Talk/Event Schedule

Sunday

Sunday - 05:00 PDT

Sunday - 06:00 PDT

Sunday - 07:00 PDT

Sunday - 08:00 PDT

Sunday - 09:00 PDT

Sunday - 10:00 PDT

Sunday - 11:00 PDT

Sunday - 12:00 PDT

Sunday - 13:00 PDT

Sunday - 14:00 PDT

Sunday - 15:00 PDT

Sunday - 16:00 PDT

Sunday - 17:00 PDT

Talk/Event Descriptions

CON - Sunday - 10:00-11:59 PDT

In-Person Contest Friday and Saturday: 10:00-18:00; Sunday: 10:00-12:00

The Return of ? Cube

? Cube returns, weaving a tale that transcends the ordinary. This year, engagement is not just a theme—it's a journey through the multidimensional realms of hacking. Progressive Puzzles: Unlock the secrets of each compartment as you journey through progressively harder puzzles. From the Front's gentle introduction to the Top's formidable challenges, the Cube invites you to engage with the spectrum of cybersecurity domains. Physical Entry Unleashed: In a bold evolution, physical entry becomes a key component. Navigate the tangible aspects of physical entry, decoding not only in the digital realm but also as you immerse yourself physically in the enigmatic sides of ? Cube. Cryptic Narratives: As each compartment unfolds, the narrative of engagement takes shape. The puzzles, touching on encryption, penetration testing, and beyond. Silent Intricacies: Engage not only with the puzzles but also with the silent intricacies woven into the physical challenges. Decrypt messages, decipher patterns, and embrace the essence of Defcon as you navigate the unseen and the tangible. Embark on the Engage Journey: ? Cube calls upon the curious and the bold. Embark on a journey where the puzzles transcend the digital divide, demanding both mental acuity and physical prowess. H4QEG5LCMUQEAICEMVTGG33OEAZTEICSMVQWI6JAORXSAZLOM5QWOZJ7

DC - Sunday - 11:00-11:45 PDT

LDAP is no stranger to the security spotlight. While LDAP is a protocol (Lightweight Directory Access Protocol) and Active Directory is the most popular directory services system that supports a subset of LDAP, the terms “LDAP” and “AD” are tightly coupled when discussing the execution, detection and prevention of attacks targeting directory services data.

In the last decade the widespread offensive value of querying AD data via LDAP was cemented with the release of open-source tools such as BloodHound and PingCastle. However, proper visibility of LDAP queries mostly remains a privileged asset for those organizations with deep pockets, and the commercial security tools providing this visibility are often woefully fixated on simple signature-based detections.

MaLDAPtive is the 2,000-hour (and counting) quest of offensive and defensive LDAP exploration and tool-building. This research includes mind-bending depths of obfuscation across all elements of LDAP queries (many undocumented and most never seen in the wild), all baked into an obfuscation/de-obfuscation/detection framework built upon our ground-up custom LDAP search filter tokenizer and syntax tree parser.

Come witness the release of our MaLDAPtive research and open-source framework: transforming LDAP from “lightweight” to “heavyweight.”

• General LDAP information:

  • link
  • link

• LDAP-Related RFCs:

  • link
  • link
  • link

• Official Documentation for Active Directory LDAP Attributes: link

• Blogs Highlighting Offensive LDAP Usage:

  • link
  • link
  • link
  • link

• Open-Source Tooling Using LDAP:

  • link
  • link
  • link
  • link

Daniel Bohannon is a Principal Threat Researcher on Permiso Security's P0 Labs team with over 14 years of information security experience, including incident response consulting at MANDIANT, security research at FireEye and threat hunting at Microsoft.

He is the author of the Invoke-Obfuscation, Invoke-CradleCrafter and Invoke-DOSfuscation open-source obfuscation frameworks and co-author of Revoke-Obfuscation and Cloud Console Cartographer.

Mr. Bohannon received a Master of Science in Information Security from the Georgia Institute of Technology (2013) and a Bachelor of Science in Computer Science from The University of Georgia (2010).

Sabajete Elezaj is a Senior Cyber Security Engineer at Solaris SE with a background in cybersecurity extending over 6 years. Her expertise spans incident response, threat hunting and blue team operations. Her work focuses on enhancing cyber defense strategies.

Mrs. Elezaj holds a Master of Science in Information Security from the University of Tirana. She has also shared her expertise at cybersecurity conferences, including BSides Tirana.

ESV - Sunday - 10:00-12:59 PDT

This series of self-guided labs will introduce even the most novice hacker to the world of embedded device firmware and software exploitation. First-come first-served, don't miss a chance try out these labs and get started with embedded device hacking.

ESV - Sunday - 10:00-12:59 PDT

If you've never popped open an embedded device and tried to get a simple shell, this is the lab for you. This is a first-come first-served workshop where you can walk through the step by step instructions to finding and connecting to a debug interface on an embedded device.

BHV - Sunday - 12:00-12:30 PDT

The future of healthcare is precise, personalized, and involves point of care with a wide variety of applications. Each application has its own unique set of challenges that change based on risk and the stakeholders’ perspective. Foreseeing these challenges, in 2021 FDA issued the discussion paper 3D Printing Medical Devices at the Point of Care to expound upon pertinent challenges and request stakeholder feedback. Within this paper, the concept of the 3D Printing medical device production system (MDPS) as a medical device was presented. In this session, we will investigate the concept of the MDPS from the perspective of different stakeholders, the necessity of AI to make this in-hospital MDPS POC solution a reality, and the unique relationship the MDM and HDO must have to support the MDPS.

Lacey is an AI enabler for healthcare. Lacey has been published on standards and guidances around AI and 3D printing at the point of care and is a globally recognized speaker. She is a strategic committee member and leader within the AI-Global Health Initiative (AI-GHI).

CON - Sunday - 10:00-11:59 PDT

AND!XOR creates electronic badges filled with hacker challenges. We love doing this, especially coming up with unique ways for hackers to earn them. Introducing the newest member of our hacker-fam: 5N4CK3Y (Snackey). 5N4CK3Y is a vending machine hardware hacking project from AND!XOR. We retrofitted it into an IoT CTF based badge dispensing machine, bling and all. Find a flag on our web hosted CTF platform, you get a 5N4CK3Y dispense code, punch it in, and a badge is vended to you! There are a variety of challenges to earn a badge as well others to continue working on the badge itself once obtained. These span from hardware hacking, reverse engineering, OSINT, network security, and cryptography to name a few. There's a little bit of everything, so it's a perfect way to learn something at one of the many DEF CON villages and talking with people you meet, then attempt one of the CTF challenges to dispense a badge. Hardware hacking is our passion and we want people to learn on badges, but more importantly that there's a lot to learn at DEF CON so our CTF will hopefully serve a desire to learn something new and meet new friends while trying to earn a badge and hack it further.

CON - Sunday - 10:00-11:59 PDT

This is a contest about bribery. Bribery is not only allowed, it is required as part of the contest, since it's the only way to move up the leaderboard. Judges will evaluate the value of any given bribe (for example, an unusual sticker, etc.), and award points accordingly. Boring bribes will be rejected (i.e. cash). Players can expect to learn how to make a persuasive argument, and the nature of value in an (often) pay-to-win world that we live in.

ASV - Sunday - 10:00-12:59 PDT

A variety of aviation infrastructure has been compromised by hackers. Immerse yourself into challenges where you are tasked as an aviation cyber defense participant to identify attacks/attackers, stop attacks, and restore normal operations. As a participant your first step is to register ahead and read the rules at: https://aisac.cyberskyline.com/events/aisac-defcon and bring your own laptop to the venue. You can participate in the virtual challenges from Friday, but the more critical in-person challenges are only available at certain times during Village open hours!

MISC - Sunday - 12:00-12:59 PDT

Durante abril de 2024 el equipo GERT de Kaspersky detectó un nuevo grupo de ransomware aprovechando las funcionalidades de Microsoft para cifrar sistemas en infraestructuras comprometidas, usando scripts para disminuir defensas, deshabilitar parámetros críticos de sistemas Microsoft y finalmente usar el servicio Bitlocker de Microsoft, creando contraseñas individuales de cifrado por cada sistema, eliminando los rastros locales y enviando los datos mediante comunicaciones de comando y control para garantizar el descifrado y recibir el pago del rescate. Aunque el ataque fue dirigido a organizaciones en LATAM, fue identificado también en Jordania e Indonesia. Durante esta charla presentaremos los principales retos de recolectar evidencia en sistemas donde los discos fueron completamente cifrados y las propuestas de descifrado habilitadas una vez se obtuvo la muestra del malware construida de forma dirigida para las organizaciones afectadas. Se presentarán los mecanismos de descifrado disponibles frente a esta y otras amenazas similares y las técnicas usadas por los adversarios para comprometer las infraestructuras.

MSc Eduardo Chavarro Ovalle, DFIR Group Manager para Kaspersky GERT en América, especialista en respuesta a Incidentes, CSIRT Leader, MSc en seguridad informática, Ingeniero en Telecomunicaciones con conocimiento en Gerencia Estratégica de las Telecomunicaciones, con más de 20 años de experiencia en Análisis Digital Forense, Respuesta a Incidentes, eDiscovery, Threat Hunting, entre otros. GCIH | GRID | GCFA | CISM | CHFI | C)PTE | SFCP | ITIL

DC - Sunday - 14:00-14:45 PDT

In this study, we delve into the darker aspects of railway technology, revealing how easily accessible domestic hardware tools can compromise the seemingly infallible robustness of signaling systems. We demonstrate how these accessible technologies can be utilized to devise strategies that potentially threaten train circulation in Spain. Our research presents a critical analysis of the vulnerabilities present in the railway signaling systems, highlighting the ease with which these systems can be tampered with, using tools that are readily available to the general public. Through a combination of theoretical insights and practical demonstrations, we offer a comprehensive overview of the risks associated with such vulnerabilities.

Our findings aim to raise awareness among stakeholders in the railway industry, prompting a reevaluation of current security measures and encouraging the adoption of more stringent protections against such threats. This paper contributes to the ongoing discussion in the cybersecurity community, offering valuable insights into the potential risks facing modern transportation infrastructures and suggesting avenues for future research and development in railway system security.

We consider this work to be innovative on a type of system that has been present for over half a century in railway infrastructures. Therefore, the references provided are primarily about the operation of the systems and relevant news concerning them.

1. link
2. link
3. link
4. link
5. link
6. link
7. link
8. link
9. link
10. link
11. link
12. link
13. link
14. link

David Melendez is an R&D Enginner and Red Team member at Innotec Security Part of Accenture, with over twelve years of experience in cybersecurity and hardware hacking. He has a proven track record of presenting his groundbreaking investigations at prestigious conferences around the world, including DEF CON, BLACKHAT, and ROOTEDCON.

David is also a drone creator and author of the book "Hacking with Drones," which showcases his innovative use of drones in cybersecurity research. With his passion for pushing the boundaries of technology, David is constantly seeking new ways to improve the security and functionality of embedded systems.

Gabriela (Gabs) García is a university professor and mentor, Secure Software Developer and coding and cybersecurity instructor for organizations such as LinkedIn, Cyber Hunter Academy and Kschool. She teaches, whether that's in a lecture hall or over the internet, about software development, with a keen eye for secure practices. She is a speakers in several hacking CONs like DEF CON USA, ROOTEDCON etc.

Gabriela is also an active member in hacker communities such as HackMadrid%27 and Hack%27, both at home in Spain and across the world. And as an independent professional, she gets to work with a wide variety of clients, crafting custom cybersecurity solutions to fit their specific needs.

APV - Sunday - 11:00-12:59 PDT

Join us for a revealing exploration of open-source trust and its vulnerabilities. In this captivating activity, we will delve into the fascinating world of developer credibility and the unsettling phenomenon of faking GitHub contributions. With open source becoming an integral part of software development, we find ourselves relying on strangers to provide us with code. Trust is often based on factors like the number of stars on a package or the credibility of the package’s maintainer on GitHub. However, what if I told you that all of this could be convincingly spoofed?

Tal brings over 7 years of experience to her role as a supply chain security research team lead within Checkmarx Supply Chain Security group. She is in charge of detecting tracking and stopping Opensource attacks.

Ori Ron, an experienced Application Security Researcher at Checkmarx, joined the company in 2016. With over eight years of expertise in the field, Ori specializes in identifying and mitigating security vulnerabilities in software systems. His research spans the application security aspects of many programming languages, technologies, and environments.

"Vulnerability" is part of my daily vocabulary at Checkmarx, and I never get sick of it. I dub myself a 'self-certified idiot' because I love learning and hatching ideas. So much, that I've made brainstorming a hobby and kickstarted a team initiative to keep us on the pulse of InfoSec. As a result, we have learned about CVSSv4 before it was cool.

Well, CVSSv4 isn't cool yet since it's yet to be fully adopted, but in the meantime, I've researched and come up with this talk. I wasn't given the opportunity to win a 'Best Speaker' award yet. However, I published a few blog posts for Checkmarx and am brewing many other initiatives. I'm also currently studying to pass the CEH certification. Contributing to the AppSec Village at RSAC in San Francisco last year. Check.

Beyond the keyboard, you catch me reading, writing, or practicing martial arts. As in cybersecurity, I seek constant learning.

APV - Sunday - 11:00-12:59 PDT

Join us into this collaborative game of OWASP Cornucopia! Over the course of two hours we will create a Threat Model of an example target infrastructure using the OWASP Cornucopia game! Winner keeps the deck!

Konstantinos is the Advisory Services Director at Census Labs S.A. Prior to that, he worked for OTE S.A. (member of Deutsche Telekom Group) where he was responsible for the cyber security solutions offered to corporate customers. In the past he has led cyber security consulting teams in other private sector organizations. He has more than 20 years of experience in the field of cyber security both as a corporate consultant and as a researcher. During that time, he participated in numerous cyber security projects in public and private sector organizations, in Greece, Europe, and the Middle East. He has been an OWASP volunteer since 2004, leading the Greek chapter and contributing to several projects. He holds a PhD and BSc from the Department of Informatics and Telecommunications at the University of Athens, Greece, as well as a MSc in Information Security with distinction from Royal Holloway, University of London. For more than 10 years he served as an Adjunct Lecturer at the Hellenic American University, as well as the University of Athens and University of Piraeus, teaching Information Security to postgraduate and undergraduate students.

APV - Sunday - 11:00-12:59 PDT

Join us into this collaborative game of OWASP Cornucopia! Over the course of two hours we will create a Threat Model of an example target infrastructure using the OWASP Cornucopia game! Winner keeps the deck!

Andra is a Principal Application Security Specialist at Sage, with over seven years of experience in the field of application security. She is responsible for implementing DevSecOps practices, conducting security assessments, and developing secure coding guidelines for software engineering and AI/ML teams. She holds multiple certifications, including AWS Certified Cloud Practitioner and Attacking and Securing APIs. She has a strong background in software development and project management, as well as a master's degree in information and computer sciences. She has been co-leading the OWASP London Chapter since 2019, where she organises and delivers events and workshops on various security topics. She is passionate about educating and empowering developers and stakeholders to build and deliver secure software and best practices in a fast-paced, results-driven environment.

HRV - Sunday - 11:30-11:59 PDT

Ready to graduate from basic packet? This presentation dives headfirst into the advanced world of packet radio networking. We'll explore routing protocols like NETROM and ROSE, conquer the intricacies of setting up your own packet radio node, and delve into the world of HF packet communication.

ADV - Sunday - 10:00-11:59 PDT

Adversary Simulator booth is a volunteer assisted activity, which has hands-on adversary emulation plans and exercises specific to a wide variety of threat-actors; these are meant to provide the participants with a better understanding of adversarial attack emulation. The booth will be hosting a simulated environment meant to recreate enterprise infrastructure, operational technology environment, which serves targets for various attack simulations.The hands-on simulator booth also hosts an activity, which would need the participants to generate their own adversary emulation plans to assess the efficacy of the defense systems based on publicly available cyber threat intelligence.

CON - Sunday - 10:00-11:59 PDT

Adversary Village proudly presents "Adversary Wars CTF", an official contest at DEF CON, where the participants will have to pose as adversaries and replicate adversarial actions against each element of a “target” organization. Adversary Wars would have real world simulation of CTF scenarios and challenges, where the participants can perform various attacks and learn new attack vectors, TTPs, techniques, etc. To visualize the CTF environment, the contest area will feature a miniature model of the city made using interlocking-plastic-bricks. The breached components OR organization buildings will be physically marked in the city model as the CTF progresses.

We are excited to be back at DEF CON as an official contest this year. Adversary Wars CTF will be located in the contest area for DEF CON 32.​

ADV - Sunday - 10:00-11:59 PDT

Adversary Adventure is a Choose-Your-Own-Adventure model interactive table-top exercise game, where everyone can participate and choose various tasks. The participants can choose to play as an attacker who performs adversarial activities against a target, a defender who deals with a potential breach, as a CISO who is managing a ransomware attack, or even as management executives going through a table-top exercise.

AIV - Sunday - 10:00-12:59 PDT

Join us at the AI Village for interactive demonstrations at the intersection of AI and security. Attempt to hijack and manipulate autonomous robots using large language models and generative AI. Fool your friends by creating deep fakes with a state-of-the-art setup from Bishop Fox, complete with DSLR camera, green screen, and props. Finally, put your social engineering awareness to the test with DARPA’s deep fake analysis system, designed to identify and attribute manipulated and synthetic media. Don’t miss this opportunity to engage with adversarial AI technologies and learn about their implications on the future, at DEF CON 32!

BICV - Sunday - 10:30-12:30 PDT

Living a life devoid of trust in anything or anyone can lead to a dismal existence. However, in the realm of cyber security, embracing the concept of Zero Trust is essential. Trust was never meant for networks and is now irrelevant in the digital realm. This discussion explores why trust has become a vulnerability and underscores the importance for organizations to adopt principles such as Zero Trust to effectively respond to the ever-changing threat landscape; failure to do so may lead to their extinction within a few years.

Dr. Louis DeWeaver is a Cyber Security Consultant at Marsh McLennan Agency (MMA). With over 20 years of experience, Louis provides strategic direction to the organization and its clients in developing and implementing effective cyber strategies and initiatives. He strives to stay up to date on the latest cyber security trends and continuously identifies the evolving methods used by attackers.

DC - Sunday - 12:30-13:15 PDT

DARPA and ARPA-H joined forces for the AI Cyber Challenge (AIxCC), a two-year competition aimed at revolutionizing cybersecurity through AI-driven solutions. AIxCC asks the nation’s top talent in AI and cybersecurity to develop Cyber Reasoning Systems capable of automatically finding and fixing software vulnerabilities to secure critical software. In this talk, we are excited to announce the results of the Semifinals event. We will conduct a brief examination of the AI systems developed by the top teams by analyzing their strategies, discuss key innovations and methodologies employed, and discuss the overall impact of the competition on the cybersecurity landscape. The top-ranking teams will be eligible to win one of the $2 million in semifinal prizes, as well as a spot in the Finals competition at DEF CON 33.

Andrew Carney joined ARPA-H in July 2023 from HSBC’s Cybersecurity Science and Analytics group, where he worked as a principal researcher. He has over 15 years of experience in software and hardware vulnerability research, technical education and training, and management of research and development teams.

In addition to his role as program manager with ARPA-H, Carney holds a joint program manager appointment with the Defense Advanced Research Projects Agency (DARPA) for the AI Cyber Challenge (AIxCC), a competition focused on securing software in critical infrastructure. Before HSBC, Carney was a technical advisor and contractor for the Defense Advanced Research Projects Agency (DARPA). At DARPA, he supported research efforts focused on reverse engineering, program analysis, human-machine teaming, and automated program repair. Throughout his career, Carney has been involved in competitive hacking (called Capture the Flag, or CTF) as both a player and a competition organizer. He holds a master’s degree in computer science from The Johns Hopkins University.

