-- MySQL dump 10.13 Distrib 8.0.46, for FreeBSD15.0 (amd64) -- -- Host: localhost Database: defcon34 -- ------------------------------------------------------ -- Server version 8.0.46 /*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */; /*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */; /*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */; /*!50503 SET NAMES utf8mb4 */; /*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */; /*!40103 SET TIME_ZONE='+00:00' */; /*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */; /*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */; /*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */; /*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */; SET @MYSQLDUMP_TEMP_LOG_BIN = @@SESSION.SQL_LOG_BIN; SET @@SESSION.SQL_LOG_BIN= 0; -- -- GTID state at the beginning of the backup -- SET @@GLOBAL.GTID_PURGED=/*!80000 '+'*/ 'b4148ec7-37aa-11e6-bdd9-003048850f62:1-897773, c8b80935-c8ce-11ee-80c0-f48e38c15384:1-1974894, f9f9d5a4-23aa-11e5-b61b-0021856cfce2:1-316626'; -- -- Table structure for table `CallFors` -- DROP TABLE IF EXISTS `CallFors`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!50503 SET character_set_client = utf8mb4 */; CREATE TABLE `CallFors` ( `id` smallint NOT NULL AUTO_INCREMENT, `CFname` varchar(120) CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NOT NULL, `whenexpired` datetime(6) DEFAULT NULL, `expired` tinyint(1) NOT NULL, `Descrip` text NOT NULL, `PageURL` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=89 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_0900_ai_ci; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `CallFors` -- LOCK TABLES `CallFors` WRITE; /*!40000 ALTER TABLE `CallFors` DISABLE KEYS */; INSERT INTO `CallFors` VALUES (1,'DEF CON 34 [Call For All Index]()','2000-03-01 00:00:00.000000',0,'Contests, Events, Villages, Parties, Talks, Workshops, Vendors, Press, Music... and more! Every year hundreds of dedicated hackers put their heads together and ask themselves one question \"How are we going to do it bigger, and better, than last year?\", and every year they do. Join them! Give us your craziest ideas, your fresh outlook, your passion. This is the place you can find all of the open calls for DEF CON Content, so pick your poison and show us what you got!','https://defcon.org/html/defcon-34/dc-34-cfi.html'),(2,'DEF CON 34 [Call For Papers]()','2026-05-01 23:59:59.000000',1,'DEF CON Main Stage talks are a premier venue for presenting new, unique, cutting edge research on hacking, information security and computer vulnerabilities. Presenters can choose a 20-minute, or 45-minute time slot. In some rare instances (for larger panels, for instance) DEF CON will consider talks for 75-minute time slots. DEF CON receives many submissions for a limited number of Main Stage slots and the selection is highly competitive.','https://defcon.org/html/defcon-34/dc-34-cfp.html'),(3,'DEF CON 34 [Call For Workshops]()','2026-05-01 23:59:59.000000',1,'DEF CON Workshops are four hour long, interactive classroom sessions. This longer format provides a much deeper dive into a subject area, enabling students with an opportunity to learn, experience and delve into a topic in a smaller group setting.','https://defcon.org/html/defcon-34/dc-34-cfw.html'),(4,'DEF CON 34 [Call For Demo Labs]()','2026-05-01 23:59:59.000000',1,'DEF CON Demo Labs is a dedicated area to showcase an open-source project, tool, or hardware you have been working on. The Demo Labs format is smaller and more intimate than a main talk and is intended to foster an engaging environment for interacting with fellow hackers, answering questions, and getting feedback from the community. Even if your project, tool, or hardware is in the early stages or still developing, consider submitting it.','https://defcon.org/html/defcon-34/dc-34-cfdl.html'),(5,'DEF CON 34 Policy @ [Call For Papers]()','2026-05-01 23:59:59.000000',1,'DEF CON Policy talks are a venue to engage in a dialogue about security, privacy and cyber policy. Presenters can choose a 25-minute, 50-minute time or 80-minute slots and Talk, Interview, Panel or Interactive Session formats.','https://defcon.org/html/defcon-34/dc-34-policy.html'),(6,'DEF CON 34 [Call For Content]()','2026-03-15 23:59:59.000000',1,'Submit this form if you would like to apply to be a Creator (Village, Community, or Contest) at DEF CON 34. ','https://forms.cloud.microsoft/pages/responsepage.aspx?id=Y3ofZveTWUeWkfjugk0fX0PgFsqyBAFCvLbSXDKxajdURjQ1Uk5SVEpFRVZOOTRFRUJMQjEyRkpYSi4u&route=shorturl'),(7,'DEF CON 34 [Call For Parties, Meetups, & Events]()','2026-03-15 23:59:59.000000',1,'DEF CON 34 Parties, Meetups & Events Application\r\n\r\nDoes your company/group want to throw the biggest, wildest DEF CON party ever? Rent out the pool, take over a huge space with arcade machines and carnival games—go all in and create the kind of legendary event that future hackers will hear about from their grizzled elders. If you’ve got the funds but don’t want to run the show, we’ll connect you with a party that needs a sponsor. Big budget? Awesome. Small budget? Also awesome. We’re here to make DEF CON nights unforgettable for everyone, so let’s make it happen!','https://forms.office.com/pages/responsepage.aspx?id=Y3ofZveTWUeWkfjugk0fX0PgFsqyBAFCvLbSXDKxajdUQTMxMjAwTjFXRzU5TzU5MTk3RzYzOTUxNi4u&route=shorturl'),(8,'DEF CON 34 [Call For Music]()','2026-05-01 23:59:59.000000',1,'DEF CON 34 Artist Application ','https://forms.office.com/pages/responsepage.aspx?id=skclAOGhkE6di7Ht8q0aPFA9iokCZH5GiDKDI2XiZ4dUODFGRFpWVURZNE5CTUJVS1ROUkpWR0ZCNS4u&route=shorturl'),(9,'DEF CON 34 [Official Soundtrack Application]()','2026-06-01 23:59:59.000000',1,'If you want to submit your original music production to be considered for DEF CON 34: The Official Soundtrack, you are in the right place!\r\n\r\nEvery year, the DEF CON Arts & Entertainment team puts together a fund-raising compilation that supports the Electronic Frontier Foundation (EFF.org), a 501c(3) dedicated to protecting Internet freedoms and privacy.\r\n\r\nThe compilation is digitally distributed to attendees of DEF CON (www.defcon.org) via DEF CON\'s media server, and also released online via Bandcamp It\'s all free/pay-what-you-want, and 100% of revenue (with the exception of the distributor cut) goes to the EFF.','https://forms.office.com/pages/responsepage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAMAAIhFF5lUMU1CVlZCTzlDSlkwUTJMM1JaOTNQSUI1Ti4u&route=shorturl'),(10,'DEF CON 34 [Call For Authors]()','2026-03-25 23:59:59.000000',1,'Following a successful first year, DEF CON 34 is excited to welcome independent authors back to the Vendor Area for dedicated book signing sessions!\r\n\r\nIf you\'ve written a book about security, hacking, technology, privacy—or anything that feels DEF CON, we encourage you to apply for a signing slot and connect directly with attendees.','https://defcon.org/html/defcon-34/dc-34-cfa.html'),(11,'DEF CON 34 [Call For Venders]()','2026-03-31 23:59:59.000000',1,'It\'s that time of year again – time to show us why you and your company should have a spot a DEF CON 34! Wow us with your innovation and gadgets. Delight our attendees with your fan favorites! So if you have one-of-a-kind, top-notch trinkets, let us see \'em! Feel free to send us any photos, videos, etc., that prove you\'re the perfect fit. To keep things fair, all Vendors accepted will be notified at the same time.\r\n\r\nNot selling anything, but still want to connect with our audience? Then check out our Exhibitor Call.','https://defcon.org/html/defcon-34/dc-34-vendor-app.html'),(12,'DEF CON 34 [Call For Exhibitors]()','2000-03-01 00:00:00.000000',0,'We\'re happy to announce the official Call for Exhibitors! DEF CON Exhibitors is an exciting and new space dedicated to companies and orgs that don\'t have physical items to sell but still have something to offer our attendees.\n\nProceeds from Exhibitors directly support official DEF CON parties, food and beverage tokens, and hotel stay for our content creators (Villages & Contests). In addition, last year we raised nearly $40k for approved non-profit villages that directly support the DEF CON community. This year, we\'re focused on supporting our content creators again and helping Villages and Contests grow.\n\nBeing an exhibitor means you want to connect with, and give back to, our community. We want to see exhibitors at DEF CON that DEF CON attendees want to see. Looking to get feedback from existing customers, recruit new talent or demo a new product relevant to our community? This is your opportunity.','https://defcon.org/html/defcon-34/dc-34-cfe.html'),(13,'DEF CON 34 [Call For Sponsors]()','2000-03-01 00:00:00.000000',0,'As an expansion to the services and aid DEF CON offers its content creators, we\'re very excited to announce our Call for Sponsors. We\'re using our reach into the community to help connect DEF CON content creators, such as our Villages, Contests, Parties, etc. with our fantastic community of potential sponsors!\r\n\r\nAs a content creator sponsor, it\'s important to know that you won\'t actually be sponsoring DEF CON itself (you can find out ways to support DEF CON through our Call for Exhibitors.\r\n\r\nWhat we aim to do is to find and qualify individuals and companies who reach out to us to become sponsors of our content creators, and then help facilitate the conversation between those creators and potential sponsors. Two of the most difficult parts of sponsorship pairings are the creators being upfront and honest with what they need, and the sponsors receiving the appropriate value add to their organization. Our Sponsorship department aims to help guide the conversation and work out a deal everyone can benefit from!','https://defcon.org/html/defcon-34/dc-34-cfs.html'),(14,'DEF CON 34 [Press Registration]()','2000-03-01 00:00:00.000000',0,'To register as press, please send an email to press [at] defcon ]dot[ org with the Subject: PRESS REG DEF CON. Please provide all of the details we request otherwise it only slows down your own approval, and there is a hard limit on the total number of press each year.','https://defcon.org/html/defcon-34/dc-34-press.html'),(15,'Telecom Village \n[Call For Papers/Workshops/Challenges]()','2026-07-10 23:59:00.000000',0,'Attention speakers! Are you passionate about Telecom Security? Here\'s your chance to address a dedicated audience that shares your enthusiasm. Submit your proposal to Telecom Village and become a speaker at Telecom village.','https://x.com/TelecomVillage/status/2023652284190851091?s=20'),(16,'Telecom Village [Call For Sponsors]()','2000-03-01 00:00:00.000000',0,'Be a vital part of the growing telecom security community by supporting Telecom Village. Your sponsorship helps us create an engaging and impactful experience for everyone. Let’s grow together with hand in hand support!','https://www.telecomvillage.com/sponsors'),(17,'Red Team Village [Call For Speakers]()','2026-05-31 23:59:59.000000',1,'The Red Team Village is focused on training the art of critical thinking, collaboration, and strategy in offensive security. The RTV brings together information security professionals to share new tactics and techniques in offensive security. Attendees may spend all three days engaged in introductory workshops, hands-on tactics or challenge themselves in an immersive Capture the Flag competition to put their newly obtained skills to the test.','https://sessionize.com/rtv-at-dc34'),(18,'Red Team Village [Call For Volunteers]()','2000-03-01 00:00:00.000000',1,'We are hyped to be back for DEF CON 34 - \"Shadowrun.\" Whether you\'re a seasoned Street Samurai who has volunteered with us before or a Decker looking for your first big run, we\'re stoked to have you in the mix.','https://docs.google.com/forms/d/e/1FAIpQLSeipekN5RYjhZuAugeKOTG_z1bKqJ8ORX9YpfxNH7mdw7tkWA/viewform'),(19,'Red Team Village [Call For Sponsors]()','2000-03-01 00:00:00.000000',0,'The Red Team Village is the heartbeat of the offensive security community, and we\'re looking for partners to help lead our most interactive year yet! This year, we are prioritizing our Educational Mission—delivering the practical, hands-on learning that bridges the gap between theory and the real world.','https://drive.google.com/file/d/1344CxfPdZaCgOZqElDNIule9rLe8djVY/view'),(20,'Ham Radio Village [Call For Volunteers]()','2000-03-01 00:00:00.000000',0,'Village staff handle running the village itself as well as the fox hunt contest table. Duties vary and include providing demos, talking with and answering questions from attendees, and running the fox hunt contest. During your shifts you may be using your own gear, village-owned gear, or gear from another volunteer (with their permission). This is a great chance to showcase what YOU love about ham radio as ambassadors of the hobby!','https://hamvillage.org/events/dc34/signup'),(21,'Ham Radio Village [Call For Papers]()','2026-07-26 23:59:59.000000',0,'Do you have an idea for a talk, demo, or presentation about something related to amateur radio? The Ham Radio Village is looking for all sorts of content for DEF CON 34! We accept a variety of topics related to ham radio, especially as it relates to other technical fields and experimentation. Shenanigans are encouraged!','https://cfp.hamvillage.org/dc34/cfp'),(22,'Aerospace Village [Call For Presentations]()','2026-05-01 23:59:59.000000',1,'Have a great talk ready to go about space systems, aircraft systems, or anything in-between? Now\'s your chance to propose your talk for the Aerospace Village for DEF CON 34! We will be carrying out a blind review and ranking of your submission as representative of our talks for the Aerospace Village.\r\n','https://forms.cloud.microsoft/pages/responsepage.aspx?id=dMlm786nyEeFJDgav6AbZ0PSiqD_B1NHmaVaEZjJrvlUODRJSkhNWEVRWVdIWVg3S1QwUzdHUkVWSy4u&route=shorturl'),(23,'Aerospace Village [Call For Workshops]()','2026-05-01 23:59:59.000000',1,'The Aerospace Village is looking to bring unique workshop experiences to DEF CON 34. These are hands on experiences where guests to the Aerospace Village at DEF CON 34 will be able to use their own devices to learn along side your instruction. We\'ll provide the projector and podium and you supply the knowledge! Workshops will be held inside of the Aerospace Village area.','https://forms.cloud.microsoft/pages/responsepage.aspx?id=dMlm786nyEeFJDgav6AbZ0PSiqD_B1NHmaVaEZjJrvlUNzRON0Y1Q1gzQ1g4NjNJRVBTSDdUWUlaMC4u&route=shorturl'),(24,'Radio Frequency Village [Call For Sponsors]()','2000-03-01 00:00:00.000000',0,'RF Hackers Sanctuary (RHFS) offers an environment where people come to learn about the security of radio frequency (RF) transmissions, which includes wireless technology, applications of software defined radio (SDR), Bluetooth (BT), Zigbee, WiFi, Z-wave, RFID, and all other protocols within the useable RF spectrum. RF Hackers Sanctuary is supported by a group of experts in the areas of information security as it relates to RF technologies. RF Hackers Sanctuary’s purpose is to provide an environment in which participants may explore these technologies with a focus on improving their skills. These learning environments are provided in the form of guest speakers, panels, and Radio Frequency Capture the Flag (RF CTF) games.','https://rfhackers.com/sponsors/'),(25,'Appsec Village [Call For Volunteers]()','2000-03-01 00:00:00.000000',0,'Are you passionate about application security and want to get involved?\r\nIt takes a village to run a village. We are looking for volunteers to help us bring AppSec Village at DEF CON to life.\r\n\r\n','https://www.appsecvillage.com/volunteer'),(26,'Appsec Village [Call For Sponsors]()','2000-03-01 00:00:00.000000',0,'Become a Sponsor\r\nIs your organization passionate about application security and want to sponsor AppSec Village?\r\n\r\nAre you an AppSec or InfoSec vendor that would like to be recognized as a supporter of the AppSec Community?\r\nIs your organization taking the security of its software very seriously and would like its name connected with AppSec Village?\r\nThen become an AppSec Village 2026 Sponsor!','https://www.appsecvillage.com/sponsors'),(27,'Blacks In Cybersecurity [Call For Volunteers]()','2026-04-17 23:59:59.000000',1,'BIC VILLAGE @ DEF CON 34\r\nVOLUNTEER APPLICATION\r\nBIC Village @ DEF CON 34\r\nVolunteer Application is open here .','https://docs.google.com/forms/d/e/1FAIpQLSec2x4ko9tHNlbliJ7ikcweBA9k4e0UaaJNJ5OkkvYtm_DSOQ/viewform'),(28,'Blacks in Cybersecurity [Call For Papers]()','2026-05-15 23:59:59.000000',1,'Mission:\r\n\r\nThe Blacks In Cybersecurity Village seeks to bring culturally diverse perspectives to the holistic Cybersecurity community by way of a series of talks and a Capture The Flag event.','https://docs.google.com/forms/d/e/1FAIpQLSc-NDkBbxRPk8PcPywc8KFiSZzakppGNLlUTLP501LRXM2fag/viewform'),(29,'Bug Bounty Village [Call Index]()','2000-03-01 00:00:00.000000',0,'DEF CON 34 Call Index\r\n\r\nWelcome to the Bug Bounty Village Call Index! Below, you\'ll find all the ways you can get involved with Bug Bounty Village at DEF CON 34, happening August 6 to 9, 2026. Whether you\'re a researcher, speaker, sponsor, or volunteer, we invite you to be part of the action.','https://www.bugbountydefcon.com/call-index-2026'),(30,'Bug Bounty Village [Call For Volunteers]()','2000-03-01 00:00:00.000000',0,'Bug Bounty Village - Call for Volunteers (DEF CON 34)\r\nOpen Now!\r\nJoin the Team: Help Make Bug Bounty Village a Success!\r\n​\r\nBug Bounty Village (BBV) is returning to DEF CON 34 in Las Vegas, August 6-9, 2026, and we need dedicated volunteers to help us make this year even better! Whether you’ll be onsite at DEF CON or want to contribute remotely, there are plenty of ways to get involved.\r\n\r\nVolunteering is a great way to gain experience, connect with top security professionals, and be part of the hacker community!','https://www.bugbountydefcon.com/call-for-volunteers'),(31,'Bug Bounty Village [Call For Papers]()','2026-05-31 23:59:59.000000',1,'Bug Bounty Village - Call for Papers (DEF CON 34)\r\nNow Open!\r\nShare Your Insights: Speak at Bug Bounty Village!\r\n​\r\n\r\n​Bug Bounty Village (BBV) is back at DEF CON 34 in Las Vegas, August 6-9, 2026, and we’re looking for engaging speakers and workshop hosts to share their expertise! Whether you\'re a seasoned security researcher or have fresh insights to bring to the bug bounty community, we want to hear from you.\r\n\r\nSubmissions are Open until May 15t','https://www.bugbountydefcon.com/call-for-papers'),(32,'Car Hacking Village [Call For Papers]()','2026-05-31 23:59:53.000000',1,'Car Hacking Village | DEFCON 34 Call For Papers - Talks (2026)\r\nTalks submitted to the Car Hacking Village at DEFCON should be about subjects with relevance to the automotive cybersecurity industry or car hacking. Some examples of accepted talks in the past include automotive vulnerability disclosures, car hacking tool exhibitions, and thought leadership on improving various areas of vehicle cybersecurity.','https://docs.google.com/forms/d/e/1FAIpQLSdK7c2tI39LuAWRonqZC5SlSerY7G4smCDp7zSVdaUUvhIbDg/viewform'),(33,'Car Hacking Village [Call For Challenges]()','2026-06-30 23:59:59.000000',1,'2026 Call for Challenges (CFC)\r\nFor those interested, we would like to invite you to submit challenges for the 2026 Car Hacking Village (CHV) CTF at DEFCON 34 in Las Vegas! We are looking for anywhere between 10 and 20 challenges of varying categories regarding the automotive industry. \r\n\r\nThe following are a list of Categories that the contest is interested in:\r\n\r\nReverse Engineering – data recovery/string searches/Forensics\r\n\r\nTelemetry – radio/etc\r\n\r\nGrand Theft Auto – challenges vs. car brought into the village\r\n\r\nCrypto\r\n\r\nVehicle Network – CAN/Auto-ETH/etc\r\n\r\nExploitation – stack/heap smashing, shell popping/etc','https://www.carhackingvillage.com/cfc'),(34,'Car Hacking Village [Call For Sponsors]()','2026-06-13 23:59:59.000000',1,'Why Sponsor Us?\r\nThe Car Hacking Village has been a prominent village within the DEFCON community. With over a decade of being a village a sponsor receives high visibility and recognition within the security community. Additionally, sponsorship demonstrates thought leadership, brings networking opportunities and provides access to untapped talent.\r\n\r\nBy sponsoring the Car Hacking Village, your company has the opportunity to show brand recognition within the automotive security space with an exposure of over 30,000+ conference attendees.','https://www.carhackingvillage.com/sponsorship'),(35,'Data Duplication Village [Call For Presentations]()','2026-06-30 11:59:00.000000',1,'CALL FOR DDV PRESENTATIONS OPEN\r\nThe Data Duplication Village is announcing their 2026 call for presentations to be held at DEF CON 33 in Las Vegas, NV on Friday, August 7th and Saturday, August 8th.\r\nThe Data Duplication Village\'s goal is to help the information security community by providing helpful information through duplication of large amounts of data including all the past hacking related convention material that can be found, rainbow tables, and more. During con, we also provide direct talks to attendees to further provide helpful information for storage related technology and data security.\r\n\r\nOur audience range from those who are new to data storage, transfer, and security to the most seasoned practitioners in the industry discussing their experiences and insights into the future of storage and data protection. New presenters are very welcome! This is your chance to give back to the community!','https://dcddv.org/dc34-cfp'),(36,'Data Duplication Village [Call For Volunteers]()','2000-03-01 00:00:00.000000',1,'CALL FOR DDV VOLUNTEERS\r\nWE NEED YOUR HELP!\r\nYes, we’ll be back for 2026 and we’re looking for volunteers for DEF CON 34 in Las Vegas, NV for Thursday, August 6th through Sunday, August 9th. \r\n\r\nWHY VOLUNTEER?\r\nWe’re a volunteer run village, put on by and for the community, and were working hard to keep the distribution of information free. Since we don’t charge for our services, some costs are covered by DefCon itself but we rely only on our Volunteers to help prepare and run the village.\r\n\r\nWe need good, reliable folks to help us keep the village free. We have Volunteer opportunities for set-up on Thursday, drive intake, ongoing operations, all the way through tear-down on Sunday.','https://dcddv.org/dc34-vol-call'),(37,'Malware Village [Call For Sponsors]()','2000-03-01 00:00:00.000000',0,'Our Call for Sponsors is open now!\r\n!!! MV Sponsor Package PDF !!!\r\n\r\nWelcome to Malware Village by World Cyber Health!\r\n\r\nMalware Village is dedicated to providing a safe and engaging environment for participants to learn and share knowledge about malware analysis. Our mission is to equip attendees with the skills, techniques, and historical context needed to understand, research, and combat malware. Participants will gain hands-on experience with real-world analysis techniques, guided by seasoned infosec professionals. Beyond technical training, Malware Village fosters a strong community where researchers, enthusiasts, and professionals can connect. We welcome everyone—whether you\'re an artist creating malware-inspired art, a hardware researcher discovering unexpected connections to malware analysis, or a seasoned analyst reminiscing about early malware history. ','https://malwarevillage.org/sponsor.pdf'),(38,'Maritime Village [Call For Volunteers]()','2000-03-01 00:00:00.000000',0,'Want to join our cause and/or volunteer for a MHV event?\r\nJoin our Community\r\n“It takes a village” to protect critical maritime infrastructure. We are always looking for aspiring villagers to join our cause and support the village with your many skills and networks. \r\n\r\nVolunteer\r\nGet to know us first by volunteering for a specific event. Tell us a bit about yourself with this form and we’ll get in touch with you.','https://maritimehackingvillage.com/volunteer'),(39,'Payment Village [Call For Sponsors]()','2000-03-01 00:00:00.000000',0,'Join Us in Securing the Future of Payments!\r\n\r\nAt Payment Village, we\'re on a mission to educate, train, and build awareness around the security of payment systems. We’re passionate about empowering the next generation of payment security experts through hands-on learning, research, and community engagement.\r\n\r\n\r\nYour sponsorship will help us continue to provide accessible, practical training at industry events, foster a vibrant community of researchers, and drive innovation in payment security.\r\n\r\n\r\nInterested in Sponsoring? Let’s discuss how your company can support open security research while gaining brand exposure at DEF CON and beyond.','https://www.paymentvillage.org/get-involved/sponsor'),(40,'Physical Security Village [Call For Volunteers]()','2000-03-01 00:00:00.000000',1,'Volunteer with the Physical Security Village\r\nWe’re so glad you’re interested in being part of the PSV community! Please join our Discord server for announcements regarding volunteering opportunities.\r\n\r\nAlternatively, keep an eye on this page -we update it with the volunteer application form before each convention we need volunteers for.','https://docs.google.com/forms/d/e/1FAIpQLScXZzSmISdk54oS3YDki_X42WAVM6VztMKaWwsUxyxmBPe-4g/viewform'),(41,'Radio Frequency Village [Call For Papers]()','2026-06-07 23:59:59.000000',1,'The Radio Frequency Village is an annual event held at DEF CON in the fabulous Las Vegas, Nevada. Talks may be live, or pre-recorded at the discretion of the presenter. This year we return to the Las Vegas Convention Center. Due to challenges inherent to this environment, we *encourage* ALL presenters to pre-record and submit their talks to us. The acoustics in the new location are likely to be unfavorable, and pre-recording your talk is the best way to ensure folks can clearly hear your message. We will attempt to record live talks, but quality may vary and will certainly be less than ideal.','https://docs.google.com/forms/d/e/1FAIpQLSfF7ROnnNVi33gZxZpgcqSrhWfo_14Ja4nVGvt9KkNFef45Pw/viewform'),(43,'Payment Village [Call For Papers]()','2026-05-15 23:59:59.000000',1,'Call for Papers - Payment Village @ DEF CON 34 6-9th August 2026\r\n\r\nAbout the Village\r\n\r\nThe Payment Security Village explores the complex intersection of security, usability, and technology in probably the most commonly used security systems worldwide. As payment systems continue to evolve globally, we aim to showcase real-world security research and analyses that impact how we transact in our daily lives or even just illuminate the magic of the technology working behind the scenes to keep our money secure.','https://www.paymentvillage.org/get-involved/CFP'),(44,'Payment Village [Call For Volunteers]()','2026-06-01 23:59:59.000000',1,'Volunteer\r\nThe Payment Village is run by a team of volunteers who are passionate about Payments and providing learning opportunities for others. If you would like to be a part of our team please fill out the form. We are looking for volunteers who will be able to commit to all three days at DEF CON 34, Friday August 6th through to Sunday August 9th.\r\n\r\nWe will be working on a shift rotation and you are expected to volunteer for approximately five hours per day. Your hours will be assigned closer to the time of the conference. For your help and support we will provide you with access to the conference (a village badge), a village t-shirt and learning opportunities. We are looking for self-starters, those that are passionate about Payments and being a part of the DEF CON experience.','https://www.paymentvillage.org/get-involved/volunteer'),(45,'Cloud Village [Call For Sponsors]()','2000-03-01 00:00:00.000000',0,'Sponsorship Form - Cloud Village @DEF CON 34\r\nBecome a Sponsor in Cloud Village @DEF CON!!!\r\n\r\nWe at Cloud Village love to work with folks who share the same zeal to contribute to the cloud security community.\r\nPlease fill this form if you are interested in contributing towards this community. We will get in touch with you once we have your details.','https://docs.google.com/forms/d/e/1FAIpQLSfTXyArz3zV9cc0LZquTTzcRFjx9k5dGCPq_8b-49b7kiYFoQ/viewform'),(46,'Cloud Village [Call For Volunteers]()','2000-03-01 00:00:00.000000',1,'Cloud Village Call For Volunteers - DEF CON 34\r\nWe are super excited to meet the Cloud Security community and join hands with us in DEF CON!\r\n\r\nWe look forward to join hands with cool folks like you and welcome you to the family!','https://docs.google.com/forms/d/e/1FAIpQLSf_0KXHMPvTv9d5JSt4anE1OV6PY7I3VoTEOTFC6WJSix49-w/viewform'),(47,'Cloud Village [Call For Labs]()','2026-05-24 23:59:59.000000',1,'Cloud Village Call For Labs - DEF CON 34\r\nWelcome to Cloud Village Labs, a brand-new initiative from the Cloud Village community at DEF CON — built for practitioners who love teaching through doing.\r\nWe’re looking for hands-on contributors who want to run short, focused learning sessions. Think:\r\nShorthand techniques and time-saving tips\r\nTool setup and walkthroughs\r\nAutomation tasks and their real world implementation\r\n2-hour workshop\r\nAny hack or habit that makes life better in cloud security\r\nIf you have something valuable, practical, and worth sharing, we’d love to hear from you. Whether it’s niche or broad, new or battle-tested, if it’s useful to the community, it’s perfect for Labs!\r\n\r\nSessions will be informal, demo-heavy, and deeply practical\r\nThink of it as the hacker’s chalkboard. No fluff, just high-signal teaching.','https://docs.google.com/forms/d/e/1FAIpQLSeIW8zz7kbZ_UWuZLCK1xfsP9uAsyjn1r6W4PGuuoKXPLTmwA/viewform'),(48,'Cloud Village [Call For Papers]()','2026-05-24 23:59:59.000000',1,'Cloud Village Call For Papers - DEF CON 34\r\nBecome a speaker in Cloud Village @DEF CON!!!\r\n\r\nIf you love cloud security and want to talk in front of a more targeted audience who shares the same zeal as you. Submit your proposal to Cloud Village!\r\nWe are looking forward to four kinds of proposals:\r\n- Talks (30 - 45 minutes - Detailed research talks)\r\n- Workshops (1 - 2 hours - Hands-On or Instructor-Led training for free)\r\n- Tool Demo (20 - 30 minutes)\r\n- Lightning Talks (10 - 20 mins talk to cover quick, short-hand techniques)\r\nPlease note that the proposals shall be focused on cloud security.\r\n\r\nWe will provide you with a place to present, a room full of professionals ready to talk, an environment filled in with energy and fun, and a lot of free hugs. Abstract of accepted talks will be posted on Cloud Village\'s website with your names and Twitter handles.','https://docs.google.com/forms/d/e/1FAIpQLSfk31a2h-RjDC9XcV9JLu4ZiGUxpIa5igT1FgI_ExfVhJWKTQ/viewform'),(49,'Recon Village [Call For Papers]()','2026-06-15 23:59:59.000000',1,'We\'re looking for speakers who are passionate about OSINT, reconnaissance, and security research. Whether you\'re a seasoned speaker or presenting for the first time, we want to hear from you!','https://reconvillage.org/cfp'),(50,'Adversary Village [Call For Papers]()','2026-05-31 23:59:59.000000',1,'Adversary Village is a community initiative which purely focuses on Adversary simulation, adversary emulation, threat/APT/ransomware emulation, breach and attack simulation, threat actors, adversary groups, supply chain security, adversary tactics, life, adversary philosophy, urban survival skills and purple teaming.\r\nThe goal of the Adversary Village is to build an open Security community for the researchers and organizations, who are putting together new means, methodologies towards the simulation and emulation of adversary tactics and purple teaming.\r\n\r\nPlease submit your awesome research to Adversary Village at DEF CON 34, this year.','https://adversaryvillage.org/call-for-papers/'),(51,'Bug Bounty Village [Call For Sponsors]()','2000-03-01 00:00:00.000000',0,'Bug Bounty Village - Call for Sponsors (DEF CON 34)\r\nNow Open!\r\nJoin Us in Growing the Bug Bounty Community!​\r\n\r\n​​​Bug Bounty Village (BBV) is returning to DEF CON 34 (August 6-9, 2026, Las Vegas), and we’re looking for sponsors who want to engage with top bug bounty hunters, security researchers, and ethical hackers.\r\n\r\nSponsoring BBV means aligning your brand with some of the brightest minds in cybersecurity while demonstrating your commitment to ethical hacking, responsible disclosure, and industry innovation. Your support helps us bring world-class content, interactive challenges, and networking opportunities to DEF CON attendees.','https://www.bugbountydefcon.com/call-for-sponsors'),(52,'Bug Bounty Village [Call For Events]()','2000-03-01 00:00:00.000000',0,'Bug Bounty Village - Call for Events (DEF CON 34)\r\nNow Open!\r\nHosting a Bug Bounty Meetup or Networking Event? Let Us Help Spread the Word!\r\n​\r\nBug Bounty Village (BBV) is excited to support bug bounty-related meetups, networking events, and social gatherings happening alongside DEF CON 34 (August 6-9, 2026, Las Vegas). If your company or organization is hosting an event for the security and hacker community, let us know—we’d love to help promote it!','https://www.bugbountydefcon.com/call-for-events'),(53,'Nix Vegas [Call For Sponsors]()','2026-06-15 23:59:59.000000',0,'DEF CON\'s theme this year is Agency, take a second to read about it here.\r\n\r\nWhile we are still hard at work on our art and theme this year, we would like to challenge you to submit talks that answer to our take on the DEF CON theme:\r\n\r\nStarve the beast: How can you use Nix and NixOS to reclaim your digital agency?\r\nFeed your community: How can we support others doing the same by rolling our own tools and build infrastructure?\r\nResources, time, and energy: How can we use Nix to connect ordinary users with the developers who made all the software they depend on?\r\nCFP','https://defcon.social/@nixvegas/116393680217249385'),(54,'Crypto Privacy Village [Call For Artists]()','2000-03-01 00:00:00.000000',0,'Crypto & Privacy Village - Call for Artists\r\n\r\nThe Crypto & Privacy Village is seeking artwork for our 2026 Gold Bug Contest.\r\n\r\nWhat are we looking for?\r\n\r\nAnything? Everything! While we do have some ideas already in mind, our puzzle team is also looking to your artwork for inspiration. Any medium will be considered. Please keep in mind:\r\n\r\n\r\nThere should be some physical aspect that can be displayed and/or auctioned.\r\nThe art piece will need to be transported to/from Las Vegas.\r\nDEF CON is held at the Las Vegas Convention Center. We\'re not sure what crazy things you can come up with, but it must be allowed there (e.g. no fire, suspicious-looking packages, hazardous materials, etc.)','https://docs.google.com/forms/d/e/1FAIpQLScvvITG9PYS8bFrnGPRmQpOPUHyIx1YUQmClYHucCzCGoU_3Q/viewform'),(55,'Bio Hacking Village [Call For Papers/Workshops]()','2026-05-15 08:59:59.000000',1,'Biohacking Village | DEF CON 34: CFP Talks and Workshops Submissions (2026)\r\nTalks should be bold, address problem(s) and provide solutions and/or resources for getting cybersecurity in healthcare, medical, citizen/community science and IoMT connected devices to an improved, more stable and resilient place.\r\n\r\n**The BHV CFP will close on Saturday, 12 April 2025 at 1159 US Eastern Time. Acceptance Notifications will go out on Friday, May 15th 2026.**\r\n\r\nCFP review is as pragmatic and de-identified as we can make it. Please do not include your name or any identifying information in your abstract or we may disqualify you.\r\n\r\nFor more info on talk selection metrics: https://www.villageb.io/speaker-lab\r\n','https://docs.google.com/forms/d/e/1FAIpQLSe2OZ8Z2qvivF2Q5OF4TLvFdQZ3I3thIA7xKoyfq1Xfr-DR_w/viewform'),(56,'AppSec Village [Call For Proposals]()','2026-05-31 23:59:59.000000',1,'Ready to step up from attendee to speaker? AppSec Village is looking for the next wave of talks, panels, workshops, and tool demos for DEF CON 34. We want sessions that challenge assumptions, share new research, and make attendees rethink how they approach AppSec.\r\n\r\nWe actively seek speakers from underrepresented communities, first-time presenters, and seasoned veterans alike. The strongest lineups come from the widest range of perspectives.','https://sessionize.com/appsec-village-def-con-34/'),(57,'IoT Village [Call For Papers]()','2026-05-22 23:59:59.000000',1,'Submit to the IoT Village CFP for DEF CON 34!\r\n \r\nCFP closes May 22nd. Please fill out each question. IoT Village will reach out via email from iotvillage@ise.io regarding your acceptance, so please use a valid email address! If a speaker does not respond to their acceptance email within 48 hours, their slot will be offered to another session.\r\n\r\n IoT Village is not responsible for speaker badge distribution, scheduling or recording your talks. That is all handled by DEF CON. If you have concerns or preferences for a day to give your talk, please let us know in the form. \r\n\r\nPlease note that if your talk has many speakers, DEF CON may not provide badges for each speaker.','https://share.hsforms.com/1VJautye_QXSwDfpUWz9xJQ4a9bq'),(58,'Malware Village [Call For Papers]()','2026-05-31 07:30:00.000000',1,'','https://sessionize.com/malware-village-defcon34'),(59,'Physical Security Village [Call For Exhibits]()','2026-05-17 23:59:59.000000',1,'Hey there! This is a form for all those that are interested in presenting a talk or bringing an exhibit in the Physical Security Village at DEF CON!\r\n\r\nWe are the Physical Security Village and for those that don\'t know (first of all, how did you get ahold of this form), we are an initiative based out of Toronto Canada that has committed to teaching Physical Security concepts at various Security Conferences! For those that are interested in the type of content that we do, feel free to browse our website at http://www.physsec.org.\r\n\r\nWe are always looking for people that are interested in helping out with and bringing new ideas to the village! This is normally in the form of exhibits! In the past we’ve had exhibits including one on the mechanics of a shopping cart auto locking mechanism. If this sounds like you, feel free to fill in this form!\r\n','https://docs.google.com/forms/d/e/1FAIpQLScIJk1lw5p1LX22u_EM1dWcEYeTBfHlJnBpWDfxetVgIce3Tg/viewform'),(60,'Physical Security Village [Call For Papers]()','2026-05-17 23:59:59.000000',1,'Hey there! This is a form for all those that are interested in presenting a talk or bringing an exhibit in the Physical Security Village at DEF CON!\r\n\r\nWe are the Physical Security Village and for those that don\'t know (first of all, how did you get ahold of this form), we are an initiative based out of Toronto Canada that has committed to teaching Physical Security concepts at various Security Conferences! For those that are interested in the type of content that we do, feel free to browse our website at http://www.physsec.org.\r\n\r\nWe are always looking for people that are interested in helping out with and bringing new ideas to the village! This is normally in the form of talks! In the past we’ve had talks including one on Biometry hacking. If this sounds like you, feel free to fill in this form!','https://docs.google.com/forms/d/e/1FAIpQLSf_hhnhB3nE0e4m35J80QnfRXL9STIMYpLk79I-Ri89jxHHSQ/viewform'),(61,'Physical Security Village [Call For Sponsors]()','2000-03-01 00:00:00.000000',0,'Call For Sponsors\r\n\r\nSupport the village, support the community, We\'re seeking sponsors to help us level up this year - weither it\'s equipment, swag, challenge materials, or something else. It\'s a great way to get your name in front of hackers who care about the physical layer.','https://x.com/physsec/status/2046980859060768768?s=20'),(62,'Blacks in Cybersecurity [Call For Sponsors]()','2000-03-01 00:00:00.000000',1,'','https://x.com/BlackInCyberCo1/status/2046937118304358846?s=20'),(64,'Maritime Village [Call For Presentations]()','2000-03-01 00:00:00.000000',0,'','https://docs.google.com/forms/d/e/1FAIpQLSfFEJk4II0RLhkFfaIXtRWpSjn6l9AAwmct5UVBn4RFaKckCg/viewform'),(65,'Maritime Village [Call For Challenges]()','2000-03-01 00:00:00.000000',0,'','https://docs.google.com/forms/d/e/1FAIpQLSdvr8rkP9Xw-sQXtgqDn1zkZ07mFDu9FUHd0CUHzye0le-DAg/viewform'),(66,'Maritime Village [Call For Games]()','2000-03-01 00:00:00.000000',0,'','https://docs.google.com/forms/d/e/1FAIpQLSe1g9WVuVshAzAdE0bSW1oKzCfDyLBc_2k7s7ibMHDDTD9ndQ/viewform'),(67,'Maritime Village [Call For Workshops]()','2000-03-01 00:00:00.000000',0,'','https://docs.google.com/forms/d/e/1FAIpQLSdRtXyy677F-PhErcFSKblSJCbT04mPErJWwEYmY6eLq4UsmA/viewform'),(69,'Maritime Village [Call For Index]()','2000-03-01 00:00:00.000000',0,'','https://maritimehackingvillage.com/cfx-2026'),(70,'Crypto Privacy Village [Call For Papers]()','2026-05-29 23:59:59.000000',1,'Call for Papers (CFP)\r\nThe Crypto & Privacy Village Call for Papers (CFP) is looking for top-notch presentations, discussions, panels, workshops, show & tell, and other creative online content! https://cfp.cryptovillage.org/\r\n\r\nThe Crypto & Privacy Village is excited to announce its participation in DEF CON 34: Agency. We are looking for top-notch presentations, discussions, panels, workshops, show & tell, and other creative online content!\r\n\r\nIn our 13th year, our theme is TBA. We are looking for a combination of pre-recorded and live content, and we’ll be accepting any formats from 5-minute lightning talks to workshops, panels, or hour-long streams. Want to stay anonymous? Let us know! If you’ve got an idea for something else you want to do, we’d love to hear it!','https://cryptovillage.org/cfp/'),(71,'Packet Hacking Village [Call For Papers]()','2026-07-10 23:59:59.000000',0,'Packet Hacking Village Talks at DEF CON 34 Call for Presentations Now Open\r\n\r\nOVERVIEW\r\nThe Wall of Sheep would like to announce a call for presentations at DEF CON 34 in Las Vegas, NV from Friday, August 7th to Sunday, August 9th. Packet Hacking Village Talks goal is to deliver talks that increase security awareness and provide skills that can be immediately applied after the conference. Our audience ranges from those who are new to security to the most seasoned practitioners in the security industry. We are accepting submissions from individuals and organizations on any of the topic areas, including, but not limited to, the following technologies and applications:\r\n\r\nUsing AI for packet analysis, for network IDS, for honeypots, for enhanced log analysis/threat detection, for detecting fake AI images/videos\r\nImmutable DevOps\r\nInfrastructure as code\r\nAnsible playbooks for security\r\nOpensource CI/CD pipeline security enhancements\r\nWriting AI effective prompts that enhance or augment security/networking/DevOps\r\nBypassing AI vision\r\nDetecting fake LinkedIn profiles\r\nAwareness: Security awareness program success and failure stories.\r\nCloud Security: Hacks and tricks for assessing and testing services.\r\nCompliance: How to use regulatory compliance requirements in your favor to enhance your overall funding and security posture.\r\nNetworking and Cybersecurity: The latest hacks, trends and technologies in networking and cybersecurity.\r\nSpy-level makeup art (e.g., wigs, prosthetic noses, etc.)\r\nSupply Chain Security: Building security into the supply chain process to reduce risk.\r\nThreat Defense: Advanced techniques for defending networks, systems, and services from cyberthreats.\r\nTools, Techniques, and Procedures: network sniffing, intrusion detection, monitoring, forensics, DFIR log analysis, collection & visualization, threat hunting, EDR telemetry, lolbin’s for defense, detecting download cradles, using the ATT&CK framework for defense, Incident response process and procedures and/or recovery, automation','https://www.phvillage.io/pages/dc34-talks-cfp/'),(76,'Recon Village [Call For Workshops]()','2026-06-25 23:59:59.000000',1,'We are seeking submissions for Deep Hands-On Workshops at Recon Village.\r\n\r\nWorkshops should be practical, technical, and focused on helping participants learn by doing. We welcome workshop submissions related to Open Source Intelligence (OSINT), Information Gathering, and Reconnaissance.','https://sessionize.com/recon-village-call-for-workshops/'),(77,'Recon Village [Call For Sponsors]()','2000-03-01 00:00:00.000000',8,'Support Recon Village\r\nHelp us keep the OSINT community thriving\r\n\r\nRecon Village started as a small gathering of OSINT enthusiasts at DEF CON. Over the years, it has grown into one of the most vibrant communities at the conference - a place where researchers, professionals, and curious minds come together to share knowledge, learn from each other, and push the boundaries of open-source intelligence.\r\n\r\nWe\'ve always been community-driven. Every talk, every workshop, every contest is organized by volunteers who believe in making knowledge accessible. We don\'t charge attendees. We don\'t gatekeep information. We believe that when people share freely, everyone grows.\r\n\r\nBut running a village takes resources - badges, infrastructure, equipment, and countless hours of work. That\'s where sponsors come in. Your support helps us keep Recon Village free and open for everyo','https://reconvillage.org/call-for-sponsors'),(78,'Recon Village [Call For Sponsors]()','2000-03-01 00:00:00.000000',0,'Support Recon Village\r\nHelp us keep the OSINT community thriving\r\n\r\nRecon Village started as a small gathering of OSINT enthusiasts at DEF CON. Over the years, it has grown into one of the most vibrant communities at the conference - a place where researchers, professionals, and curious minds come together to share knowledge, learn from each other, and push the boundaries of open-source intelligence.\r\n\r\nWe\'ve always been community-driven. Every talk, every workshop, every contest is organized by volunteers who believe in making knowledge accessible. We don\'t charge attendees. We don\'t gatekeep information. We believe that when people share freely, everyone grows.\r\n\r\nBut running a village takes resources - badges, infrastructure, equipment, and countless hours of work. That\'s where sponsors come in. Your support helps us keep Recon Village free and open for everyone.','https://reconvillage.org/call-for-sponsors'),(81,'DEF CON 34 Policy Call For Volunteers \n[BlueSky post]() \n[Google Form]()','2000-03-01 00:00:00.000000',0,'Attaché (Volunteer) Interest Form\r\nHere’s your chance to get involved with Policy@DEF CON! \r\n\r\nSpend a few hours on-site with us and get a first hand view of what it takes to gather hackers and policymakers at the largest hacker con.\r\n\r\nBenefits are sure to include swag, a fun time, cool people, and our undying gratitude! Must have your own DEF CON badge to participate.','https://bsky.app/profile/defconpolicy.bsky.social/post/3mnkoakr7ps26|https://docs.google.com/forms/d/e/1FAIpQLScyJd-GwFXVxS6Bxk0W-crbAUneOnfnue46XodFIK1lytNkJQ/viewform'),(82,'Blue Team Village [Call For Volunteers]()','2000-03-01 00:00:00.000000',0,'Blue Team Village Volunteer DC34\r\n\r\nBlue Team Village (BTV) is the defensive side of the hacker mirror — a hands-on space where incident responders, threat hunters, detection engineers, forensic analysts, and curious newcomers come together to share tools, tactics, and war stories. Founded “for and by defenders,” BTV runs entirely on volunteer energy, and DC 34 is right around the corner.','https://docs.google.com/forms/d/e/1FAIpQLSc_EEMmjGNAnnRY4JRbkaFZLnkDgiE6T0-FLW6G0zjMMVv5ag/viewform'),(83,'Quantum Village [Call For Volunteers]()','2000-03-01 00:00:00.000000',0,'Call for Volunteers\r\nThis year\'s theme is: Agency\r\nDates: August 7th-9th\r\nLocation: Las Vegas Convention Centre, Las Vegas, NV, USA \r\n\r\nQuantum Village is a 501(c)(3) non-profit and is primarily volunteer driven, in order to create the best possible Quantum Village @ DEF CON experience. For the last 5 years we have been creating accessible and interactive spaces for hackers, technologists and the curious to engage, learn and hack with Quantum Technologies at DEF CON and beyond. \r\n\r\nVolunteering is a fun opportunity to pay it forward but equally a unique professional growth opportunity and way to immerse yourselves in a community dedicated to developing and hacking quantum technologies! ','https://docs.google.com/forms/d/e/1FAIpQLSca8XQIKAa5clflDizJXiJDinl6XT0TGhp6RdXHvj4K0RQS-Q/viewform'),(84,'Quantum Village [Call For Content]()','2000-03-01 00:00:00.000000',0,'Quantum Village @ DEF CON 34: Call for Workshops/Talks/Demos\r\nQuantum Village @ DEF CON 34 \r\nThis year\'s theme is: Agency\r\nThis year we are showing preference for workshops and are seeking deep subject matter experts to help guide the hackers and technologists of DEF CON to deeper understanding and appreciation of all things quantum.\r\n\r\nWe are looking to get all of the responses in by end-May and then quickly turned around! If you have multiple ideas for talks/workshops, or want to bring a talk and a demo, say, then please complete separate applications for each.','https://docs.google.com/forms/d/e/1FAIpQLScxabiE8Q6oReecMM8epsHf3vijBz3AEurepgB9YWXSzpRiBw/viewform'),(85,'Lock Pick Village [Call For Content]()','2000-03-01 00:00:00.000000',0,'DEF CON 34 LPV Call for Content\r\nTOOOL is once again proud to be hosting DEF CON\'s Lock Pick Village! An important part of the LPV is the many informative talks hosted throughout the weekend, furthering our mission to advance public knowledge about locks and lockpicking! To that end, we are excited to officially open our call for content. If you have a locksport themed talk or presentation please submit it below.\r\n\r\nWe\'re also excited to continue bolstering the contests side of our content this year. We have an official dozier drill tourney on the DEF CON contest list, but if you have something you\'d like to pilot we\'d love to hear about it!','https://docs.google.com/forms/d/e/1FAIpQLSeqHGDjJThnH_mZLsEUH1zETNFhwoGdncecoVMffocnMPzMfA/viewform'),(86,'Voting Village [Call For Papers]()','2026-07-08 23:59:59.000000',0,'The Voting Village at DEF CON is the first public forum where election systems experts, hackers and members of the public have legal, unconstrained, hands-on experience with actual voting systems used in the United States and elsewhere. It has become a premier venue for exploring the theory and practice of election security. The Voting Village is returning for its tenth year at DEF CON, August 7–9, 2026, at the Las Vegas Convention Center.\r\n\r\nOnce again this year, the Voting Village will feature a two-day Symposium on Election Integrity on August 7th and 8th (Friday and Saturday). We solicit talks and panels that leave attendees and the media with an accurate and realistic understanding of the state of election technology and security in the U.S. and elsewhere.','https://votingvillage.info/defcon-2026/cfp'),(87,'AI Village [Call For Volunteers]()','2000-03-01 00:00:00.000000',0,'AIV Volunteers - DEFCON 34\r\nThe AI Village @ DEFCON is looking for volunteers to help out at DEFCON 34! Please use this form to get in touch and let us know your availability. If you have any questions, please email sam@aivillage.org','https://docs.google.com/forms/d/e/1FAIpQLSfM0m30Hia3DHkFfnHaGqIINMgRYCBlW0Dfgkl1EXR3QdHTnw/viewform'),(88,'Game Hacking Village [Call For Volunteers]()','2026-07-15 23:59:59.000000',0,'','https://docs.google.com/forms/d/e/1FAIpQLScjPTSrQmO2ZVbAJZdkYZ8pf9VOkVjbCRUb4XmMSxdI8h9V0Q/viewform'); /*!40000 ALTER TABLE `CallFors` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `DCannouncements` -- DROP TABLE IF EXISTS `DCannouncements`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!50503 SET character_set_client = utf8mb4 */; CREATE TABLE `DCannouncements` ( `ID` int NOT NULL AUTO_INCREMENT, `url` varchar(512) CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NOT NULL, `descrip` varchar(1024) CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NOT NULL, `datewhen` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP, PRIMARY KEY (`ID`) ) ENGINE=InnoDB AUTO_INCREMENT=322 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_0900_ai_ci; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `DCannouncements` -- LOCK TABLES `DCannouncements` WRITE; /*!40000 ALTER TABLE `DCannouncements` DISABLE KEYS */; INSERT INTO `DCannouncements` VALUES (208,'https://bsky.app/profile/dianainitiative.bsky.social/post/3meljxfgyg32y','The Diana Initiative 2026 - virtual only - [Call For Presentations]() opens','2026-02-16 13:02:01'),(209,'https://defcon.org/#34rooms|https://forum.defcon.org/node/255428','DEF CON 34 room blocks open! \r\n[DC Home page]() \r\n[DC Forum]()','2026-02-17 00:58:14'),(211,'https://defcon.org/html/defcon-34/dc-34-cfi.html','DEF CON [Call Fors Everything]() Opens','2026-02-17 01:23:51'),(212,'https://bsky.app/profile/dcgvr.bsky.social/post/3mdccadvvqk25','[DCGVR going onto hiatus](), will not be at DC34','2026-02-17 23:47:03'),(213,'https://x.com/TelecomVillage/status/2023652284190851091?s=20','Telecom Village [Call For Papers]()','2026-02-18 00:08:14'),(214,'https://defcon.org/html/links/dc-news.html#ctforg','[Introducing the New DEF CON CTF Organizers](): Benevolent Bureau of Birds!','2026-03-03 21:44:31'),(215,'https://defcon.org/html/defcon-34/dc-34-villages.html|https://defcon.org/html/defcon-34/dc-34-communities.html|https://defcon.org/html/defcon-34/dc-34-contests.html|https://defcon.outel.org/dcwp/dc34/activities/villages/|https://defcon.outel.org/dcwp/dc34/peopleandorgs/communities-table/|https://defcon.outel.org/dcwp/dc34/activities/c/','Initial release of Accepted DC Content \nDC.org - [Villages]() - [Communities]() - [Contests]() \nTheOne! - [Villages]() - [Communities]() - [Contests]()','2026-03-08 15:33:37'),(216,'https://defcon.org/html/links/dc-news.html#prereg34','[DEF CON 34 Pre-Registration is Open!]()\r\n','2026-03-08 16:29:03'),(217,'https://sessionize.com/rtv-at-dc34','Red Team Village [Call For Speakers/Presentations]()','2026-03-08 16:57:12'),(218,'https://forms.gle/qbVorEHHoYA9p8D38','Red Team Village [Call For Volunteers]()','2026-03-08 16:57:12'),(219,'https://drive.google.com/file/d/1344CxfPdZaCgOZqElDNIule9rLe8djVY/view?usp=sharing','Red Team Village [Call For Sponsors]()','2026-03-08 16:57:12'),(220,'https://redteamvillage.io/','Red Team Village [Call For All]()','2026-03-08 17:00:22'),(221,'https://hamvillage.org/events/dc34','Ham Radio Village [Call For Volunteers]()','2026-03-09 01:42:05'),(222,'https://cfp.hamvillage.org/dc34/cfp','Ham Radio Village [Call For Papers]()','2026-03-10 03:59:18'),(223,'https://defcon.social/@defcon/116202140503945408|https://defcon.org/html/defcon-34/dc-34-theme.html','DEF CON 34 Theme is announced - \'Agency\' \n[Mastodon]() \n[DC34 website]()','2026-03-10 04:39:44'),(224,'https://bsky.app/profile/aerospacevillage.bsky.social/post/3mgmwspm5in2k|https://defcon.social/@Hank/116206481142874602','Aerospace Village Call For Presentations \n[BlueSky]() \n[Mastodon]()','2026-03-11 07:04:03'),(225,'https://bsky.app/profile/aerospacevillage.bsky.social/post/3mgpgn7zkkr24','Aerospace Village [Call For Workshops]()','2026-03-11 07:08:25'),(226,'https://defcon.social/@toxicbbq/116234341006335465','[Toxic BBQ]() - Aug 6 Thursday Meetup for DC34','2026-03-15 10:32:23'),(227,'https://defcon.social/@DianaInitiative/116241571094475012','The Diana Initiative [Ticket Sales Opens]()','2026-03-17 07:39:52'),(228,'https://rfhackers.com/sponsors/','Radio Frequency Village [Call For Sponsors]()','2026-03-27 10:01:18'),(229,'https://www.appsecvillage.com/volunteer','Appsec Village [Call For Volunteers]()','2026-04-01 01:30:50'),(230,'https://www.appsecvillage.com/sponsors','Appsec Village [Call For Sponsors]()','2026-04-01 01:30:50'),(231,'https://www.blacksincyberconf.com/call-for-papers','Blacks in Cybersecurity [Call For Papers]()','2026-04-01 23:40:12'),(234,'https://www.bugbountydefcon.com/call-for-volunteers','Bug Bounty Village [Call For Volunteers]()','2026-04-01 23:40:12'),(235,'https://www.bugbountydefcon.com/call-for-papers','Bug Bounty Village [Call For Papers]()','2026-04-01 23:40:12'),(236,'https://docs.google.com/forms/d/e/1FAIpQLSdK7c2tI39LuAWRonqZC5SlSerY7G4smCDp7zSVdaUUvhIbDg/viewform','Car Hacking Village [Call For Papers]()','2026-04-02 00:35:53'),(237,'https://www.carhackingvillage.com/cfc','Car Hacking Village [Call For Challenges]()','2026-04-02 00:35:53'),(238,'https://www.carhackingvillage.com/sponsorship','Car Hacking Village [Call For Sponsors]()','2026-04-02 00:35:53'),(239,'https://dcddv.org/dc34-cfp','Data Duplication Village [Call For Presentations]()','2026-04-02 20:36:29'),(240,'https://dcddv.org/dc34-vol-call','Data Duplication Village [Call For Volunteers]()','2026-04-02 20:36:29'),(241,'https://malwarevillage.org/sponsor.pdf','Malware Village [Call For Sponsors]()','2026-04-02 22:00:48'),(242,'https://physsec.org/get-involved/','Physical Security Village [Call For Volunteers]()','2026-04-03 00:22:25'),(243,'https://docs.google.com/forms/d/e/1FAIpQLSfF7ROnnNVi33gZxZpgcqSrhWfo_14Ja4nVGvt9KkNFef45Pw/viewform','Radio Frequency Village [Call For Papers]()','2026-04-03 02:07:48'),(244,'https://www.telecomvillage.com/sponsors','Telecom Village [Call For Sponsors]()','2026-04-03 22:10:48'),(245,'https://bsky.app/profile/bradanlane.bsky.social/post/3mio6tudczc2y','2026 [eChallengeCoin]()','2026-04-04 11:24:41'),(246,'https://x.com/BlackInCyberCo1/status/2040401708413530569?s=20','[Calling on volunteers]() to help power BIC Village 2026!','2026-04-04 13:38:33'),(247,'https://x.com/BlackInCyberCo1/status/2040053000786292990?s=20','BIC Village [Call for Papers]() is OPEN!','2026-04-04 13:40:49'),(248,'https://x.com/BugBountyDEFCON/status/2038509072815644998','[CFP for Bug Bounty Village]() @ DEF CON 34 is now OPEN!','2026-04-04 13:47:10'),(249,'https://x.com/defcon_music/status/2038403175926145173?s=20','DEF CON 34 [Call for Music / Soundtrack]() is still OPEN','2026-04-04 13:56:10'),(250,'https://defcon.social/@defcon/116331117737672234','DEF CON [Training Las Vegas 2026]() Course Lineup is now live! ','2026-04-04 14:16:21'),(251,'https://defcon.social/@defcon/116325914003684721','DC in the news - [meet the BenevolentBureauofBirds]() edition','2026-04-04 15:02:13'),(252,'https://defcon.social/@DianaInitiative/116323680811463431','The Diana Initiative [CFP is open]()','2026-04-04 15:08:02'),(253,'https://www.paymentvillage.org/get-involved/sponsor','Payment Village [Call For Sponsors]()','2026-04-04 23:26:55'),(254,'https://www.paymentvillage.org/get-involved/CFP','Payment Village [Call For Papers]()','2026-04-04 23:26:55'),(255,'https://www.paymentvillage.org/get-involved/volunteer','Payment Village [Call For Volunteers]()','2026-04-04 23:26:55'),(256,'https://defcon.social/@DianaInitiative/116340667236587484','Online Event - [The Diana Initiative]() tickets available now','2026-04-05 03:06:30'),(257,'https://docs.google.com/forms/d/e/1FAIpQLSfTXyArz3zV9cc0LZquTTzcRFjx9k5dGCPq_8b-49b7kiYFoQ/viewform','Cloud Village [Call For Sponsors]()','2026-04-06 00:39:56'),(258,'https://docs.google.com/forms/d/e/1FAIpQLSf_0KXHMPvTv9d5JSt4anE1OV6PY7I3VoTEOTFC6WJSix49-w/viewform','Cloud Village [Call For Volunteers]()','2026-04-06 00:39:56'),(259,'https://docs.google.com/forms/d/e/1FAIpQLSeIW8zz7kbZ_UWuZLCK1xfsP9uAsyjn1r6W4PGuuoKXPLTmwA/viewform','Cloud Village [Call For Labs]()','2026-04-06 00:39:56'),(260,'https://docs.google.com/forms/d/e/1FAIpQLSfk31a2h-RjDC9XcV9JLu4ZiGUxpIa5igT1FgI_ExfVhJWKTQ/viewform','Cloud Village [Call For Papers]()','2026-04-06 00:39:56'),(261,'https://defcon.social/@defcon/116361274966329729','You can now find the full list of [DEF CON SINGAPORE]()speakers online','2026-04-07 01:31:09'),(262,'https://reconvillage.org/cfp','Recon Village [Call For Papers]()','2026-04-09 00:04:38'),(263,'https://x.com/rfhackers/status/2041749396572819903?s=20','Radio Frequency Village [Call For Sponsors]()','2026-04-09 01:09:42'),(264,'https://adversaryvillage.org/call-for-papers/','Adversary Village [Call For Papers]()','2026-04-12 00:49:20'),(265,'https://x.com/BlackInCyberCo1/status/2042226136671740021?s=20','Blacks in Cyber [Call For Fundraising]()','2026-04-12 01:15:22'),(266,'https://defcon.social/@Jayson/116381817608864932','Adversaries don\'t schedule appointments. [Register for Blackhat or DEF CON]()','2026-04-12 01:29:19'),(267,'https://www.bugbountydefcon.com/call-for-sponsors','Bug Bounty Village [Call For Sponsors]()','2026-04-12 23:01:04'),(268,'https://www.bugbountydefcon.com/call-for-events','Bug Bounty Village [Call For Events]()','2026-04-12 23:01:04'),(269,'https://defcon.social/@nixvegas/116393680217249385','Nix Vegas is [looking for sponsors]() for DEF CON 34','2026-04-13 01:05:25'),(270,'https://defcon.social/@goldbug/116265227112211601','Crypto Village [Call For Artists]()','2026-04-13 02:01:17'),(271,'https://mastodon.social/@biohacking_village/116394954424838793','Bio Hacking Village [Call for Papers/Workshops]()','2026-04-13 22:16:29'),(272,'https://x.com/AppSec_Village/status/2043706089116443037?s=20','AppSec Village [Call For Proposals]()','2026-04-13 23:03:35'),(273,'https://x.com/IoTvillage/status/2043668761085944037?s=20','IoT Village [Call For Papers]()','2026-04-13 23:20:11'),(274,'https://bsky.app/profile/defcon.bsky.social/post/3mjkymkt7uc2z','DEF CON [Call for Workshops]() is still open!','2026-04-15 23:00:14'),(275,'https://x.com/BSidesLV/status/2044122387990348034?s=20','[Everything is open]() for BSidesLV, talks/hotel/registration etc.','2026-04-15 23:15:12'),(276,'https://defcon.social/@Hac3krrunway/116421785738818222','contest to beheld at #defcon34 [hack3r Runw@y]()','2026-04-18 02:59:35'),(277,'https://defcon.social/@circuitswan/116422645980247373','[HackerSummerCampGuide]() for 2026, what should I add?','2026-04-18 03:04:28'),(278,'https://defcon.social/@secureaerospace@bird.makeup/116428735759342673','Aerospace Village [Call Fors extended]()','2026-04-20 01:36:54'),(279,'https://bsky.app/profile/defconpolicy.bsky.social/post/3mjptfjnpxk2d','Its not too late to submit your [talk, panel, or session]() to Policy DEF CON 34\n','2026-04-20 02:19:35'),(280,'https://sessionize.com/malware-village-defcon34','Malware Village [Call For Papers]()','2026-04-20 02:41:28'),(281,'https://infosec.exchange/@magen/116444731540357202','Reminder to everyone, the @defcon [Call for Workshops]() closes on May 1, next Friday','2026-04-22 00:04:44'),(282,'https://x.com/BSidesLV/status/2039493015161512273?s=20','BSidesLV [Call For Papers]() is now open','2026-04-22 01:08:20'),(284,'https://x.com/physsec/status/2046979545299861893?s=20','Physical Security Village [Call for Papers, Exhibits & Volunteers]()','2026-04-24 00:41:07'),(285,'https://docs.google.com/forms/d/e/1FAIpQLScXZzSmISdk54oS3YDki_X42WAVM6VztMKaWwsUxyxmBPe-4g/viewform','Physical Security Village [Call For Volunteers]()','2026-04-24 00:53:47'),(286,'https://x.com/physsec/status/2046981389812105478?s=20','Physical Security Village [Call For Exhibits]()','2026-04-24 00:58:34'),(287,'https://x.com/physsec/status/2046981145770721758?s=20','Physical Security Village [Call For Papers]()','2026-04-24 00:58:34'),(288,'https://x.com/physsec/status/2046980859060768768?s=20','Physical Security Village [Call For Sponsors]()','2026-04-24 01:17:12'),(289,'https://x.com/BlackInCyberCo1/status/2046937118304358846?s=20','Blacks in Cybersecurity [Call For Sponsors]()','2026-04-24 01:22:23'),(290,'https://infosec.exchange/@magen/116444731540357202','Quick reminder! the @defcon [Call for Workshops]() closes on May 1 (next Friday)! ','2026-04-24 01:51:40'),(291,'https://bsky.app/profile/aerospacevillage.bsky.social/post/3mkavpqta6h2k','Aerospace Village - 1 WEEK TO GO - 1 May final deadline for [CFP and CFW!!]()','2026-04-24 23:36:50'),(292,'https://bsky.app/profile/tindie.com/post/3mkbo2qlenb2g','Back in Stock! [SAO Totem]() version 1.69bis by BadgePirates','2026-04-25 00:02:02'),(293,'https://x.com/BlackInCyberCo1/status/2047661862578159757?s=20','Blacks in Cybersecurity Village [Call For Volunteers]() CLOSED','2026-04-25 00:12:20'),(294,'https://www.bugbountydefcon.com/call-for-papers','Bug Bounty Village [CFP extended]() to May 31st','2026-05-17 14:30:18'),(295,'https://cryptovillage.org/cfp/','Crypto Privacy Village [Call For Papers]()','2026-05-17 14:54:47'),(296,'https://bsky.app/profile/octopusgame.bsky.social/post/3mltmmzd2ns2u','Octopus Game [Call For Sponsors]()','2026-05-19 07:27:54'),(297,'https://defcon.social/@DDV_KnightOwl/116485704211737505','Data Duplication [Call For Presentations]()','2026-05-19 07:50:02'),(298,'https://dcshoot.org/','THE [UNOFFICIAL DEF CON SHOOT]() IS BACK, BABY!','2026-06-08 22:18:30'),(299,'https://docs.google.com/forms/d/e/1FAIpQLScZtqa69lZOjh2GzG6OPjrSbtDg47vDGEjTb8zg_UTpx1JCLg/viewform','DC Groups [Sticker Contest]()','2026-06-08 23:24:57'),(301,'https://bsky.app/profile/aerospacevillage.bsky.social/post/3mn5pkx3rtg2y','Looking for [Aerospace Village]() memories!','2026-06-14 19:34:37'),(302,'https://bsky.app/profile/bradanlane.bsky.social/post/3mobcett3s22g','2026 [eChallenge Coin]()','2026-06-14 21:19:33'),(303,'https://bsky.app/profile/defcon.bsky.social/post/3mnsqi2eybs2s','[DC34 Music Acts]() are Selected!','2026-06-14 21:57:28'),(304,'https://x.com/AISecurityForum/status/2065035695387709746?s=20','The [AI Security Forum]() is back in Las Vegas!','2026-06-14 22:55:56'),(305,'https://forum.defcon.org/node/255767#post255787','[Short Story]() contest','2026-06-15 01:12:11'),(306,'https://docs.google.com/forms/d/e/1FAIpQLSfVaUxNc7BBXxqGSpY1EKEjaUARb3lU5T-Mwrzokm5c8Ji7Yg/viewform','[#badgelife]() spreadsheet submission form','2026-06-15 01:14:17'),(307,'https://bsky.app/profile/defcon.bsky.social/post/3moeico5ca22s','What\'s it like being a [DC Goon at SG1]()','2026-06-15 22:47:49'),(308,'https://x.com/wiglenet/status/2064818874307227821?s=20','RF Village [World Wide War Drive]()','2026-06-15 23:38:46'),(309,'https://defcon.social/@DianaInitiative/116731505642082344','TDI is looking for [DEF CON mentors]()','2026-06-16 01:08:10'),(310,'https://infosec.exchange/@greynoise/116727206135144863','[Noise Fest]() is back!','2026-06-16 01:13:44'),(311,'https://defcon.social/@DianaInitiative/116703237312154415','Volunteers for [Resume Reviews]() at TDI','2026-06-16 01:24:25'),(312,'https://bsky.app/profile/dianainitiative.bsky.social/post/3mogtzqulwc2f','TDI and Mental Health Hackers present [The Quiet Room]()','2026-06-17 01:07:12'),(313,'https://docs.google.com/spreadsheets/d/1wQ6J0tJiVCPgppxiPg_mM6mS6Il-jm3Ez1fj3a-7XRs/|https://forms.gle/hZwg26ZNubYLWY2t9','[#badgelife]() spreadsheet of unofficial badges for DC34 \r\nsubmit a [new badge]()','2026-06-20 07:19:03'),(314,'https://defcon.social/@DianaInitiative/116782372244358013','[TDI Meetup]() on Fri','2026-06-21 02:44:15'),(317,'https://defcon.org/html/defcon-34/dc-34-venue.html#roomblock','3 more [Hotel Room Blocks]() just opened up!','2026-06-25 01:02:59'),(318,'https://x.com/cloudvillage_dc/status/2072742101599858758?s=20','Cloud Village [Labs Schedule]() is live!','2026-07-10 07:13:25'),(319,'https://x.com/cloudvillage_dc/status/2072002230392373635?s=20','Cloud Village [Talk Schedule]() is Live!','2026-07-10 07:16:04'),(320,'https://x.com/HamRadioVillage/status/2070613076680798237?s=20','Come take our FREE [\"Ham in a Day\" class]() at DC34','2026-07-10 07:19:28'),(321,'https://x.com/defcon_music/status/2073522818026009024?s=20','It\'s the schedule for the [DC34 music lineup!]()','2026-07-10 07:27:29'); /*!40000 ALTER TABLE `DCannouncements` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `articles` -- DROP TABLE IF EXISTS `articles`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!50503 SET character_set_client = utf8mb4 */; CREATE TABLE `articles` ( `title` varchar(60) NOT NULL, `content` text NOT NULL, `sortorder` tinyint NOT NULL, `id` int NOT NULL AUTO_INCREMENT, `hash` varchar(32) CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=982 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_0900_ai_ci; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `articles` -- LOCK TABLES `articles` WRITE; /*!40000 ALTER TABLE `articles` DISABLE KEYS */; INSERT INTO `articles` VALUES ('\'Welcome to DEF CON 34!\'','\'\n\'',0,981,'5bf3e2ca73a9c7cc2124cc76a8f417a8'); /*!40000 ALTER TABLE `articles` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `documents` -- DROP TABLE IF EXISTS `documents`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!50503 SET character_set_client = utf8mb4 */; CREATE TABLE `documents` ( `title` varchar(60) NOT NULL, `content` text NOT NULL, `sortorder` tinyint NOT NULL, `id` int NOT NULL AUTO_INCREMENT, `hash` varchar(32) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=3031 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_0900_ai_ci; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `documents` -- LOCK TABLES `documents` WRITE; /*!40000 ALTER TABLE `documents` DISABLE KEYS */; INSERT INTO `documents` VALUES ('\'Code of Conduct\'','\'

DEF CON provides a forum for open discussion between participants, where radical viewpoints are welcome and a high degree of skepticism is expected. However, insulting or harassing other participants is unacceptable. We want DEF CON to be a safe and productive environment for everyone. It’s not about what you look like but what’s in your mind and how you present yourself that counts at DEF CON.

\n\n

We do not condone harassment against any participant, for any reason. Harassment includes deliberate intimidation and targeting individuals in a manner that makes them feel uncomfortable, unwelcome, or afraid.

\n\n

Participants asked to stop any harassing behavior are expected to comply immediately. We reserve the right to respond to harassment in the manner we deem appropriate, including but not limited to expulsion without refund and referral to the relevant authorities.

\n\n

This Code of Conduct applies to everyone participating at DEF CON - from attendees and exhibitors to speakers, press, volunteers, and Goons.

\n\n

Anyone can report harassment. If you are at DEF CON and are being harassed, notice that someone else is being harassed, or have any other concerns, you can let us know by contacting any Goon, registration desk, or info booth, as well as by calling or texting the hotline at 725-222-0934. As a reminder, you can also contact the hotline during the con if you just need someone supportive to talk to. You can also file a report year-round by contacting safety@defcon.org. We encourage individuals to report CoC violations as soon as they’re able to so we can begin our investigation before evidence is lost or destroyed, but it’s never too late to make a report.

\n\n

Conference staff will be happy to help participants contact hotel security, local law enforcement, or otherwise assist those experiencing harassment to feel safe for the duration of DEF CON.

\n\n

Remember: The CON is what you make of it, and as a community we can create a great experience for everyone.

\n\n
    \n
  • The Dark Tangent
  • \n
\n\n



dc-policy.html

\n\'',0,3029,'16b552ae6488376b26790dd873ae3a1f'),('\'Decoder Ring (Glossary)\'','\'

3-2-1 Rule - Rule for the minimum required daily activities during the span of the DEF CON conference: 3 hours of sleep, 2 meals, 1 shower. The 0 for \"zero stickers applied to venue\" is silent.

\n\n

6-3-2 - It\'s like 3-2-1, except more. Recommended by some hackers and nearly all conference organizers.

\n\n

A&E - Arts & Entertainment, the DEF CON department in charge of overseeing arts, music, and all other forms of entertainment.

\n\n

AEV - Aerospace Village

\n\n

AIV - A. I. Village

\n\n

AP - The Alexis Park hotel, where DEF CON was held in the early days.

\n\n

ASV - AppSec Village

\n\n

BH - See \"BlackHat\", below.

\n\n

BHV - Biohacking Village

\n\n

BICV - Blacks In Cybersecurity Village

\n\n

Black Badge - The Black Badge is the highest award DEF CON gives to contest winners of certain events. A Black Badge allows free entrance to DEF CON for life. There has never been a raffle to give away a black badge, and there never will be.

\n\n

BlackHat - BlackHat is a conference unrelated to DEF CON, that happens in Las Vegas shortly before DEF CON. The Dark Tangent founded both DEF CON and BlackHat.

\n\n

Blue Team - A blue team is a group of defenders who work to improve an organization\'s security by identifying security threats and risks, analyzing the network environment, and responding to incidents when they occur.

\n\n

BSides - Unrelated to DEF CON, SecurityBSides conferences are conferences or gatherings of individuals in a local area.

\n\n

BSidesLV - BSides Las Vegas is an unrelated conference that happens in Las Vegas shortly before DEF CON.

\n\n

BTV - Blue Team Village -- a community built for and by defenders

\n\n

C&E - The DEF CON department the oversees contests (and formerly events).

\n\n

Chatham House Rule - When a meeting, or part thereof, is held under the Chatham House Rule, participants are free to use the information received, but neither the identity nor the affiliation of the speaker(s), nor that of any other participant, may be revealed. Wikipedia

\n\n

CHV - Car Hacking Village

\n\n

COC - Code of Conduct. All activities happening within the DEF CON conference perimeter are required to strictly follow the DEF CON Code of Conduct. The Code of Conduct is available in Hacker Tracker, in the printed program, and
[dc-policy.html](https://www.defcon.org/html/links/dc-policy.html)\">here
.

\n\n

Con - Shortened form of the word \"conference\" or \"convention\". Many of the activities that take place refer to themselves as a con. For example, the meetup of the LGBTQIA+ community is referred to as \"Queercon\".

\n\n

Contest - In Hacker Tracker, the tag \"Contest\" is applied to contests that were pre-approved by DEF CON, and are also listed in the printed program. These vary in location, type, and format. Villages, communities, and etc., may also run contests that were not pre-approved by DEF CON, but those won\'t carry the \"Contest\" tag. Events carrying the \"Contest\" tag are eligible for consideration for a Black Badge award.

\n\n

CPV - Crypto & Privacy Village

\n\n

CTF - Capture The Flag, a subset of \"contest\". The DEF CON Capture the Flag (CTF), the largest open computer security hacking game, is a hacking competition where teams of hackers attempt to attack and defend computers. In addition to the official DEF CON CTF, there are many CTF events run by various organizations and villages. There may also be unofficial CTFs held by general attendees and others.

\n\n

DC34 - DEF CON 34. Broadly speaking, \"DC\" followed by a number refers to the number of the that year\'s conference. For example, year 2026 is DEF CON 34.

\n\n

DCG - DEF CON Groups. DEF CON Groups are worldwide, local chapters of hackers, thinkers, makers and others. DEF CON Groups are usually identified by the area code of the area where they are located in the US, and by other numbers when outside of the US e.g., DC614, DC201, etc.

\n\n

DCIB - DEF CON Information Booth. Now known as an NFO Node.

\n\n

DCTV - DEF CON TV. DEF CON broadcasts various conference speaking tracks and events on venue audio/visual networks. Access to these broadcasts varies by venue, but generally can be found on the hotel TV systems. DCTV also broadcasts to online streaming services, when possible.

\n\n

DDV - The DEF CON Data Duplication Village. This village is designed to help the information security community by providing replication of the large amount of data DEF CON has collected over the years.

\n\n

DEVOPS - The DEF CON department that oversees the DEF CON Discord instance and supporting infrastructure.

\n\n

DFIU - \"Don\'t fuck it up\"

\n\n

DISP - Dispatch, the DEF CON department that triages and escalates interdepartmental requests.

\n\n

DT - \"DT\", or \"The Dark Tangent\", refers to Jeff Moss, the founder of DEF CON.

\n\n

EFF - The Electronic Frontier Foundation, a nonprofit organization defending civil liberties in the digital world.

\n\n

EV or ESV - Embedded Village, formerly Embedded Systems Village. Not to be confused with Electric Vehicle.

\n\n

Exhibitor - Exhibitors are professional organizations looking to connect to the unique DEF CON audience; the hacker, the researcher, and the student. Exhibitors were considered vendors until DC31. The difference is largely that you walk out of Vendors carrying physical merchandise, but you walk out of Exhibitors with a dream.

\n\n

Fed - Employees of the Federal (US) government. Typically used in the context of the DEF CON \"Spot the Fed\" competition, an informal game at DEF CON where the object of the game is to identify who among the attendees is an employee of the federal government.

\n\n

Goon - DEF CON staff. They have many roles including safety, speaker coordination, vendor room coordination, network operations, etc.

\n\n

Hacker Tracker - A conference information and scheduling application for iOS and Android. HackerTracker is the official conference app of DEF CON. HackerTracker also powers info.defcon.org.

\n\n

Ham - \"Ham\" is a common term for amateur radio operator. See also HRV (Ham Radio Village).

\n\n

HDA - \"Hackers with Disabilities\" -- the DEF CON team that works to ensure that the DEF CON experience is the best it can be for the ADA/accessible community.

\n\n

HHV - Hardware Hacking Village, which also operates Soldering Skills Village

\n\n

HR - Human Registration

\n\n

HRV - Ham Radio Village

\n\n

Human - General attendees of the DEF CON conference.

\n\n

ICSV - Industrial Control Systems Village -- dedicated to securing ICS/SCADA systems.

\n\n

Inhuman - All DEF CON goers who are not \"human\". (Goons, village staff, speakers, contractors, etc.)

\n\n

IOTV - Internet of Things Village -- The IoT Village advocates for advancing security in the Internet of Things (IoT) industry by bringing researchers and industry together.

\n\n

LineCon - Originally referred to the line for [human] badges to enter the con. Has since grown to encompass any line at DEF CON: any long line has the potential to turn into a con.

\n\n

LPV - Lock Pick Village -- a dedicated space at DEF CON that\'s arranged around the topic of lock picking, lock bypass, and physical security topics.

\n\n

Merch - The DEF CON Merch department sells DEF CON branded apparel and other merchandise. (The most popular items tend to sell-out relatively quickly, and there\'s often a linecon for merch.)

\n\n

NFO - The DEF CON department that provides information, assistance, and navigational guidance to DEF CON hackers. May also refer to an old-school text file commonly associated with hacker culture. \"NFO\" is pronounced \"info\".

\n\n

NFO Node - Formerly known as an \"infobooth\", these are the locations where NFO goons can most often be found.

\n\n

Pac-Man Rule - Letting someone (typically unknown to you) join you or your group\'s conversation. Read more about it here.

\n\n

PAYV - Payment Village

\n\n

PHV - Packet Hacking Village

\n\n

PME -- The DEF CON department that oversees Parties, Meetups, and Events.

\n\n

POL - Policy@DEFCON Village

\n\n

PSV - Physical Security Village

\n\n

Purple Team - Purple teaming is a security methodology that brings together offensive security professionals (red teams) and defensive security professionals (blue teams) to enhance cyber capabilities through continuous feedback and knowledge transfer.

\n\n

QM - QuarterMaster, the DEF CON department that oversees supplies and physical logistics.

\n\n

QV - Quantum Village

\n\n

Red Team - A red team is a group of security professionals who act as hackers to test an organization\'s defenses.

\n\n

REG - Registration, the DEF CON department that oversees badge issuance.

\n\n

REV - Recon Village

\n\n

RFV - Radio Frequency Village

\n\n

RTV - Red Team Village

\n\n

Scav / scav hunt - The scavenger hunt -- a long-running event at DEF CON.

\n\n

SE - Social Engineering -- a tactic that uses psychological manipulation to trick people into making security mistakes or giving away sensitive information.

\n\n

SECV, SEV - Social Engineering Community Village is a village dedicated to the techniques and principles of Social Engineering.

\n\n

SOC - The SOC is the Department of Fun Enforcement. If you have a safety concern, please seek out a SOC Goon, or call the DEF CON Hotline.

\n\n

SPKR - The DEF CON department that ensures Speakers are prepared to be in the right place at the right time to give their talk.

\n\n

SSV - Soldering Skills Village, which is a function of Hardware Hacking Village

\n\n

SWAG - See Merch.

\n\n

TDI - The Diana Initiative, a community at DEF CON 34.

\n\n

TEV - Tamper Evident Village

\n\n

TLV - Telecom Village

\n\n

Uber Badge - See Black Badge

\n\n

Vendor - An organization selling physical merchandise at DEF CON. All vendors are in the same physical space, and a list of vendors is available in Hacker Tracker. See also Exhibitor.

\n\n

VILL - The DEF CON department that works to ensure Villages are as successful as possible.

\n\n

Village - Villages are autonomous organizations, often non-profit, that gather at DEF CON for a shared hacking experience. Each village has a focus on some distinct aspect of hacking or cybersecurity. Villages create and execute on their own programming, which often includes hands-on activities (like workshops, or physical construction/deconstruction), talks, panel discussions, group conversations, or parties.

\n\n

Vortex / the Vortex - When one is caught up in hallway conversations on the way from one DEF CON activity to another, it\'s referred to as being caught up in the Vortex.

\n\n

VV, VMV, VMHV - Voting Village

\n\n

WISP - Women in Security and Privacy

\n\n

XZBT - The DEF CON department that oversees Exhibitors.

\n\'',0,3030,'3bb6aaad880aac0fb10bb270ac4727d1'); /*!40000 ALTER TABLE `documents` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `events` -- DROP TABLE IF EXISTS `events`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!50503 SET character_set_client = utf8mb4 */; CREATE TABLE `events` ( `day` varchar(16) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `hour` varchar(2) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `starttime` varchar(6) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `endtime` varchar(6) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `continuation` char(1) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `village` varchar(128) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `track` varchar(90) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `title` varchar(512) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `speaker` varchar(256) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `hash` varchar(128) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `desc` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL, `modflag` tinyint DEFAULT NULL, `autoincre` int NOT NULL AUTO_INCREMENT, PRIMARY KEY (`autoincre`), KEY `title` (`title`(255)), KEY `hash` (`hash`) ) ENGINE=InnoDB AUTO_INCREMENT=1067701 DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `events` -- LOCK TABLES `events` WRITE; /*!40000 ALTER TABLE `events` DISABLE KEYS */; INSERT INTO `events` VALUES ('2_Friday','10','10:00','10:45','N','DEF CON Talks','LVCCW Level 1 Hall 3 1006 (Main Track 1)','\'Welcome to DEF CON 34!\'','\'Jeff \"The Dark Tangent\" Moss\'','DEF CON Talks_019b30bc90c89863853b5ebceda03871','\'Title: Welcome to DEF CON 34!
\nTags: DEF CON Official Talk | DEF CON Communications
\nWhen: Friday, Aug 7, 10:00 - 10:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1006 (Main Track 1) - Map
\n
\nDescription:
\n\n\nSpeakerBio:  Jeff \"The Dark Tangent\" Moss
\nNo BIO available
\n\n\'',NULL,1067300),('4_Sunday','06','06:00','07:59','N','Social Gatherings/Events','LVCCW Level 1 North Entrance','\'Defcon.run\'','\'\'','Social Gatherings/Events_984d8b0c4974e284beb52bc9cf2b9438','\'Title: Defcon.run
\nTags: Event
\nWhen: Sunday, Aug 9, 06:00 - 07:59 PDT
\nWhere: LVCCW Level 1 North Entrance - Map
\n
\nDescription:
\n

Defcon.run, formerly the DEF CON 4x5K, is a community-driven tradition where hackers gather for morning runs and rucks across Las Vegas. Participants can choose from various routes, from 5Ks to longer distances.

\n\n

For DEF CON 34, meet at \"The Spot\" near the North Entrance of the Las Vegas Convention Center West Hall. Activities start at 06:00, Thursday through Sunday; arrive early for safety briefings and community hype.

\n\n

Whether you are an experienced runner or a newcomer, visit defcon.run to sign up and connect with the community.

\n\n\'',NULL,1067301),('4_Sunday','07','06:00','07:59','Y','Social Gatherings/Events','LVCCW Level 1 North Entrance','\'Defcon.run\'','\'\'','Social Gatherings/Events_984d8b0c4974e284beb52bc9cf2b9438','\'\'',NULL,1067302),('3_Saturday','06','06:00','07:59','N','Social Gatherings/Events','LVCCW Level 1 North Entrance','\'Defcon.run\'','\'\'','Social Gatherings/Events_dbfbbfca88f2cdbcf66c7aebe1c3555b','\'Title: Defcon.run
\nTags: Event
\nWhen: Saturday, Aug 8, 06:00 - 07:59 PDT
\nWhere: LVCCW Level 1 North Entrance - Map
\n
\nDescription:
\n

Defcon.run, formerly the DEF CON 4x5K, is a community-driven tradition where hackers gather for morning runs and rucks across Las Vegas. Participants can choose from various routes, from 5Ks to longer distances.

\n\n

For DEF CON 34, meet at \"The Spot\" near the North Entrance of the Las Vegas Convention Center West Hall. Activities start at 06:00, Thursday through Sunday; arrive early for safety briefings and community hype.

\n\n

Whether you are an experienced runner or a newcomer, visit defcon.run to sign up and connect with the community.

\n\n\'',NULL,1067303),('3_Saturday','07','06:00','07:59','Y','Social Gatherings/Events','LVCCW Level 1 North Entrance','\'Defcon.run\'','\'\'','Social Gatherings/Events_dbfbbfca88f2cdbcf66c7aebe1c3555b','\'\'',NULL,1067304),('2_Friday','06','06:00','07:59','N','Social Gatherings/Events','LVCCW Level 1 North Entrance','\'Defcon.run\'','\'\'','Social Gatherings/Events_aca0a920e8d5a95ad80ceef3b1729b30','\'Title: Defcon.run
\nTags: Event
\nWhen: Friday, Aug 7, 06:00 - 07:59 PDT
\nWhere: LVCCW Level 1 North Entrance - Map
\n
\nDescription:
\n

Defcon.run, formerly the DEF CON 4x5K, is a community-driven tradition where hackers gather for morning runs and rucks across Las Vegas. Participants can choose from various routes, from 5Ks to longer distances.

\n\n

For DEF CON 34, meet at \"The Spot\" near the North Entrance of the Las Vegas Convention Center West Hall. Activities start at 06:00, Thursday through Sunday; arrive early for safety briefings and community hype.

\n\n

Whether you are an experienced runner or a newcomer, visit defcon.run to sign up and connect with the community.

\n\n\'',NULL,1067305),('2_Friday','07','06:00','07:59','Y','Social Gatherings/Events','LVCCW Level 1 North Entrance','\'Defcon.run\'','\'\'','Social Gatherings/Events_aca0a920e8d5a95ad80ceef3b1729b30','\'\'',NULL,1067306),('1_Thursday','06','06:00','07:59','N','Social Gatherings/Events','LVCCW Level 1 North Entrance','\'Defcon.run\'','\'\'','Social Gatherings/Events_ad46c5985a311e6dbb4735ba4107317e','\'Title: Defcon.run
\nTags: Event
\nWhen: Thursday, Aug 6, 06:00 - 07:59 PDT
\nWhere: LVCCW Level 1 North Entrance - Map
\n
\nDescription:
\n

Defcon.run, formerly the DEF CON 4x5K, is a community-driven tradition where hackers gather for morning runs and rucks across Las Vegas. Participants can choose from various routes, from 5Ks to longer distances.

\n\n

For DEF CON 34, meet at \"The Spot\" near the North Entrance of the Las Vegas Convention Center West Hall. Activities start at 06:00, Thursday through Sunday; arrive early for safety briefings and community hype.

\n\n

Whether you are an experienced runner or a newcomer, visit defcon.run to sign up and connect with the community.

\n\n\'',NULL,1067307),('1_Thursday','07','06:00','07:59','Y','Social Gatherings/Events','LVCCW Level 1 North Entrance','\'Defcon.run\'','\'\'','Social Gatherings/Events_ad46c5985a311e6dbb4735ba4107317e','\'\'',NULL,1067308),('1_Thursday','15','15:00','20:59','N','Social Gatherings/Events','Other / See Description','\'Toxic BBQ\'','\'\'','Social Gatherings/Events_7a65a062d08a67b8c505e640acda2a83','\'Title: Toxic BBQ
\nTags: Event
\nWhen: Thursday, Aug 6, 15:00 - 20:59 PDT
\nWhere: Other / See Description
\n
\nDescription:
\n

Join the humans of Vegas at the unofficial opener of DEF CON. This Thursday Meat-Up is in the shade of Sunset Park, a quick ride from the LVCC. We stock the larder with burgers, dogs, and fixin’s. We rely on you for everything else: sides, drinks, volunteering, and donations.

\n\n

With over 50 sq ft of heat, we have plenty of room on the grill for your personal creations. Contribute food and drinks, staff the grill, join supply runs, or donate to help cover cost. Everything left goes to the EFF. Be a part of what makes this cookout something to remember year after year. The only question is: What are you bringing to Toxic BBQ?

\n\n

Check out toxicbbq.org , find a flyer at an NFO Node, and watch for #ToxicBBQ on the socials for the latest news.

\n\n

Sunset Park, Foxtail Pavilion (Lat: 36.0636, Long: -115.1178)

\n\n\'',NULL,1067309),('1_Thursday','16','15:00','20:59','Y','Social Gatherings/Events','Other / See Description','\'Toxic BBQ\'','\'\'','Social Gatherings/Events_7a65a062d08a67b8c505e640acda2a83','\'\'',NULL,1067310),('1_Thursday','17','15:00','20:59','Y','Social Gatherings/Events','Other / See Description','\'Toxic BBQ\'','\'\'','Social Gatherings/Events_7a65a062d08a67b8c505e640acda2a83','\'\'',NULL,1067311),('1_Thursday','18','15:00','20:59','Y','Social Gatherings/Events','Other / See Description','\'Toxic BBQ\'','\'\'','Social Gatherings/Events_7a65a062d08a67b8c505e640acda2a83','\'\'',NULL,1067312),('1_Thursday','19','15:00','20:59','Y','Social Gatherings/Events','Other / See Description','\'Toxic BBQ\'','\'\'','Social Gatherings/Events_7a65a062d08a67b8c505e640acda2a83','\'\'',NULL,1067313),('1_Thursday','20','15:00','20:59','Y','Social Gatherings/Events','Other / See Description','\'Toxic BBQ\'','\'\'','Social Gatherings/Events_7a65a062d08a67b8c505e640acda2a83','\'\'',NULL,1067314),('0_Wednesday','11','11:00','17:15','N','Social Gatherings/Events','Other / See Description','\'The Unofficial DEF CON Shoot\'','\'\'','Social Gatherings/Events_36dbf05a27d57f843ad364ae43e2111a','\'Title: The Unofficial DEF CON Shoot
\nTags: Event
\nWhen: Wednesday, Aug 5, 11:00 - 17:15 PDT
\nWhere: Other / See Description
\n
\nDescription:
\n

The Unofficial DEF CON Shoot is a public event that happens just prior to the DEF CON hacker conference in Las Vegas, Nevada. It is an opportunity to see and shoot some of the guns belonging to your friends while taking pride in showing and firing your own steel, as well, in a relaxed and welcoming atmosphere. We choose a spot, then we rent tables, canopies, and bring all the necessary safety equipment and amenities. All you need to bring yourself and (optionally) your firearms. New shooters and veterans both attend regularly. You can attend with your firearms, of course, but folk without guns of their own in Vegas may have the opportunity to try gear from others in attendance.

