute. She holds an M.S. from NYU in Global Security, Conflict, and Cybercrime, where she focused on The Human Side of Cyber Conflict, with practicums and fellowships at The Global Disinformation Index, UMD START, the Dept of State, and the Department of Homeland Security. Additional awards include The David L. Boren National Security Fellowship. Prior to her studies, Hallie spent a year exploring digital communication and data surveillance in Africa, the Mediterranean, and South East Asia.
SpeakerBio:Omri Preiss
Omri Preiss is a co-founder and managing director of Alliance4Europe, working to activate citizens towards a more democratic and sustainable Europe. Omri is based in Brussels, and has worked in EU affairs, particularly on human rights, democracy, and sustainability issues.
Twitter: @OmriPreiss
SpeakerBio:Theodora Skeadas
Theodora Skeadas works full-time as the Deputy Director of Strategy for the Massachusetts Executive Office of Technology Services and Security and part-time as a consultant on digital safety issues. Previously, she worked at Twitter, where she supported Twitter’s global elections work and managed the Trust and Safety Council, and Booz Allen Hamilton, where she supported digital listening efforts around elections. In her political work, she ran for Cambridge City Council in 2021, she managed an MA Lieutenant Governor’s campaign for Jimmy Tingle in 2018, and she managed a successful Cambridge City Council campaign for Sumbul Siddiqui in 2017.
Twitter: @theodoraskeadas
Description:
Technology companies with social media platforms have the potential to be a powerful ally in civil society’s work to build an open, free, and democratic Internet. They have the ability to provide safe and accessible mechanisms for all people to participate in democracy, especially in closed information spaces. Continued, active engagement with technology companies is required to properly convey the stories and experiences of democratic activists. Online violence and cyber threats against women in politics and public life (OVAW-P) poses a deepening challenge to democracy, serving as a key tool of illiberalism and democratic backsliding across the globe. OVAW-P encompasses all forms of aggression, coercion, and intimidation seeking to exclude women from politics simply because they are women. This online behavior seeks to achieve political outcomes: targeting individual women to harm them or drive them out of public life, while also sending a message that women in general should not be involved in politics. This online violence has a chilling effect on the political ambitions and engagement of women and girls, decreasing their presence and agency in politics and public life. Stopping gender-based attacks online is a solvable problem, and it is the fastest and clearest investment toward building an internet that enables everyone to be politically engaged. To address this issue, the National Democratic Institute developed a set of solutions-based interventions for technology platforms to end online violence against women in politics and public life. The interventions were developed in collaboration with a global network of women survivors. In order to more successfully advocate for the implementation of these interventions, research and advocacy efforts are needed to demonstrate the power and profitability of providing a safe space for women to politically engage online.
Return to Index - Add to
- ics Calendar file
CPV - Saturday - 10:30-10:45 PDT
Title: Intro to Ciphers
When: Saturday, Aug 12, 10:30 - 10:45 PDT
Where: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
SpeakerBio:CPV Staff
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
LPV - Saturday - 16:00-16:30 PDT
Title: Intro to Lockpicking
When: Saturday, Aug 12, 16:00 - 16:30 PDT
Where: LINQ - 5th Floor / BLOQ - Lockpick Village - Map
SpeakerBio:TOOOL
No BIO available
Description:
New to lock picking? Haven't picked in a year and need a refresher? Don't know a half-diamond from a turner? This talk is for you! Join one of our knowledgeable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.
Return to Index - Add to
- ics Calendar file
LPV - Saturday - 10:15-10:45 PDT
Title: Intro to Lockpicking
When: Saturday, Aug 12, 10:15 - 10:45 PDT
Where: LINQ - 5th Floor / BLOQ - Lockpick Village - Map
SpeakerBio:TOOOL
No BIO available
Description:
New to lock picking? Haven't picked in a year and need a refresher? Don't know a half-diamond from a turner? This talk is for you! Join one of our knowledgeable village volunteers as we walk you through the very basics of lock picking, from how to hold your tools to the theory behind the technique that makes lock picking possible.
Return to Index - Add to
- ics Calendar file
CLV - Saturday - 10:00-10:30 PDT
Title: Introducing IAM-APE
When: Saturday, Aug 12, 10:00 - 10:30 PDT
Where: Flamingo - Mesquite - Cloud Village - Map
SpeakerBio:Tohar Braun
Tohar Braun is a Research Tech Lead at Orca Security. During his career, he has helped bring cybercriminals to justice, stopped ransomware from extorting innocents, and unveiled numerous security issues for high-profile companies. He is passionate about helping businesses secure their cloud assets, taking malware apart, and getting shells where they shouldn't be.
Tohar is an avid gamer, trained chef, and on a quest to become a one man metal band.
Twitter: @MaliciousDelish
Description:
Permission management in AWS can be a daunting task. A single user can have an inline policy, attached managed policies, and be a member of several IAM groups. Not to mention Service Control Policies and permission boundaries!
IAM-APE, or IAM AWS Policy Evaluator, is an open source, automated tool that was designed to simplify the process of calculating effective permissions for an AWS entity. The tool gathers all the IAM policies present in your account, and then calculates the effective permissions that each entity - User, Group, or Role - has. It presents you with a single policy, summarizing all of their actual permissions
Return to Index - Add to
- ics Calendar file
WS - Saturday - 14:00-17:59 PDT
Title: Introduction to Exploit Development (Pre-Registration Required)
When: Saturday, Aug 12, 14:00 - 17:59 PDT
Where: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
Speakers:Elizabeth Biddlecome,Irvin Lemus,Kaitlyn Handelman,Sam Bowne
SpeakerBio:Elizabeth Biddlecome
Elizabeth Biddlecome is a consultant and instructor, delivering technical training and mentorship to students and professionals. She leverages her enthusiasm for architecture, security, and code to design and implement comprehensive information security solutions for business needs. Elizabeth enjoys wielding everything from soldering irons to scripting languages in cybersecurity competitions, hackathons, and CTFs.
SpeakerBio:Irvin Lemus
Irvin Lemus, CISSP is a Cyber Range Engineer at By Light IT Professional Services, training military personnel through international cyber security exercises. Irvin has been in the field since 2006, involved with cybersecurity competitions since 2015 as a trainer, coach, and mentor. He also has taught IT and Cybersecurity courses at Coastline and Cabrillo Colleges. He is the BACCC Cyber Competitions Regional Coordinator, Board member at Pacific Hackers and is a speaker at DEFCON. He describes himself as, "A professional troublemaker who loves hacking all the things."
SpeakerBio:Kaitlyn Handelman
, Offensive Security Engineer at Amazon
Kaitlyn Handelman is an offensive security engineer at Amazon. Her focus is cybersecurity in space. In addition to traditional penetration testing, Kaitlyn works on physical devices and RF signals. In her free time, she enjoys ham radio, astronomy, and her cat, Astrocat.
SpeakerBio:Sam Bowne
, Founder at Infosec Decoded, Inc
Sam Bowne has been teaching computer networking and security classes at City College San Francisco since 2000, and is the founder of Infosec Decoded, Inc. He has given talks and hands-on trainings at Black Hat USA, RSA, DEF CON, DEF CON China, HOPE, and many other conferences.
Credentials: PhD, CISSP, DEF CON Black Badge Co-Winner
Description:
Learn how to take control of Windows and Linux servers running vulnerable software, in a hands-on CTF-style workshop. We begin with easy command injections and SQL injections, and proceed through binary exploits including buffer overflows on the stack and the heap, format string vulnerabilities, and race conditions.
We will exploit 32-bit and 64-bit Intel and ARM systems, and software in PHP, Python, C++, and DOT NET. We will examine modern Windows defenses in detail, including ASLR, DEP, stack cookies, and SEHOP. We will also write Rust programs and see how they prevent memory corruption vulnerabilities.
Previous experience with C and assembly language is helpful but not required. Participants will need a laptop that can run VMware or VirtualBox virtual machines.
All materials and challenges are freely available at samsclass.info, and will remain available after the workshop ends.
Skill Level: Intermediate
Prerequisites for students:
- Familiarity with C programming and assembly language is helpful, but not essential.
Materials or Equipment students will need to bring to participate:
- A laptop capable of running a virtual machine in VMware or VirtualBox.
Return to Index - Add to
- ics Calendar file
RTV - Saturday - 14:00-14:59 PDT
Title: IOCs + APTs = "Let's play a game!" - Hack your way through a hunt!
When: Saturday, Aug 12, 14:00 - 14:59 PDT
Where: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3 - Map
SpeakerBio:Leo Cruz
No BIO available
Description:
In order to threat hunt, in order to create threat intelligence, one must first identify the what before the where, the where, before the why, the why before the who, and then you’ll know who attacked you…maybe 🙂 In this CTF style threat hunt, you are placed in two seats. In one you are the attacker, the other, you are the defender. Somewhere in between, you have to realize that you are also the malware author, reverse engineer, network analyst, etc…however your path may be, you will need to find all of the IOCs before time runs out and the real adversary is not found.
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-17:59 PDT
Title: IoT Village CTF
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Alliance - 307-310 - IOT Village - Map
Description:
Hosted in IoT Village, teams of 1-6 players compete against one another by exploiting off-the-shelf IoT devices. This has been completely redesigned from previous contests, and features real-world devices that all have real-world vulnerabilities with real-world impacts.
This CTF is open to anyone! It is approachable for entry level people to experience getting their first root shell on IoT, but to really advance in this CTF teams will need to perform detailed vulnerability research, hardware hacking, firmware analysis, reverse engineering, and limited exploit development.
CTFs are a great experience to learn more about security and test your skills, and the IoT CTF provides the most realistic hacking experience around! So, join up in a team (or even by yourself) and compete for fun and prizes! Exploit as many as you can during the con and the top three teams will be rewarded.
Return to Index - Add to
- ics Calendar file
IOTV - Saturday - 10:00-17:59 PDT
Title: IoT Village Hacking Playground
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Alliance - 307-310 - IOT Village - Map
Description:
IoT Village Hacking Playground: The IoT Village Hacking Playground is a set of hands-on labs developed to teach the tools and techniques for discovering and exploiting some of the common weaknesses found in IoT devices in just a few minutes. Whether you're a penetration tester that has never hacked IoT devices, or even someone that has never hacked anything, these self-guided labs will introduce the audience to the world of IoT and the security issues that can plague these devices. Work at your own pace following our IoT Hacking guides and if you get stuck, our instructors are on hand to provide assistance and answer any questions.
Return to Index - Add to
- ics Calendar file
IOTV - Saturday - 10:00-17:59 PDT
Title: IoT Village Hardware Hacking Exercises 2023
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Alliance - 307-310 - IOT Village - Map
Description:
From Memory Manipulation to Root Access: In this year's exercises, we will be guiding the attendees through another multistep process to gain root access to a targeted IoT device via UART by first extracting the firmware to gain access to the root password and identifying memory offsets that allow attendees to alter U-Boot running memory to disable filters blocking needed changes to device boot environment variables. This series of exercises will cover steps including U-boot interaction, firmware extraction process, altering memory style attack, binwalk to extract cramfs filesystem, hexedit to identify memory offsets, and cracking of extracted password hashes.
Return to Index - Add to
- ics Calendar file
BTV - Saturday - 10:30-11:30 PDT
Title: IR/4n6: Obsidian DFIR - Gang aft agley
When: Saturday, Aug 12, 10:30 - 11:30 PDT
Where: Flamingo - Sunset - Scenic - Blue Team Village - Main Stage - Map
SpeakerBio:Omenscan
No BIO available
Description:
.
Come listen to some grouchy, well worn Incident Responders talk about the planning and reality of staging a live fire DFIR simulation, and how even well planned exercises, just like any other IR never go as planned.
Return to Index - Add to
- ics Calendar file
CPV - Saturday - 13:00-13:30 PDT
Title: Is 2023 the Year of Privacy: How History and States are Posed to Change Privacy?
When: Saturday, Aug 12, 13:00 - 13:30 PDT
Where: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
SpeakerBio:Anthony Hendricks
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-17:59 PDT
Title: It's In That Place Where I Put That Thing That Time
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
Your friend called. They had their place raided. They swear it's a setup. But now they're in jail and you're the only hope they have. Can you collect the evidence that will let them walk free? Where should you look? The evidence is everywhere, and it could be anywhere. You might be sitting on it. You might be standing near it. It might be stuck to something. It might be lying in plain sight. Find the disks and bring them to us. All they said to you before they hung up was "It's in that place where I put that thing that time." Good luck.
Return to Index - Add to
- ics Calendar file
BTV - Saturday - 17:00-17:59 PDT
Title: It’s not that your threat intelligence IOCs are worthless…
When: Saturday, Aug 12, 17:00 - 17:59 PDT
Where: Flamingo - Sunset - Scenic - Blue Team Village - Main Stage - Map
Speakers:Charlie,Lauren Proehl,Mick/nohackme,Silas Cutler
SpeakerBio:Charlie
Charlie has worked in threat intelligence for over a decade, focusing mostly on financial services but has also worked for an email security vendor providing threat intelligence to a variety of verticals. He is now a part of a team that provides threat intelligence to banks of all sizes.
SpeakerBio:Lauren Proehl
Lauren Proehl is the Director of Global Cyber Defense at Marsh McLennan. She is an experienced incident responder and threat hunter who has helped identify and mitigate cyber adversaries in Fortune 500 networks. After leading investigations ranging from data breaches to targeted attacks, she now works to define some part of the limitless unknowns in cyberspace and make cybersecurity less abstract, and more tangible. Lauren sits on the CFP board for BSides Kansas City, heads up SecKC parties, and tries to escape computers by running long distances in the woods.
SpeakerBio:Mick/nohackme
Mick fell in love with the idea of cyberspace around 9-years-old after reading “Neuromancer,” thinking “I could do that.” He is still trying to do “that.”
Former perennial spot the fed participant, Mick has seen threat intelligence work, and... not.
After spending too long in government and a stint in South Bend, Mick is a Global Security Advisor on Splunk's SURGe team.
Taking a break from Gooning at DEFCon, he's back for another year to moderate a spicy panel you'll want to see.
SpeakerBio:Silas Cutler
Silas Cutler is an experienced security researcher and malware analyst. His focus has been researching organized cyber-crime groups and state-sponsored attacks.
Description:
.
From discovery to dissemination, the value of cyber threat intelligence rapidly decreases to the point of uselessness. Why? It’s complicated. Does it have to be? Join us for a lively discussion on threat intelligence from discovery and dissemination, and how to find value in the valueless.
Return to Index - Add to
- ics Calendar file
MIV - Saturday - 15:30-16:30 PDT
Title: IVY HAUL: A Computational Linguistics Analysis of a Disinformation Actor
When: Saturday, Aug 12, 15:30 - 16:30 PDT
Where: Caesars Forum - Summit - 224 - Misinfo Village - Map
SpeakerBio:Shea Nangle
Shea Nangle does not now, nor has he ever, worked for a three letter agency. He has, however, been accused on several occasions of being a Fed, and there was a multiyear period when his wife really thought he worked for a front company. To the best of his knowledge, only one of his previous employers has ever been investigated by the US government as a potential front for foreign intelligence. GLOMAR.
In his spare time, he enjoys long walks on the beach and reruns of Magnum, P.I.
Description:
In April 2023, Sarah Bils was revealed to be one of the main people behind the DonbassDevushka social media "personality", posting pro-Russian propaganda to a variety of social media accounts since 2014. One of the main accounts, the PeImeniPusha Twitter account has been active since 2015. Ms. Bils has claimed that there was a team of at least a dozen people responsible for the Donbass Devushka personality. I have leveraged a number of open source tools, along with original methodology and tools, to analyze data collected from the PeImeniPusha Twitter account and several other sources. Primary areas of research and analysis have included identification of authorship clusters, as well as analysis of changes to content posted, with a focus on identifying changes to account content that are linked to current events, such as the Russian invasion of Ukraine. In this session, I will share the results of this research and analysis for the first time, and will include an exploration of methodologies used (including successes and failures) and a discussion of applications of this work to the analysis of other disinformation actors.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 09:30-10:15 PDT
Title: J4 Gate, The Hustler Poker Cheating Scandal investigation and how Hacking helped me do it
When: Saturday, Aug 12, 09:30 - 10:15 PDT
Where: Caesars Forum - Forum - 130-134 - Track 3 - Map
SpeakerBio:Scott "Duckie" Melnick
, Principal Security Research and Development at Bulletproof International
Duckie, aka “Scott Melnick,” started his shenanigans War Dialing on his Apple ][+ at an early age and has been attending Defcon and other hacking conferences for over 26 years. Scott currently heads the Security R&D team for Bulletproof, a part of Gaming Laboratories International. Specializing in casino gaming security, he spends his time hacking and reverse engineering electronic gaming devices such as slot machines, sneaking around casinos, getting kicked out of casinos, and speaking at gaming security and regulation events. Over the years, he has worked on many gaming fraud and security breach cases. Before joining Bulletproof, he served as the Vice President of Systems Software Development for a slot and table game maker and held various positions in the slot industry, leading mechanical and electrical engineering projects, overseeing security, and managing IT gaming operations, among other things. He is excited to be delivering his first Defcon presentation this year and contributing back to the hacker community.
Twitter: @duckie37
Description:
On September 29th, 2022, one of the most controversial poker hand was played, winning an all-in $240K cash pot on the Hustler Casino Live poker stream (HCL) by newcomer Robbi Jade Lew. The controversy and accusations of cheating took the poker and media world by storm! Conspiracy theories emerged immediately within the media, podcasts and the internet sleuths, including crossover theories from the Chess cheating scandal, accusations of collusion with HCL employees, and advanced technology being used. This is the wild tale of my investigation into cheating live stream poker if it was done and what are all the ways I would do it.
I will also show how I utilized my experience from attending hacking conferences such as Defcon for over 26 years, the competitions and how I tapped into a broad range of resources throughout the years of making friends in the hacking community, reaching out to discord groups and doing that which isn’t covered in the academic world. This is why I am here; this is why you are here.
This war story contains treachery, wild technology theories, drama and current criminals on the run. But you, the audience must all decide. Is Robbi innocent or guilty? Was something missing? How would you have cheated?
REFERENCES:
Return to Index - Add to
- ics Calendar file
APV - Saturday - 11:00-12:59 PDT
Title: JWT Parkour
When: Saturday, Aug 12, 11:00 - 12:59 PDT
Where: Flamingo - Savoy - AppSec Village - Workshop - Map
SpeakerBio:Louis Nyffenegger
Louis is a security engineer based in Melbourne, Australia. He is the founder of PentesterLab, a learning platform for web penetration testing.
Twitter: @snyff
Description:
Nowadays, JSON Web Tokens are everywhere. They are used as session tokens, OAuth tokens or just to pass information between applications or microservices. By design, JWT contains a high number of security and cryptography pitfalls that creates interesting vulnerabilities. In this workshop, we are going to learn how to exploit some of those issues.
First, we are going to look at the old issues: the none algorithm, guessing/bruteforcing the hmac secret.
Then we will look at more recent issues like how an RSA public key can be computed from multiple signatures to exploit algorithm confusion and how the same attack can be done with ECDSA. We will also look at leveraging issues with the kid/jku/x5u. And finally how to leverage CVE-2022-21449 to bypass the signature mechanism.
Return to Index - Add to
- ics Calendar file
DL - Saturday - 12:00-13:55 PDT
Title: Kraken, a modular multi-language webshell for defense evasion
When: Saturday, Aug 12, 12:00 - 13:55 PDT
Where: Caesars Forum - Society Boardroom - Demo Labs - Map
SpeakerBio:Raul Caro
Raul Caro Teixido (OSCP, CRTE) is an Offensive Security Engineer at Telefonica Tech. He is the co-author of Mistica (your friendly data smuggler) presented in BlackHat Arsenal USA 2020, and the creator of Kraken (a modular multi-language webshell).
Description:
Kraken is a modular multi-language webshell focused on web post-exploitation and defense evasion. It supports three technologies (PHP, JSP and ASPX) and its core is developed in Python. Kraken follows the principle of "avoiding command execution" by re-implementing it through the functionalities of the programming language in use. Kraken seeks to provide usability, scalability and improve the OPSEC of ongoing operations.
Return to Index - Add to
- ics Calendar file
ASV - Saturday - 14:00-14:25 PDT
Title: Labs and Trust: How to build a successful aviation cybersecurity research programme
When: Saturday, Aug 12, 14:00 - 14:25 PDT
Where: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
SpeakerBio:Martin Strohmeier
No BIO available
Description:
Over the past 10 years, armasusisse Science + Technology has been successfully conducting open security research with real avionics hardware, working closely with industry and regulators. The talk will cover our technical results as well as our approach to building trust with regulators and the industry by working as responsibly as possible while still maintaining the openness required to obtain the necessary results and drive change in the wider ecosystem.
Return to Index - Add to
- ics Calendar file
DL - Saturday - 10:00-11:55 PDT
Title: Lambda Looter
When: Saturday, Aug 12, 10:00 - 11:55 PDT
Where: Caesars Forum - Accord Boardroom - Demo Labs - Map
Speakers:Doug Kent,Rob Ditmer
SpeakerBio:Doug Kent
Doug has worked at State Farm for about 20 years. Working on mostly security technologies ranging from Active Directory, PKI, Endpoint protection and finally landing recently on the Pen Testing team. Doug has a passion for identifying vulnerabilities and partnering with control solution teams to protect State Farm data and fulfill our promise to customers. He strives to help others with offensive security skills by providing training, guidance, and kill chain demonstrations.
SpeakerBio:Rob Ditmer
Rob has been on the State Farm PenTesting Team for 2 years. Prior to his time at State Farm, he has worked with various other companies as a penetration testing consultant – enabling him to experience a wide range of technologies and their differing implementations. Rob enjoys the challenge of developing tools and infrastructure to better the skills and abilities of the PenTesting team, ultimately to better the protections around State Farm data.
Description:
Organizations can have thousands of lines of code that are stored in Lambda on AWS. This application was built to help reduce the amount of time it takes to review that code. On our last Pen Test, we had so much Lambda code to review it was impossible to parse through all of it in the short amount of time assigned to our test. This lack of time created a necessity to automate the review of that lambda code for secrets. Lambda Looter will take a list of profiles and scan through them and download the code you have access to and then process that code for secrets, outputting any potential secrets to a loot directory. Even though this tool can generate a number of false positives it makes looking for secrets much faster than scanning the code manually.
Return to Index - Add to
- ics Calendar file
BHV - Saturday - 14:50-15:30 PDT
Title: Lanteryn: Blue Energy
When: Saturday, Aug 12, 14:50 - 15:30 PDT
Where: Flamingo - Laughlin I,II,III - Biohacking Village - Map
SpeakerBio:Del de Zela
Del de Zela is a STEM-oriented artist that seeks to redefine the term ‘biotech’; they invent devices powered by microbiology meant for household and personal uses. Del de Zela uses an array of molecular techniques to program microbes and Maya to design microarchitectures that house them.
Description:
Our goal is to develop household or personal technologies that contain, cultivate, and regulate bioengineered microecosystems. Our self-sustaining systems are designed to offer a host of functions that solve everyday problems for people. Our debut device, a biological candle called ‘Lanteryn’, will start with the core functions of light production, fragrance generation, and insect-control. Future directions would include wearable biotechnologies, such as a “Bio-Watch” that can convey time via light color, produce odorants compatible with the user’s body scent, and generate antimicrobial substances for sanitation. Many of these functionalities are indeed innate capabilities of our chosen micro-organism. Genetic editing technologies will be employed to modify them and ensure their safety while optimizing their desirable properties. Previous attempts to utilize bioluminescent species either (1) introduced light generating genes into organisms that did not possess the physiology compatible with the energetic demand of light generation, (2) used organisms that were exceedingly sensitive to contamination or fluctuations in environmental conditions, or (3) used organisms with specialized light organs that cultivate glowing bacteria and cannot glow otherwise. The concepts we are proposing redefine the term ‘biotechnology’. Without a preceding, successful framework by which we can base our designs on, the burden of proof rests on us. Therefore, considerable time and effort must be placed into demonstrating that our vision is realistic, effective, and safe to the public. With our technology, the future is ever-glowing.
Return to Index - Add to
- ics Calendar file
ICSV - Saturday - 16:30-16:59 PDT
Title: Lessons learned when building a Maritime Systems Security Laboratory Testbench
When: Saturday, Aug 12, 16:30 - 16:59 PDT
Where: Caesars Forum - Alliance - 313-319 - ICS Village - Map
SpeakerBio:Brien Croteau
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
PLV - Saturday - 14:00-14:50 PDT
Title: Let Night City Sleep - Governance Against a Cyberpunk Future
When: Saturday, Aug 12, 14:00 - 14:50 PDT
Where: Caesars Forum - Summit - 218-219 - Policy Rotunda - Map
Speakers:Cameron Byrd,Clayton Dixon
SpeakerBio:Cameron Byrd
, Cyber Policy Analyst at Office of Cyber, Infrastructure, Risk, and Resilience Policy, U.S. Department of Homeland Security
Cameron Byrd is a Cyber Policy Analyst in the Office of Cyber, Infrastructure, Risk, and Resilience Policy at the U.S. Department of Homeland Security (DHS) Headquarters. He supports the Under Secretary for Strategy, Policy, and Plans and leads the development of cybersecurity, technology, and infrastructure policy and strategy for the Department. Cameron engages regularly with DHS components to develop unified Departmental policies and a harmonized cross-Departmental approach to issues including the implementation of Executive Orders and Congressional legislation, fulfillment of Secretary and Presidential cyber priorities, and stewardship of domestic cybersecurity initiatives across the Federal Civilian Executive Branch, Sector Risk Management Agencies, and other stakeholders. He assists in developing position papers, technical policy documents, strategies, and other policy or strategic recommendations for consideration by DHS leadership. Cameron graduated with a B.S., Information Science from the University of Maryland, College Park in 2019 and completed an M.A., Security Policy Studies from George Washington University in 2022.
SpeakerBio:Clayton Dixon
, Cyber Policy Advisor to the Assistant Secretary of Cyber, Infrastructure, Risk, and Resilience at Department of Homeland Security
Clayton “CJ” Dixon is Cyber Policy Advisor to the Assistant Secretary of Cyber, Infrastructure, Risk, and Resilience at the Department of Homeland Security. His cyber policy portfolio covers emerging technologies such as Web3, quantum computing, and AI, however, he has a special passion for secure smart cities. CJ was also a Senior Advisor at New York City Cyber Command where he helped develop and implement citywide cybersecurity policies. In a previous life, CJ served in the US Army countering terrorist propaganda in West Africa as Special Operations Psychological Operations Officer.
Description:
There are currently 7.4 billion people living on Earth and more than half of those people live in a metropolitan area. Urbanization is accelerating - demand for infrastructure is expected to increase by 100% by 2060. City planners are rapidly turning to digital technology to meet the growing demands of urban life.
Enter the “smart city” – the promise that equitable, safe, and sustainable urban life can be achieved through digitization. However, digitization also comes with digital risks. Malicious cyber actors have attacked 222 local government entities and 62 public safety agencies between 2021 and 2023. Malicious actors know our communities are target-rich environments and public policy is often slow to respond.
Does this mean humanity is doomed to a Cyberpunk 2077-like future with urban life marred by constant cyber-attacks? The Department of Homeland Security and city officials believe this need not be the case, but it all starts with good governance. In this workshop, DHS will introduce a draft of the Connected Communities Governance Toolkit – a series of guides for connected community governance developed in collaboration with cities across the US. DHS will host a collaborative workshop to examine the implications of a city considering a digital transformation using the Governance Toolkit as a guide.
Return to Index - Add to
- ics Calendar file
PHV - Saturday - 09:00-17:59 PDT
Title: Linux Trainer Workshop
When: Saturday, Aug 12, 09:00 - 17:59 PDT
Where: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
Description:
Are you new to hacking? Want to learn Linux? We have a workshop for you! Interactive style training will teach you the basics of this operating system step by step so you can start your journey.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 17:30-17:50 PDT
Title: Lions and Tigers and Fancy Bears, Oh My!: A Cautionary Tale for our Cyber Future
When: Saturday, Aug 12, 17:30 - 17:50 PDT
Where: Caesars Forum - Academy - 407-410 - Track 4 - Map
Speakers:Jen Easterly,Scott Shapiro
SpeakerBio:Jen Easterly
, Director at Cybersecurity and Infrastructure Security Agency (CISA)
Jen Easterly is the Director of the Cybersecurity and Infrastructure Security Agency (CISA). She was nominated by President Biden in April 2021 and unanimously confirmed by the Senate on July 12, 2021. As Director, Jen leads CISA’s efforts to understand, manage, and reduce risk to the cyber and physical infrastructure Americans rely on every day. She is a proud Mom, a mental health advocate, a Rubik’s Cube enthusiast, and an aspiring electric guitarist.
Before serving in her current role, Jen was the head of Firm Resilience at Morgan Stanley, responsible for ensuring preparedness and response to business-disrupting operational incidents and risks to the Firm. She also helped build and served as the first Global Head of Morgan Stanley’s Cybersecurity Fusion Center, the Firm’s center of gravity for cyber defense operations.
Jen has a long tradition of public service, to include two tours at the White House, most recently as Special Assistant to President Obama and Senior Director for Counterterrorism and earlier as Executive Assistant to National Security Advisor Condoleezza Rice. She also served as the Deputy for Counterterrorism at the National Security Agency.
A two-time recipient of the Bronze Star, Jen retired from the U.S. Army after more than twenty years of service in intelligence and cyber operations, including tours of duty in Haiti, the Balkans, Iraq, and Afghanistan. Responsible for standing up the Army’s first cyber battalion, she was also instrumental in the design and creation of United States Cyber Command.
A distinguished graduate of the United States Military Academy at West Point, Jen holds a
master’s degree in Philosophy, Politics, and Economics from the University of Oxford, where she studied as a Rhodes Scholar. She is the recipient of numerous honors and awards, including the 2023 Sisterhood Award from Girls Who Code; the 2022 National Defense University Admiral Grace Hopper Award; the 2021 Cybersecurity Ventures Cybersecurity Person of the Year Award; the 2020 Bradley W. Snyder Changing the Narrative Award, and the 2018 James W. Foley Legacy Foundation American Hostage Freedom Award.
A member of the Council on Foreign Relations and a French American Foundation Young Leader, Jen is the past recipient of the Aspen Finance Leaders Fellowship, the National Security Institute Visiting Fellowship, the New America Foundation Senior International Security Fellowship, the Council on Foreign Relations International Affairs Fellowship, and the Director, National Security Agency Fellowship.
Twitter: @@CISAJen
SpeakerBio:Scott Shapiro
, Charles F. Southmayd Professor of Law and Professor of Philosophy at Yale Law School
Scott Shapiro is the Charles F. Southmayd Professor of Law and Professor of Philosophy at Yale Law School. His areas of interest include jurisprudence, international law, constitutional law, criminal law and cybersecurity. He is the author of Legality (2011), The Internationalists (2017) (with Oona Hathaway) and editor of The Oxford Handbook of Jurisprudence and Philosophy of Law (2002) (with Jules Coleman). He earned B.A. and Ph.D. degrees in philosophy from Columbia University and a J.D. from Yale Law School. Shapiro is an editor of Legal Theory and the Stanford Encyclopedia of Philosophy. He is also the founding director of the Yale CyberSecurity Lab, which provides cutting-edge cybersecurity and information technology teaching facilities. His new book, Fancy Bear Goes Phishing, details the history and technology of Internet hacking (May 2023).
Description:
Fancy Bear, Dynamic Panda and Charming Kitten – we live in a time where we are constantly under attack without even knowing it. CISA Director Jen Easterly and Yale Law School Professor Scott Shapiro, author of “Fancy Bear Goes Phishing: The Dark History of the Information Age In Five Extraordinary Hacks” discuss how best to understand the challenge of information security; what we can learn from looking back; and how the decisions we make today to prioritize security by design will shape our future.
Return to Index - Add to
- ics Calendar file
AIV - Saturday - 12:30-13:25 PDT
Title: LLM Legal Risk Management, and Use Case Development Strategies to Minimize Risk
When: Saturday, Aug 12, 12:30 - 13:25 PDT
Where: Caesars Forum - Academy - 401-406 - AI Village - Map
Speakers:Nick Maietta,Robert Hudock
SpeakerBio:Nick Maietta
No BIO available
SpeakerBio:Robert Hudock
No BIO available
Description:
The California Privacy Rights Act (CPRA), the Colorado Privacy Act (CPA), the Virginia Consumer Data Protection Act (VCDPA), and the Connecticut Data Privacy Act (CTDPA) empower consumers with the option to withdraw from the processing of their personal data for profiling objectives, establishing regulations that influence automated decision-making. As organizations, including legal firms, are adopting large language models (LLMs) more frequently for various purposes, addressing issues related to privacy and security becomes critical. This talk will explore tactics and best practices implemented by King & Spalding to mitigate risks connected with LLMs. The conversation will particularly emphasize de-identification tools, terms of service, and the potential risk of client confidential data breaches. Attendees will be updated about recent privacy and security regulations, along with methodologies to ensure regulatory adherence and uphold trust.
Return to Index - Add to
- ics Calendar file
PSV - Saturday - 14:00-14:30 PDT
Title: Lock Bypass 101
When: Saturday, Aug 12, 14:00 - 14:30 PDT
Where: Flamingo - Carson City - Physical Security Village - Map
SpeakerBio:Terry
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
PSV - Saturday - 14:30-14:59 PDT
Title: Lock Bypass 102
When: Saturday, Aug 12, 14:30 - 14:59 PDT
Where: Flamingo - Carson City - Physical Security Village - Map
SpeakerBio:Ege
Ege is a security researcher specialising in access control systems and electronics. She is currently pursuing a degree in Electrical Engineering and work part-time for GGR Security as a Security Risk Assessor.
Description:No Description available
Return to Index - Add to
- ics Calendar file
LPV - Saturday - 10:00-17:59 PDT
Title: Lockpick Village Activities
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: LINQ - 5th Floor / BLOQ - Lockpick Village - Map
Description:
Want to tinker with locks and tools the likes of which you've only seen in movies featuring secret agents, daring heists, or covert entry teams?