Ms. Perri Adams is a special assistant to the director at DARPA, where she advises stakeholders at the agency and across the U.S. government on the next generation of AI and cybersecurity technology.

Prior to this role, Adams was a program manager within DARPA’s Information Innovation Office (I2O), where, among other programs, she created the AI Cyber Challenge (AIxCC).

Adams has been an avid participant in cybersecurity CTF competitions and was one of the organizers of the DEF CON CTF. She holds a bachelor’s degree in computer science from Rensselaer Polytechnic Institute and is a proud alumna of the computer security club, RPISEC.

MISC - Sunday - 10:00-12:59 PDT

IOTV - Sunday - 12:00-12:59 PDT

Yes, anyone can hack IoT devices and I’ll show you how! It doesn’t matter if you’re an experienced pen tester in other fields, completely new to cybersecurity or just IoT curious, by the end of this talk you’ll have the knowledge to hack your first device. You might be thinking - but I thought IoT was complicated, required knowledge of hardware, and expensive tools. In this talk, I’m here to dispel those myths by directly showing you the methodology, tools and tactics you can use to go and hack an IoT device today (or maybe when you get home). I’ll cover what IoT devices are best for beginners, what tools you need (and don’t need), how to build a small toolkit for <$100, common tactics to get a foothold into IoT devices and how to find your first vulnerability or bug.

Andrew Bellini, also known as DigitalAndrew, is an electrical engineer by trade with a bachelor's degree in electrical engineering and a licensed Professional Engineer in Ontario, Canada. He is the creator of TCM Security’s Beginner’s Guide to IoT and Hardware Hacking course and Practical Junior IoT Tester certification. While his background and most of his career are in electrical engineering, Andrew is also an avid and passionate ethical hacker! In addition to being an instructor at TCM, he is also a longtime student and credits their quality courses helping him transition his career into cybersecurity. Including his love for all things ethical hacking, cybersecurity, CTFs and tech, he's also a dad, plays guitar and is very passionate about the outdoors and fishing!

ASV - Sunday - 10:00-12:59 PDT

ARINC 664 is an extension to IP networking that adds deterministic QoS for Aircraft Systems over Ethernet. Sit down and learn about how the extensions to 802.3 is used on aircraft, how that flight critical data is transferred in a timely matter, and how to manipulate the data on these networks. This progressive difficulty CTF provides a fun and informative way of approaching ARINC 664 networking.

APV - Sunday - 11:00-12:59 PDT

As a security practitioner, you may find yourself tasked with securing cloud-native applications. The problem is that there are so many moving parts, that you just wish somebody would shine a light on the alerts that count, so you could focus. You also wish somebody could automate away the trial and error involved in getting the really complex things like network policies and seccomp profiles just right.

Ben is a veteran cybersecurity and DevOps professional, as well as computer science lecturer. Today, he is the co-founder at ARMO, with a vision of making end-to-end Kubernetes security simple for everyone, and a core maintainer of the open source Kubescape project. He teaches advanced information security academically in both undergrad and graduate courses. In his previous capacities, he has been a security researcher and architect, pen-tester and lead developer at Cisco, NDS and Siemens.

DC - Sunday - 10:00-10:45 PDT

Join us as we unravel another story of public resources from AWS, digging in 3.1 million AMIs for secrets. Beyond the findings, we'll delve into the ominous connection between exfiltrated AWS access credentials from these AMIs and the heightened risk of AWS account takeover. This talk will highlight key methodologies, tools, and lessons learned, emphasizing the critical need for robust security measures in the cloud to prevent both data exposure and potential account compromise.

We started and developed this research without references of existing work. However, here are two links that can be viewed as related/previous work:

This article shows a research on a subset of public AMIs from a single region in AWS link

This research shows a similar issue where public EBS are scanned. However, this technique does not work for most public AMIs link

Eduard focuses on cloud and offensive security. He’s an experienced penetration tester and in the last years he started doing novel research, writing articles, developing tools like EC2StepShell and presenting at security conferences.

Matei is a Senior Penetration Tester who loves exploring the internet for vulnerabilities. Matei has discovered several CVEs and has the OSCP, CRTO, eWPT and a few other certifications alongside a Master's degree in Cybercrime and Intelligence. Although his daily job requires him to conduct thorough tests across a limited scope, after work, Matei enjoys doing simple tests across the whole internet.

HRV - Sunday - 11:00-11:30 PDT

Do you ever pine for the days of 1200bps communications? Learn how to leverage the power of amateur radio to send digital data, pictures, and even cat memes using packet radio. This presentation will crack open the basics of packet, explore the tools you need (no soldering iron required!), and show you how to join the network buzzing beneath the surface of the RF spectrum.

ASV - Sunday - 12:30-12:59 PDT

ADS-B aircraft tracking has long been done with Raspberry Pi’s and SDRs. We set out to build our own receiver from the ground up, but without resorting to expensive and power-hungry SDR chips. Join us for a behind-the-scenes look as we walk through how we were able to (ab)use hardware to squeeze an entire Linux system, custom signal processing chain, and map visualizer into a chip that costs less than most microcontrollers.

Robert Pafford graduated summa cum laude from The Ohio State University with a B.S. in Electrical and Computer Engineering this past May. During his time there, he was an avid participant in Ohio State’s Underwater Robotics Team, leading the team to top placement in an international autonomous underwater vehicle competition where he led the design of the vehicle’s next generation electronics system. Robert's passion for problem-solving and cutting-edge technology led him into reverse engineering, where, starting this fall, he will work as an Associate Engineer at STR, a national-security focused technology firm.

CON - Sunday - 10:00-12:59 PDT

A scenario-driven Capture the Flag contest, pits teams of participants against adversaries and a clock, to protect human life and public safety. Participants compete against each other on both real and simulated medical devices, integrated into the fully immersive Biohacking Village: Device Lab, laid out as a working hospital.

Challenges will be tailored for all skill levels and draw from expertise areas including forensics, RF hacking, network exploitation techniques, web security, protocol reverse engineering, hardware hacking, and others. You will hack actual medical devices and play with protocols like DICOM, HL7 and FHIR.

2024 Capture the Flag Challenge

Welcome, elite hackers and cyber sleuths, to a CTF experience like no other - the "Code D.A.R.K. : Biohacking Village CTF Challenge".

Merge the worlds of biology and cybersecurity in an adrenaline-pumping contest that tests your skills in ways you've never imagined. Thrilling and challenging cybersecurity adventure centered around a hospital setting as a scenario where participants engage in a race against time to secure or retrieve critical medical data, navigating through various cybersecurity puzzles and challenges, where participants act as guardians of critical biological data.

Unravel Biological Mysteries: Dive into a narrative where biotechnology meets cyber-warfare. Decode genetic puzzles, breach virtual lab networks, and outsmart bioinformatics security systems.

Elevate Your Hacking Game: Challenge yourself with unique biocybersecurity scenarios. This isn't your typical CTF - it's a fusion of biotech intrigue and hardcore hacking.

Compete and Collaborate: Team up with fellow biohackers and cyber warriors. Share knowledge, strategize, and show off your skills in a community where biology and bits intersect.

Gear Up for a Cyber-Biotech Showdown

Immersive Scenarios: Each challenge is a step into a world where safeguarding biological data is as critical as securing digital assets.

Skill Diversity: Whether you're a veteran hacker or a biotech enthusiast, Code D.A.R.K. offers a range of puzzles that cater to a wide array of skills and interests.

• OT/IT
• Medical devices
• Hospital infrastructure
• Regulatory and international affairs
• Robotics
• Data
• Mark your calendars and set your alarms because the action kicks off on Friday, August 9th at 1000 PDT.
• Play from anywhere in the world! CTF open hours are as follows:
  • Friday, August 9th from 10am PST - 6pm PDT
  • Saturday, August 10th from 10am PST - 6pm PDT
  • Sunday, August 11th from 10am PST - 12pm PDT

RULES

REGISTRATION

Participants may only register once for this challenge. If participants register for this challenge more than once, the whole teams with a participant that registered multiple times will be disqualified.

By registering, participants agree that their accounts may be rejected or terminated and all submissions by them and/or their Team may be disqualified if any of the information in their account is incorrect.

Participants must agree to and abide by the Code of Conduct while participating in the Biohacking Village Capture the Flag. Anyone who will conduct themselves against the CoC will be eliminated from competition and banned forever.

TEAMS

After participants register individually, they may work alone (team of one) or on one team with other challenge participants. To work on a team, they may either create a new team or join one that is pre-existing ( if a participant wishes to join a team or offer others to join, they can do so in the #ctf-st-elvis-teambuilding Discord Channel)

The maximum number of team members is five (5).

All teams must designate a Team Captain. A Team Captain serves as the official contact person for a team: this person should provide accurate and complete contact information to ensure that CTF organizers can reach their team if needed.

Each member of the team must be a registered participant in the CTF.

If participants choose to join a team, then they may not simultaneously participate as an individual or another team.

CHALLENGE SUBMISSIONS

All submissions must be received during the Challenge period. Submissions posted after the posted time frame will be disqualified.

Participants may get an answer but it will forfeit their points for that challenge. Even if the flag they tried before was similar. The decision to get the answer is final for zero points.

CHALLENGE SCORING

Each submission has set value known beforehand in the challenge description

The winning teams will be decided based on the number of the accumulated points during the CTF timeframe. In case two teams accumulate the same amount of points, the team that reached the amount of points in question faster will be the winner.

CHALLENGE DISQUALIFICATION

Whole team gets disqualified if any of the following applies:

• One or multiple team members have registered more than once
• One or multiple team members will not follow Code of Conduct (applies to any of the Biohacking village platforms or social media)
• Any offensive behaviour such as attacking the Biohacking Village infrastructure, denial of service, or escaping the boundaries set by the CTF or Device Lab environment

PRIVACY

Unless stated otherwise on the mainsite, we do not share any information about participants with anyone. Some events or conferences might have/require other rules, in that case it will be noted on the CTFd site.

BHV - Sunday - 10:00-12:59 PDT

The Device Lab is highly-collaborative environment where security researchers test medical instruments, applications, and devices in real-time from participating Medical Device Manufacturers. Any potential issues are reported directly to the manufacturer, and coordinated vulnerability disclosures are produced.

As part of their product security programs, their proactive initiatives to test their products, and to enhance the cybersecurity of their medical technologies, select medical device makers are teaming up with the Biohacking Village.

These manufacturers are inviting security researchers to learn and to test their products in dedicated spaces set aside for them. Their staff will answer questions, educate researchers, and triage any potential security issues. Researchers who perform testing should expect to follow the manufacturers’ published coordinated vulnerability disclosure policy and report any potential issues found so they can be addressed. Security researchers must sign the Hippocratic Oath for Hackers and agree to the framework of boundaries and rules of engagement during and post conference engagement.

We have 10 manufacturers with 21 devices. You can find more information about the devices and each manufacturer's Vulnerability Disclosure Policy here.

BTV - Sunday - 10:30-11:59 PDT

This panel will consist of leaders and practitioners from multiple areas of the security and hacking space, sharing their journeys and perspectives on the industry. They’ll answer your questions on hiring, career advancement, and technical growth. Join us for this interactive session!

This panel will consist of leaders and practitioners from multiple areas of the security and hacking space, sharing their journeys and perspectives on the industry. They’ll answer your questions on hiring, career advancement, and technical growth. Join us for this interactive session!

With more than 10 years in different security roles, last 5 years in the current role has brought me in the position to be the security department education advisor. I believe education and career path advice should be the role for a technical professional and not HR. It is important to know both the hunger for education and the pain of going through heavy learning curve. But it is also important to underatand the need to slow down at times for other life events. Also, helping eachother builds life long friendships and trust.

Tennisha Martin is the founder and Executive Director of BlackGirlsHack (BGH Foundation), a national cybersecurity nonprofit organization dedicated to providing education and resources to underserved communities and increasing the diversity in cyber. BlackGirlsHack provides its members with resources, mentorship, direction, and training required to enter and excel in the cybersecurity field. Tennisha has a bachelor’s degree in Electrical and Computer Engineering from Carnegie Mellon University and several Master’s Degrees including in Cybersecurity and Business Administration. She has worked in a consulting capacity for over 15 years and is a best selling author, award winning hacker, and an advocate for diversity.

BTV - Sunday - 12:00-12:30 PDT

This is a placeholder for BTV’s closing ceremonies!

This is a placeholder for BTV’s closing ceremonies! This is a placeholder for BTV’s closing ceremonies! This is a placeholder for BTV’s closing ceremonies! This is a placeholder for BTV’s closing ceremonies! This is a placeholder for BTV’s closing ceremonies! This is a placeholder for BTV’s closing ceremonies!

PHV - Sunday - 10:00-13:59 PDT

Join us for an interactive workshop where we will walk you through the ins and outs of botnet deployment and operation via a command and control web server. Geared towards beginners, this workshop offers a hands-on approach to understanding how botnets function. You'll also learn an effective defense strategy against the botnet you have created. No experience needed we will give you everything you need!

ASV - Sunday - 10:00-12:59 PDT

Bricks in the Air is a hands-on demo to teach the basics of low level protocols seen in aviation. The demo uses the I2C protocol and does not reveal actual security vulnerabilities in avionics or other systems in aviation.

DC - Sunday - 13:30-14:15 PDT

In January 2021, I discovered that North Korean state-backed agents were targeting security researchers. A few people got hit, including me. They didn't get anything, but I was very frustrated by the inaction of law enforcement, intelligence agencies, and DoD. I decided I was going to see what I could do. Armed with my computer and a bunch of Takis I got to work mapping out NK's infrastructure. This talk will detail the methods and tools I used to bring down North Korea's internet for 9 days along with the architectural and other vulnerabilities I found that allowed for the attack. This presentation will cover the technical aspects of the attack, criticisms of the DoD and Intel Community, praise from the DoD and Intel Community and the implications of a small team of hackers, or just one dude, causing real-world impact. Attendees will gain insights into create methodologies for network exploitation and the ethical, practical, and resistance from the government to cyber guerrilla warfare, demonstrating the need for agile and responsive cyber capabilities in the modern world.

1. Greenberg, Andy. "The Hacker Who Took Down North Korea's Internet." Wired. link.
2. Greenberg, Andy. "North Korea Hacker Internet Outage." Wired. link.
3. DEF CON 21 Talk: "Conducting massive attacks with open source distributed computing" link
4. DEF CON 29 Talk: "WTF happened to that tool that was like Shodan but for web app vulns?" link
5. DEF CON 21 Talk: "The Dawn of Web 3.0: Website Mapping and Vulnerability Scanning" link.
6. The Register: link

Alex is the dude that took down North Korea's Internet routing for 9 days. He owns Hyperion Gray and creates a bunch of open source software.

ICSV - Sunday - 12:00-12:59 PDT

Generic cyber guy in polo

PSV - Sunday - 10:30-11:30 PDT

There are loads of ways to get through a door without actually attacking the lock itself, including using the egress hardware, access control hardware, and countless other techniques to gain entry. Learn how to do these attacks in this talk!

Karen is a Risk Analyst at GGR Security, and is one of GGR's entry team for physical penetration tests. She has a strong interest in physical security, delivering trainings on physical security vulnerabilities to a wide range of audiences. Karen comes from a background in engineering and has extensive experience in major event logistics. She is one of the Village Leads at the Physical Security Village, and works with the rest of the PSV team to teach how to recognize and fix security exploits to the community. Graphic design is her passion.

CON - Sunday - 10:00-11:59 PDT

This event was born out of the fires of DEF CON. Through years of analyzing network traffic for the Wall of Sheep and teaching others how to do the same, we built this system as a way to help the growing numbers in our community learn (fast). Then it quickly turned into the first defensive based CTF at DEF CON and is one of the longer running competitions at con with a twist... Each year we practically re-invent ourselves, bringing the latest tools & techniques along with never seen before content across 17 categories to unleash hell on the mostly-unsuspecting attendees. For ’24 we have added tons of new content, and new types of challenges never seen before.

Come compete in the world's most challenging cyber defense competition based on the Aries Security Cyber Range. Tear through the challenges, traverse a hostile enterprise class network, and diligently analyze what is found in order to make it out unscathed. Not only glory, but prizes await those that emerge victorious from this upgraded labyrinth, so only the best prepared and battle hardened will escape the crucible.

CHV - Sunday - 10:00-12:59 PDT

CHV 101

This booth will have several reverse engineer demonstrations and an automotive threat intelligence review.

• Reverse Engineering Demonstration(s)
• Live vehicle communications via remote controls
• EV-based Hardware-in-the-Loop (HIL) demonstrations
• Automotive Threat Intelligence
• How to gather threat intelligence related to the automotive industry
• What the current threat landscape looks like today

CHV CTF

There will be 10-15 automotive security CTF challenges this year ranging from reverse engineering, telemetry, grand theft auto, crypto, vehicle networks, and exploitation.

1st place prize is a car!

CHV Kids

A fun scavenger hunt designed for DCNextGen kids to participate in and learn about the Car Hacking Village.

There will be swag items handed out to the kids as they move through the scavenger hunt.

CHV Mechanics

There will be 1 Semi-Truck and 2 Electric Vehicles on site for people to plug into.

DEFCON attendees must follow the rules for each of the vehicles. There will be large ORANGE signs with the rules detailed on them.

CON - Sunday - 10:00-11:59 PDT

The Car Hacking Village CTF is a fun interactive challenge which gives contestants first hand experience to interact with automotive technologies. We work with multiple automotive OEMs and suppliers to ensure our challenges give a real-world experience to car hacking. We understand hacking cars can be expensive, so please come check out our village and flex your skills in hacking automotive technologies.

With the largest collection of hackers in one area, there's no better way to understand the security state of an industry without bringing it to security professionals to break. Over the past 10 years, the Car Hacking Village has been the focal point of interest for new hackers entering the automotive industry to learn, be a part of and actually test out automotive technologies. We plan to use this event to keep drawing attention to the automotive security industry through hands-on challenges.

ICSV - Sunday - 13:00-13:25 PDT

Serial community volunteer and recruiting expert

DC - Sunday - 10:30-11:15 PDT

Rob Joyce, former NSA and White House cyber official, will engage with Dark Tangent to analyze the evolving state of global cyber threats. Their discussion will explore the impact and potential of artificial intelligence, assessing how AI is reshaping the cybersecurity landscape and what it means for the future of global security.

Rob served over 34 years at the NSA, where he held roles including the head of Tailored Access Operations (TAO), the NSA hackers running operations to produce foreign intelligence. He spent his final years as the head of the Agency’s cybersecurity directorate. He also served on the White House National Security Council as a Special Assistant to the President and Cybersecurity Coordinator, as well as Acting Homeland Security Advisor. Throughout his career, he led operations pursuing the most sophisticated hackers and innovated technologies to protect vital national assets — including the the US classified networks and nuclear authorization codes. He remains dedicated to upholding our national security in the cyber realm.