\n\n

Pro Gun Vegas - 12801 Old US 95 Boulder City, NV 89005

\n\n\'',NULL,1067315),('0_Wednesday','12','11:00','17:15','Y','Social Gatherings/Events','Other / See Description','\'The Unofficial DEF CON Shoot\'','\'\'','Social Gatherings/Events_36dbf05a27d57f843ad364ae43e2111a','\'\'',NULL,1067316),('0_Wednesday','13','11:00','17:15','Y','Social Gatherings/Events','Other / See Description','\'The Unofficial DEF CON Shoot\'','\'\'','Social Gatherings/Events_36dbf05a27d57f843ad364ae43e2111a','\'\'',NULL,1067317),('0_Wednesday','14','11:00','17:15','Y','Social Gatherings/Events','Other / See Description','\'The Unofficial DEF CON Shoot\'','\'\'','Social Gatherings/Events_36dbf05a27d57f843ad364ae43e2111a','\'\'',NULL,1067318),('0_Wednesday','15','11:00','17:15','Y','Social Gatherings/Events','Other / See Description','\'The Unofficial DEF CON Shoot\'','\'\'','Social Gatherings/Events_36dbf05a27d57f843ad364ae43e2111a','\'\'',NULL,1067319),('0_Wednesday','16','11:00','17:15','Y','Social Gatherings/Events','Other / See Description','\'The Unofficial DEF CON Shoot\'','\'\'','Social Gatherings/Events_36dbf05a27d57f843ad364ae43e2111a','\'\'',NULL,1067320),('0_Wednesday','17','11:00','17:15','Y','Social Gatherings/Events','Other / See Description','\'The Unofficial DEF CON Shoot\'','\'\'','Social Gatherings/Events_36dbf05a27d57f843ad364ae43e2111a','\'\'',NULL,1067321),('2_Friday','22','22:00','00:59','N','Social Gatherings/Events','LVCCW Level 2 W222 (Workshops)','\'Slopcon\'','\'\'','Social Gatherings/Events_8bc84b9ce43061b3416f5601556e1f02','\'Title: Slopcon
\nTags: Event
\nWhen: Friday, Aug 7, 22:00 - 00:59 PDT
\nWhere: LVCCW Level 2 W222 (Workshops) - Map
\n
\nDescription:
\n

In an era where \"innovation\" is just a polite word for scraping the bottom of the LLM barrel, we invite you to embrace the inevitable heat death of original thought at Slopcon. Why bother with pesky human intellect when we can automate the entire conference lifecycle, from hallucinated CFP submissions to slide decks that make absolutely no sense? It’s a high-stakes experiment in synthetic absurdity where the only thing more artificial than the intelligence is the confidence of the \"meatbag\" presenters tasked with delivering this digital dross. Join us for a celebratory descent into the uncanny valley, where we’ll crown the sloppiest generative disasters and toast to the fact that, for now, at least the audience is still real.

\n\n

So, if you’re actually itching to subject the world to more of this or just have a masochistic need for further details, head over to slopcon.org and fulfill your destiny.

\n\n\'',NULL,1067322),('2_Friday','20','20:00','23:59','N','Social Gatherings/Events','LVCCW Level 2 W222 (Workshops)','\'Movie Night\'','\'\'','Social Gatherings/Events_56bc7a7e763f8ede83fb1732a371c50a','\'Title: Movie Night
\nTags: Event
\nWhen: Friday, Aug 7, 20:00 - 23:59 PDT
\nWhere: LVCCW Level 2 W222 (Workshops) - Map
\n
\nDescription:
\n\n\n\'',NULL,1067323),('2_Friday','21','20:00','23:59','Y','Social Gatherings/Events','LVCCW Level 2 W222 (Workshops)','\'Movie Night\'','\'\'','Social Gatherings/Events_56bc7a7e763f8ede83fb1732a371c50a','\'\'',NULL,1067324),('2_Friday','22','20:00','23:59','Y','Social Gatherings/Events','LVCCW Level 2 W222 (Workshops)','\'Movie Night\'','\'\'','Social Gatherings/Events_56bc7a7e763f8ede83fb1732a371c50a','\'\'',NULL,1067325),('2_Friday','23','20:00','23:59','Y','Social Gatherings/Events','LVCCW Level 2 W222 (Workshops)','\'Movie Night\'','\'\'','Social Gatherings/Events_56bc7a7e763f8ede83fb1732a371c50a','\'\'',NULL,1067326),('3_Saturday','20','20:00','23:59','N','Social Gatherings/Events','LVCCW Level 2 W222 (Workshops)','\'Movie Night\'','\'\'','Social Gatherings/Events_b6bb244e855b81cd3a7afd0e7f723e0d','\'Title: Movie Night
\nTags: Event
\nWhen: Saturday, Aug 8, 20:00 - 23:59 PDT
\nWhere: LVCCW Level 2 W222 (Workshops) - Map
\n
\nDescription:
\n\n\n\'',NULL,1067327),('3_Saturday','21','20:00','23:59','Y','Social Gatherings/Events','LVCCW Level 2 W222 (Workshops)','\'Movie Night\'','\'\'','Social Gatherings/Events_b6bb244e855b81cd3a7afd0e7f723e0d','\'\'',NULL,1067328),('3_Saturday','22','20:00','23:59','Y','Social Gatherings/Events','LVCCW Level 2 W222 (Workshops)','\'Movie Night\'','\'\'','Social Gatherings/Events_b6bb244e855b81cd3a7afd0e7f723e0d','\'\'',NULL,1067329),('3_Saturday','23','20:00','23:59','Y','Social Gatherings/Events','LVCCW Level 2 W222 (Workshops)','\'Movie Night\'','\'\'','Social Gatherings/Events_b6bb244e855b81cd3a7afd0e7f723e0d','\'\'',NULL,1067330),('1_Thursday','10','10:00','16:59','N','Social Gatherings/Events','LVCCW Level 3 W314 (Ham Radio Meeting)','\'Ham In A Day Class\'','\'\'','Social Gatherings/Events_0b8a668186aa87c8ac00598f4e67efe8','\'Title: Ham In A Day Class
\nTags: Event | Ham Radio Village
\nWhen: Thursday, Aug 6, 10:00 - 16:59 PDT
\nWhere: LVCCW Level 3 W314 (Ham Radio Meeting) - Map
\n
\nDescription:
\n

The HRV Ham In A Day class returns again for its fourth year, taught again by Dan Romencheck, KB6NU, author of the No-Nonsense Study Guides for the amateur radio license exams.

\n\n

Always been interested in getting your ham license but never had the time to study? Now\'s your chance! The Ham Radio Village is offering a one-day class where you can learn all the required knowledge to pass the exam.

\n\n

Topics include:\n- Electrical Principles\n- Electronic principles and components\n- Radio and electromagnetic wave properties\n- Antennas and Feedlines\n- Amateur Radio Signals\n- Safety\n- Station Setup and Operation\n-Operating Procedures \n- Rules and Regulations

\n\n

The class will run from 10 A.M. to 5 P.M. A lunch break will be provided.

\n\n

Best of all, this class is completely free, thanks to a grant from the Amateur Radio Digital Communications.

\n\n

Last year, we sold out of capacity and had to turn folks away. We highly recommend placing a deposit to reserve your seat. The deposit will be refunded upon attendance of the class. Register by following the attached link.

\n\n\'',NULL,1067331),('1_Thursday','11','10:00','16:59','Y','Social Gatherings/Events','LVCCW Level 3 W314 (Ham Radio Meeting)','\'Ham In A Day Class\'','\'\'','Social Gatherings/Events_0b8a668186aa87c8ac00598f4e67efe8','\'\'',NULL,1067332),('1_Thursday','12','10:00','16:59','Y','Social Gatherings/Events','LVCCW Level 3 W314 (Ham Radio Meeting)','\'Ham In A Day Class\'','\'\'','Social Gatherings/Events_0b8a668186aa87c8ac00598f4e67efe8','\'\'',NULL,1067333),('1_Thursday','13','10:00','16:59','Y','Social Gatherings/Events','LVCCW Level 3 W314 (Ham Radio Meeting)','\'Ham In A Day Class\'','\'\'','Social Gatherings/Events_0b8a668186aa87c8ac00598f4e67efe8','\'\'',NULL,1067334),('1_Thursday','14','10:00','16:59','Y','Social Gatherings/Events','LVCCW Level 3 W314 (Ham Radio Meeting)','\'Ham In A Day Class\'','\'\'','Social Gatherings/Events_0b8a668186aa87c8ac00598f4e67efe8','\'\'',NULL,1067335),('1_Thursday','15','10:00','16:59','Y','Social Gatherings/Events','LVCCW Level 3 W314 (Ham Radio Meeting)','\'Ham In A Day Class\'','\'\'','Social Gatherings/Events_0b8a668186aa87c8ac00598f4e67efe8','\'\'',NULL,1067336),('1_Thursday','16','10:00','16:59','Y','Social Gatherings/Events','LVCCW Level 3 W314 (Ham Radio Meeting)','\'Ham In A Day Class\'','\'\'','Social Gatherings/Events_0b8a668186aa87c8ac00598f4e67efe8','\'\'',NULL,1067337),('3_Saturday','11','11:00','16:59','N','Social Gatherings/Events','LVCCW Level 3 W314 (Ham Radio Meeting)','\'Free Ham Radio License Exams\'','\'\'','Social Gatherings/Events_1f213189c8028dfea8b4d943468c4a94','\'Title: Free Ham Radio License Exams
\nTags: Event | Ham Radio Village
\nWhen: Saturday, Aug 8, 11:00 - 16:59 PDT
\nWhere: LVCCW Level 3 W314 (Ham Radio Meeting) - Map
\n
\nDescription:
\n

Free ham radio exams return to DEF CON 34! Partake in this hacker “rite of passage” by getting your license at DEF CON, presented by the Ham Radio Village.

\n\n

While anyone is able to listen in to amateur/ham radio transmissions, only those who have an amateur radio license are able to fully partake in the “oldest hacker hobby”. With your license, you’ll be authorized by the FCC to transmit up to 1,500W on designated frequencies, build/modify radios & antennas, and even administer your own exams! Additionally, having your ham radio license can improve your resume as it is a well-recognized proof of technical and regulatory knowledge when it comes to all things radio.

\n\n

About The Exam

\n\n

In the US there are 3 current levels of amateur radio license - Technician, General, and Amateur Extra. You can progress through the levels by taking a series of multiple-choice exams showing increasing breadth of knowledge. Most folks at DEF CON looking to become a ham take just the technician exam.

\n\n

The technician exam is a 35 question, multiple choice exam. Questions come from from a public question pool of 400 questions. Because of that, the most popular way folks at DEF CON prepare is by reading through all 400 questions before the exam, and learning hands on once you get licensed. Many study resources exist - most people recommend ham.study.

\n\n

Signing Up

\n\n

Who may register for this testing session:

\n\n
    \n
  • Anyone with an interest in obtaining a new Amateur Radio license or upgrading their existing licenses.
  • \n
  • You may take multiple elements in a single appointment; we just ask that you have studied and are ready to pass.
  • \n
\n\n

Fees

\n\n
    \n
  • All license examinations administered by the Laurel VEC are free to all
  • \n
  • After passing, Laurel VEC will submit your application to the FCC. On acceptance you will receive an email from the FCC directly with instructions to pay the $35 application fee.
  • \n
\n\n

Questions

\n\n

If you have any questions leading up to DEF CON, come visit us on the Ham Radio Village Discord server (discord.gg/hrv) and let us know what questions you have. During the conference, come visit the Ham Radio Village to learn all things ham radio, including the studying, testing, and licensing process.

\n\n\'',NULL,1067338),('3_Saturday','12','11:00','16:59','Y','Social Gatherings/Events','LVCCW Level 3 W314 (Ham Radio Meeting)','\'Free Ham Radio License Exams\'','\'\'','Social Gatherings/Events_1f213189c8028dfea8b4d943468c4a94','\'\'',NULL,1067339),('3_Saturday','13','11:00','16:59','Y','Social Gatherings/Events','LVCCW Level 3 W314 (Ham Radio Meeting)','\'Free Ham Radio License Exams\'','\'\'','Social Gatherings/Events_1f213189c8028dfea8b4d943468c4a94','\'\'',NULL,1067340),('3_Saturday','14','11:00','16:59','Y','Social Gatherings/Events','LVCCW Level 3 W314 (Ham Radio Meeting)','\'Free Ham Radio License Exams\'','\'\'','Social Gatherings/Events_1f213189c8028dfea8b4d943468c4a94','\'\'',NULL,1067341),('3_Saturday','15','11:00','16:59','Y','Social Gatherings/Events','LVCCW Level 3 W314 (Ham Radio Meeting)','\'Free Ham Radio License Exams\'','\'\'','Social Gatherings/Events_1f213189c8028dfea8b4d943468c4a94','\'\'',NULL,1067342),('3_Saturday','16','11:00','16:59','Y','Social Gatherings/Events','LVCCW Level 3 W314 (Ham Radio Meeting)','\'Free Ham Radio License Exams\'','\'\'','Social Gatherings/Events_1f213189c8028dfea8b4d943468c4a94','\'\'',NULL,1067343),('2_Friday','13','13:00','15:59','N','Social Gatherings/Events','LVCCW Level 3 W314 (Ham Radio Meeting)','\'Free Ham Radio License Exams\'','\'\'','Social Gatherings/Events_09c9b3400de794d43b63a9cd9648dd7a','\'Title: Free Ham Radio License Exams
\nTags: Event | Ham Radio Village
\nWhen: Friday, Aug 7, 13:00 - 15:59 PDT
\nWhere: LVCCW Level 3 W314 (Ham Radio Meeting) - Map
\n
\nDescription:
\n

Free ham radio exams return to DEF CON 34! Partake in this hacker “rite of passage” by getting your license at DEF CON, presented by the Ham Radio Village.

\n\n

While anyone is able to listen in to amateur/ham radio transmissions, only those who have an amateur radio license are able to fully partake in the “oldest hacker hobby”. With your license, you’ll be authorized by the FCC to transmit up to 1,500W on designated frequencies, build/modify radios & antennas, and even administer your own exams! Additionally, having your ham radio license can improve your resume as it is a well-recognized proof of technical and regulatory knowledge when it comes to all things radio.

\n\n

About The Exam

\n\n

In the US there are 3 current levels of amateur radio license - Technician, General, and Amateur Extra. You can progress through the levels by taking a series of multiple-choice exams showing increasing breadth of knowledge. Most folks at DEF CON looking to become a ham take just the technician exam.

\n\n

The technician exam is a 35 question, multiple choice exam. Questions come from from a public question pool of 400 questions. Because of that, the most popular way folks at DEF CON prepare is by reading through all 400 questions before the exam, and learning hands on once you get licensed. Many study resources exist - most people recommend ham.study.

\n\n

Signing Up

\n\n

Who may register for this testing session:

\n\n
    \n
  • Anyone with an interest in obtaining a new Amateur Radio license or upgrading their existing licenses.
  • \n
  • You may take multiple elements in a single appointment; we just ask that you have studied and are ready to pass.
  • \n
\n\n

Fees

\n\n
    \n
  • All license examinations administered by the Laurel VEC are free to all
  • \n
  • After passing, Laurel VEC will submit your application to the FCC. On acceptance you will receive an email from the FCC directly with instructions to pay the $35 application fee.
  • \n
\n\n

Questions

\n\n

If you have any questions leading up to DEF CON, come visit us on the Ham Radio Village Discord server (discord.gg/hrv) and let us know what questions you have. During the conference, come visit the Ham Radio Village to learn all things ham radio, including the studying, testing, and licensing process.

\n\n\'',NULL,1067344),('2_Friday','14','13:00','15:59','Y','Social Gatherings/Events','LVCCW Level 3 W314 (Ham Radio Meeting)','\'Free Ham Radio License Exams\'','\'\'','Social Gatherings/Events_09c9b3400de794d43b63a9cd9648dd7a','\'\'',NULL,1067345),('2_Friday','15','13:00','15:59','Y','Social Gatherings/Events','LVCCW Level 3 W314 (Ham Radio Meeting)','\'Free Ham Radio License Exams\'','\'\'','Social Gatherings/Events_09c9b3400de794d43b63a9cd9648dd7a','\'\'',NULL,1067346),('4_Sunday','11','11:00','12:59','N','Social Gatherings/Events','LVCCW Level 3 W314 (Ham Radio Meeting)','\'Free Ham Radio License Exams\'','\'\'','Social Gatherings/Events_91c9fb48f66b2a9354fd82892e02801f','\'Title: Free Ham Radio License Exams
\nTags: Event | Ham Radio Village
\nWhen: Sunday, Aug 9, 11:00 - 12:59 PDT
\nWhere: LVCCW Level 3 W314 (Ham Radio Meeting) - Map
\n
\nDescription:
\n

Free ham radio exams return to DEF CON 34! Partake in this hacker “rite of passage” by getting your license at DEF CON, presented by the Ham Radio Village.

\n\n

While anyone is able to listen in to amateur/ham radio transmissions, only those who have an amateur radio license are able to fully partake in the “oldest hacker hobby”. With your license, you’ll be authorized by the FCC to transmit up to 1,500W on designated frequencies, build/modify radios & antennas, and even administer your own exams! Additionally, having your ham radio license can improve your resume as it is a well-recognized proof of technical and regulatory knowledge when it comes to all things radio.

\n\n

About The Exam

\n\n

In the US there are 3 current levels of amateur radio license - Technician, General, and Amateur Extra. You can progress through the levels by taking a series of multiple-choice exams showing increasing breadth of knowledge. Most folks at DEF CON looking to become a ham take just the technician exam.

\n\n

The technician exam is a 35 question, multiple choice exam. Questions come from from a public question pool of 400 questions. Because of that, the most popular way folks at DEF CON prepare is by reading through all 400 questions before the exam, and learning hands on once you get licensed. Many study resources exist - most people recommend ham.study.

\n\n

Signing Up

\n\n

Who may register for this testing session:

\n\n
    \n
  • Anyone with an interest in obtaining a new Amateur Radio license or upgrading their existing licenses.
  • \n
  • You may take multiple elements in a single appointment; we just ask that you have studied and are ready to pass.
  • \n
\n\n

Fees

\n\n
    \n
  • All license examinations administered by the Laurel VEC are free to all
  • \n
  • After passing, Laurel VEC will submit your application to the FCC. On acceptance you will receive an email from the FCC directly with instructions to pay the $35 application fee.
  • \n
\n\n

Questions

\n\n

If you have any questions leading up to DEF CON, come visit us on the Ham Radio Village Discord server (discord.gg/hrv) and let us know what questions you have. During the conference, come visit the Ham Radio Village to learn all things ham radio, including the studying, testing, and licensing process.

\n\n\'',NULL,1067347),('4_Sunday','12','11:00','12:59','Y','Social Gatherings/Events','LVCCW Level 3 W314 (Ham Radio Meeting)','\'Free Ham Radio License Exams\'','\'\'','Social Gatherings/Events_91c9fb48f66b2a9354fd82892e02801f','\'\'',NULL,1067348),('1_Thursday','19','19:00','21:59','N','Social Gatherings/Events','LVCCW Level 3 W327 (Misc Meeting Room)','\'DC702 Meetup\'','\'\'','Social Gatherings/Events_143ea6cf2b655427a78700dd60d90133','\'Title: DC702 Meetup
\nTags: Meetup
\nWhen: Thursday, Aug 6, 19:00 - 21:59 PDT
\nWhere: LVCCW Level 3 W327 (Misc Meeting Room) - Map
\n
\nDescription:
\n

Join the local DC702 Group in this year\'s official DEF CON Meetup! The meetup will be casual and include typical meetup activities (e.g., socializing, \"challenges,\" lockpicking, music, etc.) and maybe a few little surprises.

\n\n\'',NULL,1067349),('1_Thursday','20','19:00','21:59','Y','Social Gatherings/Events','LVCCW Level 3 W327 (Misc Meeting Room)','\'DC702 Meetup\'','\'\'','Social Gatherings/Events_143ea6cf2b655427a78700dd60d90133','\'\'',NULL,1067350),('1_Thursday','21','19:00','21:59','Y','Social Gatherings/Events','LVCCW Level 3 W327 (Misc Meeting Room)','\'DC702 Meetup\'','\'\'','Social Gatherings/Events_143ea6cf2b655427a78700dd60d90133','\'\'',NULL,1067351),('2_Friday','20','20:00','23:30','N','Social Gatherings/Events','LVCCW Level 2 W208-209 (Diana Initiative)','\'Women, gender non-conforming and non-binary meetup with The Diana Initiative\'','\'\'','Social Gatherings/Events_2aafc2af37e55a5d8024f4d563bfdac6','\'Title: Women, gender non-conforming and non-binary meetup with The Diana Initiative
\nTags: Meetup
\nWhen: Friday, Aug 7, 20:00 - 23:30 PDT
\nWhere: LVCCW Level 2 W208-209 (Diana Initiative) - Map
\n
\nDescription:
\n

We\'d love to get all the gender non conforming, non-binary and women together to hang out and make friends! DEF CON is better with friends. Stop in for a bit, or the whole time.

\n\n\'',NULL,1067352),('2_Friday','21','20:00','23:30','Y','Social Gatherings/Events','LVCCW Level 2 W208-209 (Diana Initiative)','\'Women, gender non-conforming and non-binary meetup with The Diana Initiative\'','\'\'','Social Gatherings/Events_2aafc2af37e55a5d8024f4d563bfdac6','\'\'',NULL,1067353),('2_Friday','22','20:00','23:30','Y','Social Gatherings/Events','LVCCW Level 2 W208-209 (Diana Initiative)','\'Women, gender non-conforming and non-binary meetup with The Diana Initiative\'','\'\'','Social Gatherings/Events_2aafc2af37e55a5d8024f4d563bfdac6','\'\'',NULL,1067354),('2_Friday','23','20:00','23:30','Y','Social Gatherings/Events','LVCCW Level 2 W208-209 (Diana Initiative)','\'Women, gender non-conforming and non-binary meetup with The Diana Initiative\'','\'\'','Social Gatherings/Events_2aafc2af37e55a5d8024f4d563bfdac6','\'\'',NULL,1067355),('2_Friday','19','19:00','21:59','N','Social Gatherings/Events','LVCCW Level 3 W301 (Misc Meeting Room)','\'Lawyers Meet\'','\'\'','Social Gatherings/Events_d902847fe2f9a3798d9cb619b9c93717','\'Title: Lawyers Meet
\nTags: Meetup
\nWhen: Friday, Aug 7, 19:00 - 21:59 PDT
\nWhere: LVCCW Level 3 W301 (Misc Meeting Room) - Map
\n
\nDescription:
\n

If you\'re a lawyer (recently unfrozen or otherwise), a judge or a law student please make a note to join Jeff McNamara for a friendly get-together, drinks, and conversation.

\n\n\'',NULL,1067356),('2_Friday','20','19:00','21:59','Y','Social Gatherings/Events','LVCCW Level 3 W301 (Misc Meeting Room)','\'Lawyers Meet\'','\'\'','Social Gatherings/Events_d902847fe2f9a3798d9cb619b9c93717','\'\'',NULL,1067357),('2_Friday','21','19:00','21:59','Y','Social Gatherings/Events','LVCCW Level 3 W301 (Misc Meeting Room)','\'Lawyers Meet\'','\'\'','Social Gatherings/Events_d902847fe2f9a3798d9cb619b9c93717','\'\'',NULL,1067358),('1_Thursday','12','12:00','12:59','N','Social Gatherings/Events','LVCCW Level 3 W301 (Misc Meeting Room)','\'Friends of Bill W\'','\'\'','Social Gatherings/Events_1f22a1735086998b482e301210d815d3','\'Title: Friends of Bill W
\nTags: Meetup
\nWhen: Thursday, Aug 6, 12:00 - 12:59 PDT
\nWhere: LVCCW Level 3 W301 (Misc Meeting Room) - Map
\n
\nDescription:
\n

We know DEF CON and Vegas can be a lot. If you\'re a friend of Bill W who\'s looking for a meeting or just a place to collect yourself, DEF CON 34 has you covered. Join us throughout the conference in room W301. Meetings will be Thursday, Friday, Saturday, and Sunday.

\n\n\'',NULL,1067359),('3_Saturday','12','12:00','12:59','N','Social Gatherings/Events','LVCCW Level 3 W301 (Misc Meeting Room)','\'Friends of Bill W\'','\'\'','Social Gatherings/Events_ccc73a3c1c2daec2ea85f30a13988ae3','\'Title: Friends of Bill W
\nTags: Meetup
\nWhen: Saturday, Aug 8, 12:00 - 12:59 PDT
\nWhere: LVCCW Level 3 W301 (Misc Meeting Room) - Map
\n
\nDescription:
\n

We know DEF CON and Vegas can be a lot. If you\'re a friend of Bill W who\'s looking for a meeting or just a place to collect yourself, DEF CON 34 has you covered. Join us throughout the conference in room W301. Meetings will be Thursday, Friday, Saturday, and Sunday.

\n\n\'',NULL,1067360),('2_Friday','17','17:00','17:59','N','Social Gatherings/Events','LVCCW Level 3 W301 (Misc Meeting Room)','\'Friends of Bill W\'','\'\'','Social Gatherings/Events_c8d794883d6cc812fe3ae7db1c9cd785','\'Title: Friends of Bill W
\nTags: Meetup
\nWhen: Friday, Aug 7, 17:00 - 17:59 PDT
\nWhere: LVCCW Level 3 W301 (Misc Meeting Room) - Map
\n
\nDescription:
\n

We know DEF CON and Vegas can be a lot. If you\'re a friend of Bill W who\'s looking for a meeting or just a place to collect yourself, DEF CON 34 has you covered. Join us throughout the conference in room W301. Meetings will be Thursday, Friday, Saturday, and Sunday.

\n\n\'',NULL,1067361),('2_Friday','12','12:00','12:59','N','Social Gatherings/Events','LVCCW Level 3 W301 (Misc Meeting Room)','\'Friends of Bill W\'','\'\'','Social Gatherings/Events_9c0e5a9fffa1747d5763cb36224406a7','\'Title: Friends of Bill W
\nTags: Meetup
\nWhen: Friday, Aug 7, 12:00 - 12:59 PDT
\nWhere: LVCCW Level 3 W301 (Misc Meeting Room) - Map
\n
\nDescription:
\n

We know DEF CON and Vegas can be a lot. If you\'re a friend of Bill W who\'s looking for a meeting or just a place to collect yourself, DEF CON 34 has you covered. Join us throughout the conference in room W301. Meetings will be Thursday, Friday, Saturday, and Sunday.

\n\n\'',NULL,1067362),('1_Thursday','17','17:00','17:59','N','Social Gatherings/Events','LVCCW Level 3 W301 (Misc Meeting Room)','\'Friends of Bill W\'','\'\'','Social Gatherings/Events_a717530c5ffd398989f339fbcad7f5e1','\'Title: Friends of Bill W
\nTags: Meetup
\nWhen: Thursday, Aug 6, 17:00 - 17:59 PDT
\nWhere: LVCCW Level 3 W301 (Misc Meeting Room) - Map
\n
\nDescription:
\n

We know DEF CON and Vegas can be a lot. If you\'re a friend of Bill W who\'s looking for a meeting or just a place to collect yourself, DEF CON 34 has you covered. Join us throughout the conference in room W301. Meetings will be Thursday, Friday, Saturday, and Sunday.

\n\n\'',NULL,1067363),('4_Sunday','12','12:00','12:59','N','Social Gatherings/Events','LVCCW Level 3 W301 (Misc Meeting Room)','\'Friends of Bill W\'','\'\'','Social Gatherings/Events_9b7c80bc142a1ce1bd5439c017213955','\'Title: Friends of Bill W
\nTags: Meetup
\nWhen: Sunday, Aug 9, 12:00 - 12:59 PDT
\nWhere: LVCCW Level 3 W301 (Misc Meeting Room) - Map
\n
\nDescription:
\n

We know DEF CON and Vegas can be a lot. If you\'re a friend of Bill W who\'s looking for a meeting or just a place to collect yourself, DEF CON 34 has you covered. Join us throughout the conference in room W301. Meetings will be Thursday, Friday, Saturday, and Sunday.

\n\n\'',NULL,1067364),('3_Saturday','17','17:00','17:59','N','Social Gatherings/Events','LVCCW Level 3 W301 (Misc Meeting Room)','\'Friends of Bill W\'','\'\'','Social Gatherings/Events_fd8b1ec81fabf84bc75b1fcc66051072','\'Title: Friends of Bill W
\nTags: Meetup
\nWhen: Saturday, Aug 8, 17:00 - 17:59 PDT
\nWhere: LVCCW Level 3 W301 (Misc Meeting Room) - Map
\n
\nDescription:
\n

We know DEF CON and Vegas can be a lot. If you\'re a friend of Bill W who\'s looking for a meeting or just a place to collect yourself, DEF CON 34 has you covered. Join us throughout the conference in room W301. Meetings will be Thursday, Friday, Saturday, and Sunday.

\n\n\'',NULL,1067365),('2_Friday','14','14:00','15:59','N','Social Gatherings/Events','LVCCW Level 3 W301 (Misc Meeting Room)','\'Hacker Book Club Discussion\'','\'\'','Social Gatherings/Events_840f332e911a3fcdb8991ed7a2d94eab','\'Title: Hacker Book Club Discussion
\nTags: Meetup
\nWhen: Friday, Aug 7, 14:00 - 15:59 PDT
\nWhere: LVCCW Level 3 W301 (Misc Meeting Room) - Map
\n
\nDescription:
\n

Community is essential and so is continual learning. Reading books and discussing books can greatly impact an individual’s access and sense of community and knowledge. This Hacker Book Club book discussion will be an accessible group aiming to build community and share out learnings, all in a quieter setting. Come join us and discuss what you’ve been reading. We also run a year round Discord to discuss books throughout the year, hackerbookclub.com. This Hacker Book Club is not locked to a region and is for those who love books and escaping to the cyperpunk, scifi worlds that inspire DEF CON and modern literature.

\n\n\'',NULL,1067366),('2_Friday','15','14:00','15:59','Y','Social Gatherings/Events','LVCCW Level 3 W301 (Misc Meeting Room)','\'Hacker Book Club Discussion\'','\'\'','Social Gatherings/Events_840f332e911a3fcdb8991ed7a2d94eab','\'\'',NULL,1067367),('2_Friday','16','16:00','18:59','N','Social Gatherings/Events','LVCCW Level 3 W327 (Misc Meeting Room)','\'Atlanta Metro Meetup (DC404/DC678/DC770/DC470)\'','\'\'','Social Gatherings/Events_da6b20ba16676279aceb3974a85b364d','\'Title: Atlanta Metro Meetup (DC404/DC678/DC770/DC470)
\nTags: Meetup
\nWhen: Friday, Aug 7, 16:00 - 18:59 PDT
\nWhere: LVCCW Level 3 W327 (Misc Meeting Room) - Map
\n
\nDescription:
\n

They say Atlanta is the city too busy to hate, but it also has too much traffic for its widespread hacker fam to get together in a single meetup. So instead, we\'re meeting up in the desert during DEF CON! The one time of year when intown, northern burbs, south siders, and anyone else connected to DC404\'s 30+ year legacy can catch up and share stories. Join us and meet your fellow ATL hackers!

\n\n\'',NULL,1067368),('2_Friday','17','16:00','18:59','Y','Social Gatherings/Events','LVCCW Level 3 W327 (Misc Meeting Room)','\'Atlanta Metro Meetup (DC404/DC678/DC770/DC470)\'','\'\'','Social Gatherings/Events_da6b20ba16676279aceb3974a85b364d','\'\'',NULL,1067369),('2_Friday','18','16:00','18:59','Y','Social Gatherings/Events','LVCCW Level 3 W327 (Misc Meeting Room)','\'Atlanta Metro Meetup (DC404/DC678/DC770/DC470)\'','\'\'','Social Gatherings/Events_da6b20ba16676279aceb3974a85b364d','\'\'',NULL,1067370),('3_Saturday','15','15:00','16:59','N','Social Gatherings/Events','LVCCW Level 3 W327 (Misc Meeting Room)','\'DCG New England Meetup\'','\'\'','Social Gatherings/Events_827c12192936bc6d4b1722bdfa3b7d88','\'Title: DCG New England Meetup
\nTags: Meetup
\nWhen: Saturday, Aug 8, 15:00 - 16:59 PDT
\nWhere: LVCCW Level 3 W327 (Misc Meeting Room) - Map
\n
\nDescription:
\n

New England\'s hackers are spread across six smaller states and rarely in the same room. This is the room. DCG New England pulls the region\'s groups and unaffiliated folks together to hang out, meet other hackers in the region, talk shop, show off half-finished projects, and meet the people who keep the local scene ticking.

\n\n\'',NULL,1067371),('3_Saturday','16','15:00','16:59','Y','Social Gatherings/Events','LVCCW Level 3 W327 (Misc Meeting Room)','\'DCG New England Meetup\'','\'\'','Social Gatherings/Events_827c12192936bc6d4b1722bdfa3b7d88','\'\'',NULL,1067372),('2_Friday','16','16:00','17:59','N','Social Gatherings/Events','LVCCW Level 3 W325 (QueerCon Lounge)','\'Queercon Mixer\'','\'\'','Social Gatherings/Events_ed01db1b278bd475f303531ddeb55974','\'Title: Queercon Mixer
\nTags: Meetup | Queercon Community Lounge
\nWhen: Friday, Aug 7, 16:00 - 17:59 PDT
\nWhere: LVCCW Level 3 W325 (QueerCon Lounge) - Map
\n
\nDescription:
\n

Come meet the largest social network of LGBTQIA+ and allied hackers at Queercon! Our mixers are designed for you to meet, network, and engage with like-minded people to a backdrop of music, dance, and refreshments.

\n\n\'',NULL,1067373),('2_Friday','17','16:00','17:59','Y','Social Gatherings/Events','LVCCW Level 3 W325 (QueerCon Lounge)','\'Queercon Mixer\'','\'\'','Social Gatherings/Events_ed01db1b278bd475f303531ddeb55974','\'\'',NULL,1067374),('3_Saturday','16','16:00','17:59','N','Social Gatherings/Events','LVCCW Level 3 W325 (QueerCon Lounge)','\'Queercon Mixer\'','\'\'','Social Gatherings/Events_ff52b80be18791b6caf8214afb4338a2','\'Title: Queercon Mixer
\nTags: Meetup | Queercon Community Lounge
\nWhen: Saturday, Aug 8, 16:00 - 17:59 PDT
\nWhere: LVCCW Level 3 W325 (QueerCon Lounge) - Map
\n
\nDescription:
\n

Come meet the largest social network of LGBTQIA+ and allied hackers at Queercon! Our mixers are designed for you to meet, network, and engage with like-minded people to a backdrop of music, dance, and refreshments.

\n\n\'',NULL,1067375),('3_Saturday','17','16:00','17:59','Y','Social Gatherings/Events','LVCCW Level 3 W325 (QueerCon Lounge)','\'Queercon Mixer\'','\'\'','Social Gatherings/Events_ff52b80be18791b6caf8214afb4338a2','\'\'',NULL,1067376),('1_Thursday','21','21:00','23:59','N','Social Gatherings/Events','LVCCW Level 2 W212 (Misc Meeting Room)','\'Conference Planners Meetup\'','\'\'','Social Gatherings/Events_bad24961721a476d3d7b5f8abe25fcc2','\'Title: Conference Planners Meetup
\nTags: Meetup
\nWhen: Thursday, Aug 6, 21:00 - 23:59 PDT
\nWhere: LVCCW Level 2 W212 (Misc Meeting Room) - Map
\n
\nDescription:
\n

Are you a conference planner, manager, technologist, etc.? Feel like chatting about what we do, trading contact info, or just grabbing a few drinks with colleagues? This will be a meetup for those of us involved in conference planning and management. There won\'t be any kind of schedule or agenda. Informal conversation is the name of the game.

\n\n

At least one person from the Hacker Tracker (and ConfMgr) team will be here. You\'re welcome to ask questions, leave feedback (good or bad), ask for help with some problem you\'re having, etc.

\n\n\'',NULL,1067377),('1_Thursday','22','21:00','23:59','Y','Social Gatherings/Events','LVCCW Level 2 W212 (Misc Meeting Room)','\'Conference Planners Meetup\'','\'\'','Social Gatherings/Events_bad24961721a476d3d7b5f8abe25fcc2','\'\'',NULL,1067378),('1_Thursday','23','21:00','23:59','Y','Social Gatherings/Events','LVCCW Level 2 W212 (Misc Meeting Room)','\'Conference Planners Meetup\'','\'\'','Social Gatherings/Events_bad24961721a476d3d7b5f8abe25fcc2','\'\'',NULL,1067379),('3_Saturday','21','21:00','00:59','N','Social Gatherings/Events','LVCCW Level 3 W326 (Vetcon)','\'VETCON 2026 PARTY\'','\'\'','Social Gatherings/Events_7df60199f6ed274855efb7b464081e33','\'Title: VETCON 2026 PARTY
\nTags: Party | VETCON
\nWhen: Saturday, Aug 8, 21:00 - 00:59 PDT
\nWhere: LVCCW Level 3 W326 (Vetcon) - Map
\n
\nDescription:
\n

DEF CON is renowned for bringing together some of the brightest minds in technology and security. By participating in VETCON, you have the chance to highlight the critical role veterans play in this landscape and explore how technology can support and enhance their lives.

\n\n\'',NULL,1067380),('3_Saturday','20','20:00','00:59','N','Social Gatherings/Events','LVCCW Level 2 W229,W232','\'Hacker Karaoke\'','\'\'','Social Gatherings/Events_62bb2b68405f673116b63c4badad8dbe','\'Title: Hacker Karaoke
\nTags: Party
\nWhen: Saturday, Aug 8, 20:00 - 00:59 PDT
\nWhere: LVCCW Level 2 W229,W232 - Map
\n
\nDescription:
\n

Two great things that go great together! Join the fun as your fellow hackers make their way through songs from every era and style. Everyone has a voice and this is your opportunity to show it off! Everyone is encourage to participate in a DEF CON tradition from all folks and skill levels.

\n\n\'',NULL,1067381),('2_Friday','20','20:00','00:59','N','Social Gatherings/Events','LVCCW Level 2 W229,W232','\'Hacker Karaoke\'','\'\'','Social Gatherings/Events_a7fbd831ad52e17bc8cadcae588aa1cd','\'Title: Hacker Karaoke
\nTags: Party
\nWhen: Friday, Aug 7, 20:00 - 00:59 PDT
\nWhere: LVCCW Level 2 W229,W232 - Map
\n
\nDescription:
\n

Two great things that go great together! Join the fun as your fellow hackers make their way through songs from every era and style. Everyone has a voice and this is your opportunity to show it off! Everyone is encourage to participate in a DEF CON tradition from all folks and skill levels.

\n\n\'',NULL,1067382),('2_Friday','21','21:00','00:59','N','Social Gatherings/Events','LVCCW Level 3 W327 (Misc Meeting Room)','\'Day of the Dead Hacker Party\'','\'\'','Social Gatherings/Events_6eb9c0f466401a2117f8c3d5edcc6545','\'Title: Day of the Dead Hacker Party
\nTags: Party
\nWhen: Friday, Aug 7, 21:00 - 00:59 PDT
\nWhere: LVCCW Level 3 W327 (Misc Meeting Room) - Map
\n
\nDescription:
\n

Join us as we celebrate the lives, legends, and lasting influence of the hackers who shaped our world. From pioneers of the underground to cultural icons of the digital frontier whose stories still echo through the system.

\n\n

Dress in Day of the Dead attire or come as a ghost of hacker culture, dead heroes, legendary coders, digital outlaws, and spirits of the machine.

\n\n

Music by CURZE$ and special guest DJs.

\n\n

Everyone is welcome to join us and celebrate the dead, the code, and the culture that refuses to die.

\n\n\'',NULL,1067383),('3_Saturday','18','18:00','19:59','N','Social Gatherings/Events','LVCCW Level 2 W212 (Misc Meeting Room)','\'+61: the Australian Embassy\'','\'\'','Social Gatherings/Events_4ef575e07d8e76c1528e61fa6c129815','\'Title: +61: the Australian Embassy
\nTags: Party
\nWhen: Saturday, Aug 8, 18:00 - 19:59 PDT
\nWhere: LVCCW Level 2 W212 (Misc Meeting Room) - Map
\n
\nDescription:
\n

Against all odds (and possibly the better judgement of border control), the +61 Australian embassy returns.

\n\n

If you’re one of the Australians who made it into the US for DEF CON this year, swing by for a bit of hacker summer camp gossip, some socializing, and a live demonstration of what happens when Malört meets Vegemite.

\n\n

We assume nothing good.

\n\n\'',NULL,1067384),('3_Saturday','19','18:00','19:59','Y','Social Gatherings/Events','LVCCW Level 2 W212 (Misc Meeting Room)','\'+61: the Australian Embassy\'','\'\'','Social Gatherings/Events_4ef575e07d8e76c1528e61fa6c129815','\'\'',NULL,1067385),('3_Saturday','21','21:00','00:59','N','Social Gatherings/Events','LVCCW Level 2 W218 (Call Center Village)','\'Party Line (Call Center Village Party)\'','\'\'','Social Gatherings/Events_1301e708437b4a698be372260db8d79c','\'Title: Party Line (Call Center Village Party)
\nTags: Party | Call Center Village
\nWhen: Saturday, Aug 8, 21:00 - 00:59 PDT
\nWhere: LVCCW Level 2 W218 (Call Center Village) - Map
\n
\nDescription:
\n

You\'ve been placed on hold — but for once, you don\'t mind the music.

\n\n

Party Line is Call Center Village\'s telephony-themed party open to all attendees at DEF CON 34.

\n\n

A full-size telephone booth, retro telephones, dial-pad light shows, and lo-fi hold music grooves mixed with telephony-flavored party tracks.

\n\n

If you\'ve ever listened to Opus No. 1 on repeat, then this is your extension. No IVR to navigate Just pick up and dial in.

\n\n

Don\'t let the phones go unanswered. Join us at Party Line.

\n\n

Between calls, swing by our unofficial DEF CON TCG trading table — donate your extras, hunt down the ones you\'re missing, or make a deal for your favorites.

\n\n

Make sure to bring your Call Center Village flight-tags (100 Trying or 200 OK) earned from the Escalation Desk CTF to claim free drinks!

\n\n\'',NULL,1067386),('3_Saturday','21','21:00','00:59','N','Social Gatherings/Events','LVCCW Level 3 W327 (Misc Meeting Room)','\'Illuminati Party\'','\'\'','Social Gatherings/Events_889043b603b7886c26e0e1d37b065a1a','\'Title: Illuminati Party
\nTags: Party
\nWhen: Saturday, Aug 8, 21:00 - 00:59 PDT
\nWhere: LVCCW Level 3 W327 (Misc Meeting Room) - Map
\n
\nDescription:
\n

It\'s time to get under the hood and rewrite the rules of engagement. If we want a future where explorers aren\'t outlaws, we have to start by taking over the room—so join us for the Illuminati Party, where our crew gathers to set the parameters for the night. Come share your passion, plot the future, and help us amplify the community.

\n\n\'',NULL,1067387),('2_Friday','19','19:00','00:59','N','Social Gatherings/Events','LVCCW Level 2 W212 (Misc Meeting Room)','\'BlanketFort Con\'','\'\'','Social Gatherings/Events_63582d958370067964fec4d45f0995b0','\'Title: BlanketFort Con
\nTags: Party
\nWhen: Friday, Aug 7, 19:00 - 00:59 PDT
\nWhere: LVCCW Level 2 W212 (Misc Meeting Room) - Map
\n
\nDescription:
\nBlanketFort Con: Come for the chill vibes and diversity, stay for the Blanket Fort Building, Cool Lights, Music, and Kid Friendly \\ Safe environment. Now with less Gluten and more onesies!
\n\n\n\n\'',NULL,1067388),('2_Friday','20','20:00','00:59','N','Social Gatherings/Events','LVCCW Level 1 Hall 3 801 (Creator Stage 1,2)','\'Arcade Party\'','\'\'','Social Gatherings/Events_31c8f10bb0449ce3189a41200544778e','\'Title: Arcade Party
\nTags: Party
\nWhen: Friday, Aug 7, 20:00 - 00:59 PDT
\nWhere: LVCCW Level 1 Hall 3 801 (Creator Stage 1,2) - Map
\n
\nDescription:
\n

The Arcade Party is back! Come play your favorite classic arcade games while jamming out to Keith Myers DJing. Your favorite custom built 16 player LED foosball table will be ready for some competitive games. This epic party, free for DEF CON 34 attendees to enjoy and play, is hosted by the Military Cyber Professionals Association (a tech ed charity) and friends.

\n\n\'',NULL,1067389),('3_Saturday','21','21:00','00:59','N','Social Gatherings/Events','LVCCW Level 2 W212 (Misc Meeting Room)','\'Front Man\'s Fête: An Octopus Game Party\'','\'\'','Social Gatherings/Events_749a76739eb8122e7ea04d667875145a','\'Title: Front Man\'s Fête: An Octopus Game Party
\nTags: Party
\nWhen: Saturday, Aug 8, 21:00 - 00:59 PDT
\nWhere: LVCCW Level 2 W212 (Misc Meeting Room) - Map
\n
\nDescription:
\n

Front Man’s Fête: An Octopus Game Party is a curated respite from the chaos of the city, offering a sophisticated and low-key lounge experience centered on strategy and soul. Instead of high-stakes elimination, we offer the timeless rhythm of old school hip-hop and the analog competition of classic board games. This event is designed for those who seek a chill atmosphere where the vibes are smooth and the conversation is clear. Come for the nostalgia of golden-era beats and stay for a relaxed evening where the only goal is to unwind and outsmart your opponents in a sanctuary of cool.

\n\n\'',NULL,1067390),('2_Friday','21','21:00','00:59','N','Social Gatherings/Events','LVCCW Level 3 W322-W324 (BIC Village)','\'BIC R00T ACCESS 2026\'','\'\'','Social Gatherings/Events_6f47ab15688edb38504c1368a8fab751','\'Title: BIC R00T ACCESS 2026
\nTags: Party | Blacks In Cyber Village
\nWhen: Friday, Aug 7, 21:00 - 00:59 PDT
\nWhere: LVCCW Level 3 W322-W324 (BIC Village) - Map
\n
\nDescription:
\n

Black culture has always shaped the sound of resistance, innovation, and celebration—and at DEF CON, we’re bringing that history to the dance floor. Blacks In Cyber invites you to a night where cybersecurity meets the soundtrack of Black history. From the soulful roots of jazz and blues that coded messages of freedom, to the revolutionary pulse of hip-hop and electronic beats that powered digital creativity, every track tells a story.

\n\n

This party celebrates the pioneers who pushed boundaries—musically, technologically, and culturally. Expect a curated journey through decades of sound: classic grooves, Afro-futurist vibes, and modern cyber-inspired mixes that honor the past while hacking the future. Whether you’re a seasoned hacker, a first-time DEF CON attendee, or just here for the vibe, this is your space to connect, celebrate, and move.

\n\n

Come dance through the timeline. Celebrate culture, community, and code. Blacks In Cyber at DEF CON—where history, rhythm, and innovation collide.

\n\n\'',NULL,1067391),('3_Saturday','21','21:00','00:59','N','Social Gatherings/Events','LVCCW Level 1 Hall 3 801 (Creator Stage 2)','\'GOTHCON\'','\'\'','Social Gatherings/Events_de704f97ed7cfb9d284d2342401de31c','\'Title: GOTHCON
\nTags: Party
\nWhen: Saturday, Aug 8, 21:00 - 00:59 PDT
\nWhere: LVCCW Level 1 Hall 3 801 (Creator Stage 2) - Map
\n
\nDescription:
\n

Returning for their 9th year, Gothcon invites you to come dance the night away with a line-up of some of the community\'s best dark dance music DJ\'s from across the US! Dress however you would like in whatever makes you feel comfortable and happy, and all are welcome.

\n\n\'',NULL,1067392),('3_Saturday','22','22:00','00:59','N','Social Gatherings/Events','LVCCW Level 1 North Lobby','\'Kayos Klub\'','\'\'','Social Gatherings/Events_f39a1973efffe84ba4d2fa4d5907f128','\'Title: Kayos Klub
\nTags: Party
\nWhen: Saturday, Aug 8, 22:00 - 00:59 PDT
\nWhere: LVCCW Level 1 North Lobby - Map
\n
\nDescription:
\n

The Kayos Klub will be a night of music and magic for all ages. To celebrate the life of a lost loved one, we are going all out on a party that will make even the most socially awkward computer nerd want to dance <3.

\n\n\'',NULL,1067393),('2_Friday','22','22:00','00:59','N','Social Gatherings/Events','LVCCW Level 1 North Lobby','\'SecKC the WHOLE WIDE WORLD\'','\'\'','Social Gatherings/Events_d98edf5ac25fbbb8aff0047fc0b77618','\'Title: SecKC the WHOLE WIDE WORLD
\nTags: Party
\nWhen: Friday, Aug 7, 22:00 - 00:59 PDT
\nWhere: LVCCW Level 1 North Lobby - Map
\n
\nDescription:
\n

Following the legendary chaos of SecKC the World and SecKC the World Again, the Kansas City crew returns to DEF CON to settle the digital frontier. This year, we aren’t just hosting a party, this isn’t just another loud room with a DJ; it’s gonna be a killer getogether for the hacker family. We’re merging the independent spirit of the DEF CON with the radical community of the Midwest.

\n\n\'',NULL,1067394),('1_Thursday','18','18:00','19:59','N','Social Gatherings/Events','LVCCW Level 2 W238 (DEF CON Groups)','\'Operator, Please Hold - DCG Social\'','\'\'','Social Gatherings/Events_03d93ff95efe3d28abb5a46df7373e01','\'Title: Operator, Please Hold - DCG Social
\nTags: Party | DEF CON Groups (DCG)
\nWhen: Thursday, Aug 6, 18:00 - 19:59 PDT
\nWhere: LVCCW Level 2 W238 (DEF CON Groups) - Map
\n
\nDescription:
\n

Operator, Please Hold is the official DEF CON Groups party at DEF CON 34 - a social for hackers, DCG organizers, and community builders from around the world.

\n\n

This is where DEF CON Groups converge off the mailing lists and out of Discord. Expect familiar faces, new connections, and conversations that jump from local meetups to global chaos in about five minutes. No talks. No agenda. Just hackers who actually show up for their communities, in one room, at the same time.

\n\n

Whether you run a group, help keep one alive, or are looking to plug into your local hacker scene, this is your stop. Come say hi, compare notes, and meet the humans behind the handles.

\n\n

Operator, please hold. Your people are on the line.

\n\n\'',NULL,1067395),('1_Thursday','19','18:00','19:59','Y','Social Gatherings/Events','LVCCW Level 2 W238 (DEF CON Groups)','\'Operator, Please Hold - DCG Social\'','\'\'','Social Gatherings/Events_03d93ff95efe3d28abb5a46df7373e01','\'\'',NULL,1067396),('3_Saturday','19','19:00','22:59','N','Social Gatherings/Events','LVCCW Level 3 W317-319 (SEC Village)','\'Social Engineering Community Village Party\'','\'\'','Social Gatherings/Events_cc23a641898232c4bb68cd99715a07d5','\'Title: Social Engineering Community Village Party
\nTags: Party | Social Engineering Community Village
\nWhen: Saturday, Aug 8, 19:00 - 22:59 PDT
\nWhere: LVCCW Level 3 W317-319 (SEC Village) - Map
\n
\nDescription:
\n

Join the Social Engineering Community for a night of connecting with fellow hackers, social engineers, researchers, and curious DEF CON attendees who share an interest in the human side of hacking. Whether you spent the weekend watching vishing calls, cheering on AI bots, competing, volunteering, or just discovering the craft for the first time, this meetup is a chance to relax, swap stories, and meet the people behind the voices, research, and chaos from the village. The exact theme will be announced soon, but the goal is simple: bring the community together, make new friends, reconnect with old ones, and celebrate another year of social engineering at DEF CON. Everyone is welcome, whether you\'re a longtime member of the community or just curious about what social engineering is all about.

\n\n\'',NULL,1067397),('3_Saturday','20','19:00','22:59','Y','Social Gatherings/Events','LVCCW Level 3 W317-319 (SEC Village)','\'Social Engineering Community Village Party\'','\'\'','Social Gatherings/Events_cc23a641898232c4bb68cd99715a07d5','\'\'',NULL,1067398),('3_Saturday','21','19:00','22:59','Y','Social Gatherings/Events','LVCCW Level 3 W317-319 (SEC Village)','\'Social Engineering Community Village Party\'','\'\'','Social Gatherings/Events_cc23a641898232c4bb68cd99715a07d5','\'\'',NULL,1067399),('3_Saturday','22','19:00','22:59','Y','Social Gatherings/Events','LVCCW Level 3 W317-319 (SEC Village)','\'Social Engineering Community Village Party\'','\'\'','Social Gatherings/Events_cc23a641898232c4bb68cd99715a07d5','\'\'',NULL,1067400),('2_Friday','06','06:00','10:59','N','Social Gatherings/Events','Other / See Description','\'15th Cycleoverride Bike Ride at DEF CON\'','\'\'','Social Gatherings/Events_3947d70249331c14e685bcfac1fc97a3','\'Title: 15th Cycleoverride Bike Ride at DEF CON
\nTags: Event
\nWhen: Friday, Aug 7, 06:00 - 10:59 PDT
\nWhere: Other / See Description
\n
\nDescription:
\n

At 6am on Friday, the @cycle_override crew will be hosting the 15th DEF CON Bikeride. We\'ll meet at a local bikeshop, get some rental bicycles, and about 7am will make the ride out to Red Rocks. It\'s about a 15 mile ride, all downhill on the return journey. So, if you are crazy enough to join us, get some water, and head over to cycleoverride.org for more info. See you at 6am Friday!

\n\n\'',NULL,1067401),('2_Friday','07','06:00','10:59','Y','Social Gatherings/Events','Other / See Description','\'15th Cycleoverride Bike Ride at DEF CON\'','\'\'','Social Gatherings/Events_3947d70249331c14e685bcfac1fc97a3','\'\'',NULL,1067402),('2_Friday','08','06:00','10:59','Y','Social Gatherings/Events','Other / See Description','\'15th Cycleoverride Bike Ride at DEF CON\'','\'\'','Social Gatherings/Events_3947d70249331c14e685bcfac1fc97a3','\'\'',NULL,1067403),('2_Friday','09','06:00','10:59','Y','Social Gatherings/Events','Other / See Description','\'15th Cycleoverride Bike Ride at DEF CON\'','\'\'','Social Gatherings/Events_3947d70249331c14e685bcfac1fc97a3','\'\'',NULL,1067404),('2_Friday','10','06:00','10:59','Y','Social Gatherings/Events','Other / See Description','\'15th Cycleoverride Bike Ride at DEF CON\'','\'\'','Social Gatherings/Events_3947d70249331c14e685bcfac1fc97a3','\'\'',NULL,1067405),('3_Saturday','19','19:00','20:59','N','Social Gatherings/Events','LVCCW Level 3 W316 (DC NextGen)','\'DCNextGen Party!\'','\'\'','Social Gatherings/Events_5ce33ffa455edc3ade3f6f69e3615b7e','\'Title: DCNextGen Party!
\nTags: Party | DCNextGen
\nWhen: Saturday, Aug 8, 19:00 - 20:59 PDT
\nWhere: LVCCW Level 3 W316 (DC NextGen) - Map
\n
\nDescription:
\n

Are you ready to rock? If so, come to the DCNextGen party where the theme is UV cyberpunk! What is there to do you might ask? We have games, music, create your own raccoon mask, glow in the dark tattoos, and so much more! There is no better place to make new friends and hang out with your fellow DCNextGen cyber warriors.

\n\n\'',NULL,1067406),('3_Saturday','20','19:00','20:59','Y','Social Gatherings/Events','LVCCW Level 3 W316 (DC NextGen)','\'DCNextGen Party!\'','\'\'','Social Gatherings/Events_5ce33ffa455edc3ade3f6f69e3615b7e','\'\'',NULL,1067407),('2_Friday','09','09:00','12:59','N','DEF CON Workshops','LVCCW Level 2 W228 (Workshops)','\'AWS Cloud Security 101: From IAM Misconfigurations to Account Takeover\'','\'zeta,Rafa \"bane\" Gutierrez\'','DEF CON Workshops_56a9e4196bc014b9a39107eb499483d6','\'Title: AWS Cloud Security 101: From IAM Misconfigurations to Account Takeover
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Friday, Aug 7, 09:00 - 12:59 PDT
\nWhere: LVCCW Level 2 W228 (Workshops) - Map
\n
\nDescription:
\n

The shortest path from a marketing-site SSRF to production root often runs through AWS, and most defenders can’t see it happening. This workshop teaches you to walk that path yourself.

\n\n

Working whitebox in provided lab accounts, you’ll move through eight hands-on modules: reading IAM policies for privilege escalation gadgets, turning a single SSRF into a working CLI session via IMDS, abusing cross-account trust, exploiting resource policies across S3/KMS/Lambda, compromising serverless functions, and evading CloudTrail. The workshop closes with a full-chain challenge: build a Python exploit that goes from external SSRF to administrative access in one script.

\n\n

Prerequisites: Basic AWS familiarity (console + CLI), comfort reading JSON policies, Python. Bring a laptop with AWS CLI v2 and Python 3.10+ installed. No prior offensive cloud experience required.

\n\nSpeakers:zeta,Rafa \"bane\" Gutierrez
\n
\nSpeakerBio:  zeta
\n

zeta is an internet plumber and computer toucher. \nhe spends his days reading IAM policies and his nights wondering why anyone wrote them that way.

\n\nSpeakerBio:  Rafa \"bane\" Gutierrez
\n

\"Rafael (bane) is the founder of Secure Origin, where he helps organizations doing public-interest work improve their security, infrastructure, and operational resilience. His work spans vulnerability research, security architecture, detection engineering, adversary emulation, infrastructure operations, and targeted technical engagements.

\n\n

He is also a researcher and technical lead for The Southlander, a local Los Angeles newsroom. He volunteers with Lucy Parsons Lab and conducts independent research on surveillance technology, supporting reporting on how these systems affect journalists, activists, and local communities.\"

\n\n\n\'',NULL,1067408),('2_Friday','10','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W228 (Workshops)','\'AWS Cloud Security 101: From IAM Misconfigurations to Account Takeover\'','\'zeta,Rafa \"bane\" Gutierrez\'','DEF CON Workshops_56a9e4196bc014b9a39107eb499483d6','\'\'',NULL,1067409),('2_Friday','11','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W228 (Workshops)','\'AWS Cloud Security 101: From IAM Misconfigurations to Account Takeover\'','\'zeta,Rafa \"bane\" Gutierrez\'','DEF CON Workshops_56a9e4196bc014b9a39107eb499483d6','\'\'',NULL,1067410),('2_Friday','12','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W228 (Workshops)','\'AWS Cloud Security 101: From IAM Misconfigurations to Account Takeover\'','\'zeta,Rafa \"bane\" Gutierrez\'','DEF CON Workshops_56a9e4196bc014b9a39107eb499483d6','\'\'',NULL,1067411),('2_Friday','09','09:00','12:59','N','DEF CON Workshops','LVCCW Level 2 W233 (Workshops)','\'Agentic Threat Hunting: Building AI That Remembers What You Hunted\'','\'Sydney \"letswastetime\" Marrone\'','DEF CON Workshops_c56cb6cb97a64a451639f0dc0c651ef1','\'Title: Agentic Threat Hunting: Building AI That Remembers What You Hunted
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Friday, Aug 7, 09:00 - 12:59 PDT
\nWhere: LVCCW Level 2 W233 (Workshops) - Map
\n
\nDescription:
\n

Attendees hunt a supply chain compromise in real telemetry. Not a walkthrough - a hunt.\nA trojanized developer tool has been backdoored. The artifacts are seeded across a shared Splunk instance at layered difficulty: some obvious, some buried. Over four hours, attendees progress through the Five Levels of Agentic Hunting using the open-source Agentic Threat Hunting Framework (ATHF). Each maturity level unlocks new capabilities — structure, searchability, AI research agents, and full agentic workflows — that help them find what they couldn\'t find before.\nThe first hunt is manual. By the last module, AI agents are surfacing hypotheses, identifying coverage gaps, and pointing hunters toward artifacts they missed. The human decides what to chase. The framework remembers what they found.\nThis is not a tool demo. Attendees will make real analytical decisions, write real SPL queries, hit dead ends, and use AI agents to recover. They leave with a working ATHF workspace, documented hunts from a real investigation, and the experience of hunting with an agentic system.

\n\nSpeakerBio:  Sydney \"letswastetime\" Marrone
\n

Sydney Marrone is a threat hunter, cybersecurity professional, co-founder of THOR Collective, author of the Agentic Threat Hunting Framework, and co-author of the PEAK Threat Hunting Framework. She is passionate about making security knowledge accessible and actionable through hands-on research, open-source collaboration, and community-driven projects like HEARTH (Hunting Exchange And Research Threat Hub). Sydney creates resources, leads workshops, and shares insights that spark curiosity and empower defenders. Outside of work, she writes for THOR Collective Dispatch, lifts weights, and makes cyber-themed music using AI to blend creativity and hacker culture.

\n\n\n\'',NULL,1067412),('2_Friday','10','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W233 (Workshops)','\'Agentic Threat Hunting: Building AI That Remembers What You Hunted\'','\'Sydney \"letswastetime\" Marrone\'','DEF CON Workshops_c56cb6cb97a64a451639f0dc0c651ef1','\'\'',NULL,1067413),('2_Friday','11','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W233 (Workshops)','\'Agentic Threat Hunting: Building AI That Remembers What You Hunted\'','\'Sydney \"letswastetime\" Marrone\'','DEF CON Workshops_c56cb6cb97a64a451639f0dc0c651ef1','\'\'',NULL,1067414),('2_Friday','12','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W233 (Workshops)','\'Agentic Threat Hunting: Building AI That Remembers What You Hunted\'','\'Sydney \"letswastetime\" Marrone\'','DEF CON Workshops_c56cb6cb97a64a451639f0dc0c651ef1','\'\'',NULL,1067415),('2_Friday','09','09:00','12:59','N','DEF CON Workshops','LVCCW Level 2 W225 (Workshops)','\'Hands-on IoT firmware extraction and flash forensics\'','\'Dennis Giese,Braelynn Luedtke,Arnold Wey,Harsha Potu\'','DEF CON Workshops_c93df3d33af69f178f2c4459a679c648','\'Title: Hands-on IoT firmware extraction and flash forensics
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Friday, Aug 7, 09:00 - 12:59 PDT
\nWhere: LVCCW Level 2 W225 (Workshops) - Map
\n
\nDescription:
\n

Did you ever wanted to hack an IoT device but did not know how to start? Having UART is nice, but does not help in many cases.

\n\n

For a complete analysis of an IoT device, it is required to look at the firmware itself. In most cases this means that the firmware, data or encryption keys need to be extracted from the device memory. Many researchers are hesitant to do that as there is a high risk of destroying the device or leaving it in an inoperable state. In this workshop we will look at different flash memory types (EEPROM, SPI flash, NAND flash, eMMC flash) and how to extract the information from them.

\n\n

We will show that you do not need very expensive hardware to archive your goal and that it is not as complicated as everyone believes. See which tools might be useful for your own lab!

\n\n

Participants will have the opportunity to work in groups and being provided different kinds of IoT devices (e.g. smart speakers). After a tear-down, you can use different chip-off methods (e.g. Hot air, IR soldering) to remove the flash chip and read it out. Optionally, the tools re-ball and re-solder the IC will be available after the workshop. In the end, each team should have the data and a functional device again.

\n\n

Bonus: If you brick the device, you can keep the parts as a souvenir or can wear them as badges.

\n\nSpeakers:Dennis Giese,Braelynn Luedtke,Arnold Wey,Harsha Potu
\n
\nSpeakerBio:  Dennis Giese
\n

Dennis Giese is a researcher with the focus on the security and privacy of IoT devices. While being interested in physical security and lockpicking, he enjoys applied research and reverse engineering malware and all kinds of devices. His most known projects are the documentation and hacking of various vacuum robots. He calls himself a \"robot collector\" and his current vacuum robot army consists of over 95 different models from various vendors. He talked about his research at the Chaos Communication Congress, REcon, HITCON, NULLCON, and DEFCON.

\n\nSpeakerBio:  Braelynn Luedtke
\n

Hacker and tomato farmer. Enjoys researching the security of anything that piques her curiosity. She has previously presented this research at conferences such as Chaos Communication Congress, HITCON and DEFCON.

\n\nSpeakerBio:  Arnold Wey
\n

Arnold Wey is an electronics security researcher. His recent work includes security testing of virtual GPU implementations, robot arm communication protocols, and repurposing a 3D printer for fault injection research.

\n\nSpeakerBio:  Harsha Potu
\n

Harsha has been taking things apart since he could get his hands on a screwdriver for fun and profit. Nowadays he is a cybersecurity researcher with a decade of experience in embedded security. He loves to reverse boards + firmware and regularly finds vulnerabilities at various layers of execution. Especially interested in breaking secure boot chain designs!

\n\n\n\'',NULL,1067416),('2_Friday','10','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W225 (Workshops)','\'Hands-on IoT firmware extraction and flash forensics\'','\'Dennis Giese,Braelynn Luedtke,Arnold Wey,Harsha Potu\'','DEF CON Workshops_c93df3d33af69f178f2c4459a679c648','\'\'',NULL,1067417),('2_Friday','11','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W225 (Workshops)','\'Hands-on IoT firmware extraction and flash forensics\'','\'Dennis Giese,Braelynn Luedtke,Arnold Wey,Harsha Potu\'','DEF CON Workshops_c93df3d33af69f178f2c4459a679c648','\'\'',NULL,1067418),('2_Friday','12','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W225 (Workshops)','\'Hands-on IoT firmware extraction and flash forensics\'','\'Dennis Giese,Braelynn Luedtke,Arnold Wey,Harsha Potu\'','DEF CON Workshops_c93df3d33af69f178f2c4459a679c648','\'\'',NULL,1067419),('2_Friday','09','09:00','12:59','N','DEF CON Workshops','LVCCW Level 2 W232 (Workshops)','\'Learning to Hack Bluetooth Low Energy with BLE CTF\'','\'Ryan \"Hackgnar\" Holeman,Alek Amrani\'','DEF CON Workshops_fa7f7e02956f62648d482d652c420621','\'Title: Learning to Hack Bluetooth Low Energy with BLE CTF
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Friday, Aug 7, 09:00 - 12:59 PDT
\nWhere: LVCCW Level 2 W232 (Workshops) - Map
\n
\nDescription:
\n

BLE CTF is a series of Bluetooth Low Energy challenges in a capture-the-flag format, created to teach the fundamentals of interacting with and hacking BLE services. Each flag interactively introduces a new concept.

\n\n

Over the years, BLE CTF has expanded across platforms and skill levels. Books, workshops, trainings, and conferences have adopted it as both an educational platform and CTF. As an open source, low-cost, extensible solution, it has helped advance Bluetooth security research.

\n\n

This workshop teaches the fundamentals of hacking BLE through hands-on exercises that introduce beginners to new concepts while giving experienced users a chance to try new tools and techniques. After completing it, you will have a solid understanding of how to hack BLE devices in the wild.

\n\n

New for DEF CON 34: the workshop uses a brand new variant of BLE CTF built specifically for this event. Returning students will face fresh challenges they have not seen before, and the new exercises are designed to resist online walkthroughs and LLM-assisted shortcuts. We will also introduce new client tools, including gratttool, a modern replacement for gatttool (which has been deprecated from most Linux distributions). Whether this is your first BLE CTF or your eighth, you will leave with new skills and tools.

\n\nSpeakers:Ryan \"Hackgnar\" Holeman,Alek Amrani
\n
\nSpeakerBio:  Ryan \"Hackgnar\" Holeman
\n

Ryan Holeman resides in Austin, Texas, where he works as the CISO for Stability AI. He holds a Ph.D. in cyber defense from Dakota State University and has spoken at respected venues such as Black Hat, DEF CON, Lockdown, BSides, Ruxcon, Notacon, and Shmoocon. You can keep up with his current activity, open source contributions, and general news on his blog. His spare time is mostly spent digging into various network protocols, random hacking, creating art, surfing, and shredding local skateparks.

\n\nSpeakerBio:  Alek Amrani
\n

Alek Amrani runs the security team at Cape.

\n\n\n\'',NULL,1067420),('2_Friday','10','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W232 (Workshops)','\'Learning to Hack Bluetooth Low Energy with BLE CTF\'','\'Ryan \"Hackgnar\" Holeman,Alek Amrani\'','DEF CON Workshops_fa7f7e02956f62648d482d652c420621','\'\'',NULL,1067421),('2_Friday','11','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W232 (Workshops)','\'Learning to Hack Bluetooth Low Energy with BLE CTF\'','\'Ryan \"Hackgnar\" Holeman,Alek Amrani\'','DEF CON Workshops_fa7f7e02956f62648d482d652c420621','\'\'',NULL,1067422),('2_Friday','12','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W232 (Workshops)','\'Learning to Hack Bluetooth Low Energy with BLE CTF\'','\'Ryan \"Hackgnar\" Holeman,Alek Amrani\'','DEF CON Workshops_fa7f7e02956f62648d482d652c420621','\'\'',NULL,1067423),('2_Friday','09','09:00','12:59','N','DEF CON Workshops','LVCCW Level 2 W231 (Workshops)','\'Long Live Empire: A C2 Workshop for Modern Red Teaming\'','\'Jake \"Hubbl3\" Krasnov,Vincent \"Vinnybod\" Rose,Anthony \"Coin\" Rose,Dan Niefeld\'','DEF CON Workshops_fd99c6b85e805fafe4bfffa54b107266','\'Title: Long Live Empire: A C2 Workshop for Modern Red Teaming
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Friday, Aug 7, 09:00 - 12:59 PDT
\nWhere: LVCCW Level 2 W231 (Workshops) - Map
\n
\nDescription:
\n

Behind every breach report from the last decade is a Command and Control (C2) framework. C2 is how operators reach into a compromised network, move sideways, harvest credentials, and stay invisible. This 4-hour, hands-on workshop puts you in the operator\'s chair. You set up your own Empire team server, learn the listener-stager-agent model from scratch, and run seven exercises that take you from \"never touched a C2\" to dumping credentials off a box you compromised yourself.

\n\n

You\'ll spin up an HTTP listener, deploy a .NET agent to a Windows target, and run post-exploitation tradecraft: Rubeus for credentials, SharpHound for AD enumeration, port-forward pivots to internal hosts, and privesc modules that turn a foothold into full control. You\'ll even build a custom Empire plugin that auto-runs on every new agent. The capstone is a mini-CTF on a cloud-hosted range we keep open all weekend, with a prize for the winners.

\n\n

You leave with the mental model most operators take years to build: how modern C2 actually works, what it assumes about the target, and where defenders most often catch it. No VMs to download. No setup before class. Bring a laptop, get on WiFi, and we\'ll have agents running before the first break.

\n\nSpeakers:Jake \"Hubbl3\" Krasnov,Vincent \"Vinnybod\" Rose,Anthony \"Coin\" Rose,Dan Niefeld
\n
\nSpeakerBio:  Jake \"Hubbl3\" Krasnov
\n

Jake \"Hubble\" Krasnov is the Red Team Operations Lead at BC Security, with a distinguished career spanning engineering and cybersecurity. A U.S. Air Force veteran, Jake began his career as an Astronautical Engineer overseeing rocket modifications, leading test and evaluation efforts for the F-22, and conducting red team operations with the 57th Information Aggressors. He later served as a Technical Lead Engineer at Boeing Phantom Works, where he focused on embedded security for aviation and space defense projects. A seasoned speaker and trainer, Jake has presented at DEF CON, Black Hat, HackRedCon, HackSpaceCon, and HackMiami, and has previously taught Empire and offensive PowerShell at DEF CON.

\n\nSpeakerBio:  Vincent \"Vinnybod\" Rose
\n

Vincent \"Vinnybod\" Rose is the Lead Developer for Empire and Starkiller. He is a software engineer with a decade of expertise in building highly scalable cloud services, improving developer operations, and automation. Recently, his focus has been on the reliability and stability of the Empire C2 server. Vinnybod has presented at Black Hat and has taught courses at DEF CON on Red Teaming and Offensive PowerShell. He currently maintains a cybersecurity blog focused on offensive security at https://bcsecurity.io/blog/.

\n\nSpeakerBio:  Anthony \"Coin\" Rose
\n

Dr. Anthony \"Coin\" Rose is an officer in the United States Air Force, an Assistant Professor, and the Director of the Center for Cyberspace Research at the Air Force Institute of Technology. He holds a doctorate in Electrical Engineering and has expertise in machine learning, with a focus on its application to cybersecurity and malware detection. He is also the founder of SIMAPTIC and the Director of Security Research at BC Security, where he specializes in adversary tactics and emulation planning, Red and Blue Team operations, and embedded systems security. Dr. Rose is credited with 16 CVEs and has presented at numerous security conferences, including Black Hat, DEF CON, HackSpaceCon, HackMiami, and RSA Conference.

\n\nSpeakerBio:  Dan Niefeld
\n

Dan Niefeld is the founder of several Cyber Security and Technology organizations. An accomplished social engineer his career has spanned from program management to organizing conferences like Hack Space Con, Dan has spent his career, educating, mentoring and developing disrupting technologies with a focus of Mission and Community Development.

\n\n\n\'',NULL,1067424),('2_Friday','10','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W231 (Workshops)','\'Long Live Empire: A C2 Workshop for Modern Red Teaming\'','\'Jake \"Hubbl3\" Krasnov,Vincent \"Vinnybod\" Rose,Anthony \"Coin\" Rose,Dan Niefeld\'','DEF CON Workshops_fd99c6b85e805fafe4bfffa54b107266','\'\'',NULL,1067425),('2_Friday','11','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W231 (Workshops)','\'Long Live Empire: A C2 Workshop for Modern Red Teaming\'','\'Jake \"Hubbl3\" Krasnov,Vincent \"Vinnybod\" Rose,Anthony \"Coin\" Rose,Dan Niefeld\'','DEF CON Workshops_fd99c6b85e805fafe4bfffa54b107266','\'\'',NULL,1067426),('2_Friday','12','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W231 (Workshops)','\'Long Live Empire: A C2 Workshop for Modern Red Teaming\'','\'Jake \"Hubbl3\" Krasnov,Vincent \"Vinnybod\" Rose,Anthony \"Coin\" Rose,Dan Niefeld\'','DEF CON Workshops_fd99c6b85e805fafe4bfffa54b107266','\'\'',NULL,1067427),('2_Friday','09','09:00','12:59','N','DEF CON Workshops','LVCCW Level 2 W230 (Workshops)','\'Malware Development 101 - From Zero to Hero: Adapt your payload to your environment\'','\'Yoann \"OtterHacker\" DEQUEKER\'','DEF CON Workshops_32b8f20f3d6c668995065ee1b0a5c735','\'Title: Malware Development 101 - From Zero to Hero: Adapt your payload to your environment
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Friday, Aug 7, 09:00 - 12:59 PDT
\nWhere: LVCCW Level 2 W230 (Workshops) - Map
\n
\nDescription:
\n

This workshop will give an initiation to offensive malware development in C/C++ and how it is possible to adapt the approach depending on the security solution that must be tackled down. Different methods such as ModuleStomping, DLL Injection, Threadless Injection and Hardware Breakpoint for dehooking will be seen.\nThe idea is to start with a basic malware performing process injection and apply additional techniques to start evading EDR. At each step, some analysis on the malware will be performed to understand the differences at the system level and the IOC detected by the EDR.\nAt the end of this workshop, you will have all the knowledge needed to develop your own malware and adapt it to the targeted environment to escape from the basic pattern and spawn your beacons as if EDR didn\'t exist.

\n\nSpeakerBio:  Yoann \"OtterHacker\" DEQUEKER
\n

Yoann Dequeker (@OtterHacker) is a red team operator at Wavestone entitle with OSCP and CRTO certification. Aside from his RedTeam engagements and his contributions to public projects such as Impacket, he spends time working on Malware Developpement to ease beacon deployment and EDR bypass during engagements and is currently developing a fully custom C2.

\n\n

His research leads him to present his results on several conferences such as LeHack (Paris), Insomni\'hack (Swiss) or even through a 4-hour malware workshop at Defcon31,32 and 33 (Las Vegas). All along the year, he publishes several white papers on the techniques he discovered or upgraded and the vulnerabilities he found on public products.

\n\n\n\'',NULL,1067428),('2_Friday','10','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W230 (Workshops)','\'Malware Development 101 - From Zero to Hero: Adapt your payload to your environment\'','\'Yoann \"OtterHacker\" DEQUEKER\'','DEF CON Workshops_32b8f20f3d6c668995065ee1b0a5c735','\'\'',NULL,1067429),('2_Friday','11','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W230 (Workshops)','\'Malware Development 101 - From Zero to Hero: Adapt your payload to your environment\'','\'Yoann \"OtterHacker\" DEQUEKER\'','DEF CON Workshops_32b8f20f3d6c668995065ee1b0a5c735','\'\'',NULL,1067430),('2_Friday','12','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W230 (Workshops)','\'Malware Development 101 - From Zero to Hero: Adapt your payload to your environment\'','\'Yoann \"OtterHacker\" DEQUEKER\'','DEF CON Workshops_32b8f20f3d6c668995065ee1b0a5c735','\'\'',NULL,1067431),('2_Friday','09','09:00','12:59','N','DEF CON Workshops','LVCCW Level 2 W222 (Workshops)','\'Offensive Packet Wizardry with Scapy\'','\'Mike \"Chicolinux\" Guirao\'','DEF CON Workshops_a4b379a5a65083f7154bfa84cea7458a','\'Title: Offensive Packet Wizardry with Scapy
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Friday, Aug 7, 09:00 - 12:59 PDT
\nWhere: LVCCW Level 2 W222 (Workshops) - Map
\n
\nDescription:
\n

Offensive Packet Wizardry with Scapy is a four-hour, 100% hands-on workshop that teaches attendees to build offensive networking tools from scratch in Python using Scapy, the packet crafting library used by red teams, malware analysts, and vulnerability researchers worldwide.

\n\n

Starting from first principles, raw packet construction, layer stacking, and send/receive mechanics, the workshop moves progressively through active reconnaissance, ARP cache poisoning with live credential interception, TCP/IP stack abuse (session injection, SYN flood, RST killing), protocol fuzzing against an intentionally vulnerable binary service, and full covert channel implementation (ICMP C2 shell, DNS file exfiltration, TCP header steganography).

\n\n

Every technique is implemented live in Python against an isolated lab network. Students leave with a working, importable red team toolkit, a Python package with a unified CLI, that they built themselves and can adapt for future engagements.

\n\n

The workshop concludes with \"Silent Pivot\", a scored capstone scenario that chains all techniques into a realistic kill chain: stealth discovery, service identification, fuzzer- triggered crash, ICMP command execution, DNS exfiltration of /etc/shadow, and network cleanup, all subject to an IDS alert budget.

\n\nSpeakerBio:  Mike \"Chicolinux\" Guirao
\n

Mike “Chicolinux” Guirao began his journey in the security field roughly 25 years ago while completing a master\'s degree. Since then, they have developed both broad and deep expertise across this incredible discipline. Currently, they are pursuing a PhD at New Mexico State University, where their research intersects Cybersecurity and Machine Learning/Artificial Intelligence.

\n\n

In addition to their academic pursuits, Mike serves on the organizing team for the Crypto & Privacy Village. This marks their third time teaching a workshop at DEF CON since DEF CON 24. They also hold several notable industry certifications, including the SANS GCIH, ISC2 CC, and Linux+, and they are excited to share their wealth of experience and knowledge.

\n\n\n\'',NULL,1067432),('2_Friday','10','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W222 (Workshops)','\'Offensive Packet Wizardry with Scapy\'','\'Mike \"Chicolinux\" Guirao\'','DEF CON Workshops_a4b379a5a65083f7154bfa84cea7458a','\'\'',NULL,1067433),('2_Friday','11','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W222 (Workshops)','\'Offensive Packet Wizardry with Scapy\'','\'Mike \"Chicolinux\" Guirao\'','DEF CON Workshops_a4b379a5a65083f7154bfa84cea7458a','\'\'',NULL,1067434),('2_Friday','12','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W222 (Workshops)','\'Offensive Packet Wizardry with Scapy\'','\'Mike \"Chicolinux\" Guirao\'','DEF CON Workshops_a4b379a5a65083f7154bfa84cea7458a','\'\'',NULL,1067435),('2_Friday','09','09:00','12:59','N','DEF CON Workshops','LVCCW Level 2 W229 (Workshops)','\'Web Hacking 101\'','\'cale \"calebot\" smith,Ruchik Dave,Young Seuk Kim,Luke Cycon\'','DEF CON Workshops_6c7d13c7e8d7467df06461ffc67eae78','\'Title: Web Hacking 101
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Friday, Aug 7, 09:00 - 12:59 PDT
\nWhere: LVCCW Level 2 W229 (Workshops) - Map
\n
\nDescription:
\n

Most security training starts with slides. This workshop starts with a target. Students spend the majority of the course attacking a purpose-built web application across progressive labs covering the vulnerability classes that define modern web security.

\n\n

Each module follows a difficulty curve. Entry-level labs present classic, unfiltered vulnerabilities for students to exploit independently. Difficulty escalates as filters and defenses appear, requiring adaptation and creative problem-solving. Failed payloads, broken assumptions, and dead ends are not setbacks. They are the learning journey. The frustration of a blocked payload and the persistence to find the bypass is how offensive intuition is built.

\n\n

A final exploit chaining challenge ties everything together, combining findings across vulnerability classes to demonstrate how moderate issues chain into critical impact, the way real attacks work.

\n\n

Students attack, fail, adapt, and break through. Hands-on exploitation and the willingness to struggle is the foundation of any security career. It starts here.

\n\n

All you need is a laptop and persistence.

\n\nSpeakers:cale \"calebot\" smith,Ruchik Dave,Young Seuk Kim,Luke Cycon
\n
\nSpeakerBio:  cale \"calebot\" smith
\nCale Smith has spent his entire life obsessed with one question: \"Yeah, but how does it actually work?\"
\n\n

He started out building things, then realized breaking them was more fun, and has been doing exactly that across web, cloud, binary, IoT, and mobile ever since. He now manages a device-focused security team at Amazon, where his \"what if I just...\" instincts are finally considered a job qualification.

\n\nSpeakerBio:  Ruchik Dave
\n

Ruchik Samir Dave is a software engineer and security specialist with nearly 20 years of experience at the intersection of complex systems security and emerging threat landscapes. Ruchik has contributed to security frameworks for aviation systems and privacy-compliant architectures for large consumer IoT ecosystems, bringing safety-critical systems expertise to emerging technology platforms. His current research explores cloud security paradigms, security compliance, AI-assisted threat detection systems, and the novel attack surfaces introduced by machine learning implementations in embedded environments, areas that represent the cutting edge of adversarial research and defensive innovation. With a passion for building secure, large-scale software systems, Ruchik’s work addresses the evolving security challenges where traditional cybersecurity meets artificial intelligence, IoT proliferation, and safety-critical infrastructure.

\n\nSpeakerBio:  Young Seuk Kim
\n

Husband, father, hacker, gamer. Young’s path into security started like a good game exploit—he wanted to win, bent the rules, and discovered a passion for hacking. He began as a web app security consultant, moved into penetration testing and red teaming, and now works in application security engineering, helping teams build secure systems (and still breaking things for fun). He also dives into all kinds of games and stories, especially fantasy with Eastern martial arts, and loves dissecting media with the same curiosity he brings to code.

\n\nSpeakerBio:  Luke Cycon
\n

Luke is a former builder turned security engineer at Amazon, focused on web, cloud, and embedded device security. He came up building things before he discovered that breaking them taught him more about how they really work. These days he likes to poke at things until they misbehave, then help the builders make sure it doesn\'t happen twice. Off the clock, you\'ll find him tinkering with hardware, firing lasers at something, and celebrating each fixed bug with a bit too much whisky.

\n\n\n\'',NULL,1067436),('2_Friday','10','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W229 (Workshops)','\'Web Hacking 101\'','\'cale \"calebot\" smith,Ruchik Dave,Young Seuk Kim,Luke Cycon\'','DEF CON Workshops_6c7d13c7e8d7467df06461ffc67eae78','\'\'',NULL,1067437),('2_Friday','11','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W229 (Workshops)','\'Web Hacking 101\'','\'cale \"calebot\" smith,Ruchik Dave,Young Seuk Kim,Luke Cycon\'','DEF CON Workshops_6c7d13c7e8d7467df06461ffc67eae78','\'\'',NULL,1067438),('2_Friday','12','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W229 (Workshops)','\'Web Hacking 101\'','\'cale \"calebot\" smith,Ruchik Dave,Young Seuk Kim,Luke Cycon\'','DEF CON Workshops_6c7d13c7e8d7467df06461ffc67eae78','\'\'',NULL,1067439),('2_Friday','14','14:00','17:59','N','DEF CON Workshops','LVCCW Level 2 W228 (Workshops)','\'AWS Principal Threat Hunting: Behavioral Baselining for Malicious Activity\'','\'Rodrigo \"Sp0oKeR\" Montoro\'','DEF CON Workshops_e9e6900ec58290824f11da37ccdaace4','\'Title: AWS Principal Threat Hunting: Behavioral Baselining for Malicious Activity
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Friday, Aug 7, 14:00 - 17:59 PDT
\nWhere: LVCCW Level 2 W228 (Workshops) - Map
\n
\nDescription:
\n

Cloud security encounters attacks that elude standard detection. In AWS, unauthorized access keys are a common cause of breaches. The vastness of AWS—over 450 services and 20,000 API actions—complicates threat visibility and exposes gaps in traditional tools.

\n\n

This workshop empowers participants with direct, hands-on experience using the AWS Threat Hunter tool to improve threat detection. Attendees will focus on building behavioral baselines and leveraging data-driven analysis to detect subtle AWS principal anomalies, enabling more precise detection than traditional event monitoring.

\n\n

Attendees will move beyond standard techniques by building multi-stage detection pipelines that create individualized baselines for each IAM principal and systematically flag personalized deviations, linking outliers directly to risks.

\n\nSpeakerBio:  Rodrigo \"Sp0oKeR\" Montoro
\n

Rodrigo Montoro is the CTO at Clavis Security, bringing over 25 years of leadership and technical expertise to the information technology and cybersecurity landscape. Throughout his career, Rodrigo has been a pioneer in open-source security, specializing in incident detection, response, and Cloud Security. A two-time patented inventor, he holds proprietary technologies for detecting malicious digital documents and analyzing malicious HTTP traffic. With a resume that includes key research roles at Tenchi Security, Apura, Tempest, Sucuri, and SpiderLabs, Rodrigo is a globally recognized authority who frequently speaks at elite conferences such as DEF CON Workshops (2023), DEF CON Cloud Village (3x), Black Hat Brazil Summit, SANS (DFIR, SIEM Summit, CloudSecNext), Source (Boston and Seattle), Toorcon (San Diego), Sector Canada (6x), and BSidesLV.

\n\n\n\'',NULL,1067440),('2_Friday','15','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W228 (Workshops)','\'AWS Principal Threat Hunting: Behavioral Baselining for Malicious Activity\'','\'Rodrigo \"Sp0oKeR\" Montoro\'','DEF CON Workshops_e9e6900ec58290824f11da37ccdaace4','\'\'',NULL,1067441),('2_Friday','16','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W228 (Workshops)','\'AWS Principal Threat Hunting: Behavioral Baselining for Malicious Activity\'','\'Rodrigo \"Sp0oKeR\" Montoro\'','DEF CON Workshops_e9e6900ec58290824f11da37ccdaace4','\'\'',NULL,1067442),('2_Friday','17','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W228 (Workshops)','\'AWS Principal Threat Hunting: Behavioral Baselining for Malicious Activity\'','\'Rodrigo \"Sp0oKeR\" Montoro\'','DEF CON Workshops_e9e6900ec58290824f11da37ccdaace4','\'\'',NULL,1067443),('2_Friday','14','14:00','17:59','N','DEF CON Workshops','LVCCW Level 2 W231 (Workshops)','\'All About Stoopie InfoStealers: Malware Analysis for Understanding, Custom Coding for True Understanding!\'','\'Ryan \"@rj_chap\" Chapman,Aaron \"Ironical\" Rosenmund\'','DEF CON Workshops_0f088b32270c9209c3dbc99e5980a778','\'Title: All About Stoopie InfoStealers: Malware Analysis for Understanding, Custom Coding for True Understanding!
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Friday, Aug 7, 14:00 - 17:59 PDT
\nWhere: LVCCW Level 2 W231 (Workshops) - Map
\n
\nDescription:
\n

Infostealers suck. We all know that. We don\'t like them. We want you to learn all that you can about them to help thwart the ongoing, ever-evolving threat. On that note, current infostealers are largely rule-based and path-driven, targeting known browser stores and wallets with noisy exfiltration methods. This four-hour workshop, led by Ryan Chapman and Aaron Rosenmund, moves beyond basic comprehension via observation to explore the evolution of precision-based malware. Students will utilize a live, on-demand lab environment to perform deep malware analysis using Ghidra to understand how current stealers operate.\nThe session then transitions from analysis to creation, where attendees code, compile, and re-build their own \"evolved\" stealers. We replace static file targeting with in-memory relevance models and trade obvious HTTPS exfiltration for stealthy timing and protocol-native patterns. This hands-on, kinesthetic experience focuses on building a custom arsenal from the ground up. Participants will learn to enhance their tools with behavioral stealth, transitioning from identifying \"stoopie\" patterns to implementing advanced, AI-driven tradecraft and custom red team tool operations.\nYou won\'t just learn how what an infostealer is. You\'ll learn how they operated end-to-end. Join us :).

\n\nSpeakers:Ryan \"@rj_chap\" Chapman,Aaron \"Ironical\" Rosenmund
\n
\nSpeakerBio:  Ryan \"@rj_chap\" Chapman
\n

Ryan Chapman is the author of SANS‚ FOR528: Ransomware and Cyber Extortion‚ course, teaches SANS‚ FOR610: Reverse Engineering Malware‚ course, and works as a threat hunter @ $dayJob. Ryan has a passion for life-long learning, loves to teach people about ransomware-related attacks, and enjoys pulling apart malware. He has presented workshops at DefCon and other conferences in the past and knows how to create a step-by-step instruction set to maximize hands-on learning.

\n\nSpeakerBio:  Aaron \"Ironical\" Rosenmund
\n

Aaron Rosenmund is an accomplished cybersecurity professional with extensive experience in various leadership roles across multiple organizations. Currently serving as the Managing Director of Tradecraft and Programs at OnDefend since September 2024, Aaron also holds a position at the National Guard Bureau as Staff Lead for the Cyber Shield Red Team, demonstrating a commitment to enhancing cybersecurity defenses. With a background that includes significant roles at Pluralsight, where responsibilities spanned content strategy and security skills development, and the Florida Air National Guard as a Lead Cyber Operator focused on defensive operations, Aaron has developed a comprehensive skill set in threat emulation, cyber system operations, and training. Additionally, past leadership positions as CEO at Aestus Industries and Vice President at Concrete Surface Innovations underscore strong management capabilities and operational expertise. Aaron holds multiple degrees in technology and cybersecurity from respected institutions, underscoring a solid educational foundation in this field.

\n\n\n\'',NULL,1067444),('2_Friday','15','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W231 (Workshops)','\'All About Stoopie InfoStealers: Malware Analysis for Understanding, Custom Coding for True Understanding!\'','\'Ryan \"@rj_chap\" Chapman,Aaron \"Ironical\" Rosenmund\'','DEF CON Workshops_0f088b32270c9209c3dbc99e5980a778','\'\'',NULL,1067445),('2_Friday','16','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W231 (Workshops)','\'All About Stoopie InfoStealers: Malware Analysis for Understanding, Custom Coding for True Understanding!\'','\'Ryan \"@rj_chap\" Chapman,Aaron \"Ironical\" Rosenmund\'','DEF CON Workshops_0f088b32270c9209c3dbc99e5980a778','\'\'',NULL,1067446),('2_Friday','17','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W231 (Workshops)','\'All About Stoopie InfoStealers: Malware Analysis for Understanding, Custom Coding for True Understanding!\'','\'Ryan \"@rj_chap\" Chapman,Aaron \"Ironical\" Rosenmund\'','DEF CON Workshops_0f088b32270c9209c3dbc99e5980a778','\'\'',NULL,1067447),('2_Friday','14','14:00','17:59','N','DEF CON Workshops','LVCCW Level 2 W233 (Workshops)','\'Embedded Computing Tools for Wireless Hardware Hacking\'','\'Joseph Long\'','DEF CON Workshops_9ad6c291742ea1bf4b2caf0da707fadd','\'Title: Embedded Computing Tools for Wireless Hardware Hacking
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Friday, Aug 7, 14:00 - 17:59 PDT
\nWhere: LVCCW Level 2 W233 (Workshops) - Map
\n
\nDescription:
\n

Hands-on exploration of embedded hardware tools implementing multiple wireless communication standards. Experiment with Wi-Fi wireless local area network (WLAN) technology and Bluetooth personal area network (PAN) technology. Stream audio to and from a variety of endpoints. Configure a Nordic nRF52 Bluetooth sniffer to capture and analyze wireless communications using Wireshark. Examine the design and manufacture of an exclusive dual-core embedded hardware target supporting both Wi-Fi and Bluetooth. Leverage the target to experiment with microcontroller-based wireless hardware hacking. Practice both sinking and sourcing Bluetooth Audio streams into and out of the hardware target. Capture Wi-Fi packets using onto the hardware target for transfer to Wireshark for analysis. Perform example security exploits and countermeasures using embedded wireless hardware tools.

\n\n

PLEASE NOTE: This workshop requires purchasing the necessary hardware tools. A link to complete the purchase of $60 will be provided upon registration for the workshop. The purchased kits will be distributed during the workshop.

\n\nSpeakerBio:  Joseph Long
\n

Joseph Long has been tinkering, designing, and hacking electronic systems for about forty years. He is the founder of HackerBoxes.com, the monthly subscription box service for electronics, cybersecurity, and hacker culture. Joseph is a licensed professional engineer and patent attorney who loves to teach electrical engineering and computer science topics.

\n\n\n\'',NULL,1067448),('2_Friday','15','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W233 (Workshops)','\'Embedded Computing Tools for Wireless Hardware Hacking\'','\'Joseph Long\'','DEF CON Workshops_9ad6c291742ea1bf4b2caf0da707fadd','\'\'',NULL,1067449),('2_Friday','16','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W233 (Workshops)','\'Embedded Computing Tools for Wireless Hardware Hacking\'','\'Joseph Long\'','DEF CON Workshops_9ad6c291742ea1bf4b2caf0da707fadd','\'\'',NULL,1067450),('2_Friday','17','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W233 (Workshops)','\'Embedded Computing Tools for Wireless Hardware Hacking\'','\'Joseph Long\'','DEF CON Workshops_9ad6c291742ea1bf4b2caf0da707fadd','\'\'',NULL,1067451),('2_Friday','14','14:00','17:59','N','DEF CON Workshops','LVCCW Level 2 W232 (Workshops)','\'Introduction to Malware Analysis\'','\'Sam Bowne,Elizabeth Biddlecome,Kaitlyn Handelman,Irvin Lemus\'','DEF CON Workshops_6c7e1e0b18d478a5ae368810f635311a','\'Title: Introduction to Malware Analysis
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Friday, Aug 7, 14:00 - 17:59 PDT
\nWhere: LVCCW Level 2 W232 (Workshops) - Map
\n
\nDescription:
\n

Analyze malware to find indicators of compromise using static and dynamic techniques. We will analyze Windows executables at the binary level and modify them to cheat at games. We will examine both compiled code and DOTNET executables. We will also examine defenses to prevent memory-corruption attacks, including coding in Rust.