Then come on by the Lockpick Village, run by The Open Organization Of Lockpickers, where you will have the opportunity to learn hands-on how the fundamental hardware of physical security operates and how it can be compromised.
The Lockpick Village is a physical security demonstration and participation area. Visitors can learn about the vulnerabilities of various locking devices, techniques used to exploit these vulnerabilities, and practice on locks of various levels of difficultly to try it themselves.
Experts will be on hand to demonstrate and plenty of trial locks, pick tools, and other devices will be available for you to handle. By exploring the faults and flaws in many popular lock designs, you can not only learn about the fun hobby of sport-picking, but also gain a much stronger knowledge about the best methods and practices for protecting your own property.
--
A popular spot for new lock pickers! Highly recommended you stop by. The Lockpick Village is always kid friendly and welcomes folks of all ages. We do require that the parents stay with the kids.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 14:00-16:59 PDT
Title: Lonely Hackers Club - Badgelife & Sticker Swap
When: Saturday, Aug 12, 14:00 - 16:59 PDT
Where: Harrah's - Laughlin - Lonely Hackers Club - Map
Description:No Description available
Return to Index - Add to
- ics Calendar file
DC - Saturday - 17:00-17:59 PDT
Title: Lonely Hackers Club - Name That Noob
When: Saturday, Aug 12, 17:00 - 17:59 PDT
Where: Harrah's - Laughlin - Lonely Hackers Club - Map
Description:No Description available
Return to Index - Add to
- ics Calendar file
DC - Saturday - 12:00-13:59 PDT
Title: Lonely Hackers Club - Resume Reviews & Career Advice
When: Saturday, Aug 12, 12:00 - 13:59 PDT
Where: Harrah's - Laughlin - Lonely Hackers Club - Map
Description:No Description available
Return to Index - Add to
- ics Calendar file
SOC - Saturday - 12:00-17:59 PDT
Title: Lonely Hackers Club Meetup
When: Saturday, Aug 12, 12:00 - 17:59 PDT
Where: Harrah's - Laughlin - Lonely Hackers Club - Map
Description:
The LHC, established on Telegram years ago, serves as a warm and inclusive hub for newcomers heading to DefCon for the first time. With over 600 members worldwide, our community has expanded significantly. This year, we're thrilled to provide a space that fosters connections, sharing, and giving back to the DefCon community. Whether you need a resume review, career coaching, or want to participate in sticker & badge trading, we have you covered. And don't miss the exciting 'Name That Noob' event, where our seasoned hackers will help you craft a one-of-a-kind hacker handle. Embrace the welcoming atmosphere and join us for an unforgettable DefCon experience!
Resume reviews & Career Advice 12pm - 2pm
Badgelife / Sticker swap 2-5pm
Name That Noob 5-6pm
Return to Index - Add to
- ics Calendar file
DC - Saturday - 13:00-13:45 PDT
Title: Looking into the future, what can we learn about hacking in science-fiction?
When: Saturday, Aug 12, 13:00 - 13:45 PDT
Where: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
Speakers:Nicolas Minvielle,Xavier Facélina
SpeakerBio:Nicolas Minvielle
, Making Tomorrow
former brand manager for Philippe Starck, professor, researcher and fututirst. Nicolas is also the head of the French Armie’s Science Fiction red Team
SpeakerBio:Xavier Facélina
, Seclab
Xavier Facélina — former hacker, self taught entrepreneur, founded 3 cybersecurity companies including SECLAB, cybersecurity company protecting cyberphysical system (real world !) from cyberattacks.
Xavier has 25 years of experience in cybersecurity with a focus on digital war and cyberdefense. How he gets into this? By seeing the Wargames movie at the age of 8! Today, he still watch movies and read books and comics to anticipate what is coming.
Description:
The links between science fiction and reality have been demonstrated in numerous research studies. By speculating about the possible future uses of technologies under development, science fiction shows us plausible futures. In this sense, it allows us, as a society, to popularize and debate the consequences (expected or not) of our technological developments. In addition to this not negligible social role science fiction also has an impact on our current developments. We speak here of "loop-looping", i.e. there is a feedback loop between what science fiction shows us and what we are then led to actually develop. From this point of view, our imaginations are performative, and this is perhaps the most critical issue: what I see can happen. In the case of hacking and cybersecurity, a particular phenomenon is added: the general public's knowledge of these subjects is mainly through the fictions they watch, read, or listen to. We propose to analyze a corpus of 200 fictional attacks, and 800 real attacks and to compare them to define if the imaginary ones are predictive if they inform us or on the contrary mislead us as for the reality of the current attacks.
REFERENCES:
The subject of imaginaries is a key subject of the work of the Making Tomorrow collective co-founded by Nicolas Minvielle. As such, he has been able to conduct numerous studies aimed at analyzing the impact of science fiction on a given practice.
A book has been published on the subject and is available online in pdf format:
Minvielle, N. & Wathelet, O. & Lauquin, M. & Audinet, P., Design fiction for your organization, Making Tomorrow (2020), http://making-tomorrow.mkrs.fr/wp-content/uploads/2020/04/Making-Tomorrow-Design-Fiction-and-more-for-your-organization.pdf
Academic references on this subject:
Brake, Mark, and Neil Hook, Different Engines: How Science Drives Fiction and Fiction Drives Science (London New York: Macmillan, 2008)
Carpenter, C. (2016). Rethinking the Political / -Science- / Fiction Nexus: Global Policy Making and the Campaign to Stop Killer Robots. Perspectives on Politics, 14(1), 53-69. doi:10.1017/S1537592715003229
Jones, C., & Paris, C. (2018). It’s the End of the World and They Know It: How Dystopian Fiction Shapes Political Attitudes. Perspectives on Politics, 16(4), 969-989. doi:10.1017/S1537592718002153
Kevin L Young, Charli Carpenter, Does Science Fiction Affect Political Fact? Yes and No: A Survey Experiment on “Killer Robots”, International Studies Quarterly, Volume 62, Issue 3, September 2018, Pages 562–576, https://doi.org/10.1093/isq/sqy028
Kirby, David A., Lab Coats in Hollywood: Science, Scientists, and Cinema (Cambridge, Mass: MIT Press, 2011)
Maynard, Andrew D., Films from the Future: The Technology and Morality of Sci-Fi Movies (Coral Gables: Mango Publishing, 2018)
Seed, David, ed., Future Wars: The Anticipations and the Fears, Liverpool Science Fiction Texts and Studies, 42 (Liverpool: Liverpool Univ. Press, 2012)
Shedroff, Nathan, and Christopher Noessel, Make It so: Interaction Design Lessons from Science Fiction(Brooklyn, N.Y., USA: Rosenfeld Media, 2012)
Telotte, J. P., Replications: A Robotic History of the Science Fiction Film (Urbana: University of Illinois Press, 1995)
Westfahl, Gary, Wong Kin Yuen, and Amy Kit-sze Chan, eds., Science Fiction and the Prediction of the Future: Essays on Foresight and Fallacy, Critical Explorations in Science Fiction and Fantasy, 27 (Jefferson, N.C: McFarland, 2011)
Appadurai, Arjun, ed., The Future as Cultural Fact: Essays on the Global Condition (London: New York : Verso Books, 2013)
Here, a video (6’30 to 17’) of Xavier Facélina in 2017 inviting a panel to thing about cybersecurity from a different angle ; and with science fiction references (in French) :
https://youtu.be/PIVwcu-HhQo
Here, a video (8’55 to 29’55) of Nicolas Minvielle talking about the impact of science fiction in innovation (in French) : https://www.youtube.com/live/oK-k3AqdXBc?feature=share
Return to Index - Add to
- ics Calendar file
DL - Saturday - 10:00-11:55 PDT
Title: Lupo: Malware IOC Extractor
When: Saturday, Aug 12, 10:00 - 11:55 PDT
Where: Caesars Forum - Caucus Boardroom - Demo Labs - Map
SpeakerBio:Vishal Thakur
Vishal Thakur has worked in the information security industry for many years in hands-on technical roles, specializing in Incident Response with a heavy focus on Emerging Threats, Malware Analysis and Research. He has presented his research at international conferences (BlackHat, FIRST, SANS DFIR Summit) and has also run training/workshops at BlackHat and FIRST Conference. Vishal is currently working as Manager, Threat Operations Center at Huntress. In past roles, Vishal worked as a Senior Researcher at Salesforce, helping their Incident Response Centre with advanced threat analysis and developing DFIR tools and has been a part of the Incident Response team at the Commonwealth Bank of Australia.
Description:
Lupo is a dynamic analysis tool that can be used as a module with the debugger.
Return to Index - Add to
- ics Calendar file
MIV - Saturday - 13:30-14:30 PDT
Title: Main features of Russia's disinformation and propaganda ecosystem in Spanish-speaking countries
When: Saturday, Aug 12, 13:30 - 14:30 PDT
Where: Caesars Forum - Summit - 224 - Misinfo Village - Map
SpeakerBio:Carlos Galán
Carlos Galán is a lawyer, Master in International Relations and Communication and professor at the Carlos III and Antonio de Nebrija Universities in Spain, in subjects related to Technology Law, Security, Hybrid Threats, Intelligence and International Relations. He has been part of the European Parliament research team for the project "Strategic communications as a key factor in countering hybrid threats". He is a member of the Jean Monnet Chair on Disinformation and Fake News of the European Union, and is currently a member of several working teams of the Department of National Security of Spain, an organization whose competences include research on aspects related to disinformation campaigns and hybrid threats.
Description:
The participatory paper presents the usual functioning of the Russian propaganda and disinformation ecosystem, as well as the possible indicators exhibited both by the Russian unofficial media and by its journalists/researchers, in those narratives especially focused on the Spanish-speaking public, showing concrete examples from several Latin American countries of this modus operandi.
Return to Index - Add to
- ics Calendar file
HHV - Saturday - 10:00-15:30 PDT
Title: Make Your Own Use
When: Saturday, Aug 12, 10:00 - 15:30 PDT
Where: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
Description:
Have you taken your IoT toaster and created a remote activated fire-alarm tester? How about that old toy your kids (right, it was for the kids?) don’t play with anymore that now fuzzes your neighbor’s drone? Or what about putting that con badge to good use? The Hardware Hacking Village is hosting a “Make Your 0wn Use” contest. Submissions can be a solo or team based project that bend, mend, or repurpose any device and show others how it can be done.
Return to Index - Add to
- ics Calendar file
RTV - Saturday - 15:00-15:59 PDT
Title: Malware Hunting an Offensive Approach
When: Saturday, Aug 12, 15:00 - 15:59 PDT
Where: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 4 - Map
SpeakerBio:Filipi Pires
No BIO available
Twitter: @FilipiPires
Description:
Developing offensive thinking is the highlight of this training, you’ll be able to create different strategies to send some attacks and know how you can deliver that, and so on. Participants will have the experience of learning to execute several efficiency and detection tests in your lab environment, bringing the result of the defensive security analysis with an offensive mindset performed some types of the attacks that are used in cybercrime and being able to take practical actions to identify these threats. Understanding how Cyber Kill Chain works, learning Static and Dynamic Analysis of some types of files, and executing your own attacks...
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-17:59 PDT
Title: Maps of the digital lands
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
Maps of the Digital Lands is an all-ages contest that challenges participants to merge their artistic talents with their technical expertise. Contestants will be provided with a diverse array of written business designs and must hand-draw a network diagram illustrating the structure and interconnectivity of each business's infrastructure. Judging will be based on accuracy, adherence to best practices, and artistic prowess. In addition, a captivating Capture the Flag scenario will be available for extra points, employing a digital tool to elevate the challenge. Participants of all skill levels are encouraged to join this immersive experience, compete for assorted prizes, and showcase their unique ability to blend artistry with network engineering excellence. Network engineering is a crucial yet frequently overlooked aspect of hacking, forming the backbone of a secure and efficient cyber ecosystem. By honing their network engineering skills, participants can elevate their abilities beyond mere script kiddie status, gaining a comprehensive understanding of system vulnerabilities and strengthening their overall hacking prowess.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 11:30-12:15 PDT
Title: Mass Owning of Seedboxes - A Live Hacking Exhibition
When: Saturday, Aug 12, 11:30 - 12:15 PDT
Where: Harrah's - Nevada Ballroom - Lake Tahoe & Reno - War Stories - Off the Record - Map
SpeakerBio:Anon
, Hacker
The presenter has been attending DEFCON for ~20 years, and has run various villages and contests for over 10 years. A professional pentester for over 24 years, his previously released research and tools are present in MetaSploit, blog posts, blah blah blah. The hacker is a long-time member of AHA (Austin Hackers Anonymous - takeonme.org ) and is well known for their "this one time on a pentest" stories.
The thing is though. We aren't going to tell you their handle/name. It's not important. You don't need it. Don't pick a talk by how famous someone is.
Description:
"No one hacks at DEFCON any more." is what I've heard. That is, until now. Seedboxes/seedhosts are used by thousands of pirates to download and distribute Movies/TV/Music via USENET and Torrents. The thing is, these systems are horribly insecure. Like, they are wide open. In this talk, I am going to open up a xterm, And a FireFox window, and hack into seedhosts. LIVE. No Demos. No Powerpoint. No introduction slides. Just port scan, attack, 0wn, extract credentials, download all content, obtain other users' credentials, etc. For literally thousands of accounts.
Did you know people store their Google Drive tokens on seedhosts? Did you know that your seedbox provider has no idea how to properly configure docker? Did you know that your plain-text password is sitting in multiple places on these machines, accessible to all other users? Did you know that administrators for very-large private torrent sites re-use the same password for all their accounts, and leave them on seedhosts? Let's hack.
The presenter has been attending DEFCON for ~20 years, and has run various villages and contests for over 10 years. A professional pentester for over 24 years, his previously released research and tools are present in MetaSploit, blog posts, blah blah blah. The hacker is a long-time member of AHA (Austin Hackers Anonymous - takeonme.org ) and is well known for their "this one time on a pentest" stories.
The thing is though. We aren't going to tell you their handle/name. It's not important. You don't need it. Don't pick a talk by how famous someone is.
REFERENCES:
https://censys.io/
https://en.wikipedia.org/wiki/Bash_(Unix_shell)
https://nmap.org/
https://sonarr.tv/
https://radarr.video/
https://github.com/Novik/ruTorrent
https://rclone.org/
https://nzbget.net/
https://sabnzbd.org/
https://en.wikipedia.org/wiki/Seedbox
Return to Index - Add to
- ics Calendar file
BHV - Saturday - 12:40-13:50 PDT
Title: Medical VR
When: Saturday, Aug 12, 12:40 - 13:50 PDT
Where: Flamingo - Laughlin I,II,III - Biohacking Village - Map
Speakers:David Nathans,Ernest Liu
SpeakerBio:David Nathans
, Product Security Manager at Siemens Healthcare
David Nathans currently serves as a Product Security Manager for Siemens Healthcare, where he specializes in building cybersecurity programs and security operation centers. Having previously held prominent positions in the defense, retail, managed security and healthcare industries, Nathans has a wealth of cybersecurity knowledge which he shares to help protect companies from this growing threat. His experiences and lessons learned also stem from his time building security programs at one of the largest breached retail companies in history as well as working all over the world as a Cyber-Operations Officer for the US Air Force.
SpeakerBio:Ernest Liu
No BIO available
Description:
Siemens Healthineers leans into technology to bring medical devices closer to clinicians and more accessible for those that need the best medical attention.
Through our medical device cybersecurity program and our Virtual Reality training platform we can do just that.
For this session we will briefly talk about our programs and let interested individuals navigate our Virtual world or get hands on access to a mobile X-Ray system.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 13:30-14:15 PDT
Title: Meduza: How an exiled pirate media outlet breaks through the Kremlin's propaganda firewall
When: Saturday, Aug 12, 13:30 - 14:15 PDT
Where: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
SpeakerBio:Alex
, CTO at Meduza
Alex is CTO at Meduza. He joined the team in 2019. It was a rather crazy and brave decision to give up the job in a stable global corporation and join an independent media company in the times when it was already obvious that independent journalism is not welcome in Russia any more.
Alex’s main topics of expertise:
Media company digital security. Protection of both employees and infrastructure against cyber threats, government run attacks, surveillance. Circumvention tools and technologies. Practical experience of reaching the audience in state-controlled countries. Government methods and approaches against media organizations. How they discover and block “forbidden” content, legal and physical pressure, surveillance. Risk analysis and research-based forecast for the further elaboration of censorship, i.e. sovereignization, criminalization of content etc.
Description:
Meduza is an independent international Russian- and English-language publication that still reaches millions of people inside Russia. The newsroom is operating from exile for 8 years now with headquarters in Latvia. Despite being completely outlawed and banned by the Kremlin, Meduza continues to work even under such enormously tough circumstances and still delivers the truths about the war in Ukraine along with an unbiased reporting on the situation inside Russia.
But at DEF CON Meduza will not be presented as a media. The team tries to resist the total state control of the Internet in Russia and fight not only for the freedom of speech, but for the freedom of information for millions of people.
Meduza CTO will explain how one of the most free internet has become one of the most regulated and censored ones within just a couple of years. Alex will share the practical experience of resisting censorship along with his (pessimistic) forecast for the future of the Internet in Russia (a new "Iron Curtain')'. He will describe how the authorities were once again able to “deceive the people'' (before all that happened, there were no abrupt blockings in Russia and the habit of using VPN was not formed among internet users). This is important to not to let this scenario be repeated in whatever part of the world.
Tech Dept has always been an important part of Meduza newsroom, but in 2022 the tech guys became an even more crucial part of it. It is thanks to their work that the newsroom is able to successfully bypass blocking and retain the audience in Russia. And to protect the journalists and to repel various DDoS attacks on the infrastructure and products.
REFERENCES:
We don’t have many references that will be used in the presentation. And according to our Code of Conduct in our ordinary life we try to write about the news, and not to be the newsmakers ourselves. Here are a couple links that might be helpful to understand more about our work and values.
Meduza
https://meduza.io/
Meduza English-language edition
https://meduza.io/en
The awards:
https://frittord.no/en/news/speeches-at-the-awarding-of-the-fritt-ord-foundation-prize-2022
https://cpj.org/2022/03/calling-the-war-war-meduzas-galina-timchenko-bucks-russias-censorship-on-ukraine/
https://fgpj.eu/portfolio-items/preistraeger-2022/?portfolioCats=98
More about us:
https://rsf.org/en/rsf-creates-mirror-leading-russian-exile-news-site-blocked-kremlin
https://www.cloudflare.com/innovator-spotlights/
https://www.bloomberg.com/news/articles/2022-05-10/putin-s-crackdown-pushes-independent-russian-media-into-crypto?leadSource=uverify%20wall
https://www.washingtonpost.com/media/2022/03/17/meduza-russia-sanctions/
https://www.vox.com/future-perfect/22955885/donate-ukraine
Several examples of the most important articles:
Fact сhecking piece with a video that proved the massacre in Bucha. Meduza’s source provided us with a video that was filmed during the “entrance” to Bucha. We gave the video to two independent experts (an astronomer and a mathematician) in order to verify when the videos were shot, using chronolocation techniques. Their findings allowed us to confirm that the times in the metadata matches the actual times when the footage was recorded, and that the first video of the bodies couldn’t have been filmed after March 26, 2022, which proved that the horrific civilian killings in Bucha took place before Russian troops retreated from the town
https://meduza.io/en/feature/2022/04/09/verified-video-appears-to-show-ukrainian-troops-killing-russian-captives-here-s-what-we-know-about-it
An investigation of war crimes in Bogdanovka
https://meduza.io/en/feature/2022/04/18/i-can-do-whatever-i-want-to-you
How Russia's full-scale invasion of Ukraine split the company Yandex
https://meduza.io/en/feature/2022/05/06/toxic-assets
An investigation on Elvira Nabiullina, the chairwoman of Russia’s Central Bank
https://meduza.io/en/feature/2022/07/07/the-banker-s-dilemma
Meduza tells the story of the first openly transgender woman in the Russian army. She is going to be sent to war with Ukraine (and that's not the whole story
https://meduza.io/feature/2022/11/09/pust-luchshe-ona-tam-gde-nibud-umret
Return to Index - Add to
- ics Calendar file
DC - Saturday - 09:00-11:59 PDT
Title: Merch (formerly swag) Area Open -- README
When: Saturday, Aug 12, 09:00 - 11:59 PDT
Where: Caesars Forum - Summit - 227-230 - Merch - Map
Description:
All merch sales are USD CASH ONLY. No cards will be accepted.
The published hours for the merch area are only an approximation: supplies are limited, and when merch is sold out, the merch area will close for the year. (We intend to update this schedule to reflect their true operating status, but this is strictly best-effort.)
Note that the closing hours here are **when sales must have ended**. For example, if sales must end by 18:00, and we estimate that it will take 2 hours to clear the queue, doors are likely to close around 16:00. Because of this dynamic nature, we can't predict the length of the line or when doors will be closed.
**PLEASE NOTE**
The Saturday open time was incorrectly listed as 08:00, and has been corrected to 09:00. **PLEASE** check stock status in HackerTracker.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 12:30-13:30 PDT
Title: Metawar
When: Saturday, Aug 12, 12:30 - 13:30 PDT
Where: Harrah's - Nevada Ballroom - Lake Tahoe & Reno - War Stories - Off the Record - Map
SpeakerBio:Winn
Winn has lived Cybersecurity since 1983. He coined the term "Electronic Pearl Harbor” while testifying before Congress in 1991. His seminal book, "Information Warfare” showed the world how and why massive identity theft, cyber-espionage, nation-state hacking and cyber-terrorism would be an integral part of today.
Currently, he is exploring "Metawar," a term he coined to describe the art and science of reality distortion and addiction in the metaverse. Increasingly impressive immersive technologies, active metacontent orchestration, and powertul feedback systems OODA loops) will amplity disinformation through believable simulations and the powerful addictive effects of reward-based virtual existences. At some distant date, the metapoint will be reached, where persistent immersive simulations will be indistinguishable from our default 'reality'. Just with current and short-term technological capabilities, the security, privacy, ethics, and global policy implications are staggering. (The book "Metawar" will be available 2023)
Description:
The Metaverse is the Most Powerful, Addictive Reality Distortion Machine Ever Conceived… and it Can Predict the Future.
The metaverse is an evolving storytelling environment in which humans have congregated for millennia to experience alternate, immersive, and simulated realities, with or without technology. Storytelling is designed to influence mental and physical perceptions suiting the purposes of the content creators.
Metawar is the art of applying science to create and defend against the influence of alternate realities in the metaverse.
My research into Metawar initially focused on metaversal technologies. Unexpectedly, it morphed into an intensely personal experience, triggering my own Metanoia, which had a profound impact on the entire Metawar Thesis.
Immersive Experience = > Reality Distortion => Disinformation = >> Manipulation => Reward => Addiction => Compliance
My Metanoia has been integral to the evolution of thinking about the synthesis of carbon-silicon technologies and the Venn of objective-subjective reality perception. Please, bring your thoughts so we can talk about what being human even means as increasingly immersive metaverse experiences bend our sense of reality.
WARNING: There may be some maths.
Return to Index - Add to
- ics Calendar file
MIV - Saturday - 15:00-15:30 PDT
Title: Misinformation As A Service: Social Engineering techniques applied in service contexts.
When: Saturday, Aug 12, 15:00 - 15:30 PDT
Where: Caesars Forum - Summit - 224 - Misinfo Village - Map
SpeakerBio:Daniel Isler
No BIO available
Description:
Return to Index - Add to
- ics Calendar file
MIV - Saturday - 17:30-17:59 PDT
Title: Misinformation Village Q and A
When: Saturday, Aug 12, 17:30 - 17:59 PDT
Where: Caesars Forum - Summit - 224 - Misinfo Village - Map
SpeakerBio:Misinformation Village Staff
No BIO available
Description:
A chance to ask us questions about the misinformation village
Return to Index - Add to
- ics Calendar file
APV - Saturday - 14:15-14:59 PDT
Title: MitmWs: A new way to pentest websocket applications
When: Saturday, Aug 12, 14:15 - 14:59 PDT
Where: Flamingo - Savoy - AppSec Village - Main Stage - Map
SpeakerBio:Jon F
Been hacking professionally (and ethically) for over 10 years. Primarily pentest web applications & the odd desktop application.
Description:
MitmWs is a pentesting HTTP proxy created specifically for testing applications that use websockets. Websocket applications present unique challenges to pentesters. The the asynchronous nature of the conversation, the often times statefulness of the conversation and the sometimes tricky timing requirements of specific messages are all challenges that MitmWs helps mitigate.
Return to Index - Add to
- ics Calendar file
BHV - Saturday - 00:00-00:59 PDT
Title: Model Based Systems Engineering for Security Engineers
When: Saturday, Aug 12, 00:00 - 00:59 PDT
Where: Virtual
SpeakerBio:John Volock
No BIO available
Description:
This talk is being pre-recorded and will be released on YouTube. Once it is available, a link to it will appear here.
Update 2023-08-11 06:30: Biohacking Village indicates that the pre-recorded talks have not yet been received. Once received, these talks will be posted to the [Biohacking Village YouTube Channel](https://www.youtube.com/@BiohackingVillage/about). Please note that this may be as late as a week or two after DC31.
Return to Index - Add to
- ics Calendar file
HRV - Saturday - 15:00-15:30 PDT
Title: Modernizing AX.25 packet radio with Modern Packet Message Manager
When: Saturday, Aug 12, 15:00 - 15:30 PDT
Where: Flamingo - Virginia City - Ham Radio Village - Map
SpeakerBio:Jeremy Banker
A lifelong learner and broad technology enthusiast, Jeremy Banker holds a Masters degree in Information Security and is a founding member of the Security Product Engineering, Automation and Research (SPEAR) team at VMware. He has designed, built and implemented solutions to ensure that VMware's software supply chain remains secure. When not looking for new ways to keep software safe, he can usually be found tinkering with all manner of gadgets, working to bring amateur radio software into the modern era, or enjoying the peace of nature in his native Colorado.
Description:
If you've ever looked into the current standard software for many different packet radio operations, you've probably experienced the 90s interfaces, weird and wacky undocumented configuration, and general lack of consideration for open source. Modern Packet Message Manager hopes to put an end to that situation by either creating or collecting a full open-source stack of software to facilitate digital packet messaging, with a focus on modularity, open source, and modern interfaces.
Return to Index - Add to
- ics Calendar file
MUS - Saturday - 18:00-01:59 PDT
Title: Music Set / Entertainment (Saturday, ACK Stage)
When: Saturday, Aug 12, 18:00 - 01:59 PDT
Where: Caesars Forum - Forum Pre-Function 2 - ACK Stage - Map
Speakers:DotOrNot,Dr. McGrew,H4X,Icetre Normal,NGHTHWK,SK,Z3npi,n0x08
SpeakerBio:DotOrNot
No BIO available
SpeakerBio:Dr. McGrew
No BIO available
SpeakerBio:H4X
No BIO available
SpeakerBio:Icetre Normal
No BIO available
SpeakerBio:NGHTHWK
No BIO available
SpeakerBio:SK
No BIO available
SpeakerBio:Z3npi
No BIO available
SpeakerBio:n0x08
No BIO available
Description:
Featuring performances by:
- 18:00 – 19:00 – SK
- 19:00 – 20:00 – DotOrNot
- 20:00 – 21:00 – n0x08
- 21:00 – 22:00 – Icetre Normal
- 22:00 – 23:00 – NGHTHWK
- 23:00 – 00:00 – H4X
- 00:00 – 01:00 – Z3npi
- 01:00 – 02:00 – Dr. McGrew
ACK Stage is located in front of the doors to rooms 117/118 in the Forum Pre-function 2. Look for the tents and the beats!
Return to Index - Add to
- ics Calendar file
PLV - Saturday - 17:00-17:50 PDT
Title: Navigating the Digital Frontier: Advancing Cyber Diplomacy in a Connected World
When: Saturday, Aug 12, 17:00 - 17:50 PDT
Where: Caesars Forum - Summit - 221-222 - Policy Atrium - Map
Speakers:Christopher Painter,Harry Krejsa,Monica M. Ruiz,Océane Thieriot,Orlando Garces
SpeakerBio:Christopher Painter
, President at Global Forum on Cyber Expertise
Chris Painter is the President of the Global Forum on Cyber Expertise. He served as the first top cyber diplomat in the U.S. State Department, in the White House as Senior Director for Cyber Policy in the National Security Council, and in the Justice Department and the FBI. Awards include the RSA Award for Excellence in the Field of Public Policy (2016), the Attorney General's Award for Exceptional Service, and the Intelligence Community Legal Award (2008).
Twitter: @c_painter
SpeakerBio:Harry Krejsa
, Assistant National Cyber Director for Strategy at The Office of National Cyber Director (ONCD)
Harry Krejsa leads cyber strategy for the Office of the National Cyber Director (ONCD), including the development of the Biden-Harris Administration’s 2023 National Cybersecurity Strategy. Harry joined ONCD from the Department of Defense where he developed frameworks for deterring and disrupting adversary cyber campaigns while overseeing military cyber policy engagement in the Indo-Pacific. Previously, Harry directed emerging technology policy at the Cyberspace Solarium Commission, researched U.S.-China strategic competition at the Center for a New American Security, and received a Fulbright Fellowship to Taiwan. A native to rural Iowa, Harry graduated from Grinnell College with a B.A. in Political Science and East Asian Studies and holds a master’s degree in International Relations from the Princeton School of Public and International Affairs.
SpeakerBio:Monica M. Ruiz
, Senior Government Affairs Manager, Digital Diplomacy at Microsoft
Monica M. Ruiz is a Senior Government Affairs Manager in Microsoft’s Digital Diplomacy team. In this role she focuses on efforts to promote stability in cyberspace and advance trust, security and human rights in this domain. She holds a bachelor’s degree from Florida International University and a master’s degree from The Fletcher School of Law and Diplomacy at Tufts University.
SpeakerBio:Océane Thieriot
, Counselor for Cyber Affairs at Embassy of France in Washington DC
Océane Thieriot is the Counselor for Cyber Affairs at the Embassy of France in Washington DC.
Before joining the Embassy, she held positions within the French Ministry of Foreign Affairs, serving in Brussels (Deputy Antici Counselor at the French Permanent Representation to the EU) as well as in Paris (member of the cabinet of the Minister for European Affairs). She is a graduate from Ecole Normale Supérieure, Sciences Po and Ecole Nationale d’Administration.
SpeakerBio:Orlando Garces
, Cybersecurity Program Officer at Inter-American Committee against Terrorism (CICTE) of the Organization of American States (OAS)
Orlando Garcés, Cybersecurity Program Officer of the Inter-American Committee against Terrorism (CICTE) of the Organization of American States (OAS), focusing primarily on strategy and policy, governance issues, and gender mainstreaming in cybersecurity. He has strategically participated in the formulation and implementation of National Cybersecurity Strategies and Policies in several countries in the Latin American and Caribbean region, as well as in the development of reports and studies on the state of cybersecurity in strategic industries and sectors.
Description:
In an increasingly interconnected and technologically driven world, the need for robust and comprehensive cyber diplomacy has become paramount. This panel titled ""Navigating the Digital Frontier: Advancing Cyber Diplomacy in a Connected World"" will bring together experts across government, industry and civil society to explore the multifaceted challenges posed by cyberspace and discuss strategies to ensure a secure and resilient digital landscape. The panel will delve into ongoing global and regional international cyber dialogues, such as the United Nations (UN) Open-Ended Working Group on security of and in the use of information and communications technologies, the UN Ad-Hoc Committee on Cybercrime (AHC), and the Organization of American States (OAS) Working Group on Cooperation and Confidence-Building Measures in cyberspace. It will also explore capacity building initiatives being pursued across the international community and surface efforts that promote cooperation and trust in cyberspace across different regions. Moreover, the panel will investigate the role of public-private partnerships in shaping effective cyber policy frameworks.
Return to Index - Add to
- ics Calendar file
MIV - Saturday - 11:30-12:30 PDT
Title: Navigating the Disinformation Landscape
When: Saturday, Aug 12, 11:30 - 12:30 PDT
Where: Caesars Forum - Summit - 224 - Misinfo Village - Map
SpeakerBio:Eric Curwin
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
DC - Saturday - 15:30-16:15 PDT
Title: ndays are also 0days: Can hackers launch 0day RCE attack on popular softwares only with chromium ndays?
When: Saturday, Aug 12, 15:30 - 16:15 PDT
Where: Caesars Forum - Forum - 130-134 - Track 3 - Map
Speakers:Bohan Liu,GuanCheng Li,Zheng Wang
SpeakerBio:Bohan Liu
, Senior Security Researcher at Tencent Security Xuanwu Lab
Bohan Liu (@P4nda20371774) is a senior security researcher at Tencent Security Xuanwu Lab. He focuses on browser security research and has discovered multiple Chrome vulnerabilities. He also presented his research results on Kanxue SDC and Black Hat Asia.
Twitter: @@P4nda20371774
SpeakerBio:GuanCheng Li
, Senior Security Researcher at Tencent Security Xuanwu Lab
Guancheng Li (@atuml1) is a senior researcher at Tencent Security Xuanwu Lab. His research interests are focused on software and system security, IoT security, software engineering and AI. He is also a founder and former captain of r3kapig CTF Team.
Twitter: @@atuml1
SpeakerBio:Zheng Wang
, Senior Security Researcher at Tencent Security Xuanwu Lab
Zheng Wang (@xmzyshypnc) is a senior Security Researcher at Tencent Security Xuanwu Lab. He's mainly engaged in browser and linux kernel security. He is also a speaker attending in Black Hat Asia 2023.