CON - Sunday - 10:00-12:59 PDT

The inception of this distinctive event occurred at DEF CON 31, initiated by a fortuitous encounter with CookieT while participating in LineCon for merch. Our shared passions fostered an immediate bond, and it was amidst this camaraderie that the idea for a future challenge germinated. Having previously engaged participants with puzzle-embedded challenge coins, I (Chasse) was inspired to expand the concept beyond a mere cipher. The aim was to design a contest that would appeal across a broad spectrum of skill levels by integrating a variety of puzzles, both modern and traditional, to attract a wider audience from a complete beginner new to the hackerspace to the more seasoned and advanced hacker. Observing the collective enthusiasm as participants unraveled the first simple coin puzzle was exhilarating, yet the quick resolution of the puzzle occasionally detracted from the overall experience for more advanced puzzle solvers. Throughout DEF CON 31, CookieT and I explored the feasibility of a web-based challenge CTF, laying the foundation for what would evolve into a pioneering contest and experience. Later Raven emerged from the shadows of cyberspace to help us chisel out the contest from Zeroes and Ones

With the announcement of DEF CON 32's theme, our concept was honed, ready to blend our creative talents into this year's challenge. We crafted an innovative combination of a narrative-driven journey game, scavenger hunt, and web-based Capture The Flag (CTF) challenges, all meticulously aligned with the DEC CON 32 "Engage" theme. This contest emerges as a holistic platform, introducing DEF CON newcomers to core security principles through an engaging narrative. Spanning a variety of fields including OSINT, cryptography, radio, telephony, password, and web security. It promises a rich, diverse experience! Participants, automatically divided into teams, are propelled on a quest to decode puzzles and unearth flags, with challenges designed to suit everyone from novices to veterans seeking sophisticated, intricate challenges. This contest transcends the conventional competition framework, evolving into an artful endeavor that illustrates the symbiosis of storytelling and technical puzzles to create a deeply immersive learning adventure. Imagined as an interactive storybook, it invites attendees to navigate their own routes, making their own choices that lead them through a story-rich exploration of security concepts and engagement even with each other.

The technical infrastructure of this experience is built on varied technologies. The main website, https://www.chassepartie.com, is developed with Ruby on Rails 7.1 and hosted on Heroku, with CloudFlare acting as our Web Application Firewall (WAF). This site functions as the scoreboard and narrative hub of the contest. Additionally, we have set up an XCP-NG hypervisor to host approximately 10 to 15 virtual machines as targets for participant engagement. Augmented reality markers are also in place, intended for deployment in communal areas like sticker boards, to enhance the experience. These elements are interwoven with the storyline, guiding attendees through what we believe is an unprecedented adventure-style CTF challenge named Chasse Partie Systems – Dystopian Apocalypse Resistance Terminal.

So come and join us on our deviant journey, what are you waiting for?

DC - Sunday - 12:30-13:15 PDT

As the successor to the iptables, nftables stands as a crucial network component within the Linux kernel, managing packet filtering and other network-related functionalities. With continuous development and changes, features designed to increase its efficiency, such as batch commit, anonymous chains/sets, and asynchronous garbage collection, have been implemented, which in turn has significantly increased its complexity and made it an attractive target for attackers in recent years.

Since the announcement of the kernelCTF bug bounty, multiple nftables 0-day vulnerabilities have been reported and patched to enhance its security. However, if not careful enough, the security patch may not only mitigate the bug but also introduce new security issues unintentionally. By researching the structural changes in the nftables codebase, we successfully uncover new vulnerabilities despite the intense competition in kernelCTF. Also, we managed to speedrun the exploitation just before Google removed nftables from LTS instance, becoming the last LTS nftables exploitation.

In this presentation, we will share three nftables vulnerabilities we discovered in a storytelling fashion. We start with a brief introduction on how nftables works under the hood to familiarize attendees with the basics. After that, we dive into nftables internals and dissect three vulnerabilities discovered during our journey, two of which involved utilizing hard-to-exploit race conditions to pwn the flag. Alongside details of the exploitation, we will also share the roller-coaster story of kernelCTF experiences, filled with dramatic highs and lows, making it a tense and exhilarating journey.

• Previous nf_tables research:
• link
• link
• link
• Container escape:
• link
• RCU related documentation:
• link
• link

Kuan-Ting Chen, also recognized as HexRabbit, is a Security Researcher at DEVCORE and a member of the Balsn CTF team. Specializing in low-level exploitation, he is curious about how things work and enjoys the challenge of unraveling the complexities of modern computing systems.

Currently, he focused on the topic of Linux kernel exploitation, his work includes discovering multiple 0-day vulnerabilities in key Linux components like io_uring, ksmbd (an in-kernel SMB server), and the nftables submodule.

CLV - Sunday - 12:40-12:59 PDT

CLV - Sunday - 10:00-10:35 PDT

Cloud attacks continue to evolve e.g., AWS enumeration without logging (Fourchette), Azure OAuth tokens used for EoP and persistence (Blizzard), Cloud Shell backdoors, code abuse in GSuite scripting (Bryant), and tool evolution (Rhinolabs pacu), with current defensive approaches of lagging further and further behind.

This talk covers research and tooling to improve cloud defenses in AWS, Azure, and GCP, using more stealthy measures which complement existing techniques. We call the approach cloud tripwires, which involves stealthy defensive techniques that can provide low-FP detections of malicious actors.

Through analysis of cloud provider IAM design, published attack techniques and common attack tools, we show multiple stealthy detection techniques such as: restricted admin roles that are not used by valid users; seeding of the restricted admin roles in regular user policies; honey resources (buckets, files) with detections to flag access; seeding of honey resources within user policies; cached honey credentials seeded in CLI installations in external client environments, EC2 instances, and Cloud Shells; unrestricted cross-account roles to restricted accounts; metadata proxy/iptables config on EC2 instances that issue restricted temporary tokens; and full CRUD/reporting/auditing functionality.

Jenko Hwong is a Principal Researcher on Netskope's Threat Research Team, focusing on cloud threats/vectors and identity abuse. He's spent time in engineering and product roles at various security startups in vulnerability scanning, AV/AS, pen-testing/exploits, L3/4 appliances, threat intel, and windows security.

CON - Sunday - 10:00-11:59 PDT

CMD+CTRL Web App Hacking Challenge gives you the opportunity to showcase your red team skills by attacking real web applications. The CMD+CTRL platform is a hacking game designed to teach the fundamentals of web application security. Explore vulnerable web applications, discover security flaws, and exploit those flaws to earn points and climb up the scoreboard. After attacking an application for yourself, you'll have a better understanding of the vulnerabilities that put real world systems at risk.

At DEF CON 32: We will be replaying some of our Cyber Range Greatest Hits. We will be running 4 different Ranges with over a 150 challenges possible!

SEV - Sunday - 11:30-13:59 PDT

Come make a call in front of our soundproof booth. We provide everything, the target company, their phone number, and three objectives to gather (easy, medium, and hard). First come, first serve. 

DC - Sunday - 13:30-14:45 PDT

ADV - Sunday - 10:00-11:59 PDT

Ezz Tahoun, a distinguished cyber-security data scientist, who won AI & innovation awards at Yale, Princeton and Northwestern. He also got innovation awards from Canada’s Communications Security Establishment, Microsoft US, Trustwave US, PIA US, NATO, and more. He ran data science innovation programs and projects for OrangeCyber Defense, Forescout Technologies, Royal bank of Canada, Governments, and Huawei Technologies US. He has published 20 papers, countless articles and 15 open source projects in the domain. When he was 19 years old he started his CS PhD in one of the top 5 labs in the world for cyber & AI, in the prestigious University of Waterloo, where he published numerous papers and became a reviewer for top conferences. His designations include: SANS/GIAC-Advisory-Board, aCCISO, CISM, CRISC, GCIH, GFACT, GSEC, CEH, GCP-Professional-Cloud-Architect, PMP, BENG and MMATH. He was an adjunct professor of cyber defense and warfare at Toronto’s school of management.

ICSV - Sunday - 10:00-10:55 PDT

ICS/OT environments are targets. Since the Colonial Pipeline breach in 2021, the ICS/OT threat landscape has changed tremendously. This presentation is not about the Fear, Uncertain and Doubt when an ICS/OT environment goes boom, but what happens when it goes down for ten days. What's the impact to the organization? It's employees? The people it serves?

Most importantly, what can we do to prevent it from occurring?

The remainder of the presentation covers secure network architecture, therapy for IT and OT working together and continually learning/improving.

Mike helps people learn how to secure Industrial Control Systems (ICS)/Operational Technology (OT) environments, from engineers and IT cyber security team members to asset owners and operators. He is the Fellow of Cybersecurity and the ICS/OT Cybersecurity Global Lead for Fluor, one of the world’s largest engineering, procurement, and construction companies. His current role provides him with the opportunity to work in securing some of the world’s largest ICS/OT environments, from power plants and commuter rail to manufacturing facilities and refineries. He has his Masters degree in ICS/OT cybersecurity from the SANS Technology Institute. Additionally, he maintains more than a few cyber security and ICS/OT certifications.

CON - Sunday - 10:00-10:59 PDT

Zoogleta has been scheming to corporatize and enshittify the Internet through regulatory capture, squashing indy devs, and commodifying users.

You've been contacted by journalists and whistleblowers who need help sifting through some big dumps of encrypted data and password hashes.

Help them so they can publish the smoking gun, crash Zoogleta's stock price, and get their leadership and the corrupt politicians they own arrested by exposing their internal dirt, for great justice.

Time is of the essence! You will have 48 hours to crack as many files and hashes as possible.

Open to all; preregistration is recommended. Compete in the Street class for individuals or small teams, or in Pro if you do not want to sleep all weekend. Check out past years' contests at https://contest.korelogic.com/ , and the Password Village at https://passwordvillage.org/

CLV - Sunday - 11:10-11:45 PDT

Azure Policy is a built-on service that helps creating security and compliance policies to enforce organizational standards in the cloud environment. It evaluates resources by comparing the properties of the resources and with the help of remediation tasks, it can fix or remediate any issues with those resources. Have you ever wondered if you could abuse or bend these policies? Can you do more than just listing the storage accounts with public access and not be in the logs? How about creating a backdoor?

In this talk I will answer these questions by talking about what Azure Policy is, how to write one, what the logs contain, what permission you need, what does resource enumeration could look like etc. At the end I will present a proof-of-concept solution to bend the Azure Policy and create a backdoor account in Azure.

Viktor Gazdag has worked as pentester and security consultant for 9 years, lead cloud research working group and M365 capability service. He has reported numerous vulnerabilities in products and plugins from companies such as Oracle, SAP, Atlassian, Jenkins, CloudBees Jenkins, JetBrains, Sonatype. He gave talks about CI/CD security at DevOps World, Black Hat USA, DefCon and DoD CyberDT XSWG. He holds multiple AWS/Azure/GCP, Infra as Code, DevOps and Hacking certs and Jenkins Security MVP award.

ASV - Sunday - 10:00-12:59 PDT

The AMSAT Ground Control and CubeSat simulator emulates how satellite communications are used. Ground control communicates via UHF to the cubesat.

CON - Sunday - 10:00-11:59 PDT

Various cyber tools and techniques have been utilized based on information from past attacks. Game players will learn about different cyber security frameworks, cyber-attack processes, and how they can use utilised in a fun way. The game is built to teach key cyber terms, theory and apply techniques based on real-world scenarios.

As a player, you are part of a Global Cyber Protection Team (GCPT) assigned to the mission to prevent various attacks on critical infrastructure. Your task is to use the available information that your team has at your disposal to stop the adversary from achieving their objective.

Players will find themselves in a variety of future scenarios based on a specific industry/sector focus e.g. manufacturing, utilities, defense, finance. The task will be to defend each individual network/system to govern, identify, detect, respond and recover against abnormal/suspicious activities on the network. You will be working against a global hacker network who are threatening to disrupt the overall operations of global critical infrastructure sites for their own nefarious means.

Your team must protect various networks/systems as part of a global environment. If 5 or more systems are compromised and deactivated, the hacker network successfully disabled the global environment and can assume control of the entire environment. It is your mission to protect the environment and ensure the availability of the global system.

CON - Sunday - 10:00-11:59 PDT

Darknet-NG is an Alternate Reality Game (ARG), where the players take on the Persona of an Agent who is sent on Quests to learn real skills and gain in-game points. If this is your first time at DEF CON, this is a great place to start, because we assume no prior knowledge. Building from basic concepts, we teach agents about a range of topics from Lock-picking, to using and decoding ciphers, to Electronics 101, just to name a few, all while also helping to connect them to the larger DEF CON Community. The "Learning Quests" help the agent gather knowledge from all across the other villages at the conference, while the "Challenge Quests" help hone their skills! Sunday Morning there is a BOSS FIGHT where the Agents must use their combined skills as a community and take on that year's final challenge! There is a whole skill tree of personal knowledge to obtain, community to connect with and memories to make! To get started, check out our site https://darknet-ng.network and join our growing Discord Community!

ASV - Sunday - 10:00-12:59 PDT

Collect the clues, solve the puzzles, show off your aerospace knowledge and technical skills to win a limited edition PCB badge.

CON - Sunday - 10:00-13:59 PDT

DARPA and ARPA-H’s Artificial Intelligence Cyber Challenge (AIxCC) will bring together the foremost experts in AI and cybersecurity to safeguard the software critical to all Americans. AIxCC is a two-year competition that asks competitors to design novel AI systems to secure this critical code and will award a cumulative $29.5 million in prizes to Teams with the best systems. In 2024, top teams will be awarded prizes of $2 million each, and will advance to the finals at DEF CON 33. The AIxCC Experience at DEF CON 32 is an immersive and interactive competition environment and educational space to inspire people and organizations to accelerate the development of AI-enabled cyber defenses. Attendees will explore a futuristic city where they can learn all about the competition, the technology, and the power of AI to help secure the software we all depend on.

Registration for AIxCC is no longer open to new contestants. AIxCC Preliminary Events were held March – July 2024.

Semifinalists will be announced here: https://aicyberchallenge.com/

RTV - Sunday - 10:00-11:50 PDT

MISC - Sunday - 12:00-12:59 PDT

We will be handing out the CTF Prizes and awards. Must be present to win!

DC - Sunday - 11:00-11:45 PDT

The Internet was supposed to give us access to the world's information, so that people, everywhere, would be able to know the truth. But that’s not how things worked out. Instead, we have a digital deception engine of global proportions. Nothing that comes through the screen can be trusted, and even the things that are technically true have been selected, massaged, and amplified in support of someone’s messaging strategy.

Deception isn’t just about narratives - we see deception at every layer of the network stack, from spoofed electromagnetic signatures, to false flags in malware, to phony personas used to access networks and spread influence. They hide in our blindspots, exploit our biases, and fill our egos while manipulating our perceptions.

How do we decide what is real? This talk examines time-tested maxims that teach the craft of effective deception, and then inverts those offensive principles to provide defensive strategies. We’ll explore ways to counter biases, triangulate information sources, detect narratives, and how hackers can build tools that can change the game.

At their best, hackers lift their heads up above the masses to see how the world actually works, not how it purports to work, and then take action to make the world a better place. You’ll leave this talk with practical skills to do just that.

Tom Cross (aka Decius) is a security researcher known for delivering late night rants at hacker cons. In the early 1990’s, he ran BBSs and listservs for the hacker community in the southeast US. He attended the first Defcon in 1993. He is a Principal at Kopidion, and creator of FeedSeer, a news reader for Mastodon. Past security industry roles include cofounder and CTO of Drawbridge Networks, Research Director at Lancope, and Manager of IBM X-Force Advanced Research. He has spoken at numerous conferences, including Black Hat, DEF CON, Phreaknic, HOPE, and B-Sides. He has a BSCMPE from Georgia Tech.

Greg Conti is a hacker, maker, and computer scientist. He is Principal at Kopidion, a cyber security training and professional services firm. Greg is a long-time Black Hat trainer where he co-created the Information Operations course. He will also be teaching a new course on Adversarial Thinking at DEF CON Training this year. Formerly he served on the West Point faculty for 16 years and has published approximately 100 articles and papers covering hacking, online privacy, usable security, cyber conflict, and security visualization. Greg is a graduate of West Point, Johns Hopkins, and Georgia Tech

DC - Sunday - 15:00-17:45 PDT

DCG - Sunday - 10:00-12:59 PDT

Do you have questions about what DEF CON Groups are? Do you need help finding a group near you? Feel free to come ask. Or, just come up and hang out.

CON - Sunday - 10:00-11:59 PDT

Whether you're a seasoned DEFCON veteran or a curious newcomer, the DEFCON Scavenger Hunt promises to challenge your skills, tickle your wits, and ignite your hacker spirit. Our list is a portal to mystery, mischief, and mayhem. Assemble your team of up to five members, interpret the items, and submit your findings at the booth to our esteemed judges. Go beyond the basics for bonus points. Legends are born here.

Casual players will enjoy doing a handful of items, but you will need to devote your entire weekend if you want to win. It's not just about fame, glory, or boxes of swag; the true allure is the camaraderie of fellow hackers, the knowledge that you've etched your mark on DEFCON history, and the ultimate badge of honor: bragging rights. Nothing says "I'm a hacker" quite like being triumphant at the DEFCON Scavenger Hunt contest.

See you at the booth!

MISC - Sunday - 05:00-07:59 PDT

Thursday, Friday, Saturday and Sunday: 05:00 to 08:00, with random pop up meetings throughout the day in the con space.

Defcon.run is an evolution of the now long running DEF CON 4x5K running event. Due to stupendous growth, we’ve been forced to change up the format. This year's activity will look to match up folks for fun runs, and rucks (!), in small distributed groups around Las Vegas. It’s the same old event but at a distributed scale!

Show up in the morning, go for a run with folks, have a good time!

We’ll have a full set of routes for people to choose from from simple 5Ks to more ambitious distances. Full Information at https://defcon.run

ASV - Sunday - 10:00-12:59 PDT

You are a new to the Airport IT staff at the IG International Airport Network Operations Center, working your first holiday travel weekend. It has been a busy day managing the network with the control tower reporting several small glitches.

No alerts have been raised in the network, and the glitches appeared to have been easily handled. While taking your last break of the day, you decide to take a short walk around the concourse to watch the sun set. Suddenly, your cell phone rings and the voice on the other end is a panicked Control Tower Operator. A short time earlier, the tower had observed the runway lights turn off, come back on, and are now randomly blinking. They also mentioned the Operator HMI (Human Machine Interface) controlling the Runway Lighting system is non-responsive and they are locked out of the Maintenance HMI to reboot the system. Time is critical – without the lights, the planes circling the airport cannot land. With limited fuel stores, the planes are unable to divert to another airport. You sit down at your terminal to pull up the maintenance manual and troubleshoot the problem only to discover you are locked out of your account. You are suddenly relieved that management would not let you deploy security updates to the network because they feared service interruptions may occur. Once you regain access to the system and have all the reference material available, you bring up the control logic for the runway lighting system on one screen and the HMIs on another and quickly realize this is not a normal system failure. An unknown hacker or hacker group has ceased and taken control of the system. They have manipulated the PLC’s (Programmable Logic Controller) and impacted the HMIs. Time is of the essence to restore operation to the Runway Lighting control system before the planes run out of fuel.

MISC - Sunday - 11:00-11:59 PDT

En esta presentación se explorará cómo nuestra estrategia de instrumentación basada en la librería Microsoft Detours permite una inspección de los procesos de software comercial presente en diferentes sistemas, enfocándose en operaciones privilegiadas del sistema de archivos. Se detallará cómo el uso de la instrumentación facilita la búsqueda sistemática y exhaustiva de vulnerabilidades en dichos procesos, identificando y explotando fallos de seguridad críticos presentes en algunos de ellos. El proyecto demuestra la efectividad de Detours para realizar análisis de seguridad avanzados y muestra cómo las vulnerabilidades encontradas pueden ser explotadas para evaluar su impacto en escenarios reales. Esta exposición enfatiza la importancia y la efectividad de la búsqueda de vulnerabilidades para fortalecer la seguridad en sistemas de IT y OT.