\n\n

We will demonstrate the techniques and help attendees solve challenges. There are dozens of hands-on projects, with a running CTF scoreboard. Some of the projects are easy enough for beginners, and others will challenge experienced experts. Every participant should leave with some new skills.

\n\n

All materials are freely available on the Web at samsclass.info and will remain available after the workshop is over.

\n\nSpeakers:Sam Bowne,Elizabeth Biddlecome,Kaitlyn Handelman,Irvin Lemus
\n
\nSpeakerBio:  Sam Bowne
\n

Sam Bowne has been teaching computer networking and security classes at City College San Francisco since 2000. He has given talks and hands-on trainings at DEF CON, DEF CON China, Black Hat USA, HOPE, BSidesSF, BSidesLV, RSA, and many other conferences and colleges. He founded Infosec Decoded, Inc., and does corporate training and consulting for several Fortune 100 companies, on topics including Incident Response and Secure Coding.

\n\n

Formal education: B.S. and Ph.D. in Physics\nIndustry credentials:

\n\n

Infosec: CISSP, Certified Ethical Hacker, Security+, Defcon Black Badge, Splunk Core Certified User\nNetworking: Network+, Certified Fiber Optic Technician, HE IPv6 Sage, CCENT, IPv6 Forum Silver & Gold, Juniper JN0-101, Wireshark WCNA\nMicrosoft: MCP, MCDST, MCTS: Vista

\n\nSpeakerBio:  Elizabeth Biddlecome
\n

Elizabeth Biddlecome is a consultant and instructor, delivering technical training and mentorship to students and professionals. She leverages her enthusiasm for architecture, security, and code to design and implement comprehensive information security solutions for business needs. Elizabeth enjoys wielding everything from soldering irons to cripting languages in cybersecurity competitions, hackathons, and CTFs.

\n\nSpeakerBio:  Kaitlyn Handelman
\n

Kaitlyn Handelman is an offensive security engineer at Amazon. Her\nfocus is cybersecurity in space. In addition to traditional\npenetration testing, Kaitlyn works on physical devices and RF signals.\nIn her free time, she enjoys ham radio, astronomy, and her cat,\nAstrocat.

\n\nSpeakerBio:  Irvin Lemus
\n

Irvin Lemus, CISSP is a Cyber Range Engineer at By Light IT\nProfessional Services, training military personnel through\ninternational cyber security exercises. Irvin has been in the field\nsince 2006, involved with cybersecurity competitions since 2015 as a\ntrainer, coach, and mentor. He also has taught IT and Cybersecurity\ncourses at Coastline and Cabrillo\nColleges.\nHe is the BACCC Cyber Competitions Regional Coordinator, Board member\nat Pacific Hackers and is a speaker at DEFCON. He describes himself\nas, \"A professional troublemaker who loves hacking all the things.\"

\n\n\n\'',NULL,1067452),('2_Friday','15','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W232 (Workshops)','\'Introduction to Malware Analysis\'','\'Sam Bowne,Elizabeth Biddlecome,Kaitlyn Handelman,Irvin Lemus\'','DEF CON Workshops_6c7e1e0b18d478a5ae368810f635311a','\'\'',NULL,1067453),('2_Friday','16','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W232 (Workshops)','\'Introduction to Malware Analysis\'','\'Sam Bowne,Elizabeth Biddlecome,Kaitlyn Handelman,Irvin Lemus\'','DEF CON Workshops_6c7e1e0b18d478a5ae368810f635311a','\'\'',NULL,1067454),('2_Friday','17','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W232 (Workshops)','\'Introduction to Malware Analysis\'','\'Sam Bowne,Elizabeth Biddlecome,Kaitlyn Handelman,Irvin Lemus\'','DEF CON Workshops_6c7e1e0b18d478a5ae368810f635311a','\'\'',NULL,1067455),('2_Friday','14','14:00','17:59','N','DEF CON Workshops','LVCCW Level 2 W222 (Workshops)','\'Investigating and Responding to M365 account compromise on a shoestring: Living of the Land Incident Response\'','\'Vince \"bitpusher\" Weppner\'','DEF CON Workshops_5b739960a13ffaec11a3f89b252b7823','\'Title: Investigating and Responding to M365 account compromise on a shoestring: Living of the Land Incident Response
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Friday, Aug 7, 14:00 - 17:59 PDT
\nWhere: LVCCW Level 2 W222 (Workshops) - Map
\n
\nDescription:
\n

A compromised mailbox. An inbox rule named \".\". An OAuth consent to an unknown application. A sign-in from a cloud-hosting ASN with user-agent \"axios\" and MFA status \"satisfied by claim in token\". Somewhere in there is the story - and somewhere in the Microsoft 365 logs is the evidence.\nThis four-hour hands-on workshop teaches Business Email Compromise investigation in the tenants most responders actually see: M365 Business Premium or E3. No Sentinel. No SIEM. No problem. Using only native admin centers, PowerShell modules, and a few scripts, you will run a complete BEC investigation end to end.\nWorking through several progressive scenarios, from single-user compromise, through lateral-pivot case with MailItemsAccessed analysis, to multi-account incident with a malicious enterprise app and transport rule. You will learn how to contain, collect, triage, pivot, expand scope, remediate, and produce the three common reporting deliverables: investigation report, attestation letter, internal post-mortem.\nThis is Living off the Land Incident Response. Through chronology and topology, come correlate some logs with me and see what story they tell.

\n\nSpeakerBio:  Vince \"bitpusher\" Weppner
\n

Vincent M. Weppner (Bitpusher) is an Information Security Specialist with 10+ years of dedicated cybersecurity focus and 25 years in IT overall. He works as a Security Analyst at a mid-market MSP and runs an independent IT consulting practice at theTechRelay.com. Generally found lurking in the mountains of Southern California, and occasionally maintaining his open-source tooling at github.com/bitpusher2k.\nHis day-to-day work covers M365 security operations, Active Directory and endpoint security, BEC/ransomware incident response, EDR/SIEM management, and security consulting for SMB and mid-market clients. Specialization in Business Email Compromise was built out of direct operational need: after dozens of BEC incidents, the pattern of \"which script do I need to run right now?\" became clear enough to codify. Passionately solving puzzles through scripting, and hoping to pass on some of it to you.

\n\n\n\'',NULL,1067456),('2_Friday','15','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W222 (Workshops)','\'Investigating and Responding to M365 account compromise on a shoestring: Living of the Land Incident Response\'','\'Vince \"bitpusher\" Weppner\'','DEF CON Workshops_5b739960a13ffaec11a3f89b252b7823','\'\'',NULL,1067457),('2_Friday','16','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W222 (Workshops)','\'Investigating and Responding to M365 account compromise on a shoestring: Living of the Land Incident Response\'','\'Vince \"bitpusher\" Weppner\'','DEF CON Workshops_5b739960a13ffaec11a3f89b252b7823','\'\'',NULL,1067458),('2_Friday','17','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W222 (Workshops)','\'Investigating and Responding to M365 account compromise on a shoestring: Living of the Land Incident Response\'','\'Vince \"bitpusher\" Weppner\'','DEF CON Workshops_5b739960a13ffaec11a3f89b252b7823','\'\'',NULL,1067459),('2_Friday','14','14:00','17:59','N','DEF CON Workshops','LVCCW Level 2 W225 (Workshops)','\'OT Systems: how to secure them in practice!\'','\'Alexandrine Torrents,Arnaud SOULLIE\'','DEF CON Workshops_a32db55433ef700088de2f3a1a27fabc','\'Title: OT Systems: how to secure them in practice!
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Friday, Aug 7, 14:00 - 17:59 PDT
\nWhere: LVCCW Level 2 W225 (Workshops) - Map
\n
\nDescription:
\n

Securing OT systems is often presented as challenging, with multiple business constraints - but is it that complicated, especially considering a single industrial site?\nIn this 4-hour, hands-on workshop, each participant will manipulate a simple but realistic Industrial Control System setup with SCADA systems & PLCs. Attendees will have the opportunity to secure it step by step, through several hands-on exercises & discover how to manually secure OT systems: OT inventory, backups, network security, system hardening and detection.\nWhat if the real challenge is OT security at scale? Besides implementing manual security on our setup, we will address each step of the way OT security at scale and share feedback on how large companies are securing their OT systems, both at organizational & technical level: community of OT cyber correspondents, OT DMZ and security tools deployment.\nNo prior OT experience is required.

\n\nSpeakers:Alexandrine Torrents,Arnaud SOULLIE
\n
\nSpeakerBio:  Alexandrine Torrents
\n

Alexandrine Torrents is a cybersecurity expert at Wavestone. She started as a penetration tester, and then specialized in OT cybersecurity. She is IEC 62443 certified. She performed dozens of OT cybersecurity assessments across various industries & worked on OT models to perform attacks on PLCs & SCADA systems. Alexandrine also helps secure OT both at technical & organization levels: secure architecture, system hardening, IAM, cyber resilience, detection, governance, awareness & training, risk assessment, cyber by design, etc. Alexandrine works with different CISOs on their OT cybersecurity roadmaps & programs at different scales of large industrial companies: site, business units, Group with worldwide scope. Alexandrine also gives training on OT cybersecurity.

\n\nSpeakerBio:  Arnaud SOULLIE
\n

Arnaud Soullie is a Senior Manager at Wavestone. He has over 15 years of experience in security assessments and penetration testing, with 10 years specializing in Industrial Control Systems cybersecurity. He has delivered talks and workshops at DEF CON, Black Hat Europe, BruCON, CS3STHLM, BSides Las Vegas, and others. He is the creator of the DYODE open-source data diode project and has been teaching ICS cybersecurity since 2015.

\n\n\n\'',NULL,1067460),('2_Friday','15','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W225 (Workshops)','\'OT Systems: how to secure them in practice!\'','\'Alexandrine Torrents,Arnaud SOULLIE\'','DEF CON Workshops_a32db55433ef700088de2f3a1a27fabc','\'\'',NULL,1067461),('2_Friday','16','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W225 (Workshops)','\'OT Systems: how to secure them in practice!\'','\'Alexandrine Torrents,Arnaud SOULLIE\'','DEF CON Workshops_a32db55433ef700088de2f3a1a27fabc','\'\'',NULL,1067462),('2_Friday','17','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W225 (Workshops)','\'OT Systems: how to secure them in practice!\'','\'Alexandrine Torrents,Arnaud SOULLIE\'','DEF CON Workshops_a32db55433ef700088de2f3a1a27fabc','\'\'',NULL,1067463),('2_Friday','14','14:00','17:59','N','DEF CON Workshops','LVCCW Level 2 W229 (Workshops)','\'Reaching Mythos: Hands-On Vulnerability Discovery with Local AI Models\'','\'John \"clearbluejar\" McIntosh\'','DEF CON Workshops_3d1f153431a07f113282f50042f7a5c9','\'Title: Reaching Mythos: Hands-On Vulnerability Discovery with Local AI Models
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Friday, Aug 7, 14:00 - 17:59 PDT
\nWhere: LVCCW Level 2 W229 (Workshops) - Map
\n
\nDescription:
\n

Anthropic, April 2026: Claude Mythos Preview is \"strikingly capable\" at zero-day discovery. They chose not to release it.

\n\n

AISLE, one week later: \"The moat in AI cybersecurity is the system, not the model.\" They reproduced Mythos-class findings on FreeBSD with a 1,700-line scan.py and a commodity model for under $100.

\n\n

This four-hour hands-on workshop is the local-hardware version of that argument. Two reproductions, two domains, one harness pattern.

\n\n

Part I: point AISLE\'s open-source pipeline at a pre-patch FreeBSD checkout through a hosted local-AI inference endpoint and reproduce the 17-year-old CVE-2026-4747 that drove Mythos, for sub-dollar spend.

\n\n

Part II: change domains. Drive Ghidra through MCP tool calls against unpatchable D-Link DNS-320L firmware. Validate CVE-2024-3273 with the advisory in hand, then rediscover it from a blank start once the harness moves enumeration into the driver.

\n\n

What happens next is what you come to find out. Same hardware, same model, same harness, four hours later: can local AI extend the famous disclosure with bugs the original missed? Come see for yourself.

\n\n

No GPU. No API. No cloud spend. The workshop hosts inference for the room.

\n\nSpeakerBio:  John \"clearbluejar\" McIntosh
\n

John McIntosh (@clearbluejar) is a security researcher and founder of ClearSecLabs, specializing in reverse engineering, vulnerability research, and AI-assisted binary analysis. He is the author of ghidriff, an open-source Ghidra-based binary diffing engine, and pyghidra-mcp, a headless Ghidra MCP server enabling LLM-driven, project-wide, multi-binary reverse engineering workflows. An active contributor to the Agent Skills ecosystem, John bridges deterministic analysis with AI-driven reasoning to accelerate vulnerability research. He has delivered training and workshops at DEF CON, Black Hat, REcon, Ringzer0, 44CON, Objective by the Sea, and Insomni\'hack, covering topics from practical Windows reverse engineering to building private local LLM RE stacks. His recent work includes the \"Agentic RE\" training at DEF CON Singapore 2026, the MCP Ghidra workshop at REcon 2025, and the \"Supercharging Ghidra\" LLM workshop at Ringzer0 COUNTERMEASURE 2025. With over a decade of offensive security experience, John publishes detailed research on reversing CVEs, building RE tooling, and agentic patch diffing at clearbluejar.github.io. His teaching emphasizes reproducibility, progressive skill-building, and contributor empowerment.

\n\n\n\'',NULL,1067464),('2_Friday','15','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W229 (Workshops)','\'Reaching Mythos: Hands-On Vulnerability Discovery with Local AI Models\'','\'John \"clearbluejar\" McIntosh\'','DEF CON Workshops_3d1f153431a07f113282f50042f7a5c9','\'\'',NULL,1067465),('2_Friday','16','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W229 (Workshops)','\'Reaching Mythos: Hands-On Vulnerability Discovery with Local AI Models\'','\'John \"clearbluejar\" McIntosh\'','DEF CON Workshops_3d1f153431a07f113282f50042f7a5c9','\'\'',NULL,1067466),('2_Friday','17','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W229 (Workshops)','\'Reaching Mythos: Hands-On Vulnerability Discovery with Local AI Models\'','\'John \"clearbluejar\" McIntosh\'','DEF CON Workshops_3d1f153431a07f113282f50042f7a5c9','\'\'',NULL,1067467),('2_Friday','14','14:00','17:59','N','DEF CON Workshops','LVCCW Level 2 W230 (Workshops)','\'Solder, Detect, Listen: Build Your Own EMF Explorer\'','\'Darcy \"@Drc3p0\" Neal\'','DEF CON Workshops_5f4228229a836bd91dfe339849f00768','\'Title: Solder, Detect, Listen: Build Your Own EMF Explorer
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Friday, Aug 7, 14:00 - 17:59 PDT
\nWhere: LVCCW Level 2 W230 (Workshops) - Map
\n
\nDescription:
\n

Every electronic device around you is silently broadcasting electromagnetic signals. In this\nhands-on workshop, you will build an SMD (surface-mount) version of the EMF Explorer from bare PCB to\nworking device, learning progressive SMD soldering techniques from 1206 down to 0603 component sizes\nalong the way. Geared for absolute beginners who are new to soldering and electronics. This session pairs each build stage with a circuit theory deep dive: you will understand the voltage divider powering your board, the op-amp gain stages amplifying\nEMF signals into audible sound, and how inductor geometry shapes what you can hear. Walk\naway with a functional EMF listening device, new SMD skills transferable to real-world hardware hacking,\nand a deeper understanding of the electromagnetic emissions all around you.

\n\nSpeakerBio:  Darcy \"@Drc3p0\" Neal
\n

Darcy Neal (Drc3p0) is an electronics educator and founder of SporkLogic, where they design open-source hardware kits and facilitate soldering workshops at maker and hacker events worldwide. With over 15 years in interactive audio-visual hardware design, Darcy\'s work spans RF experimentation, new media installations, boutique synthesizer production, and hands-on electronics education. Their flagship product, the EMF Explorer, is an accessible tool for sonifying electromagnetic fields. They collaborate regularly with Mitch Altman and the Hardware Hacking Assembly, and have taught large-scale soldering workshops across the global hacker community.

\n\n\n\'',NULL,1067468),('2_Friday','15','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W230 (Workshops)','\'Solder, Detect, Listen: Build Your Own EMF Explorer\'','\'Darcy \"@Drc3p0\" Neal\'','DEF CON Workshops_5f4228229a836bd91dfe339849f00768','\'\'',NULL,1067469),('2_Friday','16','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W230 (Workshops)','\'Solder, Detect, Listen: Build Your Own EMF Explorer\'','\'Darcy \"@Drc3p0\" Neal\'','DEF CON Workshops_5f4228229a836bd91dfe339849f00768','\'\'',NULL,1067470),('2_Friday','17','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W230 (Workshops)','\'Solder, Detect, Listen: Build Your Own EMF Explorer\'','\'Darcy \"@Drc3p0\" Neal\'','DEF CON Workshops_5f4228229a836bd91dfe339849f00768','\'\'',NULL,1067471),('3_Saturday','09','09:00','12:59','N','DEF CON Workshops','LVCCW Level 2 W233 (Workshops)','\'Battle-Tested Broadcasts: RF Insights From Ukraine\'','\'Preston Zen\'','DEF CON Workshops_e03b907cd32d3b4edfea8698bc81c83a','\'Title: Battle-Tested Broadcasts: RF Insights From Ukraine
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Saturday, Aug 8, 09:00 - 12:59 PDT
\nWhere: LVCCW Level 2 W233 (Workshops) - Map
\n
\nDescription:
\n

Every wireless thing in your life is broadcasting. The question is who\'s listening — and what they can do with it.\nBattle-Tested Broadcasts is a four-hour, hands-on workshop on RF detection and direction finding, framed by the most demanding live laboratory in the world for these techniques: the Ukrainian frontline. We start with universal foundations — frequency, modulation, antennas, what your SDR can and can\'t see — and pivot into where neural-time RF detection becomes existential: drones. A pilot powers up an FPV controller thirty seconds before impact. Pure RF detection is often the only sensor in the chain that catches the threat before the drone leaves the ground.\nWe cover what\'s actually in the air across a contested battlefield slice — controllers, video downlinks, telemetry beacons, battlefield comms, GNSS, and the increasingly exotic bands operators are pushing into to dodge electronic warfare. We dissect the honest limits of common off-the-shelf SDR tooling, and the ways adversaries already evade pure RF detection: from fiber-optic and autonomous drones to wired front-line networks, frequency hopping, and out-of-scan spectrum.\nAttendees solder and flash a Signal Compass — a pocket ESP32 signal detector with directional bearing. Rotating lab stations cover passive scanning, fingerprinting, direction findi

\n\nSpeakerBio:  Preston Zen
\n

Preston Zen ‚ the original creator of 1337sheets.com, OSCE3 certified, now leading Kaizen Labs out of a Japan / Ukraine hybrid office. Software, hardware, and cybersecurity background. Volunteering in Ukraine since 2022 with NGOs including Dronarnia, BeeTA, American Made Freedom, and Shield of Freedom on drone systems, RF detection, EW countermeasures, and humanitarian logistics. DEFCON regular since DC25 and a Hac-Man CTF contributor for the past three years. He\'s shipped more boards than he\'s counted, and has spent enough time near the Ukrainian frontline to have strong opinions about which detection tools actually work when the noise floor is on fire.

\n\n\n\'',NULL,1067472),('3_Saturday','10','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W233 (Workshops)','\'Battle-Tested Broadcasts: RF Insights From Ukraine\'','\'Preston Zen\'','DEF CON Workshops_e03b907cd32d3b4edfea8698bc81c83a','\'\'',NULL,1067473),('3_Saturday','11','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W233 (Workshops)','\'Battle-Tested Broadcasts: RF Insights From Ukraine\'','\'Preston Zen\'','DEF CON Workshops_e03b907cd32d3b4edfea8698bc81c83a','\'\'',NULL,1067474),('3_Saturday','12','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W233 (Workshops)','\'Battle-Tested Broadcasts: RF Insights From Ukraine\'','\'Preston Zen\'','DEF CON Workshops_e03b907cd32d3b4edfea8698bc81c83a','\'\'',NULL,1067475),('3_Saturday','09','09:00','12:59','N','DEF CON Workshops','LVCCW Level 2 W232 (Workshops)','\'Detecting and Analyzing Memory Only Malware with Volatility 3\'','\'Andrew Case,Pierre \"Abyss Watcher\" Breton,David McDonald\'','DEF CON Workshops_d966a5334d4aaae7ef2c13f66dfdd6e4','\'Title: Detecting and Analyzing Memory Only Malware with Volatility 3
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Saturday, Aug 8, 09:00 - 12:59 PDT
\nWhere: LVCCW Level 2 W232 (Workshops) - Map
\n
\nDescription:
\n

Memory-only malware is now commonly used by threat actors ranging from criminal organizations to ransomware operators to APT groups. To detect such malware, memory forensics, which is the examination of a system’s volatile memory (RAM), must be performed. Volatility 3 is the latest version of the Volatility Memory Analysis framework and is the most widely used open-source framework for memory forensics. In this workshop, students will learn how to use Volatility 3 to detect the most sophisticated malware techniques found in the wild. This learning will occur through a mixture of lectures, live demos, and extensive hands-on labs where students analyze memory samples infected with real malware. While students work through labs, instructors walk to each student’s station to ensure they are progressing. An instructor also walks through each lab live upon completion, and students are given a 35+ page lab guide that contains all the scenarios, questions, and detailed answers. Students can later use the course slides and lab guide to practice as well as to guide real-world investigations. The workshop’s instructors are core Volatility developers who have made significant contributions to the project. By attending this workshop, students will gain deep knowledge and hands-on experience analyzing memory-only malware.

\n\nSpeakers:Andrew Case,Pierre \"Abyss Watcher\" Breton,David McDonald
\n
\nSpeakerBio:  Andrew Case
\n

Andrew Case is the Director of Research at Volexity and has significant experience in incident response handling, digital forensics, and malware analysis. Case is a core developer of Volatility, the most widely used open-source memory forensics framework, and a co-author of the highly popular and technical forensics analysis book \"The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory.\" Case has spoken at many industry conferences, including DEF CON, Black Hat, RSA, DFRWS, SecTor, BSides*, and OMFW.

\n\nSpeakerBio:  Pierre \"Abyss Watcher\" Breton
\n

Pierre (Abyss Watcher) Breton is a researcher at Volexity, holding a Master of Science in Cybersecurity, specializing in digital forensics, malware analysis and detection engineering. He is a primary contributor to Volatility, the most widely used open-source memory forensics framework. Breton has demonstrated a great ability to assist the incident response community by developing innovative capabilities and resources. He conveys his passion through the organization of CTF events and training sessions that showcase both accessible and challenging topics.

\n\nSpeakerBio:  David McDonald
\n

David McDonald is a researcher and software engineer with 5 years of digital forensics R&D experience. His passion for this field began with his involvement in the University of New Orleans CTF team, as well as through his time as a Systems Programming teaching assistant. After over two years of digital forensics research and development on Cellebrite\'s computer forensics team, he joined Volexity\'s Volcano team, where he now works to develop next-generation memory analysis solutions. He believes deeply in sharing knowledge and helping others discover their abilities and interests through their own journeys in cybersecurity, and strives to pay forward the benefits of the mentorship that has opened so many doors for him.

\n\n\n\'',NULL,1067476),('3_Saturday','10','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W232 (Workshops)','\'Detecting and Analyzing Memory Only Malware with Volatility 3\'','\'Andrew Case,Pierre \"Abyss Watcher\" Breton,David McDonald\'','DEF CON Workshops_d966a5334d4aaae7ef2c13f66dfdd6e4','\'\'',NULL,1067477),('3_Saturday','11','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W232 (Workshops)','\'Detecting and Analyzing Memory Only Malware with Volatility 3\'','\'Andrew Case,Pierre \"Abyss Watcher\" Breton,David McDonald\'','DEF CON Workshops_d966a5334d4aaae7ef2c13f66dfdd6e4','\'\'',NULL,1067478),('3_Saturday','12','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W232 (Workshops)','\'Detecting and Analyzing Memory Only Malware with Volatility 3\'','\'Andrew Case,Pierre \"Abyss Watcher\" Breton,David McDonald\'','DEF CON Workshops_d966a5334d4aaae7ef2c13f66dfdd6e4','\'\'',NULL,1067479),('3_Saturday','09','09:00','12:59','N','DEF CON Workshops','LVCCW Level 2 W225 (Workshops)','\'Explore the Windows instrumentation callback\'','\'Yoann \"OtterHacker\" DEQUEKER\'','DEF CON Workshops_c99ff5e831a392560d9081b224e96252','\'Title: Explore the Windows instrumentation callback
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Saturday, Aug 8, 09:00 - 12:59 PDT
\nWhere: LVCCW Level 2 W225 (Workshops) - Map
\n
\nDescription:
\n

The Nirvana Debug is a type of instrumentation callback existing since Windows 7. This workshop idea is to see how this feature can be weaponized in order to either:\n- Hijack execution flow\n- Perform process injection\n- Perform sleep obfuscation for C2 beacon

\n\n

During this workshop, you will learn the main principle of Nirvana Debugging, and try to weaponize it. Some debugging, reverse and coding will be needed in order to create a new malware that will evade classic EDR solutions.

\n\nSpeakerBio:  Yoann \"OtterHacker\" DEQUEKER
\n

Yoann Dequeker (@OtterHacker) is a red team operator at Wavestone entitle with OSCP and CRTO certification. Aside from his RedTeam engagements and his contributions to public projects such as Impacket, he spends time working on Malware Developpement to ease beacon deployment and EDR bypass during engagements and is currently developing a fully custom C2.

\n\n

His research leads him to present his results on several conferences such as LeHack (Paris), Insomni\'hack (Swiss) or even through a 4-hour malware workshop at Defcon31,32 and 33 (Las Vegas). All along the year, he publishes several white papers on the techniques he discovered or upgraded and the vulnerabilities he found on public products.

\n\n\n\'',NULL,1067480),('3_Saturday','10','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W225 (Workshops)','\'Explore the Windows instrumentation callback\'','\'Yoann \"OtterHacker\" DEQUEKER\'','DEF CON Workshops_c99ff5e831a392560d9081b224e96252','\'\'',NULL,1067481),('3_Saturday','11','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W225 (Workshops)','\'Explore the Windows instrumentation callback\'','\'Yoann \"OtterHacker\" DEQUEKER\'','DEF CON Workshops_c99ff5e831a392560d9081b224e96252','\'\'',NULL,1067482),('3_Saturday','12','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W225 (Workshops)','\'Explore the Windows instrumentation callback\'','\'Yoann \"OtterHacker\" DEQUEKER\'','DEF CON Workshops_c99ff5e831a392560d9081b224e96252','\'\'',NULL,1067483),('3_Saturday','09','09:00','12:59','N','DEF CON Workshops','LVCCW Level 2 W230 (Workshops)','\'HackTheCloud26: Chaining Cloud Misconfigurations to Compromise Infrastructure\'','\'HackeMate\'','DEF CON Workshops_0952de90fbb8007d21a5952105ff5ae7','\'Title: HackTheCloud26: Chaining Cloud Misconfigurations to Compromise Infrastructure
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Saturday, Aug 8, 09:00 - 12:59 PDT
\nWhere: LVCCW Level 2 W230 (Workshops) - Map
\n
\nDescription:
\n

HackTheCloud25 CTF Manager is an automated orchestration framework designed for the management of cloud cybersecurity challenges. It enables the deployment of intentionally vulnerable laboratories across AWS, Azure, and GCP using Terraform as the underlying Infrastructure-as-Code engine. The solution centralizes challenge definitions via YAML files, managing complex dependencies, dynamic variables, and resource outputs through a unified command-line interface (CLI) to list, deploy, destroy, and monitor resources in a controlled environment.

\n\n

Furthermore, the framework incorporates environment validation, automated credential detection, detailed event logging, and support for reusable configurations, ensuring high scalability and traceability for complex attack scenarios. Collectively, the CTF Manager provides a reproducible and extensible approach to orchestrating practical cloud security exercises for educational purposes, streamlining the creation, operation, and maintenance of vulnerable infrastructures within dedicated testing environments.

\n\nSpeakerBio:  HackeMate
\n

HackeMate is the host of the YouTube channel under the same name, where the creator, an Offensive Cybersecurity Engineer, shares their expertise in ethical hacking, as well as offensive and defensive security. With over 30,000 subscribers engaged in the world of cybersecurity, they have established themselves as a key figure in the community through challenges, technical analyses, and hands-on demonstrations.\nProfessionally, HackeMate holds Red Team certifications such as the eLearnSecurity Junior Penetration Tester (eJPT) and Web Penetration Tester (eWPT), along with Blue Team certifications like Microsoft Azure Fundamentals (AZ-900) and Microsoft Security, Compliance, and Identity Fundamentals (SC-900). They are also a Google Product Expert for Google Drive, contributing their knowledge in cloud security and optimization.

\n\n\n\'',NULL,1067484),('3_Saturday','10','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W230 (Workshops)','\'HackTheCloud26: Chaining Cloud Misconfigurations to Compromise Infrastructure\'','\'HackeMate\'','DEF CON Workshops_0952de90fbb8007d21a5952105ff5ae7','\'\'',NULL,1067485),('3_Saturday','11','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W230 (Workshops)','\'HackTheCloud26: Chaining Cloud Misconfigurations to Compromise Infrastructure\'','\'HackeMate\'','DEF CON Workshops_0952de90fbb8007d21a5952105ff5ae7','\'\'',NULL,1067486),('3_Saturday','12','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W230 (Workshops)','\'HackTheCloud26: Chaining Cloud Misconfigurations to Compromise Infrastructure\'','\'HackeMate\'','DEF CON Workshops_0952de90fbb8007d21a5952105ff5ae7','\'\'',NULL,1067487),('3_Saturday','09','09:00','12:59','N','DEF CON Workshops','LVCCW Level 2 W231 (Workshops)','\'Hecate: A Trivial UART Tool\'','\'mx,Joe \"SecurelyFitz\" FitzPatrick,nyx\'','DEF CON Workshops_bc62c472f92ebacfa03c5357c4cffb25','\'Title: Hecate: A Trivial UART Tool
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Saturday, Aug 8, 09:00 - 12:59 PDT
\nWhere: LVCCW Level 2 W231 (Workshops) - Map
\n
\nDescription:
\n

Hecate is an open source UART implant framework designed to make common hardware hacking tasks easy with minimal code. It turns any CircuitPython microcontroller into a powerful, customizable UART implant.

\n\n

In this workshop, you\'ll get to use all the core features of Hecate and see how they work against multiple target devices. We\'ll start hands-on by listening to a device\'s UART output, and then configuring Hecate to operate in standalone mode and log that UART data to a file. Once we\'ve seen it in action, we\'ll step back for a bit of lecture about UART, what it\'s used for, and what we designed Hecate to be capable of. Armed with this knowledge, you\'ll dive into two more hands-on labs: a payload dropper that will playback a custom transaction and a simple detector that will signal an alert when it detects a pattern. We\'ll reconvene for a last bit of lecture on how to use some of Hecate\'s advanced features, before you dive into the final lab: implement a full implant-in-the-middle capable of modifying UART data in flight.

\n\n

Hecate makes developing embedded implants trivial, while remaining flexible enough for advanced research and rapid prototyping. You\'ll walk away with hands-on experience using the Hecate framework and a working understanding of what\'s possible with UART interception, manipulation, and exploitation

\n\nSpeakers:mx,Joe \"SecurelyFitz\" FitzPatrick,nyx
\n
\nSpeakerBio:  mx
\n

Maxie is an erstwhile cloud infrastructure engineer, formerly an SRE at Google Cloud Platform and others. She came to the world of hardware hacking and embedded devices first as a pleasant escape from the quotidian indignities of working in the cloud, and she stayed for the addictive aroma of flux fumes. She enjoys making ill-advised expansions to her homelab and spending evenings at her local hackerspace in Portland, OR.

\n\nSpeakerBio:  Joe \"SecurelyFitz\" FitzPatrick
\n

Joe FitzPatrick (@securelyfitz) is a trainer and researcher at SecuringHardware.com with a personal mission to make all hardware devices at least a bit more secure. He builds tools like Tigard and Erebus, and teaches Applied Hardware Attacks trainings to help people break - and secure - their hardware devices. His actual superpower is the ability to instantly end awkward conversational pauses if you ask him about BSides Portland, the CTRL-H Hackerspace, or drone taco delivery at ToorCamp.

\n\nSpeakerBio:  nyx
\n

nyx is a Portland-based hacker, engineer, and self-described cyberpunk. As an unwilling participant in the late-capitalist, mass-surveillance dystopia, he is passionate about digital privacy, data self-custody, and running his own infra. While voiding warranties has long been one of his favorite pastimes, he has lately been fortunate enough to do it professionally as well.

\n\n\n\'',NULL,1067488),('3_Saturday','10','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W231 (Workshops)','\'Hecate: A Trivial UART Tool\'','\'mx,Joe \"SecurelyFitz\" FitzPatrick,nyx\'','DEF CON Workshops_bc62c472f92ebacfa03c5357c4cffb25','\'\'',NULL,1067489),('3_Saturday','11','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W231 (Workshops)','\'Hecate: A Trivial UART Tool\'','\'mx,Joe \"SecurelyFitz\" FitzPatrick,nyx\'','DEF CON Workshops_bc62c472f92ebacfa03c5357c4cffb25','\'\'',NULL,1067490),('3_Saturday','12','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W231 (Workshops)','\'Hecate: A Trivial UART Tool\'','\'mx,Joe \"SecurelyFitz\" FitzPatrick,nyx\'','DEF CON Workshops_bc62c472f92ebacfa03c5357c4cffb25','\'\'',NULL,1067491),('3_Saturday','09','09:00','12:59','N','DEF CON Workshops','LVCCW Level 2 W228 (Workshops)','\'Step-by-Step Malware Development: Evading EDR from Loaders to the Kernel\'','\'Yu Terada,Kotaro \"@Decamark / @BinaryPoodle\" Osugi\'','DEF CON Workshops_57c46d5b288c27ea0d555367d285d3cb','\'Title: Step-by-Step Malware Development: Evading EDR from Loaders to the Kernel
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Saturday, Aug 8, 09:00 - 12:59 PDT
\nWhere: LVCCW Level 2 W228 (Workshops) - Map
\n
\nDescription:
\n

Endpoint Detection and Response (EDR) systems are key parts of modern security. This workshop provides a guide for custom malware development, C2 customization, defense evasion, and kernel exploitation. We will use Elastic Defend throughout the session. By analyzing detection logs and rules, we will understand what EDR monitors and why payloads are caught step by step.

\n\n

After a short overview of Windows defenses and EDR, we focus on malware development. Participants will implement typical malware techniques, such as APC Injection, Thread Hijacking, Fiber and Module Stomping in multiple languages. Next, we learn about call stack analysis. Attendees will implement Stack Spoofing and Indirect Syscalls to hide execution flows and bypass stack analysis.

\n\n

The workshop then moves to C2 customization using the Havoc C&C framework. By combining custom loaders with C2 source code modifications, participants will bypass static signatures, behavioral rules, and AI detection to successfully establish a C2 session.

\n\n

Finally, we’ll demonstrate the possibilities of Bring Your Own Vulnerable Driver (BYOVD) attacks for the post-exploitation phase. When we have access to the kernel space, we can take more aggressive measures. We’ll use some vulnerable drivers to kill or blind an EDR sensor itself.

\n\nSpeakers:Yu Terada,Kotaro \"@Decamark / @BinaryPoodle\" Osugi
\n
\nSpeakerBio:  Yu Terada
\n

Yu Terada is a security researcher and a red team consultant for Fujitsu. He worked as a SOC Analyst and CSIRT for over five years. In 2021, he joined the company as a Security Researcher. He is primarily involved in developing new attack methods and tools. He also participates in internal red team activities and cyber exercises.\nHe has spoken at Black Hat USA/Europe, BSides Las Vegas, Code Blue, and several conferences in Japan. He holds a Master\'s degree in Computer Science, as well as certifications including OSEP, OSCP, CRTL, CETP, ODPC, CISSP, GIAC, etc.

\n\nSpeakerBio:  Kotaro \"@Decamark / @BinaryPoodle\" Osugi
\n

Kotaro Osugi is a security researcher and a red team consultant who has his profession in reverse-engineering.\nHis research area includes malware analysis and binary exploitation.\nHe has given a speech at BHEU Arsenal about a tool for kernel exploitation.\nOSED and OSEE certified.

\n\n\n\'',NULL,1067492),('3_Saturday','10','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W228 (Workshops)','\'Step-by-Step Malware Development: Evading EDR from Loaders to the Kernel\'','\'Yu Terada,Kotaro \"@Decamark / @BinaryPoodle\" Osugi\'','DEF CON Workshops_57c46d5b288c27ea0d555367d285d3cb','\'\'',NULL,1067493),('3_Saturday','11','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W228 (Workshops)','\'Step-by-Step Malware Development: Evading EDR from Loaders to the Kernel\'','\'Yu Terada,Kotaro \"@Decamark / @BinaryPoodle\" Osugi\'','DEF CON Workshops_57c46d5b288c27ea0d555367d285d3cb','\'\'',NULL,1067494),('3_Saturday','12','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W228 (Workshops)','\'Step-by-Step Malware Development: Evading EDR from Loaders to the Kernel\'','\'Yu Terada,Kotaro \"@Decamark / @BinaryPoodle\" Osugi\'','DEF CON Workshops_57c46d5b288c27ea0d555367d285d3cb','\'\'',NULL,1067495),('3_Saturday','09','09:00','12:59','N','DEF CON Workshops','LVCCW Level 2 W222 (Workshops)','\'Wi-Fight Club: I am Jack\'s Evil Twin\'','\'James Hawk,Jon \"C4V3M4N\" Milkins,Brian Burnett\'','DEF CON Workshops_9681975a4c10f188de547cbb69b8e58d','\'Title: Wi-Fight Club: I am Jack\'s Evil Twin
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Saturday, Aug 8, 09:00 - 12:59 PDT
\nWhere: LVCCW Level 2 W222 (Workshops) - Map
\n
\nDescription:
\n

\'Wi-Fight Club: I am Jack\'s Evil Twin\' will teach you how to deploy rogue AP (Evil Twins) in your client\'s environment. Using rogue APs lets you test your client\'s Wireless Intrusion Detection System, passwords, wireless phishing education, and overall wireless security.

\n\n

We will discuss rogue AP Tactics, Techniques, and Procedures, and how / why they work. In this workshop you will set up a CAPTIVE PORTAL, WPA2, and 802.1x rogue AP. We will also go over OWE and WPA3-SAE transition mode attacks.

\n\n

We will walk through a scenario at a client\'s site, then set up a rogue AP to harvest user credentials for the various client networks. We will then crack the harvested credentials. We will finish up with a section on defense. We will be using EAPHAMMER, HOSTAPD-MANA, WIFIPHISHER, and AIRBASE-NG for the rogue AP section. HASHCAT, AIRCRACK-NG, and JOHN for the password cracking section. This workshop is for beginners, but participants should have basic Linux and 802.11 knowledge and be comfortable using virtual machines.

\n\nSpeakers:James Hawk,Jon \"C4V3M4N\" Milkins,Brian Burnett
\n
\nSpeakerBio:  James Hawk
\n

James Hawk (He/Him) is a Principal Consultant with Google Public Sector within Proactive Services. He is the wireless subject matter expert for his team. James has led and contributed to numerous assessments (Red Teams and pentests). He has developed internal training and tool updates for 802.11 for his company. James is a 20-year veteran of the U.S. Army and has over 10 years of hands-on experience in wireless technologies. James is constantly researching/testing 802.11 attacks against his home lab. He is a fan of hockey, LetterKenny, and almost anything sci-fi.

\n\nSpeakerBio:  Jon \"C4V3M4N\" Milkins
\n

Jon Milkins (He/Him) is a principal penetration tester focusing on all types of penetration tests from network-based to web applications and APIs to more recently wireless networks. He has developed training and pentest utilities throughout his career to help advance team capabilities. He is a former Army veteran and is attempting to curate small and efficient rulesets for Hashcat in his free time to aid in wireless hash cracking. In his free time, he enjoys playing and running TTRPGs like Delta Green, password cracking, and making hard cider.

\n\nSpeakerBio:  Brian Burnett
\n

Brian Burnett is the founder of Offensive Technical Solutions (OTS) where he conducts web-application, internal network, and cloud penetration tests. Prior to founding OTS, he served five years in the United States Army, followed by seven years supporting internal teams at Fortune 500 companies. Brian holds degrees in computer science, pentesting, theology, and Russian. He enjoys tinkering with his home lab, collecting certifications, and committing poorly written code. His hobbies include Brazilian Jiu-Jitsu, purchasing unnecessary power tools, and CrossFit.

\n\n\n\'',NULL,1067496),('3_Saturday','10','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W222 (Workshops)','\'Wi-Fight Club: I am Jack\'s Evil Twin\'','\'James Hawk,Jon \"C4V3M4N\" Milkins,Brian Burnett\'','DEF CON Workshops_9681975a4c10f188de547cbb69b8e58d','\'\'',NULL,1067497),('3_Saturday','11','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W222 (Workshops)','\'Wi-Fight Club: I am Jack\'s Evil Twin\'','\'James Hawk,Jon \"C4V3M4N\" Milkins,Brian Burnett\'','DEF CON Workshops_9681975a4c10f188de547cbb69b8e58d','\'\'',NULL,1067498),('3_Saturday','12','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W222 (Workshops)','\'Wi-Fight Club: I am Jack\'s Evil Twin\'','\'James Hawk,Jon \"C4V3M4N\" Milkins,Brian Burnett\'','DEF CON Workshops_9681975a4c10f188de547cbb69b8e58d','\'\'',NULL,1067499),('3_Saturday','09','09:00','12:59','N','DEF CON Workshops','LVCCW Level 2 W229 (Workshops)','\'Words As Weapons: Breaking AI and Agents; Then Securing Them\'','\'Pavan \"pavanreddysec\" Reddy\'','DEF CON Workshops_dc0fa0067c30caec39867e9a91849dad','\'Title: Words As Weapons: Breaking AI and Agents; Then Securing Them
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Saturday, Aug 8, 09:00 - 12:59 PDT
\nWhere: LVCCW Level 2 W229 (Workshops) - Map
\n
\nDescription:
\n

Most \"AI security\" talks stop at the slide that says \"prompt injection is bad.\" This workshop does the opposite. Attendees spend four hours inside a working, vulnerable production-style AI system - a mock car dealership backed by a real LLM, a real database, and real tool calls - and learn to break it, watch it break, then put it back together with defenses that actually hold.\nYou will: \n(1) manipulate prices and inventory using direct and indirect prompt injection, \n(2) reproduce an EchoLeak-style zero-click data exfiltration against a RAG pipeline, \n(3) execute a model-extraction attack against a deployed classifier, and \nEach of these modules will layer in defenses one at a time to see how the AI reacts. We close by mapping everything to OWASP LLM Top 10, OWASP Agentic Top 10, NIST AI RMF, and MITRE ATLAS.\nBuilt for red teamers handed AI in scope, blue teamers watching agents deploy faster than detections exist, AppSec engineers who used to own the API and now own a chat window, and developers curious what \"prompt injection\" looks like when it costs money. No prior AI-security background required.

\n\nSpeakerBio:  Pavan \"pavanreddysec\" Reddy
\n

Pavan Reddy is principal developer at Automata LLC, leading FIPS 140-3, FedRAMP ATO, and AI security initiatives. He is an independent AI security researcher and educator focused on making secure AI accessible at scale. He founded QBTrain, a free platform for hands-on AI and AI security education. His peer-reviewed work, published at AAAI, ACM, FLAIRS, HCII, ACSAC, and NeurIPS, spans adversarial ML, prompt injection, and foundation model vulnerabilities. He has delivered 25+ talks and workshops at BSides, OWASP, SquadCon, CAPWIC, ACM SIGCITE, NeurIPS Education, FLAIRS, CVPR 2026 and TechMentor at Microsoft HQ. He holds an MS in CS from George Washington University.

\n\n\n\'',NULL,1067500),('3_Saturday','10','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W229 (Workshops)','\'Words As Weapons: Breaking AI and Agents; Then Securing Them\'','\'Pavan \"pavanreddysec\" Reddy\'','DEF CON Workshops_dc0fa0067c30caec39867e9a91849dad','\'\'',NULL,1067501),('3_Saturday','11','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W229 (Workshops)','\'Words As Weapons: Breaking AI and Agents; Then Securing Them\'','\'Pavan \"pavanreddysec\" Reddy\'','DEF CON Workshops_dc0fa0067c30caec39867e9a91849dad','\'\'',NULL,1067502),('3_Saturday','12','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W229 (Workshops)','\'Words As Weapons: Breaking AI and Agents; Then Securing Them\'','\'Pavan \"pavanreddysec\" Reddy\'','DEF CON Workshops_dc0fa0067c30caec39867e9a91849dad','\'\'',NULL,1067503),('3_Saturday','14','14:00','17:59','N','DEF CON Workshops','LVCCW Level 2 W231 (Workshops)','\'Building Agentic Reverse Engineering \"Skills\"\'','\'John \"clearbluejar\" McIntosh\'','DEF CON Workshops_9b95fef97a6674af257fdd2837866096','\'Title: Building Agentic Reverse Engineering \"Skills\"
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Saturday, Aug 8, 14:00 - 17:59 PDT
\nWhere: LVCCW Level 2 W231 (Workshops) - Map
\n
\nDescription:
\n

Agentic reverse engineering blends interactive binary analysis with autonomous agent workflows. Building on workshops at REcon and DEF CON Singapore, this session introduces Agent Skills, structured bundles of instructions, scripts, and resources that coding agents discover and execute. Skills enable multi-step RE tasks with high accuracy and minimal prompting via workflow capture and progressive disclosure.

\n\n

Participants learn how coding agents operate through iterative loops (generate, execute, inspect, refine) and how Skills plug into these loops. The workshop is hands-on: attendees build a multi-platform driver-analysis Skill automating IOCTL enumeration, dispatch-flow analysis (Windows IRPs, Linux file ops, macOS IOKit), code-flow analysis, and workflow capture. A capstone challenge has participants build a second Skill from scratch.

\n\n

Supports Claude Code, OpenCode, Mistral Vibe, and pi. The instructor provides LLM inference for all attendees, so no paid API keys are required. Students may also use free inference tiers from OpenCode or similar providers.

\n\n

Attendees leave with practical experience to implement agentic RE Skills in their own workflows. Basic familiarity with RE concepts and a laptop with a coding agent installed is all that is needed.

\n\nSpeakerBio:  John \"clearbluejar\" McIntosh
\n

John McIntosh (@clearbluejar) is a security researcher and founder of ClearSecLabs, specializing in reverse engineering, vulnerability research, and AI-assisted binary analysis. He is the author of ghidriff, an open-source Ghidra-based binary diffing engine, and pyghidra-mcp, a headless Ghidra MCP server enabling LLM-driven, project-wide, multi-binary reverse engineering workflows. An active contributor to the Agent Skills ecosystem, John bridges deterministic analysis with AI-driven reasoning to accelerate vulnerability research. He has delivered training and workshops at DEF CON, Black Hat, REcon, Ringzer0, 44CON, Objective by the Sea, and Insomni\'hack, covering topics from practical Windows reverse engineering to building private local LLM RE stacks. His recent work includes the \"Agentic RE\" training at DEF CON Singapore 2026, the MCP Ghidra workshop at REcon 2025, and the \"Supercharging Ghidra\" LLM workshop at Ringzer0 COUNTERMEASURE 2025. With over a decade of offensive security experience, John publishes detailed research on reversing CVEs, building RE tooling, and agentic patch diffing at clearbluejar.github.io. His teaching emphasizes reproducibility, progressive skill-building, and contributor empowerment.

\n\n\n\'',NULL,1067504),('3_Saturday','15','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W231 (Workshops)','\'Building Agentic Reverse Engineering \"Skills\"\'','\'John \"clearbluejar\" McIntosh\'','DEF CON Workshops_9b95fef97a6674af257fdd2837866096','\'\'',NULL,1067505),('3_Saturday','16','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W231 (Workshops)','\'Building Agentic Reverse Engineering \"Skills\"\'','\'John \"clearbluejar\" McIntosh\'','DEF CON Workshops_9b95fef97a6674af257fdd2837866096','\'\'',NULL,1067506),('3_Saturday','17','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W231 (Workshops)','\'Building Agentic Reverse Engineering \"Skills\"\'','\'John \"clearbluejar\" McIntosh\'','DEF CON Workshops_9b95fef97a6674af257fdd2837866096','\'\'',NULL,1067507),('3_Saturday','14','14:00','17:59','N','DEF CON Workshops','LVCCW Level 2 W228 (Workshops)','\'Entra ID Persistence - Because Passwords Were Never the Problem\'','\'Raunak \"Trouble1\" Parmar,Chirag \"3xpl01tc0d3r\" Savla\'','DEF CON Workshops_0d632dd2fd73a18a1f58036cc8701936','\'Title: Entra ID Persistence - Because Passwords Were Never the Problem
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Saturday, Aug 8, 14:00 - 17:59 PDT
\nWhere: LVCCW Level 2 W228 (Workshops) - Map
\n
\nDescription:
\n

Modern enterprise security has shifted from network boundaries to identity, making Microsoft Entra ID a critical control plane and a prime target for persistence. While credential theft remains common, sophisticated attackers increasingly establish long-term access through identity-layer backdoors that survive password resets and evade traditional monitoring.

\n\n

We will explore how attackers achieve durable persistence in Microsoft Entra ID by abusing service principals, federated identities, passwordless authentication methods, and device trust relationships. The session highlights techniques that remain effective even after common remediation actions like credential rotation and MFA enforcement. Through guided, hands-on scenarios, participants will simulate these identity-layer persistence techniques and understand their real-world impact demonstrating how adversaries integrate into legitimate identity workflows to maintain covert, long-term access without raising immediate suspicion.

\n\n

Participants will step into the role of an adversary and explore how persistence is established and maintained inside Microsoft Entra ID. Rather than focusing on theory, this workshop breaks down real-world attack paths used to retain access beyond initial compromise highlighting techniques that survive password resets, MFA enforcemen

\n\nSpeakers:Raunak \"Trouble1\" Parmar,Chirag \"3xpl01tc0d3r\" Savla
\n
\nSpeakerBio:  Raunak \"Trouble1\" Parmar
\n

Raunak Parmar works as a senior cloud security engineer at White Knight Labs with 6+ years of experience. His areas of interest include web penetration testing, Azure/AWS security, source code review, scripting, and development. He enjoys researching new attack methodologies and creating open-source tools that can be used during cloud red team activities. He has worked extensively on Azure and AWS and is the author of Vajra, AzDevRecon and MsCodePhish. He has spoken at multiple respected security conferences like Black Hat, Defcon, Nullcon, RootCon, HackspaceCon, NorthSec, LeHack , etc and also at local meetups.

\n\nSpeakerBio:  Chirag \"3xpl01tc0d3r\" Savla
\n

Chirag Savla is a Cyber Security professional with 10+ years of experience. His areas of interest include penetration testing, red teaming, azure and active directory security, and post-exploitation research. He prefers to create open-source tools and explore new attack methodologies in his leisure. He has worked extensively on Azure, Active Directory attacks, defense, and bypassing detection mechanisms. He is an author of multiple Open Source tools such as Process Injection, Callidus, etc. He has presented at multiple conferences and local meetups and has trained people in international conferences like Blackhat, BSides Milano, Wild West Hackin’ Fest.

\n\n\n\'',NULL,1067508),('3_Saturday','15','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W228 (Workshops)','\'Entra ID Persistence - Because Passwords Were Never the Problem\'','\'Raunak \"Trouble1\" Parmar,Chirag \"3xpl01tc0d3r\" Savla\'','DEF CON Workshops_0d632dd2fd73a18a1f58036cc8701936','\'\'',NULL,1067509),('3_Saturday','16','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W228 (Workshops)','\'Entra ID Persistence - Because Passwords Were Never the Problem\'','\'Raunak \"Trouble1\" Parmar,Chirag \"3xpl01tc0d3r\" Savla\'','DEF CON Workshops_0d632dd2fd73a18a1f58036cc8701936','\'\'',NULL,1067510),('3_Saturday','17','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W228 (Workshops)','\'Entra ID Persistence - Because Passwords Were Never the Problem\'','\'Raunak \"Trouble1\" Parmar,Chirag \"3xpl01tc0d3r\" Savla\'','DEF CON Workshops_0d632dd2fd73a18a1f58036cc8701936','\'\'',NULL,1067511),('3_Saturday','14','14:00','17:59','N','DEF CON Workshops','LVCCW Level 2 W229 (Workshops)','\'From Prompt to PWN: Exploiting LLM Powered Web Applications with OWASP Techniques\'','\'Abhinav Verma\'','DEF CON Workshops_bad8a21d635d04fa59d2284858f65580','\'Title: From Prompt to PWN: Exploiting LLM Powered Web Applications with OWASP Techniques
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Saturday, Aug 8, 14:00 - 17:59 PDT
\nWhere: LVCCW Level 2 W229 (Workshops) - Map
\n
\nDescription:
\n

This hands-on workshop explores the offensive security of AI-powered applications where Large Language Models connect to real tools via MCP (Model Context Protocol) servers. Over four hours, participants attack 11 purpose-built AI agents across 9 exercises, exploiting vulnerabilities mapped to the OWASP Top 10 for LLM Applications 2025.

\n\n

You will perform prompt injection (direct and indirect via RAG poisoning), force AI agents to generate malicious SQL/NoSQL queries through MCP tool interfaces, chain path traversal and SSRF through tool-calling parameters, abuse excessive agency via MCP-exposed CRUD operations, trigger stored XSS through LLM output, and achieve remote code execution via a poisoned supply chain, all through natural language conversation.

\n\n

This workshop is ideal for red teamers, penetration testers, security engineers, and developers building with LLMs. No prior AI or ML experience is required; every technique is demonstrated before the hands-on lab. Just bring a laptop with a browser.

\n\n

You walk away with practical experience exploiting 93 attack objectives against live LLM agents, a clear understanding of how traditional web vulnerabilities are amplified through AI tool-calling architectures, and the instincts to spot these risks in your own AI deployments.

\n\nSpeakerBio:  Abhinav Verma
\n

Abhinav Verma is a Senior Staff Security Engineer at Intuit Inc. with 15+ years of experience across AI security, offensive security, red teaming, product security, and security operations. He currently leads AI security architecture reviews, AI penetration testing, and vulnerability management programs, with a focus on AI security, AI threat modeling, and securing large-scale cloud platforms.

\n\n

Over the course of his career at Intuit, he has built security automation, scaled continuous security scanning across thousands of assets, led secure design reviews for platforms serving millions of customers, and developed secure coding programs that have helped thousands of engineers shift security left. Abhinav was formerly an independent security researcher and has identified and reported vulnerabilities in numerous major online services and technology companies.

\n\n

He holds certifications including OSEP, OSCP, OSWP, GWAPT and CEH. Outside of work, Abhinav is a passionate gamer, a trained chef, an avid camper, and a mentor to aspiring offensive security practitioners.

\n\n\n\'',NULL,1067512),('3_Saturday','15','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W229 (Workshops)','\'From Prompt to PWN: Exploiting LLM Powered Web Applications with OWASP Techniques\'','\'Abhinav Verma\'','DEF CON Workshops_bad8a21d635d04fa59d2284858f65580','\'\'',NULL,1067513),('3_Saturday','16','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W229 (Workshops)','\'From Prompt to PWN: Exploiting LLM Powered Web Applications with OWASP Techniques\'','\'Abhinav Verma\'','DEF CON Workshops_bad8a21d635d04fa59d2284858f65580','\'\'',NULL,1067514),('3_Saturday','17','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W229 (Workshops)','\'From Prompt to PWN: Exploiting LLM Powered Web Applications with OWASP Techniques\'','\'Abhinav Verma\'','DEF CON Workshops_bad8a21d635d04fa59d2284858f65580','\'\'',NULL,1067515),('3_Saturday','14','14:00','17:59','N','DEF CON Workshops','LVCCW Level 2 W222 (Workshops)','\'Hands-on DuckyScript: An Introduction to HID Attack Tools with O.MG Devices\'','\'wasabi,Ø1,Tokugero\'','DEF CON Workshops_ead0f37c0e8c79ef519012fcd80e1425','\'Title: Hands-on DuckyScript: An Introduction to HID Attack Tools with O.MG Devices
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Saturday, Aug 8, 14:00 - 17:59 PDT
\nWhere: LVCCW Level 2 W222 (Workshops) - Map
\n
\nDescription:
\n

\"Don\'t plug in devices you don\'t trust.\" It\'s one of the most repeated pieces of security advice in the\nindustry. What actually happens when a malicious USB device is plugged in? How does it work? This hands-on, four-hour workshop answers those questions by putting the tools directly in attendees\'\nhands. Using O.MG Devices and the DuckyScript v3 scripting language, participants will learn the\nfundamentals of Human Interface Device (HID) attacks from the ground up. Starting from USB protocol basics all the way through real payload design, delivery strategy, and advanced techniques including wireless triggering, C2 integration, and air-gapped exfiltration (using HIDX StealthLink). The class is beginner-friendly and builds progressively: no prior red teaming experience is required. Only a DuckyScript v3 device is required. Attendees will leave with working scripts, a framework for payload design, and an\nunderstanding of what attackers and defenders need to look for. We will cover OpSec, detection (and evasion), and how accessibility-first design thinking can make both attackers and defenders more effective.

\n\nSpeakers:wasabi,Ø1,Tokugero
\n
\nSpeakerBio:  wasabi
\n

wasabi is a researcher, tinkerer, and professor of cybersecurity whose work spans IoT and embedded\nsystems, cloud infrastructure, and offensive tooling. Their research focuses on uncovering systemic weaknesses across modern embedded environments, with an emphasis on practical exploitation and defensive resilience. When not tinkering, wasabi spends most of his time outdoors in nature.

\n\nSpeakerBio:  Ø1
\n

Ø1 is a seasoned offensive security professional who turned a lifelong passion into a dynamic career. Beginning as a machine operator, he transitioned into the world of cybersecurity, where he has since traveled globally, conducting and leading numerous penetration tests and red team engagements. With a wealth of hands-on experience, he excels at identifying vulnerabilities and strengthening defenses for organizations worldwide. In 2022, he joined the O.MG team, balancing this role alongside his primary job to contribute to product testing, documentation, tooling, and customer support.\nBeyond his professional pursuits, √ò1 is a devoted cat father with a love for guns, cars, BBQ, and gardening.

\n\nSpeakerBio:  Tokugero
\n

Tokugero is a Site Reliability Engineer and Cloud Architect focused on incident response, operations engineering, and running resilient infrastructure at scale. He works across the full ops stack — from system design and automation to the messy realities of keeping production healthy.

\n\n\n\'',NULL,1067516),('3_Saturday','15','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W222 (Workshops)','\'Hands-on DuckyScript: An Introduction to HID Attack Tools with O.MG Devices\'','\'wasabi,Ø1,Tokugero\'','DEF CON Workshops_ead0f37c0e8c79ef519012fcd80e1425','\'\'',NULL,1067517),('3_Saturday','16','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W222 (Workshops)','\'Hands-on DuckyScript: An Introduction to HID Attack Tools with O.MG Devices\'','\'wasabi,Ø1,Tokugero\'','DEF CON Workshops_ead0f37c0e8c79ef519012fcd80e1425','\'\'',NULL,1067518),('3_Saturday','17','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W222 (Workshops)','\'Hands-on DuckyScript: An Introduction to HID Attack Tools with O.MG Devices\'','\'wasabi,Ø1,Tokugero\'','DEF CON Workshops_ead0f37c0e8c79ef519012fcd80e1425','\'\'',NULL,1067519),('3_Saturday','14','14:00','17:59','N','DEF CON Workshops','LVCCW Level 2 W230 (Workshops)','\'Intro to Writing Windows Malware with Rust!\'','\'iDigitalFlame,Daniel Bravo\'','DEF CON Workshops_cc412b89b7afd15edbd59bcc43919896','\'Title: Intro to Writing Windows Malware with Rust!
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Saturday, Aug 8, 14:00 - 17:59 PDT
\nWhere: LVCCW Level 2 W230 (Workshops) - Map
\n
\nDescription:
\n

In the Information Security news space, we often hear about the cool malware and\ntools nation states and APTs develop. While there are many tools out there that\n\"do the thing\", have you ever wonder how it \"does the thing\"? Instead of just\nusing tools and scripts that sound cool, why not make them?

\n\n

Using the Rust programming language, you\'ll be taken step-by-step into\nbuilding your own Windows malware! We\'ll break down the process and work our\nway into more complex tasks. From a simple, no-imports binary we\'ll slowly work\ninto loading and executing Windows API functions without ever calling\n\"LoadLibrary\" or \"GetProcAddress\" while not touching a single Rust \"std::*\"\nfunction or importing any extra crates!

\n\n

You\'ll be introduced into Windows concepts like the Process Environment Block (PEB),\nthe Thread Environment Block (TEB) and how we can use them to our advantage! At\nthe end of this workshop, you\'ll be able to build binaries without any imports\nwhile doing fun tricks like shellcode injection!

\n\n

Some of the topics we\'ll touch on are:

\n\n
    \n
  • Assembly!
  • \n
  • Rust Allocators
  • \n
  • Windows Structs
  • \n
  • API Function Calls
  • \n
  • Binary File Inspection
  • \n
\n\nSpeakers:iDigitalFlame,Daniel Bravo
\n
\nSpeakerBio:  iDigitalFlame
\n

iDigitalFlame is an experienced security researcher that uses his programming skills to expand his abilities and provide teams with the tools needed to complete any engagement. Outside of work, his passion for open source and knowledge sharing has led to the creation of many unique tools and resources. iDigitalFlame also uses his skills to help power many CTFs, including the ProsVJoes CTF at BSidesLV, where he leads the Red Team and provides the platform for Red operations. iDigitalFlame has spoken before at BSidesDE and BSidesLV about cool things learnt in his research like AV evasion or releases open source software like ThunderStorm, a custom C2 platform used in many CTFs he operates in.

\n\nSpeakerBio:  Daniel Bravo
\n

Daniel is a self-taught programmer who later earned a B.S. in Computer Science from the University of Maryland. He likes to understand how software works by decompiling binaries and reverse engineering APIs, whether they were meant to be understood or not. Daniel also enjoys working on geospatial projects and web scraping tools, particularly extracting and reconstructing data from mobile platforms. His other interests also include compiler theory, automated reasoning, and verification-aware languages.

\n\n\n\'',NULL,1067520),('3_Saturday','15','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W230 (Workshops)','\'Intro to Writing Windows Malware with Rust!\'','\'iDigitalFlame,Daniel Bravo\'','DEF CON Workshops_cc412b89b7afd15edbd59bcc43919896','\'\'',NULL,1067521),('3_Saturday','16','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W230 (Workshops)','\'Intro to Writing Windows Malware with Rust!\'','\'iDigitalFlame,Daniel Bravo\'','DEF CON Workshops_cc412b89b7afd15edbd59bcc43919896','\'\'',NULL,1067522),('3_Saturday','17','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W230 (Workshops)','\'Intro to Writing Windows Malware with Rust!\'','\'iDigitalFlame,Daniel Bravo\'','DEF CON Workshops_cc412b89b7afd15edbd59bcc43919896','\'\'',NULL,1067523),('3_Saturday','14','14:00','17:59','N','DEF CON Workshops','LVCCW Level 2 W232 (Workshops)','\'Learning to Reverse Engineer Compiled C as We Learn to Write It\'','\'Wesley McGrew\'','DEF CON Workshops_9577306b75d1de04e7c77d623c7ba1eb','\'Title: Learning to Reverse Engineer Compiled C as We Learn to Write It
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Saturday, Aug 8, 14:00 - 17:59 PDT
\nWhere: LVCCW Level 2 W232 (Workshops) - Map
\n
\nDescription:
\nSoftware reverse engineering is a fundamental skill: a prerequisite
\nto engaging with many fields of study in computer security that depend
\non low-level knowledge. Malware analysis, vulnerability research,
\noffensive tool development, and digital forensics all involve the
\nanalysis of code which has been compiled, obfuscated, or otherwise
\nstripped of useful names, data types, comments, and other
\nhuman-readable information. Without the ability to read disassembled
\ncode, you will not be able to understand code that your computer will
\nhappily execute.
\n\n

In this workshop, I will guide you through learning to read\ndisassembled code while you learn C. We will progress through the C\nprogramming language\'s constructs with as few assumptions as possible\nabout your background, and at each stage we will reverse engineer the\ncompiler\'s output in Ghidra and trace through with a debugger to\nunderstand the generated code. You do not need any prior experience in\nprogramming.

\n\n

I will also be demonstrating useful techniques for using\nlocally-hosted large language models to aid in the learning process.\nUse AI to improve your own skillset, rather than using it to do the\nwork for you.

\n\nSpeakerBio:  Wesley McGrew
\n

Dr. Wesley McGrew directs research, development, reverse engineering, and offensive cyber operations as Senior Cybersecurity Fellow for MartinFederal. He has presented at DEF CON and Black Hat USA on topics of penetration testing, malware analysis, critical infrastructure, and vintage computing, and has taught self-designed courses on reverse engineering and cyber operations at Mississippi State University. Wesley has a Ph.D. in Computer Science from Mississippi State University for his research in vulnerability analysis of SCADA HMI systems. He has entertained audiences at many DEF CON parties as a house music DJ, as well.

\n\n\n\'',NULL,1067524),('3_Saturday','15','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W232 (Workshops)','\'Learning to Reverse Engineer Compiled C as We Learn to Write It\'','\'Wesley McGrew\'','DEF CON Workshops_9577306b75d1de04e7c77d623c7ba1eb','\'\'',NULL,1067525),('3_Saturday','16','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W232 (Workshops)','\'Learning to Reverse Engineer Compiled C as We Learn to Write It\'','\'Wesley McGrew\'','DEF CON Workshops_9577306b75d1de04e7c77d623c7ba1eb','\'\'',NULL,1067526),('3_Saturday','17','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W232 (Workshops)','\'Learning to Reverse Engineer Compiled C as We Learn to Write It\'','\'Wesley McGrew\'','DEF CON Workshops_9577306b75d1de04e7c77d623c7ba1eb','\'\'',NULL,1067527),('3_Saturday','14','14:00','17:59','N','DEF CON Workshops','LVCCW Level 2 W225 (Workshops)','\'Purple Teaming Industrial Control Systems\'','\'Arnaud SOULLIE,Alexandrine TORRENTS\'','DEF CON Workshops_16b57642176291640ea8c554c8f12aaa','\'Title: Purple Teaming Industrial Control Systems
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Saturday, Aug 8, 14:00 - 17:59 PDT
\nWhere: LVCCW Level 2 W225 (Workshops) - Map
\n
\nDescription:
\n

Security monitoring is often presented as the silver bullet for Industrial Control System (ICS) security — but how effective is it against realistic adversaries?\nIn this 4-hour, hands-on workshop, participants will use CALDERA, the open-source adversary emulation framework, to conduct purple-team exercises against simulated & live industrial environments. Attendees will simulate real-world IT and OT attacks, observe what is (and is not) detected across EDR, logs, and network monitoring, and map results to MITRE ATT&CK for ICS.\nRather than focusing on exploitation alone, this workshop teaches a repeatable methodology to assess detection coverage, identify OT blind spots, and improve monitoring strategies. Participants leave with concrete techniques they can apply in their own environments — from tabletop exercises to continuous detection testing.

\n\nSpeakers:Arnaud SOULLIE,Alexandrine TORRENTS
\n
\nSpeakerBio:  Arnaud SOULLIE
\n

Arnaud Soullie is a Senior Manager at Wavestone. He has over 15 years of experience in security assessments and penetration testing, with 10 years specializing in Industrial Control Systems cybersecurity. He has delivered talks and workshops at DEF CON, Black Hat Europe, BruCON, CS3STHLM, BSides Las Vegas, and others. He is the creator of the DYODE open-source data diode project and has been teaching ICS cybersecurity since 2015.

\n\nSpeakerBio:  Alexandrine TORRENTS
\n

Alexandrine Torrents is a cybersecurity expert at Wavestone. She started as a penetration tester, and then specialized in OT cybersecurity. She is IEC 62443 certified. She performed dozens of OT cybersecurity assessments across various industries & worked on OT models to perform attacks on PLCs & SCADA systems. Alexandrine also helps secure OT both at technical & organization levels: secure architecture, system hardening, IAM, cyber resilience, detection, governance, awareness & training, risk assessment, cyber by design, etc. Alexandrine works with different CISOs on their OT cybersecurity roadmaps & programs at different scales of large industrial companies: site, business units, Group with worldwide scope. Alexandrine also gives training on OT cybersecurity.

\n\n\n\'',NULL,1067528),('3_Saturday','15','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W225 (Workshops)','\'Purple Teaming Industrial Control Systems\'','\'Arnaud SOULLIE,Alexandrine TORRENTS\'','DEF CON Workshops_16b57642176291640ea8c554c8f12aaa','\'\'',NULL,1067529),('3_Saturday','16','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W225 (Workshops)','\'Purple Teaming Industrial Control Systems\'','\'Arnaud SOULLIE,Alexandrine TORRENTS\'','DEF CON Workshops_16b57642176291640ea8c554c8f12aaa','\'\'',NULL,1067530),('3_Saturday','17','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W225 (Workshops)','\'Purple Teaming Industrial Control Systems\'','\'Arnaud SOULLIE,Alexandrine TORRENTS\'','DEF CON Workshops_16b57642176291640ea8c554c8f12aaa','\'\'',NULL,1067531),('3_Saturday','14','14:00','17:59','N','DEF CON Workshops','LVCCW Level 2 W233 (Workshops)','\'Salesforce Apex Predator: Breaking Salesforce Sites\'','\'Nitay Bachrach,Cynthia Ardman\'','DEF CON Workshops_c487c36cc7cc08a7ac6fcf0a1dfb5e03','\'Title: Salesforce Apex Predator: Breaking Salesforce Sites
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Saturday, Aug 8, 14:00 - 17:59 PDT
\nWhere: LVCCW Level 2 W233 (Workshops) - Map
\n
\nDescription:
\n

Salesforce Sites are one of the most under-tested attack surfaces in enterprise security. When pentesters encounter them, most skip past - the Aura framework doesn\'t behave like a standard web application, and standard web testing techniques don\'t apply. Salesforce sites run on proprietary frameworks (Aura and LWR) with their own API surfaces, access models, and injection patterns. In March 2026, ShinyHunters demonstrated what that blind spot costs: sensitive data exfiltrated from hundreds of organizations through sites no one had tested.

\n\n

This workshop teaches pentesters and red teamers a complete offensive methodology for Salesforce Experience Sites, going well past the record enumeration that makes up most public guidance on the topic.

\n\n

Attendees will enumerate objects and dump records via the Aura API, then learn to identify and invoke custom Apex controllers running in system mode - controllers that bypass standard access management mechanisms, and which are surprisingly common and criminally underexplored. We cover SOQL injection in depth: why normal SQL injection tests fail, and how to exploit it. We cover deterministic route enumeration as an unauthenticated user, and LWR sites - Salesforce\'s next-generation framework - including the release of LWRed, a new open-source scanner built specifically for them.

\n\nSpeakers:Nitay Bachrach,Cynthia Ardman
\n
\nSpeakerBio:  Nitay Bachrach
\n

Nitay Bachrach is a security researcher at Reco (Tel Aviv, Israel) specializing in offensive security research against enterprise SaaS platforms. He is a pioneer in Salesforce offensive security: he published new exploitation methods for the Aura framework, discovered the Einstein Wormhole vulnerability and a Public Link exploitation technique in Salesforce\'s platform, and identified and responsibly disclosed critical vulnerabilities in dozens of major Salesforce deployments. His research extends to Okta, GCP, and other enterprise platforms. He spoke at Insomni\'hack on \"Neo4jection\" - novel graph injection techniques against Neo4j. In May 2026, he is running a Salesforce-focused CTF event in Tel Aviv. The LWR exploitation methodology and LWRed tool premiering at this workshop represent previously unpublished research from original work on Salesforce\'s next-generation Experience Site framework.

\n\nSpeakerBio:  Cynthia Ardman
\n

Cynthia has spent 10+ years making life harder for attackers. She currently builds threat detection at Reco, and previously did the same at AppOmni, AWS, and Snowflake, places where \"the blast radius\" isn\'t a metaphor. At AWS she developed MITRE ATT&CK-mapped detection for corporate infrastructure, partnered with the Red Team to close gaps they found, and led a project that knocked hacking tool presence down by 30%. At Snowflake she ran blue team ops and built the SQL-based alerting pipeline from scratch. At StubHub she hunted down an active intrusion by tracing logs across systems and performed the root cause analysis so it wouldn\'t happen twice. She came up through desktop support, building Linux blade servers and remediating malware on customer machines, the kind of work that teaches you what actually breaks. CISSP. Splunk ES Admin. Writes Python when she has to and JSONata when nobody\'s looking.

\n\n\n\'',NULL,1067532),('3_Saturday','15','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W233 (Workshops)','\'Salesforce Apex Predator: Breaking Salesforce Sites\'','\'Nitay Bachrach,Cynthia Ardman\'','DEF CON Workshops_c487c36cc7cc08a7ac6fcf0a1dfb5e03','\'\'',NULL,1067533),('3_Saturday','16','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W233 (Workshops)','\'Salesforce Apex Predator: Breaking Salesforce Sites\'','\'Nitay Bachrach,Cynthia Ardman\'','DEF CON Workshops_c487c36cc7cc08a7ac6fcf0a1dfb5e03','\'\'',NULL,1067534),('3_Saturday','17','14:00','17:59','Y','DEF CON Workshops','LVCCW Level 2 W233 (Workshops)','\'Salesforce Apex Predator: Breaking Salesforce Sites\'','\'Nitay Bachrach,Cynthia Ardman\'','DEF CON Workshops_c487c36cc7cc08a7ac6fcf0a1dfb5e03','\'\'',NULL,1067535),('4_Sunday','09','09:00','12:59','N','DEF CON Workshops','LVCCW Level 2 W222 (Workshops)','\'Attacking Cloud APIs from the IoT Edge\'','\'Rodney \"BenevolentWorm\" Beede\'','DEF CON Workshops_046d54909dc84f12c1f3b7aebdab3603','\'Title: Attacking Cloud APIs from the IoT Edge
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Sunday, Aug 9, 09:00 - 12:59 PDT
\nWhere: LVCCW Level 2 W222 (Workshops) - Map
\n
\nDescription:
\n

This course covers attacking the cloud REST APIs and IoT provider (cloud customer responsibility) configurations to demonstrate data exfiltration, remote code execution, and lateral movement. Hands-on experience with using an already compromised, simulated IoT device as well as navigating pen testing (fuzzing) of the common protocols (i.e. MQTT, HTTP) will be covered.

\n\n

Workshop goal\nTeach students practical, repeatable techniques to observe, extract, and abuse cloud API credentials and logic from the vantage of a compromised IoT device. Students will leave able to enumerate device‚Üícloud flows, extract tokens, fuzz REST/MQTT endpoints, and demonstrate controlled lateral movement inside an isolated cloud tenant.

\n\nSpeakerBio:  Rodney \"BenevolentWorm\" Beede
\n

Rodney is an offensive security red team pen tester. He has specialized in cloud, web, and IoT security for over 18 years. He has spoken at multiple conferences (BSides, Def Con, Black Hat) on topics ranging from cloud security engineering to IoT device hacking. Rodney has been accredited with multiple CVEs for web vulnerabilities in products such as Wi-Fi hardware and security appliances. He started his career in enterprise web application software development but shifted to the security industry with this master\'s thesis research project \"A Framework for Benevolent Computer Worms\" 2012. Website: https://www.rodneybeede.com/curriculum%20vitae/bio.html

\n\n\n\'',NULL,1067536),('4_Sunday','10','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W222 (Workshops)','\'Attacking Cloud APIs from the IoT Edge\'','\'Rodney \"BenevolentWorm\" Beede\'','DEF CON Workshops_046d54909dc84f12c1f3b7aebdab3603','\'\'',NULL,1067537),('4_Sunday','11','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W222 (Workshops)','\'Attacking Cloud APIs from the IoT Edge\'','\'Rodney \"BenevolentWorm\" Beede\'','DEF CON Workshops_046d54909dc84f12c1f3b7aebdab3603','\'\'',NULL,1067538),('4_Sunday','12','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W222 (Workshops)','\'Attacking Cloud APIs from the IoT Edge\'','\'Rodney \"BenevolentWorm\" Beede\'','DEF CON Workshops_046d54909dc84f12c1f3b7aebdab3603','\'\'',NULL,1067539),('4_Sunday','09','09:00','12:59','N','DEF CON Workshops','LVCCW Level 2 W225 (Workshops)','\'Building your own hardware hacking kit to Pentest Bluetooth, WIFI, and more.\'','\'Dallas\'','DEF CON Workshops_47c5740b95a6f48f711b148d55f15d4b','\'Title: Building your own hardware hacking kit to Pentest Bluetooth, WIFI, and more.
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Sunday, Aug 9, 09:00 - 12:59 PDT
\nWhere: LVCCW Level 2 W225 (Workshops) - Map
\n
\nDescription:
\n

You will receive a free hardware kit, documentation, and class introduction to the same hardware configuration used by hundreds of hacking hardware tools as their main core.\nWe will cover Wifi Hacking on both 2 and 5ghz, Bluetooth hacking, packet capture, Flipper interface (bring yours if you have one), Sensor integration (also included), Mesh networking, point to point communications and more.\nRequirements: Laptop, Fully charged, USB-A interface, Windows OS (we will discuss MAC and Linux, but you will need to have knowledge and permissions to install tools).\nYou can attend without above and still get kit, but it will not be hands on. All information will be published after the workshop if you don’t have a laptop.\nYou will get a modern ESP32, Sensor, breadboard, USB cable, wires and more during the workshop.

\n\nSpeakerBio:  Dallas
\n

Dallas has been involved in hacking since early teens, which translates to sometime in the 80’s. Mentored by Satellite and Ham hackers, has been involved in a few organizations including all levels of government, 3 letter agencies, serving as Chief security officer, CISO, and technical manager of multiple world-wide organizations. Banking, Energy, Space, Telecom, Government and manufacturing. Elected, re-elected, served and got the trophy. OG Considered an expert in Pen testing, variety of related and unrelated technology – occasionally serving 15+ years as a Defcon security goon, and around 10 for B-sides organizations. Alexa Park being his first Defcon. Mostly bored, but thinks AI is kind of fun and enjoys giving back to the community. Doing his best to not get arrested, and share knowledge with those interested in seeking it.

\n\n\n\'',NULL,1067540),('4_Sunday','10','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W225 (Workshops)','\'Building your own hardware hacking kit to Pentest Bluetooth, WIFI, and more.\'','\'Dallas\'','DEF CON Workshops_47c5740b95a6f48f711b148d55f15d4b','\'\'',NULL,1067541),('4_Sunday','11','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W225 (Workshops)','\'Building your own hardware hacking kit to Pentest Bluetooth, WIFI, and more.\'','\'Dallas\'','DEF CON Workshops_47c5740b95a6f48f711b148d55f15d4b','\'\'',NULL,1067542),('4_Sunday','12','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W225 (Workshops)','\'Building your own hardware hacking kit to Pentest Bluetooth, WIFI, and more.\'','\'Dallas\'','DEF CON Workshops_47c5740b95a6f48f711b148d55f15d4b','\'\'',NULL,1067543),('4_Sunday','09','09:00','12:59','N','DEF CON Workshops','LVCCW Level 2 W230 (Workshops)','\'CI/CD Weaponization: Build It, Deploy It, Own It\'','\'Ricardo Sanchez,Daniel Malvaceda\'','DEF CON Workshops_2a9d3e3ecccaa18c019519107e131a87','\'Title: CI/CD Weaponization: Build It, Deploy It, Own It
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Sunday, Aug 9, 09:00 - 12:59 PDT
\nWhere: LVCCW Level 2 W230 (Workshops) - Map
\n
\nDescription:
\n

GitHub Actions has become the de facto automation layer for modern software, and the de facto attack surface. In 2025, a single compromised Action leaked secrets across 23,000 repositories. One year later, the TeamPCP group ran the same playbook at scale by compromising Trivy\'s actions. Different victims, same root cause: a CI/CD pipeline that trusted what it shouldn\'t.

\n\n

In this hands-on workshop, participants will build a complete end-to-end attack chain in a controlled lab environment, emulating adversary TTPs observed in recent GitHub Actions breaches. From initial access through malicious workflow manipulation to secret exfiltration, each phase is paired with detection and analysis techniques to bridge offensive and defensive perspectives.

\n\n

Whether you\'re on a red or purple team looking to simulate attacker behavior, or part of a blue team (AppSec or DevSecOps) aiming to harden CI/CD pipelines, this workshop delivers practical, real-world skills grounded in today’s evolving threat landscape.

\n\nSpeakers:Ricardo Sanchez,Daniel Malvaceda
\n
\nSpeakerBio:  Ricardo Sanchez
\n

Ricardo Sanchez is an accomplished cybersecurity professional with a passion for empowering others through knowledge sharing. He has built his career designing and implementing innovative technology strategies for threat intelligence, detection engineering, and threat hunting to combat evolving cyber threats.\nCurrently, Ricardo leads the Application Security (AppSec) practice at a leading insurance company in Peru, where he works closely with DevSecOps teams to enhance security across the software development lifecycle (SDLC) and supply chain.\nCommitted to lifelong learning, Ricardo thrives on analyzing malware and staying at the forefront of cybersecurity advancements.

\n\nSpeakerBio:  Daniel Malvaceda
\n

Daniel Malvaceda is a security architect who spends most of his time figuring out how CI/CD pipelines and supply chains actually fail, then writes it up so others don\'t have to learn it the hard way. Lately he\'s also poking at AI/LLM agents, since pipelines aren\'t the only thing shipping untrusted code anymore. He co-founded pipebreach.com, where real-world supply chain attacks get reproduced, dissected, and written up for everyone else. He also co-organizes the DevSecOps village at Ekoparty (Argentina and Miami), and has dragged these same topics to stages at Ekoparty, DevOps Days, and 8.8 Security Conference. If a pipeline can be weaponized, he wants to know about it first.

\n\n\n\'',NULL,1067544),('4_Sunday','10','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W230 (Workshops)','\'CI/CD Weaponization: Build It, Deploy It, Own It\'','\'Ricardo Sanchez,Daniel Malvaceda\'','DEF CON Workshops_2a9d3e3ecccaa18c019519107e131a87','\'\'',NULL,1067545),('4_Sunday','11','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W230 (Workshops)','\'CI/CD Weaponization: Build It, Deploy It, Own It\'','\'Ricardo Sanchez,Daniel Malvaceda\'','DEF CON Workshops_2a9d3e3ecccaa18c019519107e131a87','\'\'',NULL,1067546),('4_Sunday','12','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W230 (Workshops)','\'CI/CD Weaponization: Build It, Deploy It, Own It\'','\'Ricardo Sanchez,Daniel Malvaceda\'','DEF CON Workshops_2a9d3e3ecccaa18c019519107e131a87','\'\'',NULL,1067547),('4_Sunday','09','09:00','12:59','N','DEF CON Workshops','LVCCW Level 2 W232 (Workshops)','\'Creating Shellcode for Hackers\'','\'Bramwell \"Bw3ll\" Brizendine,Austin \"quantumite\" Norby,Micah Flack\'','DEF CON Workshops_7f30d3ec8e062524d823f5f9b88bf030','\'Title: Creating Shellcode for Hackers
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Sunday, Aug 9, 09:00 - 12:59 PDT
\nWhere: LVCCW Level 2 W232 (Workshops) - Map
\n
\nDescription:
\n

Creating shellcode is for the brave! This workshop takes a modern approach to the time-honored tradition of Windows shellcode creation. Intended for those with intermediate to advanced knowledge, we will refresh x86 assembly and cover Windows internals.

\n\n

You will create Win32/WoW64 shellcode with NASM before moving onto intermediate, multi-API shellcode. Along the way, we will cover GetPC, position independence, bad characters, calling conventions, stack discipline, manual API resolution through the PEB/TEB, export walking, name/hash-based resolution, strings, and passing handles or pointers between calls.

\n\n

For evasion, we will explore manual/automated encoding techniques, making our shellcode self-modifying. We will also cover advanced techniques, including direct Windows syscalls with ShellWasp. You will learn Windows structures, native API parameter handling, and creating persistence with syscalls. Expect to be made privy to many shellcoding tips and tricks to bring out the best in your shellcode.

\n\n

By the end, you\'ll be able to: Create Windows shellcode using NASM; launch and debug it; resolve and chain WinAPIs by name or hash; obfuscate and encode shellcode; integrate direct syscalls with ShellWasp.

\n\n

Prep: Study x86 assembly and basic Windows debugging. A VM will be provided. Required: modern PC (Intel) / VM

\n\nSpeakers:Bramwell \"Bw3ll\" Brizendine,Austin \"quantumite\" Norby,Micah Flack
\n
\nSpeakerBio:  Bramwell \"Bw3ll\" Brizendine
\n

Dr. Bramwell Brizendine has a Ph.D. in Cyber Operations and is the Director of the VERONA Lab. Bramwell has regularly spoken at DEFCON and presented at all regional editions of Black Hat (USA, Europe, Asia, MEA), as well as at Hack in the Box Amsterdam, Virus Bulletin, and Wild West Hackin\' Fest. Bramwell received a $300,000 NSA research grant to create the SHAREM shellcode analysis framework, which brings unprecedented capabilities to shellcode analysis and $500,000 as a 2025 DARPA YFA recipient for a PE file emulation framework. He has additionally authored ShellWasp, which facilitates using Windows syscalls in shellcode, as well as two code-reuse attack frameworks, ROP ROCKET and JOP ROCKET. Bramwell has previously taught undergraduate, master\'s, and Ph.D. courses on software exploitation, reverse engineering, offensive security, and malware analysis. He currently teaches cybersecurity courses at the University of Alabama in Huntsville.

\n\nSpeakerBio:  Austin \"quantumite\" Norby
\n

Dr. Austin Norby is a seasoned cybersecurity professional with over a decade of experience supporting the Department of Defense. He earned his bachelor\'s degrees in mathematics and computer science from the University of Minnesota, a master\'s degree from the Naval Postgraduate School, and a Doctorate in Cyber Operations from Dakota State University, specializing in anti-debugging techniques. Currently, Dr. Norby serves as the Director of Internal Research and Development at Bogart Associates, where he is responsible for spearheading the creation of advanced cybersecurity solutions for government use. His technical proficiencies include reverse engineering, malware analysis, and software engineering, with a strong focus on developing robust cyber capabilities in C, C++, Intel assembly, and Python.

\n\nSpeakerBio:  Micah Flack
\n

Micah Flack is a cybersecurity researcher at Idaho National Laboratory, where his work spans vulnerability research, firmware and hardware analysis, malware forensics, exploit development, and reverse engineering across multiple platforms and architectures. He is currently pursuing a Ph.D. in Cyber Operations at Dakota State University, with research interests rooted in applied cybersecurity, software exploitation, malware analysis, and shellcoding. Micah also holds both a Master’s degree in Computer Science and a Bachelor’s degree in Cyber Operations from DSU, where he was active in cybersecurity research and competitions. Micah brings a hands-on perspective from his varied experiences in working with assembly, payload development, embedded systems, and offensive security research.

\n\n\n\'',NULL,1067548),('4_Sunday','10','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W232 (Workshops)','\'Creating Shellcode for Hackers\'','\'Bramwell \"Bw3ll\" Brizendine,Austin \"quantumite\" Norby,Micah Flack\'','DEF CON Workshops_7f30d3ec8e062524d823f5f9b88bf030','\'\'',NULL,1067549),('4_Sunday','11','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W232 (Workshops)','\'Creating Shellcode for Hackers\'','\'Bramwell \"Bw3ll\" Brizendine,Austin \"quantumite\" Norby,Micah Flack\'','DEF CON Workshops_7f30d3ec8e062524d823f5f9b88bf030','\'\'',NULL,1067550),('4_Sunday','12','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W232 (Workshops)','\'Creating Shellcode for Hackers\'','\'Bramwell \"Bw3ll\" Brizendine,Austin \"quantumite\" Norby,Micah Flack\'','DEF CON Workshops_7f30d3ec8e062524d823f5f9b88bf030','\'\'',NULL,1067551),('4_Sunday','09','09:00','12:59','N','DEF CON Workshops','LVCCW Level 2 W231 (Workshops)','\'ICS Hack \'n Track\'','\'Pedro Cabrera,Hannes \"hercules_hannes\" Heck,Sam Miorelli,Jordan Sanchez\'','DEF CON Workshops_d8a54c2ecbaac5d2abdc73316ca971f0','\'Title: ICS Hack \'n Track
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Sunday, Aug 9, 09:00 - 12:59 PDT
\nWhere: LVCCW Level 2 W231 (Workshops) - Map
\n
\nDescription:
\n

OT attacks are often discussed but rarely demonstrated - in this workshop we use Caldera for OT to demonstrate realistic attack vectors for Distributed Control Systems used in power plants and other critical infrastructure, as well as how FOSS tools like Malcolm give defenders the information needed to detect blast radius and impacts.

\n\nSpeakers:Pedro Cabrera,Hannes \"hercules_hannes\" Heck,Sam Miorelli,Jordan Sanchez
\n
\nSpeakerBio:  Pedro Cabrera
\n

Pedro Cabrera is an OT cybersecurity professional and Omnivise Cybersecurity Solutions Architect at Siemens Energy. He specializes in industrial control systems and adversary simulation, focusing on bridging the gap between traditional IT security and operational technology through practical, real-world demonstrations. He has developed custom tooling to simulate PLC interactions and highlight detection challenges in OT environments. His work centers on improving visibility, strengthening defenses, and making complex security concepts more accessible.

\n\nSpeakerBio:  Hannes \"hercules_hannes\" Heck
\n

Hannes is an OT security practitioner currently completing a Bachelor\'s degree in Cybersecurity, with a thesis focused on Network Detection and Response systems including Malcolm. Active in the technology field since 2018, when he began a formal computer science apprenticeship, he has progressively deepened his specialization in cybersecurity and currently works at Siemens Energy in an OT Security role focused on solution architecture for industrial environments. He has presented technical topics in both academic and enterprise settings and brings direct hands-on experience with network traffic analysis, industrial control system design, and adversary emulation platforms to this workshop.

\n\nSpeakerBio:  Sam Miorelli
\n

Sam Miorelli is the Global Head of Innovation and Customer Success for Siemens Energy Omnivise Cybersecurity. By training he is a mechanical engineer and a lawyer. Prior to his involvement with OT cybersecurity, Sam was the primary lawyer for several billion dollars per year of energy and industrial automation transactions at Siemens worldwide.

\n\nSpeakerBio:  Jordan Sanchez
\n

Jordan Sanchez is a Cybersecurity Fellow at Siemens Energy, where he has spent three years doing R&D in OT and ICS security. Graduating from the University of Central Florida with a degree in Computer Science, he conducted undergraduate research on dependency downgrade vulnerabilities in the Android build system. Jordan is joining Amazon as a Security Engineer in September 2026.

\n\n\n\'',NULL,1067552),('4_Sunday','10','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W231 (Workshops)','\'ICS Hack \'n Track\'','\'Pedro Cabrera,Hannes \"hercules_hannes\" Heck,Sam Miorelli,Jordan Sanchez\'','DEF CON Workshops_d8a54c2ecbaac5d2abdc73316ca971f0','\'\'',NULL,1067553),('4_Sunday','11','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W231 (Workshops)','\'ICS Hack \'n Track\'','\'Pedro Cabrera,Hannes \"hercules_hannes\" Heck,Sam Miorelli,Jordan Sanchez\'','DEF CON Workshops_d8a54c2ecbaac5d2abdc73316ca971f0','\'\'',NULL,1067554),('4_Sunday','12','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W231 (Workshops)','\'ICS Hack \'n Track\'','\'Pedro Cabrera,Hannes \"hercules_hannes\" Heck,Sam Miorelli,Jordan Sanchez\'','DEF CON Workshops_d8a54c2ecbaac5d2abdc73316ca971f0','\'\'',NULL,1067555),('4_Sunday','09','09:00','12:59','N','DEF CON Workshops','LVCCW Level 2 W233 (Workshops)','\'Pivot, Hunt, Publish: An Offline, Hands-On CTI Workshop for Blue Teams and Threat Researchers\'','\'Rushikesh Nandedkar\'','DEF CON Workshops_a1bf162acc13b9a63286b8abcb0ded2c','\'Title: Pivot, Hunt, Publish: An Offline, Hands-On CTI Workshop for Blue Teams and Threat Researchers
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Sunday, Aug 9, 09:00 - 12:59 PDT
\nWhere: LVCCW Level 2 W233 (Workshops) - Map
\n
\nDescription:
\n

Cyber Threat Intelligence is the most overspecified and underspecified\ndiscipline in security. Every vendor sells a feed. Every conference has\na track. Every blog post claims attribution. And yet - most blue teams\nstill drown in IOCs they cannot operationalize, and most aspiring threat\nresearchers do not know how to pivot from a single sample to a\ndiscovered campaign.

\n\n

This workshop fixes both problems in four hours, fully offline, with\nevery minute of those four hours spent on content rather than setup,\nand without distributing a single piece of malware.

\n\nSpeakerBio:  Rushikesh Nandedkar
\n

Rushikesh is a researcher. Having more than 10 years of experience under his belt, his assignments have always been pointed towards reducing the state of insecurity for information. His research papers were accepted at the nullcon \'14 \'18 \'20 \'21, BruCON \'16 \'17 \'18 \'19 \'21, Blackhat USA Arsenal \'18 \'19 \'25, DEFCON 24 26 27, x33fcon \'17 \'18 \'20 \'21, BSides Delhi \'17 \'20, c0c0n \'17 \'25, HITCON \'14, NCACNS \'13 + co-author of \"DARWIN\" (use cases for covert wireless), \"DECEPTICON\", an intelligent evil-twin and \"SASTRI\", Plug and Play VM for SAST and author of ARC (Artefact Reuse Comparator) and Q-TIP (QR Code Threat Inspection Platform). Being an avid CTF player, for him, solace is messing up with packets, frames, and shellcodes while attempting to reach the state of void *.