Twitter: @@xmzyshypnc
Description:
Chromium is not only the most popular browser in the world but also one of the most widely integrated supply chain components. Nowadays, a large number of popular software is built on frameworks based on Chromium, such as CEF and Electron. This means that vulnerabilities in Chromium will directly affect popular software. In addition, according to Google's vulnerability disclosure policy, most of the details of Chromium vulnerabilities will be publicly disclosed 14 weeks after being fixed, and many of these vulnerabilities are high-impact and may lead to RCE. Unfortunately, we have found that much downstream software is unable to timely fix the Chromium vulnerabilities. This creates a window of opportunity for attackers to carry out RCE attacks on popular software. The cost for attackers to exploit these vulnerabilities during this window is relatively low, as it falls between the time of the Chromium vulnerability disclosure and the completion of fixes for popular software. We refer to this window as the "RCE window period".
In this topic, we will first evaluate the "RCE window period" of more than 20 popular software. In the upcoming section, we will showcase how to transform Chromium nday vulnerabilities into popular software 0day vulnerabilities in a low-cost manner within the "RCE window period". To illustrate this process, we will use over 10 RCE 0day vulnerabilities in popular software that we have discovered as examples. Some software will attempt to enable sandbox to mitigate this problem, so we will also provide examples of how to bypass the sandbox by exploiting vulnerabilities in the software itself rather than a Chromium sandbox bug.
Finally, we will discuss the reasons for the existence of the RCE window period and the lessons learned from it, hoping to help software developers improve the security of their products.
- REFERENCES
[1] https://googleprojectzero.blogspot.com/2022/06/2022-0-day-in-wild-exploitationso-far.html
[2] https://bugs.chromium.org/p/chromium/issues/list?q=Type%3DBug-Security&can=2
[3] https://bitbucket.org/chromiumembedded/cef/wiki/GeneralUsage
[4] https://www.electronjs.org/docs/latest/
[5] https://media.defcon.org/DEF%20CON%2027/DEF%20CON%2027%20presentations/DEFCON-27-Junyu-Zhou-and-Ce-Qin-and-Jianing-Wang-Web2Own-Attacking-Desktop-Apps-From-Web-Securitys-Perspective.pdf
[6] https://i.blackhat.com/USA-22/Thursday/US-22-Purani-ElectroVolt-Pwning-Popular-Desktop-Apps.pdf
[7] https://plugins.jetbrains.com/docs/intellij/jcef.html
[8] https://medium.com/@ethicalkid/recent-burp-rce-zeroday-df39b1b24230
[9] https://crbug.com/1307610
[10] https://cs.android.com/android/platform/superproject/+/master:external/selinux/libselinux/src/android/android_seapp.c
[11] https://security.googleblog.com/2021/07/protecting-more-with-site-isolation.html
Return to Index - Add to
- ics Calendar file
PHV - Saturday - 09:00-17:59 PDT
Title: NetworkOS: Be The Cloud
When: Saturday, Aug 12, 09:00 - 17:59 PDT
Where: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
Description:
The NetworkOS workshop takes you into the mysterious world underpinning modern computing and global communication: the network itself. Step by step, you'll learn all the basics you need. No experience needed: must know how to type and copy/paste.
Return to Index - Add to
- ics Calendar file
MISC - Saturday - 14:30-14:59 PDT
Title: No Starch Press - Book Signing - Cory Doctorow, Red Team Blues & Chokepoint Capitalism
When: Saturday, Aug 12, 14:30 - 14:59 PDT
Where: Caesars Forum - Alliance - 305-306 - Vendors - Map
SpeakerBio:Cory Doctorow
Cory Doctorow (craphound.com) is a science fiction author, activist and journalist. He is the author of many books, most recently RED TEAM BLUES, a science fiction crime thriller; CHOKEPOINT CAPITALISM, nonfiction about monopoly and creative labor markets; the LITTLE BROTHER series for young adults; IN REAL LIFE, a graphic novel; and the picture book POESY THE MONSTER SLAYER. In 2020, he was inducted into the Canadian Science Fiction and Fantasy Hall of Fame.
Twitter: @@doctorow
Description:No Description available
Return to Index - Add to
- ics Calendar file
MISC - Saturday - 12:00-12:59 PDT
Title: No Starch Press - Book Signing - Daniel Reilly, Math for Security
When: Saturday, Aug 12, 12:00 - 12:59 PDT
Where: Caesars Forum - Alliance - 305-306 - Vendors - Map
Description:No Description available
Return to Index - Add to
- ics Calendar file
MISC - Saturday - 16:00-16:59 PDT
Title: No Starch Press - Book Signing - Fotios Chantzis, Paulino Calderon, & Beau Woods, Practical IoT Hacking
When: Saturday, Aug 12, 16:00 - 16:59 PDT
Where: Caesars Forum - Alliance - 305-306 - Vendors - Map
Description:No Description available
Return to Index - Add to
- ics Calendar file
MISC - Saturday - 15:00-15:59 PDT
Title: No Starch Press - Book Signing - Jon DiMaggio, The Art of Cyberwarfare
When: Saturday, Aug 12, 15:00 - 15:59 PDT
Where: Caesars Forum - Alliance - 305-306 - Vendors - Map
Description:No Description available
Return to Index - Add to
- ics Calendar file
MISC - Saturday - 13:00-13:59 PDT
Title: No Starch Press - Book Signing - Jos Weyers, Matt Burrough & BandEAtoZ, Locksport
When: Saturday, Aug 12, 13:00 - 13:59 PDT
Where: Caesars Forum - Alliance - 305-306 - Vendors - Map
Description:No Description available
Return to Index - Add to
- ics Calendar file
MISC - Saturday - 11:00-11:59 PDT
Title: No Starch Press - Book Signing - Maria Markstedter, Blue Fox: Arm Assembly Internals and Reverse Engineering
When: Saturday, Aug 12, 11:00 - 11:59 PDT
Where: Caesars Forum - Alliance - 305-306 - Vendors - Map
SpeakerBio:Maria Markstedter
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
MISC - Saturday - 14:00-14:59 PDT
Title: No Starch Press - Book Signing - Micah Lee, Hacks, Leaks and Revelations
When: Saturday, Aug 12, 14:00 - 14:59 PDT
Where: Caesars Forum - Alliance - 305-306 - Vendors - Map
Description:No Description available
Return to Index - Add to
- ics Calendar file
MISC - Saturday - 11:00-11:59 PDT
Title: No Starch Press - Book Signing - Patrick Wardle, The Art of Mac Malware
When: Saturday, Aug 12, 11:00 - 11:59 PDT
Where: Caesars Forum - Alliance - 305-306 - Vendors - Map
Description:No Description available
Return to Index - Add to
- ics Calendar file
PLV - Saturday - 15:00-15:50 PDT
Title: Non-State Actors in the Russia/Ukraine Conflict
When: Saturday, Aug 12, 15:00 - 15:50 PDT
Where: Caesars Forum - Summit - 218-219 - Policy Rotunda - Map
Speakers:Dan Grobarcik,Marc Rogers,Mauro Vignati,Stefanie Metka
SpeakerBio:Dan Grobarcik
, Research Associate at Cyber and Innovation Policy Institute at the U.S. Naval War College
Dan Grobarcik is a Research Associate with the Cyber and Innovation Policy Institute at the U.S. Naval War College. His research covers information warfare, the Cold War, and European and Eurasian security issues.
SpeakerBio:Marc Rogers
, Senior Adjunct Advisor at Institute for Security and Technology
Marc Rogers is the CTO and Cofounder of nbhd.ai and a Senior Adjunct Advisor for the Institute for Security and Technology. Formerly a cybersecurity strategist at Okta, head of security at Cloudflare and co-founder of Vectra.ai. Marc is a whitehat hacker and breaker of things from Teslas, to iPhones, Google Glasses and more. As seen on Mr Robot. Part of IST's Ransomware Task Force, Co-Founder of CTI League, Cultivator of beards.
SpeakerBio:Mauro Vignati
, ICRC
In 2003 Mauro started working at the first unit of the Swiss Federal Police fighting cybercrime. Later on, he collaborated to the establishment of MELANI, Switzerland's first centre for public-private partnership on cybersecurity for critical infrastructure. Back in 2013, he set up and led the Cyber Threat Intelligence Division within the Department of Defence in Bern. In 2021, he was tasked to create the Vulnerability Management unit within the National Cyber Security Centre NCSC.ch, leading several projects, among them the first bug bounty program of the Swiss government. He then joined the International Committee of the Red Cross ICRC one year later, as advisor on new digital technologies of warfare.
SpeakerBio:Stefanie Metka
, NATO
Stefanie Metka is the head of NATO’s Cyber Threat Analysis Branch and serves as a primary advisor to NATO’s political, military, and security leadership on cyber threats. Prior to joining NATO, Stefanie served as a Strategic Threat Analyst in the Canadian civil service, and has had a number of postings with a focus on cyber threats and national security. Stefanie received her Master’s degree in infrastructure protection and international security from Carleton University, and is also an alumni of the Geneva Centre for Security Policy, and Cornell University.
Description:
This panel explores the presence and actions of non-state actors in the Russia-Ukraine conflict. With a focus on volunteerist cyber actors in the conflict, such as patriotic hackers and hacktivist collectives, individual volunteers - or even the private sector -, the panel explores the conduct of these actors during the conflict, as well as how the cyber criminal landscape has evolved during the course of the conflict. Bringing together a set of diverse perspectives from across the policy, operational, legal, and security community spheres, both within, and outside of government, including the NGO space, it focuses on the implications of these actions: can these indeed be considered altruistic actions in cyberspace? Or do they hold more complex implications than we are prepared to admit? This panel intends to demonstrate the ways in which the actions of non-state actors challenge some of our basic assumptions about cyberspace as a domain of operations – but also how adversaries might understand this behaviour too. Ultimately, it argues that the unique space that non-state actors occupy within the cyber elements of the conflict requires much deeper consideration, and complex, considered thought from the wider international security community.
Return to Index - Add to
- ics Calendar file
APV - Saturday - 12:30-13:30 PDT
Title: Not All Alerts Are Born Equal: Insights from AppSec Experts on Prioritizing Security Alerts
When: Saturday, Aug 12, 12:30 - 13:30 PDT
Where: Flamingo - Savoy - AppSec Village - Main Stage - Map
Speakers:Joe Christian,Kunal Bhattacharya,Shahar Man,Trupti Shiralkar
SpeakerBio:Joe Christian
Joe Christian currently serves as the Engineering Manager for the DevSecOps Platforms team at Paylocity. Previously, Joe held leadership positions at Brex and Zappos. Joe is also a Cyber Defense Ph.D. student at Dakota State University.
Twitter: @Jo3Ram
SpeakerBio:Kunal Bhattacharya
A Security Leader, Organization builder and mentor who helps organizations build robust Cyber defense and detection capabilities. I do this by building Secure SDL processes and machination encapsulating Shiftleft strategy, SecDevOps, Cloud and Penetration testing. My prior experience in all phases of Application development, System and database administration and Quality engineering helps me in building lasting relationships with peers in engineering and product organizations and working towards shared security goals.
SpeakerBio:Shahar Man
Passionate about building and leading teams, I have successfully grown Engineering and Product teams from scratch, leveraging Agile methodologies. My focus lies in Application and Cloud Security, advocating for context-driven AppSec decisions.
SpeakerBio:Trupti Shiralkar
Trupti Shiralkar is a Sr Engineering Manager at Datadog. Her 15+ years of industry experience ranges from Fortune 500s to small startups including Illumio, Amazon, Hewlett Packard, Q2ebanking and ATSEC Information Security. She holds a Master of Science degree in Information Security from Johns Hopkins University Information Security Institute (JHUISI) and several security certifications. As a product security leader and seasoned public speaker, she is committed to sharing her knowledge to influence positive security and reduce organization wide risk. She holds a patent for secure and anonymous electronic polling.
Twitter: @tshiralkar
Description:
In today's threat landscape, security teams are overwhelmed with the number of alerts generated by their security stack. However, not all alerts are equally critical, and it's essential to prioritize them based on their severity and context impact on the organization. In this panel discussion, our AppSec experts will share their experiences and insights on how to effectively prioritize alerts and reduce alert fatigue. They will discuss best practices for triaging alerts, techniques to automate the process, and strategies to ensure that the most critical alerts receive immediate attention. Join us to learn from the experts on how to effectively manage security alerts and improve your organization's security posture.
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-13:59 PDT
Title: Octopus Game
When: Saturday, Aug 12, 10:00 - 13:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
Octopus Game is back for a second year! This contest is a battle royale style competition where fun and friendship is the goal. This year players will meet together in various locations at the same time for group competition through through fun games. 128 players will enter, but only 1 will be crowned the Octopus CHAMPION. Join us, make some new friends and remember: only the best will prevail!
Return to Index - Add to
- ics Calendar file
XRV - Saturday - 11:00-16:59 PDT
Title: Off the Rails: A demo with Pacific Northwest National Labs
When: Saturday, Aug 12, 11:00 - 16:59 PDT
Where: Caesars Forum - Summit - 206 - XR Village - Map
Description:
Pacific Northwest National Laboratory (PNNL) has developed and operates modeled physical environments for training and demonstrating cyber security for DHS CISA as part of their ICS Control Environment Laboratory Resource (CELR). To expose a broader audience at conferences and industry venues, CISA is implementing an XR interface to enable remote users to have a visceral experience as if they are in the same room as the CELR models. The CISA CELR team is developing cutting-edge data pipelines with the Depthkit software and developers at Scatter that can record and transmit accurate 3D renderings of objects and people in near real-time to an XR headset (HoloLens 2). Depthkit combines the data streams from up to 10 Microsoft Azure Kinect cameras and combines them into a calibrated photorealistic 3D video. This video can be exported into the Unity game engine and embedded as recordings or live streams into an XR application. The demonstration planned for Defcon will be for the Rail sector systems including an AR overview of the skid model with some pre-recorded videos of failure scenarios and some VR exploration of rail sector subsystems including a locomotive cab, wayside controller, and regional dispatch display. Conference attendees will learn more about the rail sector and its use of cyber components and the potential risks of cyber based failures.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 14:00-17:59 PDT
Title: Off the record war story talks - Signs Ups On Site
When: Saturday, Aug 12, 14:00 - 17:59 PDT
Where: Harrah's - Nevada Ballroom - Lake Tahoe & Reno - War Stories - Off the Record - Map
Description:No Description available
Return to Index - Add to
- ics Calendar file
APV - Saturday - 13:00-14:59 PDT
Title: Open Source API Security for devsecops
When: Saturday, Aug 12, 13:00 - 14:59 PDT
Where: Flamingo - Savoy - AppSec Village - Pod 3 - Map
Speakers:Ankita Gupta,Ankush Jain
SpeakerBio:Ankita Gupta
Ankita is the co-founder and CEO of Akto.io. Prior to Akto she has experience working in VMware, LinkedIn and JP Morgan. She holds MBA from Dartmouth College and Bachelors in Technology from IIT Roorkee.
Twitter: @ankitaiitr
SpeakerBio:Ankush Jain
Ankush is the co-founder & CTO at Akto (https://www.akto.io). Prior to starting Akto he worked at CleverTap as VP of Engineering. He has also worked for 5 years as a Quant at Morgan Stanley. He has acquired US patents at Microsoft at CleverTap.
Twitter: @Ankush12389
Description:
We want to present in Arsenal. Akto is an open source API Security product. During the session, we will showcase how to:
- Automate your API inventory and generate open API spec file
- We will teach how to write custom test for security testing with live demo of 20+ custom business logic tests.
- Automate API security testing in CI/CD with GitHub Actions as an example
Return to Index - Add to
- ics Calendar file
RTV - Saturday - 09:00-10:59 PDT
Title: Open Source Intelligence (OSINT) for Hackers
When: Saturday, Aug 12, 09:00 - 10:59 PDT
Where: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 4 - Map
Speakers:Lee McWhorter,Sandra Stibbards
SpeakerBio:Lee McWhorter
No BIO available
Twitter: @tleemcjr
SpeakerBio:Sandra Stibbards
No BIO available
Twitter: @Camelotinv
Description:
The Open Source Intelligence (OSINT) for Hackers workshop, as part of the Red Team Village, provides extensive information and hands on lessons relating to surface and deep web searching along with advanced online search techniques & strategies, online privacy / anonymity tools, counterintelligence techniques used by the criminal element, search techniques of blogs and social networks including social media monitoring, utilize database systems, methods to obtain historical website pages, develop previous domain & website details that no longer exist, geolocating, reverse imaging, transfer of large files, screenshot capabilities, and much more all focused on helping Hackers related to threat hunting, red teaming and information gathering.
Return to Index - Add to
- ics Calendar file
QTV - Saturday - 14:00-14:59 PDT
Title: OpenQuantum: open-source hardware for quantum engineering via trapped atoms
When: Saturday, Aug 12, 14:00 - 14:59 PDT
Where: LINQ - 3rd flr - Quantum Village - Map
SpeakerBio:Max Shirokawa Aalto
No BIO available
Description:
Almost all existing tutorials in the applied quantum world are focused on quantum programming languages & how to interact with a QPU – until now. OpenQuantum is a fully open-source, mostly 3D printable blueprint for a hardware platform that allows for the cooling, trapping and manipulation of rubidium atoms, an ideal platform for quantum engineering. This workshop will cover the history of the field, the operational principles of the apparatus, and technical details on the open-source devices we have designed to make this science more accessible.
Return to Index - Add to
- ics Calendar file
RCV - Saturday - 10:45-11:30 PDT
Title: OSINT Privacy Unmasked: Taking Control of Your Digital Footprint in a Hyper-Connected World
When: Saturday, Aug 12, 10:45 - 11:30 PDT
Where: LINQ - 3rd flr - Social B and C - Recon Village - Map
SpeakerBio:Zoey Selman
No BIO available
Twitter: @@v3rbaal
Description:No Description available
Return to Index - Add to
- ics Calendar file
RTV - Saturday - 15:00-15:59 PDT
Title: OSINT Skills Lab Challenge
When: Saturday, Aug 12, 15:00 - 15:59 PDT
Where: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3 - Map
Speakers:Lee McWhorter,Sandra Stibbards
SpeakerBio:Lee McWhorter
No BIO available
Twitter: @tleemcjr
SpeakerBio:Sandra Stibbards
No BIO available
Twitter: @Camelotinv
Description:
Welcome to the Open Source Intelligence Skills Lab Challenge CTF! There are 3 challenge sets, each with their own challenges. As you progress through each set, the difficulty will progressively increase. Answering a "flag" correctly will net you points, with a maximum possible score of 560.
Return to Index - Add to
- ics Calendar file
RTV - Saturday - 16:00-16:59 PDT
Title: OSINT Skills Lab Challenge
When: Saturday, Aug 12, 16:00 - 16:59 PDT
Where: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3 - Map
Speakers:Lee McWhorter,Sandra Stibbards
SpeakerBio:Lee McWhorter
No BIO available
Twitter: @tleemcjr
SpeakerBio:Sandra Stibbards
No BIO available
Twitter: @Camelotinv
Description:
Welcome to the Open Source Intelligence Skills Lab Challenge CTF! There are 3 challenge sets, each with their own challenges. As you progress through each set, the difficulty will progressively increase. Answering a "flag" correctly will net you points, with a maximum possible score of 560.
Return to Index - Add to
- ics Calendar file
PHV - Saturday - 09:00-17:59 PDT
Title: Packet Detective
When: Saturday, Aug 12, 09:00 - 17:59 PDT
Where: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
Description:
Ready to upgrade your skills at the Packet Hacking Village? It’s time to play Packet Detective. A step up in difficulty from Packet Investigator, Packet Detective will test your network hunting abilities at the intermediate level. Come learn some new tricks!
Return to Index - Add to
- ics Calendar file
PHV - Saturday - 09:00-17:59 PDT
Title: Packet Inspector
When: Saturday, Aug 12, 09:00 - 17:59 PDT
Where: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
Description:
New to packet-fu? Don't know a pcap from a bottle cap? Packet Inspector is the game for you! We provide the laptops and all necessary tools for you to learn the basics of network analysis, sniffing, and forensics.
Return to Index - Add to
- ics Calendar file
RCV - Saturday - 10:00-10:45 PDT
Title: Panel Discussion - Bugs, Bounties, & Breaches - Insider Tales from the Trenches
When: Saturday, Aug 12, 10:00 - 10:45 PDT
Where: LINQ - 3rd flr - Social B and C - Recon Village - Map
SpeakerBio:Jason Haddix
, CISO and “Hacker in Charge” at BuddoBot
Jason Haddix is the CISO and “Hacker in Charge” at BuddoBot, a world-class adversary emulation consultancy. He's had a distinguished 15-year career in cybersecurity previously serving as the CISO of Ubisoft, Head of Trust/Security/Operations at Bugcrowd, Director of Penetration Testing at HP, and Lead Penetration Tester at Redspin. He has also held positions doing mobile penetration testing, network/infrastructure security assessments, and static analysis. Jason is a hacker and bug hunter to the core, and he is ranked 51st all-time on Bugcrowd's leaderboards. Currently, he specializes in recon and web application analysis. Jason has also authored many talks on offensive security methodology, including speaking at cons such as; DEF CON, Black Hat, OWASP, RSA, Nullcon, SANS, IANS, BruCon, Toorcon, and many more. Jason currently lives in Colorado with his wife and three children.
Twitter: @jhaddix
Description:No Description available
Return to Index - Add to
- ics Calendar file
ICSV - Saturday - 13:30-14:59 PDT
Title: Panel Discussion -- Designing and Deploying NOC/SOC in a Mobile, Limited Bandwidth Maritime Environment
When: Saturday, Aug 12, 13:30 - 14:59 PDT
Where: Caesars Forum - Alliance - 313-319 - ICS Village - Map
Speakers:Brad Proctor,Cliff Neve,Danny Joslin,Peter Dreyer,Tom Stites
SpeakerBio:Brad Proctor
No BIO available
SpeakerBio:Cliff Neve
, US Coast Guard
CDR Cliff Neve is a retired Coast Guard Commander whose assignments included Chief of Staff at Coast Guard Cyber Command, Deputy Chief Information Officer at the White House Communications Agency, and Assistant C4ISR Program Manager for the Coast Guard’s multi billion dollar recapitalization program. Since retiring from the Coast Guard in 2013, CDR Neve has led all manner of cyber security assessments and security architecture consulting for diverse clients that include Ports and Waterways, Wall Street firms, Fortune 100 companies, banks, hospitals, and defense agencies. CDR Neve is a Certified Information Systems Security Professional (CISSP) and Project Management Professional (PMP).
SpeakerBio:Danny Joslin
No BIO available
SpeakerBio:Peter Dreyer
No BIO available
SpeakerBio:Tom Stites
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
PHV - Saturday - 09:00-17:59 PDT
Title: Password Lab
When: Saturday, Aug 12, 09:00 - 17:59 PDT
Where: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
Description:
In this workshop, you'll learn real-world penetration testing techniques for guessing passwords using Hydra, xHydra, and Hashcat.
Return to Index - Add to
- ics Calendar file
PWV - Saturday - 10:00-17:59 PDT
Title: Password Village Activities
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - 236 - Password Village - Map
Description:
The Password Village provides training, discussion, and hands-on access to hardware and techniques utilized in modern password cracking, with an emphasis on how password cracking relates to your job function and the real world . No laptop? No problem! Feel free to use one of our terminals to access a pre-configured GPGPU environment to run password attacks against simulated real-world passwords. Village staff and expert volunteers will be standing by to assist you with on-the-spot training and introductions to Hashcat, as well as other FOSS cracking applications.
Return to Index - Add to
- ics Calendar file
RTV - Saturday - 11:00-11:59 PDT
Title: Passwords Argh Us
When: Saturday, Aug 12, 11:00 - 11:59 PDT
Where: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3 - Map
SpeakerBio:Traveler
No BIO available
Description:
The workshop is designed to provide attendees with comprehensive knowledge and hands-on experience in the realm of offensive security. In today's digital landscape, where passwords remain a significant line of defense for organizations, understanding their vulnerabilities is crucial for both offensive and defensive purposes. This workshop aims to equip participants with the skills required to identify weak passwords, crack hashes, and perform credential-based attacks effectively.
Return to Index - Add to
- ics Calendar file
RTV - Saturday - 09:00-09:59 PDT
Title: Passwords Argh Us
When: Saturday, Aug 12, 09:00 - 09:59 PDT
Where: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3 - Map
SpeakerBio:Traveler
No BIO available
Description:
The workshop is designed to provide attendees with comprehensive knowledge and hands-on experience in the realm of offensive security. In today's digital landscape, where passwords remain a significant line of defense for organizations, understanding their vulnerabilities is crucial for both offensive and defensive purposes. This workshop aims to equip participants with the skills required to identify weak passwords, crack hashes, and perform credential-based attacks effectively.
Return to Index - Add to
- ics Calendar file
MIV - Saturday - 12:30-13:30 PDT
Title: Patient Zero Day: The Leaking of Patients' Private Health Data Contributed To A Medical Infodemic
When: Saturday, Aug 12, 12:30 - 13:30 PDT
Where: Caesars Forum - Summit - 224 - Misinfo Village - Map
SpeakerBio:Andrea Downing
No BIO available
Description:
Andrea Downing and Eric Perakslis co-published evidence of health data leaking illegally from medical institutions via cross-site trackers such as Meta Pixel. Since publication, follow-up investigations have uncovered a historic data breach currently at 61 million patients and counting as of May 2023. This research has catalyzed unprecedented enforcement of the Health Breach Notification Rule by the Federal Trade Commission, and is now expanding to show whether health tech companies and clinical sites are complying with the law.
Return to Index - Add to
- ics Calendar file
PYV - Saturday - 11:00-17:59 PDT
Title: Payment Village Challenges/CTF
When: Saturday, Aug 12, 11:00 - 17:59 PDT
Where: Flamingo - Virginia City - Payment Village - Map
Description:
We have three challenges this year!
- A CTF for which there is no equipment is required.
- Card Hacking Challenge for which you will need an Android phone with NFC and a special Card Hacking Challenge card (grab one on the booth):
- Easter egg hunt. Use your brain!
We have a tonne of cool prizes to be won, such as custom mugs, numbered challenge coins with atc numbers, key rings, embroidered patches and more!
Return to Index - Add to
- ics Calendar file
PYV - Saturday - 11:00-12:30 PDT
Title: Payment Village Workshop
When: Saturday, Aug 12, 11:00 - 12:30 PDT
Where: Flamingo - Virginia City - Payment Village - Map
SpeakerBio:Leigh-Anne Galloway
No BIO available
Twitter: @@L_Agalloway
Description:
We have a simple mission, educate the world about payments. We all interact with payment technologies every day, yet how much do we know about them? This is a beginner's course in card payments. This workshop is also helpful for anyone who tries to solve our CTF.
Return to Index - Add to
- ics Calendar file
DL - Saturday - 12:00-13:55 PDT
Title: Pcapinator: Rise of the PCAP Machines
When: Saturday, Aug 12, 12:00 - 13:55 PDT
Where: Caesars Forum - Unity Boardroom - Demo Labs - Map
Speakers:Henry Hill,Mike "d4rkm4tter" Spicer
SpeakerBio:Henry Hill
Henry Hill is an expert with computer hardware and is able to design and build the most bleeding edge systems that are the fastest in the world. His internal knowledge of architecture and system bottlenecks help him build systems capable of extreme processing and even faster storage. Henry is also an expert with mechanical engineering and fabrication. When his modifications aren’t appearing in d4rkm4tter’s projects, they can be seen in his race car at the track.
SpeakerBio:Mike "d4rkm4tter" Spicer
Mike Spicer, known as d4rkm4tter, is a cybersecurity expert and innovative hacker with an affinity for pushing the boundaries of both hardware and software. With an unquenchable curiosity for all things wireless, Mike's passions have propelled him to build and explore much of the wireless spectrum. Armed with a degree in computer science, Mike has harnessed his skills to build and break a diverse range of systems. His expertise covers web application penetration testing, wireless monitoring and tracking, and reverse engineering. As the designer of the renowned #WiFiCactus, Mike has brought his projects from idea to reality in the cybersecurity world. His unique take on wireless has garnered significant attention, where he has presented and demonstrated his work at conferences such as BlackHat, DEF CON and others around the world.
Description:
Pcapinator is a powerful and versatile network analysis tool that combines the strengths of TShark and Python to provide comprehensive and efficient packet deconstruction into a format usable for further analysis. Inspired by the Terminator, Pcapinator is designed to relentlessly analyze, decode, and filter network packets using all of the resources a system makes available to it, making it a formidable asset for diving deep into PCAPs. Leveraging the robust capabilities of Wireshark’s TShark tool, Pcapinator parses and extracts vital information from pcap files, while Python's extensive libraries and scripts offer advanced processing and automation options. Pcapinator is built to handle extremely large PCAP files, search for anomalies in those files, and uncover the hard-to-find information in network traffic, making it an essential tool for PCAP analysis.
Return to Index - Add to
- ics Calendar file
APV - Saturday - 15:00-16:59 PDT
Title: Per-mission Impossible: Exploring the Android Permission Model and Intents
When: Saturday, Aug 12, 15:00 - 16:59 PDT
Where: Flamingo - Savoy - AppSec Village - Workshop - Map
Speakers:Miłosz Gaczkowski,William Taylor
SpeakerBio:Miłosz Gaczkowski
Miłosz is a mobile security specialist at WithSecure, having previously spent entirely too much time working in academia
His work revolves around mobile security. Outside of technical work, his interests are in education and the culture of education
Twitter: @cyberMilosz
SpeakerBio:William Taylor
Security consultant with an interest in mobile security supported by a background in embedded mobile engineering. I used to make them work; now I break them, professionally and ethically.
Description:
The way in which Android applications talk to each other is often misunderstood, and it is entirely too common to see apps whose sensitive functionality is completely open to anyone who asks nicely.
This workshop will cover several case studies of overly permissive apps/devices found in the wild, including an OEM's voice recorder application that could be made to start and stop voice recordings without the user's knowledge.
We will go over common implementation flaws, play around with exploiting them from the perspective of an unprivileged application, and explore how an understanding of Android permissions could help us avoid these mistakes.
Return to Index - Add to
- ics Calendar file
IOTV - Saturday - 10:00-17:59 PDT
Title: Perform Memory Extraction, Emulation and Shellcode
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Alliance - 307-310 - IOT Village - Map
Description:
Want to put your MIPS shellcode skills to the test for a chance to win a prize? Learn to dump flash from our custom-built PCB that we use to teach our Hardware Hacking Workshop. Hone your dynamic analysis skills and exploit a WPS pin generation algorithm used in a popular Real Time Operating System.
Return to Index - Add to
- ics Calendar file
SEV - Saturday - 17:00-17:30 PDT
Title: Phishing with Dynamite: Harnessing AI to Supercharge Offensive Operations
When: Saturday, Aug 12, 17:00 - 17:30 PDT
Where: LINQ - 3rd flr - Social A - Social Engineering Community - Map
Speakers:Dani Goland,Preston Thornburg
SpeakerBio:Dani Goland
At the age of 20, Dani Goland founded his own boutique company for innovative software and hardware solutions. Dani did not neglect his hands-on capabilities in both making and breaking systems. Dani spoke at numerous cybersecurity conferences such as BlackHat USA, CodeBlue Japan, CONfidence, SEC-T, and more. After serving in the IDF as a commander of a Field Intelligence unit, Dani went on an 8-month journey across South America. He loves snowboarding, and music concerts.
Twitter: @danigoland
SpeakerBio:Preston Thornburg
Preston is the co-founder of Upshield, a full-stack web3 security platform. Much of his research focuses on the automated identification of adversaries throughout the Ethereum and broader cryptocurrency landscapes. He’s recently launched a technical podcast, ‘Mad Blocks’, that deep dives into web3 projects to extract underlying risks and breakpoints. Preston’s background is heavily based in offensive security, having led operations against cryptocurrency platforms, international banks, critical infrastructure, and governments.
Description:
Artificial Intelligence (AI) has fundamentally reshaped the landscape of cybersecurity, making traditional defensive strategies outdated and inadequate, particularly in the realm of phishing attacks. In this era of large language models (LLMs), phishing has evolved from flawed syntax, primitive design, and generic narratives. Using state-of-the-art AI tooling, we can now generate spear-phishing campaigns that are highly personalized with unprecedented precision, leveraging publicly available data from social media, work profiles, and more. In this talk, we’ll show you how it’s done. We will also delve into innovative exploitation techniques that leverage alternative communication channels, like AI-based audio deepfakes for conversational reeling. All of this is made possible with our soon to be released and open-source phishing framework – nemo. We’ll give you a front-row seat to how AI is revolutionizing offensive security operations. Get ready to step into the future of phishing attacks – it’s more sophisticated, more realistic, and scarier than you could ever imagine.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 11:30-12:15 PDT
Title: Physical Attacks Against Smartphones
When: Saturday, Aug 12, 11:30 - 12:15 PDT
Where: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
SpeakerBio:Christopher Wade
, Hacker
Christopher (@Iskuri1) is a seasoned security researcher. His main focuses are in reverse engineering firmware and fingerprinting USB and NFC vulnerabilities, with his key strength lying in bootloader exploitation.
Twitter: @Iskuri1
Description:
Android devices are constantly improving their security to protect against attackers with physical access, with new protection techniques being added year-by-year. This talk aims to demonstrate vulnerabilities in modern Android smartphones that are still viable, despite the mitigations in place.
In the first phase of this talk, we will discuss analysis and exploitation of vendor-customised versions of Android's Recovery mode, demonstrating weaknesses that allow for privilege escalation to root, and traversal from Recovery to Android, without Bootloader access, using nothing but a Micro SD card.
In the second phase, we will discuss weaknesses in the Secondary Bootloader of devices produced by a popular smartphone manufacturer. We will demonstrate how, using a vulnerability in the core USB stack, code execution can be achieved, and a modified Android image can be booted, without compromising the functionality of the device.
Return to Index - Add to
- ics Calendar file
PSV - Saturday - 12:30-13:15 PDT
Title: Physical pentesting in a post-covid world
When: Saturday, Aug 12, 12:30 - 13:15 PDT
Where: Flamingo - Carson City - Physical Security Village - Map
SpeakerBio:Brian Halbach
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
PSV - Saturday - 10:00-17:59 PDT
Title: Physical Security Village Activities
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Flamingo - Carson City - Physical Security Village - Map
Description:
Come join us at Carson City I and II for some hands on physical security bypass exhibits! Try your hand on bypassing elevators, deadlocks, deadlatches, shopping cart locks, building intercoms or more! Challenge yourself by trying to get out of handcuffs using only a bobby pin, and win a real police handcuff key! In addition, meet some of our external partners. You can augment yourself by injecting your hand with a mini RFID/NFC chip implant, and play around with our RFID displays! We also have returning the physical RFID wall of sheep where you can learn about long distance RFID cloning!