Asher Davila (@asher_davila) is an IoT/OT Security Researcher at Palo Alto Networks, leveraging his expertise in the intersection of software and hardware across IoT to IIoT, ICS, and critical infrastructure security. His work includes discovering and disclosing vulnerabilities and malware affecting these systems, alongside developing tools for reverse engineering and exploitation efforts. Asher has also presented his findings at multiple cybersecurity conferences and academic events.

ASV - Sunday - 10:00-12:59 PDT

Can you spot suspicious items in packages? Try out your skills.

DC - Sunday - 11:00-11:45 PDT

In this presentation, we will unveil a new attack surface: Device Virtualization in VMKernel. This isan unknown territory that has not been explored by security researchers to date. During the reverse engineering of the VMware Hypervisor, we discovered 8 vulnerabilities related to device virtualization, 3 of them have been assigned CVE number (some vulnerabilities have even been successfully exploited in Tianfu Cup), and the remaining 5 of our vulnerabilities have been officially confirmed by VMware.

Firstly we will delve into the loading process of vmm, the implementation of data sharing between vmm and vmx, and VMware's UserRPC, which facilitates communication between the Hypervisor and the Host. These mechanisms are crucial in virtual device emulation.

Then We will explain security issues in various parts of the USB system, including the host controller, VUsb middleware, and VUsb backend devices, based on the vulnerabilities we have unearthed.

In the end, We will primarily discuss the similarities and differences in SCSI-related device emulation in the virtual disk system between VMware Workstation and ESXi Additionally, we will cover design flaws related to disk device emulation that we discovered in VMKernel.

1. link
2. link
3. link
4. link
5. link
6. link
7. link
8. link
9. link
10. link
11. link
12. link
13. link
14. link
15. link
16. link
17. link conferences, including Usenix 2021, ACM CCS 2022, EuroS&P 2022, HITBSecConf2022, BlackHat Asia 2024.

JiaQing Huang is a security researcher at TianGong Team of Legendsec at QI-ANXIN Group. He is currently focused on IoT and Virtualization security, having submitted multiple security vulnerabilities to VMware. In 2023, he and his teammate successfully escaped the Parallels Desktop at GeekCon2023.

Hao Zheng is a security researcher at TianGong Team of Legendsec at QI-ANXIN Group. His focus is on Virtualization Security, having submitted multiple security vulnerabilities to VMware. In 2023, he and his teammate successfully escaped the Parallels Desktop at GeekCon2023.

Yue Liu is a Security Researcher at QI-ANXIN Group, and the team leader of QI-ANXIN TianGong Team. He and his team has found lots of bugs in Windows/Android/ChromeOS/IoT Devices and cracked multiple targets in Tianfu Cup 2019/2020, GeekPwn 2020/2021/2022, GeekCon 2023. He has published his work in various conferences, including Usenix 2021, ACM CCS 2022, EuroS&P 2022, HITBSecConf2022, BlackHat Asia 2024.

DC - Sunday - 12:00-12:45 PDT

This article reassesses complex cyberattack tactics, focusing specifically on existing security measures and emerging weaknesses. We begin our investigation by examining initial methods of deployment in contemporary attacks, including those that focus on simulated read-only filesystems and NTFS vulnerabilities. Since the improvements made to the Windows security architecture in 2011, which include the enforcement of Driver Signature Enforcement (DSE) and Hypervisor-protected Code Integrity (HVCI), the nature of cyber threats has changed, requiring new ways to carry out attacks.

Our research presents a new method that takes advantage of previously uncovered weaknesses in emulated filesystems, allowing attackers to covertly install and maintain harmful programs. In addition, we uncover new NTFS vulnerabilities that enable attackers to conceal their presence and sustain persistence within victim systems. The study also investigates alternate methods for delivering and executing malware in usermode. In addition, we discuss several Indicators of Compromise (IOCs) to identify and detect these tactics.

1. link
2. link
3. link
4. link
5. link
6. link

I am a Managing Consultant with more than 10 years of experience in the IT field. Currently, I am part of the Security Testing Team at BSI, which is the UK national standards body, and a Global certification, training and cybersecurity firm. On top of my normal work, I work as an independent researcher for Synack RT and Cobalt, and an independent OSS developer in my spare time.

ASV - Sunday - 10:00-12:59 PDT

Put your drone hacking skills to the test in our Drone CTF. This advanced challenge requires participants to take over a drone mid-flight and develop a payload to hack a DJI drone. This CTF is perfect for those who have some experience in drone hacking or have participated in our Drone Hacking Workshop. It's a great opportunity to showcase your technical prowess and win some cool prizes.

ASV - Sunday - 10:00-12:59 PDT

Experience the thrill of flying a drone in our custom-built cage right on the showroom floor. This activity is designed for everyone to enjoy, from kids to adults. Fly mini drones around the cage and see how well you can control these agile little machines. It's a fun, interactive way to learn the basics of drone piloting in a safe environment.

ASV - Sunday - 10:00-12:59 PDT

Join our Drone Hacking Activity and get hands-on experience with hacking into drone microcontrollers. This three-step in-depth activity is designed to teach you about the vulnerabilities and security of autonomous systems. Using sample drones, participants will learn techniques used in government pen tests. This workshop is suitable for all skill levels, from beginners to advanced hackers. Come and test your skills in a real-world scenario and understand the intricacies of drone security.

ASV - Sunday - 10:00-12:59 PDT

Dive into our interactive choose-your-own-adventure web interface and learn how to hack a drone in a fun, storyboard-based game. This graphical user interface simulates the process we use when hacking drones for the Air Force, allowing participants to make decisions and see the outcomes. It's a beginner-friendly activity that anyone can enjoy, offering insight into the steps involved in drone penetration testing.

MISC - Sunday - 10:00-12:59 PDT

We will have several dumb terminals available for all sorts of things courtesy of SCAVHUNT!

MISC - Sunday - 10:00-11:59 PDT

Keyboard Corner hosts typing challenges that test the speed and accuracy of attendees' typing skills on various keyboards. Participants can compete for high scores and bragging rights in a friendly and competitive setting. This activity adds an element of fun and excitement to the conference while highlighting the importance of efficient typing in cybersecurity.

CON - Sunday - 10:00-12:59 PDT

Embedded systems are everywhere in our daily lives, from the smart devices in our homes to the systems that control critical infrastructure. These systems exist at the intersection of hardware and software, built to accomplish a specific task. However, unlike general-purpose computers, embedded systems are typically designed for a particular case of use and have limited resources. This makes them both challenging and fascinating to work with, especially from a security perspective. Often these disciplines are dealt with individually, but understanding the custom relationships between hardware and software is vital to performing security research on these devices.

The embedded device CTF contest is an exciting opportunity to explore the intricacies of these systems and test your skills in a competitive environment. Contestants are challenged to find vulnerabilities in the firmware or hardware and exploit them to gain access or control over the device. The contest offers a unique opportunity to explore embedded devices' inner workings and understand their design's security implications.

New devices will be dramatically introduced at set intervals throughout the competition, and point values will decrease over time. This keeps contestants guessing and on their toes, forcing them to adapt and use their skills to tackle new challenges. It also offers a chance to learn about different types of devices and how they function, broadening participants' knowledge and experience.

By participating in the contest, contestants can develop a deep understanding of how these systems operate and how to secure them against potential attacks. Additionally, the contest encourages participants to think outside the box and approach problems creatively, honing their problem-solving skills. The competition provides a valuable opportunity to network with like-minded individuals and a chance to learn from others in the field hands-on.

Overall, the embedded device CTF contest is an exciting and educational experience that showcases the unique challenges and rewards of working with embedded devices. With the rise of the Internet of Things and the increasing integration of technology in our daily lives, embedded devices are becoming more ubiquitous, making this contest relevant and worth checking out. Whether you're a seasoned security professional or just starting in the field, the contest offers a chance to learn, test your skills, and have fun in a dynamic and competitive environment.

This is the main event at Embedded Systems Village. Come and show off your skills at hacking our collection of vulnerable embedded devices and find flags to score points! New this year we have a 101 track where each team will have their own set of emulated devices, as well as embedded challenges from the MITRE eCTF and some boss-level embedded challenges from Toyota Tsusho Systems US!

ESV - Sunday - 10:00-12:59 PDT

Hack your first embedded system! Sit down at our provided laptops and be guided through exploiting an IP camera, then learn how you can set up the emulated camera (and other devices) at home with Ludus!

XRV - Sunday - 10:00-10:30 PDT

We are surrounded by invisible radio frequency signals created by human technology like radio, cellular, and satellite. Traditionally, we see these signals through spectrum analyzers. However, the capabilities of existing analysis tools are being outpaced by the rapid modernization of wireless networks and topologies like 5G, IoT, Bluetooth, LoRa, etc. RF is inherently multidimensional, but conventional analyzers display signals in 2D slices, limiting real-world applicability to highly technical users. Emerging technology that combines Augmented Reality displays and AI/ML algorithms is capable of spatializing RF data into its natural 3D location for easier understanding and communication.

This talk will provide an overview of the evolution of RF visualization tools from flat interfaces to immersive ones that can be used to discover and map RF signals and networks. The audience will gain a broad understanding of the emergence of immersive interfaces and how they can be applied successfully to spatial data visualization. We will walk participants through challenges with the design and development process, theory behind decisions, and usability issues to overcome in actual deployments. Resulting best practices will be shared openly. Finally, the audience will learn about future applications of these tools and forecasted innovations as the underlying technology matures.

Suzanne studied psychology at University of Missouri, Kansas City and previously worked as Lead UX/Product Designer for over 9 years at companies such as Remine (raised $48M) and CREXi (raised $54M) where she specialized in designing intuitive, high-performant data analytic interfaces. In 2019, Suzanne founded BadVR and was awarded a “Rising Stars” innovation award from IEEE. To date, she’s raised over $4M in non-dilutive funding for BadVR, via grants from the National Science Foundation, NOAA, Magic Leap, Qualcomm, and more. Suzanne has grown the company from 2 to 25 people and was awarded 4 patents for innovations she created while leading the BadVR team.

Over the past 5 years, Suzanne emerged as a thought-leader in the immersive data visualization and analytics space. She has been a keynote speaker at over 25 national and international conferences. In her spare time, Suzanne travels for inspiration (81 countries and counting) and is proud to be a published author and former punk. Suzanne thrives at the intersection of product design, immersive technology, and data; she’s a believer in the artistry of technology and the technicality of art and remains passionately dedicated to democratizing access to data through universally accessible products.

Jad Meouchy, CTO + Co-Founder, BadVR, Inc. Jad, originally from northern Virginia, holds dual B.S. degrees in Computer Engineering and Psychology from Virginia Tech, and is a graduate of the Thomas Jefferson High School for Science and Technology. While in college, he engineered and built the data visualization components of an emergency response simulation that went on to receive 2M in public grant funding. Over his 15-year career, Jad has founded five startups and successfully exited three. His professional expertise is in software architecture and development, specifically big data analytics and visualization, and virtual and augmented reality development. Based in Los Angeles since 2010, Jad promotes the community by organizing developer meetups and events, and volunteering time for STEM initiatives.

BICV - Sunday - 13:00-13:59 PDT

The nation is facing a shortage of approximately 500,000 good paying jobs in cyber.The problem is only going to continue to grow as the world becomes more digitized. This is a threat to our national security. The White House Office of the National Cyber Director (ONCD) is ensuring that as we build the cyber workforce the nation needs, we are reaching out to every community. Diversity is an essential element of the national cyber workforce. National Cyber Director (NCD) Harry Coker Jr., and his predecessor Kemba Walden, have both been leading our work to build the nations cyber workforce, one that is reflective of nation and its needs.

Ayan Islam, a Somali native, is a key member of the ONCD team who handles workforce outreach to the African American Community, HBCU’s and many diverse audiences the nation desperately needs to assist with our national security. During this session, she will recount her experience, extensive background and her work with senior leaders. She will focus on ONCD’s work to expand pathways for individuals from backgrounds that are currently underrepresented in the Federal and national cyber workforce, including African Americans, to launch good-paying, meaningful careers in the cyber workforce.

ADV - Sunday - 11:00-11:30 PDT

We live in an era where voice verification is increasingly adopted in security protocols. The potential for abuse through voice cloning technology presents a significant and growing threat to cybersecurity. This talk dives into the alarming capabilities of deep learning to create highly convincing voice clones. Using my own voice as a case study, I will demonstrate a recorded simulation where the cloned voice successfully bypasses several major institutions’ voice verification systems. This presentation will outline the tools and techniques leveraged for voice cloning, discuss the pressing risks involved, and explore strategic countermeasures for red teams. The aim is to equip offensive security researchers with a nuanced understanding of voice cloning technology, emphasizing its implications for threat emulation and defensive strategy formulation. Attendees will gain insight into adversary tactics using publicly available voice samples for simulating voice-based attacks, providing a clear perspective on preparing defenses against such AI-driven threats.

I am a cybersecurity professional and researcher with a robust academic background in computer science and cybersecurity from graduate school. As the head of the Hack the Box Boston Meetup and DEFCON 508, I lead efforts to cultivate a strong community of cybersecurity enthusiasts in Massachusetts. In addition to my community leadership roles, I founded and currently manage NeurodiverseHackers.com. This platform is dedicated to supporting cybersecurity practitioners in navigating their careers while managing neurodiversity and mental health challenges. Neurodiverse Hackers emphasizes inclusivity and resilience in the fast-evolving security landscape.

BICV - Sunday - 12:30-12:59 PDT

The presentation aims to discuss the existing biases in AI-assisted news reporting. It explores how AI has been integrated into news media over the years and the implications of its use, particularly in terms of misinformation and disinformation. The goal is to spark a discussion on the role of AI in news propagation and its impact on public perception and truth. Starting with a historical overview, this presentation highlights how AI has been used by outlets like Narrative Science, the Associated Press, and the Washington Post to automate news content. The talk emphasizes the distinction between misinformation and disinformation and discusses how AI can amplify existing biases if trained on biased data. The presentation also covers the shift in news consumption towards digital platforms, the rapid spread of misinformation, and the importance of diverse media sources to prevent echo chambers.

Sydney Johns is an Artificial Intelligence Researcher at the Johns Hopkins Human Language Technology Center of Excellence. She was previously a Computer Engineer in the Army C5ISR Research and Technology Integration Directorate and has worked for the JHU Applied Physics Laboratory and Northrop Grumman. ⁠

CPV - Sunday - 10:30-11:30 PDT

There are many famous codes and ciphers still waiting to be solved, such as the encrypted Voynich manuscript and Edward Elgar's Dorabella cipher. All hold a special fascination. In this talk, prepare to be entertained and informed by Elonka Dunin and Klaus Schmeh, as we briefly discuss the encryption on Kryptos, the mysterious sculpture at the center of CIA Headquarters; NKrypt, an encrypted sculpture in Australia; an encrypted engraving on an early 20th century German silver cigarette case; details about the message attached to the leg of a WWII carrier pigeon that was found in an English chimney; an encrypted postcard by the owner of UK's Luton soccer team; and the intriguing encrypted messages created by the mysterious Henry Debosnys while awaiting his murder trial in New York in the late 1800s.

Elonka Dunin is a crypto expert and co-leader of a group that is working to crack the final cipher on the Kryptos sculpture at CIA Headquarters. She maintains a website of the World’s most famous unsolved codes, and bestselling author Dan Brown named his character “Nola Kaye”, a scrambled form of “Elonka”, in his novel The Lost Symbol, after her.

Elonka was a member of the Board of Directors for the National Cryptologic Museum Foundation, and General Manager and Executive Producer at Simutronics, making award-winning online and mobile games.

In 2006, Elonka published The Mammoth Book of Secret Codes and Cryptograms, and with Klaus she co-wrote the book Codebreaking: A Practical Guide, with editions in 2020 and 2023.

Klaus Schmeh has written 15 books (mostly in German) about cryptography, as well as over 250 articles, 25 scientific papers, and 1500 blog posts. Klaus’s main fields of interest are codebreaking and the history of encryption.

Klaus is a popular speaker, known for his entertaining presentation style involving self-drawn cartoons, self-composed songs, and Lego models. He has lectured at hundreds of conferences, including the NSA Crypto History Symposium, DEF CON, and the RSA Conference.

In his day job, Klaus works as a crypto expert for the global IT security company Eviden.

QTV - Sunday - 11:00-11:59 PDT

Due to its wide usage, the FIDO2 protocol – also known as Passkeys – is a key example (pun intended) of a protocol that urgently needs to be migrated to post-quantum cryptographic algorithms (PQ or PQC) to be secure against the looming quantum threat. In this presentation we explain our work over the last two years towards maintaining secure passwordless authentication in the quantum era.

We discuss: is FIDO2 ‘quantum-ready’? Which of the used cryptographic algorithms need to be replaced and with what? What is the (quantum) threat model? And do we ‘just’ need quantum-secure instead of classical algorithms or should we instead use a combination of classical and PQ (a.k.a. hybrid) algorithms? Can the PQ migration be backwards compatible? If yes, would this introduce the possibility of down-grading attacks? And last but not least, is PQ FIDO2 feasible on current hardware?

After discussing these, we present the first end-to-end post-quantum secure implementation of the FIDO2 protocol which we have recently open-sourced and benchmarked. The aim of our E2E OSS is to provide a complete implementation that allows PQ registration and authentication in all protocol operations, to enable developers to experiment and test the viability of PQ cryptography in current hardware devices providing FIDO2 authentication.

Nina is a staff researcher at SandboxAQ specialized in quantum-secure algorithms and protocols, including how to ensure a smooth PQ migration of the latter. Her research has recently been focused on the FIDO2 protocol both from a theoretical as well as from a more practical aspect. Her list of publications, presentations, blog posts and a stop-motion video about batch signatures can be found at ninabindel.de.

James is a Staff Research Scientist in the Quantum Security Group’s PQC Team. He works on the research and development of post-quantum cryptography and addresses issues in integrating PQC into the real-world. He is a co-author of the SDitH signature scheme candidate which is a part of the NIST PQC process for additional signature schemes. His research interests range from optimizing designs in software and hardware, side-channel analysis and countermeasures, protocol design, and more.

IOTV - Sunday - 12:30-12:59 PDT

From January to May 2024, a team of student researchers at Brigham Young University looked for 0days in a consumer-grade home router made by Vilo Living. By April 2024, they had found 9 zero days, 6 of which were critical. This presentation covers the process they went through from initial reconnaissance to hardware hacking to finding buffer overflows to reporting the bugs to the organization. Outline: Initial recon - OSINT on the company, previous vulnerabilities released (none), and black-box interactions with network services on the LAN Hardware hacking - identifying chips on the board, connecting to the UART interface, deciphering boot up info, dumping the flash memory (didn’t work), and observing reads/writes by the CPU to flash memory to obtain the firmware Cloud enumeration - discovering the AWS S3 buckets and IoT infrastructure, tracing cloud interactions (authenticating to the router remotely, retrieving MQTT certificates, etc.) Firmware enumeration - kernel + libc version, arch, how to emulate binaries on an x86 machine, compiling code to run on the router, what binary does what, etc. Vulnerability discovery - finishing reversing custom TCP protocol for mobile app->router interactions, searching for stack overflows, lack of authentication, command injection (and accidentally bricking 3 routers), info leaks, reviewing the 9 vulnerabilities we discovered, weaponizing and chaining some of the vulnerabilities, etc. Vendor disclosure - difficulty contacting the vendor in May 2024 with vulnerability details (they were almost dead), how the disclosure process went, filing for CVEs in June, publishing vuln details in August Conclusion - how stupid easy it is to hack IoT devices, how IoT vendors treat security issues, where future research can focus

I'm Ava Petersen, a student at Brigham Young University pursuing an undergraduate degree in cybersecurity. I am extremely passionate about my field of study, and I love the fast-paced and creative aspect of the field which keeps me on my feet and encourages thinking outside the box to solve (or find) problems. Whether through my competitions, research, or work, I am always being challenged in new and exciting ways. You’ll find me everywhere in the cybersecurity competition space under the handle “deltabluejay” and on the BYU Cyberia team.