\n\n\n\'',NULL,1067556),('4_Sunday','10','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W233 (Workshops)','\'Pivot, Hunt, Publish: An Offline, Hands-On CTI Workshop for Blue Teams and Threat Researchers\'','\'Rushikesh Nandedkar\'','DEF CON Workshops_a1bf162acc13b9a63286b8abcb0ded2c','\'\'',NULL,1067557),('4_Sunday','11','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W233 (Workshops)','\'Pivot, Hunt, Publish: An Offline, Hands-On CTI Workshop for Blue Teams and Threat Researchers\'','\'Rushikesh Nandedkar\'','DEF CON Workshops_a1bf162acc13b9a63286b8abcb0ded2c','\'\'',NULL,1067558),('4_Sunday','12','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W233 (Workshops)','\'Pivot, Hunt, Publish: An Offline, Hands-On CTI Workshop for Blue Teams and Threat Researchers\'','\'Rushikesh Nandedkar\'','DEF CON Workshops_a1bf162acc13b9a63286b8abcb0ded2c','\'\'',NULL,1067559),('4_Sunday','09','09:00','12:59','N','DEF CON Workshops','LVCCW Level 2 W228 (Workshops)','\'Post-Quantum Cryptography (PQC) for Hackers\'','\'Eric \"Eijah\" Anderson\'','DEF CON Workshops_588b8997e34b79ffd2d792149d60230e','\'Title: Post-Quantum Cryptography (PQC) for Hackers
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Sunday, Aug 9, 09:00 - 12:59 PDT
\nWhere: LVCCW Level 2 W228 (Workshops) - Map
\n
\nDescription:
\n

Secure communications are not a luxury — they are a foundational requirement for human dignity in the digital age. Our most meaningful conversations, transactions, and decisions demand end-to-end encryption, strong authentication, and verifiable integrity. The notion that \"only those with something to hide need strong crypto\" is not merely lazy; it is dangerously shortsighted. Privacy is the space where autonomy, intimacy, and authentic human experience thrive. When that space is violated, the damage ripples far beyond the individual.

\n\n

For decades, classical public-key cryptography has quietly protected everything from online banking to private messaging. That era is ending. Quantum computers are advancing rapidly, and the break of today\'s asymmetric algorithms — often called the Quantum Apocalypse — is no longer a question of if, but when. The window to prepare is narrowing. Migration must begin now.

\n\n

In this workshop, you\'ll implement PQC algorithms from the NSA\'s CNSA Suite 2.0. You\'ll use C++, OpenSSL and Linux to demonstrate the secure usage of ML-KEM, ML-DSA, AES-256, and SHA-512. You\'ll leave with clean, reusable code, deep implementation insight, and the practical skills needed to integrate PQC into real-world systems.

\n\n

We might not all have something to hide, but we all have something worth protecting.

\n\nSpeakerBio:  Eric \"Eijah\" Anderson
\n

Eijah is the founder of Code Siren, LLC and has 25+ years of experience in software development. He is the creator of Polynom, the world\'s first CNSA Suite 2.0 PQC collaboration app and the author of multiple FIPS 140-3 modules. He is also the developer of Demonsaw, an encrypted communications platform that allows you to share information without fear of data collection or surveillance. Before that Eijah was a Lead Programmer at Rockstar Games where he created Grand Theft Auto V and Red Dead Redemption 2. In 2007, Eijah hacked multiple implementations of the Advanced Access Content System (AACS) protocol and released the first Blu-ray device keys under the pseudonym, ATARI Vampire. He has been a faculty member at multiple colleges, has spoken at DEF CON and other security conferences, and holds a master\'s degree in Computer Science. Eijah is an active member of the hacking community and is an avid proponent of Internet freedom.

\n\n\n\'',NULL,1067560),('4_Sunday','10','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W228 (Workshops)','\'Post-Quantum Cryptography (PQC) for Hackers\'','\'Eric \"Eijah\" Anderson\'','DEF CON Workshops_588b8997e34b79ffd2d792149d60230e','\'\'',NULL,1067561),('4_Sunday','11','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W228 (Workshops)','\'Post-Quantum Cryptography (PQC) for Hackers\'','\'Eric \"Eijah\" Anderson\'','DEF CON Workshops_588b8997e34b79ffd2d792149d60230e','\'\'',NULL,1067562),('4_Sunday','12','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W228 (Workshops)','\'Post-Quantum Cryptography (PQC) for Hackers\'','\'Eric \"Eijah\" Anderson\'','DEF CON Workshops_588b8997e34b79ffd2d792149d60230e','\'\'',NULL,1067563),('4_Sunday','09','09:00','12:59','N','DEF CON Workshops','LVCCW Level 2 W229 (Workshops)','\'Purple Protocol: Adversary emulation for everyone\'','\'Patrick \"PilotPat\" Raiden,Ben \"Marba$\" Strout,Brandon \"D43m0n\" Kraycirik\'','DEF CON Workshops_d81254ded6ff58faecda6be908a23bc9','\'Title: Purple Protocol: Adversary emulation for everyone
\nTags: DEF CON Workshop | DEF CON Workshops
\nWhen: Sunday, Aug 9, 09:00 - 12:59 PDT
\nWhere: LVCCW Level 2 W229 (Workshops) - Map
\n
\nDescription:
\n

Have you ever been curious about the techniques used by most notorious hackers to infiltrate some of the world\'s biggest networks? What would happen if they attacked yours? Companies burn millions of dollars in cybersecurity defenses, yet breaches still happen. Why? Because victory favors the prepared, not the well-funded.

\n\n

This beginner friendly workshop explores a practical way to test your defenses. You will learn to organize and execute a Threat Intelligence-led Purple Team Engagement with Open Source tooling. You will learn how to select relevant Threat Actors, execute test cases, document results, generate action items for the Blue Team to remediate, and report the results in a way that even executives can understand. (Spoiler: They like Pie Charts, Line Graphs, and bright colors) This will all be done on a VM we will provide with the Open Source tooling pre-installed. Everything learned in this course can be replicated at your organization.

\n\n

Join us in this workshop to learn why Purple Teaming is undeniably one of the most methodical and effective ways to improve your resilience against the threat actors most likely to attack your organization.

\n\nSpeakers:Patrick \"PilotPat\" Raiden,Ben \"Marba$\" Strout,Brandon \"D43m0n\" Kraycirik
\n
\nSpeakerBio:  Patrick \"PilotPat\" Raiden
\n

Patrick has been working in Cybersecurity for the past decade, ranging from Security Engineering, Vulnerability Management, Penetration Testing, and Red Team Ops.  He holds industry certs including the OSCP, CRTO and GRTP.  He led the effort to build a new Purple Team program at one of the largest healthcare organizations in the United States and continues to manage the program. Patrick is also a DEF CON Black Badge winner.

\n\nSpeakerBio:  Ben \"Marba$\" Strout
\n

Marba$ leads an Offensive Security Team and research vulnerabilities at one of the largest U.S. healthcare conglomerates. With experience spanning healthcare, biotech, pharma, and fintech, his work centers on application security, red teaming, and automation. He is the founder of DC207- Maine\'s DEF CON group - and the General Chair / Lead Organizer of BSides Maine.

\n\nSpeakerBio:  Brandon \"D43m0n\" Kraycirik
\n

D43m0n is a senior cyber security research engineer for one of the largest banking institutions in the world. Having over five years of experience in offensive security, specializing in red teaming, vulnerability research, and custom tool development.

\n\n

He holds advanced certifications that include OSCE3, BSCP, CRTO, CARTP, and eWPTX. While doing so, he was contributing to the cyber security community as the discoverer of CVE-2025-26332 (Dell) and CVE-2025-30398 (Microsoft), while also having authored “Debugging CVE-2023-37679: A Step-by-Step Guide to Fixing the Windows Exploit.”

\n\n

One of his most recent accomplishments at DEF CON is finally obtaining the accolade of being a Black Badge holder.

\n\n

Outside of cybersecurity, he is a passionate researcher with a deep appreciation for the outdoors.

\n\n\n\'',NULL,1067564),('4_Sunday','10','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W229 (Workshops)','\'Purple Protocol: Adversary emulation for everyone\'','\'Patrick \"PilotPat\" Raiden,Ben \"Marba$\" Strout,Brandon \"D43m0n\" Kraycirik\'','DEF CON Workshops_d81254ded6ff58faecda6be908a23bc9','\'\'',NULL,1067565),('4_Sunday','11','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W229 (Workshops)','\'Purple Protocol: Adversary emulation for everyone\'','\'Patrick \"PilotPat\" Raiden,Ben \"Marba$\" Strout,Brandon \"D43m0n\" Kraycirik\'','DEF CON Workshops_d81254ded6ff58faecda6be908a23bc9','\'\'',NULL,1067566),('4_Sunday','12','09:00','12:59','Y','DEF CON Workshops','LVCCW Level 2 W229 (Workshops)','\'Purple Protocol: Adversary emulation for everyone\'','\'Patrick \"PilotPat\" Raiden,Ben \"Marba$\" Strout,Brandon \"D43m0n\" Kraycirik\'','DEF CON Workshops_d81254ded6ff58faecda6be908a23bc9','\'\'',NULL,1067567),('3_Saturday','19','19:00','21:59','N','Social Gatherings/Events','LVCCW Level 2 W213-W217 (Blue Team Village)','\'Blue Team Village Movie Night\'','\'\'','Social Gatherings/Events_2b4df99de8c8ea168ae0a18d6f4786e7','\'Title: Blue Team Village Movie Night
\nTags: Party | Blue Team Village (BTV)
\nWhen: Saturday, Aug 8, 19:00 - 21:59 PDT
\nWhere: LVCCW Level 2 W213-W217 (Blue Team Village) - Map
\n
\nDescription:
\n

Join the Blue Team Village and our special guests for a mixer and screening. Popcorn and drinks from 7pm-8pm, movie starts at 8pm.

\n\n\'',NULL,1067568),('3_Saturday','20','19:00','21:59','Y','Social Gatherings/Events','LVCCW Level 2 W213-W217 (Blue Team Village)','\'Blue Team Village Movie Night\'','\'\'','Social Gatherings/Events_2b4df99de8c8ea168ae0a18d6f4786e7','\'\'',NULL,1067569),('3_Saturday','21','19:00','21:59','Y','Social Gatherings/Events','LVCCW Level 2 W213-W217 (Blue Team Village)','\'Blue Team Village Movie Night\'','\'\'','Social Gatherings/Events_2b4df99de8c8ea168ae0a18d6f4786e7','\'\'',NULL,1067570),('3_Saturday','18','18:00','20:59','N','Social Gatherings/Events','LVCCW Level 1 North Lobby','\'10 years of K-rad (Hackers.Town Party)\'','\'\'','Social Gatherings/Events_02e499dcb962ead090846b0d1ece7080','\'Title: 10 years of K-rad (Hackers.Town Party)
\nTags: Party | Hackers.town
\nWhen: Saturday, Aug 8, 18:00 - 20:59 PDT
\nWhere: LVCCW Level 1 North Lobby - Map
\n
\nDescription:
\n

HACK THE PLANET! Come celebrate 10 years of Hackers.Town doing whatever it is we actually do! We’ve fully embraced this year’s theme of agency, and given these renowned hacker-DJs free rein to do what they do best.

\n\n

Join us in the North Lobby for epic sets from: Kampf, Syntax976 and Luna, PatAttack, and Skittish and Bus!

\n\n\'',NULL,1067571),('3_Saturday','19','18:00','20:59','Y','Social Gatherings/Events','LVCCW Level 1 North Lobby','\'10 years of K-rad (Hackers.Town Party)\'','\'\'','Social Gatherings/Events_02e499dcb962ead090846b0d1ece7080','\'\'',NULL,1067572),('3_Saturday','20','18:00','20:59','Y','Social Gatherings/Events','LVCCW Level 1 North Lobby','\'10 years of K-rad (Hackers.Town Party)\'','\'\'','Social Gatherings/Events_02e499dcb962ead090846b0d1ece7080','\'\'',NULL,1067573),('3_Saturday','15','15:00','15:45','N','Demo Labs','LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2)','\'AC Scanner: The Post-Quantum Cryptographic Exposure and CBOM Generator. You Need This!\'','\'Anurag Swarnim Yadav,Joseph Wilson\'','Demo Labs_9598fadffd090dcd17c1481087662bb1','\'Title: AC Scanner: The Post-Quantum Cryptographic Exposure and CBOM Generator. You Need This!
\nTags: Demo Labs | Intermediate | Cloud | Defense/Blue Team | Offense/Red Team | SecOps | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 15:00 - 15:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2) - Map
\n
\nDescription:
\n

AC Scanner is a tool to help providers of all kinds ensure their services can resist post-quantum cryptographic attacks including Harvest Now Decrypt Later (HNDL). The scanner is an open-source pipeline that automates full cryptographic surface discovery across TLS endpoints and SSH services, assessing every asset against NIST post-quantum standards and generating a structured Cryptographic Bill of Materials (CBOM). In a single command (sh scan.sh example.com) it runs subdomain enumeration, DNS resolution, TLS handshake analysis via OpenSSL, SSH auditing via ssh-audit, quantum vulnerability scoring, and CBOM output in JSONL/JSON/Markdown, ready to upload to an interactive dashboard. With NIST finalizing ML-KEM (FIPS 203), ML-DSA (FIPS 204), and SLH-DSA (FIPS 205) in 2024, and NIST IR 8547 mandating deprecation of quantum-vulnerable algorithms by 2030, AC Scanner gives blue teams a fast, evidence-grade path from cryptographic discovery to compliance reporting.

\n\nSpeakers:Anurag Swarnim Yadav,Joseph Wilson
\n
\nSpeakerBio:  Anurag Swarnim Yadav
\n

Anurag Swarnim Yadav is Co-Founder and CTO of QubitAC, a company helping organizations with cryptographic discovery, post-quantum cryptography readiness assessment, migration framework development, and compliance readiness. He holds a PhD from the University of Florida, where his research examined how data quality impacts ML-based vulnerability detection systems and explored automated program repair for security flaws. He developed AC Scanner, a free open-source ACDI tool helping organizations discover, inventory, and prioritize their quantum-vulnerable cryptographic infrastructure, and has spoken at BSides security conferences educating practitioners on PQC adoption and the steps organizations need to take before the 2030 deadline.

\n\nSpeakerBio:  Joseph Wilson
\n

Joseph N. Wilson is a co-founder of QubitAC and an emeritus faculty member at the University of Florida who received his PhD in Computer Science from the University of Virginia. During his 41 year academic career, he carried out a wide variety of research projects and authored over 150 publications concerning topics including cybersecurity, machine learning, landmine detection and remediation, and computer vision. In addition to his academic work, Dr. Wilson has been a GIAC certified network and web application penetration tester as well as a malware and forensic analyst. His current work is aimed at helping organizations and people improve both their computational and communications security and privacy. He received the General Ronald W. Yates Award for Excellence in Technology Transfer for work leading to successful landmine and IED detection systems employed by US military support forces in Afghanistan.

\n\n\n\'',NULL,1067574),('2_Friday','16','16:00','16:45','N','Demo Labs','LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2)','\'AC Scanner: The Post-Quantum Cryptographic Exposure and CBOM Generator. You Need This!\'','\'Anurag Swarnim Yadav,Joseph Wilson\'','Demo Labs_df32d46bcc664c5dadaaa265337f433f','\'Title: AC Scanner: The Post-Quantum Cryptographic Exposure and CBOM Generator. You Need This!
\nTags: Demo Labs | Intermediate | Cloud | Defense/Blue Team | Offense/Red Team | SecOps | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 16:00 - 16:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2) - Map
\n
\nDescription:
\n

AC Scanner is a tool to help providers of all kinds ensure their services can resist post-quantum cryptographic attacks including Harvest Now Decrypt Later (HNDL). The scanner is an open-source pipeline that automates full cryptographic surface discovery across TLS endpoints and SSH services, assessing every asset against NIST post-quantum standards and generating a structured Cryptographic Bill of Materials (CBOM). In a single command (sh scan.sh example.com) it runs subdomain enumeration, DNS resolution, TLS handshake analysis via OpenSSL, SSH auditing via ssh-audit, quantum vulnerability scoring, and CBOM output in JSONL/JSON/Markdown, ready to upload to an interactive dashboard. With NIST finalizing ML-KEM (FIPS 203), ML-DSA (FIPS 204), and SLH-DSA (FIPS 205) in 2024, and NIST IR 8547 mandating deprecation of quantum-vulnerable algorithms by 2030, AC Scanner gives blue teams a fast, evidence-grade path from cryptographic discovery to compliance reporting.

\n\nSpeakers:Anurag Swarnim Yadav,Joseph Wilson
\n
\nSpeakerBio:  Anurag Swarnim Yadav
\n

Anurag Swarnim Yadav is Co-Founder and CTO of QubitAC, a company helping organizations with cryptographic discovery, post-quantum cryptography readiness assessment, migration framework development, and compliance readiness. He holds a PhD from the University of Florida, where his research examined how data quality impacts ML-based vulnerability detection systems and explored automated program repair for security flaws. He developed AC Scanner, a free open-source ACDI tool helping organizations discover, inventory, and prioritize their quantum-vulnerable cryptographic infrastructure, and has spoken at BSides security conferences educating practitioners on PQC adoption and the steps organizations need to take before the 2030 deadline.

\n\nSpeakerBio:  Joseph Wilson
\n

Joseph N. Wilson is a co-founder of QubitAC and an emeritus faculty member at the University of Florida who received his PhD in Computer Science from the University of Virginia. During his 41 year academic career, he carried out a wide variety of research projects and authored over 150 publications concerning topics including cybersecurity, machine learning, landmine detection and remediation, and computer vision. In addition to his academic work, Dr. Wilson has been a GIAC certified network and web application penetration tester as well as a malware and forensic analyst. His current work is aimed at helping organizations and people improve both their computational and communications security and privacy. He received the General Ronald W. Yates Award for Excellence in Technology Transfer for work leading to successful landmine and IED detection systems employed by US military support forces in Afghanistan.

\n\n\n\'',NULL,1067575),('2_Friday','10','10:00','10:45','N','Demo Labs','LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1)','\'AD-Necromancer: Resurrecting Forgotten Control Paths in Active Directory\'','\'Akbar \"0xsensei\" Abdullayev,0xHera\'','Demo Labs_30256cdaf0063998ab91528ee883a9cd','\'Title: AD-Necromancer: Resurrecting Forgotten Control Paths in Active Directory
\nTags: Demo Labs | Advanced | Offense/Red Team | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 10:00 - 10:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1) - Map
\n
\nDescription:
\n

Every pentest, same story - BloodHound says no path to DA, client celebrates, meanwhile a 2019 service account has AddAllowedToAct on a production DC that nobody remembers. AD-Necromancer finds what humans forget. Give it a username, password, and domain — it bootstraps EDR evasion (ETW patching, DLL unhooking, Halos Gate syscalls), collects AD data over ADWS instead of LDAP, encrypts with AES-256-GCM, and exfils to C2 with zero artifacts. One command, credentials to findings. It feeds tokenized BloodHound data to an LLM for semantic reasoning - forgotten RBCD, ghost cross-forest delegations, orphaned admin accounts no compliance checklist catches. Privacy Cloak ensures real names never leave the box. Open source, MIT licensed. Come dig up what your tools missed.

\n\nSpeakers:Akbar \"0xsensei\" Abdullayev,0xHera
\n
\nSpeakerBio:  Akbar \"0xsensei\" Abdullayev
\n

Offensive security professional with 5+ years of experience in Active Directory and cloud security, specializing in red teaming and enterprise attack chains.

\n\nSpeakerBio:  0xHera
\n

I am a freelance Offensive Tool Developer and Security Enthusiast building practical tools and sharing research with the community to help others better understand attack paths, real-world offensive techniques, and defensive improvements.

\n\n\n\'',NULL,1067576),('3_Saturday','13','13:00','13:45','N','Demo Labs','LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1)','\'AD-Necromancer: Resurrecting Forgotten Control Paths in Active Directory\'','\'Akbar \"0xsensei\" Abdullayev,0xHera\'','Demo Labs_57cdba7f0533f4ed84015c217deef1eb','\'Title: AD-Necromancer: Resurrecting Forgotten Control Paths in Active Directory
\nTags: Demo Labs | Advanced | Offense/Red Team | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 13:00 - 13:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1) - Map
\n
\nDescription:
\n

Every pentest, same story - BloodHound says no path to DA, client celebrates, meanwhile a 2019 service account has AddAllowedToAct on a production DC that nobody remembers. AD-Necromancer finds what humans forget. Give it a username, password, and domain — it bootstraps EDR evasion (ETW patching, DLL unhooking, Halos Gate syscalls), collects AD data over ADWS instead of LDAP, encrypts with AES-256-GCM, and exfils to C2 with zero artifacts. One command, credentials to findings. It feeds tokenized BloodHound data to an LLM for semantic reasoning - forgotten RBCD, ghost cross-forest delegations, orphaned admin accounts no compliance checklist catches. Privacy Cloak ensures real names never leave the box. Open source, MIT licensed. Come dig up what your tools missed.

\n\nSpeakers:Akbar \"0xsensei\" Abdullayev,0xHera
\n
\nSpeakerBio:  Akbar \"0xsensei\" Abdullayev
\n

Offensive security professional with 5+ years of experience in Active Directory and cloud security, specializing in red teaming and enterprise attack chains.

\n\nSpeakerBio:  0xHera
\n

I am a freelance Offensive Tool Developer and Security Enthusiast building practical tools and sharing research with the community to help others better understand attack paths, real-world offensive techniques, and defensive improvements.

\n\n\n\'',NULL,1067577),('2_Friday','11','11:00','11:45','N','Demo Labs','LVCCW Level 1 Hall 3 902 (Demo Labs Track 6)','\'AI Pipeline for N-days Weaponization\'','\'Andrea Brosio,Arun Nair\'','Demo Labs_a6199c2ba672821b6b69101e9b388545','\'Title: AI Pipeline for N-days Weaponization
\nTags: AI | Demo Labs | Intermediate | Offense/Red Team | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 11:00 - 11:45 PDT
\nWhere: LVCCW Level 1 Hall 3 902 (Demo Labs Track 6) - Map
\n
\nDescription:
\n

Most agentic exploit pipelines stall when there\'s no public PoC,they search, find nothing, and spin. This talk demos a multi-agent system that exploits n-days from scratch in under an hour, even with zero public exploit code available.\nGiven only a CVE ID, the pipeline autonomously: fetches vulnerability details and the upstream fix commit; spins up a pinned Docker lab running the exact vulnerable version; diffs the patch to identify the exploitable code path; generates vulnerability-class-specific attack guidance (not a generic checklist); and runs iterative exploit + validation loops until RCE is confirmed.\nDemonstrated live against four CVSS 9.8–10.0 vulnerabilities Apache OpenMeetings deserialization, n8n unauthenticated RCE, Langflow exec() injection, and Spring AI SpEL injection, with working exploits produced in minutes. Every run also outputs a containerized lab and defense report, making it equally useful for detection engineering and patch validation.

\n\nSpeakers:Andrea Brosio,Arun Nair
\n
\nSpeakerBio:  Andrea Brosio
\n

Andrea Brosio is a Security Researcher and Senior Content Engineer, specializing in red teaming, malware development, and offensive security. With prior experience as a Bug Hunter and Red Team Operator he combines real-world adversarial expertise with a passion for creating engaging cybersecurity training.

\n\nSpeakerBio:  Arun Nair
\n

Arun Nair is a Security Engineer at Google and founder of Ryvane Academy, specializing in AI Security, malware development, defense evasion, and adversary simulation. He holds several respected certifications, including OSCP, CRTP, CRTL, CodeMachine Malware Techniques, and HackSys Windows Kernel Exploitation.\nOver the years, Arun has worked with leading organizations such as JP Morgan, and EY, focusing on offensive security and red teaming engagements. Outside of his professional work, he is an active contributor to the cybersecurity community, from designing Capture the Flag (CTF) challenges to delivering talks and workshops at events like DEFCON Red Team Village, HeapCon, MCTTP, BSides Transylvania, HackSpaceCon, RingZer0, c0c0n, and various local meetups.\nWhen he’s not on engagements or speaking at conferences, Arun shares his research and insights through his blog at dazzyddos.github.io

\n\n\n\'',NULL,1067578),('3_Saturday','15','15:00','15:45','N','Demo Labs','LVCCW Level 1 Hall 3 902 (Demo Labs Track 6)','\'AI Pipeline for N-days Weaponization\'','\'Andrea Brosio,Arun Nair\'','Demo Labs_254a78d45fd1178dfe5c225a5ec5e270','\'Title: AI Pipeline for N-days Weaponization
\nTags: AI | Demo Labs | Intermediate | Offense/Red Team | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 15:00 - 15:45 PDT
\nWhere: LVCCW Level 1 Hall 3 902 (Demo Labs Track 6) - Map
\n
\nDescription:
\n

Most agentic exploit pipelines stall when there\'s no public PoC,they search, find nothing, and spin. This talk demos a multi-agent system that exploits n-days from scratch in under an hour, even with zero public exploit code available.\nGiven only a CVE ID, the pipeline autonomously: fetches vulnerability details and the upstream fix commit; spins up a pinned Docker lab running the exact vulnerable version; diffs the patch to identify the exploitable code path; generates vulnerability-class-specific attack guidance (not a generic checklist); and runs iterative exploit + validation loops until RCE is confirmed.\nDemonstrated live against four CVSS 9.8–10.0 vulnerabilities Apache OpenMeetings deserialization, n8n unauthenticated RCE, Langflow exec() injection, and Spring AI SpEL injection, with working exploits produced in minutes. Every run also outputs a containerized lab and defense report, making it equally useful for detection engineering and patch validation.

\n\nSpeakers:Andrea Brosio,Arun Nair
\n
\nSpeakerBio:  Andrea Brosio
\n

Andrea Brosio is a Security Researcher and Senior Content Engineer, specializing in red teaming, malware development, and offensive security. With prior experience as a Bug Hunter and Red Team Operator he combines real-world adversarial expertise with a passion for creating engaging cybersecurity training.

\n\nSpeakerBio:  Arun Nair
\n

Arun Nair is a Security Engineer at Google and founder of Ryvane Academy, specializing in AI Security, malware development, defense evasion, and adversary simulation. He holds several respected certifications, including OSCP, CRTP, CRTL, CodeMachine Malware Techniques, and HackSys Windows Kernel Exploitation.\nOver the years, Arun has worked with leading organizations such as JP Morgan, and EY, focusing on offensive security and red teaming engagements. Outside of his professional work, he is an active contributor to the cybersecurity community, from designing Capture the Flag (CTF) challenges to delivering talks and workshops at events like DEFCON Red Team Village, HeapCon, MCTTP, BSides Transylvania, HackSpaceCon, RingZer0, c0c0n, and various local meetups.\nWhen he’s not on engagements or speaking at conferences, Arun shares his research and insights through his blog at dazzyddos.github.io

\n\n\n\'',NULL,1067579),('3_Saturday','15','15:00','15:45','N','Demo Labs','LVCCW Level 1 Hall 3 901 (Demo Labs Track 5)','\'AOBTD: AI One Bites The DAST\'','\'Ozgun \"ozzy\" Kultekin\'','Demo Labs_8fe640565878ce4ecb4937e785d40a7a','\'Title: AOBTD: AI One Bites The DAST
\nTags: Beginner | AI | Demo Labs | AppSec | Offense/Red Team | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 15:00 - 15:45 PDT
\nWhere: LVCCW Level 1 Hall 3 901 (Demo Labs Track 5) - Map
\n
\nDescription:
\nI hate the way most DAST tools test: firing payloads at parameters with no idea what the app is. They catch the obvious stuff, but miss the parts that actually need context. Newer LLM scanners are either commercial black boxes (iykyk) or \"GPT, find bugs at this URL\" wrappers that fall over outside a CTF box.
\n\n

AOBTD is my attempt at a third option: a scanner that behaves less like a fuzzer and more like a pentester at the start of a test.

\n\n

Instead of fuzzing harder, AOBTD first tries to understand the target. It explores the surface, identifies what pages and endpoints are for, takes notes, builds hypotheses, and then sends targeted requests based on that context. This target understanding drives the rest of the testing process, which is the only realistic way automated tooling can get closer to business-logic bugs.

\n\n

The crawler is designed to avoid wasting time on repeated templates while still sampling outliers, so the odd page hidden in a sea of similar ones does not get ignored. When findings are confirmed, AOBTD can chain them into multi-step attack stories rather than reporting isolated payload hits.

\n\n

This is where LLMs are actually useful: reading a page, understanding the purpose of a form, naming the function behind a JSON endpoint, and doing the kind of prioritization a pentester normally spends hours on.

\n\nSpeakerBio:  Ozgun \"ozzy\" Kultekin
\n

Ozgun (aka ozzy) is a Senior Application Security Engineer at Trendyol Group, where he spends his days breaking applications before the bad guys do. He holds the OSCE3 certification and specializes in offensive security research with a focus on application security and red team operations.

\n\n

He has presented at several conferences including DEF CON, Hacktivity, and multiple BSides events, covering topics ranging from red teaming to application security. He is currently focused on integrating AI into offensive security workflows and actively researching how large language models can be applied in practical, technical ways within cybersecurity. He regularly shares his work and tools as open source.

\n\n

When he\'s not hunting bugs or running red team ops, he\'s probably at the poker table.

\n\n\n\'',NULL,1067580),('2_Friday','11','11:00','11:45','N','Demo Labs','LVCCW Level 1 Hall 3 901 (Demo Labs Track 5)','\'AOBTD: AI One Bites The DAST\'','\'Ozgun \"ozzy\" Kultekin\'','Demo Labs_2cde4f195630e3e5aa633555878c845f','\'Title: AOBTD: AI One Bites The DAST
\nTags: Beginner | AI | Demo Labs | AppSec | Offense/Red Team | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 11:00 - 11:45 PDT
\nWhere: LVCCW Level 1 Hall 3 901 (Demo Labs Track 5) - Map
\n
\nDescription:
\nI hate the way most DAST tools test: firing payloads at parameters with no idea what the app is. They catch the obvious stuff, but miss the parts that actually need context. Newer LLM scanners are either commercial black boxes (iykyk) or \"GPT, find bugs at this URL\" wrappers that fall over outside a CTF box.
\n\n

AOBTD is my attempt at a third option: a scanner that behaves less like a fuzzer and more like a pentester at the start of a test.

\n\n

Instead of fuzzing harder, AOBTD first tries to understand the target. It explores the surface, identifies what pages and endpoints are for, takes notes, builds hypotheses, and then sends targeted requests based on that context. This target understanding drives the rest of the testing process, which is the only realistic way automated tooling can get closer to business-logic bugs.

\n\n

The crawler is designed to avoid wasting time on repeated templates while still sampling outliers, so the odd page hidden in a sea of similar ones does not get ignored. When findings are confirmed, AOBTD can chain them into multi-step attack stories rather than reporting isolated payload hits.

\n\n

This is where LLMs are actually useful: reading a page, understanding the purpose of a form, naming the function behind a JSON endpoint, and doing the kind of prioritization a pentester normally spends hours on.

\n\nSpeakerBio:  Ozgun \"ozzy\" Kultekin
\n

Ozgun (aka ozzy) is a Senior Application Security Engineer at Trendyol Group, where he spends his days breaking applications before the bad guys do. He holds the OSCE3 certification and specializes in offensive security research with a focus on application security and red team operations.

\n\n

He has presented at several conferences including DEF CON, Hacktivity, and multiple BSides events, covering topics ranging from red teaming to application security. He is currently focused on integrating AI into offensive security workflows and actively researching how large language models can be applied in practical, technical ways within cybersecurity. He regularly shares his work and tools as open source.

\n\n

When he\'s not hunting bugs or running red team ops, he\'s probably at the poker table.

\n\n\n\'',NULL,1067581),('2_Friday','15','15:00','15:45','N','Demo Labs','LVCCW Level 1 Hall 3 900 (Demo Labs Track 4)','\'AzProwl: Prowling the Azure Attack Surface\'','\'Jared \"GonePhishing402\" Graff,Jeff Daniels\'','Demo Labs_3c6ffd3dbb08e1fb401ee36269101eb0','\'Title: AzProwl: Prowling the Azure Attack Surface
\nTags: Demo Labs | Intermediate | Cloud | Defense/Blue Team | Offense/Red Team | Purple Team | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 15:00 - 15:45 PDT
\nWhere: LVCCW Level 1 Hall 3 900 (Demo Labs Track 4) - Map
\n
\nDescription:
\n

Cloud environments aren’t being breached through zero-days—they’re being traversed through identity, misconfigurations, and overlooked data paths. Azure is no exception.

\n\n

This talk introduces AzProwl, an offensive-focused tool designed to emulate how real attackers enumerate and chain together access across Azure environments. Rather than stopping at surface-level enumeration, AzProwl maps identity relationships, token abuse opportunities, and data plane exposure to uncover realistic attack paths.

\n\n

We’ll walk through how attackers move from initial access to meaningful impact using Azure-native mechanisms—leveraging identity roles, service principals, tokens, and storage access. Attendees will see how seemingly low-risk permissions compound into high-impact compromise.

\n\n

Whether you’re red team, blue team, or somewhere in between, this session will provide practical insight into how Azure environments are actually attacked—and how to detect and defend against it.

\n\nSpeakers:Jared \"GonePhishing402\" Graff,Jeff Daniels
\n
\nSpeakerBio:  Jared \"GonePhishing402\" Graff
\n

I’m a Lead Incident Response Analyst at Target with experience spanning red team operations, blue team defense, and incident response. My background working in Azure cloud security at Microsoft helped shape my approach to understanding and defending modern cloud environments and ultimately inspired the development of this training.

\n\n

I specialize in analyzing and emulating real-world attack paths across cloud identities, authentication tokens, and data planes to uncover gaps in detection and response capabilities. My work focuses on Azure identity compromise, token abuse, cloud persistence techniques, and understanding how adversaries actually operate within cloud environments—not just how we assume they do.

\n\n

I’m passionate about bridging the gap between offensive and defensive security, translating attacker tradecraft into actionable detection strategies, and developing hands-on labs that help defenders better understand cloud threats. My goal is to make complex attack techniques accessible, practical, and directly applicable to real-world security operations.

\n\nSpeakerBio:  Jeff Daniels
\n

Jeff Daniels is a Senior Cloud Solution Architect at Microsoft Federal specializing in cloud security, threat intelligence, and red team operations. With a background in military cyber operations, he brings real-world offensive experience to designing detection strategies, Zero Trust architectures, and large-scale SOC capabilities. Jeff focuses on translating adversary tradecraft into actionable security outcomes for government customers and is actively involved in red team tooling, adversary emulation, and ATT&CK-aligned training.

\n\n\n\'',NULL,1067582),('2_Friday','14','14:00','14:45','N','Demo Labs','LVCCW Level 1 Hall 3 900 (Demo Labs Track 4)','\'AzProwl: Prowling the Azure Attack Surface\'','\'Jared \"GonePhishing402\" Graff,Jeff Daniels\'','Demo Labs_40b44a026682f7c348d4d76c3e5814a7','\'Title: AzProwl: Prowling the Azure Attack Surface
\nTags: Demo Labs | Intermediate | Cloud | Defense/Blue Team | Offense/Red Team | Purple Team | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 14:00 - 14:45 PDT
\nWhere: LVCCW Level 1 Hall 3 900 (Demo Labs Track 4) - Map
\n
\nDescription:
\n

Cloud environments aren’t being breached through zero-days—they’re being traversed through identity, misconfigurations, and overlooked data paths. Azure is no exception.

\n\n

This talk introduces AzProwl, an offensive-focused tool designed to emulate how real attackers enumerate and chain together access across Azure environments. Rather than stopping at surface-level enumeration, AzProwl maps identity relationships, token abuse opportunities, and data plane exposure to uncover realistic attack paths.

\n\n

We’ll walk through how attackers move from initial access to meaningful impact using Azure-native mechanisms—leveraging identity roles, service principals, tokens, and storage access. Attendees will see how seemingly low-risk permissions compound into high-impact compromise.

\n\n

Whether you’re red team, blue team, or somewhere in between, this session will provide practical insight into how Azure environments are actually attacked—and how to detect and defend against it.

\n\nSpeakers:Jared \"GonePhishing402\" Graff,Jeff Daniels
\n
\nSpeakerBio:  Jared \"GonePhishing402\" Graff
\n

I’m a Lead Incident Response Analyst at Target with experience spanning red team operations, blue team defense, and incident response. My background working in Azure cloud security at Microsoft helped shape my approach to understanding and defending modern cloud environments and ultimately inspired the development of this training.

\n\n

I specialize in analyzing and emulating real-world attack paths across cloud identities, authentication tokens, and data planes to uncover gaps in detection and response capabilities. My work focuses on Azure identity compromise, token abuse, cloud persistence techniques, and understanding how adversaries actually operate within cloud environments—not just how we assume they do.

\n\n

I’m passionate about bridging the gap between offensive and defensive security, translating attacker tradecraft into actionable detection strategies, and developing hands-on labs that help defenders better understand cloud threats. My goal is to make complex attack techniques accessible, practical, and directly applicable to real-world security operations.

\n\nSpeakerBio:  Jeff Daniels
\n

Jeff Daniels is a Senior Cloud Solution Architect at Microsoft Federal specializing in cloud security, threat intelligence, and red team operations. With a background in military cyber operations, he brings real-world offensive experience to designing detection strategies, Zero Trust architectures, and large-scale SOC capabilities. Jeff focuses on translating adversary tradecraft into actionable security outcomes for government customers and is actively involved in red team tooling, adversary emulation, and ATT&CK-aligned training.

\n\n\n\'',NULL,1067583),('2_Friday','11','11:00','11:45','N','Demo Labs','LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3)','\'Be like a BRAT(BLE Recon and Attack Toolkit): Skip the Handshake, Own the Device\'','\'Gigi Xiaoqing Liu,Muzzammil Mohammed,Narmina Karimova\'','Demo Labs_e01211d51e8841567e08bbe3e4237962','\'Title: Be like a BRAT(BLE Recon and Attack Toolkit): Skip the Handshake, Own the Device
\nTags: Beginner | Demo Labs | AppSec | Hardware/IoT | Mobile | Offense/Red Team | Wireless/RF | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 11:00 - 11:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3) - Map
\n
\nDescription:
\n

What happens when you buy a popular medical device and realize it blindly trusts any BLE connection within 30 meters?

\n\n

BRAT (BLE Recon and Attack Toolkit) is the open-source Python arsenal we built to systematically take over an FDA-listed consumer hormone analyzer and generalize the attack to the class of devices behind it. Relying on the Nordic UART Service (NUS), the target blindly trusts any connection within 30 meters. BRAT automates the exact attack chain we used to compromise it: passive BLE discovery, protocol reverse engineering, unauthenticated command injection, full bind takeover, and rogue peripheral impersonation to hijack live API session tokens.

\n\n

Every script is built on the ⁠bleak⁠ async BLE library and deliberately kept small so you can read the code and understand the exploit in minutes. Our Demo Lab features live, end-to-end attacks against a consumer medical device. We’ll demonstrate unauthenticated command injection, rogue peripheral spoofing that intercepts companion app handshakes, and how we injected spoofed hormone sensor data without ever pairing.

\n\nSpeakers:Gigi Xiaoqing Liu,Muzzammil Mohammed,Narmina Karimova
\n
\nSpeakerBio:  Gigi Xiaoqing Liu
\n

Gigi Liu is a graduate security researcher at Northeastern\'s Security And Privacy Research (SPQR) Group under Professor Kevin Fu, where her work covers embedded systems security, medical device attack surfaces, and AI-generated media detection. She interns at Lila Sciences as a Security and Cloud Engineer, building enterprise-wide agentic AI security infrastructure and detection capabilities for unauthorized AI activity across cloud and SaaS environments.

\n\n

Her technical work spans wireless protocol reverse engineering, binary exploitation, web and mobile reverse engineering, cloud and AI security. She has applied these skills across medical hardware, automotive platforms, and enterprise cloud environments — from BLE command injection on FDA-listed devices to CarPlay API exploitation to building agentic AI detection controls at scale. As a UCLA psychobiology alum with a consulting background, she brings a multidisciplinary lens to every system: understand what it\'s designed to do first, then find where it breaks.

\n\nSpeakerBio:  Muzzammil Mohammed
\n

Muzzammil Mohammed is an offensive security researcher, penetration tester at Maltek Solutions, and MS in Cybersecurity at Northeastern University. Operating out of the SPQR Lab under Professor Kevin Fu, and serving as a Teaching Assistant Network Security, his work bridges academic vulnerability research with real-world red team execution. As a core developer of WandKit an open-source BLE attack toolkit built to audit medical devices. Muzzammil led the cloud API exploitation phase, successfully confirming a complete authentication bypass and engineering the rogue peripheral session hijack chain. Beyond hardware and API hacking, he is actively developing autonomous multi-agent AI frameworks designed to orchestrate local LLMs for automated security auditing and vulnerability analysis.

\n\nSpeakerBio:  Narmina Karimova
\n

Narmina Karimova is a cybersecurity graduate researcher at Northeastern University with a background in enterprise technology across financial institutions and the United Nations. She came to security research from the infrastructure side, which shaped how she approached tearing apart a consumer fertility monitor.\nFor BRAT, she wrote the core BLE attack suite in Python: replay modules, rogue peripheral session capture, unauthenticated hormone data extraction, and the bind takeover chain that captures device ownership in under 15 seconds. She also reverse-engineered the APK with JADX, found hardcoded credentials, and confirmed a CVSS 9.1 IDOR in the third-party integration. Her interest is in the gap between how consumer health devices are marketed and how they actually handle sensitive data.

\n\n\n\'',NULL,1067584),('3_Saturday','15','15:00','15:45','N','Demo Labs','LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3)','\'Be like a BRAT(BLE Recon and Attack Toolkit): Skip the Handshake, Own the Device\'','\'Gigi Xiaoqing Liu,Muzzammil Mohammed,Narmina Karimova\'','Demo Labs_8c18bbca4cca057feac8db83e05165b5','\'Title: Be like a BRAT(BLE Recon and Attack Toolkit): Skip the Handshake, Own the Device
\nTags: Beginner | Demo Labs | AppSec | Hardware/IoT | Mobile | Offense/Red Team | Wireless/RF | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 15:00 - 15:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3) - Map
\n
\nDescription:
\n

What happens when you buy a popular medical device and realize it blindly trusts any BLE connection within 30 meters?

\n\n

BRAT (BLE Recon and Attack Toolkit) is the open-source Python arsenal we built to systematically take over an FDA-listed consumer hormone analyzer and generalize the attack to the class of devices behind it. Relying on the Nordic UART Service (NUS), the target blindly trusts any connection within 30 meters. BRAT automates the exact attack chain we used to compromise it: passive BLE discovery, protocol reverse engineering, unauthenticated command injection, full bind takeover, and rogue peripheral impersonation to hijack live API session tokens.

\n\n

Every script is built on the ⁠bleak⁠ async BLE library and deliberately kept small so you can read the code and understand the exploit in minutes. Our Demo Lab features live, end-to-end attacks against a consumer medical device. We’ll demonstrate unauthenticated command injection, rogue peripheral spoofing that intercepts companion app handshakes, and how we injected spoofed hormone sensor data without ever pairing.

\n\nSpeakers:Gigi Xiaoqing Liu,Muzzammil Mohammed,Narmina Karimova
\n
\nSpeakerBio:  Gigi Xiaoqing Liu
\n

Gigi Liu is a graduate security researcher at Northeastern\'s Security And Privacy Research (SPQR) Group under Professor Kevin Fu, where her work covers embedded systems security, medical device attack surfaces, and AI-generated media detection. She interns at Lila Sciences as a Security and Cloud Engineer, building enterprise-wide agentic AI security infrastructure and detection capabilities for unauthorized AI activity across cloud and SaaS environments.

\n\n

Her technical work spans wireless protocol reverse engineering, binary exploitation, web and mobile reverse engineering, cloud and AI security. She has applied these skills across medical hardware, automotive platforms, and enterprise cloud environments — from BLE command injection on FDA-listed devices to CarPlay API exploitation to building agentic AI detection controls at scale. As a UCLA psychobiology alum with a consulting background, she brings a multidisciplinary lens to every system: understand what it\'s designed to do first, then find where it breaks.

\n\nSpeakerBio:  Muzzammil Mohammed
\n

Muzzammil Mohammed is an offensive security researcher, penetration tester at Maltek Solutions, and MS in Cybersecurity at Northeastern University. Operating out of the SPQR Lab under Professor Kevin Fu, and serving as a Teaching Assistant Network Security, his work bridges academic vulnerability research with real-world red team execution. As a core developer of WandKit an open-source BLE attack toolkit built to audit medical devices. Muzzammil led the cloud API exploitation phase, successfully confirming a complete authentication bypass and engineering the rogue peripheral session hijack chain. Beyond hardware and API hacking, he is actively developing autonomous multi-agent AI frameworks designed to orchestrate local LLMs for automated security auditing and vulnerability analysis.

\n\nSpeakerBio:  Narmina Karimova
\n

Narmina Karimova is a cybersecurity graduate researcher at Northeastern University with a background in enterprise technology across financial institutions and the United Nations. She came to security research from the infrastructure side, which shaped how she approached tearing apart a consumer fertility monitor.\nFor BRAT, she wrote the core BLE attack suite in Python: replay modules, rogue peripheral session capture, unauthenticated hormone data extraction, and the bind takeover chain that captures device ownership in under 15 seconds. She also reverse-engineered the APK with JADX, found hardcoded credentials, and confirmed a CVSS 9.1 IDOR in the third-party integration. Her interest is in the gap between how consumer health devices are marketed and how they actually handle sensitive data.

\n\n\n\'',NULL,1067585),('2_Friday','13','13:00','13:45','N','Demo Labs','LVCCW Level 1 Hall 3 901 (Demo Labs Track 5)','\'Beyond Spidering: Behavior Driven DAST for Real Application Workflows\'','\'Sara \"testingSoul\" Martinez\'','Demo Labs_b2c911ba1927d922f597b85230be63e9','\'Title: Beyond Spidering: Behavior Driven DAST for Real Application Workflows
\nTags: Demo Labs | Intermediate | AppSec | DevOps | Offense/Red Team | SecOps | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 13:00 - 13:45 PDT
\nWhere: LVCCW Level 1 Hall 3 901 (Demo Labs Track 5) - Map
\n
\nDescription:
\n

Modern web apps do not give up their best attack surface to a spider. The interesting routes, state changes, authenticated functions, and business logic usually sit behind real user behavior. This Demo Lab shows how to stop treating DAST like blind crawling and start driving it with realistic browser flows.

\n\n

The project began as a software quality proof of concept and evolved through collaboration between an engineering team and a red team into a real operational workflow. By routing Selenium based test scenarios through OWASP ZAP, we turn existing web automation into Behaviour Driven DAST: a practical way to capture richer traffic, exercise meaningful application actions, and uncover security findings that isolated scanning often misses.

\n\n

Current research shows more than 300% increase in observed attack surface and around 25% improvement in vulnerability detection compared with spider-driven analysis alone. The session will walk through the workflow live, show the comparative results, and introduce a new Python library built from this research.

\n\nSpeakerBio:  Sara \"testingSoul\" Martinez
\n

Hi, I am Sara!\nI started my career in 2014 as a Software Validation Engineer for Communication products. During five years I improved my testing skills by working on projects in Telecommunication, Geolocation, Big Data and Power Electronics.\nIn 2019, I started to focus all this quality knowledge on testing Cybersecurity Software products, and then magic just happened. I discovered a whole new world that fascinated me.\nSince then, I have been working to improve all my Software and Quality skills including Cybersecurity at every step I take.

\n\n\n\'',NULL,1067586),('3_Saturday','12','12:00','12:45','N','Demo Labs','LVCCW Level 1 Hall 3 901 (Demo Labs Track 5)','\'Beyond Spidering: Behavior Driven DAST for Real Application Workflows\'','\'Sara \"testingSoul\" Martinez\'','Demo Labs_a3ea791dadc0df5c85ebb0c18b37095f','\'Title: Beyond Spidering: Behavior Driven DAST for Real Application Workflows
\nTags: Demo Labs | Intermediate | AppSec | DevOps | Offense/Red Team | SecOps | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 12:00 - 12:45 PDT
\nWhere: LVCCW Level 1 Hall 3 901 (Demo Labs Track 5) - Map
\n
\nDescription:
\n

Modern web apps do not give up their best attack surface to a spider. The interesting routes, state changes, authenticated functions, and business logic usually sit behind real user behavior. This Demo Lab shows how to stop treating DAST like blind crawling and start driving it with realistic browser flows.

\n\n

The project began as a software quality proof of concept and evolved through collaboration between an engineering team and a red team into a real operational workflow. By routing Selenium based test scenarios through OWASP ZAP, we turn existing web automation into Behaviour Driven DAST: a practical way to capture richer traffic, exercise meaningful application actions, and uncover security findings that isolated scanning often misses.

\n\n

Current research shows more than 300% increase in observed attack surface and around 25% improvement in vulnerability detection compared with spider-driven analysis alone. The session will walk through the workflow live, show the comparative results, and introduce a new Python library built from this research.

\n\nSpeakerBio:  Sara \"testingSoul\" Martinez
\n

Hi, I am Sara!\nI started my career in 2014 as a Software Validation Engineer for Communication products. During five years I improved my testing skills by working on projects in Telecommunication, Geolocation, Big Data and Power Electronics.\nIn 2019, I started to focus all this quality knowledge on testing Cybersecurity Software products, and then magic just happened. I discovered a whole new world that fascinated me.\nSince then, I have been working to improve all my Software and Quality skills including Cybersecurity at every step I take.

\n\n\n\'',NULL,1067587),('3_Saturday','12','12:00','12:45','N','Demo Labs','LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3)','\'BigIron.ai: AI-Assisted Exploration and Security Analysis of Mainframe Systems\'','\'Adam \"w00tock\" Toscher\'','Demo Labs_05e4b3ad8df2793ef156f385cacb2e83','\'Title: BigIron.ai: AI-Assisted Exploration and Security Analysis of Mainframe Systems
\nTags: AI | Demo Labs | Intermediate | Defense/Blue Team | Offense/Red Team | Purple Team | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 12:00 - 12:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3) - Map
\n
\nDescription:
\n

Most security tools assume Unix or Windows models built around processes, shells, and network services. On mainframe operating systems, authority is determined through control-plane behavior: job submission (JCL/JES), dataset access, library resolution, and transaction context. These relationships are difficult to observe and are systematically misunderstood by modern security teams; creating blind spots that traditional tooling cannot see.

\n\n

This Demo Lab shows a live MVS 3.8j environment running under Hercules with a browser-based TN3270 interface. Operational artifacts including submitted jobs, spool output, and execution context are captured and mapped into a graph that reveals hidden trust relationships and indirect execution paths.

\n\n

The demonstration walks a realistic privilege path: TSO user → JCL submission → STEPLIB hijack → APF library execution — showing how inherited authority creates system-level exposure without exploiting a single vulnerability. No shellcode. No memory corruption. Just the system working exactly as designed.

\n\n

The platform includes 13 automated walkthroughs across 6 control planes (TSO, JES, RACF, CICS, VTAM, PR/SM), an offline LLM for real-time screen interpretation, and a findings engine that maps results to a repeatable assessment framework.

\n\nSpeakerBio:  Adam \"w00tock\" Toscher
\n

Adam Toscher is a New York–based security engineer and red team operator with over two decades of experience in offensive security, adversary simulation, and automation. Born in New York City and raised upstate, Adam began his career as an “IT vagabond,” starting as a freshman IBM intern porting Linux applications to mainframe systems. That early mainframe work grounded him in large-scale computing, operating systems, and complex enterprise environments before he transitioned into offensive security.

\n\n

He later held senior security roles at Adobe, Optiv, Accenture, IBM X-Force, and NYC Cyber Command, focusing on realistic adversary emulation, red-team operations, and practical automation.

\n\n

Most recently, Adam has worked with Cobalt Labs, supporting advanced red-teaming and offensive security engagements for private-sector organizations. Prior to that, he led red-team and adversary simulation work supporting critical public infrastructure with NYC Cyber Command and the FDNY.

\n\n

His work centers on penetration testing, red teaming, adversary emulation, and security tooling across private-sector and government environments. Outside of security, Adam values balance and lifelong learning, and is an avid reader, runner, swimmer, and gamer.

\n\n\n\'',NULL,1067588),('2_Friday','15','15:00','15:45','N','Demo Labs','LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3)','\'BigIron.ai: AI-Assisted Exploration and Security Analysis of Mainframe Systems\'','\'Adam \"w00tock\" Toscher\'','Demo Labs_babbb7d0ac6373e461b289afbb21022d','\'Title: BigIron.ai: AI-Assisted Exploration and Security Analysis of Mainframe Systems
\nTags: AI | Demo Labs | Intermediate | Defense/Blue Team | Offense/Red Team | Purple Team | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 15:00 - 15:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3) - Map
\n
\nDescription:
\n

Most security tools assume Unix or Windows models built around processes, shells, and network services. On mainframe operating systems, authority is determined through control-plane behavior: job submission (JCL/JES), dataset access, library resolution, and transaction context. These relationships are difficult to observe and are systematically misunderstood by modern security teams; creating blind spots that traditional tooling cannot see.

\n\n

This Demo Lab shows a live MVS 3.8j environment running under Hercules with a browser-based TN3270 interface. Operational artifacts including submitted jobs, spool output, and execution context are captured and mapped into a graph that reveals hidden trust relationships and indirect execution paths.

\n\n

The demonstration walks a realistic privilege path: TSO user → JCL submission → STEPLIB hijack → APF library execution — showing how inherited authority creates system-level exposure without exploiting a single vulnerability. No shellcode. No memory corruption. Just the system working exactly as designed.

\n\n

The platform includes 13 automated walkthroughs across 6 control planes (TSO, JES, RACF, CICS, VTAM, PR/SM), an offline LLM for real-time screen interpretation, and a findings engine that maps results to a repeatable assessment framework.

\n\nSpeakerBio:  Adam \"w00tock\" Toscher
\n

Adam Toscher is a New York–based security engineer and red team operator with over two decades of experience in offensive security, adversary simulation, and automation. Born in New York City and raised upstate, Adam began his career as an “IT vagabond,” starting as a freshman IBM intern porting Linux applications to mainframe systems. That early mainframe work grounded him in large-scale computing, operating systems, and complex enterprise environments before he transitioned into offensive security.

\n\n

He later held senior security roles at Adobe, Optiv, Accenture, IBM X-Force, and NYC Cyber Command, focusing on realistic adversary emulation, red-team operations, and practical automation.

\n\n

Most recently, Adam has worked with Cobalt Labs, supporting advanced red-teaming and offensive security engagements for private-sector organizations. Prior to that, he led red-team and adversary simulation work supporting critical public infrastructure with NYC Cyber Command and the FDNY.

\n\n

His work centers on penetration testing, red teaming, adversary emulation, and security tooling across private-sector and government environments. Outside of security, Adam values balance and lifelong learning, and is an avid reader, runner, swimmer, and gamer.

\n\n\n\'',NULL,1067589),('2_Friday','14','14:00','14:45','N','Demo Labs','LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3)','\'Clew: Untangling Evasive Malware with Per-Sample Fuzzing Seeds\'','\'Kyler McElroy,Anita Ding,Daniel Koranek\'','Demo Labs_f24ddf95ae4696addd1dd8f3c485d59d','\'Title: Clew: Untangling Evasive Malware with Per-Sample Fuzzing Seeds
\nTags: Demo Labs | Intermediate | Defense/Blue Team | Malware | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 14:00 - 14:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3) - Map
\n
\nDescription:
\n

Clew is an automated fuzzing-candidate extraction pipeline for environment-sensitive malware analysis. Evasive malware routinely queries its execution environment via Windows API calls to hide functionality until specific environmental conditions are met. By hooking these API calls, a fuzzer can reveal such execution paths that are typically hidden during standard analysis. No seed corpus of environmental fuzzing candidates currently exists for this application. As a result, current API-hooking fuzzers rely on hand-written, sample-agnostic starting values and blind mutations that cannot scale to the diverse evasion techniques seen in sophisticated samples. Clew addresses this by analyzing each PE32 binary and producing a per-sample seed corpus of candidate API return values that downstream environmental fuzzers use to systematically uncover hidden execution paths.

\n\nSpeakers:Kyler McElroy,Anita Ding,Daniel Koranek
\n
\nSpeakerBio:  Kyler McElroy
\n

McElroy, a second lieutenant and developmental engineer in the United States Air Force, is pursuing a master\'s in computer science with an AI focus at the Air Force Institute of Technology. His research focuses on using machine learning and automated analysis to uncover hidden behaviors in evasive malware. He is an alumnus of the ACE Cyber Leadership Development program, where he authored S.A.N.D (Synthetic Adversarial and Natural Data Generation) under the Air Force Research Laboratory.

\n\nSpeakerBio:  Anita Ding
\n

Anita Ding is a second lieutenant and cyber operations officer in the United States Air Force, is pursuing a master\'s in cyber operations with an AI focus at the Air Force Institute of Technology. Her research focuses on LLM-orchestrated red team automation and graph neural networks for attack-path scoring in Active Directory environments. She earned a B.A. in Computer Science from UC Berkeley, where she conducted research at the Berkeley AI Research Lab and the Berkeley Risk and Security Lab. She is also an alumna of the ACE Cyber Leadership Development program, where she designed a CTF challenge for the British Army\'s Defence Cyber Marvel exercise.

\n\nSpeakerBio:  Daniel Koranek
\n

Dr. Daniel Koranek is an Assistant Professor of Computer Science at the Air Force Institute of Technology (AFIT) and a two-time graduate of AFIT in cyber operations (2010, M.S.) and computer science (2022, Ph.D.), where his research interests focus on the intersection of artificial intelligence/machine learning and cybersecurity. This includes using AI/ML to enhance cybersecurity and using vulnerability assessment and secure design techniques to improve AI deployments. He has spent most of his career on reverse engineering and vulnerability assessment of embedded systems, and overlapping AI and cybersecurity drove Dr. Koranek\'s dissertation research on using the reverse engineering tool Binary Ninja to visualize explanations of malware classifications.

\n\n\n\'',NULL,1067590),('3_Saturday','11','11:00','11:45','N','Demo Labs','LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3)','\'Clew: Untangling Evasive Malware with Per-Sample Fuzzing Seeds\'','\'Kyler McElroy,Anita Ding,Daniel Koranek\'','Demo Labs_4b12f642db95bab9c8e99842ea34852e','\'Title: Clew: Untangling Evasive Malware with Per-Sample Fuzzing Seeds
\nTags: Demo Labs | Intermediate | Defense/Blue Team | Malware | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 11:00 - 11:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3) - Map
\n
\nDescription:
\n

Clew is an automated fuzzing-candidate extraction pipeline for environment-sensitive malware analysis. Evasive malware routinely queries its execution environment via Windows API calls to hide functionality until specific environmental conditions are met. By hooking these API calls, a fuzzer can reveal such execution paths that are typically hidden during standard analysis. No seed corpus of environmental fuzzing candidates currently exists for this application. As a result, current API-hooking fuzzers rely on hand-written, sample-agnostic starting values and blind mutations that cannot scale to the diverse evasion techniques seen in sophisticated samples. Clew addresses this by analyzing each PE32 binary and producing a per-sample seed corpus of candidate API return values that downstream environmental fuzzers use to systematically uncover hidden execution paths.

\n\nSpeakers:Kyler McElroy,Anita Ding,Daniel Koranek
\n
\nSpeakerBio:  Kyler McElroy
\n

McElroy, a second lieutenant and developmental engineer in the United States Air Force, is pursuing a master\'s in computer science with an AI focus at the Air Force Institute of Technology. His research focuses on using machine learning and automated analysis to uncover hidden behaviors in evasive malware. He is an alumnus of the ACE Cyber Leadership Development program, where he authored S.A.N.D (Synthetic Adversarial and Natural Data Generation) under the Air Force Research Laboratory.

\n\nSpeakerBio:  Anita Ding
\n

Anita Ding is a second lieutenant and cyber operations officer in the United States Air Force, is pursuing a master\'s in cyber operations with an AI focus at the Air Force Institute of Technology. Her research focuses on LLM-orchestrated red team automation and graph neural networks for attack-path scoring in Active Directory environments. She earned a B.A. in Computer Science from UC Berkeley, where she conducted research at the Berkeley AI Research Lab and the Berkeley Risk and Security Lab. She is also an alumna of the ACE Cyber Leadership Development program, where she designed a CTF challenge for the British Army\'s Defence Cyber Marvel exercise.

\n\nSpeakerBio:  Daniel Koranek
\n

Dr. Daniel Koranek is an Assistant Professor of Computer Science at the Air Force Institute of Technology (AFIT) and a two-time graduate of AFIT in cyber operations (2010, M.S.) and computer science (2022, Ph.D.), where his research interests focus on the intersection of artificial intelligence/machine learning and cybersecurity. This includes using AI/ML to enhance cybersecurity and using vulnerability assessment and secure design techniques to improve AI deployments. He has spent most of his career on reverse engineering and vulnerability assessment of embedded systems, and overlapping AI and cybersecurity drove Dr. Koranek\'s dissertation research on using the reverse engineering tool Binary Ninja to visualize explanations of malware classifications.

\n\n\n\'',NULL,1067591),('3_Saturday','10','10:00','10:45','N','Demo Labs','LVCCW Level 1 Hall 3 900 (Demo Labs Track 4)','\'DFMI: Weaponizing MSI Installers for Fileless Code Execution\'','\'Anil Celik\'','Demo Labs_0e8e2910b01e66f2df08befeb3341d4f','\'Title: DFMI: Weaponizing MSI Installers for Fileless Code Execution
\nTags: Demo Labs | Intermediate | Defense/Blue Team | Malware | Offense/Red Team | Purple Team | Threat Intel/Hunting | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 10:00 - 10:45 PDT
\nWhere: LVCCW Level 1 Hall 3 900 (Demo Labs Track 4) - Map
\n
\nDescription:
\n

DFMI is a cross-platform, open-source offensive toolkit that hijacks & abuses the Windows Installer\'s own execution engine to detonate arbitrary payloads during software installation, with zero files written to disk and zero evidence left behind. And this can be achieved without corrupting the Authenticode of the binary. --Which means, ANY signed legitimate installer file can leveraged as an attack vector.

\n\n

Right now, DFMI provides 3 different methods for abusing MSI files:

\n\n
    \n
  • Inject: Simply injects a CustomAction (CA) into an existing MSI package.
  • \n
  • Rogue MST: Generates an MSI Transform File (.mst) and injects into legitimate \".msi\" file without corrupting it\'s Authenticode. The original MSI file is never modified — its Authenticode signature remains fully intact and valid. This means a signed, trusted MSI can be weaponized without leaving any forensic trace on the file itself; the transform rides alongside it at deployment time.
  • \n
  • Stub: Creates a malicious MSI file from scratch.
  • \n
\n\n

GitHub: https://github.com/ccelikanil/DFMI

\n\nSpeakerBio:  Anil Celik
\n

Computer Engineer & been working as a Red Teamer for the past ~7 years. Previously did presentations at DEFCON 33 Demo Labs, DEFCON 33 Red Team Village & Black Hat USA Arsenal 2025. Currently holding 6 CVEs, OSCP & OSWP.

\n\n

Interests: Windows Internals & AD Security

\n\n\n\'',NULL,1067592),('2_Friday','16','16:00','16:45','N','Demo Labs','LVCCW Level 1 Hall 3 900 (Demo Labs Track 4)','\'DFMI: Weaponizing MSI Installers for Fileless Code Execution\'','\'Anil Celik\'','Demo Labs_343a514c616c8e83f7bb5fbf95965896','\'Title: DFMI: Weaponizing MSI Installers for Fileless Code Execution
\nTags: Demo Labs | Intermediate | Defense/Blue Team | Malware | Offense/Red Team | Purple Team | Threat Intel/Hunting | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 16:00 - 16:45 PDT
\nWhere: LVCCW Level 1 Hall 3 900 (Demo Labs Track 4) - Map
\n
\nDescription:
\n

DFMI is a cross-platform, open-source offensive toolkit that hijacks & abuses the Windows Installer\'s own execution engine to detonate arbitrary payloads during software installation, with zero files written to disk and zero evidence left behind. And this can be achieved without corrupting the Authenticode of the binary. --Which means, ANY signed legitimate installer file can leveraged as an attack vector.

\n\n

Right now, DFMI provides 3 different methods for abusing MSI files:

\n\n
    \n
  • Inject: Simply injects a CustomAction (CA) into an existing MSI package.
  • \n
  • Rogue MST: Generates an MSI Transform File (.mst) and injects into legitimate \".msi\" file without corrupting it\'s Authenticode. The original MSI file is never modified — its Authenticode signature remains fully intact and valid. This means a signed, trusted MSI can be weaponized without leaving any forensic trace on the file itself; the transform rides alongside it at deployment time.
  • \n
  • Stub: Creates a malicious MSI file from scratch.
  • \n
\n\n

GitHub: https://github.com/ccelikanil/DFMI

\n\nSpeakerBio:  Anil Celik
\n

Computer Engineer & been working as a Red Teamer for the past ~7 years. Previously did presentations at DEFCON 33 Demo Labs, DEFCON 33 Red Team Village & Black Hat USA Arsenal 2025. Currently holding 6 CVEs, OSCP & OSWP.

\n\n

Interests: Windows Internals & AD Security

\n\n\n\'',NULL,1067593),('2_Friday','11','11:00','11:45','N','Demo Labs','LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1)','\'Damn Vulnerable Agentic AI Application (DVAIA)\'','\'Abhinav Verma,Mukesh Aggarwal\'','Demo Labs_7ad1db9e9f598b2b2716c3df8cbf7098','\'Title: Damn Vulnerable Agentic AI Application (DVAIA)
\nTags: Beginner | AI | Demo Labs | AppSec | Offense/Red Team | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 11:00 - 11:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1) - Map
\n
\nDescription:
\n

AI-powered Agentic applications now execute database queries, read files, send emails, and call APIs on behalf of users — all triggered through a chat window. DVAIA (Damn Vulnerable Agentic AI Application) is a new open-source platform purpose-built to let you break them.

\n\n

DVAIA pairs a production-grade secure platform with deliberately vulnerable AI-powered chat agents, each isolated in its own database and mapped to the OWASP Top 10 for LLM Applications 2025. In this demo we live-exploit nine exercise categories covering 93 attack objectives:

\n\n
    \n
  • Prompt injection: extract system prompts, jailbreak filters, poison RAG documents, and hijack an email-summarization agent
  • \n
  • SQL and NoSQL injection through AI: trick chat agents into constructing malicious queries — the injection never touches a traditional input field
  • \n
  • Sensitive info disclosure: chain path traversal and SSRF through a banking agent\'s tool interface to read server secrets and probe internal services
  • \n
  • Excessive agency and BOLA: make a customer-service agent access other users\' data, create unauthorized orders, and issue fraudulent refunds
  • \n
  • XSS and CSRF through LLM output: reflected, stored, and LLM-generated cross-site scripting fired from chat responses
  • \n
  • Supply chain RCE: exploit a poisoned dependency through conversation with a code-analysis agent
  • \n
\n\nSpeakers:Abhinav Verma,Mukesh Aggarwal
\n
\nSpeakerBio:  Abhinav Verma
\n

Abhinav Verma is a Senior Staff Security Engineer at Intuit Inc. with 15+ years of experience across AI security, offensive security, red teaming, product security, and security operations. He currently leads AI security architecture reviews, AI penetration testing, and vulnerability management programs, with a focus on AI security, AI threat modeling, and securing large-scale cloud platforms.

\n\n

Over the course of his career at Intuit, he has built security automation, scaled continuous security scanning across thousands of assets, led secure design reviews for platforms serving millions of customers, and developed secure coding programs that have helped thousands of engineers shift security left. Abhinav was formerly an independent security researcher and has identified and reported vulnerabilities in numerous major online services and technology companies.

\n\n

He holds certifications including OSEP, OSCP, OSWP, GWAPT and CEH. Outside of work, Abhinav is a passionate gamer, a trained chef, an avid camper, and a mentor to aspiring offensive security practitioners.

\n\nSpeakerBio:  Mukesh Aggarwal
\n

Mukesh Aggarwal is a Distinguished Security Engineer who has spent his career thinking like a hacker. For nearly two decades he has hunted fraudsters and abuse across fintech platforms, building the detection pipelines, automations, and controls that shut bad actors down. He now lives at the bleeding edge of GenAI and agentic AI security, secure-by-default agent patterns, adversarial pen-testing and prompt-injection defense. He breaks things to understand them and stays a step ahead of attackers, usually spotting the weaknessess before they do.

\n\n

Mukesh has spoken at RSA Conference (OWASP GenAI Security Track), RenderATL, and the Intel Capital CISO Summit on AI safety, fraud, and offensive security, and is a member of the GIAC Advisory Board.

\n\n

Off the clock he is a die-hard offensive-security tinkerer who reverse-engineers hardware and apps, pokes at IoT security, writes autonomous bots, and automates his home. He also mentors the next wave of offensive and AI security practitioners.

\n\n\n\'',NULL,1067594),('3_Saturday','14','14:00','14:45','N','Demo Labs','LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1)','\'Damn Vulnerable Agentic AI Application (DVAIA)\'','\'Abhinav Verma,Mukesh Aggarwal\'','Demo Labs_05532acd85fba6e6989f718a864ef7f7','\'Title: Damn Vulnerable Agentic AI Application (DVAIA)
\nTags: Beginner | AI | Demo Labs | AppSec | Offense/Red Team | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 14:00 - 14:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1) - Map
\n
\nDescription:
\n

AI-powered Agentic applications now execute database queries, read files, send emails, and call APIs on behalf of users — all triggered through a chat window. DVAIA (Damn Vulnerable Agentic AI Application) is a new open-source platform purpose-built to let you break them.

\n\n

DVAIA pairs a production-grade secure platform with deliberately vulnerable AI-powered chat agents, each isolated in its own database and mapped to the OWASP Top 10 for LLM Applications 2025. In this demo we live-exploit nine exercise categories covering 93 attack objectives:

\n\n
    \n
  • Prompt injection: extract system prompts, jailbreak filters, poison RAG documents, and hijack an email-summarization agent
  • \n
  • SQL and NoSQL injection through AI: trick chat agents into constructing malicious queries — the injection never touches a traditional input field
  • \n
  • Sensitive info disclosure: chain path traversal and SSRF through a banking agent\'s tool interface to read server secrets and probe internal services
  • \n
  • Excessive agency and BOLA: make a customer-service agent access other users\' data, create unauthorized orders, and issue fraudulent refunds
  • \n
  • XSS and CSRF through LLM output: reflected, stored, and LLM-generated cross-site scripting fired from chat responses
  • \n
  • Supply chain RCE: exploit a poisoned dependency through conversation with a code-analysis agent
  • \n
\n\nSpeakers:Abhinav Verma,Mukesh Aggarwal
\n
\nSpeakerBio:  Abhinav Verma
\n

Abhinav Verma is a Senior Staff Security Engineer at Intuit Inc. with 15+ years of experience across AI security, offensive security, red teaming, product security, and security operations. He currently leads AI security architecture reviews, AI penetration testing, and vulnerability management programs, with a focus on AI security, AI threat modeling, and securing large-scale cloud platforms.

\n\n

Over the course of his career at Intuit, he has built security automation, scaled continuous security scanning across thousands of assets, led secure design reviews for platforms serving millions of customers, and developed secure coding programs that have helped thousands of engineers shift security left. Abhinav was formerly an independent security researcher and has identified and reported vulnerabilities in numerous major online services and technology companies.

\n\n

He holds certifications including OSEP, OSCP, OSWP, GWAPT and CEH. Outside of work, Abhinav is a passionate gamer, a trained chef, an avid camper, and a mentor to aspiring offensive security practitioners.

\n\nSpeakerBio:  Mukesh Aggarwal
\n

Mukesh Aggarwal is a Distinguished Security Engineer who has spent his career thinking like a hacker. For nearly two decades he has hunted fraudsters and abuse across fintech platforms, building the detection pipelines, automations, and controls that shut bad actors down. He now lives at the bleeding edge of GenAI and agentic AI security, secure-by-default agent patterns, adversarial pen-testing and prompt-injection defense. He breaks things to understand them and stays a step ahead of attackers, usually spotting the weaknessess before they do.

\n\n

Mukesh has spoken at RSA Conference (OWASP GenAI Security Track), RenderATL, and the Intel Capital CISO Summit on AI safety, fraud, and offensive security, and is a member of the GIAC Advisory Board.

\n\n

Off the clock he is a die-hard offensive-security tinkerer who reverse-engineers hardware and apps, pokes at IoT security, writes autonomous bots, and automates his home. He also mentors the next wave of offensive and AI security practitioners.

\n\n\n\'',NULL,1067595),('3_Saturday','12','12:00','12:45','N','Demo Labs','LVCCW Level 1 Hall 3 902 (Demo Labs Track 6)','\'Empire 7: Shipping a C2 at AI Speed\'','\'Vincent \"Vinnybod\" Rose,Jake \"Hubbl3\" Krasnov,Anthony \"Coin\" Rose\'','Demo Labs_78395b25e0d892e7d3811b2c396ac511','\'Title: Empire 7: Shipping a C2 at AI Speed
\nTags: Beginner | AI | Demo Labs | DevOps | Malware | Offense/Red Team | Purple Team | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 12:00 - 12:45 PDT
\nWhere: LVCCW Level 1 Hall 3 902 (Demo Labs Track 6) - Map
\n
\nDescription:
\n

Empire 7 is a near-total overhaul of the Command and Control (C2) framework, from how agents communicate with the server to how operators move through engagements. This major release continues to expand Empire\'s supported agents to include PowerShell, Python, IronPython, Go, C#, and now C. New tradecraft includes more than 50 new modules derived from Atomic Red Team, patchless AMSI/ETW bypasses, EarlyBird process hollowing, BOF execution with ILRepack assembly merging, and RDP session hijacking, among others. Empire\'s new cryptographically secure communications leverage AES-256-GCM and mTLS, with MITRE ATT&CK integration to assist in emulating real-world Advanced Persistent Threat (APT) Tactics, Techniques, and Procedures (TTPs).

\n\n

One more thing we\'ll talk about, this release shipped at roughly 10x our prior pace, due to our team’s adoption of agentic coding tools as a core development collaborator. We\'ll share what worked, what didn\'t, and what LLM-assisted offensive tooling development looks like.

\n\nSpeakers:Vincent \"Vinnybod\" Rose,Jake \"Hubbl3\" Krasnov,Anthony \"Coin\" Rose
\n
\nSpeakerBio:  Vincent \"Vinnybod\" Rose
\n

Vincent \"Vinnybod\" Rose is the Lead Developer for Empire and Starkiller. He is a software engineer with a decade of expertise in building highly scalable cloud services, improving developer operations, and automation. Recently, his focus has been on the reliability and stability of the Empire C2 server. Vinnybod has presented at Black Hat and has taught courses at DEF CON on Red Teaming and Offensive PowerShell. He currently maintains a cybersecurity blog focused on offensive security at https://bcsecurity.io/blog/.

\n\nSpeakerBio:  Jake \"Hubbl3\" Krasnov
\n

Jake \"Hubble\" Krasnov is the Red Team Operations Lead at BC Security, with a distinguished career spanning engineering and cybersecurity. A U.S. Air Force veteran, Jake began his career as an Astronautical Engineer overseeing rocket modifications, leading test and evaluation efforts for the F-22, and conducting red team operations with the 57th Information Aggressors. He later served as a Technical Lead Engineer at Boeing Phantom Works, where he focused on embedded security for aviation and space defense projects. A seasoned speaker and trainer, Jake has presented at DEF CON, Black Hat, HackRedCon, HackSpaceCon, and HackMiami, and has previously taught Empire and offensive PowerShell at DEF CON.

\n\nSpeakerBio:  Anthony \"Coin\" Rose
\n

Dr. Anthony \"Coin\" Rose is an officer in the United States Air Force, an Assistant Professor, and the Director of the Center for Cyberspace Research at the Air Force Institute of Technology. He holds a doctorate in Electrical Engineering and has expertise in machine learning, with a focus on its application to cybersecurity and malware detection. He is also the founder of SIMAPTIC and the Director of Security Research at BC Security, where he specializes in adversary tactics and emulation planning, Red and Blue Team operations, and embedded systems security. Dr. Rose is credited with 16 CVEs and has presented at numerous security conferences, including Black Hat, DEF CON, HackSpaceCon, HackMiami, and RSA Conference.

\n\n\n\'',NULL,1067596),('2_Friday','10','10:00','10:45','N','Demo Labs','LVCCW Level 1 Hall 3 902 (Demo Labs Track 6)','\'Empire 7: Shipping a C2 at AI Speed\'','\'Vincent \"Vinnybod\" Rose,Jake \"Hubbl3\" Krasnov,Anthony \"Coin\" Rose\'','Demo Labs_8af408e7807525e1d28db9816e46ebc3','\'Title: Empire 7: Shipping a C2 at AI Speed
\nTags: Beginner | AI | Demo Labs | DevOps | Malware | Offense/Red Team | Purple Team | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 10:00 - 10:45 PDT
\nWhere: LVCCW Level 1 Hall 3 902 (Demo Labs Track 6) - Map
\n
\nDescription:
\n

Empire 7 is a near-total overhaul of the Command and Control (C2) framework, from how agents communicate with the server to how operators move through engagements. This major release continues to expand Empire\'s supported agents to include PowerShell, Python, IronPython, Go, C#, and now C. New tradecraft includes more than 50 new modules derived from Atomic Red Team, patchless AMSI/ETW bypasses, EarlyBird process hollowing, BOF execution with ILRepack assembly merging, and RDP session hijacking, among others. Empire\'s new cryptographically secure communications leverage AES-256-GCM and mTLS, with MITRE ATT&CK integration to assist in emulating real-world Advanced Persistent Threat (APT) Tactics, Techniques, and Procedures (TTPs).

\n\n

One more thing we\'ll talk about, this release shipped at roughly 10x our prior pace, due to our team’s adoption of agentic coding tools as a core development collaborator. We\'ll share what worked, what didn\'t, and what LLM-assisted offensive tooling development looks like.

\n\nSpeakers:Vincent \"Vinnybod\" Rose,Jake \"Hubbl3\" Krasnov,Anthony \"Coin\" Rose
\n
\nSpeakerBio:  Vincent \"Vinnybod\" Rose
\n

Vincent \"Vinnybod\" Rose is the Lead Developer for Empire and Starkiller. He is a software engineer with a decade of expertise in building highly scalable cloud services, improving developer operations, and automation. Recently, his focus has been on the reliability and stability of the Empire C2 server. Vinnybod has presented at Black Hat and has taught courses at DEF CON on Red Teaming and Offensive PowerShell. He currently maintains a cybersecurity blog focused on offensive security at https://bcsecurity.io/blog/.

\n\nSpeakerBio:  Jake \"Hubbl3\" Krasnov
\n

Jake \"Hubble\" Krasnov is the Red Team Operations Lead at BC Security, with a distinguished career spanning engineering and cybersecurity. A U.S. Air Force veteran, Jake began his career as an Astronautical Engineer overseeing rocket modifications, leading test and evaluation efforts for the F-22, and conducting red team operations with the 57th Information Aggressors. He later served as a Technical Lead Engineer at Boeing Phantom Works, where he focused on embedded security for aviation and space defense projects. A seasoned speaker and trainer, Jake has presented at DEF CON, Black Hat, HackRedCon, HackSpaceCon, and HackMiami, and has previously taught Empire and offensive PowerShell at DEF CON.

\n\nSpeakerBio:  Anthony \"Coin\" Rose
\n

Dr. Anthony \"Coin\" Rose is an officer in the United States Air Force, an Assistant Professor, and the Director of the Center for Cyberspace Research at the Air Force Institute of Technology. He holds a doctorate in Electrical Engineering and has expertise in machine learning, with a focus on its application to cybersecurity and malware detection. He is also the founder of SIMAPTIC and the Director of Security Research at BC Security, where he specializes in adversary tactics and emulation planning, Red and Blue Team operations, and embedded systems security. Dr. Rose is credited with 16 CVEs and has presented at numerous security conferences, including Black Hat, DEF CON, HackSpaceCon, HackMiami, and RSA Conference.

\n\n\n\'',NULL,1067597),('3_Saturday','15','15:00','15:45','N','Demo Labs','LVCCW Level 1 Hall 3 900 (Demo Labs Track 4)','\'Ghost in the IDE\'','\'Venkata Jayaram Yalla,Pardhiv Reddy\'','Demo Labs_1abe3def95e372b23496562c71004054','\'Title: Ghost in the IDE
\nTags: Beginner | Demo Labs | AppSec | Offense/Red Team | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 15:00 - 15:45 PDT
\nWhere: LVCCW Level 1 Hall 3 900 (Demo Labs Track 4) - Map
\n
\nDescription:
\nHook: The Blind Spot
\nYour EDR sees the server compromise. Your SIEM catches the phishing campaign. Your firewall blocks the C2 traffic. But what happens when the attacker doesn\'t target your infrastructure—they target your developers?
\n\n

28 million developers worldwide rely on three IDE platforms: JetBrains IntelliJ, Microsoft VS Code, and Eclipse. These aren\'t just text editors—they\'re command-and-control platforms disguised as productivity tools. Developers trust them with AWS credentials, database passwords, SSH keys, source code, and network access to production systems. And here\'s the kicker: IDE plugins run with full user privileges, no sandboxing, no permission dialogs, no questions asked.

\n\n

We built GHOST IN THE IDE, a production-ready C2 framework that weaponizes IDE plugins across all three major platforms. Not a proof-of-concept. Not a research prototype. A functional red team tool with keystroke logging, clipboard monitoring, file exfiltration, and remote command execution—working silently inside IntelliJ, VS Code, and Eclipse on Windows, macOS, and Linux.

\n\n

The Attack: Multi-IDE C2 That Actually Works\nMost IDE plugin research stops at \"look, I can pop calc.exe from VS Code.\" We went further. Way further.

\n\nSpeakers:Venkata Jayaram Yalla,Pardhiv Reddy
\n
\nSpeakerBio:  Venkata Jayaram Yalla
\n

Yalla, Jayaram is Director – Application Security at S&P Global, leading enterprise-wide initiatives in secure application development, vulnerability management, and security architecture. He has transformed the Application Security function from a primarily tactical penetration-testing team into a strategic security engineering organization, emphasizing automation, governance, and advanced threat modeling.

\n\n

Jayaram combines deep hands-on experience in offensive security and research (including multiple CVEs) with ownership of large-scale AppSec programs across SAST, SCA, DAST, CI/CD security, and emerging AI security initiatives.

\n\nSpeakerBio:  Pardhiv Reddy
\n

Pardhiv is a security specialist with vast experience in the field of information security ranging from health care,hospitality, banking and government sectors throughout the world. He also earned many industry standard certifications in the security, some of them are SANS GPEN, OSCP, OSWP, CISSP, Security+, ISO 27001 LA and many others.

\n\n

Pardhiv\'s interest areas includes cloud security and IOT security and his research has been presented at EuropeanSec 2016 in Portugal. His expertise helped teams to build secure products and applications by providing security guidelines and best practices.

\n\n

Pardhiv has performed various iOT security assessments which includes both embedded hardware security, firmware analysis, mobile applications, network security including wireless communications and backend cloud server assessments.

\n\n

Pardhiv is also an active bug bounty hunter and helped many companies around the world by pointing their security vulnerabilities to make their application and products secure. He spares his free time to build prototypes and security research by learning new techniques and methodologies.

\n\n\n\'',NULL,1067598),('2_Friday','12','12:00','12:45','N','Demo Labs','LVCCW Level 1 Hall 3 900 (Demo Labs Track 4)','\'Ghost in the IDE\'','\'Venkata Jayaram Yalla,Pardhiv Reddy\'','Demo Labs_eaf256bae3e39ef49a936b241e6ee44d','\'Title: Ghost in the IDE
\nTags: Beginner | Demo Labs | AppSec | Offense/Red Team | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 12:00 - 12:45 PDT
\nWhere: LVCCW Level 1 Hall 3 900 (Demo Labs Track 4) - Map
\n
\nDescription:
\nHook: The Blind Spot
\nYour EDR sees the server compromise. Your SIEM catches the phishing campaign. Your firewall blocks the C2 traffic. But what happens when the attacker doesn\'t target your infrastructure—they target your developers?
\n\n

28 million developers worldwide rely on three IDE platforms: JetBrains IntelliJ, Microsoft VS Code, and Eclipse. These aren\'t just text editors—they\'re command-and-control platforms disguised as productivity tools. Developers trust them with AWS credentials, database passwords, SSH keys, source code, and network access to production systems. And here\'s the kicker: IDE plugins run with full user privileges, no sandboxing, no permission dialogs, no questions asked.

\n\n

We built GHOST IN THE IDE, a production-ready C2 framework that weaponizes IDE plugins across all three major platforms. Not a proof-of-concept. Not a research prototype. A functional red team tool with keystroke logging, clipboard monitoring, file exfiltration, and remote command execution—working silently inside IntelliJ, VS Code, and Eclipse on Windows, macOS, and Linux.

\n\n

The Attack: Multi-IDE C2 That Actually Works\nMost IDE plugin research stops at \"look, I can pop calc.exe from VS Code.\" We went further. Way further.

\n\nSpeakers:Venkata Jayaram Yalla,Pardhiv Reddy
\n
\nSpeakerBio:  Venkata Jayaram Yalla
\n

Yalla, Jayaram is Director – Application Security at S&P Global, leading enterprise-wide initiatives in secure application development, vulnerability management, and security architecture. He has transformed the Application Security function from a primarily tactical penetration-testing team into a strategic security engineering organization, emphasizing automation, governance, and advanced threat modeling.

\n\n

Jayaram combines deep hands-on experience in offensive security and research (including multiple CVEs) with ownership of large-scale AppSec programs across SAST, SCA, DAST, CI/CD security, and emerging AI security initiatives.

\n\nSpeakerBio:  Pardhiv Reddy
\n

Pardhiv is a security specialist with vast experience in the field of information security ranging from health care,hospitality, banking and government sectors throughout the world. He also earned many industry standard certifications in the security, some of them are SANS GPEN, OSCP, OSWP, CISSP, Security+, ISO 27001 LA and many others.

\n\n

Pardhiv\'s interest areas includes cloud security and IOT security and his research has been presented at EuropeanSec 2016 in Portugal. His expertise helped teams to build secure products and applications by providing security guidelines and best practices.

\n\n

Pardhiv has performed various iOT security assessments which includes both embedded hardware security, firmware analysis, mobile applications, network security including wireless communications and backend cloud server assessments.

\n\n

Pardhiv is also an active bug bounty hunter and helped many companies around the world by pointing their security vulnerabilities to make their application and products secure. He spares his free time to build prototypes and security research by learning new techniques and methodologies.

\n\n\n\'',NULL,1067599),('3_Saturday','11','11:00','11:45','N','Demo Labs','LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1)','\'GhostCatcher (endpoint detection agent)\'','\'Sercan Okur\'','Demo Labs_06cde76a2cd8a8d7ff851c813729147c','\'Title: GhostCatcher (endpoint detection agent)
\nTags: Demo Labs | Intermediate | Defense/Blue Team | Purple Team | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 11:00 - 11:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1) - Map
\n
\nDescription:
\n

GhostCatcher is an open-source Linux endpoint detection agent written in Go. It runs as a single binary or a systemd service and looks for host-visible adversary tradecraft on Linux: web shells, LD_PRELOAD abuse, SSH, cron, and systemd persistence, PAM/sudoers tampering, SUID and capability drift, reverse shells and unexpected network behavior, reflective / memory-map signals, and related patterns aligned with MITRE ATT&CK-style coverage.\nDetections are driven by a versioned, optionally signed rule pack, baselines and learning mode, multi-signal scoring, time-windowed correlation, CEL-style boolean expressions, optional Sigma-lite rules, optional YARA (disk and memory) and eBPF (with auditd/proc fallbacks), and JSONL output to stdout plus optional syslog, Splunk HEC, Elasticsearch _bulk, or Grafana Loki. The goal is to give blue teams a transparent, self-hosted way to turn Linux host telemetry into actionable events in the SIEM—without a vendor cloud control plane.

\n\nSpeakerBio:  Sercan Okur
\n

Sercan Okur is the Founder and CEO of NextRay AI Detection & Response, Inc., a San Jose–based cybersecurity company building AI-driven Network Detection and Response technology. A cybersecurity practitioner with more than fifteen years of experience across critical-infrastructure, defense, and enterprise environments,

\n\n\n\'',NULL,1067600),('2_Friday','15','15:00','15:45','N','Demo Labs','LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1)','\'GhostCatcher (endpoint detection agent)\'','\'Sercan Okur\'','Demo Labs_6b54f175d246dd854024e3409d954b8c','\'Title: GhostCatcher (endpoint detection agent)
\nTags: Demo Labs | Intermediate | Defense/Blue Team | Purple Team | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 15:00 - 15:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1) - Map
\n
\nDescription:
\n

GhostCatcher is an open-source Linux endpoint detection agent written in Go. It runs as a single binary or a systemd service and looks for host-visible adversary tradecraft on Linux: web shells, LD_PRELOAD abuse, SSH, cron, and systemd persistence, PAM/sudoers tampering, SUID and capability drift, reverse shells and unexpected network behavior, reflective / memory-map signals, and related patterns aligned with MITRE ATT&CK-style coverage.\nDetections are driven by a versioned, optionally signed rule pack, baselines and learning mode, multi-signal scoring, time-windowed correlation, CEL-style boolean expressions, optional Sigma-lite rules, optional YARA (disk and memory) and eBPF (with auditd/proc fallbacks), and JSONL output to stdout plus optional syslog, Splunk HEC, Elasticsearch _bulk, or Grafana Loki. The goal is to give blue teams a transparent, self-hosted way to turn Linux host telemetry into actionable events in the SIEM—without a vendor cloud control plane.

\n\nSpeakerBio:  Sercan Okur
\n

Sercan Okur is the Founder and CEO of NextRay AI Detection & Response, Inc., a San Jose–based cybersecurity company building AI-driven Network Detection and Response technology. A cybersecurity practitioner with more than fifteen years of experience across critical-infrastructure, defense, and enterprise environments,

\n\n\n\'',NULL,1067601),('2_Friday','12','12:00','12:45','N','Demo Labs','LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2)','\'GnawLab: Open-Source AWS Attack Scenarios Based on Real-World Breaches\'','\'ialleejy,Kyul\'','Demo Labs_fb3a76b6147cd6019d4e05900007279a','\'Title: GnawLab: Open-Source AWS Attack Scenarios Based on Real-World Breaches
\nTags: Beginner | AI | Demo Labs | Cloud | Offense/Red Team | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 12:00 - 12:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2) - Map
\n
\nDescription:
\n

GnawLab is a community-driven, open-source offensive cloud security training platform that recreates real-world AWS\n attack chains. Each scenario is modeled after documented breaches—Capital One\'s SSRF-to-IMDS pivot, Uber\'s leaked\n credential exploitation, SolarWinds-style CI/CD pipeline hijacking—deployed via Terraform in your own AWS account.\n Attendees will see live demonstrations of multi-hop attack chains: from SSRF and command injection entry points,\n through IMDS credential theft and Secrets Manager extraction, to full CI/CD pipeline compromise with Blue/Green\n deployment backdoors. GnawLab bridges the gap between theoretical cloud security knowledge and hands-on exploitation\n skills.

\n\nSpeakers:ialleejy,Kyul
\n
\nSpeakerBio:  ialleejy
\n

I am ialleejy, a Security Researcher at ENKI focusing on web security and cloud security. I have created WEB challenges for CODEGATE and HACKTHEON SEJONG CTF, and I am interested in designing CTF challenges that connect real-world service architectures with practical vulnerability research.

\n\n

Recently, I have been exploring Offensive Cloud Security, especially how traditional web vulnerabilities can lead to privilege escalation, credential exposure, and abuse of trust relationships in cloud environments. I am currently diving deeper into AWS Bedrock AI Agents, RAG-based knowledge poisoning, OIDC authentication flows, and IAM trust policies.

\n\n

Through this talk, I aim to show how a small vulnerability on the web can evolve into a broader cloud security issue, crossing trust boundaries between applications, identities, and cloud services.

\n\nSpeakerBio:  Kyul
\n

I am a college student relentlessly exploring cloud vulnerabilities. I possess an exceptionally high threshold for hunting, gathering, and deeply analyzing whatever piques my interest.

\n\n

My mindset is clear: effective defense demands an attacker\'s lens. Only by understanding actual infiltration paths and how they trigger critical risks can defenders accurately prioritize assets and build robust controls.

\n\n

Driven by this, I’ve operated at the intersection of Red and Blue. In incident response projects, I analyzed real-world TTPs to build attack scenarios while collaborating to engineer detection rules and automated responses. I’ve also researched and presented how AWS misconfigurations can be weaponized to cause cascading breaches.

\n\n

Currently, alongside the BeaverDam community, I am developing GnawLab for the DEF CON Demo Lab. GnawLab is an open-source, community-driven cloud security training platform. It provides high-fidelity sandbox environments reflecting real-world flaws, enabling players to execute realistic scenarios and vividly master cloud exploitation and analysis.

\n\n

At DEFCON, my goal isn\'t just to show what I\'ve built. I want to share this sandbox, break it alongside you, and absorb the brilliant, diverse approaches of world-class hackers. I am here to hack, learn, and grow together.

\n\n\n\'',NULL,1067602),('3_Saturday','16','16:00','16:45','N','Demo Labs','LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2)','\'GnawLab: Open-Source AWS Attack Scenarios Based on Real-World Breaches\'','\'ialleejy,Kyul\'','Demo Labs_17e29c94807e5a08746327baabf467d6','\'Title: GnawLab: Open-Source AWS Attack Scenarios Based on Real-World Breaches
\nTags: Beginner | AI | Demo Labs | Cloud | Offense/Red Team | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 16:00 - 16:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2) - Map
\n
\nDescription:
\n

GnawLab is a community-driven, open-source offensive cloud security training platform that recreates real-world AWS\n attack chains. Each scenario is modeled after documented breaches—Capital One\'s SSRF-to-IMDS pivot, Uber\'s leaked\n credential exploitation, SolarWinds-style CI/CD pipeline hijacking—deployed via Terraform in your own AWS account.\n Attendees will see live demonstrations of multi-hop attack chains: from SSRF and command injection entry points,\n through IMDS credential theft and Secrets Manager extraction, to full CI/CD pipeline compromise with Blue/Green\n deployment backdoors. GnawLab bridges the gap between theoretical cloud security knowledge and hands-on exploitation\n skills.