Return to Index - Add to
- ics Calendar file
SOC - Saturday - 19:00-21:59 PDT
Title: Policy Lounge
When: Saturday, Aug 12, 19:00 - 21:59 PDT
Where: Caesars Forum - Summit - 223 - Plounge - Map
Description:No Description available
Return to Index - Add to
- ics Calendar file
VMV - Saturday - 13:55-14:35 PDT
Title: Political Polarization
When: Saturday, Aug 12, 13:55 - 14:35 PDT
Where: Caesars Forum - Academy - 415-418 - Voting Village - Map
SpeakerBio:Constantine Nicolaidis
Constantine Nicolaidis leads a Risk Management practice that focuses on securing U.S. privately owned critical infrastructure. Over the last decade he has leveraged his expertise in security and data-based product development to create tools for security professionals. Constantine has also spent the last five years developing a geopolitical modeling system to help forecast and describe the nature of political and social crises. He advises various security groups on the nature of modern multi-domain warfare with an emphasis on the cyber and cognitive domains. Constantine holds a Master’s Degree in Human-Computer Interaction from the Carnegie Mellon School of Computer Science and is currently enrolled in the Master’s in Cybersecurity Degree program at the SANS Technology Institute.
Description:
What are the root causes of today’s politically charged and polarized environment? Conventional wisdom likes to point the finger at social media and middle class immiseration but is there more to the story? A few researchers were able to accurately predict the current trends toward populism and political polarization, decades ago. A new field of study that combines big data and historical analysis was created in the early 2000s. What do these perspectives have to say about the current political crisis? Our geopolitical environment has changed significantly in the last few decades as well. Authoritarian states actively seek to delegitimize democratic systems. What are their motivations and what types of vulnerabilities in the liberal democratic order might they try to exploit? Come experience a whirlwind tour of multi-model geopolitical forecasting. What do some of the most well researched and respected economic, political and historical models have to say about the current state of politics in the U.S? Have we been here before and what are the implications of these perspectives for the next election?
Return to Index - Add to
- ics Calendar file
DC - Saturday - 17:00-17:20 PDT
Title: Polynonce: An ECDSA Attack and Polynomial Dance
When: Saturday, Aug 12, 17:00 - 17:20 PDT
Where: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
Speakers:Marco Macchetti,Nils Amiet
SpeakerBio:Marco Macchetti
, Principal Cryptographer at Kudelski Security
Marco works as Principal Cryptographer on Kudelski Security's research team. He has a long experience designing a wide range of HW and SW cryptographic modules, from silicon roots of trust through physically unclonable functions to side-channel resistant cryptographic libraries. Marco likes looking at crypto from different points of view, bridging theory and implementation, to find new paths of attack (and defense).
SpeakerBio:Nils Amiet
, Lead Prototyping Engineer at Kudelski Security
Nils is a Security Researcher on Kudelski Security’s research team performing research on various topics including privacy, authentication, big data analytics, and internet scanning. He also writes blog posts on various topics for Kudelski’s research blog. Nils likes open source software and has presented his research at DEF CON and Black Hat Arsenal. He was part of creating a massively distributed system for breaking RSA public keys.
Twitter: @@tmlxs
Description:
ECDSA is a widely used digital signature algorithm. ECDSA signatures can be found everywhere since they are public. In this talk, we tell a tale of how we discovered a novel attack against ECDSA and how we applied it to datasets we found in the wild, including the Bitcoin and Ethereum networks.
Although we didn't recover Satoshi's private key (we’d be throwing a party on our private yacht instead of writing this abstract), we could see evidence that someone had previously attacked vulnerable wallets with a different exploit and drained them. We cover our journey, findings, and the rabbit holes we explored. We also provide an academic paper with the details of the attack and open-source code implementing it, so people building software and products using ECDSA can identify and avoid this vulnerability in their systems. We've only scratched the surface, there's still plenty of room for exploration.
- REFERENCES
- * https://eprint.iacr.org/2019/023
* https://eprint.iacr.org/2022/169.pdf
* https://github.com/gcarq/rusty-blockparser
* https://en.bitcoin.it/wiki/OP_CHECKSIG
* https://bitcointalk.org/index.php?topic=1431060.0
Return to Index - Add to
- ics Calendar file
DC - Saturday - 14:00-14:45 PDT
Title: Power Corrupts; Corrupt It Back! Hacking Power Management in Data Centers
When: Saturday, Aug 12, 14:00 - 14:45 PDT
Where: Caesars Forum - Academy - 407-410 - Track 4 - Map
Speakers:Jesse Chick,Sam Quinn
SpeakerBio:Jesse Chick
, Security Researcher at Trellix Advanced Research Center
Jesse Chick is a Security Researcher with the Advanced Research Center's vulnerability team. Jesse focusses on vulnerability discovery and exploit development for all things connected to the internet and is credited with numerous CVEs affecting popular embedded devices. He is passionate about reverse engineering, full system emulation, and educating others in offensive security techniques.
Twitter: @ravenousbytes
SpeakerBio:Sam Quinn
, Sr. Security Researcher at Trellix Advanced Research Center
Sam Quinn is a Senior Security Researcher on the Advanced Research Center Vulnerability team, focused on finding new vulnerabilities in both software and hardware. Sam has a focus on embedded devices with knowledge in the fields of reverse engineering and exploitation. He has had numerous vulnerability findings, published CVEs in IOT and enterprise software, and has spoken at multiple industry conferences such as Def Con, BlackHat, North Sec, and Hardwear.io.
Twitter: @eAyeP
Description:
Our current administration lists "Defend Critical Infrastructure" as the #1 item in the 2023 National Cybersecurity Strategy. At the intersection of governmental and corporate concerns is data center security, a trend that is bound to continue as more and more operations move to the cloud. This talk details our findings in the domain of power management, the first category in a broader effort to investigate the security of critical data center components. We will reveal nine vulnerabilities in two integral data center appliances: a Power Distribution Unit (PDU) and a Data Center Infrastructure Management (DCIM) system. Continuing, we will delve into the technical details of the most impactful vulnerabilities and highlight the potential impact on their respective operations. The talk will challenge the misconception that data centers are inherently more secure than on-prem by exposing how attackers could leverage these vulnerabilities. This presentation will be valuable to data center professionals, security researchers, and anyone interested in understanding the characteristic vulnerabilities associated with modern data centers.
REFERENCES:
Contributing Researcher - Philippe Laulheret
Claroty Research - https://claroty.com/team82/research/jumping-nat-to-shut-down-electric-devices
National Cybersecurity Strategy - https://www.whitehouse.gov/briefing-room/statements-releases/2023/03/02/fact-sheet-biden-harris-administration-announces-national-cybersecurity-strategy/
Return to Index - Add to
- ics Calendar file
DL - Saturday - 14:00-15:55 PDT
Title: ProjectDiscovery Nuclei
When: Saturday, Aug 12, 14:00 - 15:55 PDT
Where: Caesars Forum - Council Boardroom - Demo Labs - Map
Speakers:Brendan O'Leary,Pj Metz
SpeakerBio:Brendan O'Leary
Brendan O'Leary is Head of Community at ProjectDiscovery, on a mission to democratize security, and an advisor to various startups. Having worked in software his entire career, Brendan has had the privilege of working with many customers. Previously at GitLab and a board member of the CNCF – it is clear, every company is a software company. That means every company needs software and security operational excellence. Outside of work, you'll find Brendan with 1 to 4 kids hanging off of him at any given time or occasionally finding a moment alone to build something in his workshop.
SpeakerBio:Pj Metz
Pj Metz is Developer Community Manager at ProjectDiscovery and former Education Evangelist at GitLab. Before that, he was a High School English teacher for 11 years, making the transition into tech in 2021. Pj brought his passion for education to his roles at GitLab and ProjectDiscovery and is always excited to present, chat, or discuss DevRel, security, and the importance of open source work. Pj loves 80's music and 90's internet culture.
Description:
Nuclei is used to send requests across targets based on a YAML template, leading to fewer false positives and providing fast scanning on a large number of hosts. Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc. With powerful and flexible templating, Nuclei can be used to model all kinds of security checks. Nuclei is a valuable tool for bug bounty hunters, pen testers, developers looking to add more security into their CI/CD pipelines, and more.
Return to Index - Add to
- ics Calendar file
ASV - Saturday - 10:00-17:59 PDT
Title: PTP Flight Challenge
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
Description:
PTP Flight Challenge
Pen Test Partners
Come try your hand at flying our immersive Airbus A320 simulator and see if you can stick our landing challenge! We'll also be talking about electronic flight bags, how their data integrity is relied upon by pilots to assist with a safe landing, and demonstrate the impacts in a safe environment.
Return to Index - Add to
- ics Calendar file
XRV - Saturday - 17:00-17:59 PDT
Title: Push All the Buttons Digital Twinning with Idaho National Labs in collaboration with DEF CON ICS Village
When: Saturday, Aug 12, 17:00 - 17:59 PDT
Where: Caesars Forum - Summit - 233 - Shared Stage - Map
SpeakerBio:Kolton Heaps
Kolton Heaps is a Digital Twin Visualization Scientist at the Idaho National Laboratory. He focuses on creating visualizations and software that assist in design, operations and training on projects including, fuel processing, non-proliferation, modular reactors, and advanced digital twin of nuclear reactor. Kolton has a bachelor’s in software engineering from Brigham Young University – Idaho and lives in Idaho Falls where he enjoys mountain biking and other outdoor activities.
Description:
Extended Reality (XR) is an umbrella term that involves virtual reality (VR), augmented reality (AR), and mixed reality (MR) capabilities. VR describes an environment in which a user’s physical environment is completely replaced with a virtual one. This allows the user to view any digitally created content but separates the user from interacting with the physical world. On the other hand, AR enhances the user’s physical environment with virtual overlays but offers little interaction with digital content. Lastly, MR is a blend of the physical and digital worlds, unlocking natural and intuitive 3D human, computer, and environmental interactions. Using these technologies, analysts, operators, and stakeholders will be able to interpret radio frequency data effectively and efficiently.
The Idaho National Laboratory is integrating the next-generation XR capabilities into the various projects that support Nuclear, Integrated Energy and National and Homeland Security missions. They use a suite of tools for the visualization of capabilities to capture and analyze digital twins. Digital Engineering delivers semi-autonomous design, autonomous operation, and real-time anomaly detection as well as integrates threads of data, visualizations, AI/ML, and physics models into a cohesive digital twin.
The primary benefit of incorporating XR with signal analysis is to allow for simple interpretation and representation of complex data. Current techniques or trends rely on certain subject matter experts to collect, examine, and report anomalous data manually. By allowing the operator to spatially view the captured data, the process of identifying and plotting data is anticipated to be greatly simplified. Data and anomalies will become engaging, allowing the operator to easily identify unknown signals in real-time or near real-time.
Return to Index - Add to
- ics Calendar file
QTV - Saturday - 10:30-10:59 PDT
Title: Q-CTF QOLOSSUS Update
When: Saturday, Aug 12, 10:30 - 10:59 PDT
Where: LINQ - 3rd flr - Quantum Village - Map
SpeakerBio:Mark Carney
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
QTV - Saturday - 13:00-13:59 PDT
Title: QDoor: Exploiting Approximate Synthesis for Backdoor Attacks in Quantum Neural Networks
When: Saturday, Aug 12, 13:00 - 13:59 PDT
Where: LINQ - 3rd flr - Quantum Village - Map
SpeakerBio:Lei Jiang
, Assoc. Prof. at Indiana University Bloomington
No BIO available
Description:
Quantum neural networks (QNNs) succeed in object recognition, natural language processing, and financial analysis. To maximize the accuracy of a QNN on a Noisy Intermediate Scale Quantum (NISQ) computer, approximate synthesis modifies the QNN circuit by reducing error-prone 2-qubit quantum gates. The success of QNNs motivates adversaries to attack QNNs via backdoors. However, na¨ıvely transplanting backdoors designed for classical neural networks to QNNs yields only low attack success rate, due to the noises and approximate synthesis on NISQ computers. Prior quantum circuit-based backdoors cannot selectively attack some inputs or work with all types of encoding layers of a QNN circuit. Moreover, it is easy to detect both transplanted and circuit-based backdoors in a QNN.
In this talk, we introduce a novel and stealthy backdoor attack, QDoor, to achieve high attack success rate in approximately-synthesized QNN circuits by weaponizing unitary differences between uncompiled QNNs and their synthesized counterparts. QDoor trains a QNN behaving normally for all inputs with and without a trigger. However, after approximate synthesis, the QNN circuit always predicts any inputs with a trigger to a predefined class while still acts normally for benign inputs. Compared to prior backdoor attacks, QDoor improves the attack success rate by 13× and the clean data accuracy by 65% on average. Furthermore, prior backdoor detection techniques cannot find QDoor attacks in uncompiled QNN circuits.
Return to Index - Add to
- ics Calendar file
QTV - Saturday - 16:00-17:59 PDT
Title: Quantini Time! Cocktail hour for the Quantum curious and creative
When: Saturday, Aug 12, 16:00 - 17:59 PDT
Where: LINQ - 3rd flr - Quantum Village - Map
Description:
Cocktail hour for the Quantum curious and creative.
Come and join us for some complimentary drinks with like-minded hackers. Come along and listen to - or even make! - quantum music.
Return to Index - Add to
- ics Calendar file
QTV - Saturday - 11:00-12:30 PDT
Title: Quantum attacks on next-gen cryptosystems: lattices, annealers, notebooks
When: Saturday, Aug 12, 11:00 - 12:30 PDT
Where: LINQ - 3rd flr - Quantum Village - Map
Description:
In this workshop we will develop quantum algorithms to solve a computer science problem called the shortest lattice problem (SVP). SVP is geometrically simple - given a description of a mathematical lattice (a repeating pattern of points in N-dimensional space), can you find the shortest distance between any two points - i.e. the shortest vector? This problem is NP hard and we believe it is resistant to quantum computers.
Based upon the results of “Two quantum Ising algorithms for the shortest-vector problem”, we will explain the principle of quantum adiabatic computation, of Hamiltonian minimization, and of how to map mathematical problems into a Hamiltonian ready to be plugged into a quantum computation framework.
During the course of the workshop, participants will fill in functions in a Jupyter notebook to construct lattices, convert them into a Hamiltonian, and describe quantum annealing dynamics. They will then (hopefully) be able to submit these queries to a D-Wave QPU to which will sample short vectors for them, and we will visualize as a group the results returned.
This exercise will get participants directly interacting with a QPU, understanding some of the benefits and limitations of annealing-based quantum computation, and will learn about an exciting computer science problem and how it directly feeds into our security architecture, (e.g. Kyber!)
Return to Index - Add to
- ics Calendar file
QTV - Saturday - 17:00-17:59 PDT
Title: Quantum Computer Music Performance, by Scott Oshiro (one half of NpHz)
When: Saturday, Aug 12, 17:00 - 17:59 PDT
Where: LINQ - 3rd flr - Quantum Village - Map
SpeakerBio:Scott Oshiro
No BIO available
Description:
NpHz is a new electro-acoustic duo featuring OCH (Omar Costa Hamido) and SYO (Scott Oshiro): two artist-researchers working in music and technology focusing on improvised Music and Quantum Computing (QC). In our work we explore the potential advantages QC can provide for music composition. This performance will include ½ of NpHz, Scott Oshiro (SYO). He will be performing adapted works from NpHz’s recent album “[\Equations of Coltrane](https://omarcostahamido.bandcamp.com/album/equations-of-coltrane)'' (Released June 2, 2023 on Bandcamp). Scott will also be playing flute alongside his real-time Quantum Jazz Improvisation system entitled Lineage.
Return to Index - Add to
- ics Calendar file
QTV - Saturday - 16:00-16:59 PDT
Title: Quantum Music Workshop: Build Your Own Quantum Synthesizer!
When: Saturday, Aug 12, 16:00 - 16:59 PDT
Where: LINQ - 3rd flr - Quantum Village - Map
SpeakerBio:Mark Carney
No BIO available
Description:
Quantum Music is a new paradigm of art, part of the new wave of ‘Quantum Art’ that we shall be showcasing with a live performance from Scott Oshiro! In the run up to this, Mark will show us how to embed quantum simulators (and quantum computer connections) into everyday musical apparatus… from quantum enabled MIDI to a quantum stylophone and more!
Return to Index - Add to
- ics Calendar file
QTV - Saturday - 15:00-15:59 PDT
Title: Quantum Technologies on a Raspberry Pi (and HackRF one)
When: Saturday, Aug 12, 15:00 - 15:59 PDT
Where: LINQ - 3rd flr - Quantum Village - Map
SpeakerBio:Ben Varcoe
No BIO available
Description:
Quantum Sensing is a new paradigm of technology that allows us to use quantum-level effects for macro-level sensing outputs. Join Ben as he demonstrates how to use off-the-shelf components to build a quantum sensor; using just a HackRF, a Raspberry Pi, and some high-quality oscillators being the primary ingredients!
Time shifts are used to test special and general relativity, they are used for navigation and they shed light on things like quantum field theory and quantum gravity. In special relativity, a moving clock will have a time shift with respect to a stationary clock. This is typically very small and requires extremely fast moving objects to really see a difference. On the other hand an accelerated clock adds something new. Rather than just seeing a change in the passage of time the accelerated observer sees a change in the speed of light for other observers. To measure this we shall make use of the Rindler frame; an artefact of "Special Relativity" rather than "General Relativity".
By utilising these effects and a little quantum field theory, we can use the fact that in the Rindler frame, time shifts would manifest as phase shifts, hence a very sensitive measurement of phase could detect the acceleration based time shifts giving us a new kind of quantum sensor.. All of which can be done on off-the-shelf components, as Ben shall be building and demonstrating during the village!
Return to Index - Add to
- ics Calendar file
SOC - Saturday - 16:00-17:59 PDT
Title: Queercon Mixers
When: Saturday, Aug 12, 16:00 - 17:59 PDT
Where: Caesars Forum - Forum - 129 - Chillout - Map
Description:
A great way to meet other like-minded folk in this safe and inclusive environment. An informal meet-up of the lgbtqia+ community to network and unwind.
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-17:59 PDT
Title: Radio Frequency Capture the Flag
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Flamingo - Eldorado - Radio Frequency Village - Map
Description:
Do you have what it takes to hack WiFi, Bluetooth, and Software Defined Radio (SDR)?
RF Hackers Sanctuary (the group formerly known as Wireless Village) is once again holding the Radio Frequency Capture the Flag (RFCTF) at DEF CON 31. RFHS runs this game to teach security concepts and to give people a safe and legal way to practice attacks against new and old wireless technologies.
We cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The RFCTF can be played with a little knowledge, a pen tester’s determination, and $0 to $$$$$ worth of special equipment. Our new virtual RFCTF can be played completely remotely without needing any specialized equipment at all, just using your web browser! The key is to read the clues, determine the goal of each challenge, and have fun learning.
There will be clues everywhere, and we will provide periodic updates via discord and twitter. Make sure you pay attention to what’s happening at the RFCTF desk, #rfctf on our discord, on Twitter @rf_ctf, @rfhackers, and the interwebz, etc. If you have a question - ASK! We may or may not answer, at our discretion.
FOR THE NEW FOLKS
Our virtual RFCTF environment is played remotely over ssh or through a web browser. It may help to have additional tools installed on your local machine, but it is not required.
Read the presentations at: https://rfhackers.com/resources
Hybrid Fun
For DEF CON 31 we will be running in “Hybrid” mode. That means we will have both a physical presence AND the virtual game running simultaneously. All of the challenges we have perfected in the last 2 years in our virtual game will be up and running, available to anyone all over the world (including at the conference), entirely free. In addition to the virtual challenges, we will also have a large number of “in person” only challenges, which do require valid conference admission. These “in-person” only challenges will include our traditional fox hunts, hide and seeks, and king of the hill challenges. Additionally, we will have many challenges which we simply haven’t had time or ability to virtualize. Playing only the virtual game will severely limit the maximum available points which you can score, therefore don’t expect to place. If you play virtual only, consider the game an opportunity to learn, practice, hone your skills, and still get on the scoreboard for bragging rights. The virtual challenges which are available will have the same flags as the in-person challenges, allowing physical attendees the choice of hacking those challenges using either (or both) methods of access.
THE GAME
To score you will need to submit flags which will range from decoding transmissions in the spectrum, passphrases used to gain access to wireless access points, or even files located on servers. Once you capture the flag, submit it to the scoreboard right away, if you are confident it is correct. Flags will be worth less points the more often they are solved. Offense and defense are fully in play by the participants, the RFCTF organizers, and the Conference itself. Play nice, and we might also play nice.
Getting started guide: https://github.com/rfhs/rfhs-wiki/wiki
Helpful files (in-brief, wordlist, resources) can be found at https://github.com/rfhs/rfctf-files
Support tickets may be opened at https://github.com/rfhs/rfctf-support/issues
Our whole game is also open source and available at: https://github.com/rfhs/rfctf-container
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-16:59 PDT
Title: Red Alert ICS CTF
When: Saturday, Aug 12, 10:00 - 16:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
Red Alert ICS CTF is a competition for Hackers by Hackers. The event exclusively focuses on having the participants break through several layers of security in our virtual SCADA environment and eventually take over complete control of the SCADA system.
The contest would house actual ICS (Industrial Control System) devices from various vendors on a testbed showcasing different sectors of critical infrastructure. The participants would be able to view and engage with the devices in real time and understand how each of them control each of the aspects of the testbed and leverage this to compromise the devices.
Red Alert ICS CTF is back with a ton of fun challenges after successfully running the CTF at DEF CON 30, DEF CON 29, DEF CON 27 and DEF CON 26 (Black Badge).
Highlights of the previous Red Alert ICS CTF is available at: https://www.youtube.com/watch?v=dz7hNnavHaY and https://youtu.be/AanKdrrQ0u0
Return to Index - Add to
- ics Calendar file
RTV - Saturday - 12:00-12:59 PDT
Title: Red Hot (Red Team TTPs)
When: Saturday, Aug 12, 12:00 - 12:59 PDT
Where: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3 - Map
Speakers:Ralph May,Steve Borosh
SpeakerBio:Ralph May
No BIO available
Twitter: @ralphte1
SpeakerBio:Steve Borosh
No BIO available
Twitter: @424f424f
Description:
Welcome to our Red Team workshop where we will be discussing the hottest Tactics, Techniques, and Procedures (TTPs) used by Red Teams today. As cyber threats become more sophisticated, it is essential for Red Teams to stay up-to-date with the latest TTPs to ensure their organizations are well-prepared and protected against potential attacks. In this workshop, we will explore the latest TTPs used by Red Teams, including social engineering, post-exploitation, and other malicious techniques that are currently being employed in “advanced” attacks. By the end of this workshop, you will have a better understanding of the latest TTPs, how to use them, and be better equipped to defend against them. Let's get started!
Return to Index - Add to
- ics Calendar file
RTV - Saturday - 10:00-10:59 PDT
Title: Red Hot (Red Team TTPs)
When: Saturday, Aug 12, 10:00 - 10:59 PDT
Where: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3 - Map
Speakers:Ralph May,Steve Borosh
SpeakerBio:Ralph May
No BIO available
Twitter: @ralphte1
SpeakerBio:Steve Borosh
No BIO available
Twitter: @424f424f
Description:
Welcome to our Red Team workshop where we will be discussing the hottest Tactics, Techniques, and Procedures (TTPs) used by Red Teams today. As cyber threats become more sophisticated, it is essential for Red Teams to stay up-to-date with the latest TTPs to ensure their organizations are well-prepared and protected against potential attacks. In this workshop, we will explore the latest TTPs used by Red Teams, including social engineering, post-exploitation, and other malicious techniques that are currently being employed in “advanced” attacks. By the end of this workshop, you will have a better understanding of the latest TTPs, how to use them, and be better equipped to defend against them. Let's get started!
Return to Index - Add to
- ics Calendar file
RTV - Saturday - 15:00-15:59 PDT
Title: Red Hot (Red Team TTPs)
When: Saturday, Aug 12, 15:00 - 15:59 PDT
Where: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 2 - Map
Speakers:Ralph May,Steve Borosh
SpeakerBio:Ralph May
No BIO available
Twitter: @ralphte1
SpeakerBio:Steve Borosh
No BIO available
Twitter: @424f424f
Description:
Welcome to our Red Team workshop where we will be discussing the hottest Tactics, Techniques, and Procedures (TTPs) used by Red Teams today. As cyber threats become more sophisticated, it is essential for Red Teams to stay up-to-date with the latest TTPs to ensure their organizations are well-prepared and protected against potential attacks. In this workshop, we will explore the latest TTPs used by Red Teams, including social engineering, post-exploitation, and other malicious techniques that are currently being employed in “advanced” attacks. By the end of this workshop, you will have a better understanding of the latest TTPs, how to use them, and be better equipped to defend against them. Let's get started!
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-17:59 PDT
Title: Red Team CTF
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
The Red Team Capture the Flag (CTF) competition at DEFCON is a challenging and exciting event that tests the skills of participants in offensive security. The objective of the Red Team CTF is for teams to successfully breach the security of a simulated target network.
The Red Team CTF is designed to simulate real-world scenarios in which attackers attempt to penetrate the security of a network or system. Participants are expected to use a wide range of hacking techniques, tools, and skills to identify and exploit vulnerabilities in the target network.
Teams are typically composed of experienced hackers, penetration testers, and security researchers who have a deep understanding of the latest cybersecurity threats and attack techniques. They must work together to uncover and exploit vulnerabilities in the target network, while also evading detection and countermeasures put in place by the Blue Team.
The Red Team CTF at DEFCON is considered one of the most challenging and prestigious CTF competitions in the world, with participants coming from all over the globe to compete. It is a high-pressure, high-stakes event that tests the limits of participants' technical and strategic abilities, and offers a unique opportunity to showcase their skills and knowledge in front of a global audience of Hackers.
Return to Index - Add to
- ics Calendar file
RTV - Saturday - 09:00-09:59 PDT
Title: Red Team Labs and Games for Kids
When: Saturday, Aug 12, 09:00 - 09:59 PDT
Where: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 5 - Map
Description:No Description available
Return to Index - Add to
- ics Calendar file
RTV - Saturday - 10:00-10:59 PDT
Title: Red Team Labs and Games for Kids
When: Saturday, Aug 12, 10:00 - 10:59 PDT
Where: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 5 - Map
Description:No Description available
Return to Index - Add to
- ics Calendar file
DL - Saturday - 12:00-13:55 PDT
Title: Red Wizard: user-friendly Red Teaming infrastructure
When: Saturday, Aug 12, 12:00 - 13:55 PDT
Where: Caesars Forum - Committee Boardroom - Demo Labs - Map
SpeakerBio:Ben Brücker
Ben, Secura's Red Teaming lead, has more than 9 years of experience in the field. With a strong passion for Social Engineering, he enjoys employing initial access techniques and has played a pivotal role in creating Secura's user friendly and OPSEC-safe Red Teaming infrastructure. In addition to his Red Teaming responsibilities, Ben also serves as a trainer for various courses and frequently shares his expertise as a public speaker at conferences. Having gained invaluable knowledge from the infosec community, he now aims to contribute back by open sourcing a number of tools and delivering presentations at conferences.
Description:
In this demo I will introduce our new open-source tool called Red Wizard. Red Wizard is the result of years of spinning up repeatable infrastructures for Red Teaming operations. It automates a comprehensive infrastructure deployment with redirectors, backend systems, phishing relays, OSINT machines etcetera. But made easy by providing wizards that walk you through the deployments. Additionally, the infrastructure is self-documenting, making the sharing of all relevant details to your team of operators a breeze. The tool is build to make sure to provide you with a resilient setup that is OPSEC-safe. By retrieving all critical key material from the deployed servers, you will be able to rebuild and keep receiving your shells even if one of your servers crashes and burns. The technology used for Red Wizard is mainly based on Ansible and Docker.
Return to Index - Add to
- ics Calendar file
PHV - Saturday - 09:00-17:59 PDT
Title: RegEx Trainer
When: Saturday, Aug 12, 09:00 - 17:59 PDT
Where: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
Description:
Is regex a mystery to you? We've got your back at the Packet Hacking Village. Our new interactive REGEX Trainer will walk you through learning then doing, giving you a full understanding of how Regular Expressions work.
Return to Index - Add to
- ics Calendar file
VMV - Saturday - 12:30-13:20 PDT
Title: Review: Surprise Unboxing
When: Saturday, Aug 12, 12:30 - 13:20 PDT
Where: Caesars Forum - Academy - 415-418 - Voting Village - Map
SpeakerBio:Harri Hursti
Harri Hursti, a world renowned data security expert and internet visionary is the Founder of the 501(c)(3) organization the Election Integrity Foundation as well as an original co-Founder of the Voting Village. Featured in two Emmy nominated documentaries, Mr. Hursti is famously known for the Hursti Hacks, where he demonstrated how to successfully alter final voting results on the Diebold Election Systems voting machines.
Twitter: @harrihursti
Description:
The Voting Village will review it's initial analysis from the high-profile unboxing from the day before.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 15:00-15:45 PDT
Title: Revolutionizing ELF binary patching with Shiva: A JIT binary patching system for Linux
When: Saturday, Aug 12, 15:00 - 15:45 PDT
Where: Caesars Forum - Academy - 407-410 - Track 4 - Map
SpeakerBio:Ryan "ElfMaster" O'Neill
, CTO at Arcana Technologies
Ryan "ElfMaster" O'Neill, has been in the security scene since about 1997.
Ryan is well known for authoring the book "Learning Linux binary analysis" and for publishing many papers and technologies in the realm of binary protection, memory forensics, exploitation, security mitigations, virus design, kernel hacking and reverse engineering techniques. Ryan has been published in many of the classic journals such as Phrack, POC||GTFO, tmp.0ut and vxheaven. Much of Ryan's independent research has been published over the years on https://www.bitlackeys.org, and has many public technologies available on https://github.com/elfmaster. Ryan is also the founder of Arcana technologies https://arcana-technologies.io, a threat detection company based heavily on ELF forensics research. Ryan is currently building a new ELF binary patching system for Linux to solve the worlds hardest challenges in binary patching today.
Twitter: @ryan_elfmaster
Description:
The esoteric art of patching ELF binaries has a long and fascinating history who's roots are deep within the hacking subculture; from ELF viruses to kernel rootkits. Silvio's 1997 "UNIX Viruses" paper taught us how to insert parasitic code into a page aligned text padding region. Many backdooring and hooking techniques have been revealed to us over the last 20 years-- perfect for hacking and injecting small patches and backdoors but on their own these techniques are limited, clunky and do not support the complexities of real-world patching problems in todays industry. Developers often need to fix complex bugs that exist within legacy ELF Binaries, no source code is available or the program cannot be recompiled.
Let me introduce you to Shiva. Shiva is a JIT binary patching system for ELF; A custom ELF interpreter that loads and links ELF relocatable patches at runtime. Shiva allows developers to write patches in rich C code to naturally express the rewriting of binary code at runtime, in a high level language. ELF binary patching solutions over the past two decades have been scarce; some notable research: Katana and ERESI come to mind as pioneers in the early examples of custom ELF linkers and binary patchers.
Shiva is a next-level solution that allows developers to quickly write patches in C with little to no reversing knowledge. Born out of 16 years of ELF research into virus design, binary patching, and extensive experience with writing custom linkers and loaders.
In this talk we will discuss foundations of ELF binary patching and it's close relationship with ELF linkers, loaders and even ELF virus technology. This passionate body of research is combined and imbued into Shiva to create a highly innovative and powerful product that helps bridge the gap between Developers and Reverse engineers in modern binary patching solutions for ELF. A new workflow for maintaning insecure legacy software with modular patching capabilities is on the rise!
Prepare for an indepth discussion of incredible new ELF hacking techniques and extensions. Old concepts such as userland-exec() brought back to life, and entirely new concepts such as "Linker chaining" to bring multiple dynamic linkers into a single process image. We will demonstrate complex patching scenarios, function splicing, program transformation, and even the weaponization of Shiva for writing sophisticated in-memory backdoors. Shiva; the ultimate ELF Binary hacker... aiming to solve the worlds most challenging binary patching problems today.
- REFERENCES
- --Papers--
Grugq - userland execve: https://grugq.github.io/docs/ul_exec.txt
Mayhem - Cerberus ELF interface: http://phrack.org/issues/61/8.html
Silvio - UNIX Viruses and parasites: https://vxug.fakedoma.in/archive/VxHeaven/lib/vsc02.html
James Oakley & Sergey Bratus - Katana: A hot patching framework: https://ieeexplore.ieee.org/document/5438048
James Oakley & Sergey Bratus - Exploiting the hard working DWARF: https://www.cs.dartmouth.edu/~sergey/battleaxe/hackito_2011_oakley_bratus.pdf
Mlaurenzano - PEBIL (An ELF patching framework) - https://github.com/mlaurenzano/PEBIL
sd & devik - Linux on-the-fly kernel patching without LKM: phrack.org/issues/58/7.html
jbtzhm - static kernel patching - https://phrack.org/issues/60/8.html
Elfmaster - Modern ELF infection techniques of SCOP binaries (POC||GTFO: 20:07)
Elfmaster - Preloading the linker for fun and profit: https://tmpout.sh/2/6.html (This paper presents the nucleus of Shiva)
Mayhem - IA32 Advanced function hooking: http://phrack.org/issues/58/8.html
Richinseattle - Hooking the ELF loader: http://phrack.org/issues/58/8.html
Silvio - Shared library call redirection via PLT infection: http://phrack.org/issues/56/7.html
Elfmaster - Kernel instrumentation using kprobes: http://phrack.org/issues/56/7.html
Mayhem - Next generation ELF debuggers: https://www.blackhat.com/presentations/bh-europe-07/ERSI/Presentation/bh-eu-07-ersi-apr19.pdf
--A note on the illustrious tmp.0ut zine: https://tmpout.sh
The crew at tmp.0ut are a tightly formed group ELF hackers and reversing enthusiasts who are continuing to research and publish awesome ELF research on a regular basis. I highly recommend their content, and am grateful for their many new contributions keeping the spirit of ELF hacking alive. Translated into nine different languages currently.