Justin Mott is a grad student at BYU researching IoT security and adversary emulation. He graduated with a Bachelor's in Cybersecurity at BYU in 2023. His hobbies include CTFs, TCGs and spending time with his family.

IOTV - Sunday - 10:00-12:59 PDT

In this interactive exercise, you'll learn how to talk to chips on a board via SPI, extract a firmware image, and analyze it to find vulnerabilities. Take your hardware hacking skills to the next level

PSV - Sunday - 11:30-11:59 PDT

Cybersecurity red teams have myriad ways of practicing their skills - from CTFs to certifications - but how do you train for physical red teaming? This talk will focus on leveling up your body - add new abilities to climb, sneak, jump, and become an unstoppable ninja while performing physical penetration tests. We’ll talk about which abilities you need, and how we train ourselves (and our staff) for performing at our peak for physical engagements. This will be complemented by plenty of war stories and lessons learned in the field for what abilities are most worth leveling up in, and comparisons between red teaming before and after our weight loss. We’ll then discuss different exercises and habits that the audience can start doing as soon as in your hotel room to improve your lives and your ability to break into buildings!

Bill Graydon is a principal at GGR Security, where he hacks everything from locks and alarms to critical infrastructure; this has given him some very fine-tuned skills for breaking stuff. He’s passionate about advancing the security field through research, teaching numerous courses, giving talks, and running the Physical Security Village at various cons. He’s received various degrees in computer engineering, security, and forensics and comes from a broad background of work experience in physical and cyber security, anti-money laundering, and infectious disease detection.

Lucas currently researches covert communications at Royal Military College, and is a red teamer at GGR Security. Formerly a software engineer for a satellite internet company (not Elon’s) and a signaller in the military. Lucas has written code for several Low Earth Orbit satellites whizzing above your head in space, and for OpenSource projects. When not procrastinating thesis writing, he can often be found with an SDR trying to bypass some security system or other. Lucas also speaks Esperanto.

APV - Sunday - 10:00-12:59 PDT

AppSec Village is proud to present our DEF CON Contest in partnership with SecDim.

Unlike a typical CTF, this contest rewards the players who fix security vulnerabilities. You can choose between secure coding challenges or competing against other players in an Attack & Defence AppSec challenge, where you need to secure your app before being given a chance to hack other players’ apps 😈.

You can also develop your own AppSec challenge by following challenge contribution guidelines. All approved challenges will be hosted during AppSec Village @ DEF CON.

There are two categories of winners: - The player with the highest total points by the end of the event (August 11 at 12:00 PM PDT) - The best-contributed challenge submission

The Award Ceremony will be held at 12:45 PM PDT in the AppSec Village on August 11.

Harley Wilson is a software engineer (intern) at SecDim, a secure coding wargame platform. With a background as a Police Officer for nine years, Harley is now channelling his expertise into the field of software development. He is pursuing a Bachelor of Computing (Software Engineering) at Curtin University, with an anticipated graduation in 2024.

PHV - Sunday - 10:00-13:59 PDT

No description provided by creator

PLV - Sunday - 11:00-11:45 PDT

This combination presentation and panel discussion will surface the policy and technical challenges associated with securing civil aviation, bringing together perspectives from government, industry, and aviation cybersecurity companies.

Given the continued growth in civil aviation and impending regulation in the United States of America and Europe, this talk will describe the key technical challenges and the resulting policy challenges that should be addressed to keep civil aviation secure.

Michael Weigand is a defense tech founder and aviation nerd. Previously, the co-founder and Chief Growth Officer of Shift5, a company he started to build cybersecurity tools to enhance the survivability of planes, trains, and tanks, he is now an Entrepreneur in Residence at Squadra Ventures, a venture capital firm with a strong cyber and national security focus. Michael previously served in the US Army as a founding member of the Army cyber branch and helped stand up the first expeditionary and capability development units. Michael's life-long passion for aviation and hacking eventually led him into the fascinating world of domestic and international policy, regulation, and standards development, where he advocates for safer operational technology practices.

Stuart Wagner, former Chief Digital Transformation Officer for the Department of the Air Force, led significant policy-driven innovations from 2021-2024, advancing digital transformation across the U.S. Air Force and U.S. Space Force. He orchestrated BRAVO, the largest DoD hackathon series, producing over 200 software and hardware prototypes to support global warfighters. Wagner's policy expertise includes telemetry, data unification, NLP, and security classification. His career highlights include building and managing a 50+ engineer team at the DoD to develop Advana, an analytics platform, and initiating Gamechanger, an open-source NLP and search platform. Holding degrees from the University of Michigan, the London School of Economics, and the University of Pennsylvania, Wagner is also an active angel investor and serves on a charitable foundation board.

ICSV - Sunday - 13:30-13:55 PDT

Many problems in our networks are simple problems that boil down to forgotten fundamentals. Kevin reviews the communication models and demonstrates a simple password capture.

Kevin is a Professor Emeritus from Northampton Community College in Bethlehem, PA. He holds a CISSP, CCNA, Cisco CyberOps Certification and is a certified Cisco Networking Academy Instructor. He is skilled in Business Planning, Cisco Routing and Switching, Advanced Routing Technologies, International Business, Business Process Improvement, Network Design, Network and Business Consulting, and System Security and Administration. He is an educational professional with a Master of Business Administration (MBA) focused on Finance and International Economics from LaSalle University. He was the Primary Investigator for the Wall Street West Dept. of Labor grant at NCC. He has held workshops on topics including basic networking, wireless fundamentals, information security, time management, and leadership development.

SOC - Sunday - 12:00-12:59 PDT

We know DEF CON and Vegas can be a lot. If you're a friend of Bill W who's looking for a meeting or just a place to collect yourself, DEF CON 32 has you covered. Join us throughout the conference in the Friends of Bill W Community Space in room 301. Meetings will be Thursday, Friday, Saturday: 12:00-13:00, 17:00-18:00 Sunday 12:00-13:00

RTV - Sunday - 10:00-10:50 PDT

In this workshop, the basic concepts of pivoting will be introduced, and a hands-on experience will be provided in a realistic testing environment. Participants will learn to utilize effective tools and techniques to move from one network to another within an organization's infrastructure. Additionally, attendees will have the opportunity to set up their own Docker laboratory to perform pivoting practices in an emulated environment.

AIxCC - Sunday - 11:30-12:15 PDT

Fireside Chat on the importance of open-sourcing solutions and how AIxCC's approach can have a far-reaching, positive impact David A. Wheeler, Director of Open Source Supply Chain Security, Open Source Security Foundation (OpenSSF) Jeff Diecks, Technical Project Manager - AIxCC, Open Source Security Foundation (Open SSF) Chris Aniszczyk, CTO, Cloud Native Computing Foundation (CNCF)

"Dr. David A. Wheeler is an expert on open source software (OSS) and on developing secure software. His works on developing secure software include ""Secure Programming HOWTO"", the Open Source Security Foundation (OpenSSF) Secure Software Development Fundamentals Courses, and ""Fully Countering Trusting Trust through Diverse Double-Compiling (DDC)"". He also helped develop the 2009 U.S. Department of Defense (DoD) policy on OSS. Other works of his include ""Software Inspection: An Industry Best Practice"" and ""Ada 95: The Lovelace Tutorial"".

David A. Wheeler is the Director of Open Source Supply Chain Security at the Linux Foundation and teaches a graduate course in developing secure software at George Mason University (GMU). Dr. Wheeler has a PhD in Information Technology, a Master's in Computer Science, a certificate in Information Security, a certificate in Software Engineering, and a B.S. in Electronics Engineering, all from George Mason University (GMU). He is a Certified Information Systems Security Professional (CISSP) and a Senior Member of the Institute of Electrical and Electronics Engineers (IEEE)."

Jeff Diecks has more than two decades of experience in technology and communications with a diverse background in operations, project management and executive leadership. A participant in open source since 1999, he’s delivered digital products and applications for dozens of universities, six professional sports leagues, state governments, global media companies, non-profits, and corporate clients.

Jeff spent 14 years in the digital agency space, scaling a team to more than 90 people and leading it through a successful acquisition and exits of the co-founders. Prior to agency work, he managed operations teams at Turner Broadcasting and produced the web site for Major League Soccer in its early years (when FTP’ing flat HTML files was a thing).

Jeff and his wife live in Alpharetta, GA, and are parents of a current sophomore at SCAD Atlanta.

Chris Aniszczyk is an open source technologist with a passion for building a better world through open collaboration. He's currently a CTO at the Linux Foundation focused on developer experience and running the Cloud Native Computing Foundation (CNCF). Furthermore, he's a Partner at Capital Factory where he focuses on mentoring, advising and investing in open source and infrastructure focused startups. In a previous life, he created Twitter/X's open source program and led their open source efforts. He also served for many years on the Eclipse Foundation's Board of Directors representing the committer community and the Java Community Process (JCP) Executive Committee.

RTV - Sunday - 10:00-10:50 PDT

Do you think AWS Admin is the end game? Let's dive deeper into cloud native lateral movement and how Identity Providers has become the biggest C2 that has ever existed.

MISC - Sunday - 10:00-10:59 PDT

Welcome to the inaugural GameHacking.GG @ DEF CON 32, where gaming and cybersecurity intersect in exciting and interactive ways. Our mission is to delve into various aspects of game security, fostering an environment of exploration, play, and learning. The DEFCON32 event is constructed to make game security accessible and playable at all skill levels.

At the Game Hacking DEF CON 32 event, participants can engage in activities ranging from modding games to exploring the intricacies of memory hacking and multiplayer cheats. In future iterations of the event we hope to expand to learning about game malware and maybe even some hardware hacks. Whether you're a beginner or an experienced hacker, we will have presentations and activities to challenge your skills.

Be part of the evolution of game security. Dive into our activities, engage with other game hackers, and explore opportunities to contribute to and support the Game Hacking Community. Let’s play, learn, exploit, and perhaps even profit.

MISC - Sunday - 12:00-12:59 PDT

AIV - Sunday - 12:00-12:59 PDT

We’re going over the results of the GRT and giving out some awards for our favorite reports. We want to hear from you about how it went and what you liked.

CON - Sunday - 10:00-17:59 PDT

Love puzzles? Need a place to exercise your classical and modern cryptography skills? This puzzle can keep you intrigued and busy throughout DEF CON - and questioning how deep the layers of cryptography go.

The Gold Bug is an annual puzzle hunt at DEF CON, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto.

The Gold Bug is accessible to all, with some simpler puzzles for warmup or beginners (even kids!), and some that will require you to dig a little deeper. Whether you want to hack on puzzles solo or with a team, join us at https://goldbug.cryptovillage.org to get started!

CON - Sunday - 10:00-11:59 PDT

Love puzzles? Need a place to exercise your classical and modern cryptography skills? This puzzle can keep you intrigued and busy throughout DEF CON - and questioning how deep the layers of cryptography go.

The Gold Bug is an annual puzzle hunt at DEF CON, focused on cryptography. You can learn about Caesar ciphers, brush up your understanding of how Enigma machines or key exchanges work, and try to crack harder modern crypto.

The Gold Bug is accessible to all, with some simpler puzzles for warmup or beginners (even kids!), and some that will require you to dig a little deeper. Whether you want to hack on puzzles solo or with a team, join us at https://goldbug.cryptovillage.org to get started!

APV - Sunday - 11:00-11:30 PDT

In this talk, we delve deep into the increasingly interconnected world of electronic vehicles (EVs), photovoltaic (PV) solar systems, and the broader power grid infrastructure—a nexus that is becoming a fertile ground for potential large-scale cyber disruptions. As we navigate through this complex interplay of technology and infrastructure, we will uncover the critical vulnerabilities lurking within the API connections that bind these systems together. Our exploration will not only highlight these weaknesses but will also demonstrate, through real-world scenarios and potential attack vectors, how they can be exploited to launch sophisticated cyber-attacks, emphasizing the urgent need for robust security frameworks and proactive cybersecurity measures to safeguard our collective future. The advent of PV inverters and EV charging systems has been marred by the industry's "rush to market" mentality, leading to overlooked security considerations.

Vangelis began as a developer from Greece. Six years ago he realized that only his dog didn’t have an API, so he decided to steer his focus towards security.

That led him to pursue a PhD in Web Application Security with an extra focus on machine learning. He’s still actively pursuing it.

He currently applies his skills as a Chief Technology Officer at Atropos, and during his free time, Vangelis is helping start-ups secure themselves on the internet and get a leg up in security terms.

His love of a simplistic approach to hacking by exploiting vulnerable APIs led him to publish research regarding API controlling ships, smart locks, IP cameras, car alarms, EV chargers, and many other IoT devices. Since our lives are nowadays extremely cyber-dependent, his goal is to convince all companies to never neglect their API security as rush-to-market mentality is almost certain to lead to catastrophic security failure.

CON - Sunday - 10:00-12:59 PDT

Hybrid Contest On-site Hours: Friday and Saturday 10:00-18:00; Sunday: 10:00-12:00 Becomes available online Thursday 12:00 Online and In-Person platforms will close Sunday 12:00 Players will only be able to turn in scavenger hunt items during On-site Hours.

This Pac-Man themed set of challenges takes Players on a journey through learning and demonstrating hacker and information security skills to earn points. With multiple subject-matter specific challenge groups and tracks, this hacker challenge game has something for everyone. You, dear Player, are Hac-Man (or Ms. Hac-Man, or Hac-Person), making your way through various dark mazes eating pellets, fruit, and ghosts. Each ghost represents a hacker puzzle or skills challenge. Upon completing each challenge, you’ll be awarded points and can continue on to attempt further challenges. Many challenges have unlockable hints and location information, which you can unlock by spending your collected fruit.

There is a leaderboard! As you collect points, you’ll show up on this leaderboard. The top 10 Players at the end of the game will be awarded various prizes from a prize pool.

IOTV - Sunday - 10:00-12:59 PDT

With Google Cast Miracast or AirPlay smart TVs now have plenty of ways to get your favorite content on screen. But while the latest show is playing there is a complex system running underneath that is ripe for hacking. Bitdefender invites you to solve a few challenges that will get you diving into the inner workings of a smart TV.

ASV - Sunday - 10:00-12:59 PDT

Want to know what happened to the Hack-A-Sat digital twins? We're bringing back our satellites and ground stations so you can see what it was like to be a team operating during finals!

Establish uplink using a ground station. Send commands to the satellite, observe effects and telemetry. 3D Cesium visualization of satellite in orbit and ground station locations. Grafana dashboards for sim data, etc. OpenC3 satellite operator interface for C2

ASV - Sunday - 10:00-12:59 PDT

Enjoy some space math nostalgia with challenges from the past four years of Hack-A-Sat quals! Challenges require skills in astrodynamics, satellite operations, digital signal processing, reverse engineering, exploitation, and more! If you missed the last Hack-A-Sat qualifiers or just want to try again, now is your chance!

10 challenges are available with a mix of difficulty. These will be available throughout all of DEF CON so work on them anywhere (even your hotel room). No team required and no scoreboard...so no pressure!

Challenge developers will be available for hints/clues on the conference floor but may not be able to help with every challenge.

CON - Sunday - 10:00-12:59 PDT

We would like to see cancer become a thing of the past, and you can help. How? Join the Hacker Cooling Contraption Challenge, brought to you by the TeleChallenge. Here's how it works:

1. Accept our Challenge. If you accept the Challenge, you're also committing to nominate three people to join you.
2. Take a video of yourself dumping a bucket of ice water over your head in combination with a Contraption of your construction to lower your temperature and raise awareness of cancer. Trust us, it's way easier to do this during the summer in Vegas than at Halifax Analytica headquarters in the winter.
3. Post the audio to the TeleChallenge voice BBS challenging up to three others using their phone number, or post a video to https://defcon.social or your social media of choice using the hashtag #HackerCoolingContraption and the following:
   • Your handle
   • Who challenged you
   • A statement of acceptance ("I agree that I am responsible for my own hacker cooling actions, I understand that water is wet, and I promise not to sue the TeleChallenge or DEF CON" or something to that effect)
   • The handles of 3 people you are nominating
   • A link to a nonprofit cancer research project or charity of your choice that you have chosen to support
   • A mention of your contribution (including cash, cryptocurrency, volunteer hours, or computing resources), if any

Suggested: Make a contribution of your choice to support cancer research. You may want to check nonprofit and charity quality here: https://www.charitynavigator.org/

RULES

1. You can use up to 4 items obtained either from the TeleChallenge booth or at a dollar store costing no more than $5 plus tax, plus duct tape, along with a single one-gallon bucket or container full of conventional ice and water (solely H2O!) to build your Contraption.
2. Only hand tools may be used.
3. No hackers may be harmed in the execution of the Challenge. Contraption may cool to no colder than -3 degrees Celcius.
4. You may wear no less than a bathing suit (due to dress code requirements at pools).
5. Contraptions will be judged only for full participants of the Challenge, meaning you have made three nominations and at least two nominees have also participated.
6. Judging criteria: Efficacy, creativity, flair, hax.

RTV - Sunday - 10:00-10:50 PDT

People often talk about red teaming as hacking people or systems, but no one really talks about hacking processes. Company processes are oftentimes some of the most critical business functions that a threat actor could go after, but there is no framework or attack chain lifecycle equivalent for red teaming processes. In this talk, we’ll be talking about how Fortune 500 red teamers simulate adversaries and attack processes, and how you can use our new framework, the Redteaming Process Framework: RTPF, to do the same.

HRV - Sunday - 10:00-13:30 PDT

Ham radio is the original group of electronic hackers, starting long before computers, circuit chips, or even transistors. Continuing this pioneer spirit, The Ham Radio Village is offering free ham radio exams again at DEF CON! All are welcome to come and take the exam and get their amateur radio license upon passing. All three levels (technician, general, and amateur extra) of exams will be offered during DEF CON at the Ham Radio Village. Examinees are encouraged to study the question pool and take practice exams on ham.study.

Everything we do today involves wireless communications of some sort, and a basic knowledge of how radio works is crucial. Getting your amateur radio license and entering the world of amateur radio will better equip you with knowledge about what goes on in the radio frequency domain, and this can be applied to other RF topics (like RFID credentials, WiFi, or anything else that communicated wirelessly)

CON - Sunday - 10:00-12:59 PDT

This contest is simple, and is designed to teach you the basics of transmitter direction finding and “fox hunting”. We offer multiple levels of difficulty – whether you’ve never done a fox hunt before or are a seasoned pro, you can participate in the hunt! Learning how to locate the source of radio signals is an important tool you can add to your hacker arsenal. Whether you’re hunting for a source of interference, a rogue wireless AP, or tracking down the FCC’s monitoring vans, the real-world skills you will gain from this contest will be invaluable.

To participate in the beginner IR foxhunt you will need a device that can receive IR light in the 900nm range – such as many cell phones and digital cameras!