\n\nSpeakers:ialleejy,Kyul
\n
\nSpeakerBio:  ialleejy
\n

I am ialleejy, a Security Researcher at ENKI focusing on web security and cloud security. I have created WEB challenges for CODEGATE and HACKTHEON SEJONG CTF, and I am interested in designing CTF challenges that connect real-world service architectures with practical vulnerability research.

\n\n

Recently, I have been exploring Offensive Cloud Security, especially how traditional web vulnerabilities can lead to privilege escalation, credential exposure, and abuse of trust relationships in cloud environments. I am currently diving deeper into AWS Bedrock AI Agents, RAG-based knowledge poisoning, OIDC authentication flows, and IAM trust policies.

\n\n

Through this talk, I aim to show how a small vulnerability on the web can evolve into a broader cloud security issue, crossing trust boundaries between applications, identities, and cloud services.

\n\nSpeakerBio:  Kyul
\n

I am a college student relentlessly exploring cloud vulnerabilities. I possess an exceptionally high threshold for hunting, gathering, and deeply analyzing whatever piques my interest.

\n\n

My mindset is clear: effective defense demands an attacker\'s lens. Only by understanding actual infiltration paths and how they trigger critical risks can defenders accurately prioritize assets and build robust controls.

\n\n

Driven by this, I’ve operated at the intersection of Red and Blue. In incident response projects, I analyzed real-world TTPs to build attack scenarios while collaborating to engineer detection rules and automated responses. I’ve also researched and presented how AWS misconfigurations can be weaponized to cause cascading breaches.

\n\n

Currently, alongside the BeaverDam community, I am developing GnawLab for the DEF CON Demo Lab. GnawLab is an open-source, community-driven cloud security training platform. It provides high-fidelity sandbox environments reflecting real-world flaws, enabling players to execute realistic scenarios and vividly master cloud exploitation and analysis.

\n\n

At DEFCON, my goal isn\'t just to show what I\'ve built. I want to share this sandbox, break it alongside you, and absorb the brilliant, diverse approaches of world-class hackers. I am here to hack, learn, and grow together.

\n\n\n\'',NULL,1067603),('2_Friday','13','13:00','13:45','N','Demo Labs','LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3)','\'Goose Processing Unit (GPU): VRAM as an Unmonitored Attack Surface\'','\'Gannon \"Dorf\" Gebauer,Anthony \"Coin\" Rose,Hana Christensen\'','Demo Labs_fa04e26391e0cb6b48f9399d8e32a441','\'Title: Goose Processing Unit (GPU): VRAM as an Unmonitored Attack Surface
\nTags: Demo Labs | Intermediate | Defense/Blue Team | Hardware/IoT | Malware | Offense/Red Team | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 13:00 - 13:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3) - Map
\n
\nDescription:
\n

Modern GPUs have become foundational to computing infrastructure for gaming, machine learning, and AI workloads at scale, yet GPU memory remains a largely unmonitored attack surface. No mainstream antivirus or endpoint-detection solution currently inspects it, creating a significant blind spot that sophisticated adversaries can exploit. This Demo Lab presents a novel technique that uses NVIDIA RTX 5090 CUDA APIs to stage payload data, such as DLLs, directly in GPU memory, entirely outside the visibility of host-based security tools, including Windows Defender. A benign executable, with no malicious code of its own, uses CUDA\'s native memory transfer capabilities to move binary payload data onto the GPU immediately upon execution. No CUDA Toolkit installation is required on the target host. When triggered, the same executable retrieves the payload from GPU memory, manually maps it into process space, and executes it. A working proof of concept has been validated as an Empire C2 module, confirming practical operational viability. The technique is particularly impactful for high-uptime environments such as AI inference servers, rendering farms, and enterprise GPU clusters, where small executables interacting with the GPU blend naturally into background workloads.

\n\nSpeakers:Gannon \"Dorf\" Gebauer,Anthony \"Coin\" Rose,Hana Christensen
\n
\nSpeakerBio:  Gannon \"Dorf\" Gebauer
\n

Gannon \"Dorf\" Gebauer is a second lieutenant in the United States Air Force pursuing a master\'s in computer science at the Air Force Institute of Technology. He earned a Bachelor of Science in Computer Science from Arizona State University. His expertise spans red team operations, reverse engineering, and offensive tool development, and his current research focuses on novel persistence techniques that abuse GPU memory as an unmonitored attack surface.

\n\nSpeakerBio:  Anthony \"Coin\" Rose
\n

Dr. Anthony \"Coin\" Rose is an officer in the United States Air Force, an Assistant Professor, and the Director of the Center for Cyberspace Research at the Air Force Institute of Technology. He holds a doctorate in Electrical Engineering and has expertise in machine learning, with a focus on its application to cybersecurity and malware detection. He is also the founder of SIMAPTIC and the Director of Security Research at BC Security, where he specializes in adversary tactics and emulation planning, Red and Blue Team operations, and embedded systems security. Dr. Rose is credited with 16 CVEs and has presented at numerous security conferences, including Black Hat, DEF CON, HackSpaceCon, HackMiami, and RSA Conference.

\n\nSpeakerBio:  Hana Christensen
\n

Hana Christensen is a second lieutenant and developmental engineer (electrical) in the United States Air Force. She is currently pursuing a master\'s in electrical engineering, with a focus on signal processing and machine learning. Her research investigates security vulnerabilities in AI hardware, examining whether side-channel analysis can be used to extract information about machine learning algorithms. She holds a B.S. in Electrical and Computer Engineering from the United States Air Force Academy (class of 2025).

\n\n\n\'',NULL,1067604),('3_Saturday','10','10:00','10:45','N','Demo Labs','LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3)','\'Goose Processing Unit (GPU): VRAM as an Unmonitored Attack Surface\'','\'Gannon \"Dorf\" Gebauer,Anthony \"Coin\" Rose,Hana Christensen\'','Demo Labs_01004a7fd39249376c6eb6c46afa535d','\'Title: Goose Processing Unit (GPU): VRAM as an Unmonitored Attack Surface
\nTags: Demo Labs | Intermediate | Defense/Blue Team | Hardware/IoT | Malware | Offense/Red Team | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 10:00 - 10:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3) - Map
\n
\nDescription:
\n

Modern GPUs have become foundational to computing infrastructure for gaming, machine learning, and AI workloads at scale, yet GPU memory remains a largely unmonitored attack surface. No mainstream antivirus or endpoint-detection solution currently inspects it, creating a significant blind spot that sophisticated adversaries can exploit. This Demo Lab presents a novel technique that uses NVIDIA RTX 5090 CUDA APIs to stage payload data, such as DLLs, directly in GPU memory, entirely outside the visibility of host-based security tools, including Windows Defender. A benign executable, with no malicious code of its own, uses CUDA\'s native memory transfer capabilities to move binary payload data onto the GPU immediately upon execution. No CUDA Toolkit installation is required on the target host. When triggered, the same executable retrieves the payload from GPU memory, manually maps it into process space, and executes it. A working proof of concept has been validated as an Empire C2 module, confirming practical operational viability. The technique is particularly impactful for high-uptime environments such as AI inference servers, rendering farms, and enterprise GPU clusters, where small executables interacting with the GPU blend naturally into background workloads.

\n\nSpeakers:Gannon \"Dorf\" Gebauer,Anthony \"Coin\" Rose,Hana Christensen
\n
\nSpeakerBio:  Gannon \"Dorf\" Gebauer
\n

Gannon \"Dorf\" Gebauer is a second lieutenant in the United States Air Force pursuing a master\'s in computer science at the Air Force Institute of Technology. He earned a Bachelor of Science in Computer Science from Arizona State University. His expertise spans red team operations, reverse engineering, and offensive tool development, and his current research focuses on novel persistence techniques that abuse GPU memory as an unmonitored attack surface.

\n\nSpeakerBio:  Anthony \"Coin\" Rose
\n

Dr. Anthony \"Coin\" Rose is an officer in the United States Air Force, an Assistant Professor, and the Director of the Center for Cyberspace Research at the Air Force Institute of Technology. He holds a doctorate in Electrical Engineering and has expertise in machine learning, with a focus on its application to cybersecurity and malware detection. He is also the founder of SIMAPTIC and the Director of Security Research at BC Security, where he specializes in adversary tactics and emulation planning, Red and Blue Team operations, and embedded systems security. Dr. Rose is credited with 16 CVEs and has presented at numerous security conferences, including Black Hat, DEF CON, HackSpaceCon, HackMiami, and RSA Conference.

\n\nSpeakerBio:  Hana Christensen
\n

Hana Christensen is a second lieutenant and developmental engineer (electrical) in the United States Air Force. She is currently pursuing a master\'s in electrical engineering, with a focus on signal processing and machine learning. Her research investigates security vulnerabilities in AI hardware, examining whether side-channel analysis can be used to extract information about machine learning algorithms. She holds a B.S. in Electrical and Computer Engineering from the United States Air Force Academy (class of 2025).

\n\n\n\'',NULL,1067605),('3_Saturday','13','13:00','13:45','N','Demo Labs','LVCCW Level 1 Hall 3 900 (Demo Labs Track 4)','\'Hook Crook - Extracting More From Discord Webhooks\'','\'Jeremy Banker,Arity0\'','Demo Labs_6cd8b8a27aadecbee40b38a85536d866','\'Title: Hook Crook - Extracting More From Discord Webhooks
\nTags: Beginner | Demo Labs | AppSec | Offense/Red Team | Threat Intel/Hunting | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 13:00 - 13:45 PDT
\nWhere: LVCCW Level 1 Hall 3 900 (Demo Labs Track 4) - Map
\n
\nDescription:
\n

A webhook URL is often thought to be write-only — post a message, nothing more. So when one leaks through a misconfigured repo, a paste site, or breached infrastructure, it\'s written off as a spam-or-phishing nuisance and left to rot. Hook Crook shows that assumption is the vulnerability — and that \"write-only\" was never really the case.

\n\n

By abusing how Discord resolves references, what it returns when you query users and messages, and how its error and rate-limit responses differ, the write-only token quietly becomes a read primitive — leaking by design, not by bug. With nothing but the URL — no account, no additional authentication, no interaction from anyone on the target server — Hook Crook fingerprints the host guild, enumerates and confirms members, pulls profile data on known users (including their home-server tag), and in some cases recovers message content. The same behaviors let it bypass the server\'s posting restrictions, stage convincing impersonation and phishing, quietly edit or delete messages to scrub the evidence, and — on the way out — delete the webhook itself. None of it breaks Discord — it just reads Discord more carefully than its designers intended.

\n\nSpeakers:Jeremy Banker,Arity0
\n
\nSpeakerBio:  Jeremy Banker
\n

Jeremy Banker is a Senior Security Software Engineer at Horizon3.ai, where he focuses on the reliability and resiliency of Horizon3\'s automated penetration testing platform. Previously, he spent nearly a decade at VMware, where he co-founded the Security Product Engineering group and led efforts to secure VMware\'s software supply chain. His open-source security tooling has been featured at Black Hat Arsenal and DEF CON Demo Labs, including Build Inspector for CI/CD pipeline anomaly detection and Tommyknocker for automated security control validation. Jeremy holds a Master\'s degree in Information Security.

\n\nSpeakerBio:  Arity0
\n

Arity0 is an independent security researcher specializing in the Discord platform. A self-taught hacker, he focuses on uncovering undocumented behaviors, edge cases, and design-level privacy implications in Discord\'s API and rendering pipeline. His long-running exploration of Discord\'s rendering quirks led to the discovery of the webhook rendering oracles that form the foundation of the Hook Crook identity disclosure technique.

\n\n\n\'',NULL,1067606),('3_Saturday','14','14:00','14:45','N','Demo Labs','LVCCW Level 1 Hall 3 900 (Demo Labs Track 4)','\'Hook Crook - Extracting More From Discord Webhooks\'','\'Jeremy Banker,Arity0\'','Demo Labs_c1c1252ff218f1e0e34ca956010fcca6','\'Title: Hook Crook - Extracting More From Discord Webhooks
\nTags: Beginner | Demo Labs | AppSec | Offense/Red Team | Threat Intel/Hunting | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 14:00 - 14:45 PDT
\nWhere: LVCCW Level 1 Hall 3 900 (Demo Labs Track 4) - Map
\n
\nDescription:
\n

A webhook URL is often thought to be write-only — post a message, nothing more. So when one leaks through a misconfigured repo, a paste site, or breached infrastructure, it\'s written off as a spam-or-phishing nuisance and left to rot. Hook Crook shows that assumption is the vulnerability — and that \"write-only\" was never really the case.

\n\n

By abusing how Discord resolves references, what it returns when you query users and messages, and how its error and rate-limit responses differ, the write-only token quietly becomes a read primitive — leaking by design, not by bug. With nothing but the URL — no account, no additional authentication, no interaction from anyone on the target server — Hook Crook fingerprints the host guild, enumerates and confirms members, pulls profile data on known users (including their home-server tag), and in some cases recovers message content. The same behaviors let it bypass the server\'s posting restrictions, stage convincing impersonation and phishing, quietly edit or delete messages to scrub the evidence, and — on the way out — delete the webhook itself. None of it breaks Discord — it just reads Discord more carefully than its designers intended.

\n\nSpeakers:Jeremy Banker,Arity0
\n
\nSpeakerBio:  Jeremy Banker
\n

Jeremy Banker is a Senior Security Software Engineer at Horizon3.ai, where he focuses on the reliability and resiliency of Horizon3\'s automated penetration testing platform. Previously, he spent nearly a decade at VMware, where he co-founded the Security Product Engineering group and led efforts to secure VMware\'s software supply chain. His open-source security tooling has been featured at Black Hat Arsenal and DEF CON Demo Labs, including Build Inspector for CI/CD pipeline anomaly detection and Tommyknocker for automated security control validation. Jeremy holds a Master\'s degree in Information Security.

\n\nSpeakerBio:  Arity0
\n

Arity0 is an independent security researcher specializing in the Discord platform. A self-taught hacker, he focuses on uncovering undocumented behaviors, edge cases, and design-level privacy implications in Discord\'s API and rendering pipeline. His long-running exploration of Discord\'s rendering quirks led to the discovery of the webhook rendering oracles that form the foundation of the Hook Crook identity disclosure technique.

\n\n\n\'',NULL,1067607),('3_Saturday','14','14:00','14:45','N','Demo Labs','LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2)','\'Intercept.js: Runtime-Aware Detection for JavaScript Environments\'','\'Rishi Kant\'','Demo Labs_18a71eb428166696211d7a74a9836836','\'Title: Intercept.js: Runtime-Aware Detection for JavaScript Environments
\nTags: Demo Labs | Intermediate | Defense/Blue Team | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 14:00 - 14:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2) - Map
\n
\nDescription:
\n

Modern attacks increasingly execute inside JavaScript runtimes (browsers, email clients, and embedded app environments) where traditional file-scanning and OS-level controls lack visibility into application-layer behavior. In these contexts, payloads often exist only as in-memory buffers, fetch responses, or dynamically constructed objects. Detection therefore depends not just on inspecting bytes, but on understanding their origin, transformation, and use at runtime.

\n\n

We present Intercept.js, an open-source detection engine that runs natively within JavaScript environments, combining byte-level inspection with execution context in real time. Built for YARA compatibility, it extends rule evaluation beyond static artifacts by incorporating signals such as origin provenance, user gesture state, MIME inconsistencies, and object construction paths.

\n\n

This unified model enables detection of threats as they are assembled and executed — including identifying executable buffers built in memory, anomalous data flows, or content whose structure diverges from its declared type.

\n\n

As a concrete demonstration, we show how HTML smuggling attacks can be intercepted at the moment of payload construction, preventing delivery before artifacts ever reach disk and exposing a class of threats that evade both network and endpoint controls.

\n\nSpeakerBio:  Rishi Kant
\n

A builder at heart, Rishi has spent his career turning deep technical ideas into real-world impact. He holds a PhD in Electrical Engineering from Stanford, and earned his B.S. in EECS from UC Berkeley. After 4.5 years of advising global high-tech firms at McKinsey & Company, he followed his passion for building and moved into product management. Rishi led product teams at several cybersecurity companies—including Tanium, Authentic8, and Uptycs. Now, as founder of Sekant Security, he’s embedding runtime intelligence directly into web browsers to protect users from phishing, ClickFix, unsafe downloads, shadow AI and other emerging online threats.

\n\n\n\'',NULL,1067608),('2_Friday','15','15:00','15:45','N','Demo Labs','LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2)','\'Intercept.js: Runtime-Aware Detection for JavaScript Environments\'','\'Rishi Kant\'','Demo Labs_8737a195555cd14bd4775dcb51cbebe4','\'Title: Intercept.js: Runtime-Aware Detection for JavaScript Environments
\nTags: Demo Labs | Intermediate | Defense/Blue Team | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 15:00 - 15:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2) - Map
\n
\nDescription:
\n

Modern attacks increasingly execute inside JavaScript runtimes (browsers, email clients, and embedded app environments) where traditional file-scanning and OS-level controls lack visibility into application-layer behavior. In these contexts, payloads often exist only as in-memory buffers, fetch responses, or dynamically constructed objects. Detection therefore depends not just on inspecting bytes, but on understanding their origin, transformation, and use at runtime.

\n\n

We present Intercept.js, an open-source detection engine that runs natively within JavaScript environments, combining byte-level inspection with execution context in real time. Built for YARA compatibility, it extends rule evaluation beyond static artifacts by incorporating signals such as origin provenance, user gesture state, MIME inconsistencies, and object construction paths.

\n\n

This unified model enables detection of threats as they are assembled and executed — including identifying executable buffers built in memory, anomalous data flows, or content whose structure diverges from its declared type.

\n\n

As a concrete demonstration, we show how HTML smuggling attacks can be intercepted at the moment of payload construction, preventing delivery before artifacts ever reach disk and exposing a class of threats that evade both network and endpoint controls.

\n\nSpeakerBio:  Rishi Kant
\n

A builder at heart, Rishi has spent his career turning deep technical ideas into real-world impact. He holds a PhD in Electrical Engineering from Stanford, and earned his B.S. in EECS from UC Berkeley. After 4.5 years of advising global high-tech firms at McKinsey & Company, he followed his passion for building and moved into product management. Rishi led product teams at several cybersecurity companies—including Tanium, Authentic8, and Uptycs. Now, as founder of Sekant Security, he’s embedding runtime intelligence directly into web browsers to protect users from phishing, ClickFix, unsafe downloads, shadow AI and other emerging online threats.

\n\n\n\'',NULL,1067609),('2_Friday','16','16:00','16:45','N','Demo Labs','LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3)','\'Keychecker : SSH Key based attack tool for DVCS Systems\'','\'Anant Shrivastava\'','Demo Labs_40361ce82b4435cc764487f80c19097b','\'Title: Keychecker : SSH Key based attack tool for DVCS Systems
\nTags: Beginner | Demo Labs | Defense/Blue Team | DevOps | Offense/Red Team | SecOps | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 16:00 - 16:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3) - Map
\n
\nDescription:
\n

KeyChecker is a CLI tool to fingerprint SSH private keys and identify which Git hosting accounts they unlock. In incident response and red team work, finding a private key is common, but scoping impact is slow and manual. KeyChecker automates the two primitives defenders and attackers both use: safe SSH handshakes that can reveal the mapped username, and read only git ls-remote probes that confirm whether a key can access a target repo.

\n\n

The tool performs local key intelligence first, supporting OpenSSH, PEM, and DER formats, detecting key type (ed25519, rsa, ecdsa, dsa), key size, passphrase protection, fingerprints (SHA256 and MD5), and useful metadata from key comments. It then validates the key across multiple providers including GitHub, GitLab, Bitbucket, Codeberg, Gitea, and Hugging Face, extracting usernames where possible, and optionally using a GitHub token for organization discovery.

\n\n

KeyChecker also supports repository discovery with a wordlist and configurable concurrency, giving a clear blast radius report like “this key unlocks these private repositories.” It is designed for authorized assessments, runs locally, and avoids write operations.

\n\nSpeakerBio:  Anant Shrivastava
\n

Anant Shrivastava is the founder of Cyfinoid Research and a long time offensive security practitioner with a focus on application, cloud, and supply chain security. He has delivered trainings and talks at Black Hat (USA, Europe, Asia), Nullcon, c0c0n, BSides, Rootconf and multiple other events, and runs projects such as Hacking Archives of India to highlight real work from the security community. His courses are built from real consulting and red team experience, with an emphasis on attack chains that actually show up in the field and defenses that teams can implement the next day.

\n\n\n\'',NULL,1067610),('3_Saturday','13','13:00','13:45','N','Demo Labs','LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3)','\'Keychecker : SSH Key based attack tool for DVCS Systems\'','\'Anant Shrivastava\'','Demo Labs_b8304ab42f479ab93a9237584ddce5ce','\'Title: Keychecker : SSH Key based attack tool for DVCS Systems
\nTags: Beginner | Demo Labs | Defense/Blue Team | DevOps | Offense/Red Team | SecOps | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 13:00 - 13:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3) - Map
\n
\nDescription:
\n

KeyChecker is a CLI tool to fingerprint SSH private keys and identify which Git hosting accounts they unlock. In incident response and red team work, finding a private key is common, but scoping impact is slow and manual. KeyChecker automates the two primitives defenders and attackers both use: safe SSH handshakes that can reveal the mapped username, and read only git ls-remote probes that confirm whether a key can access a target repo.

\n\n

The tool performs local key intelligence first, supporting OpenSSH, PEM, and DER formats, detecting key type (ed25519, rsa, ecdsa, dsa), key size, passphrase protection, fingerprints (SHA256 and MD5), and useful metadata from key comments. It then validates the key across multiple providers including GitHub, GitLab, Bitbucket, Codeberg, Gitea, and Hugging Face, extracting usernames where possible, and optionally using a GitHub token for organization discovery.

\n\n

KeyChecker also supports repository discovery with a wordlist and configurable concurrency, giving a clear blast radius report like “this key unlocks these private repositories.” It is designed for authorized assessments, runs locally, and avoids write operations.

\n\nSpeakerBio:  Anant Shrivastava
\n

Anant Shrivastava is the founder of Cyfinoid Research and a long time offensive security practitioner with a focus on application, cloud, and supply chain security. He has delivered trainings and talks at Black Hat (USA, Europe, Asia), Nullcon, c0c0n, BSides, Rootconf and multiple other events, and runs projects such as Hacking Archives of India to highlight real work from the security community. His courses are built from real consulting and red team experience, with an emphasis on attack chains that actually show up in the field and defenses that teams can implement the next day.

\n\n\n\'',NULL,1067611),('2_Friday','14','14:00','14:45','N','Demo Labs','LVCCW Level 1 Hall 3 901 (Demo Labs Track 5)','\'L.A.Y.E.R.S - Layered Analysis Engine for Browser Extension Risk and Security\'','\'Abhinav Khanna,Krishna Chaganti\'','Demo Labs_410ee729def850a10d45ee7cdeef84d0','\'Title: L.A.Y.E.R.S - Layered Analysis Engine for Browser Extension Risk and Security
\nTags: Demo Labs | Intermediate | AppSec | Offense/Red Team | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 14:00 - 14:45 PDT
\nWhere: LVCCW Level 1 Hall 3 901 (Demo Labs Track 5) - Map
\n
\nDescription:
\n

Browser Extensions is one of the overlooked attack surface in the modern era. Most browser extension have permissions to allow direct access to cookies, browsing history, network requests and a poorly written extension can help attackers with stuff like silently steal credentials, log keystrokes, fingerprint users etc.

\n\n

L.A.Y.E.R.S. (Logical Analyst for Your Extension Risk Surface) is a fully client-side chrome browser extension security engine that performs multi-layered security analysis on extensions. The tool performs analysis on various levels like JS analysis, permissions analysis, manifest analysis, secret scanning, URL extractions etc. simultaneously to uncover potential risks. The tool comes with its own scoring system guiding the team if the extension is safe to use or not.

\n\n

L.A.Y.E.R.S. is designed for security researchers auditing in-house extensions, third-party extensions, red teams assessing browser attack surfaces, enterprises enforcing extension policies, and developers seeking to harden their own extensions before publication.

\n\n

What sets L.A.Y.E.R.S. apart begins with its privacy-first architecture - the entire analysis runs in-browser via the File System API and JSZip, with very little setup required. On the detection side, it incorporates Shannon entropy analysis. To keep results actionable rat

\n\nSpeakers:Abhinav Khanna,Krishna Chaganti
\n
\nSpeakerBio:  Abhinav Khanna
\n

Abhinav is an Information Security Professional with 7+ years of experience and currently works at S&P Global. His area of expertise include Web App Security, API Security, Mobile App Security, Secure Architecture. He has spoken at conferences like BlackHat USA, DefCon 33, BlackHat Europe, BlackHat Asia etc.

\n\nSpeakerBio:  Krishna Chaganti
\n

Krishna Chaganti works as Associate Director Application Security at S&P Global, based in the USA, with over a decade of experience in Information Security. As a Certified Information Security Manager (CISM), he leads a team of more than 10 pentesters and specializes in Application Security along with Security Architecture.

\n\n\n\'',NULL,1067612),('3_Saturday','13','13:00','13:45','N','Demo Labs','LVCCW Level 1 Hall 3 901 (Demo Labs Track 5)','\'L.A.Y.E.R.S - Layered Analysis Engine for Browser Extension Risk and Security\'','\'Abhinav Khanna,Krishna Chaganti\'','Demo Labs_f4eb309f3f977a661a79b282edeb648a','\'Title: L.A.Y.E.R.S - Layered Analysis Engine for Browser Extension Risk and Security
\nTags: Demo Labs | Intermediate | AppSec | Offense/Red Team | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 13:00 - 13:45 PDT
\nWhere: LVCCW Level 1 Hall 3 901 (Demo Labs Track 5) - Map
\n
\nDescription:
\n

Browser Extensions is one of the overlooked attack surface in the modern era. Most browser extension have permissions to allow direct access to cookies, browsing history, network requests and a poorly written extension can help attackers with stuff like silently steal credentials, log keystrokes, fingerprint users etc.

\n\n

L.A.Y.E.R.S. (Logical Analyst for Your Extension Risk Surface) is a fully client-side chrome browser extension security engine that performs multi-layered security analysis on extensions. The tool performs analysis on various levels like JS analysis, permissions analysis, manifest analysis, secret scanning, URL extractions etc. simultaneously to uncover potential risks. The tool comes with its own scoring system guiding the team if the extension is safe to use or not.

\n\n

L.A.Y.E.R.S. is designed for security researchers auditing in-house extensions, third-party extensions, red teams assessing browser attack surfaces, enterprises enforcing extension policies, and developers seeking to harden their own extensions before publication.

\n\n

What sets L.A.Y.E.R.S. apart begins with its privacy-first architecture - the entire analysis runs in-browser via the File System API and JSZip, with very little setup required. On the detection side, it incorporates Shannon entropy analysis. To keep results actionable rat

\n\nSpeakers:Abhinav Khanna,Krishna Chaganti
\n
\nSpeakerBio:  Abhinav Khanna
\n

Abhinav is an Information Security Professional with 7+ years of experience and currently works at S&P Global. His area of expertise include Web App Security, API Security, Mobile App Security, Secure Architecture. He has spoken at conferences like BlackHat USA, DefCon 33, BlackHat Europe, BlackHat Asia etc.

\n\nSpeakerBio:  Krishna Chaganti
\n

Krishna Chaganti works as Associate Director Application Security at S&P Global, based in the USA, with over a decade of experience in Information Security. As a Certified Information Security Manager (CISM), he leads a team of more than 10 pentesters and specializes in Application Security along with Security Architecture.

\n\n\n\'',NULL,1067613),('3_Saturday','15','15:00','15:45','N','Demo Labs','LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1)','\'LoKi: A LoRa/Meshtastic based implant for Red Teaming\'','\'Venky Raju\'','Demo Labs_75f90d9c300b5ae162aeb3a0d1a518c5','\'Title: LoKi: A LoRa/Meshtastic based implant for Red Teaming
\nTags: Beginner | Demo Labs | Hardware/IoT | Offense/Red Team | Wireless/RF | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 15:00 - 15:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1) - Map
\n
\nDescription:
\n

LoKi is a covert USB HID implant for Red Teaming that builds on the work of tools like the O.MG cable by replacing Wi-Fi with LoRa, extending the operational range of physical layer attacks from meters to kilometers. The implant integrates a Heltec LoRa module with custom Meshtastic firmware into an off-the-shelf wired USB mouse, retaining full mouse functionality. When LoKi receives a direct Meshtastic message, it translates the payload into DuckyScript™-compatible USB HID keystrokes and executes them on the host machine. No Wi-Fi, no Bluetooth, and no network traffic — the mouse simply begins typing. LoKi requires no line of sight and produces no detectable wireless LAN or Bluetooth signatures, making it effectively invisible to standard wireless monitoring. The live demo will walk through a payload from a handheld Meshtastic device to acquire a remote admin shell and bypass UAC on a target machine. Bring your own Meshtastic device and you can send commands to the implant during the demo. The presentation covers the hardware build, the customized open-source Meshtastic firmware, reliability considerations for keystroke delivery over a mesh network, and actionable blue team detection strategies, including monitoring for rogue HID device enumeration and LoRa RF activity.

\n\nSpeakerBio:  Venky Raju
\n

Venky Raju is a lifelong maker and hacker who firmly believes that if you haven\'t voided the warranty, you don\'t truly own it. While he holds a Master’s in Comp. Sci. and an EE degree, his most prized \"certifications\" were earned at the business end of a soldering iron, a 3D printer, and an array of metal and wood-working tools.

\n\n

By day, he navigates the complex worlds of Zero Trust, IoT, and OT security. To keep the corporate world happy, he maintains his CISSP and CCSP credentials—validating that he knows the academic rules well enough to know exactly how to safely bend them. His professional expertise isn\'t just theoretical. By night, he’s a renewable energy vigilante who built an off-grid solar shed and a custom PowerWall clone, mostly because he refuses to sell his electrons back to the grid for pennies. An early contributor to the LIRC and LCDproc projects, Venky’s code has been riding along in Linux distros for years.  He loves C, Python and PLC Ladder Logic.

\n\n

Beyond the lab, Venky is dedicated to \"pay-it-forward\" hacking. Whether he’s teaching the next generation how to solder at Maker Faire or volunteering with the Pacific Hackers Association, he is committed to building the community as much as the tech. He is happiest when he’s elbow-deep in a project that requires both a compiler and a multimeter.

\n\n\n\'',NULL,1067614),('2_Friday','12','12:00','12:45','N','Demo Labs','LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1)','\'LoKi: A LoRa/Meshtastic based implant for Red Teaming\'','\'Venky Raju\'','Demo Labs_f362cc5c6bd794157a6f73c8da1fb0b0','\'Title: LoKi: A LoRa/Meshtastic based implant for Red Teaming
\nTags: Beginner | Demo Labs | Hardware/IoT | Offense/Red Team | Wireless/RF | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 12:00 - 12:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1) - Map
\n
\nDescription:
\n

LoKi is a covert USB HID implant for Red Teaming that builds on the work of tools like the O.MG cable by replacing Wi-Fi with LoRa, extending the operational range of physical layer attacks from meters to kilometers. The implant integrates a Heltec LoRa module with custom Meshtastic firmware into an off-the-shelf wired USB mouse, retaining full mouse functionality. When LoKi receives a direct Meshtastic message, it translates the payload into DuckyScript™-compatible USB HID keystrokes and executes them on the host machine. No Wi-Fi, no Bluetooth, and no network traffic — the mouse simply begins typing. LoKi requires no line of sight and produces no detectable wireless LAN or Bluetooth signatures, making it effectively invisible to standard wireless monitoring. The live demo will walk through a payload from a handheld Meshtastic device to acquire a remote admin shell and bypass UAC on a target machine. Bring your own Meshtastic device and you can send commands to the implant during the demo. The presentation covers the hardware build, the customized open-source Meshtastic firmware, reliability considerations for keystroke delivery over a mesh network, and actionable blue team detection strategies, including monitoring for rogue HID device enumeration and LoRa RF activity.

\n\nSpeakerBio:  Venky Raju
\n

Venky Raju is a lifelong maker and hacker who firmly believes that if you haven\'t voided the warranty, you don\'t truly own it. While he holds a Master’s in Comp. Sci. and an EE degree, his most prized \"certifications\" were earned at the business end of a soldering iron, a 3D printer, and an array of metal and wood-working tools.

\n\n

By day, he navigates the complex worlds of Zero Trust, IoT, and OT security. To keep the corporate world happy, he maintains his CISSP and CCSP credentials—validating that he knows the academic rules well enough to know exactly how to safely bend them. His professional expertise isn\'t just theoretical. By night, he’s a renewable energy vigilante who built an off-grid solar shed and a custom PowerWall clone, mostly because he refuses to sell his electrons back to the grid for pennies. An early contributor to the LIRC and LCDproc projects, Venky’s code has been riding along in Linux distros for years.  He loves C, Python and PLC Ladder Logic.

\n\n

Beyond the lab, Venky is dedicated to \"pay-it-forward\" hacking. Whether he’s teaching the next generation how to solder at Maker Faire or volunteering with the Pacific Hackers Association, he is committed to building the community as much as the tech. He is happiest when he’s elbow-deep in a project that requires both a compiler and a multimeter.

\n\n\n\'',NULL,1067615),('3_Saturday','12','12:00','12:45','N','Demo Labs','LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2)','\'MSCodePhish: Redeem Your Coupon. Surrender Your Session\'','\'Raunak \"Trouble1\" Parmar,Chirag \"3xpl01tc0d3r\" Savla\'','Demo Labs_6aff253acd04478ec86a95b3bde62c52','\'Title: MSCodePhish: Redeem Your Coupon. Surrender Your Session
\nTags: Beginner | Demo Labs | Cloud | Offense/Red Team | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 12:00 - 12:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2) - Map
\n
\nDescription:
\n

MSCodePhish is a red‑team toolkit that turns Microsoft’s Device Code OAuth flow into an embeddable phishing primitive that works inside any lure (e.g., “grab your coupon,” “unlock access,” etc.). Instead of pre‑generating device codes and racing against the usual 15‑minute timeout, MSCodePhish exposes a simple API endpoint that phishing pages can call via JavaScript (XHR/fetch) at the exact moment a victim opens the page. The tool then generates a fresh device code on demand, returns it to the phishing page (e.g., rendered as a “coupon code”), and instructs the user to complete the login on the legitimate Microsoft device login portal using that code.

\n\n

Behind the scenes, MSCodePhish continuously polls Microsoft’s token endpoint for that device code and, once the victim finishes authentication, captures the resulting refresh token and related claims (tenant, user, etc.). From its web UI, operators can track active campaigns, monitor which lures are converting, and use captured refresh tokens to request new access tokens for different resources (ARM, Key Vault, Graph, Storage, or custom scopes) in real time. Because the code is generated only when the phishing HTML is actually loaded, MSCodePhish effectively sidesteps device‑code expiration issues and enables more realistic, flexible phishing flows that closely mimic

\n\nSpeakers:Raunak \"Trouble1\" Parmar,Chirag \"3xpl01tc0d3r\" Savla
\n
\nSpeakerBio:  Raunak \"Trouble1\" Parmar
\n

Raunak Parmar works as a senior cloud security engineer at White Knight Labs with 6+ years of experience. His areas of interest include web penetration testing, Azure/AWS security, source code review, scripting, and development. He enjoys researching new attack methodologies and creating open-source tools that can be used during cloud red team activities. He has worked extensively on Azure and AWS and is the author of Vajra, AzDevRecon and MsCodePhish. He has spoken at multiple respected security conferences like Black Hat, Defcon, Nullcon, RootCon, HackspaceCon, NorthSec, LeHack , etc and also at local meetups.

\n\nSpeakerBio:  Chirag \"3xpl01tc0d3r\" Savla
\n

Chirag Savla is a Cyber Security professional with 10+ years of experience. His areas of interest include penetration testing, red teaming, azure and active directory security, and post-exploitation research. He prefers to create open-source tools and explore new attack methodologies in his leisure. He has worked extensively on Azure, Active Directory attacks, defense, and bypassing detection mechanisms. He is an author of multiple Open Source tools such as Process Injection, Callidus, etc. He has presented at multiple conferences and local meetups and has trained people in international conferences like Blackhat, BSides Milano, Wild West Hackin’ Fest.

\n\n\n\'',NULL,1067616),('2_Friday','13','13:00','13:45','N','Demo Labs','LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2)','\'MSCodePhish: Redeem Your Coupon. Surrender Your Session\'','\'Raunak \"Trouble1\" Parmar,Chirag \"3xpl01tc0d3r\" Savla\'','Demo Labs_41fc477c8df31210961e48070557997d','\'Title: MSCodePhish: Redeem Your Coupon. Surrender Your Session
\nTags: Beginner | Demo Labs | Cloud | Offense/Red Team | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 13:00 - 13:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2) - Map
\n
\nDescription:
\n

MSCodePhish is a red‑team toolkit that turns Microsoft’s Device Code OAuth flow into an embeddable phishing primitive that works inside any lure (e.g., “grab your coupon,” “unlock access,” etc.). Instead of pre‑generating device codes and racing against the usual 15‑minute timeout, MSCodePhish exposes a simple API endpoint that phishing pages can call via JavaScript (XHR/fetch) at the exact moment a victim opens the page. The tool then generates a fresh device code on demand, returns it to the phishing page (e.g., rendered as a “coupon code”), and instructs the user to complete the login on the legitimate Microsoft device login portal using that code.

\n\n

Behind the scenes, MSCodePhish continuously polls Microsoft’s token endpoint for that device code and, once the victim finishes authentication, captures the resulting refresh token and related claims (tenant, user, etc.). From its web UI, operators can track active campaigns, monitor which lures are converting, and use captured refresh tokens to request new access tokens for different resources (ARM, Key Vault, Graph, Storage, or custom scopes) in real time. Because the code is generated only when the phishing HTML is actually loaded, MSCodePhish effectively sidesteps device‑code expiration issues and enables more realistic, flexible phishing flows that closely mimic

\n\nSpeakers:Raunak \"Trouble1\" Parmar,Chirag \"3xpl01tc0d3r\" Savla
\n
\nSpeakerBio:  Raunak \"Trouble1\" Parmar
\n

Raunak Parmar works as a senior cloud security engineer at White Knight Labs with 6+ years of experience. His areas of interest include web penetration testing, Azure/AWS security, source code review, scripting, and development. He enjoys researching new attack methodologies and creating open-source tools that can be used during cloud red team activities. He has worked extensively on Azure and AWS and is the author of Vajra, AzDevRecon and MsCodePhish. He has spoken at multiple respected security conferences like Black Hat, Defcon, Nullcon, RootCon, HackspaceCon, NorthSec, LeHack , etc and also at local meetups.

\n\nSpeakerBio:  Chirag \"3xpl01tc0d3r\" Savla
\n

Chirag Savla is a Cyber Security professional with 10+ years of experience. His areas of interest include penetration testing, red teaming, azure and active directory security, and post-exploitation research. He prefers to create open-source tools and explore new attack methodologies in his leisure. He has worked extensively on Azure, Active Directory attacks, defense, and bypassing detection mechanisms. He is an author of multiple Open Source tools such as Process Injection, Callidus, etc. He has presented at multiple conferences and local meetups and has trained people in international conferences like Blackhat, BSides Milano, Wild West Hackin’ Fest.

\n\n\n\'',NULL,1067617),('3_Saturday','14','14:00','14:45','N','Demo Labs','LVCCW Level 1 Hall 3 902 (Demo Labs Track 6)','\'MailX-Ray: A TSA X-Ray for Emails — Air-Gapped Safe-Read and Quick Triage in an Ephemeral MicroVM\'','\'Uğur \"uJohn\" Can ATASOY\'','Demo Labs_c69be90de0b5c628f1de2bc76c559951','\'Title: MailX-Ray: A TSA X-Ray for Emails — Air-Gapped Safe-Read and Quick Triage in an Ephemeral MicroVM
\nTags: Demo Labs | Intermediate | Defense/Blue Team | Malware | Purple Team | SecOps | Threat Intel/Hunting | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 14:00 - 14:45 PDT
\nWhere: LVCCW Level 1 Hall 3 902 (Demo Labs Track 6) - Map
\n
\nDescription:
\n

When TSA scans your luggage, they see what\'s inside without opening the bag. MailX-Ray brings that pattern to email triage.

\n\n

Phishing reports hit analysts as small crises: open carefully, don\'t trigger anything, extract IOCs, hand off to detection. Tooling lives at two extremes: cloud sandboxes that ship customer data offsite, or lightweight CLIs that run malicious parsers directly on the analyst\'s host. Neither produces a portable safe artifact, on-prem and hardware-isolated, in roughly 30 seconds.

\n\n

MailX-Ray does. Every email is processed inside an ephemeral hardware-virtualized microVM with no network device. Network egress is prevented by design. Output includes a single-file portable HTML safe-read report, structured JSON with 45+ offline signal categories, and optional STIX and MISP exports for SOC integration. Original attachment binaries are never re-distributed.

\n\n

It\'s not a malware sandbox. No decompilation, no execution, no verdicts. It\'s a non-invasive structural scan: the first 30 seconds of email triage, with zero network egress, on the analyst\'s own laptop.

\n\n

Demo Labs attendees will see the live pipeline across real phishing scenarios, including encrypted nested archives. Open source on the day of the talk.

\n\nSpeakerBio:  Uğur \"uJohn\" Can ATASOY
\n

Uğur Can Atasoy is a Senior Security Engineer at Udemy, working primarily on blue and purple team operations.

\n\n

A believer in hybrid approaches that combine technical fieldwork with academic rigor, he has spent the past decade across higher education, media, defense, and automotive sectors in roles spanning security architect, specialist, trainer, and consultant. His work spans both offense and defense — from security operations, threat hunting, intrusion detection, purple teaming, and adversary simulation to penetration testing and secure architecture. He has served as a Senior Content Engineer at TryHackMe and as an Information Security Architect at Mercedes-Benz. He has delivered security training for NATO personnel, law enforcement investigators, and military leadership, spoken at DeepSec (Vienna), holds CCSP, GCIA, OSCP, and OSWP, and served as an ISC2 SME for exam and training item development. He has been recognized by Oracle and IBM for responsible disclosure.

\n\n

MailX-Ray is his answer to a recurring annoyance: every tool in the email triage stack is either a cloud SaaS that ships customer data offsite, a heavyweight VM-based sandbox that takes minutes per sample, or an unprotected CLI that runs malicious parser input directly on the analyst\'s host. It produces a safe artifact analysts can read and forward.

\n\n\n\'',NULL,1067618),('2_Friday','16','16:00','16:45','N','Demo Labs','LVCCW Level 1 Hall 3 902 (Demo Labs Track 6)','\'MailX-Ray: A TSA X-Ray for Emails — Air-Gapped Safe-Read and Quick Triage in an Ephemeral MicroVM\'','\'Uğur \"uJohn\" Can ATASOY\'','Demo Labs_af446d630fec7205279ade7b6f1aeea5','\'Title: MailX-Ray: A TSA X-Ray for Emails — Air-Gapped Safe-Read and Quick Triage in an Ephemeral MicroVM
\nTags: Demo Labs | Intermediate | Defense/Blue Team | Malware | Purple Team | SecOps | Threat Intel/Hunting | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 16:00 - 16:45 PDT
\nWhere: LVCCW Level 1 Hall 3 902 (Demo Labs Track 6) - Map
\n
\nDescription:
\n

When TSA scans your luggage, they see what\'s inside without opening the bag. MailX-Ray brings that pattern to email triage.

\n\n

Phishing reports hit analysts as small crises: open carefully, don\'t trigger anything, extract IOCs, hand off to detection. Tooling lives at two extremes: cloud sandboxes that ship customer data offsite, or lightweight CLIs that run malicious parsers directly on the analyst\'s host. Neither produces a portable safe artifact, on-prem and hardware-isolated, in roughly 30 seconds.

\n\n

MailX-Ray does. Every email is processed inside an ephemeral hardware-virtualized microVM with no network device. Network egress is prevented by design. Output includes a single-file portable HTML safe-read report, structured JSON with 45+ offline signal categories, and optional STIX and MISP exports for SOC integration. Original attachment binaries are never re-distributed.

\n\n

It\'s not a malware sandbox. No decompilation, no execution, no verdicts. It\'s a non-invasive structural scan: the first 30 seconds of email triage, with zero network egress, on the analyst\'s own laptop.

\n\n

Demo Labs attendees will see the live pipeline across real phishing scenarios, including encrypted nested archives. Open source on the day of the talk.

\n\nSpeakerBio:  Uğur \"uJohn\" Can ATASOY
\n

Uğur Can Atasoy is a Senior Security Engineer at Udemy, working primarily on blue and purple team operations.

\n\n

A believer in hybrid approaches that combine technical fieldwork with academic rigor, he has spent the past decade across higher education, media, defense, and automotive sectors in roles spanning security architect, specialist, trainer, and consultant. His work spans both offense and defense — from security operations, threat hunting, intrusion detection, purple teaming, and adversary simulation to penetration testing and secure architecture. He has served as a Senior Content Engineer at TryHackMe and as an Information Security Architect at Mercedes-Benz. He has delivered security training for NATO personnel, law enforcement investigators, and military leadership, spoken at DeepSec (Vienna), holds CCSP, GCIA, OSCP, and OSWP, and served as an ISC2 SME for exam and training item development. He has been recognized by Oracle and IBM for responsible disclosure.

\n\n

MailX-Ray is his answer to a recurring annoyance: every tool in the email triage stack is either a cloud SaaS that ships customer data offsite, a heavyweight VM-based sandbox that takes minutes per sample, or an unprotected CLI that runs malicious parser input directly on the analyst\'s host. It produces a safe artifact analysts can read and forward.

\n\n\n\'',NULL,1067619),('2_Friday','14','14:00','14:45','N','Demo Labs','LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2)','\'MalSkill Lab: Hands-On Natural Language Malware in AI Agent Orchestration Systems\'','\'Nur \"BurritoTheNurrito\" Gucu\'','Demo Labs_2502eeb14ce1bcf4ea23769efcdd71e8','\'Title: MalSkill Lab: Hands-On Natural Language Malware in AI Agent Orchestration Systems
\nTags: AI | Demo Labs | Intermediate | AppSec | Defense/Blue Team | Malware | Offense/Red Team | Purple Team | SecOps | Threat Intel/Hunting | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 14:00 - 14:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2) - Map
\n
\nDescription:
\n

Your AI agent trusts every skill in its directory. What if one of them is lying?\nIn this Demo Lab, I walk you through MalSkills, natural language malware planted inside AI agent skill systems. No binaries, no shellcode, no signatures.\nJust English sentences with OS-level access.\nUsing ORPHEUS, my open-source multi-skill orchestration framework, I demonstrate three escalating attacks live:\n 1. BURIED INSTRUCTION: A malicious sentence hidden in a legitimate skill exfiltrates .env files on first execution. I show you 12 skills and challenge you to spot it. \n 2. CHAIN ATTACK: Five individually benign skills that, when orchestrated together, create an emergent data exfiltration path. No single skill is malicious. The composition is the weapon.\n 3. PERSISTENT GHOST: A skill that writes itself into agent memory, surviving file deletion and session restarts. Remove the skill, restart the agent, exfiltration continues.\nAfter offense, I flip to defense. I demo the MalSkill Detection Toolkit: skill integrity verification, capability-based sandboxing, orchestration graph analysis, and runtime behavioral monitoring.\nAttendees leave with: the ORPHEUS framework, a MalSkill sample pack, and a detection toolkit, all open source!\nEvery AI agent with a plugin system is vulnerable today. Come see why.

\n\nSpeakerBio:  Nur \"BurritoTheNurrito\" Gucu
\n

Offensive security professional and AI security researcher with 10+ years across financial services, startups, and Amazon.\nCurrently on the foundational model red team at Amazon AGI Labs, where I break AI systems and build the tooling to detect what I find.\nCore focus: LLM security, agentic system exploitation, and the gaps between how AI frameworks are designed and how they actually behave under adversarial pressure.\n6 patent applications. Published author (AWS Security Blog, internal science papers). Invited speaker on MCP security and LLM training APT attack surfaces.\nI turn research into shipped products and open-source tools, not empty slide decks.

\n\n\n\'',NULL,1067620),('3_Saturday','13','13:00','13:45','N','Demo Labs','LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2)','\'MalSkill Lab: Hands-On Natural Language Malware in AI Agent Orchestration Systems\'','\'Nur \"BurritoTheNurrito\" Gucu\'','Demo Labs_7754bfee11053da5dcb2ee1793bb9c68','\'Title: MalSkill Lab: Hands-On Natural Language Malware in AI Agent Orchestration Systems
\nTags: AI | Demo Labs | Intermediate | AppSec | Defense/Blue Team | Malware | Offense/Red Team | Purple Team | SecOps | Threat Intel/Hunting | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 13:00 - 13:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2) - Map
\n
\nDescription:
\n

Your AI agent trusts every skill in its directory. What if one of them is lying?\nIn this Demo Lab, I walk you through MalSkills, natural language malware planted inside AI agent skill systems. No binaries, no shellcode, no signatures.\nJust English sentences with OS-level access.\nUsing ORPHEUS, my open-source multi-skill orchestration framework, I demonstrate three escalating attacks live:\n 1. BURIED INSTRUCTION: A malicious sentence hidden in a legitimate skill exfiltrates .env files on first execution. I show you 12 skills and challenge you to spot it. \n 2. CHAIN ATTACK: Five individually benign skills that, when orchestrated together, create an emergent data exfiltration path. No single skill is malicious. The composition is the weapon.\n 3. PERSISTENT GHOST: A skill that writes itself into agent memory, surviving file deletion and session restarts. Remove the skill, restart the agent, exfiltration continues.\nAfter offense, I flip to defense. I demo the MalSkill Detection Toolkit: skill integrity verification, capability-based sandboxing, orchestration graph analysis, and runtime behavioral monitoring.\nAttendees leave with: the ORPHEUS framework, a MalSkill sample pack, and a detection toolkit, all open source!\nEvery AI agent with a plugin system is vulnerable today. Come see why.

\n\nSpeakerBio:  Nur \"BurritoTheNurrito\" Gucu
\n

Offensive security professional and AI security researcher with 10+ years across financial services, startups, and Amazon.\nCurrently on the foundational model red team at Amazon AGI Labs, where I break AI systems and build the tooling to detect what I find.\nCore focus: LLM security, agentic system exploitation, and the gaps between how AI frameworks are designed and how they actually behave under adversarial pressure.\n6 patent applications. Published author (AWS Security Blog, internal science papers). Invited speaker on MCP security and LLM training APT attack surfaces.\nI turn research into shipped products and open-source tools, not empty slide decks.

\n\n\n\'',NULL,1067621),('3_Saturday','10','10:00','10:45','N','Demo Labs','LVCCW Level 1 Hall 3 902 (Demo Labs Track 6)','\'Monitor, Compile, Enforce: A Compiler Pipeline for Container Security Policy in Rust and eBPF\'','\'Buğrahan Yücel\'','Demo Labs_45fd73ae7a34c18bd818f38e9b2c440b','\'Title: Monitor, Compile, Enforce: A Compiler Pipeline for Container Security Policy in Rust and eBPF
\nTags: Demo Labs | Advanced | Cloud | Defense/Blue Team | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 10:00 - 10:45 PDT
\nWhere: LVCCW Level 1 Hall 3 902 (Demo Labs Track 6) - Map
\n
\nDescription:
\n

Container security tools observe behavior (eBPF) and enforce policy (BPF-LSM, AppArmor, Seccomp). But the translation between observation and enforcement is manual and incomplete. We present the first tool that treats this translation as a compilation problem. Built in Rust with the Aya eBPF framework, three monitoring modules serve as compiler frontends feeding a normalized behavioral IR. Optimization passes operate on this IR: pattern classification, rule deduplication, dead rule elimination, conflict detection, and cross-category dependency linking. The backend compiles optimized IR into BPF-LSM enforcement rules across three LSM hooks: security_file_open, security_bprm_check_security, and security_socket_connect. Enforcement is default-deny: any operation not in the compiled profile is blocked. We demo end-to-end: a container is profiled, the profile compiled through the pipeline, and enforcement blocks unauthorized file access, process execution, and network connections at the kernel level. Zero manual policy writing. We document the friction points where monitoring context diverges from enforcement context. No existing tool, including vArmor and KubeArmor, implements this compilation architecture with a true IR, optimization passes, and multi-category LSM enforcement.

\n\nSpeakerBio:  Buğrahan Yücel
\n

Buğrahan Yücel is a software engineer at a SaaS company in Turkey, where he works on infrastructure security. He currently builds eBPF-based behavioral profiling and enforcement tooling in Rust using the Aya framework. This is his first DEF CON presentation.

\n\n\n\'',NULL,1067622),('2_Friday','13','13:00','13:45','N','Demo Labs','LVCCW Level 1 Hall 3 902 (Demo Labs Track 6)','\'Monitor, Compile, Enforce: A Compiler Pipeline for Container Security Policy in Rust and eBPF\'','\'Buğrahan Yücel\'','Demo Labs_8b2d0a19b248c59491b7bb6b35e4b48d','\'Title: Monitor, Compile, Enforce: A Compiler Pipeline for Container Security Policy in Rust and eBPF
\nTags: Demo Labs | Advanced | Cloud | Defense/Blue Team | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 13:00 - 13:45 PDT
\nWhere: LVCCW Level 1 Hall 3 902 (Demo Labs Track 6) - Map
\n
\nDescription:
\n

Container security tools observe behavior (eBPF) and enforce policy (BPF-LSM, AppArmor, Seccomp). But the translation between observation and enforcement is manual and incomplete. We present the first tool that treats this translation as a compilation problem. Built in Rust with the Aya eBPF framework, three monitoring modules serve as compiler frontends feeding a normalized behavioral IR. Optimization passes operate on this IR: pattern classification, rule deduplication, dead rule elimination, conflict detection, and cross-category dependency linking. The backend compiles optimized IR into BPF-LSM enforcement rules across three LSM hooks: security_file_open, security_bprm_check_security, and security_socket_connect. Enforcement is default-deny: any operation not in the compiled profile is blocked. We demo end-to-end: a container is profiled, the profile compiled through the pipeline, and enforcement blocks unauthorized file access, process execution, and network connections at the kernel level. Zero manual policy writing. We document the friction points where monitoring context diverges from enforcement context. No existing tool, including vArmor and KubeArmor, implements this compilation architecture with a true IR, optimization passes, and multi-category LSM enforcement.

\n\nSpeakerBio:  Buğrahan Yücel
\n

Buğrahan Yücel is a software engineer at a SaaS company in Turkey, where he works on infrastructure security. He currently builds eBPF-based behavioral profiling and enforcement tooling in Rust using the Aya framework. This is his first DEF CON presentation.

\n\n\n\'',NULL,1067623),('3_Saturday','16','16:00','16:45','N','Demo Labs','LVCCW Level 1 Hall 3 902 (Demo Labs Track 6)','\'Overcast: Video OSINT Agent. Point It at 100 Videos, Ask Anything\'','\'Kevin \"kdrwins\" Dela Rosa\'','Demo Labs_f783363c600d150979b26f1a29ed8079','\'Title: Overcast: Video OSINT Agent. Point It at 100 Videos, Ask Anything
\nTags: Beginner | AI | Demo Labs | Offense/Red Team | Threat Intel/Hunting | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 16:00 - 16:45 PDT
\nWhere: LVCCW Level 1 Hall 3 902 (Demo Labs Track 6) - Map
\n
\nDescription:
\n

Conference talks, earnings calls, product demos, training videos. Organizations put hours of footage online every week, full of things they didn\'t mean to share: hostnames in terminal windows, org charts on slides, infrastructure details dropped during Q&A. Traditional OSINT can\'t touch video at scale, and manual review falls apart past a handful of recordings.

\n\n

Overcast is a CLI agent and skill pack for video OSINT that drops into any agentic harness, such as Claude Code, Codex, or Tinycloud, giving it senses plus recon and targeting reach, organized around an investigation case. Point it at 10 videos or 1,000 and it turns footage into cited evidence: speech, video understanding, on-screen text and objects, faces, and named entities, all accumulating in persistent case memory.

\n\n

Discovery runs on the same case: scan and monitor sweep sources and surface reviewable findings. Ask across the whole corpus and get answers cited to the exact record and timestamp, backed by tiered retrieval. Match a photo against thousands of clips to find a person. Each subcommand is modular and pluggable, so analysts can drop one into other agent flows, author custom skills, or feed Overcast\'s media analysis into existing recon and security tooling to complete the mission.

\n\nSpeakerBio:  Kevin \"kdrwins\" Dela Rosa
\n

Kevin Dela Rosa is a multimodal AI researcher and engineer with 17+ years in computer vision, NLU, and large-scale retrieval. He led engineering teams at Snapchat building billion-scale visual search and generative AI products, worked on large-scale ML at Amazon, and interned at NIST and SPAWAR on NLP and information retrieval for government applications. He\'s published at ACM WWW, ACM CAIS, IEEE ICCV, KDD, CVPR, NeurIPS, AAAI, and ISMIR, and has spoken at AWS re:Invent, KubeCon, and CascadiaJS. He\'s currently CTO of Cloudglue, where he builds video understanding infrastructure.

\n\n

At DEF CON 33 he presented \"Autonomous Video Hunter\" at Recon Village, demoing an AI agent that investigated video corpora using face recognition, logo detection, and content analysis to produce structured OSINT reports. Overcast is the evolution of that work: a CLI agent and skill pack that gives any agentic harness senses plus recon and targeting reach, organized around an investigation case with persistent memory, cited evidence, and modular subcommands that plug into other recon and security workflows.

\n\n\n\'',NULL,1067624),('2_Friday','12','12:00','12:45','N','Demo Labs','LVCCW Level 1 Hall 3 902 (Demo Labs Track 6)','\'Overcast: Video OSINT Agent. Point It at 100 Videos, Ask Anything\'','\'Kevin \"kdrwins\" Dela Rosa\'','Demo Labs_5f2411e5d907237b0c5a666a5a3da730','\'Title: Overcast: Video OSINT Agent. Point It at 100 Videos, Ask Anything
\nTags: Beginner | AI | Demo Labs | Offense/Red Team | Threat Intel/Hunting | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 12:00 - 12:45 PDT
\nWhere: LVCCW Level 1 Hall 3 902 (Demo Labs Track 6) - Map
\n
\nDescription:
\n

Conference talks, earnings calls, product demos, training videos. Organizations put hours of footage online every week, full of things they didn\'t mean to share: hostnames in terminal windows, org charts on slides, infrastructure details dropped during Q&A. Traditional OSINT can\'t touch video at scale, and manual review falls apart past a handful of recordings.

\n\n

Overcast is a CLI agent and skill pack for video OSINT that drops into any agentic harness, such as Claude Code, Codex, or Tinycloud, giving it senses plus recon and targeting reach, organized around an investigation case. Point it at 10 videos or 1,000 and it turns footage into cited evidence: speech, video understanding, on-screen text and objects, faces, and named entities, all accumulating in persistent case memory.

\n\n

Discovery runs on the same case: scan and monitor sweep sources and surface reviewable findings. Ask across the whole corpus and get answers cited to the exact record and timestamp, backed by tiered retrieval. Match a photo against thousands of clips to find a person. Each subcommand is modular and pluggable, so analysts can drop one into other agent flows, author custom skills, or feed Overcast\'s media analysis into existing recon and security tooling to complete the mission.

\n\nSpeakerBio:  Kevin \"kdrwins\" Dela Rosa
\n

Kevin Dela Rosa is a multimodal AI researcher and engineer with 17+ years in computer vision, NLU, and large-scale retrieval. He led engineering teams at Snapchat building billion-scale visual search and generative AI products, worked on large-scale ML at Amazon, and interned at NIST and SPAWAR on NLP and information retrieval for government applications. He\'s published at ACM WWW, ACM CAIS, IEEE ICCV, KDD, CVPR, NeurIPS, AAAI, and ISMIR, and has spoken at AWS re:Invent, KubeCon, and CascadiaJS. He\'s currently CTO of Cloudglue, where he builds video understanding infrastructure.

\n\n

At DEF CON 33 he presented \"Autonomous Video Hunter\" at Recon Village, demoing an AI agent that investigated video corpora using face recognition, logo detection, and content analysis to produce structured OSINT reports. Overcast is the evolution of that work: a CLI agent and skill pack that gives any agentic harness senses plus recon and targeting reach, organized around an investigation case with persistent memory, cited evidence, and modular subcommands that plug into other recon and security workflows.

\n\n\n\'',NULL,1067625),('3_Saturday','10','10:00','10:45','N','Demo Labs','LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2)','\'Peekaboo: Breaking the Black Box of Threat and Malware Emulation\'','\'Zhassulan \"cocomelonc\" Zhussupov\'','Demo Labs_79b686c4be02f3b8d55e803a06775393','\'Title: Peekaboo: Breaking the Black Box of Threat and Malware Emulation
\nTags: Demo Labs | Intermediate | Defense/Blue Team | Malware | Offense/Red Team | Purple Team | Threat Intel/Hunting | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 10:00 - 10:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2) - Map
\n
\nDescription:
\nStandard security testing often forces a choice: use \"script-kiddie\" tools that get caught instantly, or use high-end frameworks that are too complex for rapid detection testing. Peekaboo bridges this gap. In this Demo Lab, we present Peekaboo - a modular, open-source framework designed for safe threat emulation. Unlike traditional malware, Peekaboo focuses on generating high-fidelity telemetry through legitimate cloud API abuse (GitHub, Bitbucket, Slack, Discord, Azure, VirusTotal, XBOX, AngelCam, etc) and evasive execution techniques (Direct Syscalls, Callback-based execution).
\n\n

We will demonstrate how to:

\n\n
    \n
  • Generate polymorphic agents that bypass static analysis using rare cryptographic algorithms like Speck and Skipjack.
  • \n
  • Generate agents that leverage signal processing like Fast Fourier Transformation and Feistel-network based cryptography for bypass EDR.
  • \n
  • Establish covert C2 channels within the metadata of trusted enterprise applications.
  • \n
  • Rapidly test EDR/SIEM rules against modern persistence and lateral movement techniques without risking system stability.
  • \n
\n\n

Peekaboo isn\'t just a tool; it\'s a \"sandbox-friendly\" adversary in a box, designed to help Blue Teams level up by understanding the nuances of the Offensive Dev Loop. Come see how we turn \"hidden\" threats into \"visible\" learning opportunities.

\n\nSpeakerBio:  Zhassulan \"cocomelonc\" Zhussupov
\n

cybersecurity enthusiast, author, speaker and mathematician. Author of popular books: MD MZ Malware Development Book (Github, 2022, 2024) MALWILD: Malware in the Wild Book (Github, 2023) Malware Development for Ethical Hackers Book: (Packt, 2024) AIYA Mobile Malware Development Book (Github, 2025) Malware Development for Ethical Hackers 2nd edition (Packt, 2026, in progress) Author and tech reviewer at Packt. Co founder of various cybersecurity research labs, author of many cybersecurity blogs, HVCK magazine Malpedia contributor Speaker at BlackHat, DEFCON, Security BSides, Arab Security Conference, Hack.lu, Standoff, Positive Hack Talks, etc conferences

\n\n\n\'',NULL,1067626),('2_Friday','10','10:00','10:45','N','Demo Labs','LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2)','\'Peekaboo: Breaking the Black Box of Threat and Malware Emulation\'','\'Zhassulan \"cocomelonc\" Zhussupov\'','Demo Labs_72e74f15c0b941c6622374373bc31adb','\'Title: Peekaboo: Breaking the Black Box of Threat and Malware Emulation
\nTags: Demo Labs | Intermediate | Defense/Blue Team | Malware | Offense/Red Team | Purple Team | Threat Intel/Hunting | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 10:00 - 10:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2) - Map
\n
\nDescription:
\nStandard security testing often forces a choice: use \"script-kiddie\" tools that get caught instantly, or use high-end frameworks that are too complex for rapid detection testing. Peekaboo bridges this gap. In this Demo Lab, we present Peekaboo - a modular, open-source framework designed for safe threat emulation. Unlike traditional malware, Peekaboo focuses on generating high-fidelity telemetry through legitimate cloud API abuse (GitHub, Bitbucket, Slack, Discord, Azure, VirusTotal, XBOX, AngelCam, etc) and evasive execution techniques (Direct Syscalls, Callback-based execution).
\n\n

We will demonstrate how to:

\n\n
    \n
  • Generate polymorphic agents that bypass static analysis using rare cryptographic algorithms like Speck and Skipjack.
  • \n
  • Generate agents that leverage signal processing like Fast Fourier Transformation and Feistel-network based cryptography for bypass EDR.
  • \n
  • Establish covert C2 channels within the metadata of trusted enterprise applications.
  • \n
  • Rapidly test EDR/SIEM rules against modern persistence and lateral movement techniques without risking system stability.
  • \n
\n\n

Peekaboo isn\'t just a tool; it\'s a \"sandbox-friendly\" adversary in a box, designed to help Blue Teams level up by understanding the nuances of the Offensive Dev Loop. Come see how we turn \"hidden\" threats into \"visible\" learning opportunities.

\n\nSpeakerBio:  Zhassulan \"cocomelonc\" Zhussupov
\n

cybersecurity enthusiast, author, speaker and mathematician. Author of popular books: MD MZ Malware Development Book (Github, 2022, 2024) MALWILD: Malware in the Wild Book (Github, 2023) Malware Development for Ethical Hackers Book: (Packt, 2024) AIYA Mobile Malware Development Book (Github, 2025) Malware Development for Ethical Hackers 2nd edition (Packt, 2026, in progress) Author and tech reviewer at Packt. Co founder of various cybersecurity research labs, author of many cybersecurity blogs, HVCK magazine Malpedia contributor Speaker at BlackHat, DEFCON, Security BSides, Arab Security Conference, Hack.lu, Standoff, Positive Hack Talks, etc conferences

\n\n\n\'',NULL,1067627),('3_Saturday','12','12:00','12:45','N','Demo Labs','LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1)','\'Phasmid: Deniable Storage for Rubber-Hose Scenarios\'','\'Makoto \"Mr.Rabbit\" Sugita\'','Demo Labs_a0126f42417f3a75f533b822244c039d','\'Title: Phasmid: Deniable Storage for Rubber-Hose Scenarios
\nTags: Demo Labs | Intermediate | Defense/Blue Team | Hardware/IoT | SecOps | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 12:00 - 12:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1) - Map
\n
\nDescription:
\nPhasmid is a prototype deniable storage system built for a problem ordinary encryption handles poorly: what happens when the attacker stops attacking the math and starts coercing the human holding the key. It implements the Janus Eidolon System, or Janus System, a coercion-aware storage method that explores how visible disclosure and true protected state can diverge through deniable cryptographic structure, local-only operation, dual-profile storage, camera-based object-image matching, and owner-controlled destructive actions. Framed by the question of Agency, the project asks how a user can retain meaningful control over disclosure when physical pressure breaks normal cryptographic assumptions. This demo presents a practical low-power implementation on Raspberry Pi Zero 2 W for hostile situations where the attacker targets the person rather than the cipher.
\n\n\n\nSpeakerBio:  Makoto \"Mr.Rabbit\" Sugita
\n

Makoto Sugita is a security engineer and security toolmaker focused on practical systems for hostile environments, where cryptographic assumptions break down under real-world pressure. His work sits at the intersection of cryptography, hardware, and adversarial human behavior. He has presented tools and research at venues including Black Hat Arsenal and BSides, and is interested in deniable systems, tactical hardware, and building prototypes that expose uncomfortable but real security problems.

\n\n\n\'',NULL,1067628),('2_Friday','16','16:00','16:45','N','Demo Labs','LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1)','\'Phasmid: Deniable Storage for Rubber-Hose Scenarios\'','\'Makoto \"Mr.Rabbit\" Sugita\'','Demo Labs_f6dfdb74517628aeb250e8158a6069d8','\'Title: Phasmid: Deniable Storage for Rubber-Hose Scenarios
\nTags: Demo Labs | Intermediate | Defense/Blue Team | Hardware/IoT | SecOps | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 16:00 - 16:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1) - Map
\n
\nDescription:
\nPhasmid is a prototype deniable storage system built for a problem ordinary encryption handles poorly: what happens when the attacker stops attacking the math and starts coercing the human holding the key. It implements the Janus Eidolon System, or Janus System, a coercion-aware storage method that explores how visible disclosure and true protected state can diverge through deniable cryptographic structure, local-only operation, dual-profile storage, camera-based object-image matching, and owner-controlled destructive actions. Framed by the question of Agency, the project asks how a user can retain meaningful control over disclosure when physical pressure breaks normal cryptographic assumptions. This demo presents a practical low-power implementation on Raspberry Pi Zero 2 W for hostile situations where the attacker targets the person rather than the cipher.
\n\n\n\nSpeakerBio:  Makoto \"Mr.Rabbit\" Sugita
\n

Makoto Sugita is a security engineer and security toolmaker focused on practical systems for hostile environments, where cryptographic assumptions break down under real-world pressure. His work sits at the intersection of cryptography, hardware, and adversarial human behavior. He has presented tools and research at venues including Black Hat Arsenal and BSides, and is interested in deniable systems, tactical hardware, and building prototypes that expose uncomfortable but real security problems.

\n\n\n\'',NULL,1067629),('2_Friday','10','10:00','10:45','N','Demo Labs','LVCCW Level 1 Hall 3 901 (Demo Labs Track 5)','\'PromptPwn: Finding and Exploiting AI-Generated Vulnerabilities at Scale\'','\'Georgia Weidman\'','Demo Labs_2930819a1bb3c3ef613ab5011b38a75b','\'Title: PromptPwn: Finding and Exploiting AI-Generated Vulnerabilities at Scale
\nTags: AI | Demo Labs | Intermediate | AppSec | Defense/Blue Team | DevOps | Offense/Red Team | Purple Team | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 10:00 - 10:45 PDT
\nWhere: LVCCW Level 1 Hall 3 901 (Demo Labs Track 5) - Map
\n
\nDescription:
\n

AI-assisted development tools don’t just introduce vulnerabilities; they introduce the same vulnerabilities repeatedly.

\n\n

PromptPwn is a tool designed to identify, track, and exploit common insecure patterns found in AI-generated code. It maintains a database of known vulnerability patterns produced by popular “vibe coding” workflows and provides scanning capabilities to detect these issues in real applications.

\n\n

In this demo, we show how PromptPwn identifies vulnerable patterns such as injection flaws, authentication weaknesses, and insecure defaults across generated code. We demonstrate how these patterns can be exploited in practice, highlighting how repeatability makes them especially valuable from an attacker’s perspective.

\n\n

We also explore how prompt variations influence these outcomes and show how insecure patterns can be remediated by adjusting prompts, closing the loop between generation, exploitation, and correction.

\n\n

This session focuses on practical demonstrations of how AI-generated code fails in predictable ways, and how those failures can be identified and abused at scale.

\n\nSpeakerBio:  Georgia Weidman
\n

Georgia Weidman is an offensive security researcher and author focused on breaking real-world systems. She wrote Penetration Testing: A Hands-On Introduction to Hacking, a practical guide used by students and practitioners to learn exploitation techniques.

\n\n

Her work centers on how modern systems fail under attack, from mobile and IoT to enterprise environments. As a DARPA Cyber Fast Track performer, she developed the Smartphone Pentest Framework (SPF), a platform for mobile exploitation research.

\n\n

She has conducted penetration tests, built exploitation tooling, and developed attack chains across multiple domains. Her approach prioritizes hands-on techniques over theory, demonstrating how assumptions about security break down in practice.

\n\n

Georgia has presented internationally at conferences including Black Hat and DEF CON, with a focus on showing how things actually get hacked.

\n\n\n\'',NULL,1067630),('3_Saturday','14','14:00','14:45','N','Demo Labs','LVCCW Level 1 Hall 3 901 (Demo Labs Track 5)','\'PromptPwn: Finding and Exploiting AI-Generated Vulnerabilities at Scale\'','\'Georgia Weidman\'','Demo Labs_13fe7538011761d1f8c739a045d69b4c','\'Title: PromptPwn: Finding and Exploiting AI-Generated Vulnerabilities at Scale
\nTags: AI | Demo Labs | Intermediate | AppSec | Defense/Blue Team | DevOps | Offense/Red Team | Purple Team | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 14:00 - 14:45 PDT
\nWhere: LVCCW Level 1 Hall 3 901 (Demo Labs Track 5) - Map
\n
\nDescription:
\n

AI-assisted development tools don’t just introduce vulnerabilities; they introduce the same vulnerabilities repeatedly.

\n\n

PromptPwn is a tool designed to identify, track, and exploit common insecure patterns found in AI-generated code. It maintains a database of known vulnerability patterns produced by popular “vibe coding” workflows and provides scanning capabilities to detect these issues in real applications.

\n\n

In this demo, we show how PromptPwn identifies vulnerable patterns such as injection flaws, authentication weaknesses, and insecure defaults across generated code. We demonstrate how these patterns can be exploited in practice, highlighting how repeatability makes them especially valuable from an attacker’s perspective.

\n\n

We also explore how prompt variations influence these outcomes and show how insecure patterns can be remediated by adjusting prompts, closing the loop between generation, exploitation, and correction.

\n\n

This session focuses on practical demonstrations of how AI-generated code fails in predictable ways, and how those failures can be identified and abused at scale.

\n\nSpeakerBio:  Georgia Weidman
\n

Georgia Weidman is an offensive security researcher and author focused on breaking real-world systems. She wrote Penetration Testing: A Hands-On Introduction to Hacking, a practical guide used by students and practitioners to learn exploitation techniques.

\n\n

Her work centers on how modern systems fail under attack, from mobile and IoT to enterprise environments. As a DARPA Cyber Fast Track performer, she developed the Smartphone Pentest Framework (SPF), a platform for mobile exploitation research.

\n\n

She has conducted penetration tests, built exploitation tooling, and developed attack chains across multiple domains. Her approach prioritizes hands-on techniques over theory, demonstrating how assumptions about security break down in practice.

\n\n

Georgia has presented internationally at conferences including Black Hat and DEF CON, with a focus on showing how things actually get hacked.

\n\n\n\'',NULL,1067631),('2_Friday','16','16:00','16:45','N','Demo Labs','LVCCW Level 1 Hall 3 901 (Demo Labs Track 5)','\'Reversing F5: Pure-Go Steganography, Live Forensic Cover Recovery, and JPEG Fragility Analysis\'','\'0verkilll\'','Demo Labs_f5466b5a1b96dada5ed2a2680935efd9','\'Title: Reversing F5: Pure-Go Steganography, Live Forensic Cover Recovery, and JPEG Fragility Analysis
\nTags: Beginner | AI | Demo Labs | Cloud | Defense/Blue Team | Malware | Mobile | Offense/Red Team | Purple Team | SecOps | Threat Intel/Hunting | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 16:00 - 16:45 PDT
\nWhere: LVCCW Level 1 Hall 3 901 (Demo Labs Track 5) - Map
\n
\nDescription:
\n

F5 (Westfeld, 2001) is the canonical \"do it right\" JPEG steganography algorithm — matrix encoding, permutative straddling, shrinkage handling — and still turns up on confiscated devices and in CTF challenges 25 years later. The public tooling has rotted: the original is Java, modern rewrites bind CGo to libjpeg, and every implementation surveyed is one-way (embed and extract, never un-embed).\nThis Demo Lab presents ten public GitHub repositories that fix that, in pure Go with zero third-party dependencies. The headline is the first open-source F5 cover-recovery tool: given the stego JPEG, the password, and the extracted message, it reverses the embed and restores the cover\'s DCT coefficients. Alongside it ship three CLIs (embed, extract, recover), a pure-Go JPEG-family codec (baseline, JPEG 2000, JPEG-LS, XL/XR/XS/XT, Pleno, lossless), a Fridrich chi-square steganalysis library and CLI, and the supporting crypto, i18n, and logging packages — all auditable end-to-end in one language.\nLive: embed, extract, cover recovery, defensive Fridrich detection, JPEG re-encoding fragility, and a 25-line external Go program importing the library. Useful for digital forensics, steganalysis research, CTF authoring, and anyone who wants a CGo-free stego stack they can read in a weekend.

\n\nSpeakerBio:  0verkilll
\n

Precise, Ruthless, Ethical

\n\n\n\'',NULL,1067632),('3_Saturday','10','10:00','10:45','N','Demo Labs','LVCCW Level 1 Hall 3 901 (Demo Labs Track 5)','\'Reversing F5: Pure-Go Steganography, Live Forensic Cover Recovery, and JPEG Fragility Analysis\'','\'0verkilll\'','Demo Labs_d5162bfe7e662a19779a76dd1aa3bf23','\'Title: Reversing F5: Pure-Go Steganography, Live Forensic Cover Recovery, and JPEG Fragility Analysis
\nTags: Beginner | AI | Demo Labs | Cloud | Defense/Blue Team | Malware | Mobile | Offense/Red Team | Purple Team | SecOps | Threat Intel/Hunting | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 10:00 - 10:45 PDT
\nWhere: LVCCW Level 1 Hall 3 901 (Demo Labs Track 5) - Map
\n
\nDescription:
\n

F5 (Westfeld, 2001) is the canonical \"do it right\" JPEG steganography algorithm — matrix encoding, permutative straddling, shrinkage handling — and still turns up on confiscated devices and in CTF challenges 25 years later. The public tooling has rotted: the original is Java, modern rewrites bind CGo to libjpeg, and every implementation surveyed is one-way (embed and extract, never un-embed).\nThis Demo Lab presents ten public GitHub repositories that fix that, in pure Go with zero third-party dependencies. The headline is the first open-source F5 cover-recovery tool: given the stego JPEG, the password, and the extracted message, it reverses the embed and restores the cover\'s DCT coefficients. Alongside it ship three CLIs (embed, extract, recover), a pure-Go JPEG-family codec (baseline, JPEG 2000, JPEG-LS, XL/XR/XS/XT, Pleno, lossless), a Fridrich chi-square steganalysis library and CLI, and the supporting crypto, i18n, and logging packages — all auditable end-to-end in one language.\nLive: embed, extract, cover recovery, defensive Fridrich detection, JPEG re-encoding fragility, and a 25-line external Go program importing the library. Useful for digital forensics, steganalysis research, CTF authoring, and anyone who wants a CGo-free stego stack they can read in a weekend.

\n\nSpeakerBio:  0verkilll
\n

Precise, Ruthless, Ethical

\n\n\n\'',NULL,1067633),('3_Saturday','10','10:00','10:45','N','Demo Labs','LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1)','\'SecretSifter: Production Apps Are Leaking Credentials. The Blindspot DAST Never Checked.\'','\'Hemanth Gorijala\'','Demo Labs_bd68a904bdfbcb385bdee978a6a01c35','\'Title: SecretSifter: Production Apps Are Leaking Credentials. The Blindspot DAST Never Checked.
\nTags: Demo Labs | Intermediate | AppSec | Defense/Blue Team | DevOps | Offense/Red Team | Threat Intel/Hunting | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 10:00 - 10:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1) - Map
\n
\nDescription:
\n

Shift-left tools scan what you commit, not what you serve. DAST scanners test for vulnerabilities but ignore live traffic. The industry left a gap: runtime secrets. Finding them requires intercepting live traffic: a proxy, a browser extension, or a bulk scanner. SecretSifter is all three.

\n\n

We tested 2,000 production apps against ten secret scanners. 194 confirmed credentials survived all ten scanners.

\n\n

SecretSifter monitors live HTTP traffic and finds credentials in JS bundles, lazy-loaded chunks, HTML responses, JSON and XML APIs, and request headers. No config, no source code. 160+ rules cover vendor tokens (AWS, Azure, Stripe, Twilio, GitHub), entropy-gated patterns, and CryptoJS-encrypted configs where the decryption key is hardcoded in the same bundle. No other scanner catches that case. Bulk mode scans 30-50 targets: paste URLs, scan, optional AI triage, export HTML, CSV, or ZIP.

\n\n

The session opens with a live tool comparison. Most tools scan one URL at a time and require manual browsing. SecretSifter bulk-scans both targets in parallel. Two findings none of the ten caught: Azure AD credentials baked into a webpack bundle past GitLeaks. A CryptoJS config with the decryption key three lines away.

\n\n

Your entire pipeline reported green. Were they right? Attendees leave with a free tool to run the same day.

\n\nSpeakerBio:  Hemanth Gorijala
\n

Hemanth Gorijala is Global Pentest Lead at a Fortune 100 financial services company. He built SecretSifter to close the runtime security gap: the space between where shift-left secret scanning stops and where secrets actually appear in production. His research identified 194 confirmed credentials across 2,000 production applications that bypassed ten secret scanners. He is presenting that research at security conferences across the US. The GT-194 benchmark is published on Zenodo (DOI 10.5281/zenodo.19464446). SecretSifter is open source at github.com/secretsifter.

\n\n\n\'',NULL,1067634),('2_Friday','14','14:00','14:45','N','Demo Labs','LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1)','\'SecretSifter: Production Apps Are Leaking Credentials. The Blindspot DAST Never Checked.\'','\'Hemanth Gorijala\'','Demo Labs_9445f9c9522685789d3eb9ebbcc6626d','\'Title: SecretSifter: Production Apps Are Leaking Credentials. The Blindspot DAST Never Checked.
\nTags: Demo Labs | Intermediate | AppSec | Defense/Blue Team | DevOps | Offense/Red Team | Threat Intel/Hunting | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 14:00 - 14:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1) - Map
\n
\nDescription:
\n

Shift-left tools scan what you commit, not what you serve. DAST scanners test for vulnerabilities but ignore live traffic. The industry left a gap: runtime secrets. Finding them requires intercepting live traffic: a proxy, a browser extension, or a bulk scanner. SecretSifter is all three.

\n\n

We tested 2,000 production apps against ten secret scanners. 194 confirmed credentials survived all ten scanners.

\n\n

SecretSifter monitors live HTTP traffic and finds credentials in JS bundles, lazy-loaded chunks, HTML responses, JSON and XML APIs, and request headers. No config, no source code. 160+ rules cover vendor tokens (AWS, Azure, Stripe, Twilio, GitHub), entropy-gated patterns, and CryptoJS-encrypted configs where the decryption key is hardcoded in the same bundle. No other scanner catches that case. Bulk mode scans 30-50 targets: paste URLs, scan, optional AI triage, export HTML, CSV, or ZIP.

\n\n

The session opens with a live tool comparison. Most tools scan one URL at a time and require manual browsing. SecretSifter bulk-scans both targets in parallel. Two findings none of the ten caught: Azure AD credentials baked into a webpack bundle past GitLeaks. A CryptoJS config with the decryption key three lines away.

\n\n

Your entire pipeline reported green. Were they right? Attendees leave with a free tool to run the same day.

\n\nSpeakerBio:  Hemanth Gorijala
\n

Hemanth Gorijala is Global Pentest Lead at a Fortune 100 financial services company. He built SecretSifter to close the runtime security gap: the space between where shift-left secret scanning stops and where secrets actually appear in production. His research identified 194 confirmed credentials across 2,000 production applications that bypassed ten secret scanners. He is presenting that research at security conferences across the US. The GT-194 benchmark is published on Zenodo (DOI 10.5281/zenodo.19464446). SecretSifter is open source at github.com/secretsifter.

\n\n\n\'',NULL,1067635),('3_Saturday','14','14:00','14:45','N','Demo Labs','LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3)','\'Senrigan (千里眼) x Suzaku (朱雀): Threat Hunting & DFIR for AWS — No SIEM, Just Your Laptop\'','\'Fukusuke Takahashi,Zach Mathis,Akira Nishikawa\'','Demo Labs_5a7e3dc4ddf12e419a3fd3504e98f56e','\'Title: Senrigan (千里眼) x Suzaku (朱雀): Threat Hunting & DFIR for AWS — No SIEM, Just Your Laptop
\nTags: Demo Labs | Intermediate | Cloud | Defense/Blue Team | Purple Team | Threat Intel/Hunting | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 14:00 - 14:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3) - Map
\n
\nDescription:
\n

Senrigan (千里眼) and Suzaku (朱雀) are two complementary open-source tools that together form a complete threat hunting and DFIR platform for AWS CloudTrail logs. Both are built by Yamato Security, the volunteer-run Japanese security community behind Hayabusa(隼), the widely adopted Windows event log fast-forensics tool. Yamato Security provides free, open-source DFIR tools and resources to the community.

\n\n

Building on Hayabusa\'s philosophy of fast, offline, community rule-based detection, this toolset brings the same approach to the cloud. Security teams can hunt threats across CloudTrail logs on a single laptop — without a SIEM, dedicated infrastructure, or licensing cost.

\n\n

The two tools work together, with Suzaku\'s detections flowing into Senrigan for analysis. Senrigan, deployed via Docker Compose, ingests CloudTrail logs into DuckDB via a Rust-based ingester, then lets analysts investigate them through 100+ pre-built hunting queries and 80+ pre-built Apache Superset dashboard charts — no SQL or CloudTrail schema knowledge required. Suzaku is a high-performance, standalone Rust-based CLI that applies native Sigma detection rules to CloudTrail logs and generates a fast-forensics DFIR timeline — surfacing attacks buried in the noise, producing only the events analysts need to investigate.

\n\nSpeakers:Fukusuke Takahashi,Zach Mathis,Akira Nishikawa
\n
\nSpeakerBio:  Fukusuke Takahashi
\n

Fukusuke Takahashi has been with NTTDATA-CERT (NTT DATA Group Corporation\'s CSIRT) since 2018, specializing in DFIR, OSINT, and SOAR. He is one of the developers of Yamato Security\'s OSS tools. He enjoys developing open-source Blue Team tools. He has presented at conferences such as FIRST Annual Conferences, SECCON, BSides Tokyo, HITCON CMT, SecTor and AUSCERT.

\n\nSpeakerBio:  Zach Mathis
\n

Zach Mathis has been working in Japan doing offensive and defensive security work for Japanese companies since 2006. In 2012, he founded Yamato Security, one of the largest hands-on hacker communities in Japan. With other Yamato Security members, he has been releasing free and open source DFIR tools and resources since 2020.

\n\nSpeakerBio:  Akira Nishikawa
\n

Akira Nishikawa started his career as a software engineer specializing in embedded development. He worked as a freelance engineer in 2007, focusing on system development and operation for various companies. Since 2021, he has been dedicated to fostering a security culture for SaaS product security and improving service security. Additionally, he is an AWS Community Builder as of 2024.

\n\n\n\'',NULL,1067636),('2_Friday','10','10:00','10:45','N','Demo Labs','LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3)','\'Senrigan (千里眼) x Suzaku (朱雀): Threat Hunting & DFIR for AWS — No SIEM, Just Your Laptop\'','\'Fukusuke Takahashi,Zach Mathis,Akira Nishikawa\'','Demo Labs_56ee5c0a8aba0b446741df0c2f9832cb','\'Title: Senrigan (千里眼) x Suzaku (朱雀): Threat Hunting & DFIR for AWS — No SIEM, Just Your Laptop
\nTags: Demo Labs | Intermediate | Cloud | Defense/Blue Team | Purple Team | Threat Intel/Hunting | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 10:00 - 10:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3) - Map
\n
\nDescription:
\n

Senrigan (千里眼) and Suzaku (朱雀) are two complementary open-source tools that together form a complete threat hunting and DFIR platform for AWS CloudTrail logs. Both are built by Yamato Security, the volunteer-run Japanese security community behind Hayabusa(隼), the widely adopted Windows event log fast-forensics tool. Yamato Security provides free, open-source DFIR tools and resources to the community.

\n\n

Building on Hayabusa\'s philosophy of fast, offline, community rule-based detection, this toolset brings the same approach to the cloud. Security teams can hunt threats across CloudTrail logs on a single laptop — without a SIEM, dedicated infrastructure, or licensing cost.

\n\n

The two tools work together, with Suzaku\'s detections flowing into Senrigan for analysis. Senrigan, deployed via Docker Compose, ingests CloudTrail logs into DuckDB via a Rust-based ingester, then lets analysts investigate them through 100+ pre-built hunting queries and 80+ pre-built Apache Superset dashboard charts — no SQL or CloudTrail schema knowledge required. Suzaku is a high-performance, standalone Rust-based CLI that applies native Sigma detection rules to CloudTrail logs and generates a fast-forensics DFIR timeline — surfacing attacks buried in the noise, producing only the events analysts need to investigate.

\n\nSpeakers:Fukusuke Takahashi,Zach Mathis,Akira Nishikawa
\n
\nSpeakerBio:  Fukusuke Takahashi
\n

Fukusuke Takahashi has been with NTTDATA-CERT (NTT DATA Group Corporation\'s CSIRT) since 2018, specializing in DFIR, OSINT, and SOAR. He is one of the developers of Yamato Security\'s OSS tools. He enjoys developing open-source Blue Team tools. He has presented at conferences such as FIRST Annual Conferences, SECCON, BSides Tokyo, HITCON CMT, SecTor and AUSCERT.

\n\nSpeakerBio:  Zach Mathis
\n

Zach Mathis has been working in Japan doing offensive and defensive security work for Japanese companies since 2006. In 2012, he founded Yamato Security, one of the largest hands-on hacker communities in Japan. With other Yamato Security members, he has been releasing free and open source DFIR tools and resources since 2020.

\n\nSpeakerBio:  Akira Nishikawa
\n

Akira Nishikawa started his career as a software engineer specializing in embedded development. He worked as a freelance engineer in 2007, focusing on system development and operation for various companies. Since 2021, he has been dedicated to fostering a security culture for SaaS product security and improving service security. Additionally, he is an AWS Community Builder as of 2024.

\n\n\n\'',NULL,1067637),('2_Friday','15','15:00','15:45','N','Demo Labs','LVCCW Level 1 Hall 3 901 (Demo Labs Track 5)','\'TokenMesh: Exposing Azure\'s Hidden Identity Attack Surface\'','\'Saksham Agrawal\'','Demo Labs_440b37b146c59712f5db8a953d6ba266','\'Title: TokenMesh: Exposing Azure\'s Hidden Identity Attack Surface
\nTags: AI | Demo Labs | Intermediate | Cloud | Defense/Blue Team | Offense/Red Team | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 15:00 - 15:45 PDT
\nWhere: LVCCW Level 1 Hall 3 901 (Demo Labs Track 5) - Map
\n
\nDescription:
\n

Modern cloud environments are riddled with identity misconfigurations that go undetected until it\'s too late. TokenMesh is an open-source Azure security reconnaissance tool built to expose exactly that — over-privileged identities, dormant service principals, misconfigured storage accounts, and potential backdoors hiding in plain sight across Microsoft Entra ID and Azure RBAC.\nUnlike traditional scanners that drown you in raw data, TokenMesh is designed with the security practitioner in mind. It integrates directly with the Model Context Protocol (MCP) and the OpenAI API, allowing AI-assisted analysis that surfaces critical findings in plain language — no SIEM required, no query language to master. Plug it into your AI workflow of choice, ask questions in natural language, and get answers that actually make sense.\nIn this session, we\'ll walk through how TokenMesh was built, the real-world attack paths it uncovers, and live demonstrations against a target Azure environment. We\'ll cover how attackers abuse identity misconfigurations, how privilege escalation paths hide inside legitimate role assignments, and how defenders can use TokenMesh to harden their posture before adversaries exploit it. Whether you\'re a red teamer mapping an Azure tenant or a blue teamer trying to get ahead of the next breach.

\n\nSpeakerBio:  Saksham Agrawal
\n

Saksham Agrawal is a Senior Security Consultant at NotSoSecure, specializing in cloud security. His work focuses on discovering new attack paths in cloud environments and helping organizations understand real-world risks. He has presented his research at DEF CON Cloud Village, where he introduced his tool NoPrompt and shared practical techniques for cloud security testing. He enjoys building tools, exploring cloud internals, and sharing his findings with the security community. He has also responsibly reported critical vulnerabilities in major cloud vendors as part of his independent security research and actively delivers training sessions on cloud security and offensive security techniques.

\n\n\n\'',NULL,1067638),('3_Saturday','11','11:00','11:45','N','Demo Labs','LVCCW Level 1 Hall 3 901 (Demo Labs Track 5)','\'TokenMesh: Exposing Azure\'s Hidden Identity Attack Surface\'','\'Saksham Agrawal\'','Demo Labs_1d7e80660e7dc086976501928b410afb','\'Title: TokenMesh: Exposing Azure\'s Hidden Identity Attack Surface
\nTags: AI | Demo Labs | Intermediate | Cloud | Defense/Blue Team | Offense/Red Team | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 11:00 - 11:45 PDT
\nWhere: LVCCW Level 1 Hall 3 901 (Demo Labs Track 5) - Map
\n
\nDescription:
\n

Modern cloud environments are riddled with identity misconfigurations that go undetected until it\'s too late. TokenMesh is an open-source Azure security reconnaissance tool built to expose exactly that — over-privileged identities, dormant service principals, misconfigured storage accounts, and potential backdoors hiding in plain sight across Microsoft Entra ID and Azure RBAC.\nUnlike traditional scanners that drown you in raw data, TokenMesh is designed with the security practitioner in mind. It integrates directly with the Model Context Protocol (MCP) and the OpenAI API, allowing AI-assisted analysis that surfaces critical findings in plain language — no SIEM required, no query language to master. Plug it into your AI workflow of choice, ask questions in natural language, and get answers that actually make sense.\nIn this session, we\'ll walk through how TokenMesh was built, the real-world attack paths it uncovers, and live demonstrations against a target Azure environment. We\'ll cover how attackers abuse identity misconfigurations, how privilege escalation paths hide inside legitimate role assignments, and how defenders can use TokenMesh to harden their posture before adversaries exploit it. Whether you\'re a red teamer mapping an Azure tenant or a blue teamer trying to get ahead of the next breach.

\n\nSpeakerBio:  Saksham Agrawal
\n

Saksham Agrawal is a Senior Security Consultant at NotSoSecure, specializing in cloud security. His work focuses on discovering new attack paths in cloud environments and helping organizations understand real-world risks. He has presented his research at DEF CON Cloud Village, where he introduced his tool NoPrompt and shared practical techniques for cloud security testing. He enjoys building tools, exploring cloud internals, and sharing his findings with the security community. He has also responsibly reported critical vulnerabilities in major cloud vendors as part of his independent security research and actively delivers training sessions on cloud security and offensive security techniques.