--Source code--
https://github.com/torvalds/linux/blob/master/fs/binfmt_elf.c (Source for Linux ELF loader)
https://www.gnu.org/software/binutils (Source for for ELF /bin/ld)
https://sourceware.org/git/glibc.git (Source code for ld-linux.so)
https://github.com/elfmaster (My own ELF hacking related research)
https://github.com/elfmaster/linker_preloading_virus (My first custom ELF interpreter)
https://musl.libc.org/
https://github.com/bminor/binutils-gdb <- These GDB guys really don't get enough credit.
--Books--
Understanding the Linux kernel (Great book on kernel internals)
Learning Linux binary analysis (elfmaster)
Advanced programming in the UNIX environment (Richard Stevenson)
Turbo C (Old book from the 80s I learned C from)
Return to Index - Add to
- ics Calendar file
PSV - Saturday - 12:00-12:30 PDT
Title: RFID Hacking
When: Saturday, Aug 12, 12:00 - 12:30 PDT
Where: Flamingo - Carson City - Physical Security Village - Map
SpeakerBio:Ege
Ege is a security researcher specialising in access control systems and electronics. She is currently pursuing a degree in Electrical Engineering and work part-time for GGR Security as a Security Risk Assessor.
Description:No Description available
Return to Index - Add to
- ics Calendar file
RCV - Saturday - 16:20-17:05 PDT
Title: Riding with the Chollimas: Our 100-Day Quest to Identify a North Korean State-Sponsored Threat Actor
When: Saturday, Aug 12, 16:20 - 17:05 PDT
Where: LINQ - 3rd flr - Social B and C - Recon Village - Map
SpeakerBio:Mauro Eldritch
No BIO available
Twitter: @@mauroeldritch
Description:No Description available
Return to Index - Add to
- ics Calendar file
HHV - Saturday - 13:00-13:59 PDT
Title: RoboSumo Bracket Competition
When: Saturday, Aug 12, 13:00 - 13:59 PDT
Where: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
Description:
Bring your official Mini Sumo class robots to go head to head in a battle of glory! For rule details see https://dchhv.org/events/robosumo.html Event will last as long as it takes to work through the bracket.
Return to Index - Add to
- ics Calendar file
HHV - Saturday - 10:00-17:59 PDT
Title: RoboSumo Play Time
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
Description:
A little to shy to own the ring in open battle? Come play! There will be robots available to program, sample code, a ring and many opportunities to discover some of the fun of robotics.
Return to Index - Add to
- ics Calendar file
DL - Saturday - 14:00-15:55 PDT
Title: RuleProcessorY & Gramify - Rule Optimization & Password Analysis tools
When: Saturday, Aug 12, 14:00 - 15:55 PDT
Where: Caesars Forum - Caucus Boardroom - Demo Labs - Map
SpeakerBio:Niels Loozekoot
Working as Pentester Niels has an extensive background in the security field. Niels has a background in web-development and knows his way around C, C++, C#, and Python and is active in the password cracking/research communities of Hashcat, Hashkiller, and HashMob. Winning in the CrackTheCon password cracking contest, and achieving 3rd place in both the CrackMeIfYouCan 2021 & 2022.
Description:
The RuleProcessorY and Gramify tools are new tools that support password-cracking efforts. RuleProcessorY offers a method of optimizing hashcat rule-files so that you can prevent duplicates across multiple attacks better, leading to a shorter runtime. Additionally it can process rules as hashcat would with an additional support for multi-byte/multi-character rules (inserts & replace primarily). Gramify offers an easy method to create base words and candidates to utilize with wordlist and combination attacks by splitting data by words, characters, or character-set. This can help with password phrases, quotes, sentences, combinator attacks, and extracting base-words from passwordlists.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 16:00-16:45 PDT
Title: Runtime Riddles: Abusing Manipulation Points in the Android Source
When: Saturday, Aug 12, 16:00 - 16:45 PDT
Where: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
SpeakerBio:Laurie Kirk
, Security Researcher at Microsoft
Laurie Kirk is a Reverse Engineer at Microsoft working in incident response. She specializes in cross-platform malware analysis with a focus on mobile threats. She also runs a YouTube channel (@LaurieWired) that covers all sorts of in-depth Malware Analysis, Reverse-Engineering, Exploitation and security topics. Laurie received her Bachelor's Degree from Florida State University in Computer Science with a minor in Math. She started as a Software Engineer for an aerospace company before finding her current calling in Cyber Security and low-level programming.
Twitter: @@LaurieWired
Description:
Android malware creators constantly struggle to devise innovative methods to obscure apps and impede reverse engineering. As numerous standard techniques have lost efficacy, I'll unveil the next frontier in Android obfuscation: runtime manipulation. Runtime manipulation alters standard application flow-of-control to bypass decompilers and emulators.
In this talk, I'll reveal my strategy for pinpointing manipulation targets in Android's source code. I will describe how I craft manipulators in native C++ once a suitable target has been located. This is accomplished by hooking Java methods via the Java Native Interface (JNI) and typecasting the handle to a C-style pointer. Runtime manipulation can entirely remove traces of ClassLoader calls which are unavoidable for standard Dalvik Executable (DEX) packing, but are also easily discovered and hooked. This technique also effectively breaks cross-reference calculations within all Android decompilers.
I will demonstrate and equip attendees with a custom Android library for devices running Android 13, providing a new tool that enables runtime manipulation experimentation. In addition, I'll demonstrate my methodology for pinpointing Java targets and modifying their underlying native data structures.
- REFERENCES
- https://security.csl.toronto.edu/wp-content/uploads/2018/06/mwong-usenixsec2018-tiro.pdf
ArtMethod hooking: https://github.com/PAGalaxyLab/YAHFA
mCookie manipulation: https://github.com/woxihuannisja/Bangcle
DexFile.java: https://cs.android.com/android/platform/superproject/+/master:libcore/dalvik/src/main/java/dalvik/system/DexFile.java
dex_file.h: https://cs.android.com/android/platform/superproject/+/refs/heads/master:art/libdexfile/dex/dex_file.h
art_method.h: https://cs.android.com/android/platform/superproject/+/master:art/runtime/art_method.h;bpv=0;bpt=0
Executable.java – contains artMethod field: https://cs.android.com/android/platform/superproject/+/master:libcore/ojluni/src/main/java/java/lang/reflect/Executable.java;l=582?q=artMethod&ss=android%2Fplatform%2Fsuperproject
Return to Index - Add to
- ics Calendar file
DL - Saturday - 10:00-11:55 PDT
Title: Saturday
When: Saturday, Aug 12, 10:00 - 11:55 PDT
Where: Caesars Forum - Council Boardroom - Demo Labs - Map
SpeakerBio:Joshua Herman
I am a release engineer specializing in compliance of information security vendors for post trade currencies. Previously I was a software engineer with experience with distributed computing and UI / UX using Python and Javascript in the same department . I have a decade of professional experience in software engineering in various industries such as insurance, CRM, Trade Show applications, recommender systems and cryptocurrency . I also have contributions to open source projects such as CPython documentation, triaging and features.
Description:
This tool is a digital assistant that helps you hack. Under the hood it uses langchain (a way to augment LLMss) that currently uses an SMS / MMS / Phone interface that will allow for basic information retrieval tasks (google search, searching shodan, google places) and has the goal of doing complex offensive and defensive security tasks using anything from a dumb phone to a smartphone. It is preprogramed with tools that it can intelligently use to accomplish certain tasks such as performing a search on shodan given an IP address.
Return to Index - Add to
- ics Calendar file
RTV - Saturday - 12:00-13:59 PDT
Title: Scripting OWASP Amass for a Customized Experience
When: Saturday, Aug 12, 12:00 - 13:59 PDT
Where: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 4 - Map
SpeakerBio:Jeff Foley
No BIO available
Twitter: @jeff_foley
Description:
This course is for practitioners who would like to have accurate visibility and results when mapping an organization's external attack surface. We will use the open source tool, provided by the OWASP Amass Project, to better understand how to hunt down assets exposed on the Internet. Many professionals have leveraged the basic Amass features during their red team exercises and other information security efforts, but not extended the capabilities of the engine to implement new features and data sources. We will use hands-on exercises to have you become familiar with the Amass Engine, comfortable extending it, and aware of future directions for the project. Participants are encouraged to complete the exercises by writing the extensions in the Lua programming language. All the examples will be provided for those unfamiliar with the language.
Return to Index - Add to
- ics Calendar file
SEV - Saturday - 11:30-13:30 PDT
Title: SE Improv
When: Saturday, Aug 12, 11:30 - 13:30 PDT
Where: LINQ - 3rd flr - Social A - Social Engineering Community - Map
Description:
Improv is when two (or more) actors don’t know their lines ahead of time, but both agree on a set of rules and on the goal of getting somewhere together.
Social engineering is a form of improv in which two (or more) people come together to reach a goal only one person (the ‘actor’) has knowledge of, using rules the other (the target) defines along the way.
At least, that’s how we see it. Led by three facilitators who are both information security professionals and improvisers, this first-time program will give attendees an introduction to improv and its special communication techniques. Parallels will be drawn between improv and social engineering, including examples of how the theories and practices of improv can be applied by social engineers to work with their targets in an effective, ethical, and even collaborative way.
This engaging program will consist of demonstrations, explanations, and interactions in which attendees will be invited to try out improvisation* themselves in a safe, participatory “sandbox” to apply the concepts learned.
Come find out why some of the world’s best social engineers utilize these techniques to improv(e) their game.
- No requirement to perform in front of people nor to be funny.
Please see the "More Information" link.
Return to Index - Add to
- ics Calendar file
PLV - Saturday - 11:00-13:50 PDT
Title: Secure by Design: Ask the Government Anything and Red-Pen Workshop
When: Saturday, Aug 12, 11:00 - 13:50 PDT
Where: Caesars Forum - Summit - 220 - Policy NOT-A-SCIF - Map
Speakers:Bob Lord,Cheri Caddy,Jack Cable,Jen Easterly,Lauren Zabierek,Oumou Ly,Yael Grauer
SpeakerBio:Bob Lord
, Senior Technical Advisor at Cybersecurity and Infrastructure Security Agency (CISA)
Bob Lord joined the Cybersecurity and Infrastructure Security Agency (CISA) as a Senior Technical Advisor in April 2022. Previously he was the Chief Security Officer at the Democratic National Committee where he brought more than 20 years of experience in the information security space to the committee, state parties, and campaigns. Before that he was Yahoo’s Chief Information Security Officer, covering areas such as risk management, product security, security software development, e-crimes and APT programs. He wasthe Chief Information Security Officer in Residence at Rapid7, and before that headed up Twitter’s information security program as its first security hire.
SpeakerBio:Cheri Caddy
, Deputy Assistant National Cyber Director for Cyber Technology, Research & Development at Office of the National Cyber Director at the White House
Cheri Caddy is the Deputy Assistant National Cyber Director for Cyber Technology, Research & Development in the Office of the National Cyber Director at the White House. In this role she leads technical strategy and policy for national cyber programs on R&D, operational technology, securing the clean energy transition, technical standards, and software liability. Over the past 30 years, Cheri has held senior cyber technology and policy roles at the Department of Energy, the Intelligence Community, and the National Security Council. Cheri is a Senior Cybersecurity Fellow at the McCrary Institute for Cybersecurity & Critical Infrastructure.
SpeakerBio:Jack Cable
, Senior Technical Advisor at Cybersecurity and Infrastructure Security Agency (CISA)
Jack Cable is a Senior Technical Advisor at the Cybersecurity and Infrastructure Security Agency (CISA). Prior to that, Jack worked as a TechCongress Fellow for the Senate Homeland Security and Governmental Affairs Committee, advising Chairman Gary Peters on cybersecurity policy, including election security and open source software security. He previously worked as a Security Architect at Krebs Stamos Group. Jack also served as an Election Security Technical Advisor at CISA, where he created Crossfeed, a pilot to scan election assets nationwide. Jack is a top bug bounty hacker, having identified over 350 vulnerabilities in hundreds of companies. After placing first in the Hack the Air Force bug bounty challenge, he began working at the Pentagon’s Defense Digital Service. Jack holds a bachelor’s degree in Computer Science from Stanford University and has published academic research on election security, ransomware, and cloud security.
SpeakerBio:Jen Easterly
, Director at Cybersecurity and Infrastructure Security Agency (CISA)
Jen Easterly is the Director of the Cybersecurity and Infrastructure Security Agency (CISA). She was nominated by President Biden in April 2021 and unanimously confirmed by the Senate on July 12, 2021. As Director, Jen leads CISA’s efforts to understand, manage, and reduce risk to the cyber and physical infrastructure Americans rely on every day. She is a proud Mom, a mental health advocate, a Rubik’s Cube enthusiast, and an aspiring electric guitarist.
Before serving in her current role, Jen was the head of Firm Resilience at Morgan Stanley, responsible for ensuring preparedness and response to business-disrupting operational incidents and risks to the Firm. She also helped build and served as the first Global Head of Morgan Stanley’s Cybersecurity Fusion Center, the Firm’s center of gravity for cyber defense operations.
Jen has a long tradition of public service, to include two tours at the White House, most recently as Special Assistant to President Obama and Senior Director for Counterterrorism and earlier as Executive Assistant to National Security Advisor Condoleezza Rice. She also served as the Deputy for Counterterrorism at the National Security Agency.
A two-time recipient of the Bronze Star, Jen retired from the U.S. Army after more than twenty years of service in intelligence and cyber operations, including tours of duty in Haiti, the Balkans, Iraq, and Afghanistan. Responsible for standing up the Army’s first cyber battalion, she was also instrumental in the design and creation of United States Cyber Command.
A distinguished graduate of the United States Military Academy at West Point, Jen holds a
master’s degree in Philosophy, Politics, and Economics from the University of Oxford, where she studied as a Rhodes Scholar. She is the recipient of numerous honors and awards, including the 2023 Sisterhood Award from Girls Who Code; the 2022 National Defense University Admiral Grace Hopper Award; the 2021 Cybersecurity Ventures Cybersecurity Person of the Year Award; the 2020 Bradley W. Snyder Changing the Narrative Award, and the 2018 James W. Foley Legacy Foundation American Hostage Freedom Award.
A member of the Council on Foreign Relations and a French American Foundation Young Leader, Jen is the past recipient of the Aspen Finance Leaders Fellowship, the National Security Institute Visiting Fellowship, the New America Foundation Senior International Security Fellowship, the Council on Foreign Relations International Affairs Fellowship, and the Director, National Security Agency Fellowship.
Twitter: @@CISAJen
SpeakerBio:Lauren Zabierek
, Senior Policy Advisor in the Cybersecurity Division at Cybersecurity and Infrastructure Security Agency (CISA)
Lauren Zabierek is a Senior Policy Advisor in the Cybersecurity Division at CISA. Previously, she served as the Executive Director of the Cyber Project at the Harvard Kennedy School’s Belfer Center, where she ran a policy-relevant research program and managed students and nonresident fellows. She also served as the Acting Executive Director of the Belfer Center in her final semester there. She came to that role as a 2019 graduate of the Kenney School’s midcareer MPA program. Prior to graduate school, she was an early member of the cybersecurity firm Recorded Future, having established and managed their public sector team. She also served as a civilian intelligence analyst at the National Geospatial Intelligence Agency with multiple deployments to Afghanistan, and served as a US Air Force intelligence officer at the beginning of her career. Lauren is also the co-founder of the online social media movement, #ShareTheMicInCyber. She is a mentor with Girl Security, a fellow at the National Security Institute at George Mason University, and a fellow at New America.
SpeakerBio:Oumou Ly
, Senior Advisor for Technology and Ecosystem Security at The White House
Oumou Ly is the Senior Advisor for Technology and Ecosystem Security at the White House. In her role, Oumou provides counsel to senior White House officials on matters which include domestic and international technology and supply chain security, emerging technology, data security, and cyber workforce and education. She came to the White House from the Cybersecurity and Infrastructure Security Agency (CISA) within the U.S. Department of Homeland Security. Similarly, in this role, Oumou advised senior agency and Administration leaders in the execution of top Administration priorities to secure critical infrastructure and led policy and strategy for the CISA Cybersecurity Division. On the Joint Ransomware Task Force, she led the effort to develop metrics to improve policy interventions against ransomware and other categories of cybercrime. Prior to serving at CISA, Oumou was a fellow at Harvard University’s Berkman Klein Center, where she represented the Center in media commentary at the nexus of national security, cybersecurity, and technology including in The Hill, NBC News, and the Financial Times. Furthermore, while a fellow at the Harvard University, Oumou co-authored the concept paper for the distributed Bluesky protocol; curated Chatham House convenings of security practitioners, academics, and top government officials; authored and hosted tabletop exercises to prepare state and local officials for disruption anticipated during the 2020 election, and contributed significant thought leadership on root causes and policy interventions around disinformation. Prior to joining the Berkman Klein Center, Oumou was an advisor to U.S. Senate Democratic Leader Charles Schumer, where she provided counsel on a cross-cutting portfolio which included national security policy, foreign policy, the defense industrial base, and veterans’ affairs. In this role, she routinely led inter and intraparty negotiations on key provisions which were enacted into law, including in the National Defense Authorization Act and the Bipartisan Budget Act of 2018. Oumou holds cybersecurity fellowships at Harvard University and the Atlantic Council’s Digital Forensic Research Lab and holds the position of Trustee at Notre Dame de Namur University. Oumou holds a B.A. from Notre Dame de Namur University in Belmont, CA and an MSc from the London School of Economics and Political Science. Oumou is a member of the Board of Trustees at Notre Dame de Namur University.
SpeakerBio:Yael Grauer
, Consumer Reports
Yael Grauer works at Consumer Reports managing Security Planner, a free, easy-to-use guide to staying safer online. Her background is in investigative tech reporting, and she has covered privacy and security for over a decade for various tech publications. She has extensively researched the privacy and security (or lack thereof) of consumer VPNs, teamed up with Electronic Frontier Foundation to research street-level surveillance, broken stories on Zoom misleading users about end-to-encryption, looked into questionable claims about blockchain voting, and investigated surveillance against China’s Uyghur minority. Yael serves on the Board of Directors of the CyberMed Summit, the world’s only clinically-oriented healthcare cybersecurity conference. She also runs a do-it-yourself data broker opt-out list, and is currently writing a book on investigations for No Starch Press.
Description:
In this unique session, come learn about and help shape the US Government’s Secure by Design work. The event will begin with opening remarks by CISA Director Jen Easterly, and feature a panel with representatives from CISA and the White House Office of the National Cyber Director (ONCD). Following that, attendees will be given a draft of CISA’s latest guidance on Secure by Design, and will be able to offer edits, comments, and suggestions to inform the final version of the guidance.
Return to Index - Add to
- ics Calendar file
APV - Saturday - 11:00-12:59 PDT
Title: Secure Code Review Challenge
When: Saturday, Aug 12, 11:00 - 12:59 PDT
Where: Flamingo - Savoy - AppSec Village - Pod 2 - Map
SpeakerBio:Alon Lerner
10 years experience in offensive hacking and application security
Description:No Description available
Return to Index - Add to
- ics Calendar file
APV - Saturday - 13:00-14:59 PDT
Title: Secure from Scratch: Secure Code Workshop for DEF CON Kids
When: Saturday, Aug 12, 13:00 - 14:59 PDT
Where: Flamingo - Savoy - AppSec Village - Workshop - Map
Speakers:Or Sahar,Yariv Tal
SpeakerBio:Or Sahar
Two decades of software development and security
experience including penetration testing, application security, and secure code instruction. She holds a BSC in software engineering and is OSCE certified.
There are several CVEs to her name.
Twitter: @securylight
SpeakerBio:Yariv Tal
Senior developer turned security researcher, with 4 decades of programming experience, university lecturing and mentoring at bootcamps, he has a fresh look at the world of security, as an outsider looking in.
Twitter: @YarivDevMentor
Description:
Want to learn how to stop hackers in their tracks?
Come to the Secure From Scratch coding workshop.
Learn what you need to know to write secure code from the very first line of code.
It's surprisingly easy!
(Some coding experience in either C#, Java, Python or C++ required. You need to know loops, if, arrays and functions).
Return to Index - Add to
- ics Calendar file
IOTV - Saturday - 10:00-17:59 PDT
Title: Secure or Surrender
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Alliance - 307-310 - IOT Village - Map
Description:
Take Control of Your xIoT Don your white coat, and step into the Mobile xIoT Security Lab at IoT Village during DefCon 31 for a hands-on experience allowing you to Find, Fix, and Monitor an array of IoT, OT, IIoT, and IoMT devices. Brace yourself for the thrill of controlling real-world devices with known CVEs and safely automating fixes. Accompanied by our expert guide, witness live hacking demonstrations showcasing the alarming simplicity behind breaching and controlling banned xIoT devices. And for the cherry on top, be among the first 100 attendees to receive an exclusive, limited edition "Secure Your Things" T-shirt as a token of our appreciation.
Return to Index - Add to
- ics Calendar file
APV - Saturday - 15:45-16:30 PDT
Title: Securing the Front Lines: Protecting Front-End Applications from Overlooked Vulnerabilities
When: Saturday, Aug 12, 15:45 - 16:30 PDT
Where: Flamingo - Savoy - AppSec Village - Main Stage - Map
Speakers:Dohyeon Kim,WooWon Kang
SpeakerBio:Dohyeon Kim
Dohyeon is a full-stack engineer with cybersecurity background in his early career. Woowon is a security researcher who specializes in web application security. They have won multiple CTFs, including DEF CON 2022.
SpeakerBio:WooWon Kang
I have over 8 years of experience in web application security research and consulting across various industries, and won many CTFs, including 2022 DEF CON CTF.
Twitter: @wooeong337
Description:
Finding complex vulnerabilities is important, but for companies, it can be more important to mitigate against vulnerabilities that are relatively less difficult to exploit.
We are going to discuss vulnerabilities exposed on the internet, that are easily missed but can have a big impact. We will talk about ways to identify front-end attack surfaces, the impact they can have, and methods for securing the endpoint of applications.
Return to Index - Add to
- ics Calendar file
BHV - Saturday - 10:00-10:30 PDT
Title: Securing the Whole System: Corpal to Corporate
When: Saturday, Aug 12, 10:00 - 10:30 PDT
Where: Flamingo - Laughlin I,II,III - Biohacking Village - Map
SpeakerBio:Lee Cyborg
I am an artist, cyborg, and educator currently based in Montreal. I have a bachelors from Concordia University, a masters from OCAD University, and currently I am a PhD candidate at the University of Toronto. I am interested in lasers, technology, outer space exploration, and building whimsical robots. Currently, I run community initiative and partnerships at the Milieux Institute at Concordia and recently finished a year long residency as Artist in Residence at the department of Design and Computation Arts at Concordia
Description:No Description available
Return to Index - Add to
- ics Calendar file
SOC - Saturday - 21:00-23:59 PDT
Title: SECV - 80's Themed Party!
When: Saturday, Aug 12, 21:00 - 23:59 PDT
Where: Caesars Forum - Forum - 117-118 - Map
Description:
This year it is **80's themed** so be sure to dress up (although we'll have some accessories if you forget yours).
The party will be in the Forums (room 117/118), not our village, Saturday from 2100-2359. Cash bar with boozy and booze-free options.
Return to Index - Add to
- ics Calendar file
SEV - Saturday - 08:30-17:30 PDT
Title: SECV - Youth Challenge
When: Saturday, Aug 12, 08:30 - 17:30 PDT
Where: LINQ - 3rd flr - Social A - Social Engineering Community - Map
Description:
Many parents and guardians bring their children to DEF CON to allow them to experience the same learning, networking, and community that they enjoy. As parents and educators ourselves, we want to help make this experience even more memorable with our Youth Challenge!
Please see the "More Information" link.
Return to Index - Add to
- ics Calendar file
SEV - Saturday - 08:30-17:59 PDT
Title: SECV Village Open
When: Saturday, Aug 12, 08:30 - 17:59 PDT
Where: LINQ - 3rd flr - Social A - Social Engineering Community - Map
Description:No Description available
Return to Index - Add to
- ics Calendar file
DC - Saturday - 09:00-01:59 PDT
Title: Shell On Demand Appliance Machine (S.O.D.A. Machine) (pronounced SODA)
When: Saturday, Aug 12, 09:00 - 01:59 PDT
Where: Caesars Forum - Forum - 121-123, 129, 137 - Chillout - Map
Description:
The Shell On Demand Appliance Machine (S.O.D.A. Machine) at DEF CON provided by the National Upcycled Computing Collective, Inc. (NUCC).
So, what's the S.O.D.A. Machine all about?
Picture this:
You're at DEF CON, thirsty for some hacking. You're looking for a virtual machine (VM) to play with but don't want to be chained to your laptop.
Enter the Shell On Demand Appliance:
This heavily modified VM is your gateway to an anonymous VM, available in the Chillout Lounge and accessible over the DEF CON network.
A fusion of hardware, software, art, and hacking, all encapsulated in a project derived from recycled materials. The S.O.D.A. Machine provides a way for Humans to experience the DEF CON network in a way the secure WiFi won't allow, because the datacenter is inside the S.O.D.A. Machine and directly connected to the NOC.
Simply insert cash or coins into the bill or coin acceptor to get started. The lights on the buttons will change color depending on availibility.
A green light means the VM is available and ready.
An amber light requests the user to insert more money to ensure fair distribution according to current resources.
A red light denotes the selection is unavailable.
Once you make a selection, the system will deploy the VM to the network and a receipt will be printed.
On the receipt, login credentials are provided for you to access your virtual machine via remote shell. You are then able to change the password, install whatever tools and applications you need, making the VM your own.
What you do with the VM is up to you. Should you choose to share your virtual machine with someone outside of the DEF CON network, a Tor address is provided as well.
All proceeds go to the National Upcycled Computing Collective, Inc., a 501(c)(3) nonprofit organization helping further research and education in computer science, technology and engineering as an (NTEE U41) Research Institute.
We accept donations: https://www.paypal.com/paypalme/NUCC
Return to Index - Add to
- ics Calendar file
RFV - Saturday - 12:00-12:20 PDT
Title: Shipping Wardriving Hardware - Cross-country Wigle on the Cheap
When: Saturday, Aug 12, 12:00 - 12:20 PDT
Where: Flamingo - Eldorado - Radio Frequency Village - Map
SpeakerBio:Segfault
I am a hardware hacker and a wardriver, among many other things as they catch my interest. I don't have many qualifications to make me uniquely capable to do the things that I do, other than just having an idea or desire to make things happen.
Twitter: @CoD_Segfault
Description:
"After designing a miniature PCB based on jhewitt's ESP32 Wardriver design, a friend across the country showed interest in obtaining one of the boards. The idea came up that the hardware could be shipped along with a battery and the results could be analyzed and uploaded to Wigle.net after the fact.
This talk goes over the hardware used, the safety considerations, testing methodologies, and criteria needed to be met before proceeding. The results will be analyzed and compared to the shipping service’s tracking methods, with visualizations on a map to show shipping progress."
Return to Index - Add to
- ics Calendar file
DC - Saturday - 17:00-17:20 PDT
Title: Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js
When: Saturday, Aug 12, 17:00 - 17:20 PDT
Where: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
Speakers:Mikhail Shcherbakov,Musard Balliu
SpeakerBio:Mikhail Shcherbakov
, KTH Royal Institute of Technology
Mikhail Shcherbakov came to security from enterprise app development. The tendency is to push it as far as you can… He is now doing a Ph.D. in Language-Based Security after 10+ years of experience in the industry. He participated in Microsoft, GitHub, and open-source bug bounty programs, found vulnerabilities in popular products, and helped to fix them. Before starting a Ph.D. program, he focused on .NET and web security, gave talks at conferences, organized IT meetups, and got the Microsoft MVP Award in 2016 – 2018. Mikhail is an author of commercial static analysis tools and continues research in program analysis.
Twitter: @yu5k3
SpeakerBio:Musard Balliu
, KTH Royal Institute of Technology
No BIO available
Description:
Many have heard about Prototype Pollution vulnerabilities in JavaScript applications. This kind of vulnerability allows an attacker to inject properties into an object's root prototype that may lead to flow control alteration and unexpected program behavior. Every time a successful exploit looks like magic or is limited to a denial of service (DoS). Would you be surprised if I told you that every application has a chain of methods that can be triggered by Prototype Pollution and leads to arbitrary code execution? Such gadgets populated Node.js core code and popular NPM packages. Keep calm. Not every app can be exploited! However, this fact increases the risk of exploitation many times over.
In our research, we studied Prototype Pollution beyond DoS and analyzed Node.js source code against the gadgets. We then analyzed 15 popular Node.js apps from GitHub and got 8 RCEs. Through this talk, I will elaborate on the detected gadgets and vulnerabilities. We will also take a look at how the recent changes in Node.js mitigate these issues.
- REFERENCES
Mikhail Shcherbakov, Musard Balliu and Cristian-Alexandru Staicu "Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js" https://github.com/yuske/silent-spring/blob/master/silent-spring-full-version.pdf
Gareth Heyes "Server-side prototype pollution: Black-box detection without the DoS" https://portswigger.net/research/server-side-prototype-pollution
Michał Bentkowski "Exploiting prototype pollution – RCE in Kibana (CVE-2019-7609)" https://research.securitum.com/prototype-pollution-rce-kibana-cve-2019-7609/
Olivier Arteau "Prototype Pollution Attack in NodeJS application" https://github.com/HoLyVieR/prototype-pollution-nsec18/blob/master/paper/JavaScript_prototype_pollution_attack_in_NodeJS.pdf
Return to Index - Add to
- ics Calendar file
DC - Saturday - 09:00-09:45 PDT
Title: Smashing the state machine: the true potential of web race conditions
When: Saturday, Aug 12, 09:00 - 09:45 PDT
Where: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
SpeakerBio:James "albinowax" Kettle
, Director of Research at PortSwigger
James 'albinowax' Kettle is the Director of Research at PortSwigger, the makers of Burp Suite. He's best known for his HTTP Desync Attacks research, which popularised HTTP Request Smuggling. James has extensive experience cultivating novel attack techniques, including web cache poisoning, browser-powered desync attacks, server-side template injection, and password reset poisoning.
James is also the author of multiple popular open-source tools including Param Miner, Turbo Intruder, and HTTP Request Smuggler. He is a frequent speaker at numerous prestigious venues including both Black Hat USA and EU, OWASP AppSec USA and EU, and DEF CON.
Twitter: @albinowax
Description:
For too long, web race-condition attacks have focused on a tiny handful of scenarios. Their true potential has been masked thanks to tricky workflows, missing tooling, and simple network jitter hiding all but the most trivial, obvious examples. In this session, I'll introduce multiple new classes of race condition that go far beyond the limit-overrun exploits you're probably already familiar with.
Inside every website lurks a state machine: a delicately balanced system of states and transitions that each user, session, and object can flow through. I'll show how to fire salvos of conflicting inputs at high-profile websites to make state machines collapse, enabling you to forge trusted data, misroute tokens, and mask backdoors.
To handle this explosion of attack surface, I'll share a polished methodology designed to help you eke out subtle tell-tale clues and scent blood long before sacrificing anything to the RNG gods. I've also taken lore amassed over years of research into HTTP Desync Attacks and developed a strategy that can squeeze 30 requests sent from Melbourne to Dublin into a sub-1ms execution window. Alongside the open source tool, we'll also release free online labs so you can try out your new skillset immediately.
Return to Index - Add to
- ics Calendar file
BTV - Saturday - 13:30-14:30 PDT
Title: So you want to become a Detection Engineer
When: Saturday, Aug 12, 13:30 - 14:30 PDT
Where: Flamingo - Sunset - Scenic - Blue Team Village - Main Stage - Map
Speakers:Ben Bornholm,CerealKiller,kobaltfox,plug
SpeakerBio:Ben Bornholm
Hey y’all,
I am Ben (@CptOfEvilMinions), I crafted my whimsical presenting style when I was the President of RIT Competitive Cybersecurity Club (RC3). Cybersecurity is not just my day job, it’s my passion. I have continued my passion with my blog and with the creation of DEFCON workshops with the BTV.
During the day I fight off cyber hooligans as a DART engineer at Dropbox.com. At night, I am continuing my passion on my blog HoldMyBeerSecurity.com where I discuss topics in security that interest me such as incident response, threat hunting, detection engineering, Osquery, and DevSecOps.
SpeakerBio:CerealKiller
CerealKiller or Cereal is a Cyber Defense Practitioner with over 10yrs of experience.
SpeakerBio:kobaltfox
TODO
SpeakerBio:plug
No BIO available
Description:
Security is nothing without visibility, join a group of practitioners as they outline ways to get you started in detection engineering.
Security is nothing without visibility, join a group of practitioners as they outline ways to get you started in detection engineering.
Return to Index - Add to
- ics Calendar file
CON - Saturday - 09:00-17:59 PDT
Title: Social Engineering Community (SEC) Youth Challenge
When: Saturday, Aug 12, 09:00 - 17:59 PDT
Where: LINQ - 3rd flr - Social A - Social Engineering Community - Map
Description:
The purpose of the Youth Challenge is to provide anyone under the age of 17 with an event for them to participate. Challenges and puzzles incorporate general cybersecurity with an emphasis on OSINT and Social Engineering. Challenges will be crafted in a way that steers participants to different villages with specific goals to broaden their exposure of different subject matter available at DEF CON. There will be a sign-up form prior to DEF CON, as well as encouraging walk-up participation for those who may not have been aware of the offering.