To participate in the RF foxhunt(s) you will need a radio or a scanner that can receive signals in the 2m and/or 70cm Amateur Radio Bands (144.000 MHz - 146.000 MHz, 420.000 MHZ - 450.000 MHz)

PSV - Sunday - 11:30-11:59 PDT

Biometrics applied to PACS (Physical Access Control Systems) has been an hot-topic for a few years now. The spread of fingerprint or face recognition based access control and time attendance systems among corporate, industrial and military environments has surged. And with it, also the number of potential attack vectors has increased. In this talk, after a brief overview of the state of art of available PACS utilizing biometrics to authenticate and authorize users, we will investigate one technology among others (usually perceived less-invasive) that has been widely used in some specific fields (e.g. industrial plants, airports, food industry, etc.): the handpunch access control and time attendance systems. The handpunch PACS are based on the hand-geometry recognition. In this presentation we will have a look how this tech works and, in particular, we will focus our attention on reviewing some of existing handpunch devices: from a physical security POV until reversing the communication protocol. Moreover, during the presentation will be demonstrated how to remotely push a new super-admin user into it (i.e. persistent backdoor), how to dump existing users credentials and will be also released an opensource tool-suite: HandScan & HandPwner. Eventually, thanks the cooperation with Shodan’s creator, it has been confirmed that more than 1800 of these vulnerable devices were found exposed on the Internet. Finally, we will conclude the talk with practical and actionable countermeasures to prevent these attacks and how to harden these devices.

ADV - Sunday - 10:00-11:59 PDT

This area will feature guided breach simulation exercises for participants to engage with. There will be two activities, "Breach-the-Hospital" and "Breach-the-Office," based on two LEGO sets. A simulated cyber range will be available for each scenario, providing an exact replica of an enterprise production environment. We will provide a detailed walkthrough of the attack scenarios, including Tools-Techniques-and-Procedures (TTPs) commands and how-to guides, demonstrating how to atatck and breach the hospital's infrastructure or the office environment. This exercise will give participants a clear understanding of how adversaries infiltrate corporate environments.

IOTV - Sunday - 10:00-12:59 PDT

Rapid7 is back with more hands-on hardware hacking exercises. This year we will be guiding attendees through several exercises gaining root access for control and extraction of firmware and file system data. From TFTP kernel images over the network to single user mode access via modification of U-Boot. These exercises will guide you through the process of importing a kernel image over the network and executing it in memory for root access, along with understanding embedded device flash memory layout and how to transfer firmware images over the network for offline testing.  Also, we will walk through placing the IoT device in single user mode for root access and then rebuild the structure and needed drivers to bring the IoT embedded system out of single user mode for full access.

MISC - Sunday - 10:00-12:59 PDT

Ever see someone walking around DEF CON and wonder “what is up with the hard hats?”

The Hard Hat Brigade brings hackers together in the spirit of endless curiosity and tinkering. We use a common platform (hats) to combine art (bling) and hacker functionality (warez) to inspire others to explore outside of their comfort zones in a safe and welcoming community.

We encourage everyone to explore their creativity using art, electronics, mechanical design, or any other medium that piques their interest. Hats are inexpensive, widely available, and easy to modify to suit your needs. We started with hard hats but are not limited to any type of hat, so you have the freedom to choose whatever hat suits your fancy.

Despite everyone using a common platform, every creation is unique and embodies the personality of the creator. Walking around DEF CON, you can display your creation for all to see, and many will stop to ask you about what you have created. This allows you to talk about your experience, as well as inspire others to explore new ideas of their own.

One of the challenges at hacker summer camp has been finding people to connect with. By leveraging hard hats as a canvas, HHB has solved this challenge with something that is incredibly accessible while also offering a ton of variety. Gazing upon these creations, they reflect back the uniqueness of all the awesome hackers that we’ve been able to meet. In years past, we’ve had the opportunity to see how so many talented and creative hackers tackle the challenge of using the venerable hard hat as their muse. Just as fun, charming and skilled as so many attendees are, the hard hat has been a great vessel to carry their awesome projects.

Stop by our community space and make your trip memorable by trying on a hat, learning and sharing building techniques, networking with other hat loving hackers, and expressing yourself in your own hacker way. Keep on hacking!

MISC - Sunday - 12:00-12:59 PDT

Join us for our annual group photo and voting session for the "People's Choice Award". Even though we don't have a contest, as a community we can still choose a favorite hat. We have to take the picture at 12:05 sharp so be there!

MISC - Sunday - 10:00-12:59 PDT

IOTV - Sunday - 10:00-12:59 PDT

How to get started, two steps

Download the GE Appliances SmartHQ App “SmartHQ” available on the Google Play and iOS Stores to your mobile phone
Create your GE Appliances Account to commission the appliance, connecting the appliance to your account. The app will walk you through this step.

Router Name SSID: HackAway Router Name Password: With GEA

In-Scope: Only communications between the appliance, GE Appliances SmartHQ App, and the cloud connection for the appliance

Please leave your contact information and we will be in touch! Or you may visit our security webpage by typing “GEAppliances.com/security” into your Internet browser. We have a call center and PSIRT team ready to hear your questions!

ESV - Sunday - 10:00-12:59 PDT

Curious about hacking chips using fault-injection? Take your first steps in our (free) glitching workshops! We provide you with hardware & guidance to conduct your first fault-injection attacks, all you need is a laptop running Python & OpenOCD: Reproduce the nRF52 "AirTag" glitch or learn how to glitch one of the chips used in crypto-wallets to store millions of dollars.

We will also have a secret challenge announced on site!

Lab provided by hextree.io

CON - Sunday - 10:00-12:59 PDT

This event was born out of the desire to teach an often-overlooked hardware and networking skill, and to provide the opportunity for experienced people to mentor others as they learn. DEF CON provides the perfect environment for people with no prior training to learn something useful and new. Hardwired networks are often overlooked in today’s world of cellular connection and Wi-Fi, but they still play an important part in the backbone of information sharing. We believe that while cutting-edge technologies are thrilling, traditional skills-building still has its place, and we want to provide that opportunity to the DEF CON community.

Don't know how to make a network cable and want to learn? Has it been years? Or do you think you're a pro? Come see if you can... make the best cable at con by cut/wire/crimp.

HDA - Sunday - 10:00-14:59 PDT

DEF CON has made HDA a community, and we now have a community room! This room will be dedicated to the attendees with ADA needs, their friends, helpers, and anyone who wants to hang out and be social! So far we plan on providing charging stations, chill out sessions, an open call for a modular synth jam session, and more to come! Let's all work together to make DEFCON Awesomely Accessible!

(Please note that on Thursday, we will be open only to provide assistance to those in need. Regular community programming will begin on Friday.)

Hang out, chill out deck out your mobility device and more!

MISC - Sunday - 10:00-12:59 PDT

To celebrate DEF CON 32, the Hardware Hacking Village (HHV) is hosting a Rube Goldberg Machine (RGM) Event! This idea has been kicking around the HHV volunteer circle in one shape or another since at least DEF CON 20, so it’s about time that it happened! The goal is to create a series of devices that combine to form an end-to-end Rube Goldberg machine for transmitting messages. The hope is that all sorts of creative devices will be connected up to each other to move bits through various complicated and fun analog/digital methods. Ideas have ranged from simply wiring RX to TX — to using radios to bounce the message off the moon!

ASV - Sunday - 10:00-10:59 PDT

Bringing cyber focused space science to schools can be challenging given school restrictions, firewalls, and expense of equipment. This presentation will go over multiple space-centric outreach activities for youth of all ages. From talking to astronauts aboard the International Space Station (ISS) to listening to satellites in the classroom. These various programs are bound to capture the imagination. Some of the projects to be discussed are the Amateur Radio on the International Space Station (ARISS) program, Slow-Scan Television (SSTV) images from the ISS, AMSat CubeSat Simulators, and setting up a RTL-SDR to capture information from satellites in the classroom. There are a variety of ways to start a countdown to space science careers in youth and these projects can help you connect with the imagination of youth near you.

RC, a cybersecurity researcher focusing on the cybersecurity of space systems. She is currently a PhD student in Aerospace Sciences and holds an Amateur Radio Extra class License. Additionally she supports the Amateur Radio on the International Space Station (ARISS) Education committee and frequently facilitates “Teach the Teacher” workshops for K-12 educators and Youth Outreach leads.

CON - Sunday - 10:00-12:59 PDT

A powerful corporation, notorious for its unethical practices, leveraged their extensive data resources gathered from users, and their psychological profiles, to subdue the population into compliance. The immune few, realizing the extent of the corporate conspiracy, band together to expose and dismantle the corporation's grip on society. These individuals must navigate a dangerous world of surveillance and betrayal. Their mission is to ignite a global awakening and reclaim freedom from corporate domination.

Players will have to join the mission and participate in a CTF that would be beneficial for beginners and experienced players alike. The challenge categories will be Web, Cryptography, Forensics, PWN(binary exploitation) and Reverse Engineering. Various difficulty challenges from each category will be featured.

MISC - Sunday - 08:00-15:59 PDT

Our human registration process this year will be very similar to previous years. Please be patient. All of the times listed here are approximate.

Basics

Who needs a badge?

A badge is required for each human age 8 and older.

Human?

You are a human if you do not know otherwise. People that are not humans include goons, official speaker, village/community/contest/creator staff, press, black badge holders, or similar. If you are not a human, you need to register separately. If you don't know how, see an NFO goon (NFO Node, formerly known as an infobooth, is where you can get help). The remainder of this message applies only to humans.

Lines? Linecon?

Linecon is your optional opportunity to stand (or sit) in line for human registration to open. Doors will open for linecon on Wednesday at approximately 17:00. When human registration opens on Thursday at approximately 08:00, they start working the linecon queue, and the line will start moving quickly. (Please understand that we will begin processing the line on Thursday morning as soon as the cashiers and materials are in place; we will strive for Thursday 08:00, but actual start may be slightly earlier or later.)

Online badge purchase (aka pre-registration) has no impact on linecon. You can join the line on Wednesday (if you wish) regardless of whether you purchased a badge online or intend to pay with cash. There is only one linecon for both types of badge sales.

Please help us make this a great experience for everyone by following directions given by goons. After human registration opens, there may be one line for all of registration, or there may be two lines (one for online sales (pre-registration) and one for cash sales). This may also change over time, based on available staffing and necessary crowd control. We will strive to make it easily understandable in-person as to which line you should join.

Ways to buy a badge

• $480 online purchase until August 1, 2024. Tickets are transferable. Please read the details on the linked page.
• $460 cash purchase on-site.
• As part of a BlackHat registration.

Online Purchase

You will be emailed a QR code to the email address provided when you bought your badge. Please guard that QR code as though it is cash -- it can only be redeemed once, and anyone can redeem it if they have it (including a photo of it). Badges are picked-up on-site -- they will not be mailed or shipped.

We can scan the QR code either from your phone's display or from a printed copy. You must have the QR code with you in order to obtain your badge. As you approach the front of the line, if you are going to show your QR code on an electronic device, please ensure that your display is set to maximum brightness.

If you pre-registered, but ultimately are unable to attend DEF CON and want to cancel your purchase, the only way to get a refund is from the original online source. We are unable to provide any refunds on-site at DEF CON. There is a fee to have your badge canceled: $34 until July 15, and $84 on and after July 15.

Online purchases are provided a receipt via email when the purchase is made.

Online purchase -- often referred to as pre-registration -- does not allow you to skip any line/queue to pick up your badge. Once you arrive on-site, you will need to join the existing line for human registration. There may or may not be a dedicated line for pre-registration badge pickup, depending on when you arrive, how long the line is, available staff, etc.

Cash Purchase

Badges will be available for purchase on-site at DEF CON. All badge sales are cash only. No checks, money orders, credit cards, etc., will be accepted. In order to keep the registration line moving as quickly as possible, please have exact change ready as you near the front of the line.

There are no refunds given for cash sales. If you have any doubt about your desire to buy a badge, please refrain from doing so.

We are unable to provide printed receipts at the time of the sale. A generic receipt for the cash sale of a badge will be made available on media.defcon.org after the conference. You are welcome to print your own copy of the receipt on plain paper.

Via BlackHat

If you attend BlackHat, it is possible to purchase a DEF CON badge with your BlackHat registration. If you did so, please get your DEF CON badge from BlackHat before they close.

BlackHat should send you an email with instructions for how to obtain your DEF CON badge. In case you missed it, you can go to the second floor, at the concierge desk, halfway down Black Hat Blvd.

Misc

Want to buy multiple badges? No problem! We're happy to sell you however many badges you want to pay for.

If you lose your badge, there is unfortunately no way for us to replace it. You'll have to buy a replacement at full price. Please don't lose your badge. :(

If you are being accompanied by a full-time caretaker (such as someone who will push your wheelchair, and will accompany you at all times), please ask to speak to a Registration Goon. Your caretaker will receive a paper badge that will permit them to accompany you everywhere you go.

Still need help?

If you have questions about anything regarding human registration that are not addressed here, please ask to speak to a Registration Goon.

CON - Sunday - 10:00-12:59 PDT

The ICS Village CTF offers hands-on experiences with industrial control systems, which bridge technology with physics. Attendees engage with industry experts while solving challenges like a red vs blue manufacturing network process coupled with OT-specific jeopardy-stye challenges. This contest highlights vulnerabilities in industrial equipment and OT protocols. By simulating attacks on critical infrastructure, participants develop and practice DEFCON-level skills, enhancing their understanding with critical infrastructure and the world we rely on.

RTV - Sunday - 10:00-10:50 PDT

and other cases :)

DC - Sunday - 13:30-14:15 PDT

Machine learning (ML) pipelines are vulnerable to model backdoors that compromise the integrity of the underlying system. Although many backdoor attacks limit the attack surface to the model, ML models are not standalone objects. Instead, they are artifacts built using a wide range of tools and embedded into pipelines with many interacting components.

In this talk, we introduce incubated ML exploits in which attackers inject model backdoors into ML pipelines using input-handling bugs in ML tools. Using a language-theoretic security (LangSec) framework, we systematically exploited ML model serialization bugs in popular tools to construct backdoors. In the process, we developed malicious artifacts such as polyglot and ambiguous files using ML model files. We also contributed to Fickling, a pickle security tool tailored for ML use cases. Finally, we formulated a set of guidelines for security researchers and ML practitioners. By chaining system security issues and model vulnerabilities, incubated ML exploits emerge as a new class of exploits that highlight the importance of a holistic approach to ML security.

1. link
2. link
3. link
4. link
5. link
6. link
7. link
8. link
9. link
10. link
11. link

Suha Sabi Hussain is a security engineer on the machine learning assurance team at Trail of Bits. She has worked on projects such as the Hugging Face Safetensors security audit and Fickling. She received her BS in Computer Science from Georgia Tech where she also conducted research at the Institute for Information Security and Privacy. She previously worked at the NYU Center for Cybersecurity and Vengo Labs. She’s also a member of the Hack Manhattan makerspace, a practitioner of Brazilian Jiu-Jitsu, and an appreciator of NYC restaurants.

IOTV - Sunday - 10:00-12:59 PDT

Learn the trade secrets of elite embedded security researchers and exploit developers. This hands-on workshop equips you with the QEMU and GDB skills needed to emulate and debug embedded system processes.

Friday, August 9th / Saturday, August 10th

10:00 am - QEMU Primer
11:00 am - QEMU Emulation
2:00 pm - Debugging with QEMU and GDB
3:00 pm - Q&A for Workshops

IOTV - Sunday - 12:00-13:30 PDT

Want to create a cute, squishy, Wi-Fi controllable LED cat lamp? In this workshop, we'll create a cute cat lamp featuring programmable IoT LED's, giving it custom light animations and Wi-Fi control! Your adorable cat lamp can be controlled over Wi-Fi with WLED, allowing you to control it with home automation software. You will create open source, Wi-Fi controlled LED art; learn basic soldering; and take home the remote-controlled Pusheen lamp of your dreams.

IOTV - Sunday - 10:00-12:59 PDT

CON - Sunday - 10:00-12:59 PDT

The IoT village pi eating contest is a challenge where participants put their hardwear hacking experience to the test by going head to head with other hackers. Participants will be provided all the tooling necessary to get a root shell on an IoT device. Whoever roots the device in the shortest time wins.

In this brand new challenge, participants put their hardware hacking experience to the test by going head to head with other hackers. Participants will be provided all the tooling necessary to get a root shell on an IoT device. Whoever roots the device in the shortest time wins!

IOTV - Sunday - 10:00-12:59 PDT

The IoT Village Hacking Playground is a set of hands-on labs developed to teach the tools and techniques for discovering and exploiting some of the common weaknesses found in IoT devices in just a few minutes. Work at your own pace following our IoT Hacking guides and if you get stuck, our instructors are on hand to provide assistance and answer any questions.

MISC - Sunday - 13:00-13:59 PDT

A convergência entre segurança física e cibernética ainda é pouco explorada em nossa região, muitas vezes devido à dificuldade de acesso a ferramentas específicas. Esta apresentação explora esse conceito e sua importância, ilustrando com casos reais de incidentes que exploraram sistemas de segurança física, detalhando como ocorreram e seus impactos.

Apresentaremos os fundamentos dos sistemas de controle de acesso, abordando arquitetura básica, protocolos de comunicação e tecnologias de credenciais. Em seguida, demonstraremos técnicas práticas de exploração:

• Exploração da interface Wiegand: Mostraremos como explorar essa interface antiga e vulnerável, utilizando a versão DIY do BLE-Key, acessível e econômica.
• Exploração de credenciais vulneráveis: Como iClass Legacy, PROX e MiFare Classic, usando ferramentas como ProxMark3 e Flipper Zero.
• Exploração de credenciais "seguras": Demonstrando ataques de downgrade em credenciais HID Seos com Flipper Zero e um leitor HID Multiclass SE, usando um app desenvolvido por mim como alternativa econômica ao Seader.

Meu nome é Ueric Melo, sou Privacy & Security Awareness Manager na Genetec. Atuo ha 27 anos na área de Tecnologia da Informação, e na área de segurança (física e da informação) há mais de 22 anos. Sou formado em processamento de dados e possuo extensão em compliance digital. Já palestrei em diversos eventos no Brasil e America Latinha, a maioria deles focados em profissionais de segurança física e TI.

IOTV - Sunday - 10:00-12:59 PDT

Defeat the Keysight CTF challenge for a chance to win a Riscuberry IoT hacking training kit with Riscure Academy online training. See one of the Keysight staff for details. LIGHT THE BEACONS and show us the flag!

CLV - Sunday - 10:35-11:10 PDT

In this talk we will explore vulnerabilities in Amazon Web Services (AWS) products which allowed us to gain access to cloud environments.

Traditionally, adversaries have abused misconfigurations and leaked credentials to gain access to AWS workloads. Things like exposed long-lived access keys and exploiting the privileges of virtual machines have allowed adversaries to breach cloud resources. However, these mistakes are on the customer side of the shared responsibility model. In this session, we will cover vulnerabilities in AWS services that have been fixed and that previously allowed us to access cloud resources.

We will start with an exploration of how Identity and Access Management (IAM) roles establish trust with AWS services. Covering how roles associated with Amazon Cognito and GitHub Actions could be misconfigured to allow anyone in the world to access them. From here, we’ll cover a vulnerability we found in AWS Amplify which exposed IAM roles associated with the service to takeover, allowing anyone the ability to assume these roles.

Finally, we will also look at a worst-case scenario: what happens when an attacker finds a confused deputy vulnerability and is able to assume roles in other accounts? Sounds far-fetched? We’ll cover a real world example of a vulnerability we found in AWS AppSync that lets us do just that. We’ll also discuss how security practitioners can secure their environments, even against a zero-day like this one.