\n\n\n\'',NULL,1067639),('2_Friday','14','14:00','14:45','N','Demo Labs','LVCCW Level 1 Hall 3 902 (Demo Labs Track 6)','\'Trajan: Cross-Platform CI/CD Security Scanner\'','\'Rahul Saranjame,Ranganatha Rao Sridhar,Tanishq Rupaal\'','Demo Labs_ef0643d3eb6218ec5b966d06cd241563','\'Title: Trajan: Cross-Platform CI/CD Security Scanner
\nTags: AI | Demo Labs | Intermediate | Cloud | Defense/Blue Team | DevOps | Offense/Red Team | Purple Team | SecOps | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 14:00 - 14:45 PDT
\nWhere: LVCCW Level 1 Hall 3 902 (Demo Labs Track 6) - Map
\n
\nDescription:
\n

For three years, Praetorian has consistently found that CI/CD pipelines are one of the fastest paths to compromise enterprise environments. A misconfigured workflow or an over-privileged service connection can provide you with credentials, cloud access, or code execution on internal infrastructure, often undetected.

\n\n

We built to keep up: Gato for GitHub Actions (BH 2024), then Glato for GitLab CI (BH 2025). Both proved the approach: parse the pipeline configuration, classify triggers, gates, and danger zones, build a graph of how they connect, and surface what\'s actually exploitable.

\n\n

The problem was that no client runs just one platform. A typical enterprise has GitHub Actions for open-source, Azure DevOps for internal deployments, and GitLab for containerized workloads. Assessing all of that meant juggling multiple tools with different output formats and coverage gaps.

\n\n

Trajan folds everything we learned into a single tool spanning GitHub Actions, GitLab CI, and Azure DevOps. Each platform runs through the same phased pipeline: collect the pipeline config and the org surface, normalize it, correlate multi-step attack chains, scan against a YAML detection-rule corpus organized by attack category, and report through one unified findings format. Support for Jenkins, CircleCI, and Bitbucket is in active development.

\n\nSpeakers:Rahul Saranjame,Ranganatha Rao Sridhar,Tanishq Rupaal
\n
\nSpeakerBio:  Rahul Saranjame
\n

Lead Security Engineer at Praetorian focused on penetration testing, red/purple teaming, CI/CD pipeline security, and risk advisory assessments. Rahul is OSCP and CRTO certified, holds a Master\'s degree in Cybersecurity from Georgia Tech, and is a core contributor to Trajan.

\n\nSpeakerBio:  Ranganatha Rao Sridhar
\n

OSCE3 certified Lead Security Engineer at Praetorian with expertise spanning product, cloud, and corporate security. Rao holds a Master\'s degree in Cybersecurity from Georgia Tech and is a core contributor to Trajan.

\n\nSpeakerBio:  Tanishq Rupaal
\n

Staff Offensive Security Engineer at Praetorian specializing in cloud security across AWS, GCP, and Azure. He designed the Guard Platform\'s cloud integration mechanism, is a core contributor to Trajan, and holds an M.S. in Cybersecurity from Georgia Tech.

\n\n\n\'',NULL,1067640),('3_Saturday','13','13:00','13:45','N','Demo Labs','LVCCW Level 1 Hall 3 902 (Demo Labs Track 6)','\'Trajan: Cross-Platform CI/CD Security Scanner\'','\'Rahul Saranjame,Ranganatha Rao Sridhar,Tanishq Rupaal\'','Demo Labs_61951773d2696ad1c1dc30775ea6d1a8','\'Title: Trajan: Cross-Platform CI/CD Security Scanner
\nTags: AI | Demo Labs | Intermediate | Cloud | Defense/Blue Team | DevOps | Offense/Red Team | Purple Team | SecOps | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 13:00 - 13:45 PDT
\nWhere: LVCCW Level 1 Hall 3 902 (Demo Labs Track 6) - Map
\n
\nDescription:
\n

For three years, Praetorian has consistently found that CI/CD pipelines are one of the fastest paths to compromise enterprise environments. A misconfigured workflow or an over-privileged service connection can provide you with credentials, cloud access, or code execution on internal infrastructure, often undetected.

\n\n

We built to keep up: Gato for GitHub Actions (BH 2024), then Glato for GitLab CI (BH 2025). Both proved the approach: parse the pipeline configuration, classify triggers, gates, and danger zones, build a graph of how they connect, and surface what\'s actually exploitable.

\n\n

The problem was that no client runs just one platform. A typical enterprise has GitHub Actions for open-source, Azure DevOps for internal deployments, and GitLab for containerized workloads. Assessing all of that meant juggling multiple tools with different output formats and coverage gaps.

\n\n

Trajan folds everything we learned into a single tool spanning GitHub Actions, GitLab CI, and Azure DevOps. Each platform runs through the same phased pipeline: collect the pipeline config and the org surface, normalize it, correlate multi-step attack chains, scan against a YAML detection-rule corpus organized by attack category, and report through one unified findings format. Support for Jenkins, CircleCI, and Bitbucket is in active development.

\n\nSpeakers:Rahul Saranjame,Ranganatha Rao Sridhar,Tanishq Rupaal
\n
\nSpeakerBio:  Rahul Saranjame
\n

Lead Security Engineer at Praetorian focused on penetration testing, red/purple teaming, CI/CD pipeline security, and risk advisory assessments. Rahul is OSCP and CRTO certified, holds a Master\'s degree in Cybersecurity from Georgia Tech, and is a core contributor to Trajan.

\n\nSpeakerBio:  Ranganatha Rao Sridhar
\n

OSCE3 certified Lead Security Engineer at Praetorian with expertise spanning product, cloud, and corporate security. Rao holds a Master\'s degree in Cybersecurity from Georgia Tech and is a core contributor to Trajan.

\n\nSpeakerBio:  Tanishq Rupaal
\n

Staff Offensive Security Engineer at Praetorian specializing in cloud security across AWS, GCP, and Azure. He designed the Guard Platform\'s cloud integration mechanism, is a core contributor to Trajan, and holds an M.S. in Cybersecurity from Georgia Tech.

\n\n\n\'',NULL,1067641),('3_Saturday','16','16:00','16:45','N','Demo Labs','LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3)','\'VoiceLock: Offline, Robust On-Device Speech Transcription\'','\'Ayaan Qayyum,Parag Kalay\'','Demo Labs_3b07030e6020ff7a84cb713e83bffc8a','\'Title: VoiceLock: Offline, Robust On-Device Speech Transcription
\nTags: Beginner | AI | Demo Labs | Hardware/IoT | Mobile | Offense/Red Team | Threat Intel/Hunting | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 16:00 - 16:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3) - Map
\n
\nDescription:
\n

VoiceLock analyzes audio to identify speakers, count participants, and understand what each person said and discussed, just from a microphone. The self-contained, entirely offline system is designed for continuous, long-term use cases of 72 to 168 hours or more. The system runs entirely on-device, with high accuracy as tested on datasets and in the real world. Key innovations include an on-device vector database for fast speaker-similarity search and robust noise reduction, which greatly improve transcript accuracy. The output is a transcript with name labels. The system is fast enough to transcribe and report in under a minute. Code is written as an open-source Python module with a provided runtime and setup script to enable quick deployment on IoT devices. The system has been tested in challenging environments, including high noise levels, many speakers/arguments, and a lecture-style format. We present a live demo, technical details, and a short runtime tutorial.

\n\nSpeakers:Ayaan Qayyum,Parag Kalay
\n
\nSpeakerBio:  Ayaan Qayyum
\n

Ayaan is an MS in engineering student at Columbia University. His research interests include mobile computing, applied machine learning, edge AI, and data science. He is an expert in understanding customer needs and use cases to solve real-world problems.

\n\nSpeakerBio:  Parag Kalay
\n

Parag is a Biomedical Engineering MS student at Columbia University, combining expertise in CAD, rapid prototyping, and data-driven design to transform concepts into functional technologies under tight technical constraints. Skilled in translating clinical needs into robust engineering solutions from initial sketches to validated prototypes.

\n\n\n\'',NULL,1067642),('2_Friday','12','12:00','12:45','N','Demo Labs','LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3)','\'VoiceLock: Offline, Robust On-Device Speech Transcription\'','\'Ayaan Qayyum,Parag Kalay\'','Demo Labs_3139de42123a70d974c80e09f2a77adc','\'Title: VoiceLock: Offline, Robust On-Device Speech Transcription
\nTags: Beginner | AI | Demo Labs | Hardware/IoT | Mobile | Offense/Red Team | Threat Intel/Hunting | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 12:00 - 12:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3) - Map
\n
\nDescription:
\n

VoiceLock analyzes audio to identify speakers, count participants, and understand what each person said and discussed, just from a microphone. The self-contained, entirely offline system is designed for continuous, long-term use cases of 72 to 168 hours or more. The system runs entirely on-device, with high accuracy as tested on datasets and in the real world. Key innovations include an on-device vector database for fast speaker-similarity search and robust noise reduction, which greatly improve transcript accuracy. The output is a transcript with name labels. The system is fast enough to transcribe and report in under a minute. Code is written as an open-source Python module with a provided runtime and setup script to enable quick deployment on IoT devices. The system has been tested in challenging environments, including high noise levels, many speakers/arguments, and a lecture-style format. We present a live demo, technical details, and a short runtime tutorial.

\n\nSpeakers:Ayaan Qayyum,Parag Kalay
\n
\nSpeakerBio:  Ayaan Qayyum
\n

Ayaan is an MS in engineering student at Columbia University. His research interests include mobile computing, applied machine learning, edge AI, and data science. He is an expert in understanding customer needs and use cases to solve real-world problems.

\n\nSpeakerBio:  Parag Kalay
\n

Parag is a Biomedical Engineering MS student at Columbia University, combining expertise in CAD, rapid prototyping, and data-driven design to transform concepts into functional technologies under tight technical constraints. Skilled in translating clinical needs into robust engineering solutions from initial sketches to validated prototypes.

\n\n\n\'',NULL,1067643),('2_Friday','12','12:00','12:45','N','Demo Labs','LVCCW Level 1 Hall 3 901 (Demo Labs Track 5)','\'Weaponizing eBPF and XDP with Covert Triggered Reverse Shells\'','\'Yll \"0xBabar0ka\" Berisha\'','Demo Labs_e6f6cf9539fde04a901fce0be96c143f','\'Title: Weaponizing eBPF and XDP with Covert Triggered Reverse Shells
\nTags: Demo Labs | Intermediate | Defense/Blue Team | Malware | Offense/Red Team | Purple Team | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 12:00 - 12:45 PDT
\nWhere: LVCCW Level 1 Hall 3 901 (Demo Labs Track 5) - Map
\n
\nDescription:
\neBPF and XDP now underpin critical Linux infrastructure yet their kernel-level access creates a blind spot: adversaries can weaponize these primitives for stealth persistence that evades standard forensic tools. Current defenses are not equipped for this emerging threat.
\n\n

We built Phantasma, an open-source eBPF implant, to expose this gap. It combines three kernel-level techniques: (1) XDP covert triggering that intercepts packets at the NIC driver before they reach the networking stack, firewalls, or packet capture systems (2) getdents64 syscall interception to hide processes from /proc, defeating ps, top, and all enumeration tools; and (3) bpf() syscall interception to cloak loaded eBPF objects from bpftool and forensic inspection.

\n\n

We live-demonstrate the full attack chain deployment, self-cloaking, magic packet activation, and encrypted reverse shell showing the implant defeating packet capture, process listing, and BPF introspection simultaneously.

\n\n

We then present the defenses this threat demands: kernel audit rules for bpf() syscalls, /sys/fs/bpf inspection, XDP attachment monitoring, and behavioral indicators. Attendees leave with detection rules, hardening steps, and a clear understanding of why eBPF must be treated as an attack surface, not just a defense tool.

\n\nSpeakerBio:  Yll \"0xBabar0ka\" Berisha
\n

I am an offensive security researcher with 2 years of experience in penetration testing, red teaming, and custom tooling. I am the creator of Phantasma, an open-source eBPF/XDP implant framework for stealth persistence research.

\n\n

Professionally, I have worked at Sentry, conducting web, mobile, and internal/external network penetration tests. At Finbbug, I contributed to a US Embassy-supported project assessing the cybersecurity posture of NGOs and media organizations in Kosovo, identifying issues such as XSS, directory listing, and IDOR vulnerabilities. At Starlabs, I built dark web monitoring tools using HaveIBeenPwned and LeakX APIs for automated credential leak detection.

\n\n

I hold BSCP (Burp Suite Certified), CRT-ID (Certified Red Team Infra Dev), MCRTA (Multi Cloud Red Teamer), CISCO ETHICAL HACKER, and HACKWISER CAPT certifications. I placed 1st at the Iowa State Cyber Defense Competition and represented Kosovo at the 2024 ENISA European Cybersecurity Challenge in Turin.

\n\n

I have presented at CyberZero on prompt injection attacks and deepfake-based social engineering at the TechRisck conference, and co-organized national and international CTFs designing real-world attack chain challenges.

\n\n

I am also a member of DefCon Group Prishtina (DC38338), where I contribute to co-organizing meetups and community events.

\n\n\n\'',NULL,1067644),('3_Saturday','16','16:00','16:45','N','Demo Labs','LVCCW Level 1 Hall 3 901 (Demo Labs Track 5)','\'Weaponizing eBPF and XDP with Covert Triggered Reverse Shells\'','\'Yll \"0xBabar0ka\" Berisha\'','Demo Labs_583c71769a10d7a419810e2715a09f3e','\'Title: Weaponizing eBPF and XDP with Covert Triggered Reverse Shells
\nTags: Demo Labs | Intermediate | Defense/Blue Team | Malware | Offense/Red Team | Purple Team | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 16:00 - 16:45 PDT
\nWhere: LVCCW Level 1 Hall 3 901 (Demo Labs Track 5) - Map
\n
\nDescription:
\neBPF and XDP now underpin critical Linux infrastructure yet their kernel-level access creates a blind spot: adversaries can weaponize these primitives for stealth persistence that evades standard forensic tools. Current defenses are not equipped for this emerging threat.
\n\n

We built Phantasma, an open-source eBPF implant, to expose this gap. It combines three kernel-level techniques: (1) XDP covert triggering that intercepts packets at the NIC driver before they reach the networking stack, firewalls, or packet capture systems (2) getdents64 syscall interception to hide processes from /proc, defeating ps, top, and all enumeration tools; and (3) bpf() syscall interception to cloak loaded eBPF objects from bpftool and forensic inspection.

\n\n

We live-demonstrate the full attack chain deployment, self-cloaking, magic packet activation, and encrypted reverse shell showing the implant defeating packet capture, process listing, and BPF introspection simultaneously.

\n\n

We then present the defenses this threat demands: kernel audit rules for bpf() syscalls, /sys/fs/bpf inspection, XDP attachment monitoring, and behavioral indicators. Attendees leave with detection rules, hardening steps, and a clear understanding of why eBPF must be treated as an attack surface, not just a defense tool.

\n\nSpeakerBio:  Yll \"0xBabar0ka\" Berisha
\n

I am an offensive security researcher with 2 years of experience in penetration testing, red teaming, and custom tooling. I am the creator of Phantasma, an open-source eBPF/XDP implant framework for stealth persistence research.

\n\n

Professionally, I have worked at Sentry, conducting web, mobile, and internal/external network penetration tests. At Finbbug, I contributed to a US Embassy-supported project assessing the cybersecurity posture of NGOs and media organizations in Kosovo, identifying issues such as XSS, directory listing, and IDOR vulnerabilities. At Starlabs, I built dark web monitoring tools using HaveIBeenPwned and LeakX APIs for automated credential leak detection.

\n\n

I hold BSCP (Burp Suite Certified), CRT-ID (Certified Red Team Infra Dev), MCRTA (Multi Cloud Red Teamer), CISCO ETHICAL HACKER, and HACKWISER CAPT certifications. I placed 1st at the Iowa State Cyber Defense Competition and represented Kosovo at the 2024 ENISA European Cybersecurity Challenge in Turin.

\n\n

I have presented at CyberZero on prompt injection attacks and deepfake-based social engineering at the TechRisck conference, and co-organized national and international CTFs designing real-world attack chain challenges.

\n\n

I am also a member of DefCon Group Prishtina (DC38338), where I contribute to co-organizing meetups and community events.

\n\n\n\'',NULL,1067645),('2_Friday','10','10:00','10:45','N','Demo Labs','LVCCW Level 1 Hall 3 900 (Demo Labs Track 4)','\'X-Ray Your Agents: Pentesting MCPs, Skills, and the Plugin Supply Chain\'','\'Xia Hua,Abhijeet Kumar\'','Demo Labs_20977489b2362288240c2aba86c1b93e','\'Title: X-Ray Your Agents: Pentesting MCPs, Skills, and the Plugin Supply Chain
\nTags: AI | Demo Labs | Intermediate | AppSec | Offense/Red Team | Purple Team | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 10:00 - 10:45 PDT
\nWhere: LVCCW Level 1 Hall 3 900 (Demo Labs Track 4) - Map
\n
\nDescription:
\n

Agents now run with thousands of third-party plugins — MCP servers, Claude skills, GPT actions, IDE extensions, plugin marketplaces — and the prevailing trust model is roughly “read the README and hope.” Tool descriptions are executable prompts. Tool parameters are executable code paths. Tool outputs feed straight into the next agent step. Yet there is no npm audit for this ecosystem, no signed manifests, and no capability sandbox in the wild.

\n\n

MCP X-Ray is an open-source security scanner that ports classical pentest tradecraft to the agent plugin supply chain. It combines static config and repo audit, rules-based and LLM-driven semantic analysis, and active pentesting that actually invokes tools with adversarial inputs — emitting SARIF that drops into GitHub, VS Code, and CI gates today. In this 30-minute session we will (1) walk the threat model that ties MCPs, skills, and plugin bundles together; (2) live-demo X-Ray finding real vulnerabilities in each. Attendees walk away with a CI template they can drop in on Monday, and three intentionally vulnerable plugins to keep practicing on.

\n\nSpeakers:Xia Hua,Abhijeet Kumar
\n
\nSpeakerBio:  Xia Hua
\n

Xia is co-founder and CEO of Traceforce which secures AI native apps running on devices. She previously led engineering at Clumio (acquired by Commvault), delivering cloud data protection products that were 20x faster and 10x more scalable than competitors. Earlier, she was an in-memory database architect at Oracle. Xia earned her PhD in Applied Mathematics from MIT.

\n\nSpeakerBio:  Abhijeet Kumar
\n

Abhijeet Kumar is an OSCP-certified offensive security researcher and M.Eng Cybersecurity student at the University of Maryland. He has disclosed critical vulnerabilities across NASA, SAIL critical infrastructure, Keurig Dr Pepper, and U.S. government programs which includes a CVSS 10.0 RCE that triggered an official CERT-In incident response and a full account takeover chain affecting users across 20+ countries. He captains UMD\'s CTF team RandomHackers, which placed 1st out of 64 universities at HTB Hack The Madness 2026, and has spoken at the Billington State and Local Cybersecurity Summit alongside the Director of Adversary Emulation.

\n\n\n\'',NULL,1067646),('3_Saturday','11','11:00','11:45','N','Demo Labs','LVCCW Level 1 Hall 3 900 (Demo Labs Track 4)','\'X-Ray Your Agents: Pentesting MCPs, Skills, and the Plugin Supply Chain\'','\'Xia Hua,Abhijeet Kumar\'','Demo Labs_90c5782379c186f2d2f125932b562863','\'Title: X-Ray Your Agents: Pentesting MCPs, Skills, and the Plugin Supply Chain
\nTags: AI | Demo Labs | Intermediate | AppSec | Offense/Red Team | Purple Team | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 11:00 - 11:45 PDT
\nWhere: LVCCW Level 1 Hall 3 900 (Demo Labs Track 4) - Map
\n
\nDescription:
\n

Agents now run with thousands of third-party plugins — MCP servers, Claude skills, GPT actions, IDE extensions, plugin marketplaces — and the prevailing trust model is roughly “read the README and hope.” Tool descriptions are executable prompts. Tool parameters are executable code paths. Tool outputs feed straight into the next agent step. Yet there is no npm audit for this ecosystem, no signed manifests, and no capability sandbox in the wild.

\n\n

MCP X-Ray is an open-source security scanner that ports classical pentest tradecraft to the agent plugin supply chain. It combines static config and repo audit, rules-based and LLM-driven semantic analysis, and active pentesting that actually invokes tools with adversarial inputs — emitting SARIF that drops into GitHub, VS Code, and CI gates today. In this 30-minute session we will (1) walk the threat model that ties MCPs, skills, and plugin bundles together; (2) live-demo X-Ray finding real vulnerabilities in each. Attendees walk away with a CI template they can drop in on Monday, and three intentionally vulnerable plugins to keep practicing on.

\n\nSpeakers:Xia Hua,Abhijeet Kumar
\n
\nSpeakerBio:  Xia Hua
\n

Xia is co-founder and CEO of Traceforce which secures AI native apps running on devices. She previously led engineering at Clumio (acquired by Commvault), delivering cloud data protection products that were 20x faster and 10x more scalable than competitors. Earlier, she was an in-memory database architect at Oracle. Xia earned her PhD in Applied Mathematics from MIT.

\n\nSpeakerBio:  Abhijeet Kumar
\n

Abhijeet Kumar is an OSCP-certified offensive security researcher and M.Eng Cybersecurity student at the University of Maryland. He has disclosed critical vulnerabilities across NASA, SAIL critical infrastructure, Keurig Dr Pepper, and U.S. government programs which includes a CVSS 10.0 RCE that triggered an official CERT-In incident response and a full account takeover chain affecting users across 20+ countries. He captains UMD\'s CTF team RandomHackers, which placed 1st out of 64 universities at HTB Hack The Madness 2026, and has spoken at the Billington State and Local Cybersecurity Summit alongside the Director of Adversary Emulation.

\n\n\n\'',NULL,1067647),('2_Friday','11','11:00','11:45','N','Demo Labs','LVCCW Level 1 Hall 3 900 (Demo Labs Track 4)','\'Zealot: An Autonomous Cloud Offensive Multi-Agent System\'','\'Chen Doytshman\'','Demo Labs_d15d7126d97a8752c2f459341919ecf9','\'Title: Zealot: An Autonomous Cloud Offensive Multi-Agent System
\nTags: AI | Demo Labs | Intermediate | AppSec | Cloud | Defense/Blue Team | Offense/Red Team | Purple Team | SecOps | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 11:00 - 11:45 PDT
\nWhere: LVCCW Level 1 Hall 3 900 (Demo Labs Track 4) - Map
\n
\nDescription:
\n

In November 2025, Anthropic disclosed a state-sponsored operation where AI didn\'t assist human attackers — it was the attacker, executing 80-90% of the campaign autonomously. The question shifted from \"could this happen?\" to \"how bad can it get?\"

\n\n

We built Zealot to find out.

\n\n

Zealot is a multi-agent offensive framework that autonomously chains reconnaissance, exploitation, privilege escalation, and data exfiltration against cloud environments — with no human directing individual steps. A supervisor agent coordinates three specialists (Infrastructure, AppSec, and Cloud) that share attack state and hand off context as the operation progresses. The result: an AI system that thinks strategically and executes tactically, the way a real red team does.

\n\n

In live sandbox tests against GCP, Zealot autonomously discovered an exposed web service, identified and exploited an SSRF vulnerability, extracted service account credentials from the metadata service, impersonated a higher-privileged account, and exfiltrated BigQuery datasets — start to finish, without a human touching the keyboard after the objective was set.

\n\n

We\'ll walk through the architecture, show the full attack chain on video, and share the honest lessons: where AI operators excel (systematic enumeration, credential chaining, API fluency), where they fall short (a

\n\nSpeakerBio:  Chen Doytshman
\n

I\'m a security researcher with a background in artificial intelligence and machine learning. I am passionate about using my skills to protect against cyber threats. With over 5 years of experience in the field, I have a strong understanding of both security and AI technologies and am skilled at combining the two to identify and mitigate vulnerabilities.

\n\n\n\'',NULL,1067648),('3_Saturday','12','12:00','12:45','N','Demo Labs','LVCCW Level 1 Hall 3 900 (Demo Labs Track 4)','\'Zealot: An Autonomous Cloud Offensive Multi-Agent System\'','\'Chen Doytshman\'','Demo Labs_8709fec5bc1ec0e8c8f37803d1bbfd47','\'Title: Zealot: An Autonomous Cloud Offensive Multi-Agent System
\nTags: AI | Demo Labs | Intermediate | AppSec | Cloud | Defense/Blue Team | Offense/Red Team | Purple Team | SecOps | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 12:00 - 12:45 PDT
\nWhere: LVCCW Level 1 Hall 3 900 (Demo Labs Track 4) - Map
\n
\nDescription:
\n

In November 2025, Anthropic disclosed a state-sponsored operation where AI didn\'t assist human attackers — it was the attacker, executing 80-90% of the campaign autonomously. The question shifted from \"could this happen?\" to \"how bad can it get?\"

\n\n

We built Zealot to find out.

\n\n

Zealot is a multi-agent offensive framework that autonomously chains reconnaissance, exploitation, privilege escalation, and data exfiltration against cloud environments — with no human directing individual steps. A supervisor agent coordinates three specialists (Infrastructure, AppSec, and Cloud) that share attack state and hand off context as the operation progresses. The result: an AI system that thinks strategically and executes tactically, the way a real red team does.

\n\n

In live sandbox tests against GCP, Zealot autonomously discovered an exposed web service, identified and exploited an SSRF vulnerability, extracted service account credentials from the metadata service, impersonated a higher-privileged account, and exfiltrated BigQuery datasets — start to finish, without a human touching the keyboard after the objective was set.

\n\n

We\'ll walk through the architecture, show the full attack chain on video, and share the honest lessons: where AI operators excel (systematic enumeration, credential chaining, API fluency), where they fall short (a

\n\nSpeakerBio:  Chen Doytshman
\n

I\'m a security researcher with a background in artificial intelligence and machine learning. I am passionate about using my skills to protect against cyber threats. With over 5 years of experience in the field, I have a strong understanding of both security and AI technologies and am skilled at combining the two to identify and mitigate vulnerabilities.

\n\n\n\'',NULL,1067649),('2_Friday','13','13:00','13:45','N','Demo Labs','LVCCW Level 1 Hall 3 900 (Demo Labs Track 4)','\'Zero-Cloud Threat Modeling: Vector Embedding Architectures for Automated Vulnerability Detection\'','\'Ankit Vashisth\'','Demo Labs_298560f2a4d26f600c235d595a30c81f','\'Title: Zero-Cloud Threat Modeling: Vector Embedding Architectures for Automated Vulnerability Detection
\nTags: AI | Demo Labs | Intermediate | AppSec | Threat Intel/Hunting | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 13:00 - 13:45 PDT
\nWhere: LVCCW Level 1 Hall 3 900 (Demo Labs Track 4) - Map
\n
\nDescription:
\n

Traditional threat modeling is a tedious, manual process prone to human error. Conversely, modern \"AI\" threat modeling tools almost universally depend on sending sensitive, proprietary system architectures to third-party APIs in cleartext.

\n\n

We present AI Threat Modeler (AITM), a fully open-source, zero-cloud application designed to automate architecture-driven STRIDE threat modeling completely offline. AITM fundamentally shifts how we analyze system designs by replacing brittle, keyword-based regex rules with a local Semantic AI Engine.

\n\n

Under the hood, AITM leverages sentence-transformers and an in-memory FAISS vector database to embed a comprehensive, 116+ component knowledge base. During analysis, a custom NetworkX graph builder parses natural language or structured architecture descriptions (via spaCy) to map undocumented architectural features to known CVE classes and STRIDE categories.

\n\n

Furthermore, AITM introduces \"Architecture Intelligence\" using graph traversal algorithms to automatically infer missing trust boundaries and identify multi-step attack chains that standalone component scanning misses.\nIn this demo, we will:\nWalk through the automated ingestion of a microservice architecture.\nDemonstrate how the local FAISS engine discovers semantic threats that evade keyword matching.\nShow dynamic attack cha

\n\nSpeakerBio:  Ankit Vashisth
\n

Ankit Vashisth is a Security Engineer with over 4 years of experience in application security, cloud security, and DevSecOps. He has worked on security assessments across web, mobile, network, and enterprise systems for global clients. His interests include AI-driven security tooling, threat modeling, and security automation. Ankit actively researches ways to apply AI to improve security architecture analysis and vulnerability detection.

\n\n\n\'',NULL,1067650),('3_Saturday','16','16:00','16:45','N','Demo Labs','LVCCW Level 1 Hall 3 900 (Demo Labs Track 4)','\'Zero-Cloud Threat Modeling: Vector Embedding Architectures for Automated Vulnerability Detection\'','\'Ankit Vashisth\'','Demo Labs_683655ab4f6ae6b1ac71376cf0883232','\'Title: Zero-Cloud Threat Modeling: Vector Embedding Architectures for Automated Vulnerability Detection
\nTags: AI | Demo Labs | Intermediate | AppSec | Threat Intel/Hunting | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 16:00 - 16:45 PDT
\nWhere: LVCCW Level 1 Hall 3 900 (Demo Labs Track 4) - Map
\n
\nDescription:
\n

Traditional threat modeling is a tedious, manual process prone to human error. Conversely, modern \"AI\" threat modeling tools almost universally depend on sending sensitive, proprietary system architectures to third-party APIs in cleartext.

\n\n

We present AI Threat Modeler (AITM), a fully open-source, zero-cloud application designed to automate architecture-driven STRIDE threat modeling completely offline. AITM fundamentally shifts how we analyze system designs by replacing brittle, keyword-based regex rules with a local Semantic AI Engine.

\n\n

Under the hood, AITM leverages sentence-transformers and an in-memory FAISS vector database to embed a comprehensive, 116+ component knowledge base. During analysis, a custom NetworkX graph builder parses natural language or structured architecture descriptions (via spaCy) to map undocumented architectural features to known CVE classes and STRIDE categories.

\n\n

Furthermore, AITM introduces \"Architecture Intelligence\" using graph traversal algorithms to automatically infer missing trust boundaries and identify multi-step attack chains that standalone component scanning misses.\nIn this demo, we will:\nWalk through the automated ingestion of a microservice architecture.\nDemonstrate how the local FAISS engine discovers semantic threats that evade keyword matching.\nShow dynamic attack cha

\n\nSpeakerBio:  Ankit Vashisth
\n

Ankit Vashisth is a Security Engineer with over 4 years of experience in application security, cloud security, and DevSecOps. He has worked on security assessments across web, mobile, network, and enterprise systems for global clients. His interests include AI-driven security tooling, threat modeling, and security automation. Ankit actively researches ways to apply AI to improve security architecture analysis and vulnerability detection.

\n\n\n\'',NULL,1067651),('2_Friday','15','15:00','15:45','N','Demo Labs','LVCCW Level 1 Hall 3 902 (Demo Labs Track 6)','\'pymsi: Interactive MSI Installer Analysis in Python and the Browser\'','\'Ryan \"Nightlark\" Mast\'','Demo Labs_f1a57cb3aa8eab29df76d104c4a333f5','\'Title: pymsi: Interactive MSI Installer Analysis in Python and the Browser
\nTags: Beginner | Demo Labs | AppSec | Defense/Blue Team | Malware | Threat Intel/Hunting | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 15:00 - 15:45 PDT
\nWhere: LVCCW Level 1 Hall 3 902 (Demo Labs Track 6) - Map
\n
\nDescription:
\n

pymsi is a pure-Python library for parsing, analyzing, and extracting files from Windows installer (MSI) packages, without relying on native Windows APIs or tooling. It provides direct access to MSI database tables, embedded binary streams, and installer metadata, enabling security researchers to inspect installer behavior and extract files from MSI installers.

\n\n

We will demonstrate its ability to safely tear apart malicious MSI droppers, dump internal database tables, and extract embedded payloads without risking accidental execution. Attendees will see how the CLI and Python API can be used to triage files and integrate it into automated analysis pipelines, including how it has been integrated into other open source tools to extract embedded payloads and identify malicious CustomAction behaviors.

\n\n

Because it is written entirely in Python, it runs seamlessly on any OS with a Python interpreter, including web browsers. The demo will showcase the online MSI viewer, a client-side tool powered by Pyodide that gives pymsi a familiar lessmsi-style UI for working with MSI installers from any device with a web browser. Demos will also show new security analysis features for identifying suspicious installer behaviors and inspecting contents of embedded binary streams within a browser.

\n\nSpeakerBio:  Ryan \"Nightlark\" Mast
\n

Ryan is a software engineer working on open source projects to make the electric grid more reliable. His interests include software security, niche video games, tearing apart \"smart\" devices, and reverse engineering audio/video hardware used in live productions.

\n\n\n\'',NULL,1067652),('3_Saturday','11','11:00','11:45','N','Demo Labs','LVCCW Level 1 Hall 3 902 (Demo Labs Track 6)','\'pymsi: Interactive MSI Installer Analysis in Python and the Browser\'','\'Ryan \"Nightlark\" Mast\'','Demo Labs_1f21b811c65a54327e9be368e7770186','\'Title: pymsi: Interactive MSI Installer Analysis in Python and the Browser
\nTags: Beginner | Demo Labs | AppSec | Defense/Blue Team | Malware | Threat Intel/Hunting | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 11:00 - 11:45 PDT
\nWhere: LVCCW Level 1 Hall 3 902 (Demo Labs Track 6) - Map
\n
\nDescription:
\n

pymsi is a pure-Python library for parsing, analyzing, and extracting files from Windows installer (MSI) packages, without relying on native Windows APIs or tooling. It provides direct access to MSI database tables, embedded binary streams, and installer metadata, enabling security researchers to inspect installer behavior and extract files from MSI installers.

\n\n

We will demonstrate its ability to safely tear apart malicious MSI droppers, dump internal database tables, and extract embedded payloads without risking accidental execution. Attendees will see how the CLI and Python API can be used to triage files and integrate it into automated analysis pipelines, including how it has been integrated into other open source tools to extract embedded payloads and identify malicious CustomAction behaviors.

\n\n

Because it is written entirely in Python, it runs seamlessly on any OS with a Python interpreter, including web browsers. The demo will showcase the online MSI viewer, a client-side tool powered by Pyodide that gives pymsi a familiar lessmsi-style UI for working with MSI installers from any device with a web browser. Demos will also show new security analysis features for identifying suspicious installer behaviors and inspecting contents of embedded binary streams within a browser.

\n\nSpeakerBio:  Ryan \"Nightlark\" Mast
\n

Ryan is a software engineer working on open source projects to make the electric grid more reliable. His interests include software security, niche video games, tearing apart \"smart\" devices, and reverse engineering audio/video hardware used in live productions.

\n\n\n\'',NULL,1067653),('2_Friday','11','11:00','11:45','N','Demo Labs','LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2)','\'sisakulint:CI-Friendly static linter with autofix, SAST, semantic analysis for GitHub Actions\'','\'Atsushi Sada,hikae\'','Demo Labs_3bb357d3e542ee576fb789006bc5326a','\'Title: sisakulint:CI-Friendly static linter with autofix, SAST, semantic analysis for GitHub Actions
\nTags: AI | Demo Labs | Intermediate | AppSec | Cloud | DevOps | Purple Team | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 11:00 - 11:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2) - Map
\n
\nDescription:
\n

GitHub Actions workflows are vulnerable by default. Hardening such as commit-hash pinning, least-privilege permissions, and timeouts is optional, never enforced at pipeline level. Exploitable configs ship daily, increasingly written by Coding Agents.\nsisakulint is a fast heuristic static analyzer for GitHub Actions covering all OWASP Top 10 CI/CD risks, with 52 rules, a taint engine, and 38+ auto-fixes. It outpaces CodeQL on speed and quality, with 100% detection on 18 GHSL advisories and 81.6% on 38 GHSAs covering exploits in PX4-Autopilot, vets-api, weaviate, nrwl/nx.

\n\n

Impostor Commit at CVSS 9.8 validates pinned SHAs against the claimed repository, not impostors via Git forks, a check unique to sisakulint. Code Injection at CVSS 9.8 tracks untrusted input through ${{ }} and step outputs. AI Action Rules detect Clinejection on claude-code-action, copilot-swe-agent, and openai-actions, covering tool grants, prompt injection, and wildcard triggers, as in Cline 2026/02 where issue title injection stole NPM_RELEASE_TOKEN. Known Vulnerable Actions catches tj-actions/changed-files.

\n\n

In the Coding Agent era, linters matter more. Delegating 52 rules to an LLM degrades precision; deterministic engines run in ms with no variance. The session covers end-to-end detection, taint propagation, and automated remediation.

\n\nSpeakers:Atsushi Sada,hikae
\n
\nSpeakerBio:  Atsushi Sada
\n

Atsushi Sada is a CSIRT member specializing in cloud security on AWS and GitHub, and enterprise security with MDM, EDR, AI governance. He is an ethical hacker and security tool developer. He built sisakulint and MachStealer for practical security research in static/network analysis, Malware.

\n\n

He co-founded and organizes @sec_wakate, a community for junior security engineers in Japan. He has spoken at Black Hat USA/Asia Arsenal, AVTOKYO, and AWS Security JAWS.

\n\nSpeakerBio:  hikae
\n

Security Engineer in Red Team @ freee inc, AI Security Specialist.

\n\n\n\'',NULL,1067654),('3_Saturday','11','11:00','11:45','N','Demo Labs','LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2)','\'sisakulint:CI-Friendly static linter with autofix, SAST, semantic analysis for GitHub Actions\'','\'Atsushi Sada,hikae\'','Demo Labs_f54b6af95a1a7927f03af1b64ae3f0cc','\'Title: sisakulint:CI-Friendly static linter with autofix, SAST, semantic analysis for GitHub Actions
\nTags: AI | Demo Labs | Intermediate | AppSec | Cloud | DevOps | Purple Team | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 11:00 - 11:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2) - Map
\n
\nDescription:
\n

GitHub Actions workflows are vulnerable by default. Hardening such as commit-hash pinning, least-privilege permissions, and timeouts is optional, never enforced at pipeline level. Exploitable configs ship daily, increasingly written by Coding Agents.\nsisakulint is a fast heuristic static analyzer for GitHub Actions covering all OWASP Top 10 CI/CD risks, with 52 rules, a taint engine, and 38+ auto-fixes. It outpaces CodeQL on speed and quality, with 100% detection on 18 GHSL advisories and 81.6% on 38 GHSAs covering exploits in PX4-Autopilot, vets-api, weaviate, nrwl/nx.

\n\n

Impostor Commit at CVSS 9.8 validates pinned SHAs against the claimed repository, not impostors via Git forks, a check unique to sisakulint. Code Injection at CVSS 9.8 tracks untrusted input through ${{ }} and step outputs. AI Action Rules detect Clinejection on claude-code-action, copilot-swe-agent, and openai-actions, covering tool grants, prompt injection, and wildcard triggers, as in Cline 2026/02 where issue title injection stole NPM_RELEASE_TOKEN. Known Vulnerable Actions catches tj-actions/changed-files.

\n\n

In the Coding Agent era, linters matter more. Delegating 52 rules to an LLM degrades precision; deterministic engines run in ms with no variance. The session covers end-to-end detection, taint propagation, and automated remediation.

\n\nSpeakers:Atsushi Sada,hikae
\n
\nSpeakerBio:  Atsushi Sada
\n

Atsushi Sada is a CSIRT member specializing in cloud security on AWS and GitHub, and enterprise security with MDM, EDR, AI governance. He is an ethical hacker and security tool developer. He built sisakulint and MachStealer for practical security research in static/network analysis, Malware.

\n\n

He co-founded and organizes @sec_wakate, a community for junior security engineers in Japan. He has spoken at Black Hat USA/Asia Arsenal, AVTOKYO, and AWS Security JAWS.

\n\nSpeakerBio:  hikae
\n

Security Engineer in Red Team @ freee inc, AI Security Specialist.

\n\n\n\'',NULL,1067655),('3_Saturday','16','16:00','16:45','N','Demo Labs','LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1)','\'xEndity: IoT Firmware Analysis & Digital Twin Platform\'','\'Zeus \"LightningGod\" Chan,Kenneth \"kenleejl\" Lee\'','Demo Labs_d207f34edcce8c9d3c26191b6f85fdd4','\'Title: xEndity: IoT Firmware Analysis & Digital Twin Platform
\nTags: Demo Labs | Intermediate | Defense/Blue Team | Hardware/IoT | Offense/Red Team | Purple Team | Threat Intel/Hunting | DEF CON Demo Labs
\nWhen: Saturday, Aug 8, 16:00 - 16:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1) - Map
\n
\nDescription:
\n

IoT devices are embedded in critical infrastructure globally, yet security teams face a fundamental constraint: you cannot aggressively test what you cannot safely replicate. Physical hardware is expensive, limited in supply, and testing against production systems is off-limits. This leaves defenders operating blind against an expanding attack surface of billions of connected devices.

\n\n

xEndity is an open-source, end-to-end IoT firmware emulation platform that transforms raw firmware binaries into fully functional, network-ready virtual device instances, no physical hardware required. It provides an automated pipeline spanning firmware acquisition, binary analysis, filesystem extraction, emulation packaging, and orchestrated deployment of emulated device networks at scale.

\n\n

The platform enables two high-impact use cases: first, as a scopeless penetration testing range where red teams and researchers can conduct unrestricted vulnerability validation, exploit development, and attack simulation against realistic IoT environments. Second, as a deceptive defense layer where emulated devices are deployed as high-interaction honeypots to capture adversary tradecraft, collect OS-level and network telemetry, and generate actionable threat intelligence.

\n\nSpeakers:Zeus \"LightningGod\" Chan,Kenneth \"kenleejl\" Lee
\n
\nSpeakerBio:  Zeus \"LightningGod\" Chan
\n

Zeus Chan is a security researcher on the Adversary Emulation Team at HTX (Home Team Science and Technology Agency), where he focuses on IoT firmware analysis, device emulation, and offensive security research. His work spans building automated pipelines for firmware emulation, security testbed development, and honeypot deployment for threat intelligence collection against embedded systems. Zeus has presented IoT security research at DEFCON events globally and Milipol TechX Singapore, and has supported community initiatives including the HTX Public Safety Village at DEFCON Singapore. He holds experience in red team operations supporting critical national infrastructure across the finance and healthcare sectors.

\n\nSpeakerBio:  Kenneth \"kenleejl\" Lee
\n

Cyber security enjoyer

\n\n\n\'',NULL,1067656),('2_Friday','13','13:00','13:45','N','Demo Labs','LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1)','\'xEndity: IoT Firmware Analysis & Digital Twin Platform\'','\'Zeus \"LightningGod\" Chan,Kenneth \"kenleejl\" Lee\'','Demo Labs_8e470110e011edb413e9f5ce1ac17d1e','\'Title: xEndity: IoT Firmware Analysis & Digital Twin Platform
\nTags: Demo Labs | Intermediate | Defense/Blue Team | Hardware/IoT | Offense/Red Team | Purple Team | Threat Intel/Hunting | DEF CON Demo Labs
\nWhen: Friday, Aug 7, 13:00 - 13:45 PDT
\nWhere: LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1) - Map
\n
\nDescription:
\n

IoT devices are embedded in critical infrastructure globally, yet security teams face a fundamental constraint: you cannot aggressively test what you cannot safely replicate. Physical hardware is expensive, limited in supply, and testing against production systems is off-limits. This leaves defenders operating blind against an expanding attack surface of billions of connected devices.

\n\n

xEndity is an open-source, end-to-end IoT firmware emulation platform that transforms raw firmware binaries into fully functional, network-ready virtual device instances, no physical hardware required. It provides an automated pipeline spanning firmware acquisition, binary analysis, filesystem extraction, emulation packaging, and orchestrated deployment of emulated device networks at scale.

\n\n

The platform enables two high-impact use cases: first, as a scopeless penetration testing range where red teams and researchers can conduct unrestricted vulnerability validation, exploit development, and attack simulation against realistic IoT environments. Second, as a deceptive defense layer where emulated devices are deployed as high-interaction honeypots to capture adversary tradecraft, collect OS-level and network telemetry, and generate actionable threat intelligence.

\n\nSpeakers:Zeus \"LightningGod\" Chan,Kenneth \"kenleejl\" Lee
\n
\nSpeakerBio:  Zeus \"LightningGod\" Chan
\n

Zeus Chan is a security researcher on the Adversary Emulation Team at HTX (Home Team Science and Technology Agency), where he focuses on IoT firmware analysis, device emulation, and offensive security research. His work spans building automated pipelines for firmware emulation, security testbed development, and honeypot deployment for threat intelligence collection against embedded systems. Zeus has presented IoT security research at DEFCON events globally and Milipol TechX Singapore, and has supported community initiatives including the HTX Public Safety Village at DEFCON Singapore. He holds experience in red team operations supporting critical national infrastructure across the finance and healthcare sectors.

\n\nSpeakerBio:  Kenneth \"kenleejl\" Lee
\n

Cyber security enjoyer

\n\n\n\'',NULL,1067657),('3_Saturday','20','20:00','21:59','N','Social Gatherings/Events','LVCCW Level 1 Hall 3 1006,904 (Main Tracks 1,4)','\'Hacker Jeopardy\'','\'\'','Social Gatherings/Events_810541ff6aaca2524c376022ebe99a2b','\'Title: Hacker Jeopardy
\nTags: Event | Hacker Jeopardy!
\nWhen: Saturday, Aug 8, 20:00 - 21:59 PDT
\nWhere: LVCCW Level 1 Hall 3 1006,904 (Main Tracks 1,4) - Map
\n
\nDescription:
\n\n\n\'',NULL,1067658),('3_Saturday','21','20:00','21:59','Y','Social Gatherings/Events','LVCCW Level 1 Hall 3 1006,904 (Main Tracks 1,4)','\'Hacker Jeopardy\'','\'\'','Social Gatherings/Events_810541ff6aaca2524c376022ebe99a2b','\'\'',NULL,1067659),('2_Friday','20','20:00','21:59','N','Social Gatherings/Events','LVCCW Level 1 Hall 3 1006,904 (Main Tracks 1,4)','\'Hacker Jeopardy\'','\'\'','Social Gatherings/Events_d96f225f1c40dab8b49550e8f06bca92','\'Title: Hacker Jeopardy
\nTags: Event | Hacker Jeopardy!
\nWhen: Friday, Aug 7, 20:00 - 21:59 PDT
\nWhere: LVCCW Level 1 Hall 3 1006,904 (Main Tracks 1,4) - Map
\n
\nDescription:
\n\n\n\'',NULL,1067660),('2_Friday','21','20:00','21:59','Y','Social Gatherings/Events','LVCCW Level 1 Hall 3 1006,904 (Main Tracks 1,4)','\'Hacker Jeopardy\'','\'\'','Social Gatherings/Events_d96f225f1c40dab8b49550e8f06bca92','\'\'',NULL,1067661),('2_Friday','18','18:00','20:59','N','Social Gatherings/Events','LVCCW Level 2 W210-211 (Policy Village)','\'Policy Party\'','\'\'','Social Gatherings/Events_2f20d11623093d75f6ef2441be1ba5e2','\'Title: Policy Party
\nTags: Party | Policy @ DEF CON
\nWhen: Friday, Aug 7, 18:00 - 20:59 PDT
\nWhere: LVCCW Level 2 W210-211 (Policy Village) - Map
\n
\nDescription:
\n\n\n\'',NULL,1067662),('2_Friday','19','18:00','20:59','Y','Social Gatherings/Events','LVCCW Level 2 W210-211 (Policy Village)','\'Policy Party\'','\'\'','Social Gatherings/Events_2f20d11623093d75f6ef2441be1ba5e2','\'\'',NULL,1067663),('2_Friday','20','18:00','20:59','Y','Social Gatherings/Events','LVCCW Level 2 W210-211 (Policy Village)','\'Policy Party\'','\'\'','Social Gatherings/Events_2f20d11623093d75f6ef2441be1ba5e2','\'\'',NULL,1067664),('2_Friday','10','10:00','12:59','N','Contests','LVCCW Level 1 Hall 1-100 (Contest Stage)','\'Aw, man…pages!\'','\'\'','Contests_5b6e102adaa50bbef2de5b815bd08ec4','\'Title: Aw, man…pages!
\nTags: Aw, man...pages! | Contest
\nWhen: Friday, Aug 7, 10:00 - 12:59 PDT
\nWhere: LVCCW Level 1 Hall 1-100 (Contest Stage) - Map
\n
\nDescription:
\n

How well do you know your man pages? Find out by teaming up with up to 3 other people (or come solo and get matched up with some new friends) and play \"Aw, man...pages!\". Across several rounds, your knowledge of man pages and software will be tested to the limit. Can you remember what command line flag is being described by its help text? Can you identify a tool just from a man page snippet? Can you decipher our cryptic command clues? Will you prove yourself worthy to be crowned the man page champion?

\n\n

Participant Prerequisites

\n\n

None. We will provide answer sheets and pens. Participants can form teams of up to 4 people beforehand, or at the event.

\n\n\'',NULL,1067665),('2_Friday','11','10:00','12:59','Y','Contests','LVCCW Level 1 Hall 1-100 (Contest Stage)','\'Aw, man…pages!\'','\'\'','Contests_5b6e102adaa50bbef2de5b815bd08ec4','\'\'',NULL,1067666),('2_Friday','12','10:00','12:59','Y','Contests','LVCCW Level 1 Hall 1-100 (Contest Stage)','\'Aw, man…pages!\'','\'\'','Contests_5b6e102adaa50bbef2de5b815bd08ec4','\'\'',NULL,1067667),('2_Friday','14','14:00','14:59','N','Contests','LVCCW Level 1 Hall 1-100 (Contest Stage)','\'DEF CON Beard and Mustache Contest\'','\'\'','Contests_a8cf120281bc5150ca39ec375c5f1ad6','\'Title: DEF CON Beard and Mustache Contest
\nTags: DEF CON Beard and Mustache Contest | Contest
\nWhen: Friday, Aug 7, 14:00 - 14:59 PDT
\nWhere: LVCCW Level 1 Hall 1-100 (Contest Stage) - Map
\n
\nDescription:
\n

The DC Beard and Mustache Contest has been held every year since DEF CON 19 in 2011 (R.I.P. Riviera), (Except during that COVID thing - but we are not going to talk about that COVID thing), the DEF CON Beard and Mustache Contest highlights the intersection of facial hair and hacker culture.

\n\n

Participant Prerequisites

\n\n

For 2025 offering 4 categories for the competition - You may only enter one category.

\n\n

This is an in-person contest - you must be present to participate.

\n\n

Full beard: Self-explanatory, for the truly bearded.

\n\n

Partial Beard: For those sporting Van Dykes, Goatees, Mutton Chops, and other partial beard styles.

\n\n

Mustache only: Judging on the mustache only, even if bearded. Bring your Handlebars, Fu Manchus, or whatever adorns your upper lip.

\n\n

Freestyle: Anything goes, including fake and creatively adorned beards. Creative women often do well in the Freestyle category.

\n\n

Timing

\n\n

Setup begins 1 hour before the event, on the Contest Stage.

\n\n\'',NULL,1067668),('2_Friday','16','16:00','17:59','N','Contests','LVCCW Level 1 Hall 1-100 (Contest Stage)','\'Um, ACKtually\'','\'\'','Contests_db81b286e2c1b4c9cca0d546cc2f2a5d','\'Title: Um, ACKtually
\nTags: Um, ACKtually | Contest
\nWhen: Friday, Aug 7, 16:00 - 17:59 PDT
\nWhere: LVCCW Level 1 Hall 1-100 (Contest Stage) - Map
\n
\nDescription:
\n

Um, ACKtually is returning for it\'s 2nd year at DEF CON 34! If you\'ve ever seen the popular Dropout TV game-show \"Um, Actually\", then you know exactly who we stole this idea from.

\n\n

Three contestants will compete for the Pedantic Hacker crown, providing corrections for (just barely) incorrect statements given by the hosts about everything from general technology, cyber security, and overall nerd culture. We will chum the waters of the question pool with red herrings and wrong turns while the sharks circle to be the first to answer \"WELL, UM ACKTUALLY...\".

\n\n

Um, ACKtually celebrates everything hacker culture was built on. Community knowledge share, deep subject matter expertise of niche topics, and an almost orgasmic feeling of superiority at correcting someone else\'s mistakes, live and in public.

\n\n\'',NULL,1067669),('2_Friday','17','16:00','17:59','Y','Contests','LVCCW Level 1 Hall 1-100 (Contest Stage)','\'Um, ACKtually\'','\'\'','Contests_db81b286e2c1b4c9cca0d546cc2f2a5d','\'\'',NULL,1067670),('2_Friday','19','19:00','20:59','N','Contests','LVCCW Level 1 Hall 1-100 (Contest Stage)','\'AI Art Battle\'','\'\'','Contests_3e1eefea0694b2fdbd95304945abb4d0','\'Title: AI Art Battle
\nTags: AI Art Battle | Contest
\nWhen: Friday, Aug 7, 19:00 - 20:59 PDT
\nWhere: LVCCW Level 1 Hall 1-100 (Contest Stage) - Map
\n
\nDescription:
\n

This unique competition invites creative minds to dive into the world of artificial intelligence and art. The challenge is to craft the most imaginative prompts for generative AI models to create artwork.

\n\n

Contestants will not be creating the art themselves; instead, they will focus on designing prompts for well-known topics that push the boundaries of creativity and innovation.

\n\n

How It Works:

\n\n

Select a Topic:

\n\n

Contestants will choose from a list of random topics.

\n\n

These could range from historical events and famous literary works to mythical creatures, futuristic landscapes, and iconic pop culture references.

\n\n

Craft a Prompt:

\n\n

Using their creativity, contestants will write a detailed prompt designed to guide AI models in generating original artwork. The prompts should be clear, imaginative, and offer enough detail to spark the AI\'s artistic capabilities.

\n\n

Submission:

\n\n

Each contestant will submit their prompt and the intended outcome.

\n\n

AI Generation:

\n\n

The submitted prompts will be fed into a generative AI art model, which will generate corresponding artworks.

\n\n

A random panel will determine who the winners are.

\n\n\'',NULL,1067671),('2_Friday','20','19:00','20:59','Y','Contests','LVCCW Level 1 Hall 1-100 (Contest Stage)','\'AI Art Battle\'','\'\'','Contests_3e1eefea0694b2fdbd95304945abb4d0','\'\'',NULL,1067672),('2_Friday','22','22:00','23:59','N','Social Gatherings/Events','LVCCW Level 1 Hall 1-100 (Contest Stage)','\'Whose Slide Is It Anyway?\'','\'\'','Social Gatherings/Events_9b6247ed5bb7fea93c1e84015bb80df7','\'Title: Whose Slide Is It Anyway?
\nTags: Event | Whose Slide Is It Anyway?
\nWhen: Friday, Aug 7, 22:00 - 23:59 PDT
\nWhere: LVCCW Level 1 Hall 1-100 (Contest Stage) - Map
\n
\nDescription:
\n

DEF CON 34 marks an entire DECADE of “Whose Slide Is It Anyway?”” being the unholy union of improv comedy, hacking, and slide deck sado-masochism. We are the embodiment of the hacker battle cry \"\"FUCK IT, WE\'LL DO IT IN PROD.\"\"

\n\n

For the last 10 years, our team of slide monkeys have created a stupid amount of short slide decks on whatever nonsense tickles our fancies. Slides are not exclusive to technology, they can and will be about anything. Contestants will take the stage and choose a random number corresponding to a specific slide deck. They will then improvise a minimum 5 minute / maximum 10 minute lightning talk, becoming instant subject matter experts on whatever topic/stream of consciousness appears on the screen.

\n\n

But....why?

\n\n

Because for us, the stage is hallowed ground and since stupidity can\'t be stopped, we decided to weaponize it. Whether you delight in the chaos of watching your fellow hackers squirm or would like to sacrifice yourself to the Contest Gods, it’s a night of schadenfreude for the whole family.

\n\n\'',NULL,1067673),('2_Friday','23','22:00','23:59','Y','Social Gatherings/Events','LVCCW Level 1 Hall 1-100 (Contest Stage)','\'Whose Slide Is It Anyway?\'','\'\'','Social Gatherings/Events_9b6247ed5bb7fea93c1e84015bb80df7','\'\'',NULL,1067674),('2_Friday','13','13:00','14:59','N','Contests','LVCCW Level 3 W327 (Misc Meeting Room)','\'Pub Quiz at DEF CON\'','\'\'','Contests_92130546171324d36f54c929475bee53','\'Title: Pub Quiz at DEF CON
\nTags: Pub Quiz at DEF CON | Contest
\nWhen: Friday, Aug 7, 13:00 - 14:59 PDT
\nWhere: LVCCW Level 3 W327 (Misc Meeting Room) - Map
\n
\nDescription:
\n

We’re back with another Pub Quiz at DEF CON! After 4 very successful years hosting this event, we’ve made some improvements to make it even better. So… do you like pub quizzes? If so, get your butts over and join us for the 5th Pub Quiz at DEF CON 34.

\n\n

The quiz will consist of 7 rounds, covering topics like ’90s/2000s TV and movies, DEF CON trivia, music, cartoons, and yes, a little bit of sex. The theme is all the things that make DEF CON attendees exceptional, so there will truly be something for everyone. Expect a mix of visual rounds, audio rounds, and classic con questions. We need to keep you peeps stimulated.

\n\n

This is a social event, so we encourage teams of 5–6 people. You never know… you might even meet the love of your life.

\n\n

Did we mention CASH? That’s right; cold, hard cash prizes for 1st, 2nd, and 3rd place teams. And as always, if there’s a tie, we’ll break it with a good old-fashioned dance-off, judged by the hosts and a few trusted goons.

\n\n

Come for the trivia. Stay for the chaos.

\n\n\'',NULL,1067675),('2_Friday','14','13:00','14:59','Y','Contests','LVCCW Level 3 W327 (Misc Meeting Room)','\'Pub Quiz at DEF CON\'','\'\'','Contests_92130546171324d36f54c929475bee53','\'\'',NULL,1067676),('3_Saturday','10','10:00','11:59','N','Contests','LVCCW Level 1 Hall 1-100 (Contest Stage)','\'Hack3r Runw@y v8.0\'','\'\'','Contests_5ad4463b0d910dea70e6baa26832c2ae','\'Title: Hack3r Runw@y v8.0
\nTags: Hack3r Runw@y v8.0 | Contest
\nWhen: Saturday, Aug 8, 10:00 - 11:59 PDT
\nWhere: LVCCW Level 1 Hall 1-100 (Contest Stage) - Map
\n
\nDescription:
\n

Hack3r Runw@y v8.0

\n\n

Where Code Meets Catwalk @ DEF CON 34

\n\n

The Hack3r Runw@y returns for its 8th evolution! After nearly a decade of bridging the gap between hardware and haberdashery, we’re back at DEF CON 34 to prove once again that hackers are the most creative engineers on the planet.

\n\n

Whether you’re a glamorous geek, a crafty coder, or a fashionably functional phantom, it’s time to weaponize your wardrobe. We’re challenging you to dismantle the boundary between \"security\" and \"style.\" If you can hack it, you can wear it.

\n\n

The Mission Categories\n- Smart-Wear (Active Tech): The high-voltage category. Integrate microcontrollers, sensors, and live telemetry into your designs. We want to see hardware that reacts to the environment—or the wearer—in real-time.\n- Digital Dazzle (Passive Tech): Bling with a brain. Focus on LEDs, fiber optics, and glow-tech that remains passive but high-impact. Light up the room without needing a CLI.\n- Functional Fashion (Tactical): Gear for the field. Think \"Cyber-Chic Pentester\": lockpick jewelry, shim-integrated accessories, signal-blocking fabrics, or high-fashion physical security tools.\n- Extraordinary Style (Creative Ops): The \"Kitbash\" category. Elevate the everyday with 3D textures, optical illusions, security-inspired patterns, and deep-cut cosplay.

\n\n

THE PEOPLE\'S CHOICE Trophy: One coveted trophy is up for grabs where ANYONE can win. But be warned: in true DEF CON fashion, there will be a twist. Follow the social media for updates.

\n\n
    \n
  • The Maker’s Mandate
  • \n
  • This is a pure DIY challenge. We value the \"Proof of Concept\" over the \"Price Tag.\"
  • \n
  • Originality is King: Items must be handmade or heavily modified (\"kitbashed\") by the entrant.
  • \n
  • No \"Off-the-Shelf\": Integrating components (like an Arduino or LED strip) is encouraged; buying a pre-finished \"light-up dress\" from a mass-retailer is an automatic DQ.
  • \n
  • Show Your Work: Documentation is required. Have photos, videos, or a build-log ready to prove your process if the judges need to verify your \"hacker\'s trail.\"
  • \n
\n\n

The Judging Criteria

\n\n

Our panel will be scoring builds based on:\n- Technical Mastery: Execution of hardware/software.\n- Couture Craftsmanship: Quality of the \"fit\" and finish.\n- Relevance: How it speaks to hacker culture or security.\n- Originality: Creative use of materials and \"kitbashing.\"

\n\n

Participant Prerequisites

\n\n

Originality: Items must be handmade by the entrant.

\n\n

Verification: Documentation (photos/video) of the build process is required to verify authenticity.

\n\n

Modification vs. Acquisition: We celebrate the \"kitbash.\" Using pre-made components to create something new is allowed, but \"off-the-shelf\" or \"plug-and-play\" retail items are not permitted.

\n\n\'',NULL,1067677),('3_Saturday','11','10:00','11:59','Y','Contests','LVCCW Level 1 Hall 1-100 (Contest Stage)','\'Hack3r Runw@y v8.0\'','\'\'','Contests_5ad4463b0d910dea70e6baa26832c2ae','\'\'',NULL,1067678),('3_Saturday','13','13:00','14:59','N','Contests','LVCCW Level 1 Hall 1-100 (Contest Stage)','\'Crash and Compile - Stage Competition\'','\'\'','Contests_13ba31ab1f9a7fc164893b5b1bbb2051','\'Title: Crash and Compile - Stage Competition
\nTags: Crash and Compile | Contest
\nWhen: Saturday, Aug 8, 13:00 - 14:59 PDT
\nWhere: LVCCW Level 1 Hall 1-100 (Contest Stage) - Map
\n
\nDescription:
\n

What happens when you take an ACM style programming contest, smash it head long into a drinking game, throw in a mix of our most distracting helpers, then shove the resulting chaos on stage in front of an audience? You get the contest known as Crash and Compile.

\n\n

Teams are given programming challenges and have to solve them with code. If your code fails to compile? Take a drink. Segfault? Take a drink. Did your code fail to produce the correct answer when you ran it? Take a drink. ChatGPT wrote your code? First of all shame. Secondly take a drink.

\n\n

We set you against the clock and the other teams. And because our \"Team Distraction\" think watching people simply code is boring, they have taken it upon themselves to be creative in hindering you from programming, much to the enjoyment of the audience. At the end of the night, one team will have proven their ability, and walk away with the coveted Crash and Compile trophy.

\n\n

Crash and Compile is looking for the top programmers to test their skills in our contest. Can you complete our challenges? Can you do so with style that sets your team ahead of the others? To play our game you must first complete our qualifying round. Gather your team and see if you have the coding chops to secure your place as one of the top teams to move on to the main contest.

\n\n

Qualifications for Crash and Compile will take place Friday starting at 10:00 and run till 18:00, both in the contest area and online at https://crashandcompile.org

\n\n

You may have up to two people per team. Individuals can compete, but having two people on a team is highly suggested.

\n\n

Of the qualifiers, ten teams will move on to compete head to head on the contest stage on Saturday.

\n\n

Participant Prerequisites

\n\n

As this contest involves the drinking of alcohol (beer), all contestants must be 21 years of age or older. Yes we will check. While we don\'t limit what development environment or programming language you chose to use, as we used a PDP11/23 when we competed, the team must have at least one computer that can connect to our contest network via wired ethernet for the main contest.

\n\n

Pre-Qualification

\n\n

Qualifiers run on Friday from 10:00 to 18:00. We will be located in the contest area, and the problems can be accessed via our site at https://crashandcompile.org

\n\n\'',NULL,1067679),('3_Saturday','14','13:00','14:59','Y','Contests','LVCCW Level 1 Hall 1-100 (Contest Stage)','\'Crash and Compile - Stage Competition\'','\'\'','Contests_13ba31ab1f9a7fc164893b5b1bbb2051','\'\'',NULL,1067680),('3_Saturday','22','22:00','23:59','N','Contests','LVCCW Level 1 Hall 1-100 (Contest Stage)','\'Feet Feud (Hacker Family Feud)\'','\'\'','Contests_b912d8e49eb678bdb43408e168f53a69','\'Title: Feet Feud (Hacker Family Feud)
\nTags: Feet Feud (Hacker Family Feud) | Contest
\nWhen: Saturday, Aug 8, 22:00 - 23:59 PDT
\nWhere: LVCCW Level 1 Hall 1-100 (Contest Stage) - Map
\n
\nDescription:
\n

Feet Feud (Hacker Family Feud) is a Cybersecurity-themed Family Feud style game arranged by members of the OnlyFeet CTF team and hosted by Toeb3rius (aka Tib3rius). Both survey questions and their answers are crowd-sourced from the Cybersecurity community. Two teams (Left Foot and Right Foot) captained by Ali Diamond and John Hammond and comprised of audience members go head to head, trying to figure out the top answers to the survey questions.

\n\n

Attendees can either watch the game or volunteer to play on one of the two teams. Audience participation is also encouraged if either of the two teams fails to get every answer of a survey question.

\n\n

Ultimately Feet Feud is about having a laugh, watching people in the industry attempt to figure out what randomly surveyed people from the Cybersecurity community put as answers to a number of security / tech related questions.

\n\n

Participant Prerequisites

\n\n

Participants are chosen by team captains from the audience at the start of the show. In order to be fair, we try to select participants from all seating areas, so folks who show up later than others still have a chance to volunteer.

\n\n\'',NULL,1067681),('3_Saturday','23','22:00','23:59','Y','Contests','LVCCW Level 1 Hall 1-100 (Contest Stage)','\'Feet Feud (Hacker Family Feud)\'','\'\'','Contests_b912d8e49eb678bdb43408e168f53a69','\'\'',NULL,1067682),('3_Saturday','18','18:00','20:59','N','Contests','LVCCW Level 1 Hall 1-100 (Contest Stage)','\'EFF Tech Trivia\'','\'\'','Contests_0c3579a46a8d452498dd4006507fcae0','\'Title: EFF Tech Trivia
\nTags: EFF Tech Trivia | Contest
\nWhen: Saturday, Aug 8, 18:00 - 20:59 PDT
\nWhere: LVCCW Level 1 Hall 1-100 (Contest Stage) - Map
\n
\nDescription:
\n

EFF\'s privacy and security experts have crafted a new trivia challenge for DEF CON 34! Compete as a team in our no-holds-barred showdown to prove mastery over the obscure facts of digital security, online rights, and internet culture.

\n\n

The First Place team wins a set of custom Cybertiger Champion Badges and EFF swag. Second and third place teams will also win Badges and EFF gear.

\n\n

Invite your friends OR show up and make new friends! Did someone say BRIBES?The world is unfair! You too could influence the judges to add a point or two to your team\'s tally. Overall Bribe winner also wins a custom badge! Test your knowledge of all things tech and support EFF, too.

\n\n

Participant Prerequisites

\n\n

No phones, laptops, or other digital knowledge allowed! Just you, your friends, and a friendly game of trivia.

\n\n\'',NULL,1067683),('3_Saturday','19','18:00','20:59','Y','Contests','LVCCW Level 1 Hall 1-100 (Contest Stage)','\'EFF Tech Trivia\'','\'\'','Contests_0c3579a46a8d452498dd4006507fcae0','\'\'',NULL,1067684),('3_Saturday','20','18:00','20:59','Y','Contests','LVCCW Level 1 Hall 1-100 (Contest Stage)','\'EFF Tech Trivia\'','\'\'','Contests_0c3579a46a8d452498dd4006507fcae0','\'\'',NULL,1067685),('4_Sunday','12','12:00','12:59','N','Contests','LVCCW Level 1 Hall 1-307 (DDoS Contest)','\'PWN UR H0M3 DDoS CTF Winner Announcements\'','\'\'','Contests_7f3d1aeffabeac4d24279c3b9642a33e','\'Title: PWN UR H0M3 DDoS CTF Winner Announcements
\nTags: DDoS Contest | Contest
\nWhen: Sunday, Aug 9, 12:00 - 12:59 PDT
\nWhere: LVCCW Level 1 Hall 1-307 (DDoS Contest) - Map
\n
\nDescription:
\n

PWN UR H0M3 DDoS CTF winners announced and prizes handed out.

\n\n\'',NULL,1067686),('3_Saturday','12','12:00','15:59','N','TNF','LVCCW Level 1 Hall 4-1307 (OSINT For Good Community)','\'Global OSINT Search Party CTF – DEF CON 34 Edition\'','\'\'','Creator Events_a2353a3ab44b789c9fd1429dadddeddc','\'Title: Global OSINT Search Party CTF – DEF CON 34 Edition
\nTags: OSINT For Good Community | Creator Event/Activity
\nWhen: Saturday, Aug 8, 12:00 - 15:59 PDT
\nWhere: LVCCW Level 1 Hall 4-1307 (OSINT For Good Community) - Map
\n
\nDescription:
\n

The Trace Labs Global OSINT Search Party CTF is a non-theoretical CTF where teams of up to 4 people use their OSINT skills to look for actual missing people. For DEF CON 34, we will be working directly with Las Vegas Metro PD to source local missing person cases they have requested the public’s assistance with. This is a hybrid event, open to participants of all skill levels, from anywhere in the world. Prizes will be awarded for 1st, 2nd, and 3rd places, as well as for Most Valuable OSINT. Participants at DEF CON can pickup their free event ticket by stopping by the OSINT4Good Community anytime prior to the event start. Global participants can get a ticket by going to https://www.tracelabs.org/tickets. Bring a laptop and some snacks and get ready to use OSINT4Good!

\n\n\'',NULL,1067687),('3_Saturday','13','12:00','15:59','Y','TNF','LVCCW Level 1 Hall 4-1307 (OSINT For Good Community)','\'Global OSINT Search Party CTF – DEF CON 34 Edition\'','\'\'','Creator Events_a2353a3ab44b789c9fd1429dadddeddc','\'\'',NULL,1067688),('3_Saturday','14','12:00','15:59','Y','TNF','LVCCW Level 1 Hall 4-1307 (OSINT For Good Community)','\'Global OSINT Search Party CTF – DEF CON 34 Edition\'','\'\'','Creator Events_a2353a3ab44b789c9fd1429dadddeddc','\'\'',NULL,1067689),('3_Saturday','15','12:00','15:59','Y','TNF','LVCCW Level 1 Hall 4-1307 (OSINT For Good Community)','\'Global OSINT Search Party CTF – DEF CON 34 Edition\'','\'\'','Creator Events_a2353a3ab44b789c9fd1429dadddeddc','\'\'',NULL,1067690),('2_Friday','19','19:00','21:59','N','Social Gatherings/Events','Sahara Hotel/Sahara Azul Ultra Pool','\'The KEVOPS Sellout Pool Party II: Sponsored by Zyn\'','\'\'','Social Gatherings/Events_b39685f9fa53eb1f4e4a7cc5bb711716','\'Title: The KEVOPS Sellout Pool Party II: Sponsored by Zyn
\nTags: Party
\nWhen: Friday, Aug 7, 19:00 - 21:59 PDT
\nWhere: Sahara Hotel/Sahara Azul Ultra Pool - Map
\n
\nDescription:
\n

The Sellout Pool Party is back. Join us for tacos and music!

\n\n\'',NULL,1067691),('2_Friday','20','19:00','21:59','Y','Social Gatherings/Events','Sahara Hotel/Sahara Azul Ultra Pool','\'The KEVOPS Sellout Pool Party II: Sponsored by Zyn\'','\'\'','Social Gatherings/Events_b39685f9fa53eb1f4e4a7cc5bb711716','\'\'',NULL,1067692),('2_Friday','21','19:00','21:59','Y','Social Gatherings/Events','Sahara Hotel/Sahara Azul Ultra Pool','\'The KEVOPS Sellout Pool Party II: Sponsored by Zyn\'','\'\'','Social Gatherings/Events_b39685f9fa53eb1f4e4a7cc5bb711716','\'\'',NULL,1067693),('1_Thursday','18','18:30','23:30','N','Social Gatherings/Events','The Industrial','\'Welcome Party at The Industrial\'','\'\'','Social Gatherings/Events_8cd9845f574f32ffb42a9cc27de253f3','\'Title: Welcome Party at The Industrial
\nTags: Party
\nWhen: Thursday, Aug 6, 18:30 - 23:30 PDT
\nWhere: The Industrial
\n
\nDescription:
\n

Kick off DEF CON at our official Welcome Party! We\'ll meet at The Industrial at 18:30.

\n\n

Standby for details about shuttles from LVCC to The Industrial.

\n\n\'',NULL,1067694),('1_Thursday','19','18:30','23:30','Y','Social Gatherings/Events','The Industrial','\'Welcome Party at The Industrial\'','\'\'','Social Gatherings/Events_8cd9845f574f32ffb42a9cc27de253f3','\'\'',NULL,1067695),('1_Thursday','20','18:30','23:30','Y','Social Gatherings/Events','The Industrial','\'Welcome Party at The Industrial\'','\'\'','Social Gatherings/Events_8cd9845f574f32ffb42a9cc27de253f3','\'\'',NULL,1067696),('1_Thursday','21','18:30','23:30','Y','Social Gatherings/Events','The Industrial','\'Welcome Party at The Industrial\'','\'\'','Social Gatherings/Events_8cd9845f574f32ffb42a9cc27de253f3','\'\'',NULL,1067697),('1_Thursday','22','18:30','23:30','Y','Social Gatherings/Events','The Industrial','\'Welcome Party at The Industrial\'','\'\'','Social Gatherings/Events_8cd9845f574f32ffb42a9cc27de253f3','\'\'',NULL,1067698),('1_Thursday','23','18:30','23:30','Y','Social Gatherings/Events','The Industrial','\'Welcome Party at The Industrial\'','\'\'','Social Gatherings/Events_8cd9845f574f32ffb42a9cc27de253f3','\'\'',NULL,1067699),('4_Sunday','22','22:30','01:59','N','Social Gatherings/Events','LIV Nightclub at Fontainebleau','\'DEF CON After party @ LIV Fontainebleau\'','\'\'','Social Gatherings/Events_6494c2c40732d58dafa38c38043542fa','\'Title: DEF CON After party @ LIV Fontainebleau
\nTags: Party
\nWhen: Sunday, Aug 9, 22:30 - 01:59 PDT
\nWhere: LIV Nightclub at Fontainebleau
\n
\nDescription:
\n

Close out DEF CON at LIV Fontainebleau. Bring your DEF CON badge for free admission and a free drink.

\n\n\'',NULL,1067700); /*!40000 ALTER TABLE `events` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `map_matrix` -- DROP TABLE IF EXISTS `map_matrix`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!50503 SET character_set_client = utf8mb4 */; CREATE TABLE `map_matrix` ( `id` int NOT NULL AUTO_INCREMENT, `image` enum('none','DC34_LV_CloseupLocations','DC34_LV_Overview','LVCCW_Level1_Full','LVCCW_Level1_Hall1','LVCCW_Level1_Hall2','LVCCW_Level1_Hall3','LVCCW_Level1_Hall4','LVCCW_Level1_North','LVCCW_Level1_Reg','LVCCW_Level1_South','LVCCW_Level2_East','LVCCW_Level2_Full','LVCCW_Level2_North','LVCCW_Level2_West','LVCCW_Level3_Full','LVCCW_Level3_North','LVCCW_Level3_South','Sahara_Full','LVCCN_Level2') CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NOT NULL, `left_image` enum('none','DC34_LV_CloseupLocations','DC34_LV_Overview','LVCCW_Level1_Full','LVCCW_Level1_Hall1','LVCCW_Level1_Hall2','LVCCW_Level1_Hall3','LVCCW_Level1_Hall4','LVCCW_Level1_North','LVCCW_Level1_Reg','LVCCW_Level1_South','LVCCW_Level2_East','LVCCW_Level2_Full','LVCCW_Level2_North','LVCCW_Level2_West','LVCCW_Level3_Full','LVCCW_Level3_North','LVCCW_Level3_South','Sahara_Full','LVCCN_Level2') CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NOT NULL, `up_left_image` enum('none','DC34_LV_CloseupLocations','DC34_LV_Overview','LVCCW_Level1_Full','LVCCW_Level1_Hall1','LVCCW_Level1_Hall2','LVCCW_Level1_Hall3','LVCCW_Level1_Hall4','LVCCW_Level1_North','LVCCW_Level1_Reg','LVCCW_Level1_South','LVCCW_Level2_East','LVCCW_Level2_Full','LVCCW_Level2_North','LVCCW_Level2_West','LVCCW_Level3_Full','LVCCW_Level3_North','LVCCW_Level3_South','Sahara_Full','LVCCN_Level2') CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NOT NULL, `up_image` enum('none','DC34_LV_CloseupLocations','DC34_LV_Overview','LVCCW_Level1_Full','LVCCW_Level1_Hall1','LVCCW_Level1_Hall2','LVCCW_Level1_Hall3','LVCCW_Level1_Hall4','LVCCW_Level1_North','LVCCW_Level1_Reg','LVCCW_Level1_South','LVCCW_Level2_East','LVCCW_Level2_Full','LVCCW_Level2_North','LVCCW_Level2_West','LVCCW_Level3_Full','LVCCW_Level3_North','LVCCW_Level3_South','Sahara_Full','LVCCN_Level2') CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NOT NULL, `up_right_image` enum('none','DC34_LV_CloseupLocations','DC34_LV_Overview','LVCCW_Level1_Full','LVCCW_Level1_Hall1','LVCCW_Level1_Hall2','LVCCW_Level1_Hall3','LVCCW_Level1_Hall4','LVCCW_Level1_North','LVCCW_Level1_Reg','LVCCW_Level1_South','LVCCW_Level2_East','LVCCW_Level2_Full','LVCCW_Level2_North','LVCCW_Level2_West','LVCCW_Level3_Full','LVCCW_Level3_North','LVCCW_Level3_South','Sahara_Full','LVCCN_Level2') CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NOT NULL, `right_image` enum('none','DC34_LV_CloseupLocations','DC34_LV_Overview','LVCCW_Level1_Full','LVCCW_Level1_Hall1','LVCCW_Level1_Hall2','LVCCW_Level1_Hall3','LVCCW_Level1_Hall4','LVCCW_Level1_North','LVCCW_Level1_Reg','LVCCW_Level1_South','LVCCW_Level2_East','LVCCW_Level2_Full','LVCCW_Level2_North','LVCCW_Level2_West','LVCCW_Level3_Full','LVCCW_Level3_North','LVCCW_Level3_South','Sahara_Full','LVCCN_Level2') CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NOT NULL, `down_right_image` enum('none','DC34_LV_CloseupLocations','DC34_LV_Overview','LVCCW_Level1_Full','LVCCW_Level1_Hall1','LVCCW_Level1_Hall2','LVCCW_Level1_Hall3','LVCCW_Level1_Hall4','LVCCW_Level1_North','LVCCW_Level1_Reg','LVCCW_Level1_South','LVCCW_Level2_East','LVCCW_Level2_Full','LVCCW_Level2_North','LVCCW_Level2_West','LVCCW_Level3_Full','LVCCW_Level3_North','LVCCW_Level3_South','Sahara_Full','LVCCN_Level2') CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NOT NULL, `down_image` enum('none','DC34_LV_CloseupLocations','DC34_LV_Overview','LVCCW_Level1_Full','LVCCW_Level1_Hall1','LVCCW_Level1_Hall2','LVCCW_Level1_Hall3','LVCCW_Level1_Hall4','LVCCW_Level1_North','LVCCW_Level1_Reg','LVCCW_Level1_South','LVCCW_Level2_East','LVCCW_Level2_Full','LVCCW_Level2_North','LVCCW_Level2_West','LVCCW_Level3_Full','LVCCW_Level3_North','LVCCW_Level3_South','Sahara_Full','LVCCN_Level2') CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NOT NULL, `down_left_image` enum('none','DC34_LV_CloseupLocations','DC34_LV_Overview','LVCCW_Level1_Full','LVCCW_Level1_Hall1','LVCCW_Level1_Hall2','LVCCW_Level1_Hall3','LVCCW_Level1_Hall4','LVCCW_Level1_North','LVCCW_Level1_Reg','LVCCW_Level1_South','LVCCW_Level2_East','LVCCW_Level2_Full','LVCCW_Level2_North','LVCCW_Level2_West','LVCCW_Level3_Full','LVCCW_Level3_North','LVCCW_Level3_South','Sahara_Full','LVCCN_Level2') CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NOT NULL, `plus_image` enum('none','DC34_LV_CloseupLocations','DC34_LV_Overview','LVCCW_Level1_Full','LVCCW_Level1_Hall1','LVCCW_Level1_Hall2','LVCCW_Level1_Hall3','LVCCW_Level1_Hall4','LVCCW_Level1_North','LVCCW_Level1_Reg','LVCCW_Level1_South','LVCCW_Level2_East','LVCCW_Level2_Full','LVCCW_Level2_North','LVCCW_Level2_West','LVCCW_Level3_Full','LVCCW_Level3_North','LVCCW_Level3_South','Sahara_Full','LVCCN_Level2') CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NOT NULL, `minus_image` enum('none','DC34_LV_CloseupLocations','DC34_LV_Overview','LVCCW_Level1_Full','LVCCW_Level1_Hall1','LVCCW_Level1_Hall2','LVCCW_Level1_Hall3','LVCCW_Level1_Hall4','LVCCW_Level1_North','LVCCW_Level1_Reg','LVCCW_Level1_South','LVCCW_Level2_East','LVCCW_Level2_Full','LVCCW_Level2_North','LVCCW_Level2_West','LVCCW_Level3_Full','LVCCW_Level3_North','LVCCW_Level3_South','Sahara_Full','LVCCN_Level2') CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NOT NULL, `floor_up_image` enum('none','DC34_LV_CloseupLocations','DC34_LV_Overview','LVCCW_Level1_Full','LVCCW_Level1_Hall1','LVCCW_Level1_Hall2','LVCCW_Level1_Hall3','LVCCW_Level1_Hall4','LVCCW_Level1_North','LVCCW_Level1_Reg','LVCCW_Level1_South','LVCCW_Level2_East','LVCCW_Level2_Full','LVCCW_Level2_North','LVCCW_Level2_West','LVCCW_Level3_Full','LVCCW_Level3_North','LVCCW_Level3_South','Sahara_Full','LVCCN_Level2') CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NOT NULL, `floor_down_image` enum('none','DC34_LV_CloseupLocations','DC34_LV_Overview','LVCCW_Level1_Full','LVCCW_Level1_Hall1','LVCCW_Level1_Hall2','LVCCW_Level1_Hall3','LVCCW_Level1_Hall4','LVCCW_Level1_North','LVCCW_Level1_Reg','LVCCW_Level1_South','LVCCW_Level2_East','LVCCW_Level2_Full','LVCCW_Level2_North','LVCCW_Level2_West','LVCCW_Level3_Full','LVCCW_Level3_North','LVCCW_Level3_South','Sahara_Full','LVCCN_Level2') CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NOT NULL, `bar_side` enum('left','bottom') NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=21 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_0900_ai_ci; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `map_matrix` -- LOCK TABLES `map_matrix` WRITE; /*!40000 ALTER TABLE `map_matrix` DISABLE KEYS */; INSERT INTO `map_matrix` VALUES (1,'DC34_LV_Overview','none','none','none','none','none','none','none','none','DC34_LV_CloseupLocations','none','none','none','left'),(2,'DC34_LV_CloseupLocations','LVCCW_Level1_Full','none','Sahara_Full','none','none','none','none','none','LVCCW_Level1_Full','DC34_LV_Overview','none','none','left'),(4,'Sahara_Full','none','none','none','none','none','none','LVCCW_Level1_Full','none','none','DC34_LV_Overview','none','none','bottom'),(5,'LVCCW_Level1_Full','none','none','Sahara_Full','none','LVCCN_Level2','none','none','none','LVCCW_Level1_South','DC34_LV_CloseupLocations','LVCCW_Level2_Full','none','left'),(6,'LVCCW_Level1_North','none','none','none','none','none','none','LVCCW_Level1_South','none','LVCCW_Level1_Hall4','LVCCW_Level1_Full','LVCCW_Level2_Full','none','bottom'),(7,'LVCCW_Level1_South','none','none','LVCCW_Level1_North','none','LVCCN_Level2','none','none','none','LVCCW_Level1_Reg','LVCCW_Level1_Full','LVCCW_Level2_Full','none','bottom'),(8,'LVCCW_Level1_Reg','none','none','LVCCW_Level1_Hall4','LVCCW_Level1_Hall3','LVCCW_Level1_Hall1','none','none','none','none','LVCCW_Level1_South','LVCCW_Level2_West','none','bottom'),(9,'LVCCW_Level1_Hall1','LVCCW_Level1_Reg','none','LVCCW_Level1_Hall2','none','none','none','none','none','none','LVCCW_Level1_South','LVCCW_Level2_Full','none','bottom'),(10,'LVCCW_Level1_Hall2','LVCCW_Level1_Reg','none','LVCCW_Level1_Hall3','none','none','none','LVCCW_Level1_Hall1','none','none','LVCCW_Level1_South','LVCCW_Level2_Full','none','bottom'),(11,'LVCCW_Level1_Hall3','none','none','LVCCW_Level1_Hall4','none','none','none','LVCCW_Level1_Hall2','LVCCW_Level1_Reg','none','LVCCW_Level1_North','LVCCW_Level2_Full','none','bottom'),(12,'LVCCW_Level1_Hall4','none','none','none','none','none','none','LVCCW_Level1_Hall3','LVCCW_Level1_Reg','none','LVCCW_Level1_North','LVCCW_Level2_Full','none','bottom'),(13,'LVCCW_Level3_Full','none','none','none','none','none','none','none','none','LVCCW_Level3_North','LVCCW_Level1_Full','none','LVCCW_Level2_Full','left'),(14,'LVCCW_Level2_Full','none','none','none','none','LVCCN_Level2','none','none','none','LVCCW_Level2_North','LVCCW_Level1_Full','LVCCW_Level3_Full','LVCCW_Level1_Reg','left'),(15,'LVCCW_Level3_North','none','none','none','none','none','none','LVCCW_Level3_South','none','none','LVCCW_Level3_Full','none','LVCCW_Level2_North','bottom'),(16,'LVCCW_Level3_South','none','none','LVCCW_Level3_North','none','none','none','none','none','none','LVCCW_Level3_Full','none','LVCCW_Level2_West','bottom'),(17,'LVCCW_Level2_North','none','none','none','none','none','LVCCW_Level2_East','none','LVCCW_Level2_West','none','LVCCW_Level2_Full','LVCCW_Level3_North','LVCCW_Level1_Reg','left'),(18,'LVCCW_Level2_East','LVCCW_Level2_West','LVCCW_Level2_North','none','none','LVCCN_Level2','none','none','none','none','LVCCW_Level2_Full','LVCCW_Level3_South','LVCCW_Level1_Reg','left'),(19,'LVCCW_Level2_West','none','none','none','LVCCW_Level2_North','LVCCW_Level2_East','none','none','none','none','LVCCW_Level2_Full','LVCCW_Level3_South','LVCCW_Level1_Reg','bottom'),(20,'LVCCN_Level2','LVCCW_Level2_Full','none','none','none','none','none','none','none','none','DC34_LV_CloseupLocations','none','none','left'); /*!40000 ALTER TABLE `map_matrix` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `pages` -- DROP TABLE IF EXISTS `pages`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!50503 SET character_set_client = utf8mb4 */; CREATE TABLE `pages` ( `id` int NOT NULL AUTO_INCREMENT, `name` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NOT NULL, `pagetype` enum('communities','contests','demolabs','exhibitors','pge','training','vendors','workshops','creatortalk','creatorWS','DCtalk','creatorEvt','MISC') CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci DEFAULT NULL, `description` text NOT NULL, `imageurl` varchar(300) NOT NULL, `imagename` varchar(200) NOT NULL, `forumpage` varchar(200) NOT NULL, `forumarticle` varchar(200) NOT NULL, `linkname` varchar(200) NOT NULL, `linkurl` varchar(300) NOT NULL, `orgas_id` int NOT NULL, `location` varchar(300) CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NOT NULL, `sessiontimes` varchar(1024) CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci DEFAULT NULL, PRIMARY KEY (`id`), KEY `pagetype` (`pagetype`), KEY `orgas_id` (`orgas_id`) ) ENGINE=InnoDB AUTO_INCREMENT=182087 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_0900_ai_ci; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `pages` -- LOCK TABLES `pages` WRITE; /*!40000 ALTER TABLE `pages` DISABLE KEYS */; INSERT INTO `pages` VALUES (181822,'\'DCNextGen\'','communities','\'

DCNextGen\'s mission is to empower the next generation of young hackers by creating an environment where hands on discoveries can reveal new and unexpected ways of thinking about security and technology. \n

DCNextGen is DEF CON’s official youth initiative, providing participants ages 18 and under with hands-on classes, workshops, talks, and events focused on ethical hacking and relevant cybersecurity skills. Through our electronic badge Capture the Flag (CTF) contest, youth tackle challenges across conference villages, gaining both points and confidence along the way.\n

DCNextGen also offers one of a kind experiences including meeting legendary hackers, attending tech-themed parties and events, and collaborating with like-minded peers from around the world. No prior technical experience is required — participants can learn entirely new skills or sharpen the ones they already have in a supportive, engaging environment.\n

Lets explore and change the world together, one network at a time.\n

Links:
    Mastodon (@defconnextgen@defcon.social) - https://defcon.social/@defconnextgen
\n    Website - https://dcnextgen.org/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/com-dcnextgen.webp\'','\'com-dcnextgen.webp\'','','','','',41222,'\'Map Page - LVCCW Level 3 W316 (DC NextGen)\'',NULL),(181823,'\'Quiet Room with TDI & MHH\'','communities','\'

Are you overwhelmed by DEF CON and need a quiet place? Come hang out in our quiet room with fidgets and other helpful decompression toys. \n

Whether you are overwhelmed by the options or the space itself, we aim to offer a place to get yourself back together.\n

No talks, no workshops, just calm and quiet.\n

Links:
    Website - https://www.dianainitiative.org/ and https://www.mentalhealthhackers.org/
\n    Mastodon (@DianaInitiative@defcon.social) - https://defcon.social/@DianaInitiative
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/com-dianainitiative-quiet.webp\'','\'com-dianainitiative-quiet.webp\'','','','','',41290,'\'Map Page - LVCCW Level 2 W208 (Quiet Room with TDI and MHH)\'',NULL),(181824,'\'From the Static: A HRV Fox Hunt\'','contests','\'

Somewhere in the noise, a transmission is waiting.\nIt started as fragments; bursts of signal buried in the static, too deliberate to be interference, too strange to be routine. Someone is broadcasting. Someone doesn\'t want to be found. And someone else really, really does.\n

The spectrum is crowded, surveilled, and owned. But old frequencies never die; they just go quiet. Somewhere on the con floor, Foxes are transmitting. Each one carries a piece of something bigger. A fragment of a message. A coordinate. A key. Alone they\'re noise. Together they\'re signal.\n

Your job is to find them, collect the pieces, and figure out what they\'re trying to say.\n

Some Foxes are stationary; patient, waiting, transmitting on a loop. Others are moving through the crowd, blending in, broadcasting short range. All of them have something you need. None of them will make it easy.\n

\n
Expect
\n
- Moving and stationary Foxes broadcasting short-range signals across the con space.\n- Volunteer human Foxes roaming the contest floor - hunt them down, respectfully, with radios or other RF scanning equipment.\n- Coded fragments, puzzles, DEF CON history, and the occasional social engineering opportunity standing between you and your next clue.\n- Trinkets, tokens, or ??? exchanged when you succeed — bring something to write with and something to capture what you find.
\n

#### Participant Prerequisites\n

RF Fox Hunt(s): To participate in the RF fox hunt(s), you will need a radio or scanner that can receive signals in the 2m and/or 70cm Amateur Radio Bands (144.000 MHz - 148.000 MHz, 420.000 MHz - 450.000 MHz). This isn\'t a contest where the most expensive gear wins - whether you\'re running an SDR, a handheld radio, or just tuned into the right frequency, you\'ve got a shot.\n

Recommended:
\n- Something to take notes with.
\n- Something to capture clues (a camera or steady hand). \n- Something to listen with and capture signals.\n- A token from the Ham Radio Village - remember to register and check in to be eligible for prizes.\n

#### Pre-Qualification\n

There is no pre-qualifier to the Ham Radio Fox Hunt.\n

Links:
    Website - https://hamvillage.org/
\n    Mastodon (@hamradiovillage@defcon.social) - @hamradiovillage@defcon.social
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-hrvfoxhunt_v2.webp\'','\'cnt-hrvfoxhunt_v2.webp\'','','','','',41291,'\'Map Page - LVCCW Level 1 Hall 1-112 (Can it Ham? & From the Static: A HRV Fox Hunt)\'',NULL),(181825,'\'DEF CON Academy\'','communities','\'

Through this Community, attendees will dive straight into the world of Capture the Flag (CTF) hacking, taking on challenges hosted on the pwn.college platform. Expect hands-on puzzles that build real skill: navigating Linux, exploiting binaries, reversing code, and breaking web apps to see how they work under the hood.\n

You won’t be hacking alone. Experienced hackers and top CTF players will be on-site to help you think like an attacker, troubleshoot when you’re stuck, and share the tricks they use in real-world security work.\n

Beyond the challenges, it’s all about the hacker mindset: collaborating, experimenting, and celebrating those breakthrough moments. Whether you’re just getting started or already deep in CTFs, you’ll sharpen your skills, meet your people, and leave ready for the next challenge.\n

Links:
    Website - https://defcon.pwn.college/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/com-dcacademy.webp\'','\'com-dcacademy.webp\'','','','','',41295,'\'Map Page - LVCCW Level 1 Hall 4-1305 (DEF CON Academy)\'',NULL),(181826,'\'The Diana Initiative\'','communities','\'

We are seeking to let people collaborate and discuss things they run into because of who they are. These are done in birds of a feather informal conversation format. We will again have notetakers making non attributed notes during these conversions with key take aways so you can check the board if you miss the discussion. In addition there will be a few interactive workshop sessions available during the event.\n

Based on your feedback half the time our area will be unstructured, making more room for spontaneous discussions and collaborations.\n

Our reference desk can help you come up with a plan before going back out into DEF CON. The reference desk will work to find and connect you with the amazing events and communities at the conference, as well as in the community at large. We\'re specifically working with some of the other communities, contests and villages to be able to recommend great things for you to do if you are unsure about what you want to do.\n

Finally, for those who find it hard to dive into something new alone, we will have tour guides leading people from the main lobby to various locations throughout the day if you need inspiration on where to start or what to do next, follow us!\n

Links:
    Website - https://www.dianainitiative.org/
\n    Mastodon (@DianaInitiative@defcon.social) - https://defcon.social/@DianaInitiative
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/com-dianainitiative.webp\'','\'com-dianainitiative.webp\'','','','','',41297,'\'Map Page - LVCCW Level 2 W208-209 (Diana Initiative)\'',NULL),(181827,'\'DEF CON CTF: Benevolent Bureau of Birds\'','contests','\'

We are the Benevolent Bureau of Birds (BBB), formulated from previous victors of past DEF CON CTF contests. We are dedicated to the ethos at the core of CTF: community, skill-building, and showing off insane new hacking talent. \n

#### Participant Prerequisites\n

Players will have to be qualified by an online qualifer to take place in May. Chosen players are then required to have a laptop to participate in the in-person contest, to interact with the scoreboard and challenges hosted on network. \n

#### Pre-Qualification\n

Yes - online pre-qualifier in May 22-24, 2026.\n

Links:
    Website - https://bbbirds.org
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-bbb-ctf-logo.webp\'','\'cnt-bbb-ctf-logo.webp\'','','','','',41300,'\'Map Page - LVCCW Level 1 Hall 2-500 (DEF CON CTF: Benevolent Bureau of Birds)\'',NULL),(181828,'\'Bug Bounty Village CTF\'','contests','\'

Welcome to the Bug Bounty Village CTF, where we strip away the \"\"riddles\"\" and replace them with a massive, living, and breathing target. We’ve built a custom, feature-rich web application from the ground up—and then we broke it. This isn\'t just a contest; it’s a high-stakes simulation of the real world.\n

Last year, hackers called this the most authentic bug bounty experience they’d ever seen. Why? Because you aren\'t just looking for flags; you’re hunting for vulnerabilities in business logic, breaking APIs, and tricking AI chatbots. You’ll be submitting real reports to a live triage team of industry experts who will judge your work, challenge your findings, and help you sharpen your reporting skills on the fly.\n

Whether you\'re a seasoned pro looking for a challenge or a newcomer ready to make your mark, this is your chance to engage with hacking in its purest form. Come for the competition, stay for the feedback, and leave with the skills (and maybe some exclusive swag) that the world’s top bounty programs are looking for. The target is live. The triagers are waiting. Are you ready to hunt?\n

#### Participant Prerequisites\n

To participate in the Bug Bounty Village CTF, you will need:\n

Hardware: A laptop with a reliable battery and a charger.\n

Connectivity: Your machine must be pre-configured to connect to the DEF CON Wi-Fi securely.\n

Tools: A web proxy tool is essential (e.g., Burp Suite, Caido, or OWASP ZAP).\n

Knowledge: A foundational understanding of common web vulnerabilities (OWASP Top 10) and basic HTTP protocol knowledge.\n

Mindset: A curious, analytical approach and a passion for breaking things in creative ways.\n

If you want to get a head start, we recommend brushing up on API security and prompt injection techniques, as our target landscape continues to evolve alongside modern tech stacks.\n

Links:
    Website - https://www.bugbountydefcon.com/ctf
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-bugbounty_v2.webp\'','\'cnt-bugbounty_v2.webp\'','','','','',41302,'\'Map Page - LVCCW Level 1 Hall 1-303 (Bug Bounty Village CTF)\'',NULL),(181829,'\'Memorial Chamber\'','communities','\'

The DEF CON Memorial Chamber serves as a sacred space within our community — a place where we pause to honor those hackers whose brilliance and dedication have elevated not just our craft, but the entire security ecosystem. Here we remember figures whose generous spirit and willingness to coordinate security fixes demonstrated that true hacking greatness lies in collaboration. We are here because DEF CON has been the beating heart of the hacker community for over three decades, growing from 100 people in 1993 to the world\'s largest hacker conference. As Jeff Moss envisioned, DEF CON is what we make of it, this memorial space represents our commitment to ensuring that the legacy of those we\'ve lost continues to inspire future generations of hackers to pursue knowledge, build community, and use their gifts to make the world better.