Return to Index - Add to
- ics Calendar file
SOC - Saturday - 22:00-23:59 PDT
Title: Social Engineering Community Party
When: Saturday, Aug 12, 22:00 - 23:59 PDT
Where: Caesars Forum - Forum - 117-118 - Map
Description:
Want to hang out without the loud music so that you can actually have a conversation? Put on your raddest 80s gear and join the Social Engineering Community for a themed get-together for a chance to hang out and meet new people! We'll have a cash bar with both boozy and booze-free options.
Return to Index - Add to
- ics Calendar file
HHV - Saturday - 10:00-17:59 PDT
Title: Soldering Skills Village Activities
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Alliance - 311-312 - Hardware/Soldering Vlgs - Map
Description:
Have you ever fused metal to create electronic mayhem? Do you want to learn? Travel too far to take your solder tools with you? Hotel take your irons cause they thought it was a fire risk? Come on over to the Solder Skills village. We have irons and supplies. Volunteers (and some attendees) help teach, advise or just put out fires. We aim to grow the skill-set of the community and overcome inhibitions to this most basic skill to make electronic dreams happen.
Return to Index - Add to
- ics Calendar file
ASV - Saturday - 15:00-15:25 PDT
Title: Space Pirates on the Loose! - Space-Based Threats to US Interests
When: Saturday, Aug 12, 15:00 - 15:25 PDT
Where: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
Speakers:Henry Danielson,Sage Meadows
SpeakerBio:Henry Danielson
No BIO available
SpeakerBio:Sage Meadows
No BIO available
Description:
Many US interests heavily depend on space assets. With the rapid development of space technology, security is often overlooked. This talk covers a range of space-based attack scenarios, developed via extensive threat modeling efforts (attack trees, PnGs, etc). The paper being produced from this research effort will be presented to the National Space Council. By addressing these issues, the US can strengthen its resilience in space and ensure the security of critical space-based infrastructures.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 15:00-15:45 PDT
Title: Spooky authentication at a distance
When: Saturday, Aug 12, 15:00 - 15:45 PDT
Where: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
SpeakerBio:Tamas "SkelSec" Jos
, Principal Security Consultant at Sec-Consult AG
Tamas Jos (@skelsec) is a principal security consultant at SEC Consult (Schwiez) AG. He has worked within the information security industry for over 10 years, focusing mainly on reversing topics across many industries around the globe. He has an in-depth technical appreciation of Windows security, which heavily influences his research. This often takes him down many low level rabbit holes, leading to the creation and maintenance of well-received open-source projects, such as pypykatz & OctoPwn.
You can find Tamas’ musings on his blog at https://github.com/skelsec/
Twitter: @skelsec
Description:
Spooky authentication at a distance outlines a new and innovative post-exploitation technique to proxy common authentication protocols used in Windows environments remotely and with no elevated privileges required. This allows security professionals to perform complete impersonation of the target user on their own machine without executing any further code on the target machine besides the agent itself. This talk will also demonstrate the applicability of this new technique by performing no-interaction, full domain takeover using a malicious peripheral in a simulated restricted environment.
- REFERENCES
- Tools which will be showed in the demos:
[AioSMB] https://github.com/skelsec/aiosmb
[MSLDAP] https://github.com/skelsec/msldap
[WSNet] https://github.com/skelsec/wsnet
[OctoPwn] https://community.octopwn.com
[Asyauth] https://github.com/skelsec/asyauth
[Aardwolf] https://github.com/skelsec/aardwolf
My previous talk on [OctoPwn] the in-browser pentest suite can be found here: https://youtu.be/jStdrDHTmD4
Related tools:
[PYODIDE] Octopwn uses Pyodide framework to run in the browser. https://github.com/pyodide/pyodide
[LDAP3] The MSLDAP project used code parts from this project. https://ldap3.readthedocs.io/en/latest/
[RDPY] The Aardwolf RDP clinet is based on this tool. https://github.com/citronneur/rdpy
[BLOODHOUND] Jackdaw was based on this tool. https://github.com/BloodHoundAD/BloodHound
[IMPACKET] aioSMB libraries were based partially on this tool. https://github.com/fortra/impacket
[LsaRelayX] Future extension https://github.com/CCob/lsarelayx
[duckencoder] To automate keystrokes on the embedded system https://github.com/mame82/duckencoder.py
Return to Index - Add to
- ics Calendar file
APV - Saturday - 11:00-12:59 PDT
Title: Spot the True Positives!
When: Saturday, Aug 12, 11:00 - 12:59 PDT
Where: Flamingo - Savoy - AppSec Village - Pod 3 - Map
SpeakerBio:Backslash
No BIO available
Description:
Have participants find the true positives out of 5 SQLi.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 11:00-11:45 PDT
Title: Spread spectrum techniques in disposable drones for anti drone evasion
When: Saturday, Aug 12, 11:00 - 11:45 PDT
Where: Caesars Forum - Academy - 407-410 - Track 4 - Map
Speakers:David Melendez,Gabriela "Gabs" García
SpeakerBio:David Melendez
, R&D Embedded Software Engineer
David Melendez is an R&D Embedded Systems Engineer, with over twelve years of experience in cybersecurity and hardware hacking. He has a proven track record of presenting his groundbreaking investigations at prestigious conferences around the world, including DEFCON, BLACKHAT, and ROOTEDCON.
David is also a drone creator and author of the book "Hacking with Drones," which showcases his innovative use of drones in cybersecurity research. With his passion for pushing the boundaries of technology, David is constantly seeking new ways to improve the security and functionality of embedded systems.
Twitter: @@taiksontexas
SpeakerBio:Gabriela "Gabs" García
, Hacker, Professor and Mentor
Gabriela "Gabs" García is a university professor and mentor, Secure Software Developer and coding and cybersecurity instructor for organizations such as LinkedIn, Cyber Hunter Academy and Kschool. She teaches, whether that's in a lecture hall or over the internet, about software development, with a keen eye for secure practices.
Gabriela is also an active member in hacker communities such as HackMadrid%27 and Hack%27, both at home in Spain and across the world. And as an independent professional, she gets to work with a wide variety of clients, crafting custom cybersecurity solutions to fit their specific needs.
Description:
The popularity of cheap and DIY drones has made them a target for attackers using radiofrequency (RF) signals. Frequency hopping is a technique that can be used to mitigate the risks associated with RF warfare. However, implementing frequency hopping in cheap and DIY drones presents several technical challenges, such as the need for a stable clock and synchronization between the transmitter and receiver without rising hardware costs. Despite these challenges, frequency hopping can significantly enhance the security of consumer and DIY drones making much more challenging or even useless anti-drone systems' role.
- REFERENCES
DEF CON 24 - Aaron Luo - Drones Hijacking: Multidimensional attack vectors and countermeasures
DEF CON 25 - Game of Drones - Brown,Latimer
DEF CON 26 - David Melendez Cano - Avoiding antidrone systems with nanodrones.
DEF CON 29 - Steal This Drone - An Aerospace Village Cybersecurity Activity - http://loonwerks.com/publications/pdf/Steal-This-Drone-README.pdf
https://unicornriot.ninja/2017/hacking-drones-ultrasonic-pulses/
https://en.wikipedia.org/wiki/Tempest_(codename)
Return to Index - Add to
- ics Calendar file
CLV - Saturday - 11:10-11:50 PDT
Title: SSO Sloppy, SSO Suspect, SSO Vulnerable
When: Saturday, Aug 12, 11:10 - 11:50 PDT
Where: Flamingo - Mesquite - Cloud Village - Map
SpeakerBio:Jenko Hwong
, Principal Researcher, Threat Research Team at Netskope
Jenko Hwong is a Principal Researcher on Netskope's Threat Research Team, focusing on cloud threats/vectors. He's spent time in engineering and product roles at various security startups in vulnerability scanning, AV/AS, pen-testing/exploits, L3/4 appliances, threat intel, and windows security.
Twitter: @jenkohwong
Description:
Enterprise SSO protocols and vendor implementations continue to evolve for the worse, as we've gone from SAML to OAuth to MUVP (Made-Up-Vendor-Protocol).
Attacks against SSO started with the Golden SAML attack (Cyberark, 11/2017), which used stolen certificates to spoof SAML responses, recently used in the SolarWinds hack in 2020. Recently, OAuth has been used to implement SSO, and new POC identity attacks have been published such as gaining access to a Facebook account that uses Gmail as the SSO identity provider via OAuth 2.0 (Sammouda, 5/2022), utilizing the chaining of traditional web vulnerabilities such as XSS with the design of the OAuth protocol in order to steal OAuth session tokens. AWS's SSO implementation mixes SAML, OAuth, and traditional AWS access keys. And Microsoft and Google also use custom OAuth to implement SSO among their app suites.
This protocol soup opens up more areas for abuse by attackers with key benefits: remotely-enabled attacks by design without need for endpoint compromise, near-permanent access, no need to go through MFA challenges, and incomplete controls for in preventing, detecting, and responding to these attacks.
We will demonstrate how these attacks work, what's different, how the underlying SSO protocols and features are abused, and where defensive measures fail.
Return to Index - Add to
- ics Calendar file
WS - Saturday - 14:00-17:59 PDT
Title: Starbase: open source graph security analysis (Pre-Registration Required)
When: Saturday, Aug 12, 14:00 - 17:59 PDT
Where: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
Speakers:Adam Pierson,Austin Kelleher,Guillaume Ross
SpeakerBio:Adam Pierson
Adam Pierson is a Senior Software Engineer at JupiterOne. His diverse experience includes time as an embedded software engineer, an R&D analyst working on adopting emerging technologies within large corporate IT environments, and as a developer demonstrating the value of using graph databases to solve complex problems. Currently he is on JupiterOne’s Integration team working on development tools and continuing work on the open-source Starbase project.
SpeakerBio:Austin Kelleher
Austin Kelleher is a Principal Software Engineer as well as a founding member at JupiterOne. He leads the team responsible for maintaining 100+ open-source projects at JupiterOne. His background has primarily been focused on developing cloud-based software systems and tools that interact with graphs for security analysis. Prior to moving to the security industry, Austin was an engineer at eBay building Marko and Lasso, which are the open-source web tools that power the eBay.com web experience.
SpeakerBio:Guillaume Ross
, JupiterOne
Guillaume has worked on the blue-team side of security for close to two decades now, and loves to do things because they MATTER and not just because everyone else in security is doing the same. He leads the security and IT teams at JupiterOne.
Description:
Security teams are overwhelmed with data. How does a user account relate to a server, an application? Does this vulnerability put this important data at risk, or does it simply expose a few systems we care about much less? Who really has access to these files? This is vulnerable, but the firewall won’t let traffic to the service, or will it?
These types of questions are very difficult to answer in a vacuum as they require context. With the power of graphs, and Starbase, an open source graph security analysis tool, we will be able to import the data that allows us to answer them using the graph.
John Lambert said “Defenders think in lists, attackers think in graphs”. Join us, so we can get a lot more people thinking in graphs!
Skill Level: Intermediate
Prerequisites for students:
Ability to use Docker when provided with commands. Basic understanding of IT and security issues in cloud environments.
Materials or Equipment students will need to bring to participate: A laptop with Docker as well as a few docker images pulled in advance.
Due to the brittle nature of conference Wi-Fi, we’ll send instructions in advance, so as many people as possible will have downloaded it.
Return to Index - Add to
- ics Calendar file
RTV - Saturday - 13:00-13:59 PDT
Title: Storfield: A Quiet Methodology to Create Attacks in Mature Networks
When: Saturday, Aug 12, 13:00 - 13:59 PDT
Where: Flamingo - Sunset-Twilight Ballroom - Red Team Village - Area 3 - Map
SpeakerBio:Cory Wolff
No BIO available
Twitter: @cwolff411
Description:
The Storfield Methodology focuses on three main questions: Where am I? Where is the DC? Where are the high-value targets? The Storfield Methodology is meant to be repeatable during every engagement. When following this method the steps should be the same regardless of the security controls implemented in a particular network.
Return to Index - Add to
- ics Calendar file
ASV - Saturday - 14:30-14:55 PDT
Title: Stories from the Trenches: Operating a Aeronautics Cyber Range
When: Saturday, Aug 12, 14:30 - 14:55 PDT
Where: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
SpeakerBio:Christopher Ottesen
No BIO available
Description:
The Aeronautics Cyber Range performs penetration testing on DoD aviation weapons systems. Since becoming operational in 2019, the team has accumulated many lessons learned and best practices to support testing of aerospace embedded systems. This talk details how to deal with fundamental challenges of operating this type of facility. Brace yourselves for an incredible journey filled with the obstacles we encountered and the strategies and tactics you can use to avoid our growing pains.
Return to Index - Add to
- ics Calendar file
BHV - Saturday - 11:40-12:40 PDT
Title: Surgical Physicians and Cybersecurity
When: Saturday, Aug 12, 11:40 - 12:40 PDT
Where: Flamingo - Laughlin I,II,III - Biohacking Village - Map
SpeakerBio:Colin Haines
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
APV - Saturday - 15:00-15:45 PDT
Title: SusParams: Hypercharge your web testing with DATA
When: Saturday, Aug 12, 15:00 - 15:45 PDT
Where: Flamingo - Savoy - AppSec Village - Main Stage - Map
SpeakerBio:Jason Haddix
, CISO and “Hacker in Charge” at BuddoBot
Jason Haddix is the CISO and “Hacker in Charge” at BuddoBot, a world-class adversary emulation consultancy. He's had a distinguished 15-year career in cybersecurity previously serving as the CISO of Ubisoft, Head of Trust/Security/Operations at Bugcrowd, Director of Penetration Testing at HP, and Lead Penetration Tester at Redspin. He has also held positions doing mobile penetration testing, network/infrastructure security assessments, and static analysis. Jason is a hacker and bug hunter to the core, and he is ranked 51st all-time on Bugcrowd's leaderboards. Currently, he specializes in recon and web application analysis. Jason has also authored many talks on offensive security methodology, including speaking at cons such as; DEF CON, Black Hat, OWASP, RSA, Nullcon, SANS, IANS, BruCon, Toorcon, and many more. Jason currently lives in Colorado with his wife and three children.
Twitter: @jhaddix
Description:
SusParams is a testing dataset for offensive security folk assessing web technologies. Years ago, I released a tool called HUNT at DEF CON and Blackhat Arsenal. The secret sauce was a dataset of commonly vulnerable parameters to certain web vulnerability types. This dataset was created using statistical analysis of over 18,000 parameters. Jhaddix and Gunnar have extended this research to over 40,000 parameters. Our data sources have expanded into hackerone hacktivity, 5 years of recent CVE data, XSSed.com, and more!
Join us as we release this epic tool and helper scripts to supercharge your offensive web hacking.
Return to Index - Add to
- ics Calendar file
DCGVR - Saturday - 11:35-12:20 PDT
Title: Taking Down Applications with Logic: A Comprehensive Guide to Modern DOS Attacks
When: Saturday, Aug 12, 11:35 - 12:20 PDT
Where: Virtual
SpeakerBio:Abhijeet Singh
Abhijeet Singh is a cybersecurity expert with a passion for securing digital assets and currently working in a start-up "Cultfit". Abhijeet specializes in vulnerability assessment and penetration testing of various applications, network and cloud security, and enjoys automating security tasks.
Twitter: @abhiunix
Description:
It will be a comprehensive guide that explores the various types of Denial of Service (DOS) attacks and the latest techniques used to attack applications which can evade the Firewall. Abhijeet will cover the concept of logical attacks, which are a new type of DOS attack that exploits vulnerabilities in an application's logic, making them increasingly difficult to detect.
Return to Index - Add to
- ics Calendar file
TEV - Saturday - 10:00-17:59 PDT
Title: Tamper Evident Village Activities
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: LINQ - 5th Floor / BLOQ - Tamper Evident Village - Map
Description:
"Tamper-evident" refers to a physical security technology that provides evidence of tampering (access, damage, repair, or replacement) to determine authenticity or integrity of a container or object(s). In practical terms, this can be a piece of tape that closes an envelope, a plastic detainer that secures a hasp, or an ink used to identify a legitimate document. The goal of the Tamper Evident Village is to teach attendees how these technologies work and how many can be tampered with without leaving evidence. The village includes hands-on areas for mechanical seals, cargo seals, adhesive seals, mail and shipping seals, as well as a collection of demos, contests, and events to participate in.
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-17:59 PDT
Title: TeleChallenge
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
The TeleChallenge is a fast-paced, fully immersive, and epic battle of wits and skill. The highest level of commitment is required, and this is one of the hardest contests in the world to win, but you don't need any special technical skills to play: just a touch-tone phone. And remember: the best way to ascend into the Phoniverse is to get others involved in the TeleChallenge opportunity, so bring a team!
--
Rated PG-13. It's a level of challenge that is probably most suited to high school students and up, but anyone can play and we try to make it fun even if you're not competitive to win. :)
Return to Index - Add to
- ics Calendar file
CPV - Saturday - 11:00-11:59 PDT
Title: Ten Years of CPV - Program Committees
When: Saturday, Aug 12, 11:00 - 11:59 PDT
Where: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
Speakers:CPV Program Committees,CPV Staff
SpeakerBio:CPV Program Committees
No BIO available
SpeakerBio:CPV Staff
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
CPV - Saturday - 12:00-12:59 PDT
Title: Ten Years of CPV - The Gold Bug Challenge
When: Saturday, Aug 12, 12:00 - 12:59 PDT
Where: Flamingo - Sunset - Vista - Crypto & Privacy Village - Map
Speakers:CPV Staff,Gold Bug Challenge Team
SpeakerBio:CPV Staff
No BIO available
SpeakerBio:Gold Bug Challenge Team
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
ASV - Saturday - 10:00-17:59 PDT
Title: The Challenge - Lockheed Martin
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
Description:
The Challenge
Lockheed Martin
**Laptop Needed**
This is your chance to demonstrate your superior aviation hacking knowledge and skills. This contest requires you to keep your eyes open in the Aerospace Village, a personal device to access the contest webpage, and various other technical skills that are useful in the Aerospace industry. A laptop will be helpful for binary analysis and packet decoding. The final flag is an RF replay attack, so you will need to bring or borrow a device capable of rebroadcasting a signal. If you get stuck on any the challenges help can likely be found in some of the other villages. No pre-registration is required and it is OK to work in teams. The first to finish will receive a 1/48 scale model of an F-35B as well as the prestige of being the first ever winner of this challenging contest. A second model will be awarded based on a random drawing of all other people who successfully solve the final flag. The Aerospace Village CTF starts when the village opens on Friday and ends when the village closes Sunday at 2.
Return to Index - Add to
- ics Calendar file
PLV - Saturday - 12:00-12:50 PDT
Title: The Coming War on Encryption, Part 3 (and how you can fight back)
When: Saturday, Aug 12, 12:00 - 12:50 PDT
Where: Caesars Forum - Summit - 221-222 - Policy Atrium - Map
SpeakerBio:India McKinney
, Director of Federal Affairs at Electronic Frontier Foundation
As a former Capitol Hill staffer and a current EFF lobbyist, India’s main job is to make sure that the laws of the land don't suck the life out of the internet. India’s passion has always been for good public policy, and she’s excited to be using skills developed during past legislative battles to fight for encryption, for consumer privacy, and civil liberties in the digital realm.
Twitter: @@imck82
Description:
In recent years, lawmakers around the world have proposed legislation aimed at ending encryption, under the guise of ending child exploitation. In the first half of 2023, we have already seen two serious legislative proposals in the Senate that would result in potentially disastrous legal risks for any company that provides encrypted messages.
Come join us to get an update about the government’s efforts to break encryption – again. We’ll talk about what is different from the last Encryption Wars, what the conversation sounds like right now in DC*, and we’ve been doing to fight back. Most important, we’ll talk about what technologists can do to protect encryption and everyone who uses it.
*when you read this, EARN IT and the STOP CSAM Act, both bills designed to break encryption, will have been marked up and passed out of the Senate Judiciary Committee. What happens after that is entirely dependent on many factors outside my control. The FBI is super gearing up to double down on their position, though.
Return to Index - Add to
- ics Calendar file
DCGVR - Saturday - 12:35-13:20 PDT
Title: The Curse of Ncurses
When: Saturday, Aug 12, 12:35 - 13:20 PDT
Where: Virtual
SpeakerBio:Jonathan Bar Or
, Security Researcher at Microsoft
Jonathan Bar Or ("JBO") is a Principal Security Researcher at Microsoft, working as the Microsoft Defender research architect for cross-platform. Jonathan has rich experience in vulnerability research, exploitation, cryptanalysis, and offensive security in general.
Twitter: @yo_yo_yo_jbo
Description:
Terminals are ancient and dangerous beasts. While performing a routine code auditing, our team has discovered several vulnerabilities in ncurses, present on multiple operating systems. In this talk we will discuss those vulnerabilities and the dangers they pose, as well as discuss oss security in general.
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-17:59 PDT
Title: The Dark Tangent Look-Alike Contest
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
The Dark Tangent Look A-like Contest is a creative opportunity for DEF CON attendees to put their non-technical hacking skills to the test. As a contestant in The Dark Tangent Look A-like Contest, you will be judged based on your appearance, mannerisms, efforts, and overall persuasiveness. Can you assume another identity? Can you look, walk, talk, and act like Dark Tangent? Can you become THE DARK TANGENT?
Return to Index - Add to
- ics Calendar file
DC - Saturday - 13:30-14:15 PDT
Title: The GitHub Actions Worm: Compromising GitHub repositories through the Actions dependency tree
When: Saturday, Aug 12, 13:30 - 14:15 PDT
Where: Caesars Forum - Forum - 130-134 - Track 3 - Map
SpeakerBio:Asi Greenholts
, Security Researcher at Palo Alto Networks
Asi has 8 years of experience in the security field, including security architecture, SOC management, incident response, and application security research. Asi has gained his experience working for major organizations in the financial and government sectors. Today, Asi is a security researcher that focuses on revolutionizing CI/CD security at Palo Alto Networks. During his free time, Asi likes to read, invest in the stock market and to snowboard.
Twitter: @@TupleType
Description:
GitHub is the most popular platform to host Open Source projects therefore, the popularity of their CI/CD platform - GitHub Actions is rising, which makes it an attractive target for attackers.
In this talk I’ll show you how an attacker can take advantage of the Custom GitHub Actions ecosystem by infecting one Action to spread malicious code to other Actions and projects by showing you a demo of POC worm.
We will start by exploring the ways in which Actions are loosely and implicitly dependent on other Actions. This will allow us to create a dependency tree of Actions that starts from a project that we want to attack and hopefully ends in a vulnerable Action that we can take control of.
We will then dive down to how GitHub Actions is working under the hood and I’ll show you how an attacker that is in control of an Action can utilize the mechanism of the GitHub Actions Runner to infect other Actions that are dependent on their Action and eventually infect the targeted project.
Finally, after we’ve gained all of the theoretical knowledge I’ll show you a demo with POC malware that is spreading through Actions and we will talk on how to defend against this kind of attack.
- REFERENCES
- https://karimrahal.com/2023/01/05/github-actions-leaking-secrets/
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-17:59 PDT
Title: The Gold Bug Challenge
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
Love puzzles? Need a place to exercise your classical and modern cryptography skills? This puzzle will keep you intrigued and busy throughout Defcon - and questioning how deep the layers of cryptography go.
The Gold Bug an annual Defcon puzzle hunt, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto. Accessible to all - and drop by for some kids’ puzzles too!
:‡?( 8;(: .‡6; 6) 5; 3‡0†2?3 †‡; -(:.;‡¶600538 †‡; ‡(3
The CPV and Goldbug contest are always kid friendly. We will have "junior cryptographer" puzzle sheet hand outs for kids and those new to the field.
Return to Index - Add to
- ics Calendar file
CLV - Saturday - 14:50-15:35 PDT
Title: The Human Threat Factor - Cloud Security Misconfigurations
When: Saturday, Aug 12, 14:50 - 15:35 PDT
Where: Flamingo - Mesquite - Cloud Village - Map
SpeakerBio:Kat Fitzgerald
I have to say who I am and why I'm here and my qualifications. I want to explain how/why I do this and how I'm going to make it a fun project for everyone after the talk - with some very specific key takeaways!
Twitter: @rnbwkat
Description:
Threat modeling the human security risk, or as others might call it, Security Misconfigurations in the cloud and all the fun attack vectors they create. Yep, it's clobberin time and this is what makes this job fun - helping others to find their own security problems before others do!
Return to Index - Add to
- ics Calendar file
VMV - Saturday - 16:30-17:30 PDT
Title: The Impact Of Misinformation On Elections
When: Saturday, Aug 12, 16:30 - 17:30 PDT
Where: Caesars Forum - Academy - 415-418 - Voting Village - Map
Speakers:Joe Schniebes,Maia Mazurkiewicz,Michael Moore
SpeakerBio:Joe Schniebes
Joe Schniebs is the Chief Strategy Officer and Founder at Ridgeline International, where he has developed a hands-on approach to digital signature management. He helps cross-sector organizations strike the right balance between data privacy and conveniences.
SpeakerBio:Maia Mazurkiewicz
Maia Mazurkiewicz is an expert on countering disinformation and behavioural changes. She has 15 years of experience in political management, foreign affairs, and communication in administration, business and CSOs. She is a speaker, trainer and moderator. She believes that we need to change the way we communicate, to introduce more understanding in between humans. She is a Co-founder and Head of StratCom of Alliance4Europe where she deals with strategic communication, to build more diverse internet. She co-founded Future Forces Foundation that is working for more impactful business. She is also Vice-President of the Free European Media Association. In 2017 she co-created Keyboard Warriors in Poland, community that debunks disinformation. Maia is a barrister educated in Poland and the United States. She is actively involved in supporting Ukrainian refugees. Maia cooperated with number of foundations and NGOs where she worked on various projects concerning democratization and political parties trainings in Eastern Europe. She advices clients on strategy building and public affairs, as well as trains on leadership, project management and campaign building.
Twitter: @MaiaMazurkiewic
SpeakerBio:Michael Moore
After volunteering to be a poll worker, Michael Moore developed a passion for Election Security. He was the first Information Security Officer for the Maricopa County Recorder's office and is now the first Chief Information Security Officer for the Arizona Secretary of State. Michael believes it is only through effective federal, state, and local government partnerships, as well as assistance from trusted vendors that we can protect our democracy and fulfill our duty to the American voter. The greatest threats to elections are MDM and the resulting insider threat caused by radicalized citizens. The best protection against these threats is combating lies with the truth, developing secure and resilient systems that prevent attacks whenever possible, allow for detections of compromise and facilitate accurate and rapid recovery. Michael has pushed forward these initiatives in his own organizations as well as across the Elections community. Michael is an alumnus of Arizona State University with a B.S. in Mathematics and a B.A. in Education and is a CISSP, Certified Election Official (CEO) and Certified Public Manager (CPM).
Twitter: @Secur3Elections
Description:
This panel will explore all the different ways misinformation, disinformation, and malinformation are being used today, and what we can expect leading up to the 2024 election. The audience will get a comprehensive overview of what to look out for when trying distinguish what kind of information to consume, and how to protect oneself from misinformation, disinformation, and malinformation campaigns. Different perspecives from accross the election and security industires will come together to provide a dynamic outlook on what are experiencing now as well as what we will see in the future.
Return to Index - Add to
- ics Calendar file
PHV - Saturday - 16:00-16:50 PDT
Title: The Importance of Arts and Crafts in ThreatOps
When: Saturday, Aug 12, 16:00 - 16:50 PDT
Where: Caesars Forum - Summit - 233 - Shared Stage - Map
SpeakerBio:Pete Hay
In addition to being SimSpace's Principal Security Strategist, Pete is the Co-Founder & Editor-in-Chief of TheCyber.Report. Pete has an extensive & diverse background in technology driven fields including Computer Network Operations (CNO), Network Forensics, & Nuclear Chemistry, as well as one of the few patents issued in Cybersecurity & ZTA. A life-long learner & security enthusiast, Pete helps Fortune 10 banks test & refine their security postures, while running TheCyber.Report as a passion project.
Description:
Cybersecurity professionals spend an huge amount of time attempting to use a visual medium to communicate complicated concepts in a simple yet information-dense manner. However if you ask 10 analysts to map out the same incident, you'll get 10 divergent diagrams. In this presentation we present a method of leveling-up your cybersecurity-related arts and crafts skills: effectively diagramming incidents, threat reports, threat intel, and reporting to support full-spectrum ThreatOps.
Return to Index - Add to
- ics Calendar file
IOTV - Saturday - 10:00-17:59 PDT
Title: The IoT Kill Zone
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Alliance - 307-310 - IOT Village - Map
Description:
Bluetooth Hacking: Hands-on exercises provide insights into powerful Bluetooth, WiFi, and IoT Security Assessment tools to unleash your hacking potential. Talk with security researchers on Bluetooth, WiFi, and 5G research; learn about firmware analysis and fuzzing. Walk away knowing the tools and lab equipment you need to perform IoT research.
Return to Index - Add to
- ics Calendar file
WS - Saturday - 14:00-17:59 PDT
Title: The Joy of Reverse Engineering: Learning With Ghidra and WinDbg (Pre-Registration Required)
When: Saturday, Aug 12, 14:00 - 17:59 PDT
Where: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
SpeakerBio:Wesley McGrew
, Senior Cyber Fellow at MartinFed
Dr. Wesley McGrew directs research, development, and offensive cyber operations as Senior Cybersecurity Fellow for MartinFederal. He has presented on topics of penetration testing and and malware analysis at DEF CON and Black Hat USA and taught a self-designed course on reverse engineering to students at Mississippi State University, using real-world, high-profile malware samples. Wesley has a Ph.D. in Computer Science from Mississippi State University for his research in vulnerability analysis of SCADA HMI systems.
Twitter: @McGrewSecurity
Description:
While it can be intimidating to "get into" software reverse engineering (RE), it can be very rewarding. Reverse engineering skills will serve you well in malicious software analysis, vulnerability discovery, exploit development, bypassing host-based protection, and in approaching many other interesting and useful problems in hacking. Being able to study how software works, without source code or documentation, will give you the confidence that there is nothing about a computer system you can't understand, if you simply apply enough time and effort. Beyond all of this: it's fun. Every malicious program becomes a new and interesting puzzle to "solve".
The purpose of this workshop is to introduce software reverse engineering to the attendees, using static and dynamic techniques with the Ghidra disassembler and WinDbg debugger. No prior experience in reverse engineering is necessary. There will be few slides--concepts and techniques will be illustrated within the Ghidra and WinDbg environments, and attendees can follow along with their own laptops and virtual environments. We will cover the following topics:
- Software Reverse Engineering concepts and terminology
- Setting up WinDbg and Ghidra
- The execution environment (CPU, Virtual Memory, Linking and Loading)
- C constructs, as seen in disassembled code
- Combining static and dynamic analysis to understand and document compiled binary code
- Methodology and approaches for reverse engineering large programs
- Hands-on malware analysis
- How to approach a "new-to-you" architecture
Skill Level: Beginner
Prerequisites for students:
- No previous reverse engineering experience required.
- Basic familiarity with programming in a high-level language is necessary (C preferred, Scripting languages like Python would be okay).
Materials or Equipment students will need to bring to participate:
- A laptop with a fresh Windows 10 Virtual Machine.
- Being able to dedicate 8GB RAM to the VM (meaning, you probably have 16GB in your laptop) will make the experience smoother, but you can get by with 4GB
- 10 GB storage free in the VM (after installing Windows)
- Administrative privileges
- Ability to copy exercise files from USB
We will be working with live malware samples. Depending on your comfort level with this, bring a "burner" laptop, use a clean drive, or plan on doing a clean install before and after the workshop.
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-19:59 PDT
Title: The Lonely Hard Drive
When: Saturday, Aug 12, 10:00 - 19:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
Are you looking for a good time? Are you trying to get lucky? Did you already get lucky by finding a Lonely Hard Drive in Vegas? Satisfy your curiosity by visiting the contest hall to get started or encounter one of the Lonely Hard Drives hidden around the conference! Contained within is a maze of puzzles and challenges that increase in difficulty the further you progress. There are flags to find and points to earn towards the leaderboard to win prizes at DEF CON 31! Act now! Limited time offer! The Lonely Hard Drive is waiting for you!
Return to Index - Add to
- ics Calendar file
BHV - Saturday - 00:00-00:59 PDT
Title: The Megabiome is In Charge: Taking Control of Your Microbial World
When: Saturday, Aug 12, 00:00 - 00:59 PDT
Where: Virtual
SpeakerBio:Mariam Elgabry
No BIO available
Description:
This talk is being pre-recorded and will be released on YouTube. Once it is available, a link to it will appear here.
Update 2023-08-11 06:30: Biohacking Village indicates that the pre-recorded talks have not yet been received. Once received, these talks will be posted to the [Biohacking Village YouTube Channel](https://www.youtube.com/@BiohackingVillage/about). Please note that this may be as late as a week or two after DC31.
Return to Index - Add to
- ics Calendar file
XRV - Saturday - 14:00-14:59 PDT
Title: The of History XR From Fiction to Reality
When: Saturday, Aug 12, 14:00 - 14:59 PDT
Where: Caesars Forum - Summit - 233 - Shared Stage - Map
Speakers:Bob Gourley,Starr Brown
SpeakerBio:Bob Gourley
Bob Gourley is an experienced Chief Technology Officer (CTO), Board Qualified Technical Executive (QTE), author and entrepreneur with extensive past performance in enterprise IT, corporate cybersecurity and data analytics. CTO of OODA LLC, a unique team of international experts which provide board advisory and cybersecurity consulting services.
OODA publishes OODALoop.com. Bob has been an advisor to dozens of successful high tech startups and has conducted enterprise cybersecurity assessments for businesses in multiple sectors of the economy. He was a career Naval Intelligence Officer and is the former CTO of the Defense Intelligence Agency.
SpeakerBio:Starr Brown
Starr Brown is the Executive Director of XR Village, a non-profit and non-partisan roadshow dedicated to education and better public policy in the areas of privacy, security and cyber-informed engineering. Starr is an accomplished leader with extensive experience in the computer hardware/software industry with a background in operations, software development and InfoSec.
As an avid gamer, Starr has also been an early advocate and supporter of eSports in education leveraging the power of competitive gaming to enhance student engagement and foster critical skills such as teamwork, problem-solving, and strategic thinking.