Join us to learn how attackers search for and exploit vulnerabilities in AWS services to gain access to cloud environments.

Nick Frichette is a Staff Security Researcher at Datadog, where he specializes in offensive AWS security. He is known for finding multiple zero-day vulnerabilities in AWS services and regularly publishing on new attack techniques. In addition to his research, Nick is the creator and primary contributor to Hacking the Cloud, an open source encyclopedia of offensive security capabilities for cloud environments. He is also a part of the AWS Community Builder Program, where he develops content on AWS security.

ADV - Sunday - 11:30-11:59 PDT

So your organization decided to follow the trend and switched to Kubernetes for hosting their applications. And this means that the mission for the SOC, has now changed from monitoring servers and networks, to building detective capability for a container orchestration platform. Where do you even start with for Kubernetes TTPs? What attack signatures should you alert upon, and what logs are there to look for in first place?

A similar challenge arises for the offensive security practitioner: What strategies exist for performing continuous Kubernetes threat emulation? Infrastructure technologies have changed rapidly, and adversaries have adapted. Despite the novelty of attack surface, insider threats still remain relevant, and prevention alone is not enough to manage the risk posed to the modern enterprise.

This talk will explain the benefits of investing in a proactive approach to the security of your Kubernetes clusters through collaborative purple teams, and will provide a comprehensive guide for doing so – as informed by our latest research and experience in running attack simulations against large enterprises. Attendees will get up to speed with Kubernetes security monitoring concepts and will take away key advice for planning and executing successful attack detection exercises against containerized environments.

Leo is a Senior Security Consultant at WithSecure where he leads the Attack Path Mapping service. His current role involves planning and conducting collaborative offensive security assessments for large organizations, while building the team globally and pushing the boundaries of threat simulation.

After a brief stint on the defensive side, he returned to consulting with a mission to help SOC teams of all sizes develop their detective capability. To this end, he has been designing and leading purple team exercises for WithSecure’s clients.

His passion for technical research has occasionally led to the discovery of vulnerabilities in products which were assigned CVE IDs and presented at security conferences like ROOTCON and BSides. In his free time, Leo volunteers his skills and experience to help NGOs across the world address their cyber security needs.

APV - Sunday - 10:45-12:59 PDT

Kubernetes is the de facto operating system of the cloud, more organizations are running their workloads on Kubernetes. While Kubernetes offers many benefits, new users may introduce security risks like cluster misconfiguration, leaked credentials, cryptojacking, container escapes, and vulnerable clusters.

This workshop will teach you the fundamentals of Kubernetes security, from protecting your cluster to securing your workloads. You'll learn about RBAC, OPA, Security Contexts, Network Policies, and other security features. You'll also learn how to exploit workloads running on a Kubernetes environment using Living Off the Land (LotL) techniques like exploiting Insecure APIs, Secrets Theft, Container Escape and Pod Privilege Escalation, similar to the ones used by real-world threat actors.

This workshop is designed for both beginners and advanced students. By the end of the workshop, you'll have a deep understanding of Kubernetes security and the skills to protect your K8S clusters.

Lenin Alevski is a Full Stack Engineer and generalist with a lot of passion for Information Security. Currently working as a Security Engineer at Google. Lenin specializes in building and maintaining Distributed Systems, Application Security and Cloud Security in general. Lenin loves to play CTFs, contributing to open-source and writing about security and privacy on his personal blog https://www.alevsk.com.

DDV - Sunday - 10:00-10:59 PDT

This is your last chance to pickup your drives whether they're finished or not. Get here between 10:00am and 11:00am on Sunday as any drives left behind are considered donations.

MISC - Sunday - 10:00-12:59 PDT

Lonely Hackers Club is conducting some meshtastic activities during DEF CON 32.

The Lonely Hackers Club is hosting a CTF over Meshtastic. To participate you will need a Meshtastic node. There will be additional flags located in or near the LHC room. For more information check out our Meshtastic page.

Getting Started

Learn more here.

Default LongFast Mesh + LHC Channel, Use before DEF CON

Tap here to reconfigure your device

DEFCONnect ShortFast Mesh + LHC Channel, Use during DEF CON

Tap here to reconfigure your device

MISC - Sunday - 10:00-11:59 PDT

The Unofficial Sticker Swap is a casual and engaging activity where attendees can trade and collect unique stickers. This event fosters a sense of community and allows participants to showcase their creativity and personal style.

PHV - Sunday - 10:00-13:59 PDT

Knowing how to use the Linux command line is a critical skill for any good security practitioner. This trainer will have 10+ problems covering some of the most fundamental Linux commands. This trainer is for people new to field and for those who want to hone their Linux command line-fu.

IOTV - Sunday - 10:00-12:59 PDT

Join Drew Green, John Rodriguez, and Ken Pyle for a deep dive into identifying vulnerabilities in network devices. Explore and exploit weaknesses in a wireless mesh network and learn how advanced threats view your infrastructure.

LPV - Sunday - 10:00-12:59 PDT

Want to tinker with locks and tools the likes of which you've only seen in movies featuring secret agents, daring heists, or covert entry teams?

Then come on by the Lockpick Village, run by The Open Organization Of Lockpickers, where you will have the opportunity to learn hands-on how the fundamental hardware of physical security operates and how it can be compromised.

The Lockpick Village is a physical security demonstration and participation area. Visitors can learn about the vulnerabilities of various locking devices, techniques used to exploit these vulnerabilities, and practice on locks of various levels of difficultly to try it themselves.

Experts will be on hand to demonstrate and plenty of trial locks, pick tools, and other devices will be available for you to handle. By exploring the faults and flaws in many popular lock designs, you can not only learn about the fun hobby of sport-picking, but also gain a much stronger knowledge about the best methods and practices for protecting your own property.

A popular spot for new lock pickers! Highly recommended you stop by. The Lockpick Village is always kid friendly and welcomes folks of all ages. We do require that the parents stay with the kids.

MISC - Sunday - 10:00-12:59 PDT

CON - Sunday - 10:00-12:59 PDT

You have been randomly selected for additional security training. Be on the look out for one of our drives, USBs or surprise devices out here in Vegas, and follow along on @LonelyHardDrive for further clues to start hacking away at the puzzles. This is required for all LonelyCorp employees and Betty Pagefile is counting on you!

CON - Sunday - 10:00-12:59 PDT

How far will you go? Or, more accurately, how far was your tag's last reported location? Pre-register your team to receive one of a dozen tags, and check out our socials (@LonelyHardDrive) to watch the tags move across the map!

MISC - Sunday - 08:00-14:59 PDT

If you find something that seems to have been lost, please take that item to the nearest NFO Node. The item will enter the DEF CON Lost & Found system.

If you've lost something, the only way to check on it (or reclaim it) is by going to the Lost & Found department yourself. The Lost & Found department is in room LVCC - L2 - W238. You may also call Lost & Found at +1 (725) 377-5045.

The Lost & Found department plans to be open Thursday - Saturday, during all hours that the conference operates. On Sunday, the Lost & Found department will open with the venue at 08:00, but will close at the beginning of DEF CON 32 Closing Ceremonies (15:00). Shortly thereafter, all remaining lost items will be transferred to the LVCC West Lobby Security Office. If you need to reach LVCC's West Lobby Security Office, you may call +1 (702) 943-3532.

BBV - Sunday - 11:00-12:30 PDT

In today's dynamic web application ecosystem, there exists numerous data manipulation processes to sanitize, translate and manipulate data for use by applications, for storage in back-end systems or sent to clients in web browsers. These same processes, however, can also be leveraged by bug hunters to obfuscate attack payloads from intermediary security systems such as web application firewalls (WAFs). In this workshop we will discuss several abuse scenarios including Edge-Side Includes (ESI), XSS Sanitizers and Unicode Normalizations.

Pre-Requisites: Hands-on labs will be hosted on YesWeHack’s free DOJO platform (https://dojo-yeswehack.com/). Participants are encouraged to sign up for an account in advance and will use their own laptops for labs.

Ryan Barnett is a Principal Security Researcher working on the Akamai Threat Research Team supporting the App and API Protector product. In addition to his primary work at Akamai, he is also a former Faculty Member for the SANS Institute, a WASC Board Member and OWASP Project Leader for: ModSecurity Core Rule Set (CRS) Web Hacking Incident Database (WHID). Mr. Barnett has also authored two web security books: Preventing Web Attacks with Apache (Pearson) and The Web Application Defender's Cookbook: Battling Hackers and Defending Users (Wiley).

Isabella Barnett is a Software Engineering Intern at Databuoy and a rising freshman at George Mason Honor's College studying Cyber Security Engineering.

CON - Sunday - 10:00-12:59 PDT

In MARC I (Malware Analysis Report Competition I), participants collect and analyze real malware, then write an analysis report like a story, covering the entire scope of who, what, when, where, why, and how they found and analyzed the malware.

MARC I was created by Lena Yu (aka LambdaMamba) to provide malware enthusiasts with an opportunity to learn and showcase their passion and skills. Mastering malware analysis means mastering language. Essentially, we take a highly technical concept and simplify it into something that many can understand, similar to how a compiler translates high-level language into low-level language that a wide range of systems can understand.

When participants open-source and publish their work, it greatly contributes to improving the field of cyber defense. Let's make malware analysis knowledge go viral!

BOMBE: Battle of Malware Bypass and EDR

Try to capture malware by writing your own EDR, or become the malware to bypass detection! BOMBE (Battle of Malware Bypass and EDR) is a unique match where malware and EDR systems compete against each other inside a single VM boxing ring.

Our participants can choose if they want to be malware creator or EDR developer. Malware creators aim to exfiltrate credentials and transmit them to our designated server. On the other side, EDR developers will focus on detecting the malware's activities and report its findings. Both the malware and EDR, created by our participants, will battle each other directly inside a single VM. As they face off, they’ll earn points for wins, moving up on the leaderboard. We also encourage them to keep improving their malware or EDR systems, system logs will be released after a few rounds.

BOMBE was created by Wei-Chieh Chao (aka oalieno) and Tien-Chih Lin (aka Dange). It is not just a competition, it's a learning platform. Participants engage with real-world scenarios, learning the circumstances between malware and EDR, a never-ending bypass and detect game. Showcase your skills! Whether you're a wizard at weaving undetectable malware or a mastermind in sophisticated defenses, this is your stage. Demonstrate your capabilities to a global audience, including potential employers and industry leaders.

AIV - Sunday - 11:00-11:30 PDT

For the past few months, I’ve been seeing how far I can push several commercially available GenAI systems past their ethical boundaries. … hint: it’s way too far.

In this talk, I’ll demonstrate how I was able to turn LLMs into a powerful backend for realtime, interactive voice enabled cyber scams. I’ll share my prompting strategy, social engineering tactics, the backend systems used, and show how each of these are working innocently in their own right, but enable massive possibilities for deception and harm when combined (in their current form). I’ll also cover a few key insights gained from this research, including unexpected lessons from both successful and unsuccessful attempts.

Note: this session includes demos of a violent and profane chatbot. Please do not attend if that will be offensive to you.

PHV - Sunday - 10:00-13:59 PDT

The Network-OS workshop will take you into the mysterious world which underpins modern computing and allows people to talk across the globe. This of course being the network itself. In this workshop you will familiarize yourself with the command line of network devices. Step by step, you will configure devices to talk to each other, share information about the computers connected to them, and relay their network information and traffic between each other. No experience needed, know how to type and copy/paste.

CON - Sunday - 10:00-12:59 PDT

Get ready to dive into the excitement of the third annual Octopus Game at DEF CON! Octopus Game is your chance to connect with fellow attendees while exploring all the fun and fascinating aspects of DEF CON. Whether you're new to DEF CON, a beginner at code-breaking, or simply seeking a stress-free contest, this is the perfect opportunity for you. Test your skills in clue reading and code-breaking as you join in on the fun!

You and your fellow pirates will embark on an exhilarating journey, armed with clues that unveil the path to the lost treasure of a legendary pirate, now guarded by the mighty Kraken. These quests will guide you through the vibrant landscape of the Con, offering a glimpse into the myriad opportunities and experiences awaiting exploration. Designed to welcome newcomers to the hacking world, this contest fosters connections among attendees and contributors alike. Whether you choose to collaborate with a small group or brave the challenge solo, the decision is yours. Yet, amidst the excitement, remember that only one can emerge victorious. With challenges tailored for entry-level participants and a kid-friendly environment, come join us for a thrilling adventure into the depths of the Kraken's Conundrum.

MISC - Sunday - 10:00-12:59 PDT

Open Events - All Days

AIxCC - Artificial Intelligence Cyber Challenge

Experience a dynamic model city with illuminated buildings and projections that bring to life the Semifinals of the AI Cyber Challenge (AIxCC) - a two-year competition to safeguard the software critical to modern life. You'll experience the thrill of the game events and the critical stakes of cybersecurity in an immersive setting that also offers an inspiring educational journey.

Social Engineering Village - SE Youth Challenge

The Social Engineering Community needs your help and it’s not exactly a big deal, but without your help, the entire universe is going to implode. Fortunately, some creative beings designed a failsafe just for this specific purpose, the Def Con Social Engineering Youth Challenge at DEF CON 32!

Adversary Village - Table top adventure

Tabletop adversary adventure!

Biohacking Village - Learn about bio-technology and biohacking!

Hands on medical device hacking and village tour

Ham Radio Vilage - Find the Fox, Decode a SSTV broadcast, get your Ham Radio License!

Fox Hunt!: Try to find the fox radio transmitter. SSTV: Send an SSTV broadcast and see it decoded by someone else Ham Radio Exam: Get your ham radio license at DEF CON!

Crypto Privacy Village - Gold Bug Puzzle

An invitation to a house party at the home of the Mysterious Marquise. What does it mean that it’s for those with “an adventurous spirit and enjoyment of puzzles”? And how can the doorknocker reveal anything? Find out in the Junior Cryptographer’s Corner of the CPV Gold Bug Puzzle.

Data Duplication Village - Multiple: HDD Teardown, Decryption Challenge, Error detection and correction

• HDD Teardown: Take apart and see how hard drives work.
• Decryption Challenge: Learn how file encryption / decryption works and solve a challenge.
• Error Detection and Correction: Use a simple binary code system, errors are introduced in the data string. Teaching basic parity checking or checksum algorithms to identify and correct the errors, demonstrating a fundamental data integrity concept.

Hardware Hacking Village - Open Soldering lessons

The folks at the Hardware Hacking Village can teach you soldering! Bring your soldering kits and learn this valuable hacker and life skill.

Friday, Saturday 13:00 - 16:00

Car Hacking Village Scavenger Hunt

The Car Hacking Village (CHV) put together a wonderland of fun for kids of all ages to explore. Stop by at our CHV Kids Booth during our hours of operation and dive into the rabbit hole of car hacking with our team. As you explore the CHV Village, you will not only learn about car hacking, but will also get to collect fun swag at every stop. Join us on this adventure through the car hacking wonderland and let your scavenger hunt begin.

DC - Sunday - 11:30-12:15 PDT

Physical security is often overlooked in many organizational threat models. An increasing amount of physical security devices with smart components are being introduced to the market with widespread adoption. This creates an enticing attack surface for physical red teams.

Lockers and cabinets equipped with electronic smart locks can be found in many places such as offices, factories, hospitals, labs, and gyms. With remote and hybrid work increasing in popularity, shared use office setups becoming the default. Co-working spaces in offices are now commonplace with lockers being installed for employee device storage. People generally trust that their belongings will be secure in these lockers and entrust the locks with sensitive information, like their personal PIN.

Is there a more stealthy way to get into lockers that don't involve using a crowbar?

In this talk we will analyze the vulnerabilities affecting locks manufactured by the "global leader in keyless lock solutions," Digilock and Schulte-Schlagbaum AG (SAG). Both companies have been in the physical security industry for many decades. What went wrong in the development of these devices and how can these vulnerabilities be fixed? We will also discuss several other vendors operating in this space and compare findings.

We will demonstrate practical physical and side-channel attacks targeting locks that accept a standard PIN and RFID. Learn why it is poor practice to reuse the same secret PIN for lockers and safes and devices such as mobile phones and laptops (especially if they are stored inside the lockers).

Dennis Giese is a researcher with the focus on the security and privacy of IoT devices. While being interested in physical security and lockpicking, he enjoys applied research and reverse engineering malware and all kinds of devices. His most known projects are the documentation and hacking of various vacuum robots. He calls himself a "robot collector" and his current vacuum robot army consists of over 60 different models from various vendors. He talked about his research at the Chaos Communication Congress, REcon BRX, NULLCON, and DEFCON.

Braelynn is a security consultant at Leviathan Security Group where she conducts security assessments of products for startups, Fortune 500 companies, and everything in between. She enjoys partaking in CTFs and researching the security anything that piques her curiosity. She has previously presented this research at conferences such as Chaos Communication Congress.

PHV - Sunday - 10:00-13:59 PDT

Looking to upgrade your skills or see how you would fare in Capture The Packet? Come check out what Packet Detective has to offer! A step up in difficulty from Packet Inspector, Packet Detective will put your network hunting abilities to the test with real-world scenarios at the intermediate level. Take the next step in your journey towards network mastery in a friendly environment still focused on learning and take another step closer to preparing yourself for the competitive environment of Capture The Packet

PHV - Sunday - 10:00-13:59 PDT

The perfect introduction to network analysis, sniffing, and forensics. Do you want to understand the techniques people use to tap into a network, steal passwords and listen to conversations? Packet Inspector is the place to develop these skills! For well over a decade, the Wall of Sheep has shown people how important it is to use end-to-end encryption to keep sensitive information like passwords private. Using a license of the world famous Capture The Packet engine from Aries Security, we have created a unique way to teach hands-on skills in a controlled real-time environment.

PHV - Sunday - 10:00-13:59 PDT

Follow real world password attack steps against a mock target in order to better understand how to protect yourself and improve the security of your passwords!

IOTV - Sunday - 10:00-12:59 PDT

Intuit R3DC0N's Phisherman's Wharf will lead beginners looking to learn how phishing campaigns are managed. This short introductory lab will give you hands on experience creating a phish test campaign from a cached email and web site using GoPhish, leverage email lists, and observe the responses when the victims interact with the phish emails in MailHog.

Accompanied by our expert guide, witness live hacking demonstrations showcasing the alarming simplicity behind breaching and controlling banned xIoT devices. Embrace the excitement. Join us at the Lab and let the hacking games begin!

AIV - Sunday - 10:00-10:59 PDT

The possibility of an altered photo revising history in a convincing way highlights a salient threat of imaging technology. After all, seeing is believing. Or is it? The examples history has preserved make it clear that the observer is more often than not meant to understand that something has changed. Surprisingly, the objectives of photographic manipulation have remained largely the same since the camera first appeared in the 19th century. The old battleworn techniques have simply evolved to keep pace with technological developments. In this talk, we will learn about the history of photographic manipulation, from the invention of the camera to the advent of generative AI. Importantly, we will consider the reception of photo editing and its relationship to the notion of reality, which is more significant than the technologies themselves. Surprisingly, we will discover that creative myth making has found a new medium to embed itself in. This talk is based on Walter Scheirer’s recent book A History of Fake Things on the Internet (Stanford University Press 2023).

CON - Sunday - 10:00-12:59 PDT

The contest will be hosted on the Publicly Switched Telephone Network and will be live for access 24/7, with real world PSTN phone numbers to dial into.

The Hacked Existence team will be hosting a telecom based CTF. The CTF will be hosted on live VoIP lines routed through a modified asterisk PBX. This will allow participants to dial in to the CTF from a real world telephone routable phone number allowing them to hunt the PBX for flags. The flags will be based around utilizing historically accurate tactics, techniques, and procedures to manipulate emulated old school switching systems.