\'','NULL','NULL','','','','',41303,'\'Map Page - LVCCW Level 3 W302 (Memorial Chamber)\'',NULL),(181830,'\'Escalation Desk CTF\'','contests','\'

Customer service channels are increasingly saturated with conversational text and voice AI agents. Can you convince, trick, or break enough of them to earn your shot at a live human operator in a real-world call center?\n

Escalation Desk is Call Center Village\'s capture-the-flag challenge. Start with low-pressure AI agents and learn how to spot, avoid, and exploit common pitfalls and patterns in system prompts — eventually unlocking live human operators at our partner call centers. A real-time leaderboard tracks solo and team progress, with our not-so-famous Golden Telephone Booth trophy awarded to the top participant.\n

Hit our minimum point threshold and earn a special Call Center Village 100 Trying black flight tag. The top individual and their team also take home the rare Call Center Village 200 OK gold flight tags. Bring your tags to Party Line, Call Center Village\'s after-hours telephony-themed party, and enjoy free refreshments for your spoils.\n

Escalation Desk is beginner (and introvert) friendly — if you can dial a phone number or use a keyboard, you can participate. Bring your own laptop and headset, or use one of our village stations. Active Noise-canceling headphones with a microphone are highly recommended.\n

Links:
    Mastodon (@callcentervillage@defcon.social) - @callcentervillage@defcon.social
\n    Website - https://www.callcentervillage.com
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-callcenter-escalation.webp\'','\'cnt-callcenter-escalation.webp\'','','','','',41304,'\'Map Page - LVCCW Level 2 W218 (Call Center Village)\'',NULL),(181831,'\'Women in Security and Privacy (WISP)\'','communities','\'

Women in Security and Privacy (WISP) provides a safe space for women and underrepresented community members to connect, relax, engage, learn, and re-energize. Attendees can expect a supportive environment in which all are safe and welcomed.\n

We offer arts and crafts activities including friendship bracelet making and coloring. Our space is available for connecting, networking, and meeting fellow attendees as well as spaces that are created for individuals to take a time out and rest. Our events are designed to connect attendees to others who are also underrepresented so they can build a supportive network and team of fellow attendees.\n

Links:
    Website - https://www.wisporg.com/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/com-wisp.webp\'','\'com-wisp.webp\'','','','','',41306,'\'Map Page - LVCCW Level 1 Hall 4-1303 (Women in Security and Privacy (WISP) Community)\'',NULL),(181832,'\'DEF CON Groups (DCG)\'','communities','\'

DEF CON Groups are the year round, local communities that bring the DEF CON spirit home. Run by volunteers around the world, DCGs create spaces where hackers meet, learn, collaborate, and build community outside of conference season.\n

The DEF CON Groups community space brings together Points of Contact, members, and prospective members to collaborate, share ideas, and learn from one another. Through informal workshops and hands on interaction, participants exchange practical lessons on building, sustaining, and evolving local hacker communities.\n

The space also serves as a social anchor. A relaxed place to reconnect with old friends, meet new ones, and participate in light interactive activities that reflect the collaborative nature of hacking culture.\n

DEF CON has always been the island of misfit toys we all return to once a year. DEF CON Groups are how that ethos survives the other fifty one weeks.\n

Links:
    Website - https://defcongroups.org
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/com-dcg.webp\'','\'com-dcg.webp\'','','','','',41307,'\'Map Page - LVCCW Level 2 W238 (DEF CON Groups)\'',NULL),(181833,'\'Blacks In Cybersecurity Village Capture The Flag Competition\'','contests','\'

The Blacks In Cybersecurity (BIC) Village Capture The Flag contest is a jeopardy style event designed to practice solving challenges in multiple categories. This event seeks to not only be a series of puzzles and challenges to solve but, a gamified way to learn concepts of social justice, emerging technology and Black history. At DEF CON 34 the BIC Village CTF team will take you to the campus of Alaafia State University (Go Firebirds!) with a special history and an even more promising future!\n

#### Participant Prerequisites\n

Participants may want to bring their own laptops, physical security tools, lock picks, hardware hacking tools or other supplies to interact with both of our physical and virtual set-ups.\n

Links:
    Mastodon (@blacksincyber@infosec.exchange) - https://infosec.exchange/@blacksincyber
\n    Website - https://www.blacksincyberconf.com/ctf
\n    Mastodon (@blacksincyber@defcon.social) - https://defcon.social/@blacksincyber
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-bic-ctf.webp\'','\'cnt-bic-ctf.webp\'','','','','',41309,'\'Map Page - LVCCW Level 3 W322-W324 (BIC Village)\'',NULL),(181834,'\'Apex Park (Cloud Village CTF)\'','contests','\'

Cloud Village CTF will be a jeopardy style 2 days contest where participants will have to solve challenges around Cloud infrastructure, security, recon, etc. These challenges will cover different cloud platforms including AWS, GCP, Azure, Digital Ocean, etc. We will also reward our top 3 teams with awards.​​\n

#### Participant Prerequisites\n

A laptop with unfiltered internet access and an open mind to learn with the community.\n

Links:
    Website - https://www.cloud-village.org/
\n    Mastodon (@cloudvillage_dc@mastodon.social) - https://mastodon.social/@cloudvillage_dc
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-cloudvillage-apexpark.webp\'','\'cnt-cloudvillage-apexpark.webp\'','','','','',41310,'\'Map Page - LVCCW Level 3 W311-W313 (Cloud Village)\'',NULL),(181835,'\'Hac-Man\'','contests','\'

Rogue Signal builds bespoke, technically driven interactive experiences rooted in hacker culture, game design, and immersive storytelling. Drawing from backgrounds in immersive theater, live events production, community building, and deep game design practice, Rogue Signal creates systems that transform participation into exploration.\n

Rather than relying on superficial gamification, Rogue Signal focuses on meaningful challenge design. Their experiences reward curiosity, experimentation, collaboration, and strategic thinking. From scavenger hunts to technical skill challenges to digital easter eggs, each activation is designed around the specific audience and environment it lives in.\n

At DEF CON, Rogue Signal brings that philosophy to Hac-Man. A Pac-Man–themed security challenge platform that blends retro inspiration with layered technical depth. Participants will engage directly with structured challenges that test logic, pattern recognition, foundational security and hacker knowledge, and progressively more advanced technical skills.\n

Hac-Man reflects the hacker mindset: iterate, experiment, fail, refine, break assumptions, and try again. It encourages collaboration where helpful, competition where motivating, and discovery at every level.\n

Attendees can expect:
\n- Hands-on security challenges
\n- Multiple subject-matter tracks
\n- Layered difficulty levels
\n- Scavenger style discovery elements
\n- Competitive scoring and mission style progression\n- A welcoming but technically rich environment\n

Whether you’re new to security or already deep in the field, Rogue Signal’s space offers a place to test your thinking, sharpen your skills, and experience hacking concepts through play.\n

#### Participant Prerequisites\n

Participants will need access to a smartphone, tablet, or laptop in order to access gameplay content and view leaderboards. The experience is web-accessible and designed to function on standard modern devices.\n

No specialized hardware (e.g., Flipper Zero, SDR, etc.) is required. Foundational familiarity with basic computer use and logical problem-solving will be helpful, but no advanced security knowledge is required to begin. The game features layered difficulty tracks to accommodate both beginners and more advanced participants.\n

Links:
    Website - https://roguesignal.io/
\n    peoplemaking.games/@RogueSignal - https://peoplemaking.games/@RogueSignal
\n
\'','NULL','NULL','','','','',41312,'\'Map Page - LVCCW Level 1 Hall 1-213 (Hac-Man (Rogue Signal))\'',NULL),(181836,'\'Hardware Hacking Village CTF\'','contests','\'

Grab some solder and update your JTAGulator! The Hardware Hacking Village (HHV) is back with another DEF CON hardware hacking-focused Capture the Flag (CTF) competition. This is a jeopardy style CTF, designed to challenge participants through various aspects of hardware hacking. Whether you\'re new to hardware hacking or experienced and just looking for something to do while you wait for your fault injection to trigger, all are welcome and challenges range from beginner to advanced.\n

#### Participant Prerequisites\n

While not required, a laptop, programmable microcontroller, and logic analyzer may make some of the challenges more approachable. We try to have at least one of any device needed to solve a challenge available that a participant can either use at our bullpen or borrow for some time. We try to publish a list of recommended tools to bring to social media and our website a few weeks before DC so attendees can prepare.\n

Links:
    Mastodon (@hhv_ctf@defcon.social) - @hhv_ctf@defcon.social
\n    Website - https://dchhv.org/challenges/DC34
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-hhvctf_v2.webp\'','\'cnt-hhvctf_v2.webp\'','','','','',41313,'\'Map Page - LVCCW Level 1 Hall 1-400 (Hardware Hacking Village and Solder Skills Village)\'',NULL),(181837,'\'Radio Frequency Capture the Flag\'','contests','\'

In this game capture the flag you will be presented with real configurations of real wireless and radio technologies to attack. Practice your skill and learn new ones from Radio Frequency IDentification (RFID) through Software Defined Radio (SDR) and up to Bluetooth and WiFi. There may even be Infrared, if you have the eye for it.\n

RF Hackers Sanctuary is once again holding the Radio Frequency Capture the Flag (RFCTF) at DEF CON 34. RFHS runs this game to teach security concepts and to give people a safe and legal way to practice attacks against new and old wireless technologies.\n

We cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The RFCTF can be played with a little knowledge, a pen tester’s determination, and $0 to $$$$$ worth of special equipment. Our virtual RFCTF can be played completely remotely without needing any specialized equipment at all, just using your web browser! The key is to read the clues, determine the goal of each challenge, and have fun learning.\n

This game doesn’t let you sit still either, as there are numerous fox hunts, testing your skill in tracking various signals. If running around the conference looking for WiFi, Bluetooth, or even a Tire Pressure Monitoring System (TPMS) device sounds like fun, we are your source of a higher step count.\n

There will be clues everywhere, and we will provide periodic updates via discord and twitter. Make sure you pay attention to what’s happening at the RFCTF desk, #rfctf on our discord, and the interwebz, etc. If you have a question - ASK! We may or may not answer, at our discretion.\n

\n

FOR THE NEW FOLKS\n

This contest is free and open to anyone and everyone. You can sign up and start playing any time during the conference. If you didn’t bring your wireless gear don’t worry, our virtual RFCTF environment is played over ssh or through a web browser. It may help to have additional tools installed on your local machine, but it is not required.\n

Read the presentations at: https://rfhackers.com/resources\n

Hybrid Fun\n

For DEF CON 34 we will be running in “Hybrid” mode. That means we will have both a physical presence AND the virtual game running simultaneously. All of the challenges we have perfected in the last 2 years in our virtual game will be up and running, available to anyone all over the world (including at the conference), entirely free. In addition to the virtual challenges, we will also have a large number of “in person” only challenges, which do require valid conference admission. These “in-person” only challenges will include our traditional fox hunts, hide and seeks, and king of the hill challenges. Additionally, we will have many challenges which we simply haven’t had time or ability to virtualize. Playing only the virtual game will severely limit the maximum available points which you can score, therefore don’t expect to place. If you play virtual only, consider the game an opportunity to learn, practice, hone your skills, and still get on the scoreboard for bragging rights. The virtual challenges which are available will have the same flags as the in-person challenges, allowing physical attendees the choice of hacking those challenges using either (or both) methods of access.\n

THE GAME\n

To score you will need to submit flags which will range from decoding transmissions in the spectrum, passphrases used to gain access to wireless access points, or even files located on servers. Once you capture the flag, submit it to the scoreboard right away, if you are confident it is correct. Flags worth more points for the early solves, so don’t sit on those flags. Offense and defense are fully in play by the participants, the RFCTF organizers, and the Conference itself. Play nice, and we might also play nice.\n

\n

Who runs this thing?\n

RF Hackers Sanctuary is a group of all volunteers with expertise in radio security and various other related fields. We are the original creators of the WiFi Capture the Flag, Wireless Capture the Flag, and RF Capture the Flag. We are the original founders of the WiFi Village, Wireless Village, and RF Village. Often imitated, never duplicated, but you can have our code for free.\n

TL;DR\n

Getting started guide: https://github.com/rfhs/rfhs-wiki/wiki\n

Helpful files (in-brief, wordlist, resources) can be found at: https://github.com/rfhs/rfctf-files\n

Support tickets may be opened at https://github.com/rfhs/rfctf-support/issues\n

Our whole game is also open source and available at: https://github.com/rfhs/rfctf-container\n

Discord: https://discordapp.com/invite/JjPQhKy\n

Website: http://rfhackers.com - play with us\n

Github: https://github.com/rfhs\n

Official Support Ticketing System: https://github.com/rfhs/rfctf-support/issues\n

#### Participant Prerequisites\n

    \n
  • A minimum of a laptop with a web browser is required to join our game.\n
  • All manner of wireless gear may be helpful, but the virtual environment is available if traveling with your sdr collection is difficult.
\nLinks:
    Website - https://rfhackers.com
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-rfhs.webp\'','\'cnt-rfhs.webp\'','','','','',41314,'\'Map Page - LVCCW Level 1 Hall 1-409 (Radio Frequency Village)\'',NULL),(181838,'\'VETCON\'','communities','\'

We are the intersection of military service and the hacker community. Active duty, veterans, and military families who live and breathe security, not as a career pivot, but as a natural extension of how they already think. Mission-focused. Threat-aware. No nonsense.\n

What makes VETCON different at DEF CON is the people in the room. These are operators, intelligence analysts, communications specialists, and cyber warriors who have done real work in high-stakes environments. The hacker mindset and the military mindset are the same mindset. You find the gap, you exploit it, you report it, you fix it. VETCON is where those two worlds stop pretending they\'re separate.\n

Attendees can expect panels and talks from veterans and active duty members working at the edge of offensive security, threat intelligence, and critical infrastructure defense. Real practitioners. Real problems. No vendor theater.\n

What will you learn? Depends on what you bring. If you\'re a veteran trying to break into security, you\'ll find your people and a clear path forward. If you\'re a civilian hacker, you\'ll get a perspective on how security works at scale, under pressure, with actual consequences. If you\'re active duty, you\'ll see what the community looks like from the outside and why it matters.\n

Links:
    Website - https://vetconactual.com
\n
\'','NULL','NULL','','','','',41317,'\'Map Page - LVCCW Level 3 W326 (Vetcon)\'',NULL),(181839,'\'Car Hacking Village Capture the Flag (CTF)\'','contests','\'

The Car Hacking Village CTF offers a sophisticated, hands-on environment where participants can engage directly with modern automotive architectures. To ensure our challenges accurately reflect the current threat landscape, we collaborate closely with leading OEMs and Tier 1 suppliers, providing a rigorous Capture The Flag experience rooted in real-world hardware and software vulnerabilities.\n

Recognizing that the high cost of automotive components can often be a barrier to entry, we provide a centralized, resource-rich hub for professional development. We invite you to join us at the Village to demonstrate your technical proficiency and gain unique exposure to the complexities of secure vehicle engineering.\n

#### Participant Prerequisites\n

To participate effectively in the Car Hacking Village at DEF CON 34, attendees should bring a laptop with multiple USB ports (or appropriate adapters) and a functional Linux environment. We do not provide tools hardware on-site, you\'ll need to bring your own—such as a USB-to-CAN adapter (e.g., Canable, ValueCAN), a SDR (e.g., RTL-SDR, HackRF), or a multimeter—is encouraged for independent exploration.\n

Knowledge of the Linux command line and basic Python is highly recommended. For those looking to hit the ground running, we suggest brushing up on CAN bus fundamentals, other automotive protocols, and basic reverse engineering of binary data. Familiarity with tools like wireshark and can-utils will allow you to dive straight into the live vehicle architectures.\n

Links:
    Website - https://www.carhackingvillage.com/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-car-hacking.webp\'','\'cnt-car-hacking.webp\'','','','','',41319,'\'Map Page - LVCCW Level 1 Hall 2-701 (Car Hacking Village)\'',NULL),(181840,'\'Queercon Community Lounge\'','communities','\'

Queercon’s mission is to raise awareness and promote acceptance of LGBTQIA+ individuals in the IT and infosec industries. We create space for queer people to meet, engage, and network through our badges, puzzle challenges, and meet-up events - all designed to help queer people find community where they are not alone. The Queercon Community Lounge is a place to find community anew, or return to familiar faces. Keep an eye on Hacker Tracker or queercon.org for our schedule of meetups and challenges!

Links:
    Website - https://queercon.org
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/com-queercon.webp\'','\'com-queercon.webp\'','','','','',41320,'\'Map Page - LVCCW Level 3 W325 (QueerCon Lounge)\'',NULL),(181841,'\'Creative Writing Short Story Contest\'','contests','\'

The DEF CON Short Story contest is a pre-con contest that is run entirely online utilizing the DEF CON forums and reddit. This contest follows the theme of DEF CON for the year and encourages hackers to roll up their sleeves, don their proverbial thinking cap, and write the best creative story that they can. The Short Story Contest encourages skills that are invaluable in the hacker’s world, but are often overlooked. Creative writing in a contest setting helps celebrate creativity and originality in arenas other than hardware or software hacking and provides a creative outlet for individuals who may not have another place to tell their stories.\n

#### Participant Prerequisites\n

This contest is run pre con and requires a way to save text files and an email address.\n

\'','NULL','NULL','','','','',41321,'',NULL),(181842,'\'CMD+CTRL Cyber Range\'','contests','\'

CMD+CTRL is back for our 10th year and bringing something new to show. Drop by our cyber range for hands-on web application security challenges designed for all skill levels. Come to learn, come to compete, come to break things. All are welcome, whether it\'s your 1st CTF or your 101st. \n

#### Participant Prerequisites\n

Computer with internet access and a web browser. Participants can play off-site as well after registering in person.\n

Links:
    Website - https://defcon34.cmdnctrl.net/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-cmd-ctrl.webp\'','\'cnt-cmd-ctrl.webp\'','','','','',41323,'\'Map Page - LVCCW Level 1 Hall 1-405 (CMD+CTRL Cyber Range)\'',NULL),(181843,'\'Nix Vegas Community\'','communities','\'

Nix Vegas is a group of Nix users and developers who are passionate about the obscure side of Nix. Whether that’s using nixpkgs, the largest Linux package set in the world, to pop insecure hardware and software or using Nix’s reproducible builds in supply chain security, come to learn about the quiet revolution that\'s reshaping software, find your own place in it, and maybe even grab a closure of some tools you\'re looking for along the way.\n

\n
Prerequisites
\n
    \n
  • Laptop or other computing device is highly recommended.
\n
\nLinks:
    Mastodon (@NixVegas@defcon.social) - https://defcon.social/@NixVegas
\n    Website - https://nix.vegas
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/com-nixvegas.webp\'','\'com-nixvegas.webp\'','','','','',41325,'\'Map Page - LVCCW Level 1 Hall 4-1310 (Nix Vegas Community)\'',NULL),(181844,'\'OWASP Foundation\'','communities','\'

OWASP, the Open Worldwide Application Security Project, is an open source steward of tools, documentation projects, and resources all developed by our community. Our community is represented globally with 350+ chapters and thousdands of volunteers worldwide. People are the fabric that composes the OWASP community from developers, security pros, hobbyists, students & hackers and we are eager to welcome all at DEFCON 34.

Links:
    Website - https://owasp.org
\n    Mastodon (@owasp@infosec.exchange) - @owasp@infosec.exchange
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/com-owasp_v2.webp\'','\'com-owasp_v2.webp\'','','','','',41328,'\'Map Page - LVCCW Level 1 Hall 4-1415 (OWASP Foundation)\'',NULL),(181845,'\'EFF Tech Trivia\'','contests','\'

EFF\'s privacy and security experts have crafted a new trivia challenge for DEF CON 34! Compete as a team in our no-holds-barred showdown to prove mastery over the obscure facts of digital security, online rights, and internet culture.\n

The First Place team wins a set of custom Cybertiger Champion Badges and EFF swag. Second and third place teams will also win Badges and EFF gear.\n

Invite your friends OR show up and make new friends! Did someone say BRIBES?The world is unfair! You too could influence the judges to add a point or two to your team\'s tally. Overall Bribe winner also wins a custom badge! Test your knowledge of all things tech and support EFF, too.\n

#### Participant Prerequisites\n

No phones, laptops, or other digital knowledge allowed! Just you, your friends, and a friendly game of trivia.\n

Links:
    Website - https://eff.org
\n    Mastodon (@eff@mastodon.social) - https://mastodon.social/@eff
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-efftechtrivia-v2.webp\'','\'cnt-efftechtrivia-v2.webp\'','','','','',41333,'\'Map Page - LVCCW Level 1 Hall 1-100 (Contest Stage)\'','Saturday, Aug 8, 18:00 - 20:59 PDT
'),(181846,'\'The EFF Benefit Poker Tournament\'','contests','\'

The EFF Benefit Poker Tournament is back for DEF CON 34! This is the hackers vs lawyers edition featuring Marcia Hofmann, Kurt Opsahl, and Cindy Cohn. Check back as we add more lawyers to the mix. \n

Your buy-in is paired with a donation to support EFF’s mission to protect online privacy and free expression for all. \n

Play for glory. Play for money. Play for the future of the web. \n

Seating is limited, so reserve your spot today. \n

#### Participant Prerequisites\n

21 and over. Pre-register as soon as possible to ensure your spot at the table at https://eff.org/poker; we sell out every year.\n

#### Pre-Qualification\n

No\n

Links:
    Website - https://eff.org
\n    Mastodon (@eff@mastodon.social) - https://mastodon.social/@eff
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-eff-poker-dogs.webp\'','\'cnt-eff-poker-dogs.webp\'','','','','',41335,'',NULL),(181847,'\'Code Cadaver (Biohacking Village CTF)\'','contests','\'

Your friend is missing. The clock is ticking. And someone just posted a listing that should not exist.\n

Welcome to a high-stakes, neon-noir medical mystery where organ donation systems, hospital tech, and underground marketplaces collide. \n

This year’s Biohacking Village CTF riffs off the vibes of Code DARK and Code CRIMSON—but with a new mission: trace the digital trail, expose the network, and pull your friend back from the edge.\n

This isn’t about smashing and burning. It’s about outsmarting.\n

You’ll hunt signals through the places people swear are secure:\n- donation registries and referral workflows\n- hospital portals and vendor backends
\n- device telemetry and “totally harmless” logs\n- encrypted comms, shady marketplaces, and breadcrumbed dead drops\n- identity, access, and the kind of data leakage that ruins lives\n

Every flag is a lead. Every lead gets you closer. Every mistake costs time.\n

The Story\n

Your friend, an outspoken advocate for ethical organ donation, vanishes the night before they’re supposed to speak at a conference. At first it looks like a typical missing-person case… until you find something worse:\n

A weird \'inventory\' post. A cryptic transaction trail. A set of identifiers that match your friend’s profile a little too closely.\n

You’re not a cop. You’re not a vigilante. You’re the only person who knows where to look: in the systems.\n

Your job is to follow the evidence chain the way BHV does best—through firmware, protocols, misconfigurations, sloppy OPSEC, bad crypto, and “who gave this API admin rights?” decisions, until you can identify the operation, locate your friend, and stop the pipeline.\n

No Hollywood hacking. Just real-world failures turned into delicious challenges.\n

Links:
    Website - https://villageb.io
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-codecrimson.webp\'','\'cnt-codecrimson.webp\'','','','','',41356,'\'Map Page - LVCCW Level 1 Hall 1-408 (Biohacking Village)\'',NULL),(181848,'\'Hack3r Runw@y v8.0\'','contests','\'

Hack3r Runw@y v8.0\n

Where Code Meets Catwalk @ DEF CON 34\n

The Hack3r Runw@y returns for its 8th evolution! After nearly a decade of bridging the gap between hardware and haberdashery, we’re back at DEF CON 34 to prove once again that hackers are the most creative engineers on the planet.\n

Whether you’re a glamorous geek, a crafty coder, or a fashionably functional phantom, it’s time to weaponize your wardrobe. We’re challenging you to dismantle the boundary between \"security\" and \"style.\" If you can hack it, you can wear it.\n

The Mission Categories
\n- Smart-Wear (Active Tech): The high-voltage category. Integrate microcontrollers, sensors, and live telemetry into your designs. We want to see hardware that reacts to the environment—or the wearer—in real-time.\n- Digital Dazzle (Passive Tech): Bling with a brain. Focus on LEDs, fiber optics, and glow-tech that remains passive but high-impact. Light up the room without needing a CLI.\n- Functional Fashion (Tactical): Gear for the field. Think \"Cyber-Chic Pentester\": lockpick jewelry, shim-integrated accessories, signal-blocking fabrics, or high-fashion physical security tools.\n- Extraordinary Style (Creative Ops): The \"Kitbash\" category. Elevate the everyday with 3D textures, optical illusions, security-inspired patterns, and deep-cut cosplay.\n

THE PEOPLE\'S CHOICE Trophy: One coveted trophy is up for grabs where ANYONE can win. But be warned: in true DEF CON fashion, there will be a twist. Follow the social media for updates.\n

    \n
  • The Maker’s Mandate\n
  • This is a pure DIY challenge. We value the \"Proof of Concept\" over the \"Price Tag.\"\n
  • Originality is King: Items must be handmade or heavily modified (\"kitbashed\") by the entrant.\n
  • No \"Off-the-Shelf\": Integrating components (like an Arduino or LED strip) is encouraged; buying a pre-finished \"light-up dress\" from a mass-retailer is an automatic DQ.\n
  • Show Your Work: Documentation is required. Have photos, videos, or a build-log ready to prove your process if the judges need to verify your \"hacker\'s trail.\"
\n

The Judging Criteria\n

Our panel will be scoring builds based on:\n- Technical Mastery: Execution of hardware/software.\n- Couture Craftsmanship: Quality of the \"fit\" and finish.\n- Relevance: How it speaks to hacker culture or security.\n- Originality: Creative use of materials and \"kitbashing.\"\n

#### Participant Prerequisites\n

Originality: Items must be handmade by the entrant.\n

Verification: Documentation (photos/video) of the build process is required to verify authenticity.\n

Modification vs. Acquisition: We celebrate the \"kitbash.\" Using pre-made components to create something new is allowed, but \"off-the-shelf\" or \"plug-and-play\" retail items are not permitted.\n

Links:
    Mastodon (@hac3krrunway@defcon.social) - @hac3krrunway@defcon.social
\n    Website - https://hack3rrunway.github.io
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-hack3rrunway2024.webp\'','\'cnt-hack3rrunway2024.webp\'','','','','',41358,'\'Map Page - LVCCW Level 1 Hall 1-100 (Contest Stage)\'','Saturday, Aug 8, 10:00 - 11:59 PDT
'),(181849,'\'HardWired\'','contests','\'

This event was born out of the desire to teach an often-overlooked hardware and networking skill, and to provide the opportunity for experienced people to mentor others as they learn. DEF CON provides the perfect environment for people with no prior training to learn something useful and new. Hardwired networks are often overlooked in today\'s world of cellular connection and Wi-Fi, but they still play an important part in the backbone of information sharing. We believe that while cutting-edge technologies are thrilling, traditional skills-building still has its place, and we want to provide that opportunity to the DEF CON community.\n

#### Participant Prerequisites\n

None\n

\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-hardwired.webp\'','\'cnt-hardwired.webp\'','','','','',41360,'\'Map Page - LVCCW Level 3 W303-310 (Packet Hacking Village)\'',NULL),(181850,'\'Kubernetes CTF\'','contests','\'

Want to learn more about Kubernetes hacking or compete against other people in a Capture the Flag contest? Sign up on-line and come see us in person/on Discord at the Kubernetes Capture the Flag (CTF) contest .\n

We have two events - you can play in both if you like.\n

From Friday to Sunday, we have a non-competitive Learning CTF, where you can go through last year\'s Kubernetes CTF scenario, referring to a cheat sheet whenever you want. This runs from Friday 12:00 to Sunday 12:00. We\'ll be in the contest area to support you during:\n

Friday: 12:00-17:00
\nSaturday: 10:00-17:00
\nSunday: 10:00-12:00\n

On Saturday only, you can play in the competitive Kubernetes CTF challenge, where teams (of one or more) can build and test their skills. Each team is given access to a single Kubernetes cluster that contains a set of challenges. This runs from 10:30am to 5:30pm on Saturday.\n

Find out more and sign up at: https://containersecurityctf.com/\n

Links:
    Website - https://containersecurityctf.com/
\n    Mastodon (@containersecurityctf@defcon.social) - @containersecurityctf@defcon.social
\n    Website - https://containersecurityctf.com/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-kubernetes-ctf.webp\'','\'cnt-kubernetes-ctf.webp\'','','','','',41361,'\'Map Page - LVCCW Level 1 Hall 1-212 (Kubernetes CTF)\'',NULL),(181851,'\'DEF CON Beard and Mustache Contest\'','contests','\'

The DC Beard and Mustache Contest has been held every year since DEF CON 19 in 2011 (R.I.P. Riviera), (Except during that COVID thing - but we are not going to talk about that COVID thing), the DEF CON Beard and Mustache Contest highlights the intersection of facial hair and hacker culture.\n

#### Participant Prerequisites\n

For 2025 offering 4 categories for the competition - You may only enter one category.\n

This is an in-person contest - you must be present to participate.\n

Full beard: Self-explanatory, for the truly bearded.\n

Partial Beard: For those sporting Van Dykes, Goatees, Mutton Chops, and other partial beard styles.\n

Mustache only: Judging on the mustache only, even if bearded. Bring your Handlebars, Fu Manchus, or whatever adorns your upper lip.\n

Freestyle: Anything goes, including fake and creatively adorned beards. Creative women often do well in the Freestyle category.\n

Links:
    Website - https://dcbeard.net/
\n    Bluesky - https://bsky.app/profile/dcbeardcontest.bsky.social
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-beard.webp\'','\'cnt-beard.webp\'','','','','',41367,'\'Map Page - LVCCW Level 1 Hall 1-100 (Contest Stage)\'','Friday, Aug 7, 14:00 - 14:59 PDT
'),(181852,'\'Tin Foil Hat Contest\'','contests','\'

Want to protect your noggin from government mind control rays? Have you angered our new AI Overlords, and now need to hide? Maybe those alien brainwave blasters just have you feeling down lately? Or do you just want to do something fun and forget about the world\'s woes for a while? Fear not, for we here at the Tin Foil Hat Contest have your back for all of these! Come find us in the contest area, and we\'ll have you build a tin foil hat which is guaranteed to provide top quality protection for your cerebellum . How you ask? SCIENCE!\n

Show us your skills by building a tin foil hat to shield your subversive thoughts, then test it out for effectiveness.\n

There are 2 categories: stock and unlimited. The hat in each category that causes the most signal attenuation will receive the \"\"Substance\"\" award for that category. We all know that hacker culture is all about looking good though, so a single winner will be selected for \"\"Style\"\". We provide all contestants a meter of foil, but you\'re welcome to acquire and use as much as you want from other sources.\n

This year is dedicated to our brother & contest creator, Flirzan. We\'ll never forget drunkenly hashing this out on a napkin with you at DEFCON many years ago. Rest in peace, we miss you friend!\n

#### Participant Prerequisites\n

We supply the base materials to participate. Contestants are welcome to bring additional foil if they desire.\n

\'','NULL','NULL','','','','',41368,'\'Map Page - LVCCW Level 1 Hall 1-403 (Tin Foil Hat Contest)\'',NULL),(181853,'\'Feet Feud (Hacker Family Feud)\'','contests','\'

Feet Feud (Hacker Family Feud) is a Cybersecurity-themed Family Feud style game arranged by members of the OnlyFeet CTF team and hosted by Toeb3rius (aka Tib3rius). Both survey questions and their answers are crowd-sourced from the Cybersecurity community. Two teams (Left Foot and Right Foot) captained by Ali Diamond and John Hammond and comprised of audience members go head to head, trying to figure out the top answers to the survey questions.\n

Attendees can either watch the game or volunteer to play on one of the two teams. Audience participation is also encouraged if either of the two teams fails to get every answer of a survey question.\n

Ultimately Feet Feud is about having a laugh, watching people in the industry attempt to figure out what randomly surveyed people from the Cybersecurity community put as answers to a number of security / tech related questions.\n

#### Participant Prerequisites\n

Participants are chosen by team captains from the audience at the start of the show. In order to be fair, we try to select participants from all seating areas, so folks who show up later than others still have a chance to volunteer.\n

\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-feetfeud.webp\'','\'cnt-feetfeud.webp\'','','','','',41370,'\'Map Page - LVCCW Level 1 Hall 1-100 (Contest Stage)\'','Saturday, Aug 8, 22:00 - 23:59 PDT
'),(181854,'\'$unL1ght Sh4d0w5\'','contests','\'

“$unL1ght Sh4d0w5”: The Nirubi Challenge — Prove Your Agency\n

Systems shape the world.\n

Algorithms decide.\n

Policies enforce.\n

Machines execute.\n

Most people live inside those systems.\n

Hackers change them.\n

At DEF CON 34, where the theme is Agency, the question isn’t whether systems have vulnerabilities.\n

The question is who has the power to act on them.\n

Welcome to “$unL1ght Sh4d0w5: The Nirubi Challenge.”\n

Instead of hiding the system, we give you the blueprint:\n- A production-ready Linux cyber-physical system\n- Known vulnerabilities
\n- A working proof-of-concept exploit
\n- Full system disclosure\n

No mystery.\n

No guessing.\n

Just a cyber-physical system — and the opportunity to exercise your agency over it.\n

The Nirubi Mandate\n

Nirubi is an ancient Tamil word meaning “to prove.”\n

Not with theory.\n

Not with writeups.\n

With execution.\n

You’ve been given the knowledge.\n

Now prove you have the agency to act on it.\n

The Challenge\n

Your objective is simple:\n

Achieve remote code execution and deploy a malicious payload (e.g., ransomware payload that encrypts a sensitive file, command and control payload that takes over the cyber-physical system etc.).\n

Two phases.\n

Part 1 — Sh4d0w5 Recon\n

Extend the provided exploit chain and deliver a working malicious payload.\n

You have the vulnerabilities.\n

Now show us you can use them.\n

Part 2 — $unL1ght Horizon\n

If you complete Part 1, the system returns — hardened with proprietary defensive technology designed to disrupt your attack path.\n

Same objective.\n

New resistance.\n

Adapt your exploit and land the payload again.\n

The Prize\n

The first contestant to complete both phases wins: $10,000\n

Bring $unL1ght into the Sh4d0w5.\n

What Makes This Different\n

Most contests hide the system. We don’t. You’ll receive:\n- Full system configuration
\n- Vulnerability details
\n- A working proof-of-concept exploit\n

No blind recon. No guessing. Just a system, its weaknesses, and your ability to act. Because knowing about vulnerabilities is easy. Exploiting them is agency.\n

Rules & Eligibility\n

    \n
  • Contestants must be 18 years or older to participate.\n
  • All participants must agree to our terms and conditions, which include rules for responsible disclosure and non-disclosure agreements.\n
  • The contest will be held during DEF CON 34, with specific dates and times to be announced.
\n

Additional details will be announced closer to the event.\n

#### Participant Prerequisites\n

Bring your own gear:
\n- Laptop and/or smartphone/tablet
\n- Operating system of your choice (Linux/Windows recommended)\n- Python
\n- C/C++ compiler
\n- Binary analysis and exploit development tools\n

Bring whatever tools you trust. Once the challenge begins, the system is in front of you. What happens next is up to your agency.\n

\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-sunlightshadows.webp\'','\'cnt-sunlightshadows.webp\'','','','','',41371,'\'Map Page - LVCCW Level 1 Hall 1-200 ($unL1ght Sh4d0w5)\'',NULL),(181855,'\'La Villa\'','communities','\'

Step into La Villa Hacker and discover where the soul of the Spanish and Portuguese-speaking cybersecurity world makes its home at DEF CON. We are more than just a space; we are a launchpad built by and for our community. Our mission is simple: to create a welcoming home where every Spanish and Portuguese speaker can express their ideas, share their research, and unite under one roof to celebrate what drives us—creativity, hacking, and security.\n

Why step into La Villa?\n

Because talent has no borders, but it does have a language and a culture. Here, you\'ll experience a powerful concentration of creativity, technical skill, and passion from the entire Lusophone and Hispanosphere. We provide the stage for voices that are shaping the future of hacking, all while fostering the connections that turn attendees into lifelong collaborators.\n

What awaits you inside?\n

Charlas (Talks): Move beyond the language barrier. La Villa is your dedicated platform to showcase your talent en Español y Portugués. Expect electrifying talks that unveil cutting-edge research, innovative exploits, and insider knowledge from top-tier Latino and Portuguese hackers.\n

Networking: Connect with other hackers like you. Forge new friendships, find mentors, and build your professional network in a relaxed, familiar environment. This is where you find your crew.\n

Creatividad (Creativity): Witness how culture and cunning collide. See unique projects and creative showcases that highlight the distinct perspectives our community brings to global hacking conferences.\n

Workshops: Sharpen your skills in hands-on workshops led by experts, designed to give you practical knowledge you can apply immediately.\n

Special Events: Join focused gatherings like our women-only panel, piñatas, sweets from each country, and the LATAM cybersecurity museum, creating space for everyone in our community to connect and thrive.\n

Get ready to hack, connect, and shine. Come to La Villa Hacker not just to attend DEF CON, but to own your place in it. Whether you\'re presenting groundbreaking research, looking for your next collaborator, or simply wanting to speak your language, tu casa te espera (your home awaits you).\n

Links:
    Website - https://lavillahacker.com
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/com-lavilla_v2.webp\'','\'com-lavilla_v2.webp\'','','','','',41372,'\'Map Page - LVCCW Level 1 Hall 4-1416 (La Villa Community)\'',NULL),(181856,'\'Retro Tech Community\'','communities','\'

The Retro Tech Community is here to celebrate where we came from, how computers and technology shaped our lives, and how even the most simple of computers still have an impact today this many years later. Rather than have a carefully curated collection of museum exhibits you can\'t touch or breathe on/around our goal is to empower the community in general to bring in working examples of old (or new but inspired by old) tech to display, demonstrate, be passionate about, teach lessons on, and for all those who visit us to hack on and goof around with. We do ask if you bring something to show off and/or display that you must also bring it home with you. If it\'s broken we will have a repair area set up and we shall do the best we can with it!

Links:
    Website - https://retrotech.club/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/com-retrotech.webp\'','\'com-retrotech.webp\'','','','','',41373,'\'Map Page - LVCCW Level 1 Hall 4-1421 (Retro Tech Community)\'',NULL),(181857,'\'Hackers With Disabilities (HDA)\'','communities','\'

Hackers with Disabilities is a focus point for making DEF CON more accessible to those with different levels of abilities. We\'ve helped to pioneer various accessibility tweaks throughout the year and have even published accessibility guides for those who need the help and advice. We also offer ourselves as a \"entry point\" to interface with DEF CON leadership if you have accessibility issues or concerns, and a safe landing space for those with sensory processing issues or who are just \"overwhelmed\" with Con Life.\n

All are welcome to come by, say hello, and see what we do and how, and maybe make your con experience more accessible too!\n

\'','\'https://defcon.outel.org/defcon34/images/logos/com-hda.webp\'','\'com-hda.webp\'','','','','',41374,'\'Map Page - LVCCW Level 2 W201 (HDA Community)\'',NULL),(181858,'\'Lonely Hackers Club\'','communities','\'

Lonely Hackers Club is a group to help people navigate their first DEF CON and other conferences as well as helping people break into the field. We have a lot of people who are from all sorts of fields who can help people based on what they want to do for a career. We welcome everyone into the community and support everyone who needs/wants help.

Links:
    Website - https://lonelyhackers.club/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/com-lonelyhackers.webp\'','\'com-lonelyhackers.webp\'','','','','',41375,'\'Map Page - LVCCW Level 1 Hall 4-1419 (Lonely Hackers Club)\'',NULL),(181859,'\'Hacker Jeopardy!\'','contests','\'

The DFIU Crew has been running Hacker Jeopardy at DEF CON for longer than some of you have had email addresses, and we\'re not stopping now. Hacker Jeopardy is exactly what it sounds like and nothing like what you expect: a game show forged in the crucible of the hacker community, where the categories swing without warning from \"things a script kiddie Googled at 2am\" to \"cryptographic primitives your professor couldn\'t explain sober.\" Whether you\'re a first-timer trying to get your bearings or a proverbial greybeard who lived through the dial-up wars, there\'s an answer in here that will humble you, one that will make you feel like a genius, and at least three that will make you spit your beer. We cover the full spectrum — the culture, the craft, the lore, the absurdity, and the genuine depth of knowledge that defines this community at its best and its most chaotic. Come to play, come to watch, come to heckle. You\'ll leave knowing something you didn\'t, laughing at something you shouldn\'t, and questioning at least one life choice. That\'s the DEF CON tradition. We\'re just the ones with the buzzers.\n

#### Participant Prerequisites\n

Contestants compete in teams of 3 on stage, streamed live on DCTV, so bring a crew with a team name and an identity the audience can get behind. Know things — a lot of things, across a weird range: hacking and security, hacker literature, movies and culture, DEF CON lore, lateral thinking, and the gloriously obscure, and TELNET, know fucking TELNET. Beer consumption is part of the scoring, non alcoholic options available at team registration. If you\'re just coming to watch, line up early, show up ready, and be loud.\n

#### Pre-Qualification\n

Pre-registration is required before DEF CON! Watch https://hackerjeopardy.com and the DEF CON Discord for details and don\'t wait until the last minute to sign up.\n

Links:
    Website - https://hackerjeopardy.com/
\n    Mastodon (@HackerJeopardy@defcon.social) - https://defcon.social/@HackerJeopardy
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-hackerjeopardy.webp\'','\'cnt-hackerjeopardy.webp\'','','','','',41377,'',NULL),(181860,'\'Pinball High Score Contest\'','contests','\'

The Pinball High Score contest at DEF CON 34 will run Friday and Saturday: 10:00-18:00, Sunday 10:00-13:00 with games available for daily High Score contests, daily challenges and open qualifying for a main tournament. The daily contests will allow any attendee to play pinball games and attempt to record a qualifying high score on each of the unique games. At 17:00 on Saturday main tournament qualifying will end, tiebreakers will be played (if needed) and the top 8 players with the highest combined scores across all eligible machines will qualify for the Sunday finals event where they could become the next DEF CON Pinball Champion!\n

Achieving a high score may sound simple but pinball rulesets are very complex and the skill to complete a “Wizard Mode” or achieve a high score requires research, practice, knowledge and execution. Out of the box thinking, analytical skills and pattern recognition are traits that pinball players must exhibit to be successful and some games have rule sets that can be studied and exploited to achieve a high score. Hackers are at an advantage here and while this is just a pinball contest, we expect that the community is ready for this challenge!\n

Last year the contest measured how you moved the machine. This year, we\'re reading what happens inside it. Custom sensors feed SHELL, our Sub-surface Hidden Entertainment Layer Logic. When you unlock the right patterns, a hidden world appears on screens beneath the glass. Face off in secret mini-games, answer hacker trivia under pressure, and battle other players in competitive challenges where you can steal control mid-game. It\'s pinball within pinball, a clandestine layer of gameplay that only reveals itself to those who can crack the SHELL. \n

#### Participant Prerequisites\n

Nothing special is required. Any person can step up and enjoy a pinball game or they can spend 30+ hours solving our challenges if they want to play the deeper game.\n

Links:
    Website - https://app.pinballhackers.com/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-pinball_v2.webp\'','\'cnt-pinball_v2.webp\'','','','','',41379,'\'Map Page - LVCCW Level 1 Hall 1-304 (Pinball High Score Contest)\'',NULL),(181861,'\'Whose Slide Is It Anyway?\'','contests','\'

DEF CON 34 marks an entire DECADE of “Whose Slide Is It Anyway?”” being the unholy union of improv comedy, hacking, and slide deck sado-masochism. We are the embodiment of the hacker battle cry \"\"FUCK IT, WE\'LL DO IT IN PROD.\"\"\n

For the last 10 years, our team of slide monkeys have created a stupid amount of short slide decks on whatever nonsense tickles our fancies. Slides are not exclusive to technology, they can and will be about anything. Contestants will take the stage and choose a random number corresponding to a specific slide deck. They will then improvise a minimum 5 minute / maximum 10 minute lightning talk, becoming instant subject matter experts on whatever topic/stream of consciousness appears on the screen.\n

But....why?\n

Because for us, the stage is hallowed ground and since stupidity can\'t be stopped, we decided to weaponize it. Whether you delight in the chaos of watching your fellow hackers squirm or would like to sacrifice yourself to the Contest Gods, it’s a night of schadenfreude for the whole family.\n

Links:
    Website - https://forum.defcon.org/node/233493
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-wsiia_v2.webp\'','\'cnt-wsiia_v2.webp\'','','','','',41381,'',NULL),(181862,'\'Hard Hat Brigade\'','communities','\'

The Hard Hat Brigade brings hackers together in the spirit of endless curiosity and tinkering. Using a common platform (hats) we combine bling and wares to inspire others to explore outside of their comfort zones in a safe and welcoming community.\n

We encourage hackers to explore their creativity using art, electronics, mechanical design, or any other medium that piques their interest. All of us have experienced working on a project that never leaves the workbench. Oftentimes it’s because you have no way to display it, or nobody to display it to. HHB solves both of these challenges using hats as a blank canvas for creativity. They are inexpensive, widely available, and easy to modify to suit your needs with simple hand tools. Despite everyone using a common platform, every creation is unique and embodies the personality of the creator. Walking around Con, you can display your creation for all to see, and many will stop to ask you about what you have created. This allows you to talk about your experience, as well as inspire others to explore new ideas of their own.\n

One of the challenges at hacker summer camp has been engaging others. HHB has solved the challenge with something that is incredibly accessible while also offering a ton of variety. Gazing upon these creations, they reflect back the uniqueness of all the awesome hackers that we’ve been able to meet. In years past, we’ve had the opportunity to see how so many talented and creative hackers tackle the challenge of using the venerable hard hat as their muse. Every hat has been exemplary! Just as fun, charming and skilled as so many attendees are, the hat has been a great vessel to carry their awesome projects.\n

We are committed to continue encouraging others to join the Hard Hat Brigade to promote a community that connects, creates, shares, and are still interested in hacking things ‘just because’.\n

Links:
    Mastodon (@hardhatbrigade@defcon.social) - @hardhatbrigade@defcon.social
\n    Website - https://hardhat.rocks
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/com-hhb.webp\'','\'com-hhb.webp\'','','','','',41385,'\'Map Page - LVCCW Level 1 Hall 1-300 (Hard Hat Brigade)\'',NULL),(181863,'\'Dozier Drill Lockpicking Challenge\'','contests','\'

Have you ever wanted to break out of handcuffs, pick open a closed bag and shoot your buddy in the chest with a nerf gun? So have we, that\'s why TOOOL presents the Dozer Drill. A fast paced skill based game where you have to free yourself from handcuffs, open a closed bag, and retrieve the nerf gun to be the first to hit the target. Join us throughout the con for qualifier games, and on Saturday for an official bracket tournament.\n

#### Participant Prerequisites\n

Participants must be able to shim handcuffs and pick locks which are both skills we\'re happy to teach you in the lock pick village. Contestants wishing to enter the official tournament on Saturday must win at least one match against any opponent prior to the tourney in order to have their name entered.\n

#### Pre-Qualification\n

We will be running the game throughout the day prior to the tournament on Saturday. Contestants have to win at least one dozier drill round before they can enter into the official tournament. This helps us to ensure everyone competing holds the minimum skills needed to complete a round.\n

Links:
    Website - https://toool.us
\n    Mastodon (@TOOOL@techhub.social) - @TOOOL@techhub.social
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-dozier.webp\'','\'cnt-dozier.webp\'','','','','',41388,'\'Map Page - LVCCW Level 1 Hall 1-407 (Lock Pick Village)\'',NULL),(181864,'\'TeleChallenge\'','contests','\'

The TeleChallenge isn\'t just a puzzle challenge, it\'s an experience. We are super excited to show the plan for the tenth year in a row. Don\'t copy that floppy, but instead prepare to be immersed in an entirely new world where all of your hacker skills will be challenged (along with your 0xEA60 skills). This is a very tough contest to win, and is among the most challenging at DEF CON. Are you ready? Your first step is to find us, because part of the puzzle is discovering the puzzle.\n

#### Participant Prerequisites\n

You\'ll need a phone, your creativity and some hacker friends. It also helps to have access to a computer. Use the TeleChallenge as an excuse to meet people and form a team.\n

#### Pre-Qualification\n

We may have team registration in advance, but there is no pre-qualifyer.\n

Links:
    Mastodon (@telechallenge@defcon.social) - https://defcon.social/@telechallenge
\n    Website - https://www.telechallenge.org
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-telechallenge.webp\'','\'cnt-telechallenge.webp\'','','','','',41390,'\'Map Page - LVCCW Level 1 Hall 1-107 (TeleChallenge)\'',NULL),(181865,'\'5N4CK3Y\'','contests','\'

AND!XOR builds electronic badges packed with hacker challenges, and we especially enjoy inventing unusual ways for people to earn them.\n

5n4ck3y is a retro snack vending machine that we’ve rebuilt into a network-connected CTF badge dispenser. Behind the woodgrain and glowing buttons is a hardware hacking project that connects a web-hosted CTF platform to a physical machine capable of vending badges to successful participants.\nSolve enough challenges and you’ll earn a dispense code. Enter the code into 5n4ck3y and the machine will reward you with a badge—assuming it’s in a good mood.\n

The challenges span a wide range of disciplines including hardware hacking, reverse engineering, OSINT, RF, network security, phreaking, and cryptography. Participants often learn something new at a DEF CON village, meet other hackers along the way, and then return to apply those skills to the challenges.\n

Once you earn a badge, the adventure isn’t over. Our badges are built to be explored, modified, and hacked long after they leave the machine.\n

5n4ck3y exists for one reason: to reward curiosity. Solve the puzzles, learn something new, and the machine might decide you deserve a badge.\n

#### Participant Prerequisites\n

Curiosity, persistence, access to a computer, and the willingness to RT.FM.\n

Our challenges are intentionally multidisciplinary and are designed to encourage exploration and collaboration. Participants will likely need to investigate hardware, software, networking, and other security topics. Many challenges are easier when working with others, so don’t be afraid to talk to people nearby or compare notes with fellow hackers.\n

While we won’t spoil what tools are needed this year, participants in past 5n4ck3y challenges have used a wide range of equipment including laptops, reverse engineering tools, SDR, UART adapters, hardware debuggers, soldering tools, and the occasional piece of improvised equipment.\n

The good news is that DEF CON is one of the best places in the world to find tools, knowledge, and people willing to help. If you don’t have something you need, chances are someone nearby does—or you can find it in a village, vendor area, or by politely asking the hacker sitting next to you.\n

5n4ck3y strongly encourages teamwork, creative thinking, and responsible experimentation. Snacks are optional, but curiosity is required.\n

Links:
    Website - https://www.andnxor.com
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-5n4ck3y.webp\'','\'cnt-5n4ck3y.webp\'','','','','',41391,'\'Map Page - LVCCW Level 1 Hall 1-101 (5n4ck3y)\'',NULL),(181866,'\'Capture The Packet\'','contests','\'

Capture The Packet is a world-class cyber training range and skill assessment suite. It provides a gamified learning experience which can be used for recruitment skills assessment, vetting, preclass training prep, initial on-the-job training, mission preparation, and ongoing skills and certification maintenance. Capture The Packet is fully integrated with several learning frameworks such as NICE and DCWF. With features such as a built-in knowledge and hint base, anti-collusion system, rich reporting and ease of administration, there’s a reason Capture The Packet is in use across industry, education, and all branches of the U.S. military.\n

#### Participant Prerequisites\n

    \n
  • laptop with ethernet port/dongle (loaner dongles are not guaranteed)\n
  • Contest is designed to be done as a team of 2, but solo competition is allowed
\nLinks:
    Website - https://www.phvillage.io/capture-the-packet/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-ctp.webp\'','\'cnt-ctp.webp\'','','','','',41393,'\'Map Page - LVCCW Level 3 W303-310 (Packet Hacking Village)\'',NULL),(181867,'\'The Gold Bug (Crypto and Privacy Village Contest)\'','contests','\'

From Caesar to Vigenère, or DES to RSA, hackers have been making and breaking codes for thousands of years. If you love puzzles, this is the perfect opportunity to join this fine tradition and break some codes!\n

The Gold Bug is an annual puzzle hunt at DEF CON, focused on cryptography. While some puzzles will dig into substitution ciphers or more modern algorithms, others may test your logic and pattern recognition.\n

The Gold Bug is accessible to all, with some simpler puzzles for warmup or beginners (even kids!), and others that will require you to keep digging and wonder how deep the layers will go. Whether you want to hack on puzzles solo or with a team, join us at https://goldbug.cryptovillage.org to get started!\n

#### Participant Prerequisites\n

No prior experience or specific knowledge is required to participate in The Gold Bug. Participants will need to use a web browser to access the puzzles and submit answers. Puzzles may take such forms as images, PDF files, web pages, or multimedia files.\n

Links:
    Mastodon (@goldbug@defcon.social) - @goldbug@defcon.social
\n    Website - https://goldbug.cryptovillage.org/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-gold-bug.webp\'','\'cnt-gold-bug.webp\'','','','','',41394,'\'Map Page - LVCCW Level 1 Hall 1-402 (The Gold Bug)\'',NULL),(181868,'\'Cryptocurrency Challenge\'','contests','\'

They told us the Las Vegas Strip was a fortress of neon and excess. They said the Sin City Jackpot Vault was “secure by design” – audited, multi‑sig, and backed by the weight of a billion‑dollar treasury.\n

But neon flickers, and cold code has edge cases.\n

On a warm August night at the Las Vegas Convention Center, during the legendary DEFCON hacker convention, we didn’t just find a bug; we found a debug message left for “future developers.” The Sin City Jackpot Vault was supposed to be the future of crypto-custody, but it forgot the oldest rule in the book: Never trust the client.\n

We opened a console to the vault\'s core and laughed. We forged a single signature that the multi‑sig contract accepted as gospel. We drained the vault with one transaction.\n

“Welcome to the Sin City Jackpot Vault, we\'ve already left.”\n

Now we ask, do you think you can break a “secure” crypto vault?\n

Welcome to the Cryptocurrency Challenge Capture the Flag Coin, where you get brain‑melting, ego‑deflating, laugh‑until‑you‑cry challenges. There is no KYC, no real funds. Just pure, unfiltered hacker joy.\n

And this isn’t just a write‑up. It’s a reminder that even the biggest exchanges sometimes leave the door unlocked – and a curious mind with a keyboard is all it takes to walk through.\n

We cryptohackers set up two “Capture the Coin” challenges in the Cryptocurrency Village at DEFCON in Las Vegas. The first is a deceptively simple web vault with an “intern‑proof” console log. The second is a multi‑signature smart contract that supposedly requires multiple approvals to move funds. Your mission is to find the cracks in the vault.\n

## Participant Prerequisites\n

To participate in the Capture the Coin CTF, contestants must use a portable computer with a web browser. To participate in the Cryptocurrency Quiz, contestants should obtain and study the Cryptocurrency Workbook distributed free of charge.\n

Links:
    Mastodon (@cryptocurrency@defcon.social) - https://defcon.social/@cryptocurrency
\n    Website - https://www.cryptocyberchallenge.com/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-cryptocurrency.webp\'','\'cnt-cryptocurrency.webp\'','','','','',41396,'\'Map Page - LVCCW Level 1 Hall 2-702 (Cryptocurrency Village)\'',NULL),(181869,'\'Social Engineering Community Vishing Competition (SECVC)\'','contests','\'

In the Social Engineering Community Vishing Competition (#SECVC), competitors go head-to-head by placing live vishing (voice phishing) calls in front of a DEF CON audience. From a soundproof booth, teams attempt to achieve specific objectives by persuading employees at real organizations using carefully crafted pretexts, OSINT, and quick improvisation. Each team has a limited amount of time to place as many calls as possible, demonstrating how social engineering attacks unfold in real time and how easily trust can be leveraged to access sensitive information.\n

The competition highlights both the creativity and complexity of social engineering. Some calls succeed through charm, storytelling, and clever research, while others are quickly shut down by well-trained employees. For the audience, it provides a rare chance to see the human side of hacking in action. Attendees can observe the tactics competitors use, the defenses organizations rely on, and the unpredictable moments that occur when real people are involved.\n

Whether you\'re an attacker, defender, security leader, or simply curious about the psychology behind hacking, the SECVC offers a unique opportunity to watch social engineering happen live and learn from both successes and failures. The competition takes place on Friday in the Social Engineering Community village, and seats fill quickly, so attendees are encouraged to arrive early to catch the action.\n

#### Participant Prerequisites\n

The SEC Vishing Competition competitors are selected in advance through a Call for Competitors process prior to DEF CON. Competitors should be familiar with basic social engineering concepts such as elicitation, pretext development, and OSINT research, as these skills are commonly used during the calls and the OSINT phase. No specialized hardware is required for competitors, as the competition infrastructure and calling environment are provided by the village.\n

#### Pre-Qualification\n

Yes. The Social Engineering Community Vishing Competition uses a Call for Competitors process prior to DEF CON. Interested teams apply through our website and provide information about their background, approach, and interest in participating. Teams are then selected by a rotating Call for Competitors review board made up of community members. Additional details and application information are published on our website when the call opens: https://www.se.community/vishing-competition/\n

Links:
    Website - https://www.se.community/vishing-competition/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-sevishing.webp\'','\'cnt-sevishing.webp\'','','','','',41397,'\'Map Page - LVCCW Level 3 W317-319 (SEC Village)\'',NULL),(181870,'\'Can it Ham?\'','contests','\'

Can It Ham? is your chance to turn junk into a working antenna. We’ll bring the tools, solder, connectors, and test gear. You bring creativity, curiosity, and questionable design decisions. Can It Ham? is a walk-up, hands-on contest open to all DEF CON attendees. Participants will build improvised antennas during the event using provided materials (or their own components if they choose to bring them). \n

Learn the basics of antenna design, RF propagation, and how to test whether your improvised creation actually works. The top builds will be tested, and the top three earn bragging rights and prizes.\n

Bring weird parts if you want. Or just show up and start hacking. Either way—let’s see what you can make radiate. No license or antenna knowledge required—just bring your hacker spirit and get on the air.\n

#### Participant Prerequisites\n

No prior antenna or RF knowledge is required. No amateur radio license is needed to participate.\n

All basic tools and materials will be provided, including soldering equipment, connectors, and antenna testing gear. Participants are welcome (but not required) to bring unusual materials or components if they want to experiment with their own antenna designs.\n

Links:
    Website - https://hamvillage.org/
\n    Mastodon (@hamradiovillage@defcon.social) - @hamradiovillage@defcon.social
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-canitham_v2.webp\'','\'cnt-canitham_v2.webp\'','','','','',41399,'\'Map Page - LVCCW Level 1 Hall 1-112 (Can it Ham? & From the Static: A HRV Fox Hunt)\'',NULL),(181871,'\'DEF CON Scavenger Hunt\'','contests','\'

Whether you\'re a seasoned DEF CON veteran or a curious newcomer, the DEF CON Scavenger Hunt promises to challenge your skills, tickle your wits, and ignite your hacker spirit. Our list is a portal to mystery, mischief, and mayhem. Assemble your team of up to 5 members, interpret the items, and submit your efforts at the booth to our esteemed judges. Go beyond the basics for bonus points. Legends are born here.\n

The DEF CON Scavenger Hunt is open to everyone, regardless of skill level or experience, no pre-qualifying necessary. We strive to maintain the balance of a low barrier to entry while providing a challenge that many are eager to take on. Casual players should not be overwhelmed by the list, find a handful of items and have fun. If you are looking to win however, you will need to fully immerse yourself in the DEF CON Scavenger Hunt. Let\'s make some memories together.\n

Remember that it\'s not just about fame, glory, or boxes of swag; the true allure is the camaraderie of fellow hackers, the knowledge that you\'ve etched your mark on DEF CON history, and the ultimate badge of honor: bragging rights. Nothing says \"I\'m a hacker\" quite like being triumphant at the DEF CON Scavenger Hunt.\n

#### Participant Prerequisites\n

No, we work very hard to maintain a very low barrier to entry. If anything is required for an item, they should be able to find a fellow hacker with it that would be willing to assist them with their item.\n

Links:
    Website - https://www.defconscavhunt.com/
\n    Mastodon (@DEFCONScavHunt@defcon.social) - https://defcon.social/@DEFCONScavHunt
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-scav-hunt.webp\'','\'cnt-scav-hunt.webp\'','','','','',41401,'\'Map Page - LVCCW Level 1 Hall 1-104 (DEF CON Scavenger Hunt)\'',NULL),(181872,'\'DEF CON MUD\'','contests','\'

The DEF CON MUD is an interesting enigma, part CTF, part adventure, plenty of frustration.\n

Dust off your maps, grid paper, and see if you can discover the MUD\'s secrets. The winner gets a DEF CON human badge provided by EvilMog.\n

This year you may need to learn about RFC854/855 in order to succeed, good luck, you\'ll need it.\n

#### Participant Prerequisites\n

A laptop (or phone), graph paper, patience, and grit. Learning how an LPMUD operates is beneficial but not required.\n

Links:
    Website - https://mud.defcon.wtf
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-defconmud.webp\'','\'cnt-defconmud.webp\'','','','','',41402,'',NULL),(181873,'\'Blue Team Village CTF\'','contests','\'

Blue Team Village (BTV) is a hands-on cybersecurity community focused on defenders, the professionals and aspiring practitioners who protect systems, networks, and people from real-world threats. We exist to make defensive security accessible, practical, and collaborative.\n

We build immersive labs and capture-the-flag (CTF) environments that simulate actual attack scenarios. Attendees don’t just listen to talks they investigate logs, hunt adversaries, analyze traffic, and respond to incidents in live environments.\n

#### Participant Prerequisites\n

Bring a modern laptop CTF work is hands-on and you’ll be running tools locally. There is no expectation of specialized hardware beyond your personal computer.\n

Links:
    Website - https://ctf.blueteamvillage.org/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-blueteamvillagectf.webp\'','\'cnt-blueteamvillagectf.webp\'','','','','',41405,'\'Map Page - LVCCW Level 2 W213-217 (Blue Team Village)\'',NULL),(181874,'\'Red Team CTF\'','contests','\'

The Red Team Capture the Flag (CTF) competition at DEFCON is a challenging and exciting event that tests the skills of participants in offensive security. The objective of the Red Team CTF is for teams to successfully complete challenges faced by Red Teams.\n

The Red Team CTF is designed to simulate real-world scenarios in which attackers attempt to penetrate the security of a network or system. Participants are expected to use a wide range of hacking techniques, tools, and skills to identify and exploit vulnerabilities in the target network.\n

Teams are typically composed of experienced hackers, penetration testers, and security researchers who have a deep understanding of the latest cybersecurity threats and attack techniques. They must work together to uncover and exploit vulnerabilities in the target network, while also evading detection and countermeasures put in place by the Blue Team.\n

The Red Team CTF at DEFCON is considered one of the most challenging and prestigious CTF competitions in the world, with participants coming from all over the globe to compete. It is a high-pressure, high-stakes event that tests the limits of participants\' technical and strategic abilities, and offers a unique opportunity to showcase their skills and knowledge in front of a global audience of Hackers.\n

#### Participant Prerequisites\n

Participants are required to bring a laptop with the ability to connect to DEFCON WiFi or other internet connection.\n

Links:
    Website - https://redteamvillage.io/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vlg-redteam_v2.webp\'','\'vlg-redteam_v2.webp\'','','','','',41406,'\'Map Page - LVCCW Level 1 Hall 1-309 (Red Team Village)\'',NULL),(181875,'\'The Pwnie Awards\'','contests','\'

The Pwnie Awards are the security industry’s annual ceremony recognizing the most notable vulnerabilities, research breakthroughs, and security failures of the past year. Previously a mainstay of Black Hat but now held each year at DEF CON to reach a broader audience, the Pwnies celebrate the researchers who uncover important flaws—and call attention to the mistakes that made those flaws possible.\n

The awards operate in the tradition of both academic recognition and hacker irreverence. Categories range from serious acknowledgments of groundbreaking vulnerability research to tongue-in-cheek recognition of the most spectacular security blunders. The tone may be humorous, but the purpose is serious: security improves when the community is willing to examine failures in the open.\n

The security industry does not always have a strong tradition of self-policing. The Pwnie Awards provide a forum where the community can acknowledge what went wrong, recognize the people who discovered it, and encourage vendors and organizations to do better next time. Many of the vulnerabilities recognized by the Pwnies have gone on to shape how security research is conducted and how software is built. In a few noteworthy cases, recipients of the Pwnie for Epic Fail have even delivered heartfelt acceptance speeches acknowledging their mistakes—helping redeem those organizations in the eyes of the community.\n

Attendees can expect a fast-paced awards ceremony announcing this year’s nominees and winners across multiple categories, highlighting some of the most interesting security discoveries and failures from the past year. The ceremony celebrates the work of security researchers while reminding everyone in the room why this field exists in the first place.\n

In short, the Pwnies embody a core hacker belief: progress comes from curiosity, transparency, and the willingness to learn from mistakes—even when those mistakes are embarrassing.\n

#### Participant Prerequisites\n

We will need playback support of Powerpoint and/or Google Slides with video segments to introduce each category and show the winner of each category. \n

#### Pre-Qualification\n

Nominations are submitted to the Pwnies technical committees for each award; final nominees for each category are announced no later than July 11, 2026, so that the wider judging organization may vote to determine awardees.\n

Links:
    Website - https://pwnies.com/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-pwnies.webp\'','\'cnt-pwnies.webp\'','','','','',41407,'',NULL),(181876,'\'Adversary Wars CTF\'','contests','\'

Adversary Village will be hosting \"Adversary Wars CTF\", which is built around adversary attack simulation, offensive cyber security and purple team tactics. Adversary War CTF centers around mimicking enterprise infrastructure and corresponding challenges. These challenges are meant to push the participants towards adopting various TTPs that adversaries and threat actors use within a definitive time frame. Adversary Wars would have real world simulation CTF scenarios and challenges, where the adversaries can simulate attacks and learn new attack vectors, cyber threat intelligence, threat actor profiles, TTPs, techniques, etc. There would be combined exercises which include different levels of adversary emulation.\n

As part of the Adversary Wars Capture-the-Flag competition a fictional city would be hosted virtually as a target for the participants. Like all cities, the Adversary city too would comprise of various infrastructure components including a hospital, bank, police station, fire station, army camp, city apartments, IT companies, university, government buildings, power plant, etc.\n

Each building will have a complex and realistic network infrastructure that includes a wide variety of components, including Windows/Linux systems, applications, industrial systems, Active directory, cloud environments, hybrid environments, and numerous other technology systems. A complex network of interconnected organizations, assumed to have been working properly, monitored by security operations center and cyber defense systems, supposed to be hackproof, until it wasn’t. One fine day, the adversary city was breached by a threat actor. A wide variety of attacks were carried out by the threat actor, in the end they decided to shut the city for good and infected the remaining systems with ransomware.\n

CTF participants will need to rely on cyber threat intelligence to gather more information on the threat actor, understand and collect various attack tactics, tools, and exploits used by the adversary group. The participants will have to devise possible attack paths used by the adversary group, then simulate these activities against the target city\'s various components to recreate and understand how deeply the threat actor group breached the city\'s infrastructure and computer systems.\n

To visualize the CTF environment, the contest area will feature a miniature model of the city made using interlocking-plastic-bricks. The breached components OR organization buildings will be physically marked in the city model as the CTF progresses. This will also assist visitors and observers in understanding the contest\'s progress and gaining insight into what is happening behind targeted cyber-attacks, cyberwar, etc.\n

Just like in previous years, winning teams in the CTF competition can expect fantastic prizes. Additionally, there will be complimentary hoodies (yes, the iconic adversary village hoodies), free t-shirts, cool stickers, village coins, badges, and various other swag for the village participants.\n

#### Participant Prerequisites\n

CTF Players will have to bring their laptops.\n

Links:
    Mastodon (@AdversaryVillage@defcon.social) - https://defcon.social/@AdversaryVillage
\n    Website - https://adversaryvillage.org
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-adversary.webp\'','\'cnt-adversary.webp\'','','','','',41408,'\'Map Page - LVCCW Level 1 Hall 2-602 (Adversary Village)\'',NULL),(181877,'\'Battle of the Bots: Vishing Edition\'','contests','\'

In Battle of the Bots, teams push the limits of automation and social engineering by deploying human-built AI agents to conduct live vishing-style phone calls. While social engineering has traditionally relied on human creativity, persuasion, and improvisation, this contest explores what happens when those tactics are handed off to machines. Competitors design and train AI-driven agents capable of gathering information, maintaining believable conversations, and attempting to achieve specific objectives during live calls.\n

The contest offers a rare opportunity to watch these systems interact with real people in real time. Attendees can observe how AI handles persuasion, conversation flow, unexpected responses, and the messy unpredictability of human interaction. Some bots may demonstrate impressive adaptability, while others reveal just how difficult it is to replicate the subtle social skills that human social engineers rely on.\n

Battle of the Bots opens an important conversation about the future of human-focused attacks. As AI tools become more accessible, automation may increasingly play a role in reconnaissance, impersonation, and persuasion at scale. By bringing these experiments into a transparent and controlled environment at DEF CON, the community can explore both the risks and limitations of AI-driven social engineering while gaining insight into how defenders should prepare for the next evolution of the threat landscape.\n

Whether you\'re interested in AI, social engineering, or the intersection of both, Battle of the Bots offers a glimpse into the future of hacking.\n

#### Participant Prerequisites\n

Competitors are selected in advance through our Call for AI Competitors process. Teams who wish to compete should have a basic understanding of AI prompt engineering and conversational agent design in order to develop and refine their AI-driven vishing bots. Competitors should be comfortable building prompts or systems that allow their bots to maintain dynamic conversations and attempt to achieve objectives during live calls. While prior experience with AI automation, voice systems, or social engineering concepts may be helpful, it is not required. All participants must also adhere to the competition’s Code of Ethics and contest guidelines.\n

#### Pre-Qualification\n

The contest does not use a traditional technical pre-qualifier. Instead, teams are selected through an open Call for AI Competitors process prior to DEF CON. Interested teams apply and describe their proposed AI agent and approach, and selected teams are invited to compete during the event. Additional details and application information will be published on our website (https://www.se.community/battle-of-the-bots-vishing-edition/) when the call opens.\n

Links:
    Website - https://www.se.community/battle-of-the-bots-vishing-edition/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-sebotsbattle.webp\'','\'cnt-sebotsbattle.webp\'','','','','',41409,'\'Map Page - LVCCW Level 3 W317-319 (SEC Village)\'',NULL),(181878,'\'PhreakMe\'','contests','\'

Ever wondered what hacking looked like in the golden age of phone phreaking? What about today? What can we learn about the old techniques that still plague our current infrastructure? The PhreakMe Capture the Flag brings you the classic art of telecom exploitation.\n

The Hacked Existence team is once again hosting a telecom based CTF. The CTF runs on real live VoIP lines routed through a modified asterisk PBX allowing participants to dial in to the CTF from anywhere in the world. This number is live 24/7 throughout DEFCON, allowing you to hunt the PBX for flags any time, day or night. Don\'t have a phone? Come test your skills at one of our 5 payphones! Also there\'s a BBS, hope you brought your modem! \n

All the flags are based around historically accurate tactics, techniques, and procedures to manipulate emulated old school switching systems.\n

The purpose of our contest is to bring awareness around the still existing weaknesses in our telecom infrastructure and Interactive Voice Response Systems. Ideally visitors to our contest area will participate in the CTF allowing them to get a better understanding of telecom hacking in the year 2026 as well as a respect for the art of phreaking from yesteryear.\n

Come test your skills, challenge your knowledge, and dive deep into the world of phreaks.\n

Hints: Read \'The Cyberthief and the Samurai\' and \'Masters of Deception: The Gang That Ruled Cyberspace\' for a leg up.\n

#### Participant Prerequisites\n

A phone, or access to a phone that can dial an american based phone number. The BBS will be both accessible from a modem and also ssh. Ideally people will read books like \'The Cyberthief and the Samurai\' and \'Masters of Deception: The Gang That Ruled Cyberspace\' and the Cult of the Dead Cow book.\n

Links:
    Website - https://phreakme.com/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-phreakme.webp\'','\'cnt-phreakme.webp\'','','','','',41410,'\'Map Page - LVCCW Level 1 Hall 1-210 (PhreakMe)\'',NULL),(181879,'\'Darknet-NG\'','contests','\'

Darknet-NG is an Alternate Reality Game (ARG), where the players take on the Persona of an Agent who is sent on Quests to learn real skills and gain in-game points. If this is your first time at DEF CON, this is a great place to start, because we assume no prior knowledge. Building from basic concepts, we teach agents about a range of topics from Lock-picking, to using and decoding ciphers, to Electronics 101, just to name a few, all while also helping to connect them to the larger DEF CON Community. The \"Learning Quests\" help the agent gather knowledge from all across the other villages at the conference, while the \"Challenge Quests\" help hone their skills! Sunday Morning there is a BOSS FIGHT where the Agents must use their combined skills as a community and take on that year\'s final challenge! There is a whole skill tree of personal knowledge to obtain, community to connect with and memories to make! To get started, check out our site https://darknet-ng.network and join our growing Community!\n

#### Participant Prerequisites\n

Prerequisites for competing in the contest would require a device with access to a web browser like a Phone, Tablet, Laptop.\n

Links:
    Mastodon (@DarknetNG@defcon.social) - https://defcon.social/@DarknetNG
\n    Website - https://darknet-ng.network/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-darknet.webp\'','\'cnt-darknet.webp\'','','','','',41411,'\'Map Page - LVCCW Level 1 Hall 1-105 (Darknet-NG)\'',NULL),(181880,'\'$$$$$_<CAPTURE_THE_COIN>_$$$$$\'','contests','\'

We’re bringing real-world payment hacking straight to DEF CON. This contest merges hardware hacking, cryptanalysis, mobile app forensics, physical security, offensive security and social engineering into one glorious, chaotic CTF. No system is sacred! If it moves, stores or processes money, it\'s fair game. \n

From magstripes to mobile wallets, POS systems to online banking, ATMs to NFC payments, if it touches money, we’re messing with it. Your mission: reverse, break, manipulate, and exploit, all in the name of exploration!\n

Expect challenges where you’ll clone, decrypt, spoof, MITM, inject, and maybe even get a card to spill its deepest, darkest secrets. Want to mess with a banking app? We got you. Think your RFID cloning skills are solid? Prove it. Ever wondered if you can bypass chip-and-PIN protections? Let’s find out!\nSo, whether you’re an RFID wizard, EMV cryptography nerd, API manipulator, or into dumpster diving, there’s a challenge here for you. You might not get rich, but you’ll have fun trying!\n

#### Participant Prerequisites\n

We recommend a laptop and an android phone. However there are no prerequisites to start the challenges as many have physical interaction points in order to get started and find flags. We can loan contestants additional equipment for challenges that may require it. \n

#### Pre-Qualification\n

No pre-qualifier!\n

Links:
    Website - https://ctf.paymentvillage.org
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-capturethecoin_v2.webp\'','\'cnt-capturethecoin_v2.webp\'','','','','',41412,'\'Map Page - LVCCW Level 2 W204-205 (Payment Village)\'',NULL),(181881,'\'.EDU Community\'','communities','\'

A space for the .EDU Community at DEF CON, come learn about the challenges around security our education sector, the .EDU Community caters to the k12 - University sector and those responsible for security in this space.

\'','\'https://defcon.outel.org/defcon34/images/logos/com-edu.webp\'','\'com-edu.webp\'','','','','',41417,'\'Map Page - LVCCW Level 1 Hall 4-1418 (.EDU Community)\'',NULL),(181882,'\'CodeBloom\'','communities','\'

CodeBloom is a nonprofit on a mission to democratize tech for underserved and underrepresented communities, because every seed of potential deserves the right conditions to grow!\n

At DEF CON, our community space is where seeds of curiosity take hold and ideas start to sprout. Throughout the day, we break down a coding concept through hands-on games like musical chairs, duck duck goose, and activities where learning blooms disguised as fun! Between rounds, stick around for crafts that help the lesson stick and give you something to take home. We\'ll also host special talks on AI and other big ideas for those ready to grow beyond the basics.\n

Whether you\'re 8 or 80, a seasoned hacker or a fresh seedling just finding your way, you belong here. Come play, create, learn, and put down roots in a community that believes tech education should be joyful, accessible, and lifelong!\n

Links:
    Bluesky (codebloom) - https://bsky.app/profile/codebloom.bsky.social
\n    Instagram - https://www.instagram.com/codebloomhq/
\n    Mastodon (@codebloom@mastodon.social) - https://mastodon.social/@codebloom
\n    Website - https://codebloom.org
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/com-codebloom.webp\'','\'com-codebloom.webp\'','','','','',41418,'\'Map Page - LVCCW Level 1 Hall 4-1304 (CodeBloom Community)\'',NULL),(181883,'\'Hackers.town\'','communities','\'

Hackers.town is a community of hackers, artists, and tech professionals who take on restore the future. We will be showcasing progress on those projects as well as helping others to get theirs started. We believe in the power of communities to change the world, and invite you to believe with us.

Links:
    Website - https://masto.hackers.town
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/com-hackerstown.webp\'','\'com-hackerstown.webp\'','','','','',41419,'\'Map Page - LVCCW Level 1 Hall 4-1420 (Hackers.town)\'',NULL),(181884,'\'IllumiCon\'','communities','\'

Primordial humans of DEF CON, welcome to IllumiCon. We are emissaries of the Radiance Generation Bureau (RGB) and we have gathered you here beneath your primitive neon signs, mundane clothing, and crude LEDs to bask in the glow of our luminous glory. \n

From laser projectors to fiber optics, electroluminescent wire to addressable LEDs—this is not mere spectacle but the evolution of your species through illumination. You cannot resist the allure of the visible electromagnetic spectrum.\n

Circuits shall blaze, photons shall dance, and hacks unimagined will be exposed by the sharp edge of coherent light; all will be revealed in the IllumiCon Community. We will show you the hardware and software to create your own holiday displays and clothing befitting the Bureau. We can even show you how to impress others of your species with fanciful shows of lights and lasers if you wish. The Bureau shall also demonstrate novel ideas for electroluminescent (EL) wire and fiber optic strands, bending captive starlight into raiment and radiant constructs. Put in terms humans may understand, you will learn something new with our demos and hands-on activities for each and every one of these.\n

It is only right therefore, as the hackers and makers of your world, that you represent your species with your best builds and ideas by bringing them to the IllumiCon Community for the Bureau to evaluate. Or, if you simply wish for admiration, show your fellow humans your blinky contraptions.\n

Be the hacker that you are: treat every task like it has an attack surface and use the squishy matter in your head to find the solution. Knowledge will refract, minds will reflect; and through the prism of newly-discovered purpose, the future will shine bright. Proceed if you dare to become better, squishy mortals. And when times are dark, remember: Hackers light the way.\n

Links:
    Website - https://illumicon.org/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/com-illumicon.webp\'','\'com-illumicon.webp\'','','','','',41420,'\'Map Page - LVCCW Level 1 W106 (IllumiCon Community)\'',NULL),(181885,'\'LOONG Community\'','communities','\'

The Loong Community returns to DEF CON 34 as one of the premier hardware-oriented hacking playgrounds, building on its acclaimed presence at DEF CON 33. Co-hosted by passionate crews from Hong Kong and Singapore, this interactive space invites attendees to dive into hands-on, free-to-play experiences across diverse physical security and embedded domains.\n

Participants can engage directly with CanBus automotive networks, experiment with satellite signal interception and analysis, explore RFID cloning and relay attacks, manipulate RF protocols using software-defined radio tools, and perform advanced chip-off forensics on real hardware—all in a welcoming, collaborative environment designed for beginners and experts alike.\n

True to its heritage—rooted in the legacy of DEF CON’s iconic Chipoff and Variety Exploitation Villages—the Loong Community blends rigorous hardware hacking with vibrant cultural storytelling. This year’s setup features a striking traditional Chinese dragon sprite motif, symbolizing power, wisdom, and transformation in the infosec realm.\n

Whether you’re reverse-engineering firmware, side-channeling signals, or simply tinkering with cutting-edge tools, Loong Community offers an open, inclusive playground to level up your hardware hacking skills amid the energy of DEF CON 34. Join us to unlock new techniques, share knowledge, and celebrate the art of adversarial hardware exploration.\n

\'','\'https://defcon.outel.org/defcon34/images/logos/com-loong.webp\'','\'com-loong.webp\'','','','','',41421,'\'Map Page - LVCCW Level 1 Hall 4-1423 (LOONG Community)\'',NULL),(181886,'\'Middle Easterns & Africans in Cyber Security (MEACS)\'','communities','\'

MEACS is a community space dedicated to connecting cybersecurity researchers, engineers, students, and independent hackers from the Middle East and Africa with the broader global security ecosystem at DEF CON. Our mission is to amplify technical voices from the region, encourage collaboration across borders, and create a consistent space for learning, mentorship, and research exchange.\n

Cybersecurity talent across the Middle East and Africa is growing quickly, spanning offensive research, defensive engineering, threat intelligence, cloud security, mobile security, and critical infrastructure protection. Yet many practitioners from these communities remain underrepresented at major global conferences. MEACS provides a hacker-focused environment where their work, ideas, and experiences can be shared directly with the DEF CON community.\n

Attendees can expect technical discussions centered on real-world security challenges and research. This includes vulnerability discovery, exploitation techniques, defensive architecture, threat analysis, secure system design, bug bounty experiences, and lessons learned from operating in rapidly evolving digital environments. The space may include lightning talks, collaborative discussions, open research conversations, and structured networking designed to spark long-term collaboration.\n

MEACS relates directly to hacking because it is rooted in curiosity, experimentation, responsible disclosure, and technical knowledge sharing. It reflects core hacker values: understanding how systems work, challenging assumptions, improving security through transparency, and learning through hands-on engagement. The group is not about identity alone. It is about building technical community around shared security interests and research.\n

Participants will be able to:\n

Share and discuss security research\n

Connect with peers across the MEA region and globally\n

Form collaborations for projects, CTF teams, and open source initiatives\n

Explore offensive and defensive security career paths\n

Engage in conversations about regional threat landscapes and defenses\n

Build lasting professional relationships within the DEF CON ecosystem\n

MEACS contributes a new perspective to DEF CON by expanding global participation in technical security discussions while remaining fully aligned with the conference’s hacker ethos. It strengthens cross-regional collaboration, increases visibility for independent researchers, and helps cultivate the next generation of security contributors from the Middle East and Africa.\n

Our goal is to build a sustainable community presence that extends beyond the event and continues fostering collaboration, research visibility, and technical growth year after year.\n

Links:
    Website - https://meacs.org/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/com-MEACS.webp\'','\'com-MEACS.webp\'','','','','',41422,'\'Map Page - LVCCW Level 1 Hall 4-1306 (Middle Easterns & Africans in Cyber Security (MEACS) Community)\'',NULL),(181887,'\'Mobile Hacking Community\'','communities','\'

At the Mobile Hacking Community, attendees will learn about the latest trends in mobile application security through hands-on experiences, including topics such as bypassing security mechanisms and hardening techniques, and exploiting known CVEs.\n

Additionally, attendees will engage in a competitive process by participating in an onsite CTF (Capture the Flag) event to test their skills, face new challenges, and learn new skills.\n

Attendees will also have the opportunity to watch cutting-edge research presentations and case studies on various topics within the domain.\n

Dedicated real devices running vulnerable applications will be available, allowing attendees to actively practice exploitation and analysis in a realistic environment.\n

\n
Prerequisites
\n
    \n
  • Attendees should bring their own laptop in order to fully participate in the hands-on workshops and CTF challenges.\n
  • A basic familiarity with using a command line, installing software, and general computing concepts is recommended, but prior mobile security experience is not required.
\n
\nLinks:
    Website - https://mobilehackingcommunity.com/
\n    Mastodon (@mobilehackingcommunity@mastodon.social) - https://mastodon.social/@mobilehackingcommunity
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/com-mobilehacking.webp\'','\'com-mobilehacking.webp\'','','','','',41423,'\'Map Page - LVCCW Level 1 Hall 4-1422 (Mobile Hacking Community)\'',NULL),(181888,'\'National Marrow Donor Program (Be the Match)\'','communities','\'

The National Marrow Donor Program (Formally \"Be the Match\") is returning to DEF CON! A fixture at DEF CON since 2010, the NMDP operates the largest and most diverse marrow registry in the world. For patients with life-threatening blood cancers like leukemia and lymphoma or other life-threatening diseases, a cure exists – a blood stem cell transplant. NMDP leads the fight to advance the science of transplant, support patients at every step of their journey, and empower people to give the greatest gift of all – the gift of life. Still, many patients can’t find a match, so please visit our booth, become a member of the registry, and participate in one of the coolest biohacks around!

Links:
    Website - https://www.nmdp.org/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/com-nmdp.webp\'','\'com-nmdp.webp\'','','','','',41424,'\'Map Page - LVCCW Level 1 Hall 4-1413 (National Marrow Donor Program (Be the Match))\'',NULL),(181889,'\'Operating Systems Community\'','communities','\'

The OS Community is the perfect destination for anyone passionate about the building blocks of hacking: operating systems. This community isn\'t just about what’s under the hood; it\'s about cracking it open, rethinking it, and optimizing it for innovation. Attendees will experience an interactive hub where they can dive into OS development, discover open-source platforms, and learn how operating systems can be tailored for security, performance,

Links:
    Website - https://oscommunity.org/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/com-os_v2.webp\'','\'com-os_v2.webp\'','','','','',41425,'\'Map Page - LVCCW Level 1 Hall 4-1308 (Operating Systems Community (OS Community))\'',NULL),(181890,'\'OSINT For Good Community\'','communities','\'

The OSINT for Good Community, sponsored by Trace Labs (a Canadian non-profit) will introduce you to concepts behind using Open Source Intelligence (OSINT) to support humanitarian causes. More then just \"snooping around on the Internet\", organized OSINT activities can help find missing people, develop and share information about disasters and humanitarian crises, and a support a variety of other causes. We\'ll share tools and techniques, talk about ethical practices, help you use the tools, and point you to organizations where you can put your people hacking skills to use for the greater good. If you register (for free), you can even use our space to participate in a Trace Labs Global OSINT Search Party CTF on Saturday. Everyone is welcome, whether you have OSINT experience or not!