Description:
In this discussion XR village Executive Director Starr Brown interviews Bob Gourley, whose site OODAloop.com has been tracking XR topics since 2003. Bob has leveraged his experience as a cybersecurity professional and an enterprise CTO to produce research and reporting on XR that points to a future of incredible potential, if we can mitigate the new threats this emerging technology brings with it. Starr Brown is a security professional with a knack for using collaboration and innovation to meet both compliance and security needs and was early in identifying the unique security and risk mitigation needs of XR, making her the perfect person to extract insights from Bob in this fireside chat.
Return to Index - Add to
- ics Calendar file
RCV - Saturday - 17:05-17:50 PDT
Title: The Perils of Generative AI: Implications for Open Source Intelligence Research
When: Saturday, Aug 12, 17:05 - 17:50 PDT
Where: LINQ - 3rd flr - Social B and C - Recon Village - Map
SpeakerBio:Andy Dennis
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
WS - Saturday - 09:00-12:59 PDT
Title: The Petting Zoo: Breaking into CTFs (Pre-Registration Required)
When: Saturday, Aug 12, 09:00 - 12:59 PDT
Where: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - Map
Speakers:Christopher Forte,Robert Fitzpatrick
SpeakerBio:Christopher Forte
Christopher Forte is a security researcher and a junky for learning, participating in CTFs, and solving challenges. He is curious, loves teaching others, and has a passion for breaking things. As a resident of Las Vegas, Christopher co-founded DC702, is the local Chapter President of TOOOL, and enjoys introducing people to the world of hacking and lock picking.
SpeakerBio:Robert Fitzpatrick
Robert Fitzpatrick is a military veteran of over 20 years. He began his cyber life leading the Information Assurance office, and quickly moved up to run the Network Operations Center, as well as the Network Test and Evaluation center. He has built multiple operations centers in both homeland and austere locations, purchased satellite infrastructures, and led vulnerability investigations for classified networks. He is also a co-founder of DC702 and enjoys training new students on an eclectic array of subjects surrounding his interests.
Description:
Breaking into the capture the flag (CTF) world can be daunting and many people are overwhelmed when faced with participation in these events and challenges. With how beneficial the various challenges can be to both beginners and seasoned professionals, we want to demystify this world and help people get the most out of them.
This workshop will start with an overview of the CTF landscape, why we do them, and what value they have in the scope of the hacking community. This presentation will include various resources and a few simple demos to show how to approach a CTF and how it may differ from "real world" hacking challenges that many of us face in our professions. Next, a short CTF will be hosted to give attendees hands-on experience solving challenges with the ability to ask for help and will be guided through the approach to successfully navigating these challenges. Upon completion, the group will have worked through various types of hacking challenges and will have the confidence to participate in other CTFs hosted throughout the year.
Areas of focus will include:
- Common platforms and formats
- Overview of online resources, repositories, and how to progress
- Common tools used in CTFs and hacking challenges
- Basics of web challenges
- Basics of binary exploitation and reversing challenges
- Basics of cryptographic challenges
- Basics of forensic and network traffic challenges
Skill Level: Beginner
Prerequisites for students:
- Be curious about CTFs and have a very basic knowledge of or exposure to fundamental topics (e.g., Linux, websites, networking, data encoding and encryption)
- Exposure to the above concepts will help during the workshop defined CTF challenges but is not required for the workshop
Materials or Equipment students will need to bring to participate:
- Laptop
- Debian-based Virtual Machine (e.g., Kali) is recommended
- Virtualized environment or Kali is not required but Kali will provide all the tools useful in solving the challenges and help standardize available tools. All challenge solutions will be possible using default Kali installations.
- A limited number of Kali-Chromebooks and hosted resources will be available for those having issues or unable to bring their own systems.
Return to Index - Add to
- ics Calendar file
CLV - Saturday - 12:20-12:59 PDT
Title: The Rocky Balboa Guide to Security Research: Getting Back Up When You Get Knocked Down
When: Saturday, Aug 12, 12:20 - 12:59 PDT
Where: Flamingo - Mesquite - Cloud Village - Map
SpeakerBio:Liv Matan
, Cloud Security Researcher at Ermetic
Liv Matan is a cloud security researcher at Ermetic, where he specializes in application and web security. He previously served in the 8200 Intelligence Corps unit as a software developer. As a bug bounty hunter, Liv has found several vulnerabilities in popular software platforms, such as Azure web services, Facebook and Gitlab. In his free time, Liv boxes, lifts and plays Capture the Flag (CTF).Liv studied computer science at the Weizmann Institute of Science, in Israel.
Twitter: @terminatorLM
Description:
Vulnerability research is sometimes perceived as a glamorous pursuit, where researchers constantly uncover security flaws and find critical exploits that can lead to catastrophic results. In this talk, we show you what it's really like behind the scenes of cloud vulnerability research.
We discuss the lessons learned while dealing with the barriers and challenges that arise when searching for and reporting new vulnerabilities to the biggest cloud vendors. We will present the mindset we embrace to find common ground in major services, and the importance of a responsible disclosure process. We debate why we, the researchers, are accountable for our findings and how we should push the cloud vendor for the best bug resolution.
Often, vulnerability talks are about the researcher's greatest success stories. This talk also explores the unexpected benefits of coming up short in vulnerability research. We argue that these ""losses"" can provide valuable insights into security research, allowing us to better understand a system's strengths and weaknesses and its security stack.
The session draws on real-world examples, including a major vulnerability we uncovered that affected multiple Azure web services, exploitation of internal communication channels across various CSPs, and our go-to approach when exploring new unfamiliar cloud services. We close the session by discussing each vendor's unique approach to fixing reported security issues.
Join us for this thought-provoking talk and discover the hidden side of vulnerability research. You'll come away with a new appreciation for the challenges and rewards of this fascinating field and a deeper understanding of its role in keeping us all safe and secure.
Return to Index - Add to
- ics Calendar file
AIV - Saturday - 13:30-14:25 PDT
Title: The Sinister Synergy of Advanced AI: Automatically Orchestrating Large-scale Scam Campaigns with Large Generative Models
When: Saturday, Aug 12, 13:30 - 14:25 PDT
Where: Caesars Forum - Academy - 401-406 - AI Village - Map
Speakers:Ben Gelman,Younghoo Lee
SpeakerBio:Ben Gelman
No BIO available
SpeakerBio:Younghoo Lee
No BIO available
Description:
Rapid advancements in AI have enabled large language models (LLMs) and generative technologies to fuse their outputs, creating a new level of diverse, synthetic content that can deceive on an unprecedented scale. This chilling union of AI capabilities opens the door to the generation of entire scam campaigns, blurring the boundary between reality and fiction.
Many people are already aware of how LLMs can help with basic writing and coding. In this talk, we go beyond simple LLM-assisted ploys and automatically orchestrate unprecedented credential-stealing scam campaigns that combine code, text, images, and audio to build dozens of websites, product catalogs, testimonials, and social media advertisements. We discuss how the barriers to entry have decreased for criminals with minimal knowledge of AI, the scale that automation can achieve, and the current shortcomings that still require human intervention.
Return to Index - Add to
- ics Calendar file
APV - Saturday - 13:00-14:59 PDT
Title: The Ultimate AppSec Trivia Challenge
When: Saturday, Aug 12, 13:00 - 14:59 PDT
Where: Flamingo - Savoy - AppSec Village - Pod 4 - Map
SpeakerBio:Probely
No BIO available
Description:
The Ultimate AppSec Trivia Challenge is a fun and educational game that tests your application security knowledge. The game consists of cards with questions ranging from easy to hard, all related to application security. Players can challenge themselves, or each other, to test their knowledge. You can improve your understanding of AppSec and have fun simultaneously. Bring your team or yourself and see where you rank on the leaderboard! Whether you're a beginner or an expert in application security, The Ultimate AppSec Trivia Challenge has something for everyone to learn.
Return to Index - Add to
- ics Calendar file
APV - Saturday - 11:00-12:59 PDT
Title: The Ultimate AppSec Trivia Challenge
When: Saturday, Aug 12, 11:00 - 12:59 PDT
Where: Flamingo - Savoy - AppSec Village - Pod 4 - Map
SpeakerBio:Probely
No BIO available
Description:
The Ultimate AppSec Trivia Challenge is a fun and educational game that tests your application security knowledge. The game consists of cards with questions ranging from easy to hard, all related to application security. Players can challenge themselves, or each other, to test their knowledge. You can improve your understanding of AppSec and have fun simultaneously. Bring your team or yourself and see where you rank on the leaderboard! Whether you're a beginner or an expert in application security, The Ultimate AppSec Trivia Challenge has something for everyone to learn.
Return to Index - Add to
- ics Calendar file
ICSV - Saturday - 16:00-16:30 PDT
Title: The Unlikely Romance: Critical Infrastructure Edition
When: Saturday, Aug 12, 16:00 - 16:30 PDT
Where: Caesars Forum - Alliance - 313-319 - ICS Village - Map
SpeakerBio:Casey Ellis
, Bugcrowd
Casey is the Chairperson, Founder, and Chief Technology Officer of Bugcrowd, as well as the co-founder of The disclose.io Project. He is a 20-year veteran of information security who spent his childhood inventing things and generally getting technology to do things it isn't supposed to do.
Casey pioneered the Crowdsourced Security as-a-Service model, launching the first bug bounty programs on the Bugcrowd platform in 2012, and co-founded the disclose.io vulnerability disclosure standardization project in 2014 prior to its launch in 2018.
Since then, he has personally advised the US Department of Defense and Department of Homeland Security/CISA, the Australian and UK intelligence communities, and various US House and Senate legislative cybersecurity initiatives, including preemptive cyberspace protection ahead of the 2020 Presidential Elections.
Casey, a native of Sydney, Australia, is based in the San Francisco Bay Area.
Description:No Description available
Return to Index - Add to
- ics Calendar file
MISC - Wednesday - 11:00-16:59 PDT
Title: The Unofficial DEF CON Shoot
When: Wednesday, Aug 9, 11:00 - 16:59 PDT
Where: Other/See Description
Description:
Where: Pro Gun Vegas
Address: 12801 US 95 South Boulder City, NV 89005
When: Before the con Wednesday Aug 9th, 11:00 - 17:00
https://deviating.net/firearms/defcon_shoot/
The Unofficial DEF CON Shoot is a public event that happens just prior to the DEF CON hacker conference in Las Vegas, Nevada. It is an opportunity to see and shoot some of the guns belonging to your friends while taking pride in showing and firing your own steel, as well, in a relaxed and welcoming atmosphere. We choose a spot, then we rent tables, canopies, and bring all the necessary safety equipment and amenities. All you need to bring yourself and (optionally) your firearms. New shooters and veterans both attend regularly. You can attend with your firearms, of course, but folk without guns of their own in Vegas may have the opportunity to try gear from others in attendance or to inquire with the ProGun range about whether rental firearms are available.
This is a 100% off-site event and a defcon badge is not required for entry.
Return to Index - Add to
- ics Calendar file
DL - Saturday - 10:00-11:55 PDT
Title: The Wifydra: Multiheaded RF Panopticon
When: Saturday, Aug 12, 10:00 - 11:55 PDT
Where: Caesars Forum - Society Boardroom - Demo Labs - Map
SpeakerBio:Lozaning
Lozaning (they/them) has been wardriving for over 10 years and enjoys designing, building, and assembling unorthodox network observation platforms such as: The Wifydra (presented here), The International Wigle Space Balloon, and turning an Amtrak roomette into a mobile radio observation lab. Currently ranked as the 84th best wardriver in the world on Wigle.net, Lozaning loves all things wifi and high precision GNSS related.
Lozaning loves wifi, radios, blinky lights, and fancy GPS receivers. They've been wardriving for over 20 years and are now ranked in the top 100 wardrivers in the world.
Description:
The Wifydra is open source hardware and software used to locate wireless access points for wardriving. The project is a continuation of the work done previously by Mike Spicer (@d4rkm4tter) and his WiFi Cactus and Kraken. It's designed to be a low power and low cost modular way of simultaneously monitoring all 2.4Ghz WiFi channels for AP beacons. By utilizing strictly off the shelf embedded components, the Wifydra is able to keep costs extremely low (~$90) and its footprint extremely small (250 square cm). More importantly, minimal power consumption is maintained, requiring only a USB C battery capable of putting out 10 watts. The Wifydra is modular in nature and supports a multitude of GNSS (Global Navigation Satellite System) options for location tagging. The ESP32-C5 for 5Ghz channel monitoring will also be supported once the hardware becomes available. The version of The Wifydra demoed consists of 14 ESP8266 called sub nodes, an additional ESP32 called the dom node, SD card holder, GNSS module, OLED screen, as well as the Wifydra carrier board that connects all these components. The firmware, BOM, and gerbers are all available in The Wifydra's Github repo: https://github.com/lozaning/The_Wifydra
Return to Index - Add to
- ics Calendar file
DL - Saturday - 14:00-15:55 PDT
Title: ThreatScraper: Automated Threat Intelligence Gathering and Analysis for VirusTotal
When: Saturday, Aug 12, 14:00 - 15:55 PDT
Where: Caesars Forum - Accord Boardroom - Demo Labs - Map
Speakers:Aaron "AJ" Morath,Scott Graham
SpeakerBio:Aaron "AJ" Morath
Captain Aaron "AJ" Morath, CEH/CompTIA Pentest+, is a graduate student at the Air Force Institute of Technology, where he is involved in researching malware identification and propagation. His thesis work concentrates on developing innovative strategies to combat evolving cybersecurity threats and enhance security measures. AJ has served as the Defensive Cyber Operator (DCO) Officer in Charge (OIC) of the NASIC DCO team for three years. He oversaw the security and defense of an enterprise network comprising over 6,000 connected devices.
SpeakerBio:Scott Graham
Dr. Scott Graham is a Professor of Computer Engineering at the Air Force Institute of Technology. His research interests center on cyber physical systems, looking at the intersection between real physical systems and the computers that control them. Specific areas of interest include cyber physical systems security, computer architecture, embedded computing, critical infrastructure protection, and vehicular cyber security.
Description:
VirusTotal serves as a popular platform for aggregating malware information submitted by Anti-Virus (AV) software providers, which can be searched using parameters such as hashes (SHA-1, SHA-256, MD5), file names, and malicious web links. In order to enhance and automate the process of malware intelligence gathering, we introduce ThreatScraper, a Python-based tool that automates free API queries and rescanning tasks on VirusTotal. ThreatScraper is designed to periodically request reports on specified files and save the results in a local database or Excel file. It allows users to pull and aggregate malicious file reports from multiple AV vendors over time, providing insights into the adoption of malware detection across providers. Easily implemented from any Windows command line, ThreatScraper can rescan a file, pull a report, and then sleep until the next designated time identified by the user.
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-17:59 PDT
Title: Tinfoil Hat Contest
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
Want to block those pesky 5G microchips coursing through your vaccinated body? Did you anger our new AI overlords, and need to hide? Or do those alien mind control rays just have you down lately? Fear not, for we here at the Tin Foil Hat contest have your back for all of these! Come find us in the contest area, and we'll have you build a tin foil hat which is guaranteed to provide top quality protection for your noggin. How you ask? SCIENCE!
Show us your skills by building a tin foil hat to shield your subversive thoughts, then test it out for effectiveness.
There are 2 categories: stock and unlimited. The hat in each category that causes the most signal attenuation will receive the "Substance" award for that category. We all know that hacker culture is all about looking good, though, so a single winner will be selected from each category for "Style".
Return to Index - Add to
- ics Calendar file
CON - Saturday - 12:00-14:59 PDT
Title: TOOOL Dozier Drill Lockpicking Challenge
When: Saturday, Aug 12, 12:00 - 14:59 PDT
Where: LINQ - 5th Floor / BLOQ - Lockpick Village - Map
Description:
Have you ever wanted to break out of handcuffs, pick open a closed bag and shoot your buddy in the chest with a nerf gun? So have we, that's why TOOOL presents the Dozer Drill. A fast paced skill based game where you have to free yourself from handcuffs, open a closed bag, and retrieve the nerf gun to be the first to hit the target. Join us Friday for qualifier games, and on Saturday for an official bracket tournament.
**Important Note**
In order to participate in the official bracket tournament on Saturday, you must win a round (against anyone), observed by a village staff member, on Friday. See village staff for details.
Return to Index - Add to
- ics Calendar file
LPV - Saturday - 16:45-17:45 PDT
Title: Totally Tubular: An Impromptu Talk About Tubular Locks and Keys
When: Saturday, Aug 12, 16:45 - 17:45 PDT
Where: LINQ - 5th Floor / BLOQ - Lockpick Village - Map
SpeakerBio:Deviant Ollam
No BIO available
Description:
Tubular locks (also known colloquially as "barrel key" locks or by the O.G. name "ACE" lock or "Chicago" lock) have been around for ages and are mostly considered obsolescent at this point... but how many of you can reliably pick them and produce keys for them?
This talk will attempt to demystify some of the oddities surrounding tubular systems and reveal the tools and hardware that you can use to side-step many hassles regarding tubular locks if you encounter them in the field.
Return to Index - Add to
- ics Calendar file
CON - Saturday - 15:30-16:29 PDT
Title: Trace Labs OSINT Search Party CTF - Announce CTF Grand Prize Winners
When: Saturday, Aug 12, 15:30 - 16:29 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
The Trace Labs Search Party CTF is a non theoretical, gamified effort that allows for the crowdsourcing of contestants to perform a single task: Conduct open source intelligence operations to help find missing persons.
You can have teams of 1-4 people, 4 person teams provide many benefits which include the coaching of more junior members. Often a great learning opportunity if you are able to pair up with OSINT veterans. Get your team together and join us in our [Discord group](https://tracelabs.org/discord) to get started.
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:30-14:30 PDT
Title: Trace Labs OSINT Search Party CTF - CTF Platform Open for Submissions
When: Saturday, Aug 12, 10:30 - 14:30 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
The Trace Labs Search Party CTF is a non theoretical, gamified effort that allows for the crowdsourcing of contestants to perform a single task: Conduct open source intelligence operations to help find missing persons.
You can have teams of 1-4 people, 4 person teams provide many benefits which include the coaching of more junior members. Often a great learning opportunity if you are able to pair up with OSINT veterans. Get your team together and join us in our [Discord group](https://tracelabs.org/discord) to get started.
Return to Index - Add to
- ics Calendar file
SOC - Saturday - 21:00-00:59 PDT
Title: University of Advancing Technology, Pub Crawl
When: Saturday, Aug 12, 21:00 - 00:59 PDT
Where: Caesars Forum - Forum - 115-116 - Map
Description:
University of Advancing Technology will be hosting a pub in the DEF CON pub crawl. Grab a cocktail and meet the UAT staff!
Return to Index - Add to
- ics Calendar file
DC - Saturday - 10:30-11:15 PDT
Title: Unlocking Doors from Half a Continent Away
When: Saturday, Aug 12, 10:30 - 11:15 PDT
Where: Caesars Forum - Forum - 130-134 - Track 3 - Map
Speakers:Sam Haskins,Trevor "t1v0" Stevado
SpeakerBio:Sam Haskins
, Hacker at Loudmouth Security
Sam Haskins is an honors student at Carleton University, in Ottawa ON, and hacker at Loudmouth Security. Sam is a security researcher in their spare time with several CVEs to their name, with a keen interest in cryptography and RFID hacking.
SpeakerBio:Trevor "t1v0" Stevado
, Founding Partner/Hacker at Loudmouth Security
Trevor Stevado is a security researcher and the founder of Loudmouth Security, with over 15 years of experience in the industry. In 2018, Trevor won a Black Badge in the IoT CTF at DEF CON 26, and since then he has been a regular contributor to IoT Village and is now one of the founders of the new Embedded Systems Village, where he continues to push the boundaries of embedded security research.
Description:
Contactless credentials have become increasingly popular for secure authentication and access control systems due to their convenience and efficiency. In this talk, we will discuss a specific weakness in the ISO 14443A protocol that enables replay attacks over moderate latency connections, leading to the potential for long-range relay attacks.
During the presentation, we will delve into the history of contactless credential attacks, how manufacturers have adapted, and discuss why we focused on a relay attack. We will provide an overview of the ISO 14443A protocol and explain how the relay attack is executed and the ‘features’ of the underlying protocol that make it possible. Finally, we will demonstrate and release a new tool to make this relay attack feasible with the Proxmark, as we attempt to unlock a door in Ottawa, ON with a card on-stage in Vegas.
In addition, we will discuss the response from HID Global following our responsible disclosure against their SEOS readers and suggest mitigations to prevent these attacks on your access control systems.
Return to Index - Add to
- ics Calendar file
RCV - Saturday - 15:10-15:55 PDT
Title: Unlocking the Power of OWASP Amass: Introducing the Open Asset Model for Comprehensive Attack Surface Mapping
When: Saturday, Aug 12, 15:10 - 15:55 PDT
Where: LINQ - 3rd flr - Social B and C - Recon Village - Map
SpeakerBio:Jeff Foley
No BIO available
Twitter: @jeff_foley
Description:No Description available
Return to Index - Add to
- ics Calendar file
ASV - Saturday - 10:00-17:59 PDT
Title: Unmanned Aerial Systems – Platform Security
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
Description:
Discover the exciting world of cybersecurity and unmanned aerial systems (UAS)! Learn how to safeguard UAS from all angles with a comprehensive platform security perspective.
Engage in some fun and challenging CTF adventures where you can put your skills to the test. See firsthand how your actions affect our UAS demonstrator. The UAS demonstrator contains all the sensors from our Mobile Optical Ultrasonic Sensor Explorer, or MOUSE for short. The MOUSE represents a small Unmanned Aircraft System (sUAS) comprising a pan/tilt object recognition camera, navigation camera, temperature & humidity sensor, ultrasonic sensor, and drive system powering four motors.
You won't need to worry about any complicated registration process; all you need is your personal laptop to join in the excitement. Earn enough points in the challenge, and you could be the proud owner of a CT Cubed SAO, a special prize while supplies last. Get ready to embark on this fascinating journey and prove your cybersecurity prowess!
Return to Index - Add to
- ics Calendar file
BICV - Saturday - 15:00-15:50 PDT
Title: Unveiling My Journey to My First CVE: A Tale of Discovery and Achievement
When: Saturday, Aug 12, 15:00 - 15:50 PDT
Where: Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village - Map
SpeakerBio:Gaspard Baye
Gaspard Baye, a doctoral student and research assistant at the University of Massachusetts Dartmouth Cybersecurity Center, is a prominent figure in cybersecurity with expertise in vulnerability identification and security. With certifications like OSCP and CEH, Gaspard's leadership as an OWASP AppSec Global Reviewer and experience securing software applications and fintech/banking infrastructures highlights their capabilities. He also actively contribute to FOSS projects and advocate for cybersecurity awareness, training professionals globally and driving innovation in the industry.
Description:
In this captivating talk, I will share my personal journey of obtaining my first CVE (Common Vulnerabilities and Exposures) identification. I will take you through the thrilling experience of finding a security vulnerability, navigating the responsible disclosure process, and the ultimate achievement of receiving a CVE identifier.
During my talk, I will discuss the challenges I faced during my research, highlighting the technical skills and methodologies I employed to identify the vulnerability. I will delve into the intricacies of responsible disclosure, including engaging with vendors, coordinating patches, and collaborating with the security community.
Furthermore, I will reflect on the significance of receiving a CVE and how it has impacted my career and professional development. By attending my talk, you will gain insights into the rewards and growth opportunities that come with contributing to the cybersecurity community.
Join me for an inspiring journey as I share my experiences, provide valuable insights into obtaining a CVE, and showcase the personal and professional achievements it can bring.
Return to Index - Add to
- ics Calendar file
VMV - Saturday - 12:20-12:50 PDT
Title: US private elections: the easy way in for foreign adversaries.
When: Saturday, Aug 12, 12:20 - 12:50 PDT
Where: Caesars Forum - Academy - 415-418 - Voting Village - Map
SpeakerBio:Scheme
No BIO available
Description:
In 2010, the FBI arrested a group of 10 Russian spies that were posing as Americans to gather intelligence. They spent decades building legitimacy in the US all towards the goal of getting jobs at big banks, consulting firms and tech companies.
These Russian spies didn’t know it back then, but there was a shortcut to influential positions in US society: becoming an elected official of a private organization.
Private elections are elections for leadership positions of organizations like unions, NGOs, universities, boards, pension funds, etc.
For a foreign adversary, private elections are a goldmine of powerful positions at the state and national level. Unlike civil elections, these elections have no paper trail, often little oversight and minimal technical safeguards against vote tampering.
And as we'll see in this talk: they're highly hackable.
Return to Index - Add to
- ics Calendar file
DL - Saturday - 10:00-11:55 PDT
Title: USBvalve - Expose USB activity on the fly
When: Saturday, Aug 12, 10:00 - 11:55 PDT
Where: Caesars Forum - Unity Boardroom - Demo Labs - Map
SpeakerBio:Cesare Pizzi
Cesare Pizzi is a Security Researcher, Analyst, and Technology Enthusiast at Sorint.lab. He develops software and hardware, and tries to share this with the community. Mainly focused on low level programming, he developed a lot of OpenSource software, sometimes hardware related and sometimes not. Doing a lot of reverse engineering too. He likes to share his job when possible (at Defcon, Insomni'hack, Nullcon. etc). Contributor of several OS Security project (Volatility, OpenCanary, PersistenceSniper, Speakeasy, CETUS, etc) and CTF player.
Description:
USB spreading malware is still a concern today. Over the past few months, we have witnessed an increase in malicious software exploiting USB drives to bypass security measures, even in air-gapped systems. Whenever we connect our USB drive to an "untrusted" system, numerous doubts arise: what happens behind the scenes? Is something accessing, modifying, or encrypting our files? This is where USBvalve comes in. It is an affordable dongle, built using readily available hardware, designed to reveal the true activities occurring when a USB drive is connected to a system. It can also be used to check for "BADUSB" (HID) on USB keys before inserting them into our own systems. The best part is that it's as compact as a keychain, making it convenient to carry with us at all times!
Return to Index - Add to
- ics Calendar file
HRV - Saturday - 13:00-13:59 PDT
Title: Using an SBC for ham radio digital modes that isn't a raspberry pi
When: Saturday, Aug 12, 13:00 - 13:59 PDT
Where: Flamingo - Virginia City - Ham Radio Village - Map
SpeakerBio:Jon Marler
No BIO available
Description:
Amateur radio operator Jon Marler, callsign K4CHN, presents a discussion about how to use an SBC for ham radio digital modes in a world without the raspberry pi. There are hundreds of other options now, but which of those meet these requirements: Easy to obtain, cheap, runs Linux, and can run popular ham radio digital mode software. Jon will present his findings and show you how to build out an SBC that can get you on the air, without having to beg, borrow, or steal a raspberry pi.
Return to Index - Add to
- ics Calendar file
CHV - Saturday - 10:00-10:25 PDT
Title: VDA Shenanigans: Attacking & Defending the Truck Part that Gets Left Behind
When: Saturday, Aug 12, 10:00 - 10:25 PDT
Where: Caesars Forum - Summit - 233 - Shared Stage - Map
Speakers:Alex Reuter,Wyatt Ford
SpeakerBio:Alex Reuter
, Red Balloon Security
Alex Reuter is a security researcher at Red Balloon Security. When he isn't hacking low level
devices, you can probably find him outside: rock climbing, surfing, hiking, or scheming scenic
shenanigans.
SpeakerBio:Wyatt Ford
, Red Balloon Security
Wyatt Ford is a senior software engineer and engineering manager at Red Balloon Security and
a core maintainer of OFRAK.
Description:
Vehicle Diagnostic Adapters (VDA) do a lot! They plug into automobiles, update ECU firmware,
and pull diagnostic information. Despite their usefulness and high level of access, they get left
behind: in maintenance garages with insecure update mechanisms, in threat models and our
hearts. In this presentation we will go through some of our own offensive research into VDAs,
and our efforts in decreasing their attack surfaces. We'll also share how we turned this research
into four problems from the Defcon 30 CHV CTF.
Return to Index - Add to
- ics Calendar file
DL - Saturday - 10:00-11:55 PDT
Title: Veilid
When: Saturday, Aug 12, 10:00 - 11:55 PDT
Where: Caesars Forum - Committee Boardroom - Demo Labs - Map
Speakers:Deth Veggie,TC Johnson
SpeakerBio:Deth Veggie
The Deth Vegetable: cDc member since December 1990. Minister of Propaganda If everything is to be believed, he has alternately been a Special Forces Commando, Mexican wrestler, comicbook villain, bodyguard to Mr. T, designer drug manufacturer, electronics wizard, and used tire recycler.
SpeakerBio:TC Johnson
TC: Rubber Duck to the actual developer of Veilid. Here to get you started on the future we were promised -- communication free of a profit motive, free of corporate overlords, and free of other intrusive eyeballs.
Description:
Veilid is a new, distributed communication protocol developed by Cult of the Dead Cow's Dildog (of BO2K fame). This p2p, E2EE, distributed protocol is being released at Defcon 31, fully open source, and with an example app called Veilid Chat. These demos will cover setting up an identity, connecting to others, deploying heavy nodes to support the network, and contributing to the project.
Return to Index - Add to
- ics Calendar file
CON - Saturday - 10:00-17:59 PDT
Title: venator aurum - A Treasure Hunt
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - Contest Area - Map
Description:
Through interfacing with reality you are defining that reality. Rethink your senses and test your limits. Solve the five layers and discover a hidden treasure. Each layer yields its own reward, but few will make it to the end of the hunt. For each of your senses, you will need to set aside preconceptions and look to the underlying patterns within the data.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 10:00-17:59 PDT
Title: Vendor Area Open
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Alliance - 305-306 - Vendors - Map
Description:
This is when you can go visit our awesome vendors.
We don't know whether they will be accepting cash or cards. That's up to each vendor, and we do not have a list.
We also don't know if/when vendors will sell out of anything they may be selling.
Return to Index - Add to
- ics Calendar file
SOC - Saturday - 21:00-01:59 PDT
Title: VetCon
When: Saturday, Aug 12, 21:00 - 01:59 PDT
Where: Caesars Forum - Forum - 109-110, 139 - Map
Description:
🔊 Attention all Veterans, Cyber Warriors, AI buffs, and Skynet skeptics! VETCON is calling you to action! 📢
Join us on August 12, 2023, at Caesars Forum Rooms 105,136 in Las Vegas for a mission of a different kind. Transition into the cyber frontline, network with comrades-in-arms, and engage in some good old military humor that even a drill sergeant can't resist!
Navy, it's after you've mistaken the hotel pool for the high seas. Marines, we'll see you post-crayon snack but pre-attempting to conquer the casino. Air Force, try to fit us in between your gourmet meals and five-star luxuries. Army, no amount of camouflage can hide your poker face!
Coast Guard, be prepared to rescue any Navy personnel lost en route. And Space Force, we promise the gravity of the situation isn't too intense.
For our veterans and active-duty heroes looking to transition into cybersecurity, this is your chance to become the most unique people of the cyber world. For the general public, come meet the superstars ready to defend your cyberspace!
This mission is all fun, games, and camaraderie until someone loses at poker. So, gear up, report for duty, and let's show AI how the military does humor! 🤣🎖️
Return to Index - Add to
- ics Calendar file
DC - Saturday - 12:30-13:15 PDT
Title: Video-based Cryptanalysis: Extracting Secret Keys from Power LEDs of Various Non-compromised Devices Using a Video Camera
When: Saturday, Aug 12, 12:30 - 13:15 PDT
Where: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
Speakers:Ben Nassi,Ofek Vayner
SpeakerBio:Ben Nassi
, Postdoctoral Researcher at Cornell Tech
Dr. Ben Nassi is a postdoctoral researcher at Cornell Tech. He is interested in building robust systems and investigates the security and privacy of cyber-physical systems and hardware/devices in the topics of side-channel attacks and AI security using signal processing and machine learning techniques. His research has been presented at top academic conferences, published in journals and Magazines, and covered by international media. Ben has spoken at prestigious industrial conferences (Black Hat Asia and USA, RSAC USA, AI Week, CodeBlue, SecTor, and CyberTech) and he serves as a PC member in ACM CCS (22 and 23) and BlackHat Asia (22 and 23). His research entitled him to two nominations for the Pwnie Award.
Twitter: @ben_nassi
SpeakerBio:Ofek Vayner
, M.Sc. Student at Ben-Gurion University of the Negev
Ofek Vayner is an M.Sc student at Ben-Gurion University of the Negev and a security researcher at BGU's Cyber Security Research Center. He holds a B.Sc. degree from the Department of Electrical Engineering at Ben-Gurion University of the Negev. His primary research interests are side-channel attacks and cryptanalysis.
Description:
In this talk, we present video-based cryptanalysis, a new method to recover secret keys from a non-compromised device by analyzing video footage obtained from a device’s power LED. We show that cryptographic computations performed by the device’s CPU change the power consumption of the device which affects the brightness/color of the device’s power LED. The changes in the brightness can be detected at a sufficient sampling rate for cryptanalysis by obtaining video footage from a device’s power LED (by filling the frame with the LED) and exploiting the video camera’s rolling shutter, to increase the sampling rate by three orders of magnitude. The frames of the video footage are analyzed in the RGB space, and the RGB values are used to recover the secret key. We demonstrate the recovery of: (1) a 256- bit ECDSA key from a smartcard using video footage obtained from the power LED of the smartcard reader via a hijacked Internet-connected security camera located 16 meters away from the smartcard reader, and (2) a 378-bit SIKE key from a Samsung Galaxy S8 using video footage obtained from the power LED of Logitech Z120 USB speakers (that were connected to the same USB Hub of the Galaxy S8) via iPhone 12.
We discuss countermeasures, limitations, and the future of video-based cryptanalysis.
Return to Index - Add to
- ics Calendar file
BHV - Saturday - 00:00-00:59 PDT
Title: Virtual Hospital in Space
When: Saturday, Aug 12, 00:00 - 00:59 PDT
Where: Virtual
SpeakerBio:Aswin Reji
No BIO available
Description:
This talk is being pre-recorded and will be released on YouTube. Once it is available, a link to it will appear here.