The purpose of our contest is to bring awareness around the still existing weaknesses in our telecom infrastructure and Interactive Voice Response Systems. Ideally visitors to our contest area will participate in the CTF allowing them to get a better understanding of telecom hacking in the year 2024 as well as a respect for the art of phreaking from yesteryears.

QTV - Sunday - 10:00-10:59 PDT

My name is Erez Abrams and I'm currently a physics and math undergraduate student at MIT with four years' experience in research on the mechanism underlying controlled quantum systems. Prior to burying myself in the ungodly mess that is quantum field theory, I often lectured at or ran cybersecurity, math, and physics teams/clubs for high schoolers and undergraduates, and I was an avid player of CTFs. Nowadays, I mostly sit in a dark room ruminating over a whiteboard full of Feynman diagrams in the hopes of understanding something or other about how the universe functions, but I still passionately love to teach and am very excited to share my knowledge with the wonderful attendees of DEF CON 32's Quantum Village!

PSV - Sunday - 11:00-11:30 PDT

Open source intelligence may sound like something you’ve never done, but even something as simple as finding your old friends on social media overlaps with skills required for the job. Learn about what OSINT is, how to start an investigation, and resources used by experts to collect the maximum amount of data on a facility before ever visiting the site.

Lukas recently graduated from Marist College, majoring in cybersecurity; and will be continuing his education at Boston University toward a Masters of Criminal Justice in Cybercrime Investigation & Cybersecurity and Crime Analysis. In his free time, he competes in CTFs and rock climbs from time to time.

PSV - Sunday - 10:00-12:59 PDT

The Physical Security Village explores the world of hardware bypasses and techniques generally outside of the realm of cyber-security and lockpicking. Come learn some of these bypasses, how to fix them, and have the opportunity to try them out for yourself.

We’ll be covering the basics, like the under-the-door-tool and latch slipping attacks, as well as an in depth look at more complicated bypasses. Learn about elevator hacking, attacking alarm systems at the sensor and communication line, and cut-away and display models of common hardware to show how it works on the inside.

Looking for a challenge? Show us you can use lock bypass to escape from a pair of standard handcuffs in under 30 seconds and receive a prize!

CON - Sunday - 10:00-12:59 PDT

Achieving a high score may sound simple but pinball rulesets are very complex and the skill to complete a “Wizard Mode” or achieve a high score requires research, practice, knowledge and execution. Out of the box thinking, analytical skills and pattern recognition are traits that pinball players must exhibit to be successful and some games have rule sets that can be studied and exploited to achieve a high score. Hackers are at an advantage here and while this is just a pinball contest, I expect that the community is ready for this challenge.

Stern Pinball has prepared an exclusive DEF CON 32 digital badge that will be available for any attendee to earn for playing in this event. Additional DEF CON specific Insider Connect badges may be unlocked during game play.

Pinball developers have a long history of including Easter Eggs/COWS in games. Easter eggs “may” also be available for attendees to discover during the conference. Undocumented Easter eggs found by players during the event will be documented, verified and recognized.

XRV - Sunday - 10:00-11:59 PDT

Play VR the gear comes out for a casual, hands on demo area to explore the metaverse in VR with games & expoloration in Meta Quest VR and Meta Raybans MR

QTV - Sunday - 12:00-12:59 PDT

CPV - Sunday - 10:00-10:30 PDT

As our social lives are highly intertwined with our online lives, people share a lot of information and create pictures and content that needs to be secured. In this talk I cover obscenity laws, revenge porn (nonconsensual distribution of intimate images), stalking, catfishing and sextortion and how people can prevent information being leaked as well as how to recover from it.

ET is a cybersecurity professional who cares about digital privacy. They have helped people who have been affected by revenge pornography and help them put together a plan of action. I like to volunteer, I help with BSides Orlando, DEATHCon and DC407.

ASV - Sunday - 10:00-12:59 PDT

Role play what would happen (or not happen) should a plane be maliciously targeted, or (like most) try and land a A320.

PHV - Sunday - 10:00-13:59 PDT

Use machine learning with Python to detect attacks in network packets including DNS tunneling, FTP brute force, and HTTP scanning. We will be using various Python tools such as iPython notebooks, scapy, and scikit-learn. Some Python experience is recommended, but if you don't know Python, come prepared to start with our Python tutorial!

QTV - Sunday - 13:15-14:14 PDT

CON - Sunday - 10:00-12:59 PDT

There’s a new emerging tech in town, and it’s name is Quantum! Following the past two years of Quantum CTF events held at the Quantum Village, we are pleased, proud, and excited to announce that our Q-CTF is indeed returning as Codename; QOLOSSUS! Pit your wits against the Atom, and come and see what devilish challenges from our Quantum Quizmasters await. Come and show your quantum prowess, and mastery of superposition and entanglement - design algorithms to break cryptography, hack our simulated quantum communications, and score points in our IRL activities. |Good Luck!〉

CON - Sunday - 10:00-12:59 PDT

In this game capture the flag you will be presented with real configurations of real wireless and radio technologies to attack. Practice your skill and learn new ones from Radio Frequency IDentification (RFID) through Software Defined Radio (SDR) and up to Bluetooth and WiFi. There may even be Infrared, if you have the eye for it.

RF Hackers Sanctuary is once again holding the Radio Frequency Capture the Flag (RFCTF) at DEF CON 32. RFHS runs this game to teach security concepts and to give people a safe and legal way to practice attacks against new and old wireless technologies.

We cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The RFCTF can be played with a little knowledge, a pen tester’s determination, and $0 to $$$$$ worth of special equipment. Our virtual RFCTF can be played completely remotely without needing any specialized equipment at all, just using your web browser! The key is to read the clues, determine the goal of each challenge, and have fun learning.

This game doesn’t let you sit still either, as there are numerous fox hunts, testing your skill in tracking various signals. If running around the conference looking for WiFi, Bluetooth, or even a Tire Pressure Monitoring System (TPMS) device sounds like fun, we are your source of a higher step count.

There will be clues everywhere, and we will provide periodic updates via discord and twitter. Make sure you pay attention to what’s happening at the RFCTF desk, #rfctf on our discord, on Twitter @rf_ctf, @rfhackers, and the interwebz, etc. If you have a question - ASK! We may or may not answer, at our discretion.

RFV - Sunday - 10:00-12:59 PDT

In addition to the CTF and talks which are elsewhere on the schedule, the RF Village is also a place to hang out and chat with like minded folks who share your interests.

CON - Sunday - 10:00-12:59 PDT

This is going to be an interactive live game that is driven by a near future storyline in which deepfakes and forgeries are so difficult to detect that bad actors and foreign governments are fully engaged in a war over people's minds. At the same time, the world is sitting on the brink of the so-called "singularity," as AI advancements have completely blurred the line between artificial and natural cognition, and the Turing test has been rendered decisively moot.

Teams will join the game and follow the storyline to clues that will give them hints about who they can trust and who they can't. The clues will follow the pattern of deepfakes and forgeries, asking players to figure out what's real and what's not, focusing on hacker and defcon focus areas such as authentication, trust, social engineering, hardware and software manipulation and more. They will be given a rich story that will lead them to research the underlying issues in trust and anonymous trust systems. They will also encounter challenges and tutorials on video and image validation and cryptographically safe messaging.

RTV - Sunday - 11:00-11:50 PDT

This workshop offers a fast-paced and engaging introduction to setting up Red Team Infrastructure, focusing on the practical use of Terraform and Ansible. The session begins with a brief overview of Red Team operations and the critical role of robust infrastructure. It then swiftly moves into the practical aspects, demonstrating the basics of Terraform for deploying cloud infrastructure and Ansible for efficient configuration management. The highlight is a demonstration on integrating these tools to automate key components of Red Team infrastructure, emphasizing their application in real-world scenarios. This workshop is tailored for those eager to quickly grasp the essentials of Red Team infrastructure automation.

CON - Sunday - 10:00-11:59 PDT

The Red Team Capture the Flag (CTF) competition is back at DEFCON! It is a challenging and exciting event that tests the skills of participants in offensive security.

The Red Team CTF is designed to simulate real-world challenges in which attackers are put to the test. Participants are expected to use a wide range of hacking techniques, tools, and skills to identify and exploit vulnerabilities.

Teams are typically composed of experienced hackers, penetration testers, and security researchers who have a deep understanding of the latest cybersecurity threats and attack techniques. They must work together to uncover and exploit vulnerabilities and solve challenges.

The Red Team CTF at DEFCON is considered one of the most challenging and prestigious CTF competitions in the world, with participants coming from all over the globe to compete. It is a high-pressure, high-stakes event that tests the limits of participants' technical and strategic abilities, and offers a unique opportunity to showcase their skills and knowledge in front of a global audience of Hackers.

DC - Sunday - 12:30-13:15 PDT

Modern cars are a complex networks of computers put on four wheels. For security research, it is important to understand the car's internal network and exposed interfaces. But what else could you use this knowledge for? You probably guessed it from the title 🙂. So we developed a tool to turn our research car into a game controller.

In this talk, we present Vehicle-to-Game (V2G), a Python-based project that enables the usage of cars as game controllers. V2G can run either directly on a laptop or turn a Raspberry Pi Zero WH into a Bluetooth gamepad. In addition, V2G can either be used over the OBD2-diagnostic port or by directly accessing the internal CAN-busses of the car.

Our project can be a great starting point if you always wanted to tinker around with your car or want to learn about the CAN bus or diagnostic communication (UDS). To make V2G work with your car, some reverse engineering of CAN messages or diagnostic communication will be required (as well as additional hardware to connect to the CAN bus). Otherwise, if you can get this running, you can be sure that you own a more expensive game controller than your neighbors.

Tools and hardware: 1. General introduction into the CAN-bus and UDS: link 2. Tool for designing PCBs: link 3. Tool for making CAN messages readable: link 4. Hardware for accessing CAN-bus and OBD: link 5. CAN utils: link 6. CAN hat for Raspberry Pi: link

Used libraries: 1. link Many thanks for providing this great library and documentation for utilizing the Raspberry Pi as a Bluetooth device! 2. link 3. link

Misc: 1. Tesla DBC files: link 2. ACSD website: link 3. V2G Repository on GitHub (private until start of DEF CON): link

Timm Lauser received his masters degree in computers science from Karlsruhe Institute of Technology, Germany in 2020. Since then, he is a PhD student at Darmstadt University of Applied Sciences, Germany. There, he is researching in the field of automotive cyber security with a focus on communication protocols and their formal verification in the symbolic model.

Jannis Hamborg received his masters degree in computer science with focus on IT-security from Technical University Darmstadt, Germany in 2023. For his master thesis he researched about resilient and self-recovering reputation based networks. During the time of master he worked as assistant researcher at Darmstadt University of Applied Sciences, Germany on different topics of automotive security research. Since end of 2023, he started his PhD on the design and integration of resilient risk-driven networks with focus on internal automotive networks.

PHV - Sunday - 10:00-13:59 PDT

Regular Expressions or RegEX are used everywhere! If you aspire to be a Pentester, Threat Hunter, Programmer, Network Engineer, DevOps or really anything in technology today, RegEx is a skill all the greats have and the majority of the industry are terrible at. Come learn or brush up on your RegEx skills in on our live trainer.

MISC - Sunday - 10:00-12:59 PDT

Although not scheduled we intend to have people in and out who can do repairs/soldering on older equipment should anything need it. If you have trouble with your vintage tech during con, we will do our best to help!

MISC - Sunday - 10:00-12:59 PDT

If you have never participated in a Robo Sumo event before, welcome to the crowd! There are a number of resources online on this topic. We are lucky enough to have Pololu as a local resource. Their office is a short distance from the strip. They have have robots and parts to make robots. They can ship to your hotel if desired. Put something together and bring it down to show off and shove other bots around.

Please follow the "more info" link if you would like to know more.

IOTV - Sunday - 10:00-12:59 PDT

Hack a (not-so) smart safe and win prizes from TCM Security! Attendees will be guided through a hands-on lab that demonstrates common tools and techniques to unpack and analyze firmware, hunt for files of interest, and reverse engineer binaries and libraries. In addition, you will learn how to trace functionality in IoT devices to their underlying binaries and libraries and further reverse engineer these to hunt for common vulnerabilities. By using these techniques, you will be able to find the vulnerable section of code in the smart safe and craft an exploit that will allow you to access the safe and win the loot inside.

MISC - Sunday - 10:00-10:59 PDT

Want to learn how to stop hackers in their tracks? Come to the Secure From Scratch coding workshop. Learn what you need to know to write secure code from the very first line of code. It's surprisingly easy! Plus, you'll get to try your hand at hacking, discovering how attackers think so you can build defences against them. (Some coding knowledge in Python is recommended. You should know loops, if statements, arrays, and functions.)

ESV - Sunday - 10:00-12:59 PDT

Come try a hands-on workshop on embedded computing using the new RP2350 processor from Raspberry Pi.  Lean about the security architecture in modern embedded microprocessors and tinker with it in person! Think you have what it takes to break our stuff? Come learn, say hi and give it a try!

SEV - Sunday - 10:00-11:30 PDT

See who won in our village! During this time we’ll present the Youth Challenge winner, the #SECVC 1st and 2nd place winners, as well as the much-coveted Dundies! Then stick around as we have a panel interview with the winners to hear their story about their path to victory!

ASV - Sunday - 10:00-12:59 PDT

Come take a picture with a CubeSat. And while you're there, learn a few things about it.

MISC - Sunday - 10:00-12:59 PDT

The S.O.D.A. Machine Experience:

Imagine being at DEF CON, eager to dive into some serious hacking without being tethered to your laptop. The Shell On Demand Appliance is here to enhance your experience by providing access to anonymous virtual machine using cold hard cash.

What is the Shell On Demand Appliance?

The S.O.D.A. machine is now located in the contest area at the DEF CON Scavenger Hunt booth, offering virtual machines accessible via the DEF CON network. A blend of hardware, software, art, and hacking, using recycled materials to create a sustainable tech experience. The built-in datacenter connects directly to the DEF CON network. Insert cash or coins into the machine to get started, the system deploys the VM to the network, and a receipt with your login credentials is printed. Users receive login credentials to access their virtual machine via remote shell. You can change the password, install tools and applications, and customize the VM to suit your needs. The updated system now provides secure access from anywhere in the world through a web browser or standard SSH client. Be sure to check out the BBS too!

Supporting the Cause:

All proceeds from the S.O.D.A. Machine benefit the National Upcycled Computing Collective, Inc., a 501(c)(3) nonprofit organization dedicated to advancing research and education in computer science, technology, and engineering. Contributions are welcome at https://www.paypal.com/paypalme/NUCC.

MISC - Sunday - 10:00-12:59 PDT

Bring a retro artifact of your own for people to have fun with and demonstrate! (Note: Any artifact brought in for Show & Tell must also be taken back home with you, and although we will try our best to keep your artifact safe and operational, we suggest that you don't bring anything irreplaceable or that has sentimental value, as things could get destroyed or go missing.)

MISC - Sunday - 10:00-12:59 PDT

Small scale LAN party - Use one of our Windows 98 laptops or BYOB and hook it up! Seating will likely be limited depending on interest.

SEV - Sunday - 10:00-13:59 PDT

Come check out the Social Engineering Community Village!

DC - Sunday - 12:00-12:20 PDT

Cari Farver did not disappear off the face of the Earth. She was murdered in cold blood, and her killer went on to impersonate her online, for over three years. The suspect hid their tracks with VPNs, proxies, and anonymizing apps. This talk will go behind the scenes of Netflix's "Lover, Stalker, Killer" to detail the open source software and bespoke methods used to prove a no-body homicide case based almost entirely on digital evidence.

Dateline NBC, S26E1 "Scorned" (2017) Rule, Leslie. "A Tangled Web: A Cyberstalker, a Deadly Obsession, and the Twisting Path to Justice". Citadel Press, 2020. Netflix, "Lover, Stalker, Killer" (2024)

Anthony Kava is a hacker and carries a badge. Got his start breaking Apple IIs then moved, somehow, to breaking baddies. Works as a cyber crime investigator and digital forensics examiner with a penchant for infosec. Kava is a recognized Soylent drinker, scourge to software vendors, and has been portrayed by a Canadian in a Lifetime movie. Dreams in Perl. Enjoys long walks on the dark web.

ASV - Sunday - 10:00-12:59 PDT

The Space Grand Challenge (SGC) Program is a free virtual game-based cybersecurity/space competition CTF for middle and high school students built by Cal Poly students—Learn by Doing in action. The game is built on the UNITY gaming engine.

ASV - Sunday - 10:00-12:59 PDT

Launch into the thrilling world of cybersecurity, specifically designed for space systems! Learn the fundamentals to safeguard ground stations, communication links, and spacecrafts.

Engage in an immersive and fun CTF scenario. Apply your cybersecurity skills in real-time and see the direct impact of your decisions on our Space Systems Demonstrator. In this high-stakes scenario, you'll align with the Aurora Alliance in their critical mission to thwart Count Viktor Thunderclaw and the notorious Nebula Syndicate. The Syndicate threatens to destroy historic monuments around the world with their Space Laser unless their demands are met. Do you have what it takes to dismantle their malevolent plans?

Our beginner-level CTF kicks off as soon as the village opens—no pre-registration necessary. Just bring your laptop to access the CTF platform and your favorite packet decoding software (i.e. Wireshark). Expect the CTF to take you less than 1 hour to complete. Team collaboration is encouraged, and if you encounter obstacles, numerous hints are available to guide you. Excel in the challenge, and you could walk away with a CT Cubed SAO, an exclusive prize while supplies last.

ASV - Sunday - 10:00-12:59 PDT

Use spacestudio software to work through multiple challenges and scenarios. For instance:

Challenge 1: Analysis of the performance of the next GEN of satellites to size the ground segment.

Challenge 2: Assessment of propulsion system capabilities for initial orbit raising

Challenges for spacetower flight dynamic software will also be available.

DC - Sunday - 10:00-10:45 PDT

Websites often parse users' email addresses to identify their organisation. Unfortunately, parsing emails is far from straightforward thanks to a collection of ancient RFCs that everyone knows are crazy. You can probably see where this is going…

In this session, I'll introduce techniques for crafting RFC-compliant email addresses that bypass virtually all defences leading to broken assumptions, parser discrepancies and emails being routed to wildly unexpected destinations. I'll show you how to exploit multiple applications and libraries to spoof email domains, access internal systems protected by 'Zero Trust', and bypass employee-only registration barriers.

Then I'll introduce another class of attack - harmless-looking input transformed into malicious payloads by unwitting libraries, leading to yet more misrouted emails, and blind CSS injection on a well-known target.

I'll leave you with a full methodology and toolkit to identify and exploit your own targets, plus a CTF to develop your new skillset.

• Email parsing:

  • link
  • link
  • link

• CSS Exfiltration:

  • link
  • link

• Unicode:

  • link

PortSwigger researcher Gareth Heyes is probably best known for smashing the AngularJS sandbox to pieces and creating super-elegant XSS vectors. He is the author of JavaScript for hackers. In his daily life at PortSwigger, Gareth can often be found creating new XSS vectors, and researching new techniques to attack web applications. He has a keen interest in hacking CSS to do wonderful, unexpected things and can often be seen experimenting with 3D pure CSS rooms, games and taking markup languages to the limit on his website. He's also the author of PortSwigger's XSS Cheat Sheet. In his spare time, he loves writing new BApp extensions such as Hackvertor.

RTV - Sunday - 11:00-11:50 PDT