Update 2023-08-11 06:30: Biohacking Village indicates that the pre-recorded talks have not yet been received. Once received, these talks will be posted to the [Biohacking Village YouTube Channel](https://www.youtube.com/@BiohackingVillage/about). Please note that this may be as late as a week or two after DC31.
Return to Index - Add to
- ics Calendar file
BHV - Saturday - 17:10-17:59 PDT
Title: Virtual Reality/Augmented Reality: What’s missing from the pie? When data privacy and security measures aren’t “baked” in from the beginning
When: Saturday, Aug 12, 17:10 - 17:59 PDT
Where: Flamingo - Laughlin I,II,III - Biohacking Village - Map
Speakers:LaTica Hammond,Lola Ajayi,Rian Phelps
SpeakerBio:LaTica Hammond
LaTica Hammond, MS, is a servant leader, 23-year Navy veteran and cybersecurity/space intelligence professional. She has worked in information and privacy protection advising DoD on innovative solutions to secure freedom of access and the secure flow of information within cyber and space domains.
SpeakerBio:Lola Ajayi
Lola Ajayi, MS, MBA, has over 15 years of policy and regulatory experience within the healthcare industry. Working in an industry where her colleagues did not look like her, she founded BaraLaj coaching, to empower women with the tools and skills to be fully in control of their careers.
SpeakerBio:Rian Phelps
Rian Phelps, MSC, is a passionate lifelong educator with over 10 years experience as an instructional designer and eLearning consultant. She is also a Navy veteran with degrees in psychology and neuroscience.
Description:
Virtual reality and augmented reality are technologies that are the next frontier in healthcare and providing patient care. These technologies were originally developed for recreational use, specifically for gaming and recreation, but have quickly shown utility in advancing the efficiency and accuracy of providing patient care. This now leads to a host of challenges related to data privacy and security, as privacy-by-design was not a designing principle for these technologies. These tenants however, are necessary as patient data include Protected Health Information and Personal Identifying Information (PHI/PII) that would be financially lucrative and useful to a hacker. So now that these data privacy and security principles were not “baked in” to technology originally, how does one go about ensuring maximum security after the fact? What can be done moving forward to ensure maximum flexibility for the use of technology with the appropriate data and privacy security measures “baked in”?
C.A.R.B. is a joint collaboration between the Black women founders of Creative Riot (Rian), Aurora (Jillian), Ray-Lynn Group (LaTica), and Baralaj (Lola).
Return to Index - Add to
- ics Calendar file
VMV - Saturday - 11:30-11:59 PDT
Title: VOTEC Corporation
When: Saturday, Aug 12, 11:30 - 11:59 PDT
Where: Caesars Forum - Academy - 415-418 - Voting Village - Map
SpeakerBio:John Medcalf
John Medcalf founded VOTEC Corporation (fka Proform Software) in 1979 and serves as the company's Chief Executive Officer. In addition to his executive duties, John provides design guidance for the company's accessible elections initiative. John's accomplishments in the election technology space include mini-computer and PC-based ballot counting solutions, PostScript ballot printing for punch card and optical scan ballots, and the creation of signature digitizing hardware and software. John is most pleased to have learned early on that customers wanted VOTEC staff to speak their language. Thus the many hires from elections offices.
Description:
Join the CEO of VOTEC Corporation, our special guest John Medcalf, for a first of its kind presentation where an actual technology systems provider is exposing their technology to public scrutiny at the Voting Village. This is happening for the first time ever at the Voting Village and will be an enriching experince for attendees. Mr. Medcalf will make himself available after the presentation for any questions and inquiries from the audience. We are so excited to have him and cannot wait to examine the systems he is bringing to DEF CON. Please join us for this exciting event.
Return to Index - Add to
- ics Calendar file
VMV - Saturday - 10:00-10:30 PDT
Title: Voting Village Opening Remarks
When: Saturday, Aug 12, 10:00 - 10:30 PDT
Where: Caesars Forum - Academy - 415-418 - Voting Village - Map
Speakers:Catherine Terranova,Harri Hursti,Matt Blaze
SpeakerBio:Catherine Terranova
Catherine Terranova is the Vice President of Operations at the Election Integrity Foundation, the 501(c)(3) organization founded by world renown ethical hacker Harri Hursti. She co-organized the Voting Village at DEFCON 29, DEFCON 30, and DEFCON 31. She is a Columbia University alumna and researcher whose current focus is on cyber security and election integrity with an emphasis on data and voting rights.
Twitter: @catlovesvoting
SpeakerBio:Harri Hursti
Harri Hursti, a world renowned data security expert and internet visionary is the Founder of the 501(c)(3) organization the Election Integrity Foundation as well as an original co-Founder of the Voting Village. Featured in two Emmy nominated documentaries, Mr. Hursti is famously known for the Hursti Hacks, where he demonstrated how to successfully alter final voting results on the Diebold Election Systems voting machines.
Twitter: @harrihursti
SpeakerBio:Matt Blaze
Matt Blaze is one of the original co-founders of the Voting Village and is currently the McDevitt Professor of Computer Science and Law at Georgetown University. He has over two decades of experience with election system security, and his current research focuses on security, privacy, and robustness in large scale systems with an emphasis on problems at the intersection of technology and public policy.
Twitter: @mattblaze
Description:
Two of the original co-founders of the Voting Village along with the current co-organizer will provide opening remarkers.
Return to Index - Add to
- ics Calendar file
PHV - Saturday - 09:00-17:59 PDT
Title: Wall of Sheep
When: Saturday, Aug 12, 09:00 - 17:59 PDT
Where: Caesars Forum - Academy - 411-414 - Packet Hacking Village - Map
Description:
We passively monitor the #DEFCON network looking for insecure network traffic. Drop by and see just how easy it can be! We strive to educate the “sheep” we catch: a friendly reminder that security matters.
Return to Index - Add to
- ics Calendar file
RFV - Saturday - 14:00-14:59 PDT
Title: Wardriving 102: Moving Beyond the Wigle App
When: Saturday, Aug 12, 14:00 - 14:59 PDT
Where: Flamingo - Eldorado - Radio Frequency Village - Map
SpeakerBio:bkobe
bkobe is a formally trained electrical engineer who focuses on all things analog/digital circuits to microcontroller/digital signal processors and software defined radios. Background in hardware printed circuit board design, software/firmware development, radios and repeaters (commercial site installation and maintenance), and recently radio mesh networks. Enjoys the camaraderie in this community with common passions, and the sharing of ideas and knowledge. Member of the Hard Hat Brigade.
Twitter: @@kobeski1906
Description:
A summary of wardriving beyond the wigle app (hardware rigs) will be discussed with the main example/inspiration documenting the process of the WigleBottleV2 build. Topics include (chronologically): a short history of wardriving and what it is, the sub-genre of hardware rig building (and introduction of design specs), the WigleBottleV2 design goal, and some “gotchas” (power/redundant power, single board computer selection (Pi4 in V1 to the Pi3B in V2 and why the downgrade), GPS receivers (tie in/link to wytshadow’s GPS talk), and general clock timing). In selecting the single board computer (which dictates power/redundant power options), a side story will be discussed on the heat produced, and what to think about for case design. The V1 bottle used a Pi4, however uses 1W more power than the Pi3B, also radiating more heat (not too good for a bottle build). For the GPS receivers, a few were experimented with, and yielded vast differences in wigle upload data. Also, a consequence of USB 3.0 on poorly shielded cables is increased electromagnetic interference right in the GPS band (show a short video clip using a common SDR, and what to look for when diagnosing). Lastly on specific topics, with using a Pi, go into the design of a real-time clock, along with some of the configuration of the pi software to keep timing in order (pulse per second and chronyc -- and the accuracy to UTC it brings). Conclusion will showcase the hardware design process from the WigleBottleV1 and what went wrong in last year’s WWWD (with screenshots of trilateration gone wrong), to the version 2 design. References will link to resources others can use (as well as the hardware printed circuit boards used for this project).
Return to Index - Add to
- ics Calendar file
PLV - Saturday - 16:00-17:50 PDT
Title: We're From the Government and We're Here to Help Secure Open Source Software
When: Saturday, Aug 12, 16:00 - 17:50 PDT
Where: Caesars Forum - Summit - 218-219 - Policy Rotunda - Map
Speakers:Anjana Rajan,Brian Behlendorf,Charlie Gladstone,Jack Cable
SpeakerBio:Anjana Rajan
, Assistant National Cyber Director for Technology Security at The White House
Anjana Rajan currently serves as the Assistant National Cyber Director for Technology Security at The White House. A renowned cryptographer, technology executive, and entrepreneur, Rajan has spent her career working at the nexus of national security and human rights. Prior to joining the White House, she was the first Chief Technology Officer of Polaris, the largest anti-human trafficking NGO in the United States. In this role, she architected Polaris’s web3 & human rights vision and built a proactive security strategy to defend the organization against foreign malign influence operations and violent extremist threats.
Previously, Anjana was a Tech Policy Fellow at the Aspen Institute, was a former Y Combinator founder, led open-source development of advanced cryptographic libraries, and worked at Palantir Technologies. She was a Knight Scholar at Cornell University’s Engineering School and received her bachelor’s and master’s degrees in Operations Research Engineering.
SpeakerBio:Brian Behlendorf
, Open Source Security Foundation
No BIO available
SpeakerBio:Charlie Gladstone
, UK Department for Science, Innovation, and Technology
Charlie Gladstone leads the UK Government’s work on app store security in the Department for Science, Technology and Innovation. He has worked in tech policy for over five years, where he has specialised in exploring the intersection between technology, society and regulation. Before working in Government, Charlie provided public policy consultancy services to the tech sector clients. He has developed policy on a range of issues including cyber security, digital regulation and artificial intelligence.
SpeakerBio:Jack Cable
, Senior Technical Advisor at Cybersecurity and Infrastructure Security Agency (CISA)
Jack Cable is a Senior Technical Advisor at the Cybersecurity and Infrastructure Security Agency (CISA). Prior to that, Jack worked as a TechCongress Fellow for the Senate Homeland Security and Governmental Affairs Committee, advising Chairman Gary Peters on cybersecurity policy, including election security and open source software security. He previously worked as a Security Architect at Krebs Stamos Group. Jack also served as an Election Security Technical Advisor at CISA, where he created Crossfeed, a pilot to scan election assets nationwide. Jack is a top bug bounty hacker, having identified over 350 vulnerabilities in hundreds of companies. After placing first in the Hack the Air Force bug bounty challenge, he began working at the Pentagon’s Defense Digital Service. Jack holds a bachelor’s degree in Computer Science from Stanford University and has published academic research on election security, ransomware, and cloud security.
Description:
Open source software is the backbone of the Internet. As a public good, open source software has enabled tremendous innovations -- and our government and companies alike have a role to play in sustaining it. In this fireside chat, White House Assistant National Cyber Director Anjana Rajan and CISA Senior Technical Advisor Jack Cable will present an overview of the US government's strategy on open source software security. The Federal government is the biggest user of open source software in the world, and we recognize that we must do our part in contributing back to the open source community. Priority areas for the U.S. government include advancing the adoption of memory-safe programming languages, reforming CVE, understanding software prevalence, and building a software developer workforce of the future by integrating security into computer science curricula. As part of this, we need your help in getting it right. How can the government best support OSS community efforts? What should the government NOT be doing? It's all on the table, and we look to work with you to ensure a secure, sustainable, and resilient OSS future.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 11:00-11:45 PDT
Title: Weaponizing Plain Text: ANSI Escape Sequences as a Forensic Nightmare
When: Saturday, Aug 12, 11:00 - 11:45 PDT
Where: Caesars Forum - Forum - 109-119, 138-139 - Track 2 - Map
SpeakerBio:STÖK
, Hacker / Creative at Truesec
Hacker/Creative STÖK is passionate about learning new things and sharing his curiosity with the world. For the last 3 decades, he has professionally hacked anything from computers/tech to marketing, fashion, communication, and the human mind. By delivering fast-paced, engaging onstage presentations and creating educational cybersecurity video content for the hacker community. His curiosity and "Good Vibes Only" mentality have reached and inspired millions of people around the world.
HACKERS GONNA HACK.
CREATORS GONNA CREATE.
GOOD VIBES ONLY.
Twitter: @stokfredrik
Description:
Logs are a vital component for maintaining application reliability, performance, and security. They serve as a source of information for developers, security teams, and other stakeholders to understand what has happened or gone wrong within an application. However, logs can also be used to compromise the security of an application by injecting malicious content.
In this presentation, we will explore how ANSI escape sequences can be used to inject, vandalize, and even weaponize log files of modern applications. We will revisit old terminal injection research and log tampering techniques from the 80-90s. Combine them with new features, to create chaos and mischief in the modern cloud cli’s, mobile, and feature-rich DevOps terminal emulators of today.
We will then provide solutions on how to avoid passing on malicious escape sequences into our log files. By doing so, we can ensure that we can trust the data inside our logs, making it safe for operators to use shells to audit files. Enabling responders to quickly and accurately investigate incidents without wasting time cleaning, or having to gather additional data, while reconstructing events.
Welcome to this "not so black and white," but rather quite colorful ANSI adventure, and learn how to cause, or prevent a forensic nightmare.
- REFERENCES
- There are multiple references to prior research featured and provided as a part of the storyline in the presentation.
Return to Index - Add to
- ics Calendar file
PLV - Saturday - 10:00-10:50 PDT
Title: What “Secure by Design” means for software breakers and builders
When: Saturday, Aug 12, 10:00 - 10:50 PDT
Where: Caesars Forum - Summit - 218-219 - Policy Rotunda - Map
Speakers:Cassie Crossley,Christopher Butera,Daniel Bardenstein
SpeakerBio:Cassie Crossley
, Vice President, Supply Chain Security at Cybersecurity & Product Security Office at Schneider Electric
Cassie Crossley, Vice President, Supply Chain Security in the global Cybersecurity & Product Security Office at Schneider Electric, is an experienced cybersecurity technology executive in Information Technology and Product Development. She has many years of business and technical leadership experience in supply chain security, cybersecurity, product/application security, software/firmware development, program management, and data privacy. Ms. Crossley has designed frameworks and operating models for end-to-end security in software development lifecycles, third party risk management, cybersecurity governance, and cybersecurity initiatives. She is a member of the CISA SBOM working groups and presents frequently on the topic of SBOMs and Supply Chain Security. Ms. Crossley has an M.B.A. from California State University, Fresno, and her Bachelor of Science degree in Technical and Professional Communication with a specialization in Computer Science.
SpeakerBio:Christopher Butera
, Cybersecurity and Infrastructure Security Agency (CISA)
Chris Butera is the Senior Technical Director for the Cybersecurity Division (CSD) of the Cybersecurity and Infrastructure Security Agency (CISA). In this role, Mr. Butera’s priorities are increasing CISA’s operational visibility, enhancing CISA’s analytical capabilities, envisioning new innovative cybersecurity services, and closing gaps between emerging technologies and CSD operations. Chris leads the Office of the Technical Director which also leads CISA’s Zero Trust efforts, prioritization of cyber R&D work, and leads strategic work in the Industrial Control Systems (ICS) and Operational Technology (OT) space.
SpeakerBio:Daniel Bardenstein
, Manifest
Daniel Bardenstein is the CTO and co-founder of Manifest, a venture-backed software supply chain company allowing enterprises with end-to-end SBOM management. Prior to founding Manifest, Daniel served as the Chief of Tech Strategy at CISA, where he drove technology modernization and OT/ICS strategy across the agency, and led the development of the Cybersecurity Performance Goals. At the Defense Digital Service, he led cybersecurity programs across the Department of Defense, including securing the COVID-19 vaccines and the Hack the Pentagon program. Before joining government, Daniel directed product teams at Exabeam and Palantir developing cybersecurity and data analysis platforms.
Daniel was also a Tech Policy Fellow as the Aspen Institute, and is the co-President Foresight Partners, a non-profit that provides free cybersecurity support to political campaigns. He holds several security certifications as well as a patent.
Description:
For years, the hacker community has fought to try to make technology more secure by exposing weaknesses in the software that underlies our entire society. And now, it seems the US government (USG) - and others around the world - are finally heeding the warnings from the hacker community.
In the past two years alone, USG has proposed policies that could shift the burden of security onto software developers, and defined guidance for ‘secure-by-design.’ These efforts, if implemented properly, could create a foundational shift in how software manufacturers build and secure software, and ultimately in the security of tech around the world.
In this technical policy talk, CISA’s #1 Cybersecurity Leader, Intel’s Global Cybersecurity Policy Lead, and an experienced security entrepreneur and former USG leader, dissect the buzzwords, policy documents, and implementation details of this wave of policy action, and what it means for software builders and hackers.
For the DEF CON / hacker community, this is an opportunity to hear – and inform – what may constitute ‘secure by design’ – from memory safety, to open-source security, vulnerability disclosure programs, and more – and how software suppliers are held accountable for insecure software.
Return to Index - Add to
- ics Calendar file
DCGVR - Saturday - 19:05-20:05 PDT
Title: What is a GRC Hacker anyway?
When: Saturday, Aug 12, 19:05 - 20:05 PDT
Where: Virtual
SpeakerBio:Allen Baranov
, CyberCX
Allen works as a GRC consultant and sometimes assessor for CyberCX. He was the founder of DCG11613 - a Def Con Group based in Melbourne, Australia. He calls himself the only GRC Hacker in the world.
Description:
I call myself the only AAA-rated GRC Hacker in the world and I think it is time to address what this really means. This talk will jump into what it really means to be a hacker, what the future will look like for hackers and where hacking fits into a field as plain and boring (not really!) as GRC. This is not a talk for GRC people but for all those that are keen to be hackers but also don't want to dive directly into offensive security.
Return to Index - Add to
- ics Calendar file
CLV - Saturday - 13:30-14:10 PDT
Title: What the Function: A Deep Dive into Azure Function App Security
When: Saturday, Aug 12, 13:30 - 14:10 PDT
Where: Flamingo - Mesquite - Cloud Village - Map
Speakers:Karl Fosaaen,Thomas Elling
SpeakerBio:Karl Fosaaen
, VP of Research at NetSPI
As a VP of Research, Karl is part of a team developing new services and product offerings at NetSPI. Karl previously oversaw the Cloud Penetration Testing service lines at NetSPI and is one of the founding members of NetSPI's Portland, OR team. Karl has a Bachelors of Computer Science from the University of Minnesota and has been in the security consulting industry for 15 years. Karl spends most of his research time focusing on Azure security and contributing to the NetSPI blog. As part of this research, Karl created the MicroBurst toolkit (https://github.com/NetSPI/Microburst) to house many of the PowerShell tools that he uses for testing Azure. In 2021, Karl co-authored the book "Penetration Testing Azure for Ethical Hackers" with David Okeyode.
Twitter: @kfosaaen
SpeakerBio:Thomas Elling
Thomas Elling is the Director of Cloud Pentesting and a security researcher at NetSPI. He specializes in web application and cloud security testing. He has advised multiple Fortune 500 companies in the technology sector. In his spare time, Thomas enjoys improving his coding skills, watching bad action movies, and hanging out with his dog, Chunks.
Description:
As organizations have evolved from the "Lift and Shift" cloud migration strategy to building "Cloud Native" applications, there has been a significant increase in the usage of Platform as a Service (PaaS) services in the cloud. The Azure Function App service is a commonly used resource in this space, as it provides simple and easy to deploy application hosting. While the serverless service offers a wide variety of convenient features, it also comes with its own security challenges.
We will be discussing how the service is utilized by Azure customers and some of the architecture design flaws that can lead to privilege escalation scenarios. Additionally, we will be covering a recently remediated privilege escalation issue that resulted in the Azure “Reader” RBAC role gaining code execution privileges in Function App containers.
We will also be releasing a tool that automates the exploitation of write access on a Function App's Storage Account. The tool will allow you to gain cleartext access to the Function App keys, and will generate Managed Identity tokens that can be used to pivot to the Function App’s identity. Finally, we will also include best practices and recommendations on how defenders can implement policy and configuration changes that help mitigate these issues.
Return to Index - Add to
- ics Calendar file
BICV - Saturday - 13:00-13:50 PDT
Title: Why don't we have Internet, Daddy?
When: Saturday, Aug 12, 13:00 - 13:50 PDT
Where: Caesars Forum - Alliance - 301-304 - Blacks in Cyber Village - Map
SpeakerBio:Jess Hoffman
Jessica Hoffman, CISSP, has almost 20 years of IT experience and 15 years in cybersecurity in both the public and private sectors. She has taught cybersecurity classes at Harrisburg University and Penn State and is a national speaker on cyber topics as well as diversity, equity, and inclusion in the workplace. Jessica is a graduate of Bloomsburg University of PA and currently serves as the Deputy Chief Information Security Officer (“CISO”) for the City of Philadelphia. She is also one of the founding members of the BIC Mentorship program and forever supporter of the BIC community!
Description:
Did you know that TODAY there are 150 neighborhoods in Philadelphia that DO NOT HAVE INTERNET ACCESS?!?!
Let's talk about why there is such a huge Digital divide between POC's and everyone else -- How historically blacks haven’t had access to the same technology that middle and upper class white families did.
Hence another reason to explain the generational wealth gap, technological restrictions in access, exposure, understanding, and the low percentage of representation in the industry. Let's talk about it!
Return to Index - Add to
- ics Calendar file
BTV - Saturday - 13:30-14:30 PDT
Title: Why OT Cybersecurity Engineers Drink So Much
When: Saturday, Aug 12, 13:30 - 14:30 PDT
Where: Flamingo - Sunset - Scenic - Blue Team Village - Project Obsidian: Kill Chain Track (0x42) - Map
SpeakerBio:ThatDeadGuy
After thirteen years as a controls engineer within the Automotive Manufacturing and Oil & Gas Exploration Manufacturing industries, ThatDeadGuy was converted over to cyber security. His experience on the design and implementation of the equipment gave him a perspective into the OT realm that was not shared with most of the security team. Over the last five years he has built up cyber security architectures, implemented detection tools and created the IR processes for multiple critical infrastructure process environments.
Description:
.
A brief view into the odd world of Operational Technology (OT) and why so many OT Security Engineers drink like they hate themselves. This will cover the realities of their tech stack, business risk considerations, control systems recovery and how incident response is conducted within the environment. We will briefly cover how this environment was emulated for the Project Obsidian attack chain and how it differs from the physical environments.
Return to Index - Add to
- ics Calendar file
PHV - Saturday - 15:00-15:50 PDT
Title: WINE Pairing with Malware
When: Saturday, Aug 12, 15:00 - 15:50 PDT
Where: Caesars Forum - Summit - 233 - Shared Stage - Map
SpeakerBio:Jared Stroud
Jared Stroud is a Lead Security Engineer at The MITRE Corporation tackling problems related to Container and Kubernetes security. Jared also contributes to ATT&CK via Adversary Emulation for Linux threats.
Description:
The growing popularity of playing AAA Windows video games on Linux has increased the compatibility of tools such as WINE and Proton. These same platforms that enable the latest games to run also can be used to execute the latest Malware. This talk will walk through configuring an environment to rapidly collect IoCs from unknown samples without having to use expensive sandboxes. Learn how to leverage your favorite UNIX tools to awk, grep, and pipe your way to extracting valuable forensic evidence without submitting your samples to $VENDOR. More on the offensive side? Come see how to shorten the feedback loop from idea generation, to testing and finally deployment!
Return to Index - Add to
- ics Calendar file
ASV - Saturday - 15:30-16:20 PDT
Title: Wingin' It - Pentesting a 737
When: Saturday, Aug 12, 15:30 - 16:20 PDT
Where: Caesars Forum - Summit - 208-214 - Aerospace Village - Map
SpeakerBio:Alexander Dodd
No BIO available
Description:
In January 2023, Attack Research was invited to perform an on-wing penetration test of a Boeing 737NG that was being decommissioned. Come, listen, and be taken on a journey through this little-explored realm of aviation security. Discover some of our secrets from the decades of combined experience working on in-flight entertainment systems and various aircraft as well as the reasons why airlines and OEMs are urged to open their minds to external expertise and embrace the insights presented.
Return to Index - Add to
- ics Calendar file
SOC - Saturday - 14:00-15:59 PDT
Title: WISP Chill Out Space with Refreshments
When: Saturday, Aug 12, 14:00 - 15:59 PDT
Where: Caesars Forum - Summit - 217 - WISP - Map
Description:
Come relax with us in a quiet space! Grab a non-alcoholic drink and check out this year’s WISP swag.
Return to Index - Add to
- ics Calendar file
SOC - Saturday - 16:00-17:59 PDT
Title: WISP Peer-to-Peer Mentoring and Networking
When: Saturday, Aug 12, 16:00 - 17:59 PDT
Where: Caesars Forum - Summit - 217 - WISP - Map
Description:
Join us at DEF CON to mingle and network with privacy and security professionals. Also, consider becoming part of the WISP Tandems Mentoring program. It's our peer-to-peer mentorship program, which connects you with a partner who has a different background, expertise, and a different network. Why? We believe that you bring unique value to your women peers, no matter which career stage you're at. Knowledge is fluent, and leadership manifests at every career level. You can find your Tandem partner right here and sign up to be matched in our next round of the program!
Return to Index - Add to
- ics Calendar file
ICSV - Saturday - 11:00-11:30 PDT
Title: Wrenches, Widgets, and Walkdowns: Unraveling the Tangle of Digital Assets in Industrial Control Systems
When: Saturday, Aug 12, 11:00 - 11:30 PDT
Where: Caesars Forum - Alliance - 313-319 - ICS Village - Map
SpeakerBio:Tony Turner
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
XRV - Saturday - 13:00-13:59 PDT
Title: XR implications on Mobile Security
When: Saturday, Aug 12, 13:00 - 13:59 PDT
Where: Caesars Forum - Summit - 233 - Shared Stage - Map
SpeakerBio:Whitney Phillips
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
XRV - Saturday - 10:00-17:59 PDT
Title: XR Village Playground
When: Saturday, Aug 12, 10:00 - 17:59 PDT
Where: Caesars Forum - Summit - 206 - XR Village - Map
Description:
Explore emerging technology, hardware and experiences in the XR Village Playground. Meet and learn from technologists, futurists, and artists in the XR (VR / AR) space. Sponsored by BadVR and in collaboration with ICS Village, Red Team Village, Adversary Village and Policy Village.
Return to Index - Add to
- ics Calendar file
MUS - Saturday - 21:00-01:59 PDT
Title: Yarrrrgh Pirate Night - Music Set / Entertainment (Saturday, SYN Stage)
When: Saturday, Aug 12, 21:00 - 01:59 PDT
Where: Caesars Forum - Forum - 121-123, 129, 137 - Chillout - Map
Speakers:FuzzyNop,Miss Jackalope,Ninjula,O'Craven Pirate Band,Skittish & Bus
SpeakerBio:FuzzyNop
No BIO available
SpeakerBio:Miss Jackalope
No BIO available
SpeakerBio:Ninjula
No BIO available
Twitter: @countninjula
SpeakerBio:O'Craven Pirate Band
No BIO available
SpeakerBio:Skittish & Bus
No BIO available
Description:
Join us Saturday night (Aug 12) at the SYN Stage in Caesars Forum for "Yarrrrgh Pirate Night", which is our answer to last year's Night of the Ninjas.
At 23:00, we feature the pirate rock band O'Craven.
Contest - Win the cost of a DEF CON Badge - $440!
It's your turn to participate! We seek the best dressed as a pirate! Dust off your costume or make a new one -- just show up -- it's supposed to be fun! The winner will receive a cash prize equal to the cost of the DEF CON 31 badge. The pirate band will judge the costumes and help choose a winner. Contest on the stage immediately following O'Craven at 00:00.
Featuring performances by:
- 21:00 – 22:00 – FuzzyNop
- 22:00 – 23:00 – Skittish & Bus
- 23:00 – 00:15 – O’Craven Pirate Band
- 00:00 - 00:15 – Costume Contest
- 00:15 – 01:00 – Miss Jackalope
- 01:00 – 02:00 – Ninjula
Content from this stage will be streamed to https://www.twitch.tv/defconorg_entertainment
Return to Index - Add to
- ics Calendar file
AIV - Saturday - 15:00-15:25 PDT
Title: you sound confused, anyways - thanks for the jewels.
When: Saturday, Aug 12, 15:00 - 15:25 PDT
Where: Caesars Forum - Academy - 401-406 - AI Village - Map
SpeakerBio:Adrian "threlfall" Wood
, Dropbox
Adrian Wood, aka threlfall, discovered a love for hacking from cracking and modding video games and from the encouragement of online friends. He has worked as a red team consultant for WHITEHACK, a company he founded, and later as a lead engineer for an offensive research team at a US bank, where he was very interested in appsec, container security, CI/CD security and also founded their bug bounty program. He currently works for Dropbox, working on their red team. In his free time, he enjoys playing saxophone, working on vintage cars, and fly-fishing.
Description:
A case study in using Huggingface and machine learning models for supply chain style attacks in red team operations. Machine learning models execute by necessity within a businesses most sensitive environment with high level access to crown jewels, making it a perfect target. Learn the ways in which these attacks can be performed, how to avoid detection and what you can expect to find or do with your newfound ML environment access as a red teamer.
Return to Index - Add to
- ics Calendar file
DC - Saturday - 16:30-16:50 PDT
Title: Your Clocks Have Ears — Timing-Based Browser-Based Local Network Port Scanner
When: Saturday, Aug 12, 16:30 - 16:50 PDT
Where: Caesars Forum - Forum - 105,135,136 - Track 1 - Map
SpeakerBio:Dongsung “Donny” Kim
, IT-Security Expert at Security Office part of Truesec
Dongsung (Donny) Kim is an IT-Security expert at Security Office part of Truesec. Their software interests vary widely from frontend to DevSecOps, with research interests spanning from reverse engineering to web security. Equipped with both professional and academic experience, they want to reconcile two seemingly opposite ideas: understanding user-facing software problems without compromising security.
Bluesky: @kidi.ng
Discord: kiding
Twitter: @@kid1ng
Description:
What can a website do? So many things these days. But, have you ever considered that it can port scan your LAN? It will fingerprint you with pinpoint precision and uncover hidden internal devices. Surely, a browser wouldn't allow that?
With this presentation, I will introduce a short primer on timing-based, browser-based port scanning using Fetch. Based on this primer, I will discuss three techniques that can scan open ports on the localhost, a NAT router’s presence on the LAN, and open ports of the clients on the LAN. A demo of the proof of concept exploit will be provided, with closing remarks on possible mitigation strategies.
- REFERENCES
[1] https://blog.nem.ec/2020/05/24/ebay-port-scanning/
[2] https://www.bleepingcomputer.com/news/security/list-of-well-known-web-sites-that-port-scan-their-visitors/
[3] https://www.crunchbase.com/organization/threatmetrix
[4] https://coveryourtracks.eff.org/learn
[5] https://web.archive.org/web/20060813034434/http://www.spidynamics.com/assets/documents/JSportscan.pdf
[6] https://github.com/Flu1dTeam/PortScanner
[7] https://medium.com/tenable-techblog/using-webrtc-ice-servers-for-port-scanning-in-chrome-ce17b19dd474
[8] https://www.incolumitas.com/2021/01/10/browser-based-port-scanning/
[9] https://docs.google.com/document/d/1a8sUFQsbN5uve7ziW61ATkrFr3o9A-Tiyw8ig6T3puA/edit
[10] https://developer.chrome.com/articles/cors-rfc1918-feedback/
[11] https://wicg.github.io/local-network-access/
Return to Index - Add to
- ics Calendar file
ICSV - Saturday - 15:00-15:30 PDT
Title: Your Ship is Leaking... How Social Media Plays a Role in the Uncovering of Critical Maritime Systems
When: Saturday, Aug 12, 15:00 - 15:30 PDT
Where: Caesars Forum - Alliance - 313-319 - ICS Village - Map
SpeakerBio:Rae Baker
No BIO available
Description:No Description available
Return to Index - Add to
- ics Calendar file
SEV - Saturday - 09:30-09:59 PDT
Title: Your Swag is My Swag: Pwning Fortune 500 Companies with Vistaprint
When: Saturday, Aug 12, 09:30 - 09:59 PDT
Where: LINQ - 3rd flr - Social A - Social Engineering Community - Map
Speakers:Daniel "Jcache" Goga,Langston "Shock" Clement
SpeakerBio:Daniel "Jcache" Goga
, Security Consultant at Core BTS
Dan Goga serves as a Security Consultant with Core BTS focused on conducting penetration testing and vulnerability assessments. Dan Goga has eight years of information security experience in the public, private, and academic sectors. Dan has extensive knowledge and experience with RFID hacking, phishing techniques, social engineering techniques, and penetration testing.
Twitter: @_BadCharacters
SpeakerBio:Langston "Shock" Clement
, Lead for Red Team operations and Penetration Testing engagements at Core BTS
Langston grew up reading stories about the 90’s hacker escapades, and after years of observing the scene, he jumped into the cybersecurity field and never looked back. He is the current lead for Red Team operations and Penetration Testing engagements at Core BTS. With over fifteen (15) years of public and private sector experience in cybersecurity and ethical hacking, he aims to provide organizations with valuable and actionable information to help improve their security posture. Langston’s specializations focus on modern-day social engineering techniques, wireless and RFID attacks, vulnerability analysis, as well as physical and cloud penetration testing.
Twitter: @sh0ckSec
Description:
Socially engineering a target organization with a hard hat and safety vest never gets old, but there are more ways to the server room. Take your physical penetration test to the next level, swagged out in the latest company-branded quarter zip sweatshirt. In this presentation, Langston and Dan will share their adventures hiding in plain sight while pwning Fortune 500 companies with official apparel and replica merchandise. They will explain their OSINT methodology for identifying 3rd party branding sites and tips for creating authentic-looking, made-to-order gear for any occasion. After learning these new techniques, you’ll be so convincing that you might even get invited to your target client’s next BBQ!
Return to Index - Add to
- ics Calendar file