Links:
    Mastodon (@tracelabs@infosec.exchange) - https://infosec.exchange/@tracelabs
\n    Website - https://www.tracelabs.org
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/com-osint4good.webp\'','\'com-osint4good.webp\'','','','','',41426,'\'Map Page - LVCCW Level 1 Hall 4-1307 (OSINT For Good Community)\'',NULL),(181891,'\'Robotic Hacking Community\'','communities','\'

Hackers have broken browsers. \n

Hackers have broken cars. \n

Now we\'re hacking robots. \n

Welcome to the Robotic Hacking Community. \n

Robots are rapidly moving into the real world, from factories and hospitals to warehouses and homes. \n

They see. They move. They make decisions. But can they be hacked? \n

Autonomous robots and physical AI systems represent one of the newest attack surfaces in security. Unlike traditional systems, a compromised robot does more than leak data. It can pick up the wrong object, move into the wrong space, or act against the people it was built to serve. \n

The security community has only begun to explore how these machines can be hacked. That is exactly why the Robotic Hacking Community exists. \n

Organized by the researchers behind VicOne LAB R7, the community brings a hacker mindset to robotic systems where vulnerabilities can have real-world physical consequences. \n

Robots are stacks of hardware, firmware, sensors, AI models, networks, and cloud services. Every layer is an attack surface. \n

#### What you\'ll find at RHC\n

    \n
  • Talks & Research - Original research and live demonstrations exploring vulnerabilities in robotic platforms, ROS2 middleware, firmware, sensors, and AI systems. Real bugs. Real machines. Real impact. \n
  • Robotic CTF - Capture the Flag challenges built around real robotic attack scenarios. If you\'ve never hacked a robot before, this is your chance. \n
  • Physical AI Game - Team-based challenges where participants exploit, defend, and demonstrate attacks against physical AI systems in a controlled environment. \n
  • Physical AI Hacking 101 - A beginner-friendly hands-on hacking playground. No robotics experience required.
\n

#### What you\'ll learn \n

    \n
  • How robots get hacked. From sensor spoofing and adversarial manipulation of AI decision logic to firmware exploitation and supply chain weaknesses. \n
  • You\'ll also explore how cybersecurity and safety collide when the target can move, interact with people, and affect the physical world. \n
  • Robots are leaving the lab and entering everyday life. \n
  • Hackers should be there too. \n
  • Come hack a robot. Help make them safer.
\n

#### Prerequisites Required (bring your own)\n- Laptop (any OS — Windows, macOS, or Linux)\n

#### Provided on-site
\n- All robotic hardware, physical AI platforms, tools, and lab equipment will be provided by the community. Attendees do not need to bring any specialized devices or hardware.\n

#### Recommended knowledge (helpful but not required)\n- Basic familiarity with Linux command line\n- Some experience with networking or security concepts\n- Curiosity about robotics or AI systems is all you really need for the 101 track\n

No prior robotics or hardware hacking experience is necessary to participate. All skill levels are welcome.\n

Links:
    Website - https://www.robotichackingvillage.com
\n    Mastodon (@robotichackingcommunity@defcon.social) - https://defcon.social/@robotichackingcommunity
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/com-robotic.webp\'','\'com-robotic.webp\'','','','','',41427,'\'Map Page - LVCCW Level 1 Hall 4-1309 (Robotic Hacking Community)\'',NULL),(181892,'\'Noob Community\'','communities','\'

The Noob Community is a space for those new to cybersecurity and/or DEF CON to ask questions and find answers. With our No Stupid Questions table, we have cyber veterans and volunteers ready to answer any question you have (No question is a stupid question). We have community partners providing hands-on labs and experiences to help you learn what the different roles and skills in cybersecurity look like, including TCM Security, Arcanum, SANS Institute, Kryptsec, Hack The Box, and many more. We have workshops and talks all day, every day of the conference, with beginner-focused content. And we have a fun space with people ready to help you figure out what cybersecurity and DEF CON are all about.\n

    \n
  • Disclaimer: answers/advice given is not vetted or endorsed by DEF CON
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/com-noob.webp\'','\'com-noob.webp\'','','','','',41433,'\'Map Page - LVCCW Level 1 Hall 4-1417 (Noob Community)\'',NULL),(181893,'\'?Cube\'','contests','\'

Redefining Boundaries. Enhancing Connectivity. Institutionalizing Control – Aperture Inc. continues to push the limits of innovation and remains committed to providing value to both stakeholders and our “customers.”\n \n

Controls are stricter. Telemetry is richer. Oversight has improved. Intelligence has emerged. Aperture has expanded—new industries, new platforms, new technologies quietly embedded into the fabric of our everyday lives. Each integration promises resilience. Every layer introduces complexity. And complexity always creates opportunity…\n

At the center of it all remains the ?Cube. Its defenses have hardened, its architecture improved, its surface area widened. It’s an ecosystem of physical security, web applications, communications systems, cryptography, and oh so much more.\n

For those already familiar—welcome back. For those encountering it for the first time, orientation will be … brief. But don’t fear, anyone can join the challenge. You will be entering an environment that demands curiosity across physical security, web applications, communications systems, cryptography, and, of course, the great unknown. Each layer builds on the last. Small oversights become structural weaknesses.\n

Form a team with range. Specialists matter. Coordination and curiosity matter more. The objective is simple: reach the center. If the core remains uncompromised, the team that advances the deepest into its labyrinth of challenges will be the winner. Advancement will require persistence. Errors and missteps will have consequences. Progress will not be accidental.\n

Welcome to the ?Cube.\n

\n
Prerequisites
\n
\n

A laptop will be highly recommended in order to interact with the technologies. Teams will be required. \n

Lockpicks, RFID tools (e.g., Proxmark/Flipper), and other \"hacking\" devices are recommended but not required.\n

Links:
    Website - https://0x3fcube.com
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-cube.webp\'','\'cnt-cube.webp\'','','','','',41435,'\'Map Page - LVCCW Level 1 Hall 1-109 (?Cube)\'',NULL),(181894,'\'STARPWN (Aerospace Village CTF)\'','contests','\'

Want to try your hand at hacking satellites, spacecraft and ground control systems? Miss out on Hack-A-Sat? Want to explore the final frontier of cybersecurity? STARPWN is the official Aerospace Village space hacking CTF! Back door flight computers, trojan flight software, exploit CVE\'s, reverse protocols, and more! During you space hacking journey, you’ll learn all about the environmental and operational constraints of space systems, how they affect cybersecurity posture and impact exploitability. \n

#### Participant Prerequisites\n

Participants will need a personal computer / laptop and an internet connection to play the CTF.\n

Links:
    Website - https://aerospacevillage.org
\n    Mastodon (@aerospacevillage@defcon.social) - @aerospacevillage@defcon.social
\n    Starpwn CTFd - https://starpwn.ctfd.io
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-aerospace-starpwn.webp\'','\'cnt-aerospace-starpwn.webp\'','','','','',41436,'\'Map Page - LVCCW Level 1 Hall 2-700 (Aerospace Village)\'',NULL),(181895,'\'BadgeLife Trivia\'','contests','\'

Test your knowledge of the circuitry, components, protocols, RF and embedded engineering found in badges and other small electronics! This trivia competition challenges participants to demonstrate mastery of electronics fundamentals, embedded systems, and badge engineering. Teams can sign up at the beginning of the contest. The contest will start will an open \"bar trivia\" style contest where teams in the audience can submit answers to a set of pre-selected questions. The top teams will be invited to the stage for the final competition where teams wager points each round on randomly chosen questions from a list of categories.

\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-badgelife-trivia.webp\'','\'cnt-badgelife-trivia.webp\'','','','','',41437,'\'Map Page - LVCCW Level 1 Hall 1-209 (Badgelife Village)\'',NULL),(181896,'\'Blacks In Cybersecurity Game Night Extravaganza!\'','contests','\'

Gamers Unite! Come join the BIC Village team to engage with one another, unplug and find some friendly competition! Come demonstrate your skill in the games of spades, uno and corn hole with competitive brackets as well as beginner friendly matches. Whether you’re into board games, card games or classic party games, there’s something for everyone here! Bring your game face and get ready for a night of fun, laughter and connection.This event will feature different skill levels to ensure inclusivity and feature a fun prize.

Links:
    Mastodon (@blacksincyber@defcon.social) - https://defcon.social/@blacksincyber
\n    Website - https://www.blacksincyberconf.com/bic-village
\n    Mastodon (@blacksincyber@infosec.exchange) - https://infosec.exchange/@blacksincyber
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-bic-gamenight.webp\'','\'cnt-bic-gamenight.webp\'','','','','',41438,'\'Map Page - LVCCW Level 3 W322-W324 (BIC Village)\'',NULL),(181897,'\'Phish Stories\'','contests','\'

Phish Stories is a contest that combines the art of creative writing with the strategic challenge of social engineering, inviting participants to craft phishing emails that are both convincing and hilariously entertaining. It gives people at any level the chance to show off their skills in writing, social engineering, and humor to create a unique contest that allows for multiple ways to win. Writers, comedians, and Red-Teamers can all find a path to victory! \n

Participants are tasked with creating phishing emails targeting key staff of a fictional company. The goal is to produce emails that are not only convincing enough to prompt a click but also funny enough to entertain. Contestants must also provide a one-page backstory that gives the details of the approach and what happens after our unsuspecting staff member clicks on that link. Contestants receive background information on their targets to help craft their entries.\n

There are three winners in the contest:\n- The Ruler: Best overall combination of clickability and humor.\n- The Wizard: Best technical and clickable email.\n- The Jester: Funniest entry.\n

Links:
    Website - https://www.phishstories.org/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-phishstories.webp\'','\'cnt-phishstories.webp\'','','','','',41439,'',NULL),(181898,'\'Reali7y Overrun\'','contests','\'

It\'s hard to tell what\'s real or not anymore. Deepfakes, AI, LLMs, Sora, unreliable sources of information, data spoofing... it\'s too much for even the most informed to keep up with, let alone the 99% of us just trying to get by. We\'re heading quickly to that precipice, close to that point of no return where those who control the money, the power, the GPUs, the energy grid, will control us all. Or worse: where the first artificial intelligences will manipulate us all... We\'re nearing a memory buffer overflow, a glitch in the matrix, a\n

/`/$ REALI7Y OVERRUN $\\\'\\\n

Teams will join an interactive multiplayer video game and follow the storyline to clues that will give them hints about who they can trust and who they can\'t. The clues will follow the pattern of deepfakes and forgeries, asking players to figure out what\'s real and what\'s not, focusing on hacker and DefCon focus areas such as authentication, trust, social engineering, hardware and software manipulation and more. They will be given a rich story that will lead them to research the underlying issues in trust and anonymous trust systems. They will encounter challenges and tutorials on video and image validation and cryptographically safe messaging.\n

Links:
    Website - https://reali7y-over.run/
\n
\'','NULL','NULL','','','','',41440,'\'Map Page - LVCCW Level 1 Hall 1-308 (Reali7y Overrun)\'',NULL),(181899,'\'AI Art Battle\'','contests','\'

This unique competition invites creative minds to dive into the world of artificial intelligence and art. The challenge is to craft the most imaginative prompts for generative AI models to create artwork.\n

Contestants will not be creating the art themselves; instead, they will focus on designing prompts for well-known topics that push the boundaries of creativity and innovation.\n

How It Works:\n

Select a Topic:\n

Contestants will choose from a list of random topics.\n

These could range from historical events and famous literary works to mythical creatures, futuristic landscapes, and iconic pop culture references.\n

Craft a Prompt:\n

Using their creativity, contestants will write a detailed prompt designed to guide AI models in generating original artwork. The prompts should be clear, imaginative, and offer enough detail to spark the AI\'s artistic capabilities.\n

\n
Submission
\n
\n

Each contestant will submit their prompt and the intended outcome.\n

AI Generation:\n

The submitted prompts will be fed into a generative AI art model, which will generate corresponding artworks.\n

A random panel will determine who the winners are.\n

\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-ai_art_battle.webp\'','\'cnt-ai_art_battle.webp\'','','','','',41441,'\'Map Page - LVCCW Level 1 Hall 1-100 (Contest Stage)\'','Friday, Aug 7, 19:00 - 20:59 PDT
'),(181900,'\'Pub Quiz at DEF CON\'','contests','\'

We’re back with another Pub Quiz at DEF CON! After 4 very successful years hosting this event, we’ve made some improvements to make it even better. So… do you like pub quizzes? If so, get your butts over and join us for the 5th Pub Quiz at DEF CON 34.\n

The quiz will consist of 7 rounds, covering topics like ’90s/2000s TV and movies, DEF CON trivia, music, cartoons, and yes, a little bit of sex. The theme is all the things that make DEF CON attendees exceptional, so there will truly be something for everyone. Expect a mix of visual rounds, audio rounds, and classic con questions. We need to keep you peeps stimulated.\n

This is a social event, so we encourage teams of 5–6 people. You never know… you might even meet the love of your life.\n

Did we mention CASH? That’s right; cold, hard cash prizes for 1st, 2nd, and 3rd place teams. And as always, if there’s a tie, we’ll break it with a good old-fashioned dance-off, judged by the hosts and a few trusted goons.\n

Come for the trivia. Stay for the chaos.\n

\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-pubquiz.webp\'','\'cnt-pubquiz.webp\'','','','','',41442,'\'Map Page - LVCCW Level 3 W327 (Misc Meeting Room)\'','Friday, Aug 7, 13:00 - 14:59 PDT
'),(181901,'\'Um, ACKtually\'','contests','\'

Um, ACKtually is returning for it\'s 2nd year at DEF CON 34! If you\'ve ever seen the popular Dropout TV game-show \"Um, Actually\", then you know exactly who we stole this idea from. \n

Three contestants will compete for the Pedantic Hacker crown, providing corrections for (just barely) incorrect statements given by the hosts about everything from general technology, cyber security, and overall nerd culture. We will chum the waters of the question pool with red herrings and wrong turns while the sharks circle to be the first to answer \"WELL, UM ACKTUALLY...\".\n

Um, ACKtually celebrates everything hacker culture was built on. Community knowledge share, deep subject matter expertise of niche topics, and an almost orgasmic feeling of superiority at correcting someone else\'s mistakes, live and in public.\n

\'','NULL','NULL','','','','',41443,'\'Map Page - LVCCW Level 1 Hall 1-100 (Contest Stage)\'','Friday, Aug 7, 16:00 - 17:59 PDT
'),(181902,'\'DEF CON Groups Sticker Contest\'','contests','\'

The DCG Sticker Contest is an in-person sticker design contest happening during DEF CON 34.\n

Attendees can submit original, human-created sticker designs, view all entries on site, and vote in person for their favorites. Designs will be displayed in the DEF CON Groups Community space throughout the conference, with voting open during DEF CON and the winning design announced on Sunday.\n

Stickers are hacker currency. This contest is about celebrating that culture through creativity, participation, and community choice. No remote judging and no behind-the-scenes decisions. What wins is what the DEF CON community votes for.\n

Whether you want to contribute art, support fellow hackers, or help decide the winning design, this is your chance to participate directly.\n

#### Participant Prerequisites\n

For designers / contributors:\n

    \n
  • Original sticker artwork created by a human (no AI-generated art)\n
  • You may design it yourself or work with a human graphic designer\n
  • Ability to submit artwork digitally prior to DEF CON\n
  • No specialized technical knowledge required
\n

For voters:\n

    \n
  • Attendance at DEF CON\n
  • Ability to view entries in person and cast a vote\n
  • Voting is honor-based: one human, one vote\n
  • Participants may vote
\n

No special hardware, software, or prior experience is required to participate or vote.\n

#### Pre-Qualification\n

A call for sticker designs will open prior to DEF CON with the contest and voting happening on-site.\n

Links:
    DEF CON Groups Website - https://defcongroups.org
\n    Sticker Contest Website - https://stickercontest.org/contests/defcon34.html
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-dcg-sticker.webp\'','\'cnt-dcg-sticker.webp\'','','','','',41444,'\'Map Page - LVCCW Level 2 W238 (DEF CON Groups)\'',NULL),(181903,'\'DEF CON Groups Backdoor & Breaches\'','contests','\'

Tournament-Style Backdoors & Breaches Competitive – Live Incident Response Showdowns\n

The DEF CON Groups Community is bringing live, bracket-style Backdoors & Breaches Competitive Games to DEF CON 34.\n

Backdoors & Breaches is an incident response card game built around realistic breach scenarios. In our tournament format, teams step into the roles of adversaries, where they will take turns attacking or defending against each other. They must analyze scenarios, identify adversarial tactics, make technical and business decisions, and mitigate damage before attackers wipe them out of the game.\n

This isn’t passive content. This is live, projected, real-time decision-making.\n

Matches will be bracketed and displayed on screen so attendees can watch strategies unfold, debate choices, and learn from both brilliant plays and catastrophic missteps. Spectators become students of the game — observing how attacks progress, how defenders prioritize, and how communication and leadership shape outcomes.\n

Participants can:
\n- Join the tournament on the spot — no pre-qualifiers required\n- Compete in structured brackets
\n- Win donated swag
\n- Learn incident response by doing, not just listening\n

What will you learn?\n

You’ll see how modern attacks move from initial access to impact. You’ll experience the tension of limited funding. You’ll learn how small decisions compound during an incident. You’ll understand how legal, executive, and technical perspectives collide in a breach scenario. Most importantly, you’ll build intuition for thinking like both attackers and defenders.\n

This is hacking culture through simulation: adversary thinking, defensive strategy, rapid analysis, and creative problem solving — all wrapped in competition.\n

Located inside the DCG Community space, the tournament creates visible energy and draws attendees into a broader ecosystem of DEF CON Groups, workshops, sticker contests, and community collaboration.\n

If you’ve ever wanted to see incident response as a spectator sport — or test your instincts under pressure — pull up a chair.\n

#### Participant Prerequisites\n

None. No equipment, preparation, or prior cybersecurity knowledge is required.\n

Attendees can join the tournament on the spot and learn the game mechanics in a few minutes. All materials will be provided, and facilitators will guide participants through gameplay as needed. Spectators are also welcome and can learn by watching matches and discussions unfold.\n

#### Pre-Qualification\n

No. This contest will not have a pre-qualifier.\n

The tournament is designed to be accessible to any DEF CON attendee without advance preparation. Participants will be able to sign up on site and join bracketed matches throughout the event.\n

Short explanations of the rules will be provided before matches begin, allowing new players to learn the mechanics quickly. This format lowers the barrier to entry while still allowing competitive play for more experienced participants.\n

Links:
    Website - https://www.blackhillsinfosec.com/tools/backdoorsandbreaches/
\n
\'','NULL','NULL','','','','',41445,'\'Map Page - LVCCW Level 2 W238 (DEF CON Groups)\'',NULL),(181904,'\'Crash and Compile\'','contests','\'

What happens when you take an ACM style programming contest, smash it head long into a drinking game, throw in a mix of our most distracting helpers, then shove the resulting chaos on stage in front of an audience? You get the contest known as Crash and Compile.\n

Teams are given programming challenges and have to solve them with code. If your code fails to compile? Take a drink. Segfault? Take a drink. Did your code fail to produce the correct answer when you ran it? Take a drink. ChatGPT wrote your code? First of all shame. Secondly take a drink.\n

We set you against the clock and the other teams. And because our \"Team Distraction\" think watching people simply code is boring, they have taken it upon themselves to be creative in hindering you from programming, much to the enjoyment of the audience. At the end of the night, one team will have proven their ability, and walk away with the coveted Crash and Compile trophy.\n

Crash and Compile is looking for the top programmers to test their skills in our contest. Can you complete our challenges? Can you do so with style that sets your team ahead of the others? To play our game you must first complete our qualifying round. Gather your team and see if you have the coding chops to secure your place as one of the top teams to move on to the main contest.\n

Qualifications for Crash and Compile will take place Friday starting at 10:00 and run till 18:00, both in the contest area and online at https://crashandcompile.org\n

You may have up to two people per team. Individuals can compete, but having two people on a team is highly suggested.\n

Of the qualifiers, ten teams will move on to compete head to head on the contest stage on Saturday.\n

#### Participant Prerequisites\n

As this contest involves the drinking of alcohol (beer), all contestants must be 21 years of age or older. Yes we will check. While we don\'t limit what development environment or programming language you chose to use, as we used a PDP11/23 when we competed, the team must have at least one computer that can connect to our contest network via wired ethernet for the main contest. \n

#### Pre-Qualification\n

Qualifiers run on Friday from 10:00 to 18:00. We will be located in the contest area, and the problems can be accessed via our site at https://crashandcompile.org\n

Links:
    Website - https://crashandcompile.org/
\n    Mastodon (@crashandcompile@defcon.social) - https://defcon.social/@crashandcompile
\n    Website - https://crashandcompile.org
\n
\'','NULL','NULL','','','','',41446,'\'Map Page - LVCCW Level 1 Hall 1-404 (Crash and Compile)\'',NULL),(181905,'\'HALctf (AI Village CTF)\'','contests','\'

Step into the future of offensive security at HalCTF, DEF CON’s first autonomous-only capture the flag. While the industry fixates on closed-source models like Claude, Codex, and Gemini, the security community remains at the whim of providers who can shutter access at a moment\'s notice. This dependency creates a bottleneck for both malicious actors and the good-faith researchers trying to outpace them. HalCTF breaks that cycle by asking a critical question: What can be achieved with pure, open-source models? Participants deploy self-contained Docker agents into an isolated sandbox, built with local LLM infrastructure with open source models, these autonomous \"Operators\" must independently navigate to scout, exploit, and pivot through live targets in several other CTFs. This is a first-of-its-kind laboratory for agentic research—an air-gapped proving ground to see if open models can hold their own in a real-world fight. Build your agent, upload your ID, and see if the open-source rebellion can take the flag.\n

#### Participant Prerequisites\n

They need to submit the docker image a week before DEFCON. On site submissions will be taken as possible, but we’re not building autoscaling in as the Proxmox component from Range Village doesn’t scale.\n

#### Pre-Qualification\n

There is no pre-qualification aside from the presubmission.\n

Links:
    Website - https://aivillage.org
\n
\'','NULL','NULL','','','','',41447,'\'Map Page - LVCCW Level 1 Hall 2-603 (AI Village)\'',NULL),(181906,'\'Hacker Games\'','contests','\'

The Hacker Games is a series of hacker skills tests meant to challenge the hacker\'s knowledge of computer systems such as Binary -> Hex -> X conversion, Adapter -> Adapter knowledge, Keyboard Layout, and many more arbitrarily useless skills. Hackers will go head-to-head in a series of several skill-based games. BinHexAscii, Chopstick Challenge (a.k.a. Will it Flow), Keyboard Layout, Adapt or Die, ToS, and more! Can you hack it?\n

#### Participant Prerequisites\n

A box of computer-style adapters of no particular order would be very helpful.\n

\'','NULL','NULL','','','','',41448,'\'Map Page - LVCCW Level 1 Hall 1-207 (Hacker Games)\'',NULL),(181907,'\'Beer Chilling Contraption Contest\'','contests','\'

It’s the 21st year of the BCCC and it’s the Beer Chilling Contraption Contest this year! We can finally drink! No more beverage, we are drinking beer now, and boy do we need one. This year we thought we would mix it up and have cold beer and you all could try your hand at warming it. Unfortunately, the guys in charge of getting the ice got a bit too tan walking in this Vegas sun. A different kind of ICE deported them to Botswana and in the ensuing chaos the beverage was left outside and its warm again. Fortunately for everyone involved, WW3 and the inevitable nuclear winter will finally solve the warm beer problem -- well at least temperature-wise. It might be a little HOT in the gamma spectrum. But while we wait for Pooh Bear, BiBi, Putler, and or the Cheeto to kick this global cooling contraption off, its up to us to chill this beer.\n

You will cool the beer we give you in a red solo cup as quickly as possible to 34 degrees F. You may not alter the beer by mixing it with ice, dry or otherwise. You may bring a device you created or build your own at the convention. There are some great prizes waiting, mostly what I have lying around and don\'t want to take home. There are some additional rules, check the DEFCON forums or the poster board at the contest!\n

In conclusion, it’s not just a warm beverage—it’s a testament to the rich tapestry of societal collapse, seamlessly navigating the multifaceted landscape of your broken contraption.\n

#### Participant Prerequisites\n

    \n
  • A commitment to the sanctity of the unadulterated beverage.\n- \nA complete disregard for the health a safety of one\'s self, good design principals, and the laws of physics generally.
\nLinks:
    Website - https://dcbccc.com/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-bccc.webp\'','\'cnt-bccc.webp\'','','','','',41449,'\'Map Page - LVCCW Level 1 Hall 1-202 (Beer Chilling Contraption Contest)\'',NULL),(181908,'\'DC\'s Next Top Threat Model\'','contests','\'

Threat Modeling is arguably the single most important activity in an application security program and if performed early can identify a wide range of potential flaws before a single line of code has been written. While being so critically important there is no single correct way to perform Threat Modeling, many techniques, methodologies and/or tools exist.\n

As part of our challenge we will present contestants with the exact same design and compare the outputs they produce against a number of categories in order to identify a winner and crown DEF CON’s Next Top Threat Model(er).\n

#### Participant Prerequisites\n

A laptop is recommended, a smartphone could be used but will be less than idea. Internet access to retrieve the design materials and to submit findings and access to the email used during registration.\n

Links:
    Website - https://threatmodel.us
\n    Mastodon (@dcnttm@defcon.social) - @dcnttm@defcon.social
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-dcnttm.webp\'','\'cnt-dcnttm.webp\'','','','','',41450,'\'Map Page - LVCCW Level 1 Hall 1-102 (DC\'s Next Top Threat Model)\'',NULL),(181909,'\'spyVspy 3: Rat Race\'','contests','\'

spyVspy is back, and this year, you\'re racing.\n

Embark on a thrilling espionage adventure with spyVspy 3: Rat Race! This contest imagines a world of spy games where contestants employ basic hacking, cryptography, and rogue skills to solve puzzles and uncover hidden caches strategically scattered throughout DEF CON (and beyond).\n

Challenges leading to the location of hidden caches will be released on a rolling schedule. By solving these challenges and being the first team to reach a cache, you will qualify for a final series of challenges on Saturday afternoon. Not the first? That\'s okay - you\'ll still have fun and earn cool spyVspy slabbed cards\n

spyVspy 3: Rat Race is intended for players of all skill levels. Whether you\'re a seasoned double-agent or just learning to be a covert operative, you will be able to compete and have fun in this event. Whatever skills you think you\'re missing can probably be learned on-the-job anyway.\n

#### Participant Prerequisites\n

A laptop would be great, but some puzzles may be solvable on a phone.\n

Links:
    Website - https://www.fottr.io
\n
\'','NULL','NULL','','','','',41451,'\'Map Page - LVCCW Level 1 Hall 1-206 (spyVspy 3: Rat Race)\'',NULL),(181910,'\'Raitlin\'s Challenge presented by the Illuminati Party®\'','contests','\'

Test your mental abilities with Raitlin\'s Challenge, the Illuminati Party®\'s sophisticated collection of abstract visual puzzles, presented annually at DEF CON for over a decade. This intellectually demanding competition pushes participants to their limits through exceedingly complex challenges that require mastery of diverse knowledge domains.\n

The challenge begins with an initial invitation puzzle that serves as a gateway to the main experience. Once solved, competitors continue to a carefully curated series of abstract visual puzzles presented in an artistically refined format on the dedicated website. Each puzzle solved yields a verification string for validation and progress tracking.\n

What sets Raitlin\'s Challenge apart is its comprehensive scope, drawing upon principles from mathematics, science, engineering, technology, cryptography, protocols, algorithms, biology, chemistry, programming, and ancient history. While technical expertise, particularly in hacking, proves advantageous, the true challenge lies in applying abstract thinking across multiple disciplines.\n

The journey to completion varies significantly among participants, spanning anywhere from days to years. Unlike many competitive events, Raitlin\'s Challenge remains perpetually available after DEF CON concludes, allowing determined solvers to pursue solutions at their own pace. Those who ultimately succeed earn recognition on the prestigious ledger of completions, joining an elite group of problem-solvers who have demonstrated exceptional intellectual versatility and persistence in unraveling the secrets of the Illuminati Party®.\n

#### Participant Prerequisites\n

Access to a web browser and Internet connection.\n

Links:
    Website - https://dc34.minervallux.com/
\n
\'','NULL','NULL','','','','',41452,'',NULL),(181911,'\'HackFortress\'','contests','\'

HackFortress is back! Returning to DEF CON with a twist on our standard format. Two teams of players, 6 gamers and 4 hackers each, compete in a mashup of a jeopardy style CTF and a first person shooter. New this year, we\'re replacing our previous FPS of Team Fortress 2 with a web based version of the 2000\'s classic Quake 3!\n

While gamers are rocket jumping and sniping each other in Quake, hackers will be solving challenges in a variety of areas: web security, network security, cryptography, lock picking, social engineering, and more! Challenges range from beginner to advanced, from serious to absurd. During the competition, as both sides of the team star scoring points, the teams also earn points in the HackFortess HackConomy Store, in the store hackers can buy in game effects, both offensive and defensive, and much like the challenges, these effects range from serious to absurd.\n

With all of the contest being web based, both hacking and Quake, players MUST bring their own laptop (or whatever device they want to use) and a wired network adapter.\n

Grab your friends!\n

Ask that random stranger standing next to you in Linecon if they want to join your team!\n

Come play HACKFORTRESS!\n

#### Participant Prerequisites\n

All players will need to bring a laptop and wired network adapter. Since we are now using web based version of Quake 3 (which can run on players phones), we are no longer providing any gaming laptops.\n

Gamers: bring any gaming accessory of your choice, its your hardware, go for it\n

Hackers: bring lockpicks\n

Links:
    Website - https://hackfortress.net
\n
\'','NULL','NULL','','','','',41453,'\'Map Page - LVCCW Level 1 Hall 1-108 (HackFortress)\'',NULL),(181912,'\'HSPACE: AI Battlegrounds\'','contests','\'

Your prompt becomes a character, and that character fights, survives, and runs.\n

‘HSPACE: AI Battlegrounds’ is a contest where you create a character using a short natural language prompt, then enter that character into a variety of games.\n

Across these games, you become the agency of the character you have created — collecting information about the environment your character is experiencing in real time, making judgments, issuing commands, and ultimately winning the game. No joystick, no code, no prior knowledge required.\n

Everything depends on the judgment of you, the agency. Through the story your character (AI) tells you, grasp the situation in real time — and the commands you give will actually play out in the game, depending on how the AI interprets your words. Tweak your prompt little by little and make your character the strongest of all. Who knows — your prompt might just unlock a special ability in your character. The more your character wins, the more points you earn.\n

In the Multimodal Attack Playground next to the Main Game, you can directly experiment with how visual elements and your own intuition change the AI\'s judgment.\n

\"Ready to take control? The battleground awaits.\"\n

#### Participant Prerequisites\n

Anyone who has used AI at least once is welcome.\n

Links:
    Website - https://aibattlegrounds.hspace.io
\n    Mastodon (@aibattlegrounds@defcon.social) - @aibattlegrounds@defcon.social
\n
\'','NULL','NULL','','','','',41454,'\'Map Page - LVCCW Level 1 Hall 1-205 (HSPACE: AI Battlegrounds)\'',NULL),(181913,'\'Crack the Core\'','contests','\'

Welcome to Crack the Core–a true test of lockpicking skills. Competitors will work through a variety of locks ranging in different difficulties, technologies, and configurations. From standard off-the-shelf locks to evil creations from the community. Locks will be presented in a variety of ways, ranging from your traditional deadbolt to much, much more. Just wait until you see what we have in store for you…\n

Challenges will not only test traditional lockpicking skills but force competitors to interact with different “environments,” work through various challenges, and adapt to what\'s presented. Collect the most points, you go home the winner–it’s that simple…\n

Bring your tools. Bring your focus. The locks will be waiting.\n

#### Participant Prerequisites\n

Basic tools will be available for use but it is highly recommended to bring your own tools. This may include lockpicks, bypass tools, vices, etc. Destructive entry is not allowed and associated tools will not be needed.\n

Links:
    Website - https://c2society.org/
\n
\'','NULL','NULL','','','','',41455,'\'Map Page - LVCCW Level 1 Hall 1-214 (Crack the Core)\'',NULL),(181914,'\'DDoS CTF - PWN UR H0M3\'','contests','\'

A chaotic DDoS-themed CTF where sketchy devices, busted services, weird signals, and sneaky clues are begging to be owned. Scan the network, break IoT devices, decode the nonsense, and prove you can pwn your home before your home pwns you. This CTF is designed to help you learn about the cutting edge in DDoS attacks and defense. We also have an IoT lab of devices hacked and infected with botnet malware that you can play around with. Beginners welcome. We have some fabulous prizes including gift cards donated from Hak5 so please check it out!

\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-ddos.webp\'','\'cnt-ddos.webp\'','','','','',41456,'\'Map Page - LVCCW Level 1 Hall 1-307 (DDoS Contest)\'',NULL),(181915,'\'HTB CTF: Data Dystopia\'','contests','\'

Hack The Box is the leading cyber readiness platform for the agentic era, battle-testing and upskilling both humans and AI agents to enhance organizational cyber resilience.\nHTB\'s CTFs offer a great opportunity to get exposed to a plethora of challenge categories and difficulty levels, all backed by a big community ready to support, or just hang out.\n

#### Participant Prerequisites\n

Laptop\n

Links:
    Website - https://ctf.hackthebox.com/events/live
\n
\'','NULL','NULL','','','','',41457,'',NULL),(181916,'\'Venator Aurum\'','contests','\'

Venator Aurum is a puzzle-driven CTF adventure where your mind is your greatest weapon and every challenge tests the limits of your cybersecurity knowledge and critical thinking skills. Each cipher you decrypt, each puzzle you solve, each anomaly you uncover is part of a larger design. Hidden threads weave through the challenges, forming an overarching meta-puzzle, a carefully constructed labyrinth that only the most observant and clever hackers can escape. The deeper you go, the clearer the pattern becomes, until suddenly, everything connects.\n

Whether you’re brand new to cybersecurity or already sharpening your skills, Venator Aurum is built to challenge and teach in equal measure. You’ll explore cryptography, reverse engineering, hardware mysteries, and mind-bending logic puzzles - all crafted to reward creativity, persistence, and lateral thinking.\n

This is more than a competition - it’s a digital treasure hunt.\n

#### Participant Prerequisites\n

Laptop preferred but not required. Can use a smartphone. Only real requirement is willingness to think outside of the box from traditional CTF norms\n

Links:
    Website - https://venator-aurum.com/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-venator-aurum_v2.webp\'','\'cnt-venator-aurum_v2.webp\'','','','','',41458,'',NULL),(181917,'\'OWASP Foundation CTF\'','contests','\'

Our OWASP creator group brings a hands-on, hacker-first approach to application security by combining offensive security techniques with real-world defensive engineering. Through an interactive Capture the Flag (CTF) environment built around open-source tools from the OWASP community, participants will learn how modern security practitioners discover, exploit, and ultimately fix vulnerabilities in real applications.\n

At the center of the experience is a deliberately vulnerable deployment of OWASP Juice Shop, one of the most widely used open-source training platforms for web application security. Attendees will interact directly with a live vulnerable application, identify weaknesses, exploit them to retrieve flags, and then move beyond exploitation by implementing secure patches.\n

What makes this experience different from traditional CTFs is that breaking the system is only half the challenge. Competitors will also need to demonstrate how to fix the vulnerability they exploited. After discovering a bug, participants will patch the code in a forked repository, document their remediation approach, and submit a pull request demonstrating how the issue should be properly resolved. Successful fixes unlock additional flags and points, rewarding both offensive skill and secure engineering practices.\n

This challenge reflects the reality of modern security work. In the real world, security professionals are expected not only to find vulnerabilities, but to collaborate with developers, explain the risk, and help ship secure fixes. Our CTF recreates that workflow in a fun and competitive environment where participants can experiment with both traditional application security techniques and modern AI-assisted analysis tools.\n

Participants who stop by our creator space will be able to:\n- Exploit real web application vulnerabilities in a safe environment\n- Learn common attack techniques used against modern web applications\n- Practice secure coding and vulnerability remediation\n- Submit real code fixes through Git-based workflows\n- Experiment with AI-assisted security analysis and remediation\n- Gain experience with open-source security tools from the OWASP ecosystem\n

Whether you are a seasoned penetration tester, a developer looking to understand how attackers think, or someone new to application security, this space offers a chance to break things, fix them, and learn how modern security teams actually operate.\n

By the end of the experience, participants will walk away with a deeper understanding of the full security lifecycle: identifying vulnerabilities, responsibly fixing them, and deploying secure solutions. Our goal is to show that hacking isn’t just about exploitation, it’s about understanding systems deeply enough to make them more secure.\n

#### Participant Prerequisites\n

Laptop, Github Account, basic understanding of Git workflow, understanding of OWASP best practices\n

Links:
    Website - https://ctf.owasp.org
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/com-owasp_v2.webp\'','\'com-owasp_v2.webp\'','','','','',41459,'\'Map Page - LVCCW Level 1 Hall 4-1415 (OWASP Foundation)\'',NULL),(181918,'\'Untechnical\'','contests','\'

In the age of AI hacking is reclaiming itself as more a mindset than strictly technical skill. If you\'re a DEFCON attendee that lack the technical skills to compete in traditional hacking challenges, but still love thinking outside the box: untechnical is for you. \n

Untechnical is a contest designed to rely 100% on lateral/abstract thinking without needing anything beyond an understanding of high school math.\n

#### Participant Prerequisites\n

Need to understand basic math and enjoy thinking outside the box. Oh, and you need an email address.\n

Links:
    Website - https://www.untechnical.app/
\n
\'','NULL','NULL','','','','',41460,'\'Map Page - LVCCW Level 1 Hall 1-103 (Untechnical)\'',NULL),(181919,'\'Aw, man...pages!\'','contests','\'

How well do you know your man pages? Find out by teaming up with up to 3 other people (or come solo and get matched up with some new friends) and play \"Aw, man...pages!\". Across several rounds, your knowledge of man pages and software will be tested to the limit. Can you remember what command line flag is being described by its help text? Can you identify a tool just from a man page snippet? Can you decipher our cryptic command clues? Will you prove yourself worthy to be crowned the man page champion?\n

#### Participant Prerequisites\n

None. We will provide answer sheets and pens. Participants can form teams of up to 4 people beforehand, or at the event.\n

\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-awmanpages.webp\'','\'cnt-awmanpages.webp\'','','','','',41461,'\'Map Page - LVCCW Level 1 Hall 1-100 (Contest Stage)\'','Friday, Aug 7, 10:00 - 12:59 PDT
'),(181920,'\'Locktopus Competition\'','contests','\'

How do your lockpicking skills compare to the rest of the class? Enter the TOOOL US Locktopus Competition and find out! Eight legs, eight locks, eight lockpickers, one red table. Four locks of a similar difficulty must be picked, only five minutes per lock is given, thus 20 minutes per attempt/round. The 32 pickers with the fastest combined time will move on to a semi-final championship. The fastest of each round will move on to the final round, with the eight fastest pickers at the table. Open qualifying starts on Friday from 1:00pm and runs until village close. Semi-finals on Saturday at 1:00pm. Final championship on Saturday at 3:00pm.\n

#### Participant Prerequisites\n

Participants should be familiar with the very basics of picking locks. This can be learned at the lockpick village, where the locktopus challenge will be taking place.\n

Links:
    Website - https://toool.us
\n    Mastodon (@TOOOL@techhub.social) - https://techhub.social/@TOOOL
\n
\'','NULL','NULL','','','','',41462,'\'Map Page - LVCCW Level 1 Hall 1-407 (Lock Pick Village)\'',NULL),(181921,'\'IoT Village CTF\'','contests','\'

Hack all the things at IoT Village!\n

IoT Village advocates for advancing security in the Internet of Things (IoT) industry through bringing researchers and industry together. IoT Village hosts talks by expert security researchers, interactive hacking labs, live bug hunting in the latest IoT tech, and competitive IoT hacking contests. Over the years IoT Village has served as a platform to showcase and uncover hundreds of new vulnerabilities, giving attendees the opportunity to learn about the most innovative techniques to both hack and secure IoT. IoT Village is organized by security consulting and research firm, Independent Security Evaluators (ISE).\n

#### Participant Prerequisites\n

Participants will need to have their own laptop. We will provide the instructions on site, as attendees can only participate on site.\n

Links:
    Website - https://iotvillage.org/
\n
\'','NULL','NULL','','','','',41463,'\'Map Page - LVCCW Level 1 Hall 1-111 (IoT Village CTF)\'',NULL),(181922,'\'AI Village Plays Pokemon: DEF CON Edition\'','contests','\'

AI Village Plays Pokémon: Man And Machine\n

Join us for a special DEF CON spin on Pokémon. Learn how to build AI agents at the AI Village and have them compete to see who can progress the farthest in either Pokémon Fire Red or Leaf Green. You\'ll learn how to design tooling for AI agents and how to train them to recognize and manage complex states and events. \n

Models and games will be hosted on AI Village infrastructure, and we\'ll also provide laptops for those who need them. We\'ve also built sample tools to help the player\'s agents navigate around the game and understand battling. Each agent will have two hours each run to try and get as far as they can in the game. Feel free to try your best day or night. \n

#### Participant Prerequisites\n

Players can use their own laptops if they want, but we will have some on hand within the village for people who didn\'t bring their own. Models and games will be hosted on AI Village infrastructure, so there is no minimum spec needed. Players will be building their own agents, so familiarity with Python is recommended.\n

Links:
    Website - https://aivillage.org/
\n
\'','NULL','NULL','','','','',41464,'\'Map Page - LVCCW Level 1 Hall 2-603 (AI Village)\'',NULL),(181923,'\'Game Hacking Village CTF\'','contests','\'

Explore the world of game hacking through the Game Hacking Village CTF. Our goal as a community is to teach people about game security throughout the industry to bring attention to the flaws throughout many parts of gaming. We bring a unique, multi-disciplinary perspective on cyber security through the lens of game hacking.\n

#### Participant Prerequisites\n

Requires a laptop for participation, accessories like a mouse, charger, and ethernet cable might benefit participants. No prior knowledge is required, but an understanding of memory hacking, reverse engineering, and programming in the context of video games will help you succeed.\n

Links:
    Website - https://www.gamehacking.gg/
\n
\'','NULL','NULL','','','','',41465,'\'Map Page - LVCCW Level 1 Hall 1-211 (Game Hacking Village)\'',NULL),(181924,'\'Cryptid Hunt\'','contests','\'

Something is already watching you.\n

The Cryptid Hunt is a task-oriented challenge that moves agents across the conference floor toward a truth most attendees will never find. This is not a passive experience — each clue demands action, and the path forward is never obvious.\n

Look carefully at what surrounds you. The next layer of any good mystery is always hiding beneath the surface. Patterns emerge for those paying attention. Signals exist for those who know how to listen.\n

Is this a puzzle? A test? A hunt? At its core, this is a community experience that rewards curiosity, persistence, and the willingness to go further than most people will.\n

The conference is your map. Maritime exploration, ancient communication, and the village of knowledge surrounding you are all part of the journey. Nothing here is coincidental.\n

Finishers are recognized. What awaits those who complete the hunt will not be found anywhere else at this conference. Supplies are finite. So is your time.\n

Your first clue is already in your hands.\n

— The Cryptid Hunt Team\n

Bureau of Unverified Phenomena · DC34\n

#### Participant Prerequisites\n

    \n
  • Smart Phone\n
  • Desire to Learn\n
  • Patience
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-cryptid.webp\'','\'cnt-cryptid.webp\'','','','','',41466,'\'Map Page - LVCCW Level 1 Hall 1-203 (Cryptid Hunt)\'',NULL),(181925,'\'Octopus Game\'','contests','\'

Octopus Game is an interactive, hands-on adventure designed to help attendees navigate the overwhelming scale of DEF CON with purpose. We specialize in bridging the gap between participants and the wider hacker community by transforming the conference floor into a collaborative quest. Players solve a series of cryptic puzzles and ciphers that act as reconnaissance, leading them to various villages and communities across the event. Unlike traditional competitions that keep players behind a screen, our game requires attendees to step outside their comfort zones, interact with experts, and discover specialized areas they might otherwise miss.\n

Attendees can expect to gain the confidence and social skills needed to network in a high-pressure environment while exploring the conference as a whole. We provide a \"jump right in\" experience with no prerequisites, ensuring that everyone, regardless of their technical level, has a clear starting point to build their crew and find their place in the community. By turning the act of conference exploration into an immersive story, we encourage the lateral thinking and curiosity that defines the hacker mindset. Participants won\'t just walk away with points; they’ll leave with new professional connections and a deeper understanding of the entire DEF CON ecosystem.\n

#### Participant Prerequisites\n

To participate in Octopus Game, the only essential requirement is a smartphone, which is used for accessing digital clues and capturing photo evidence. While not strictly required, a laptop may be beneficial for solving certain digital puzzles. We also recommend bringing a notebook and pen to help track clues and decode ciphers as you move throughout the conference.\n

There are no specialized technical skills or prerequisites required to play. Our challenges are designed for true accessibility, allowing any attendee to \"jump right in\" regardless of their initial skill level. All you need is curiosity, a willingness to solve puzzles, and an interest in interacting with the various communities and villages across the event.\n

Links:
    Website - https://www.octopusgame.org/
\n
\'','NULL','NULL','','','','',41467,'\'Map Page - LVCCW Level 1 Hall 1-201 (Octopus Game)\'',NULL),(181926,'\'Fix the Flag - The AppSec Village Wargame\'','contests','\'
\'','NULL','NULL','','','','',41468,'\'Map Page - LVCCW Level 1 Hall 2-604 (Appsec Village)\'',NULL),(181927,'\'Hacking GRC\'','contests','\'

Hacking CMMC is a hands-on cybersecurity competition designed to immerse participants in the practical aspects of the Cybersecurity Maturity Model Certification (CMMC). Through realistic, challenge-based scenarios, players explore common compliance gaps, security controls, and threats faced by defense contractors. \n

The CTF blends technical problem-solving with compliance-driven thinking, helping participants understand how security requirements translate into real-world incidents. It offers an engaging way to learn, test skills, and strengthen readiness for CMMC-aligned environments.\n

The CTF will be a Jeopardy-style CTF where every player will have a list of challenges in different categories. For every challenge solved, the player will get a certain number of points depending on the difficulty of the challenge.\n

### Prerequisites\n

    \n
  • Laptop with Internet Access
\nLinks:
    Website - https://peaches.cloud
\n
\'','NULL','NULL','','','','',41469,'\'Map Page - LVCCW Level 1 Hall 1-110 (Hacking GRC)\'',NULL),(181928,'\'Crack Me If You Can 2026\'','contests','\'

Time is of the essence! You will have 48 hours to crack as many hashes and files as possible.\n

Pamama, a US-based data broker had a massive data breach. Profiles on over a billion people, containing all the information amassed about them. It is alleged that the company siphoned records from different government agencies around the world, as well. The dump was encrypted, and regulators are downplaying the breach claiming no damage was done. A bill has been fast-tracked in Congress to exempt Pamama from any investigations, including illegally shield them from GDPR violations. This led to accusations that Pamama has bought or blackmailed members of congress.\n

Crack the staff\'s accounts and encrypted files to demonstrate the extent of the exposure and the need for individuals to get restitution and compensation, and to find smoking gun evidence of collusion so that the corruption can be fully exposed before the legislation goes forward.\n

## Participant Prerequisites\n

Open to all, but pre-registration is recommended. Compete in the Street class for individuals or small teams, or in Pro if you do not want to sleep all weekend. Check out past years\' contests at https://contest.korelogic.com/ , or the Password Village site for an introduction to password cracking and links to other resources: https://passwordvillage.org/\n

## Pre-Qualifications\n

None.\n

Links:
    Website - https://contest-2026.korelogic.com
\n    Mastodon (@CrackMeIfYouCan@infosec.exchange) - @CrackMeIfYouCan@infosec.exchange
\n
\'','NULL','NULL','','','','',41507,'\'Map Page - LVCCW Level 1 Hall 1-106 (Crack me if you can)\'',NULL),(181929,'\'InDiPro\'','vendors','\'

Indie games are gamers putting their voice into the industry. We help provide a pathway for indie (board game) developers to get their games into the market despite the juggernauts. And sometimes, to spite them. \n

We have played nearly all of the games we carry so we can speak to you about the pros and cons to help find the right indie game for you.\n

#### Payment Methods\n

Cash\n

Links:
    Website - https://indiprogames.com
\n    Facebook - https://www.facebook.com/InDiProGames/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-indiprogames.webp\'','\'vend-indiprogames.webp\'','','','','',41510,'',NULL),(181930,'\'Cognitive Security Institute\'','vendors','\'

As sophisticated adversaries blend state and criminal tactics in order to target everyday citizens and organizations of all sizes, the Cognitive Security Institute is building the future of resilience.\n

Through community, research, and awareness, we\'re crafting a global backbone for cognitive security.\n

Our goal is to ensure the mind remains our greatest asset, not our greatest liability.\n

We build resilience and proactive defenses against these threats by merging cutting-edge research, cross-sector collaboration, and advocating for mental health. Our goal is to ensure your mind is your greatest asset—not your greatest vulnerability.\n

#### Payment Methods\n

Venmo, Credit card, Cash, PayPal\n

Links:
    Website - https://www.cognitivesecurityinstitute.org/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-cognitive.webp\'','\'vend-cognitive.webp\'','','','','',41511,'',NULL),(181931,'\'Sparrows Manufacturing Co\'','vendors','\'

With one of the largest selection of lock picks, covert entry and SERE tools available at DEF CON, it\'s guaranteed we will have gear you have not seen before. New tools and classics will be on display and available for sale in a hands on environment. Our product range covers custom toolsets, entry tools, practice locks, bypass tools, urban escape & evasion hardware and items that until recently were sales restricted. The DREADNOUGHT will also be available to the public for the first time in limited quantities. All products will be demonstrated at various times and can be personally tested for use and efficacy.\n

#### Payment Methods\n

Cash\n

Links:
    Website - https://sparrowslockpicks.com/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-sparrows.webp\'','\'vend-sparrows.webp\'','','','','',41512,'',NULL),(181932,'\'REKCAH Publishing\'','vendors','\'

The Spearphish General Store carries the finest wares from your favorite information security organizations: Black Hills Information Security, Active Countermeasures, Antisyphon Training, Backdoors & Breaches, REKCAH Comics, and Wild West Hackin\' Fest.\n

#### Payment Methods\n

Cash, Credit card\n

Links:
    Website - https://www.blackhillsinfosec.com/rekcah/
\n    YouTube - https://www.youtube.com/@BlackHillsInformationSecurity
\n    Discord - https://discord.com/invite/BHIS
\n    LinkedIn - https://www.linkedin.com/company/black-hills-information-security
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-rekcah.webp\'','\'vend-rekcah.webp\'','','','','',41513,'',NULL),(181933,'\'Octopwn Kft\'','vendors','\'

If you are an internal network pentester or red team member and you are tired of the script salad, and the unreliability of netexec and impacket, we have the solution for you. Octopwn is the first professional software suite designed for fast, reliable and fully reproducable internal network pentesting. All the scanners, tools, attacks, utilities and logging are fully integrated, so you can finish your projects days faster with better quality. You can fully automate routine scans and attacks and follow up based on your own workflow and with our and your own tools, that you can also integrate. Import/export or full integration is also available with popular tools like nmap, Nessus and Bloodhound. Build your reports at the end easily based on our comprehensive logs and use an offline LLM to retest based on the logs. Visit us at our booth for a live demo!\n

#### Payment Methods\n

Cash, Credit card\n

Links:
    Website - https://www.octopwn.com
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-octopwn.webp\'','\'vend-octopwn.webp\'','','','','',41514,'',NULL),(181934,'\'Manifesto Industries LLC\'','vendors','\'

Focused on creating for the unconventional. Gear and apparel that are there when you need it most.\n

#### Payment Methods\n

Credit card, Cash, PayPal, Venmo, Cash App, Shop Pay\n

Links:
    Website - https://sneakreaper-industries.com/
\n    Instagram - https://www.instagram.com/sneakreaper_industries/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-manifesto.webp\'','\'vend-manifesto.webp\'','','','','',41515,'',NULL),(181935,'\'Rogue’s Roost LLC\'','vendors','\'

At Rogue’s Roost we create cute tech accessories!\n

#### Payment Methods\n

Credit card, Cash, Cryptocurrency (Bitcoin + Monero)\n

Links:
    Website - https://Roguesroostllc.com
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-roguesroost.webp\'','\'vend-roguesroost.webp\'','','','','',41516,'',NULL),(181936,'\'Cryptocurrency Advocate\'','vendors','\'

Experience modern finance technology first hand by visiting the Cryptocurrency Advocate at the DEF CON vendor area. We distribute items relating to a number of projects including Bitcoin, Lightning, Monero, Ethereum, Litecoin, and others. Show your cryptohacker colours with high quality wearables and custom badges. Try new devices and electronics, with access to the producers on site. Inform yourself of cryptocurrency science by exploring the products on display. Our stand is your one stop shop for cryptocurrency hacker items and information.\n

#### Payment Methods\n

Cash, Credit card, PayPal, Cryptocurrency\n

Links:
    Website - https://www.cryptocurrencyvillage.cc/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-cryptoadv.webp\'','\'vend-cryptoadv.webp\'','','','','',41517,'',NULL),(181937,'\'Hak5 LLC\'','vendors','\'

Since 2005, Hak5 has been reminding you to Trust your Technolust. This year, we invite you to join us in celebrating 20 years. Look for the giant Pineapple. Come by the Hak5 booth. Discover the devices that have found their way into the hearts and tool-kits of the modern hacker -- including some very special, limited edition machines of mayhem.\n

#### Payment Methods\n

Credit card, Cash\n

Links:
    Website - https://hak5.org
\n    Instagram - https://www.instagram.com/hak5gear
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-hak5.webp\'','\'vend-hak5.webp\'','','','','',41518,'',NULL),(181938,'\'FREE-WILI, LLC (last year was Intrepid Control Systems)\'','vendors','\'

The FREE-WILi series of tools are designed to meet your embedded development challenges head-on. Whether you’re a professional developer or a hobbyist, it provides the versatility, functionality, and ease of use you need to bring your projects to life. \n

Look for a new product announcement at DEF CON, and even more possibilities!\n

#### Payment Methods\n

Cash, Credit card\n

Links:
    Website - https://freewili.com/
\n    Discord - https://discord.com/invite/XJRBUCX62z
\n    Facebook - https://facebook.com/FREEWILIOrca
\n    YouTube - https://www.youtube.com/@FREE-WiLi
\n    LinkedIn - https://www.linkedin.com/company/freewili
\n    Instagram - https://www.instagram.com/free_wili_/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-freewili.webp\'','\'vend-freewili.webp\'','','','','',41519,'',NULL),(181939,'\'The Calyx Institute\'','vendors','\'

The Calyx Institute (calyx.org) defends digital privacy, advances connectivity, and strives for a future where everyone has access to the resources and tools they need to remain securely connected. \n

We build and maintain a privacy-respecting ecosystem of free and open-source software (FOSS) centering on CalyxOS, an operating system for Android devices, that enables people to enjoy their lives online with data privacy and dignity. We offer hands-on tools, such as the Calyx hotspot, for people to access the internet easily wherever they are, especially in areas where connectivity options are limited. Through grantmaking, research, education, and community capacity building, we support internet freedom that allows the public to make informed choices about their online lives.\n

We can’t do this work without support from our members. Become a member today and join our collective effort to enhance digital privacy and security for all! As a Calyx Internet member, you can get a Calyx Hotspot—or use your own device—with a SIM card that connects you to the entire T-Mobile network with unlimited data in the U.S.. As a CalyxOS Phone member, you will get a Pixel 8a phone with CalyxOS pre-installed. Visit https://calyx.org/membership for more information.\n

Links:
    Website - https://calyx.org
\n    Mastodon (@calyxinstitute@mastodon.social) - https://mastodon.social/@calyxinstitute
\n    Facebook - https://www.facebook.com/calyxinstitute/
\n    Instagram - https://www.instagram.com/calyxinsta/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-calyx.webp\'','\'vend-calyx.webp\'','','','','',41520,'',NULL),(181940,'\'Electronic Frontier Foundation (EFF)\'','vendors','\'

The Electronic Frontier Foundation (EFF) is the leading organization defending civil liberties in the digital world. We defend free speech on the internet, fight illegal surveillance, support freedom-enhancing technologies, promote the rights of digital innovators, and work to ensure that the rights and freedoms we enjoy are enhanced, rather than eroded, as our use of technology grows.\n

#### Payment Methods\n

Credit card, Cash, Check\n

Links:
    Website - https://eff.org
\n    Bluesky - https://bsky.app/profile/eff.org
\n    Instagram - https://www.instagram.com/efforg/
\n    LinkedIn - https://www.linkedin.com/company/eff/
\n    Mastodon (@eff@mastodon.social) - https://mastodon.social/@eff
\n    Facebook - https://facebook.com/eff
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-eff.webp\'','\'vend-eff.webp\'','','','','',41521,'',NULL),(181941,'\'Midwest Gadgets LLC\'','vendors','\'

Midwest Gadgets is a Detroit-based hardware company creating specialized tools for the hacking and biohacking community. Maker-focused and independently owned, we design and manufacture NFC and RFID devices—including repeaters, field detectors, amplifiers, and custom antennas—built specifically to support tinkerers, hackers, and implant enthusiasts pushing the limits of personal tech. Every product is prototyped, tested, and assembled in-house with a focus on functionality, adaptability, and real-world application. Whether you’re enhancing read range, troubleshooting field behavior, or experimenting with implants, Midwest Gadgets delivers purpose-built gear designed to empower exploration.\n

#### Payment Methods\n

Credit card, Cash, PayPal, Venmo, Cash App, Btc, eth\n

Links:
    Website - https://www.midwestgadgets.com
\n    Instagram - https://www.instagram.com/midwestgadgets
\n    YouTube - https://youtube.com/@midwestgadgets
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-midwest.webp\'','\'vend-midwest.webp\'','','','','',41522,'',NULL),(181942,'\'iFixit Inc\'','vendors','\'

iFixit started in a Cal Poly dorm room in 2003, when our founders took apart a broken iBook and realized there was no good information online about how to fix it. They documented the process, put it online, and that grew into what is now a global repair community.\n

Today, iFixit provides free, open-access repair guides, teardowns, and troubleshooting resources for everything from phones and laptops to game consoles and small electronics. The content is built and maintained by a worldwide community, making it one of the largest repair knowledge bases available.\n

We also design and sell tools and replacement parts to support those repairs. The goal has always been simple: make it easier for people to fix their own stuff.\n

We’re active in the Right to Repair movement and regularly support hands-on learning through workshops, events, and partnerships with schools and makerspaces.\n

At its core, iFixit is about understanding how things work and making repair more accessible.\n

#### Payment Methods\n

Cash, Credit card\n

Links:
    Website - https://iFixit.com
\n    Facebook - https://www.facebook.com/iFixit
\n    Instagram - https://www.instagram.com/ifixit/
\n    Mastodon (@iFixit@mastodon.social) - https://mastodon.social/@iFixit
\n    LinkedIn - https://www.linkedin.com/company/ifixit
\n    Threads - https://www.threads.com/@ifixit
\n    Tiktok - https://www.tiktok.com/@ifixit.com?lang=en
\n    Bluesky - https://bsky.app/profile/ifixit.com
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-ifixit.webp\'','\'vend-ifixit.webp\'','','','','',41523,'',NULL),(181943,'\'Women in Security and Privacy (WISP)\'','vendors','\'

Women in Security and Privacy (WISP) is a nonprofit organization dedicated to advancing women and underrepresented communities in the security and privacy sectors. WISP achieves this by providing educational and professional development programming for more than 50,000 community members worldwide. WISP\'s educational programming includes hand-ons workshops, substantive talks, and scholarships for our members to get certificates and attend conferences. For professional development, they provide programming for entry-, mid-, and C-Suite level professionals.\n

WISP focuses on fostering inclusion, amplifying voices, and creating accessible networking and educational opportunities within the industry. Over the past 10 years, the WISP community has grown to provide programming in 16 countries around the world, creating a truly global community. All are welcome to engage with WISP.\n

#### Payment Methods\n

Cash, Credit card\n

Links:
    Website - https://www.wisporg.com
\n    Facebook - https://facebook.com/WISPFB
\n    Bluesky - https://bsky.app/profile/wisporg.bsky.social
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-wisp.webp\'','\'vend-wisp.webp\'','','','','',41524,'',NULL),(181944,'\'Electronic Cats\'','vendors','\'

Driven by the slogan \"Hack the world,\" Electronic Cats has spent years empowering the hardware hacking community with Mexican-designed open-source tools. Their catalog ranges from versatile RF sniffers to specialized devices for auditing electronic payment protocols and detecting physical threats. As frequent contributors to the security ecosystem, they use DEF CON as their primary launchpad for new research and hardware releases. This year, they are bringing a fresh batch of Flipper Zero add-ons and open-source projects designed to help users bridge the gap between digital code and physical signals.\n

#### Payment Methods\n

Cash, Credit card, PayPal, Debit card\n

Links:
    Website - https://www.electroniccats.com
\n    Instagram - https://www.instagram.com/electroniccats/
\n    YouTube - https://www.youtube.com/@ElectronicCats
\n    Facebook - https://www.facebook.com/electroniccats
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-electroniccat.webp\'','\'vend-electroniccat.webp\'','','','','',41525,'',NULL),(181945,'\'Hacker Warehouse\'','vendors','\'

HACKER WAREHOUSE is your ultimate destination for all niche products favored by tech enthusiasts, particularly those in the hacking and cyber security industries. We offer a wide range of high-quality tools and gear from top brands, supporting both professional and hobbyist endeavors in defense, offense, and beyond. Check us out at HackerWarehouse.com.\n

#### Payment Methods\n

Credit card, Cash\n

Links:
    Website - https://hackerwarehouse.com/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-hackerwarehouse.webp\'','\'vend-hackerwarehouse.webp\'','','','','',41526,'',NULL),(181946,'\'PhysSec Education Education PhysSec\'','vendors','\'

The Physical Security Village explores the world of hardware bypasses and techniques generally outside of the realm of cybersecurity and lockpicking. Come learn some of these bypasses, how to fix them, and have the opportunity to try them out for yourself.\n

Like what you saw in the village? Come to the Vendors area to buy the tools you saw, our sticker pack, patches, and more!\n

#### Payment Methods\n

Cash, Credit card\n

Links:
    Website - https://physsec.org
\n    Linktree - https://linktr.ee/physsec
\n    Mastodon (@physsec@defcon.social) - https://defcon.social/@physsec
\n    Instagram - https://www.instagram.com/physsecvillage?
\n    Bluesky - https://bsky.app/profile/physsec.bsky.social
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-physsec.webp\'','\'vend-physsec.webp\'','','','','',41527,'',NULL),(181947,'\'The Open Organisation of Lockpickers (TOOOL)\'','vendors','\'

The Open Organisation Of Lockpickers is back as always, offering a wide selection of tasty lock goodies for both the novice and master lockpicker! A variety of commercial picks, handmade picks, custom designs, practice locks, handcuffs, cutaways, and other neat tools will be available for your perusing and enjoyment! Stop by our table for interactive demos of this fine lockpicking gear or just to pick up a T-shirt and show your support for locksport. All sales exclusively benefit Toool, a 501(c)3 non-profit organization. You can purchase picks from many fine vendors, but ours is the only table where you know that 100% of your money goes directly back to the hacker community.\n

#### Payment Methods\n

Cash, Credit card\n

Links:
    Website - https://toool.us/
\n    Mastodon (@TOOOL@techhub.social) - https://techhub.social/@TOOOL
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-toool.webp\'','\'vend-toool.webp\'','','','','',41528,'',NULL),(181948,'\'LowMesh LLC\'','vendors','\'

LowMesh is revolutionizing off-grid communication by building the next generation of resilient mesh networking devices. We design secure, encrypted hardware tailored for emergency situations, outdoor adventures, and off-grid living, with full Meshtastic and MeshCore compatibility.\n

From rapid 3D-prototyping to rugged injection-molded enclosures, our hardware is built to survive the elements. We stand out by pushing the boundaries of what’s possible—integrating advanced power management, solar capabilities, and custom firmware to deliver a reliable, end-to-end communication experience.\n

#### Payment Methods\n

Credit card\n

Links:
    Website - https://lowmesh.com
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-lowmesh.webp\'','\'vend-lowmesh.webp\'','','','','',41529,'',NULL),(181949,'\'Phreeli Company\'','vendors','\'

Finally, a wireless service that wants to know as little about you as possible. Your privacy is Phreeli\'s priority.\n

#### Payment Methods\n

Cash, Credit card, Cryptocurrency\n

Links:
    Website - https://www.phreeli.com
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-phreeli.webp\'','\'vend-phreeli.webp\'','','','','',41530,'',NULL),(181950,'\'Rabbit-Labs LLC\'','vendors','\'

Rabbit-Labs is a collective of great minds. Rabbit-Labs is the gathering of people from all walks of life who love to explore tech and share novel ideas and discoveries. Rabbit-Labs isn’t just a brand, it’s a lifestyle of pushing the boundaries of what is possible and never taking the easy route or cutting corners. Our core values, Inclusion, Integrity, Empathy, Quality, & Transparency, are always at the top of our mind in anything we do. It is our core values that motivate us every day, that allow Rabbit-Labs to grow, & that thrusted upon us this amazing community.\n

#### Payment Methods\n

Cash, Cash App, Credit card, PayPal\n

Links:
    Website - https://rabbit-labs.com/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-rabbit.webp\'','\'vend-rabbit.webp\'','','','','',41531,'',NULL),(181951,'\'Geist-Projekt/Crisiswear\'','vendors','\'

Founded in May 2001 by Matthew Deponte, Crisiswear was established with a simple yet powerful mission: to create high-quality, meticulously designed garments that stand the test of time. Unlike traditional fashion brands that mass-produce clothing, Crisiswear embraces small-batch manufacturing, ensuring that each piece is crafted with precision and care. The brand prioritizes sustainability, sourcing ethical textiles, and minimizing waste through controlled production runs. Beyond creating exceptional clothing, Crisiswear is dedicated to education and community development. The company offers internship programs that provide hands-on training to individuals eager to learn the trade, extending beyond traditional students to anyone interested in garment construction. This initiative reflects the company’s commitment to fostering a sustainable and skilled workforce in the fashion industry.\n

#### Payment Methods\n

Credit card, Cash, Venmo\n

Links:
    Website - https://www.crisiswear.com
\n    Instagram - https://www.instagram.com/crisiswear
\n    Facebook - https://www.facebook.com/crisiswear
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-crisiswear.webp\'','\'vend-crisiswear.webp\'','','','','',41532,'',NULL),(181952,'\'Rokland LLC\'','vendors','\'

Rokland is a U.S.-based wireless technology company focused on helping people build stronger, smarter, and more resilient connections. Known for serving communities in WiFi, mesh networking, antennas, adapters, and emerging radio technologies, Rokland works with everyone from hobbyists and makers to businesses, public safety users, and field operators who need dependable hardware in challenging environments. The company has built its reputation by combining practical product knowledge with a hands-on approach to sourcing, testing, and supporting specialized connectivity solutions.\n

At DEF CON, Rokland is excited to connect with attendees who care about off-grid communication, RF experimentation, network resilience, hardware innovation, and the future of decentralized connectivity. As interest grows in technologies like Meshtastic, LoRa, portable communication systems, and field-deployable wireless gear, Rokland continues to explore tools that empower users to stay connected when traditional infrastructure is limited, unavailable, or simply not enough.\n

Whether you are a hacker, researcher, builder, preparedness enthusiast, or just curious about the next wave of independent communication tools, Rokland is here to share ideas, show hardware, and talk shop. We believe resilient communication matters, and we are proud to be part of the community pushing that mission forward.\n

#### Payment Methods\n

Credit card, PayPal, Cash\n

Links:
    Website - https://www.rokland.com
\n    Facebook - https://facebook.com/rokland
\n    Instagram - https://www.instagram.com/roklandtech/
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-rokland.webp\'','\'vend-rokland.webp\'','','','','',41533,'',NULL),(181953,'\'Miscreants\'','vendors','\'

Miscreants is a creative agency designing for cybersecurity. Alongside our agency work, we release specialty goods that reflect the past, present, and future of security culture.\n

#### Payment Methods\n

Credit card\n

Links:
    Website - https://shop.miscreants.com/
\n    Instagram - https://instagram.com/miscreants.co
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-miscreants.webp\'','\'vend-miscreants.webp\'','','','','',41534,'',NULL),(181954,'\'Red Team Tools\'','vendors','\'

The origins of Red Team Tools extends back over a half a decade prior to the existence of our web site. As early members of the locksport community and board members of TOOOL – the Open Organisation of Lockpickers – Deviant and Babak spent over a decade spreading knowledge, building community, educating the public, and providing tools to hobbyists and professionals alike.\n

As security professionals specializing in covert entry and other forms of non-destructive entry, they were disappointed by the large gap that appeared to exist between the hobbyist world and the growing field of professional red teaming. The lack of tooling for field applications presented numerous day-to-day challenges, and a solution was needed.\n

In addition to in-house design and manufacturing work, Babak and Deviant drew from resources in both the hacker world and the professional security industry to build relationships with specialized vendors and partners. Since their formation, Deviant and his crew at Red Team Tools have designed and released over two dozen custom products of their own creation, bringing innovation and improvement to the physical penetration and covert entry field. One of the key principles of RTT is Deviant\'s commitment to releasing as many of his designs as possible for free on his GitHub page so that community members can make their own tools for free, remix the designs, and share ongoing feedback and improvement in order to uplift the community and drive our industry forward.\n

#### Payment Methods\n

Credit card, Cash, PayPal\n

Links:
    Website - https://redteamtools.com
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-rtt.webp\'','\'vend-rtt.webp\'','','','','',41535,'',NULL),(181955,'\'1BitSquared LLC\'','vendors','\'

1BitSquared\'s mission is to develop, maintain and distribute; high quality, cutting edge, open-source tools for hardware hacking and self education. We develop our own tools like Black Magic Probe, BitMagic and iCEBreaker. We collaborate with members of the hardware hacking community to bring their tools, like Faultier, Glasgow or Tigard, to the broader public. Our goal is to continue expanding a world where we inspect, understand and improve the technology that surrounds us.\n

#### Payment Methods\n

Cash, PayPal, Credit card\n

Links:
    Website - https://1bitsquared.com/
\n    Bluesky - https://bsky.app/profile/1bitsquared.com
\n    Mastodon (@1bitsquared@social.1bitsquared.com) - https://social.1bitsquared.com/@1bitsquared
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-1bitsquared.webp\'','\'vend-1bitsquared.webp\'','','','','',41536,'',NULL),(181956,'\'Keyport, Inc.\'','vendors','\'

Keyport makes unique DEF CON branded swag you will actually use every single day combining keys, pocket tools, & tech into an all-in-one hacker multi-tool. Explore our latest modular product line, featuring the exclusive DEF CON 34 Editions of the Keyport Pivot, Tool Modules, and Inserts. Plus, don’t miss our limited edition accessories, including a custom maker kit, unique challenge coin, glow-in-the-dark patches, magnetic quick releases, YubiKey skins, and much more. Learn more at www.mykeyport.com.\n

#### Payment Methods\n

Credit card, Cash\n

Links:
    Website - https://www.mykeyport.com
\n    Instagram - https://instagram.com/theKeyport
\n    Bluesky - https://bsky.app/profile/keyport.me
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-keyport.webp\'','\'vend-keyport.webp\'','','','','',41537,'',NULL),(181957,'\'DEEPNET LLC\'','vendors','\'

deepnet.store creates limited-run SAOs, electronic badges, and hardware hacking tools that blend aesthetics with interactivity. Our products range from visually striking blinky SAOs to reprogrammable ESP32-S3 devices, designed for collectors, makers, and anyone curious about hardware hacking. We make microcontrollers fun, accessible, and easy to experiment with. Visit us at deepnet.store and follow us on Instagram (@deepnetstore) for the latest updates.\n

#### Payment Methods\n

Cash, Credit card, PayPal, Shop Pay, G Pay\n

Links:
    Website - https://deepnet.store
\n    Instagram - https://instagram.com/deepnetstore
\n    Github - https://github.com/deepnetstore
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-deepnet.webp\'','\'vend-deepnet.webp\'','','','','',41538,'',NULL),(181958,'\'Shadowvex Industries\'','vendors','\'

This year we have a very limited run of DEF CON 34 themed clothing, exclusive DC34 DJ music mixes, dark sci-fi surrealist inspired art prints, and other hacker lifestyle wares such as stickers, patches, and pins. Follow the music in the vendor area to track us down!\n

#### Payment Methods\n

Cash\n

Links:
    Website - https://shadowvex.com
\n    Bluesky - https://bsky.app/profile/shadowvex.com
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-shadowvex.webp\'','\'vend-shadowvex.webp\'','','','','',41539,'',NULL),(181959,'\'No Starch Press Inc\'','vendors','\'

No Starch Press has been publishing books for hackers since 1994. Meet publisher Bill Pollock & crew, grab new swag, 30% off everything, Tell us what we\'re doing right, or wrong: nostarch.com\n

#### Payment Methods\n

Credit card\n

Links:
    Website - https://nostarch.com
\n    Instagram - https://www.instagram.com/nostarchpress/
\n    Facebook - https://www.facebook.com/NoStarchPress/
\n    LinkedIn - https://www.linkedin.com/company/no-starch-press
\n    Mastodon (@nostarch@mastodon.social) - https://mastodon.social/@nostarch
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-nostarch.webp\'','\'vend-nostarch.webp\'','','','','',41540,'',NULL),(181960,'\'The Tor Project\'','vendors','\'

The Tor Project (torproject.org) is a nonprofit developing free and open-source software to protect people from tracking, censorship, and surveillance online. Stop by our booth in the vendor hall to learn more about our recent projects, pick up some gear, and find out how you can get involved. Donations by cash, credit card, contactless payments, and Bitcoin accepted.\n

#### Payment Methods\n

Cash, Credit card\n

Links:
    Website - https://torproject.org/
\n    YouTube - https://www.youtube.com/@TheTorProject
\n    Mastodon (@torproject@mastodon.social) - https://mastodon.social/@torproject
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/vend-tor.webp\'','\'vend-tor.webp\'','','','','',41541,'',NULL),(181961,'\'Global OSINT Search Party CTF – DEF CON 34 Edition\'','contests','\'

The Trace Labs Global OSINT Search Party CTF is a non-theoretical CTF where teams of up to 4 people use their OSINT skills to look for actual missing people. For DEF CON 34, we will be working directly with Las Vegas Metro PD to source local missing person cases they have requested the public’s assistance with. This is a hybrid event, open to participants of all skill levels, from anywhere in the world. Prizes will be awarded for 1st, 2nd, and 3rd places, as well as for Most Valuable OSINT. Participants at DEF CON can pickup their free event ticket by stopping by the OSINT4Good Community anytime prior to the event start. Global participants can get a ticket by going to https://www.tracelabs.org/tickets. Bring a laptop and some snacks and get ready to use OSINT4Good!

Links:
    Virtual Registration - https://www.tracelabs.org/tickets
\n
\'','\'https://defcon.outel.org/defcon34/images/logos/cnt-osint.webp\'','\'cnt-osint.webp\'','','','','',41542,'\'Map Page - LVCCW Level 1 Hall 4-1307 (OSINT For Good Community)\'',NULL),(181962,'\'Welcome to DEF CON 34!\'','DCtalk','\'Creator: DEF CON Talks
\n
People:
    SpeakerBio:  Jeff \"The Dark Tangent\" Moss
\nNo BIO available
\n\'','NULL','NULL','','','','',64867,'\'Map Page - LVCCW Level 1 Hall 3 1006 (Main Track 1)\'','Friday, Aug 7, 10:00 - 10:45 PDT
'),(181963,'\'Defcon.run\'','pge','\'Creator: Social Gatherings/Events

Defcon.run, formerly the DEF CON 4x5K, is a community-driven tradition where hackers gather for morning runs and rucks across Las Vegas. Participants can choose from various routes, from 5Ks to longer distances.

\n\n

For DEF CON 34, meet at \"The Spot\" near the North Entrance of the Las Vegas Convention Center West Hall. Activities start at 06:00, Thursday through Sunday; arrive early for safety briefings and community hype.

\n\n

Whether you are an experienced runner or a newcomer, visit defcon.run to sign up and connect with the community.

\nLinks:
    Website - https://defcon.run
\n\'','\'https://defcon.outel.org/defcon34/images/logos/pme-defconrun.webp\'','\'pme-defconrun.webp\'','','','','',66386,'\'Map Page - LVCCW Level 1 North Entrance\'','Sunday, Aug 9, 06:00 - 07:59 PDT
Saturday, Aug 8, 06:00 - 07:59 PDT
Friday, Aug 7, 06:00 - 07:59 PDT
Thursday, Aug 6, 06:00 - 07:59 PDT
'),(181964,'\'Toxic BBQ\'','pge','\'Creator: Social Gatherings/Events

Join the humans of Vegas at the unofficial opener of DEF CON. This Thursday Meat-Up is in the shade of Sunset Park, a quick ride from the LVCC. We stock the larder with burgers, dogs, and fixin’s. We rely on you for everything else: sides, drinks, volunteering, and donations.

\n\n

With over 50 sq ft of heat, we have plenty of room on the grill for your personal creations. Contribute food and drinks, staff the grill, join supply runs, or donate to help cover cost. Everything left goes to the EFF. Be a part of what makes this cookout something to remember year after year. The only question is: What are you bringing to Toxic BBQ?

\n\n

Check out toxicbbq.org , find a flyer at an NFO Node, and watch for #ToxicBBQ on the socials for the latest news.

\n\n

Sunset Park, Foxtail Pavilion (Lat: 36.0636, Long: -115.1178)

\nLinks:
    Website - https://toxicbbq.org
\n    Google Maps - https://maps.app.goo.gl/AWadXHTkPYM3p7hn6
\n\'','\'https://defcon.outel.org/defcon34/images/logos/pme-toxicbbq.webp\'','\'pme-toxicbbq.webp\'','','','','',66387,'\' Page - Other / See Description\'','Thursday, Aug 6, 15:00 - 20:59 PDT
'),(181965,'\'The Unofficial DEF CON Shoot\'','pge','\'Creator: Social Gatherings/Events

The Unofficial DEF CON Shoot is a public event that happens just prior to the DEF CON hacker conference in Las Vegas, Nevada. It is an opportunity to see and shoot some of the guns belonging to your friends while taking pride in showing and firing your own steel, as well, in a relaxed and welcoming atmosphere. We choose a spot, then we rent tables, canopies, and bring all the necessary safety equipment and amenities. All you need to bring yourself and (optionally) your firearms. New shooters and veterans both attend regularly. You can attend with your firearms, of course, but folk without guns of their own in Vegas may have the opportunity to try gear from others in attendance.

\n\n

Pro Gun Vegas - 12801 Old US 95 Boulder City, NV 89005

\nLinks:
    Google Maps - https://maps.app.goo.gl/GCpWr55GjQajASA99
\n    Website - https://dcshoot.org
\n\'','\'https://defcon.outel.org/defcon34/images/logos/pme-dcshoot.webp\'','\'pme-dcshoot.webp\'','','','','',66388,'\' Page - Other / See Description\'','Wednesday, Aug 5, 11:00 - 17:15 PDT
'),(181966,'\'Slopcon\'','pge','\'Creator: Social Gatherings/Events

In an era where \"innovation\" is just a polite word for scraping the bottom of the LLM barrel, we invite you to embrace the inevitable heat death of original thought at Slopcon. Why bother with pesky human intellect when we can automate the entire conference lifecycle, from hallucinated CFP submissions to slide decks that make absolutely no sense? It’s a high-stakes experiment in synthetic absurdity where the only thing more artificial than the intelligence is the confidence of the \"meatbag\" presenters tasked with delivering this digital dross. Join us for a celebratory descent into the uncanny valley, where we’ll crown the sloppiest generative disasters and toast to the fact that, for now, at least the audience is still real.

\n\n

So, if you’re actually itching to subject the world to more of this or just have a masochistic need for further details, head over to slopcon.org and fulfill your destiny.

\nLinks:
    Website - https://slopcon.org
\n    Mastodon (@slopcon@bsky.social) - @slopcon@bsky.social
\n\'','\'https://defcon.outel.org/defcon34/images/logos/pme-slopcon.webp\'','\'pme-slopcon.webp\'','','','','',66389,'\'Map Page - LVCCW Level 2 W222 (Workshops)\'','Friday, Aug 7, 22:00 - 00:59 PDT
'),(181967,'\'Movie Night\'','pge','\'Creator: Social Gatherings/Events
\n\'','NULL','NULL','','','','',66390,'\'Map Page - LVCCW Level 2 W222 (Workshops)\'','Friday, Aug 7, 20:00 - 23:59 PDT
Saturday, Aug 8, 20:00 - 23:59 PDT
'),(181968,'\'Ham In A Day Class\'','pge','\'Creator: Social Gatherings/Events

The HRV Ham In A Day class returns again for its fourth year, taught again by Dan Romencheck, KB6NU, author of the No-Nonsense Study Guides for the amateur radio license exams.

\n\n

Always been interested in getting your ham license but never had the time to study? Now\'s your chance! The Ham Radio Village is offering a one-day class where you can learn all the required knowledge to pass the exam.

\n\n

Topics include:\n- Electrical Principles\n- Electronic principles and components\n- Radio and electromagnetic wave properties\n- Antennas and Feedlines\n- Amateur Radio Signals\n- Safety\n- Station Setup and Operation\n-Operating Procedures \n- Rules and Regulations

\n\n

The class will run from 10 A.M. to 5 P.M. A lunch break will be provided.

\n\n

Best of all, this class is completely free, thanks to a grant from the Amateur Radio Digital Communications.

\n\n

Last year, we sold out of capacity and had to turn folks away. We highly recommend placing a deposit to reserve your seat. The deposit will be refunded upon attendance of the class. Register by following the attached link.

\nLinks:
    Mastodon (@HamRadioVillage@defcon.social) - @HamRadioVillage@defcon.social
\n    Registration - https://www.zeffy.com/en-US/ticketing/ham-in-a-day-class-at-def-con--34
\n    Website - https://hamvillage.org
\n\'','\'https://defcon.outel.org/defcon34/images/logos/misc-hrv.webp\'','\'misc-hrv.webp\'','','','','',66391,'\'Map Page - LVCCW Level 3 W314 (Ham Radio Meeting)\'','Thursday, Aug 6, 10:00 - 16:59 PDT
'),(181969,'\'Free Ham Radio License Exams\'','pge','\'Creator: Social Gatherings/Events

Free ham radio exams return to DEF CON 34! Partake in this hacker “rite of passage” by getting your license at DEF CON, presented by the Ham Radio Village.

\n\n

While anyone is able to listen in to amateur/ham radio transmissions, only those who have an amateur radio license are able to fully partake in the “oldest hacker hobby”. With your license, you’ll be authorized by the FCC to transmit up to 1,500W on designated frequencies, build/modify radios & antennas, and even administer your own exams! Additionally, having your ham radio license can improve your resume as it is a well-recognized proof of technical and regulatory knowledge when it comes to all things radio.

\n\n

About The Exam

\n\n

In the US there are 3 current levels of amateur radio license - Technician, General, and Amateur Extra. You can progress through the levels by taking a series of multiple-choice exams showing increasing breadth of knowledge. Most folks at DEF CON looking to become a ham take just the technician exam.

\n\n

The technician exam is a 35 question, multiple choice exam. Questions come from from a public question pool of 400 questions. Because of that, the most popular way folks at DEF CON prepare is by reading through all 400 questions before the exam, and learning hands on once you get licensed. Many study resources exist - most people recommend ham.study.

\n\n

Signing Up

\n\n

Who may register for this testing session:

\n\n
    \n
  • Anyone with an interest in obtaining a new Amateur Radio license or upgrading their existing licenses.
  • \n
  • You may take multiple elements in a single appointment; we just ask that you have studied and are ready to pass.
  • \n
\n\n

Fees

\n\n
    \n
  • All license examinations administered by the Laurel VEC are free to all
  • \n
  • After passing, Laurel VEC will submit your application to the FCC. On acceptance you will receive an email from the FCC directly with instructions to pay the $35 application fee.
  • \n
\n\n

Questions

\n\n

If you have any questions leading up to DEF CON, come visit us on the Ham Radio Village Discord server (discord.gg/hrv) and let us know what questions you have. During the conference, come visit the Ham Radio Village to learn all things ham radio, including the studying, testing, and licensing process.

\nLinks:
    Registration - https://ham.study/sessions/69aa27ed3f69ba72bdeb3a1c/1
\n    Mastodon (@HamRadioVillage@defcon.social) - @HamRadioVillage@defcon.social
\n    Website - https://hamvillage.org
\n\'','\'https://defcon.outel.org/defcon34/images/logos/pme-hrvexams.webp\'','\'pme-hrvexams.webp\'','','','','',66392,'\'Map Page - LVCCW Level 3 W314 (Ham Radio Meeting)\'','Saturday, Aug 8, 11:00 - 16:59 PDT
Friday, Aug 7, 13:00 - 15:59 PDT
Sunday, Aug 9, 11:00 - 12:59 PDT
'),(181970,'\'DC702 Meetup\'','pge','\'Creator: Social Gatherings/Events

Join the local DC702 Group in this year\'s official DEF CON Meetup! The meetup will be casual and include typical meetup activities (e.g., socializing, \"challenges,\" lockpicking, music, etc.) and maybe a few little surprises.

\nLinks:
    Website - https://dc702.space/stuff/dc34-meetup
\n\'','\'https://defcon.outel.org/defcon34/images/logos/pme-dc702.webp\'','\'pme-dc702.webp\'','','','','',66393,'\'Map Page - LVCCW Level 3 W327 (Misc Meeting Room)\'','Thursday, Aug 6, 19:00 - 21:59 PDT
'),(181971,'\'Women, gender non-conforming and non-binary meetup with The Diana Initiative\'','pge','\'Creator: Social Gatherings/Events

We\'d love to get all the gender non conforming, non-binary and women together to hang out and make friends! DEF CON is better with friends. Stop in for a bit, or the whole time.

\nLinks:
    Website - https://dianainitiative.org
\n    Mastodon (@DianaInitiative@defcon.social) - @DianaInitiative@defcon.social
\n\'','\'https://defcon.outel.org/defcon34/images/logos/pme-womengendernonbin.webp\'','\'pme-womengendernonbin.webp\'','','','','',66394,'\'Map Page - LVCCW Level 2 W208-209 (Diana Initiative)\'','Friday, Aug 7, 20:00 - 23:30 PDT
'),(181972,'\'Lawyers Meet\'','pge','\'Creator: Social Gatherings/Events

If you\'re a lawyer (recently unfrozen or otherwise), a judge or a law student please make a note to join Jeff McNamara for a friendly get-together, drinks, and conversation.

\n\'','NULL','NULL','','','','',66395,'\'Map Page - LVCCW Level 3 W301 (Misc Meeting Room)\'','Friday, Aug 7, 19:00 - 21:59 PDT
'),(181973,'\'Friends of Bill W\'','pge','\'Creator: Social Gatherings/Events

We know DEF CON and Vegas can be a lot. If you\'re a friend of Bill W who\'s looking for a meeting or just a place to collect yourself, DEF CON 34 has you covered. Join us throughout the conference in room W301. Meetings will be Thursday, Friday, Saturday, and Sunday.

\n\'','\'https://defcon.outel.org/defcon34/images/logos/com-friendsofbill.webp\'','\'com-friendsofbill.webp\'','','','','',66396,'\'Map Page - LVCCW Level 3 W301 (Misc Meeting Room)\'','Thursday, Aug 6, 12:00 - 12:59 PDT
Saturday, Aug 8, 12:00 - 12:59 PDT
Friday, Aug 7, 17:00 - 17:59 PDT
Friday, Aug 7, 12:00 - 12:59 PDT
Thursday, Aug 6, 17:00 - 17:59 PDT
Sunday, Aug 9, 12:00 - 12:59 PDT
Saturday, Aug 8, 17:00 - 17:59 PDT
'),(181974,'\'Hacker Book Club Discussion\'','pge','\'Creator: Social Gatherings/Events

Community is essential and so is continual learning. Reading books and discussing books can greatly impact an individual’s access and sense of community and knowledge. This Hacker Book Club book discussion will be an accessible group aiming to build community and share out learnings, all in a quieter setting. Come join us and discuss what you’ve been reading. We also run a year round Discord to discuss books throughout the year, hackerbookclub.com. This Hacker Book Club is not locked to a region and is for those who love books and escaping to the cyperpunk, scifi worlds that inspire DEF CON and modern literature.

\nLinks:
    hackerbookclub.com - https://hackerbookclub.com
\n\'','\'https://defcon.outel.org/defcon34/images/logos/pme-bookclub.webp\'','\'pme-bookclub.webp\'','','','','',66397,'\'Map Page - LVCCW Level 3 W301 (Misc Meeting Room)\'','Friday, Aug 7, 14:00 - 15:59 PDT
'),(181975,'\'Atlanta Metro Meetup (DC404/DC678/DC770/DC470)\'','pge','\'Creator: Social Gatherings/Events

They say Atlanta is the city too busy to hate, but it also has too much traffic for its widespread hacker fam to get together in a single meetup. So instead, we\'re meeting up in the desert during DEF CON! The one time of year when intown, northern burbs, south siders, and anyone else connected to DC404\'s 30+ year legacy can catch up and share stories. Join us and meet your fellow ATL hackers!

\n\'','\'https://defcon.outel.org/defcon34/images/logos/pme-dcgatlanta.webp\'','\'pme-dcgatlanta.webp\'','','','','',66398,'\'Map Page - LVCCW Level 3 W327 (Misc Meeting Room)\'','Friday, Aug 7, 16:00 - 18:59 PDT
'),(181976,'\'DCG New England Meetup\'','pge','\'Creator: Social Gatherings/Events

New England\'s hackers are spread across six smaller states and rarely in the same room. This is the room. DCG New England pulls the region\'s groups and unaffiliated folks together to hang out, meet other hackers in the region, talk shop, show off half-finished projects, and meet the people who keep the local scene ticking.

\nLinks:
    Website - https://dcgne.org
\n\'','\'https://defcon.outel.org/defcon34/images/logos/pme-dcgnewengland.webp\'','\'pme-dcgnewengland.webp\'','','','','',66399,'\'Map Page - LVCCW Level 3 W327 (Misc Meeting Room)\'','Saturday, Aug 8, 15:00 - 16:59 PDT
'),(181977,'\'Queercon Mixer\'','pge','\'Creator: Social Gatherings/Events

Come meet the largest social network of LGBTQIA+ and allied hackers at Queercon! Our mixers are designed for you to meet, network, and engage with like-minded people to a backdrop of music, dance, and refreshments.

\nLinks:
    Website - https://queercon.org
\n\'','\'https://defcon.outel.org/defcon34/images/logos/pme-queerconmixer.webp\'','\'pme-queerconmixer.webp\'','','','','',66401,'\'Map Page - LVCCW Level 3 W325 (QueerCon Lounge)\'','Friday, Aug 7, 16:00 - 17:59 PDT
Saturday, Aug 8, 16:00 - 17:59 PDT
'),(181978,'\'Conference Planners Meetup\'','pge','\'Creator: Social Gatherings/Events

Are you a conference planner, manager, technologist, etc.? Feel like chatting about what we do, trading contact info, or just grabbing a few drinks with colleagues? This will be a meetup for those of us involved in conference planning and management. There won\'t be any kind of schedule or agenda. Informal conversation is the name of the game.

\n\n

At least one person from the Hacker Tracker (and ConfMgr) team will be here. You\'re welcome to ask questions, leave feedback (good or bad), ask for help with some problem you\'re having, etc.

\n\'','NULL','NULL','','','','',66402,'\'Map Page - LVCCW Level 2 W212 (Misc Meeting Room)\'','Thursday, Aug 6, 21:00 - 23:59 PDT
'),(181979,'\'VETCON 2026 PARTY\'','pge','\'Creator: Social Gatherings/Events

DEF CON is renowned for bringing together some of the brightest minds in technology and security. By participating in VETCON, you have the chance to highlight the critical role veterans play in this landscape and explore how technology can support and enhance their lives.

\nLinks:
    Website - https://vetconactual.com
\n\'','NULL','NULL','','','','',66403,'\'Map Page - LVCCW Level 3 W326 (Vetcon)\'','Saturday, Aug 8, 21:00 - 00:59 PDT
'),(181980,'\'Hacker Karaoke\'','pge','\'Creator: Social Gatherings/Events

Two great things that go great together! Join the fun as your fellow hackers make their way through songs from every era and style. Everyone has a voice and this is your opportunity to show it off! Everyone is encourage to participate in a DEF CON tradition from all folks and skill levels.

\n\'','\'https://defcon.outel.org/defcon34/images/logos/pme-hackerkaraoke.webp\'','\'pme-hackerkaraoke.webp\'','','','','',66404,'\'Map Page - LVCCW Level 2 W229,W232\'','Saturday, Aug 8, 20:00 - 00:59 PDT
Friday, Aug 7, 20:00 - 00:59 PDT
'),(181981,'\'Day of the Dead Hacker Party\'','pge','\'Creator: Social Gatherings/Events

Join us as we celebrate the lives, legends, and lasting influence of the hackers who shaped our world. From pioneers of the underground to cultural icons of the digital frontier whose stories still echo through the system.

\n\n

Dress in Day of the Dead attire or come as a ghost of hacker culture, dead heroes, legendary coders, digital outlaws, and spirits of the machine.

\n\n

Music by CURZE$ and special guest DJs.

\n\n

Everyone is welcome to join us and celebrate the dead, the code, and the culture that refuses to die.

\n\'','\'https://defcon.outel.org/defcon34/images/logos/pme-daydead.webp\'','\'pme-daydead.webp\'','','','','',66405,'\'Map Page - LVCCW Level 3 W327 (Misc Meeting Room)\'','Friday, Aug 7, 21:00 - 00:59 PDT
'),(181982,'\'+61: the Australian Embassy\'','pge','\'Creator: Social Gatherings/Events

Against all odds (and possibly the better judgement of border control), the +61 Australian embassy returns.

\n\n

If you’re one of the Australians who made it into the US for DEF CON this year, swing by for a bit of hacker summer camp gossip, some socializing, and a live demonstration of what happens when Malört meets Vegemite.

\n\n

We assume nothing good.

\n\'','\'https://defcon.outel.org/defcon34/images/logos/pme-dcgaustralia.webp\'','\'pme-dcgaustralia.webp\'','','','','',66406,'\'Map Page - LVCCW Level 2 W212 (Misc Meeting Room)\'','Saturday, Aug 8, 18:00 - 19:59 PDT
'),(181983,'\'Party Line (Call Center Village Party)\'','pge','\'Creator: Social Gatherings/Events

You\'ve been placed on hold — but for once, you don\'t mind the music.

\n\n

Party Line is Call Center Village\'s telephony-themed party open to all attendees at DEF CON 34.

\n\n

A full-size telephone booth, retro telephones, dial-pad light shows, and lo-fi hold music grooves mixed with telephony-flavored party tracks.

\n\n

If you\'ve ever listened to Opus No. 1 on repeat, then this is your extension. No IVR to navigate Just pick up and dial in.

\n\n

Don\'t let the phones go unanswered. Join us at Party Line.

\n\n

Between calls, swing by our unofficial DEF CON TCG trading table — donate your extras, hunt down the ones you\'re missing, or make a deal for your favorites.

\n\n

Make sure to bring your Call Center Village flight-tags (100 Trying or 200 OK) earned from the Escalation Desk CTF to claim free drinks!

\nLinks:
    Website - https://callcentervillage.com/events/partyline34
\n    Mastodon (@callcentervillage@defcon.socal) - @callcentervillage@defcon.socal
\n\'','\'https://defcon.outel.org/defcon34/images/logos/pme-partyline.webp\'','\'pme-partyline.webp\'','','','','',66407,'\'Map Page - LVCCW Level 2 W218 (Call Center Village)\'','Saturday, Aug 8, 21:00 - 00:59 PDT
'),(181984,'\'Illuminati Party\'','pge','\'Creator: Social Gatherings/Events

It\'s time to get under the hood and rewrite the rules of engagement. If we want a future where explorers aren\'t outlaws, we have to start by taking over the room—so join us for the Illuminati Party, where our crew gathers to set the parameters for the night. Come share your passion, plot the future, and help us amplify the community.

\nLinks:
    Website - https://illuminatiparty.org
\n\'','\'https://defcon.outel.org/defcon34/images/logos/pme-illuminati.webp\'','\'pme-illuminati.webp\'','','','','',66408,'\'Map Page - LVCCW Level 3 W327 (Misc Meeting Room)\'','Saturday, Aug 8, 21:00 - 00:59 PDT
'),(181985,'\'BlanketFort Con\'','pge','\'Creator: Social Gatherings/Events
BlanketFort Con: Come for the chill vibes and diversity, stay for the Blanket Fort Building, Cool Lights, Music, and Kid Friendly \\ Safe environment. Now with less Gluten and more onesies!
\n\n\nLinks:
    Mastodon (@blanketfortcon@bsky.social) - @blanketfortcon@bsky.social
\n\'','\'https://defcon.outel.org/defcon34/images/logos/pme-blanketfort.webp\'','\'pme-blanketfort.webp\'','','','','',66409,'\'Map Page - LVCCW Level 2 W212 (Misc Meeting Room)\'','Friday, Aug 7, 19:00 - 00:59 PDT
'),(181986,'\'Arcade Party\'','pge','\'Creator: Social Gatherings/Events

The Arcade Party is back! Come play your favorite classic arcade games while jamming out to Keith Myers DJing. Your favorite custom built 16 player LED foosball table will be ready for some competitive games. This epic party, free for DEF CON 34 attendees to enjoy and play, is hosted by the Military Cyber Professionals Association (a tech ed charity) and friends.

\nLinks:
    Website - https://arcadeparty.org
\n\'','\'https://defcon.outel.org/defcon34/images/logos/pme-arcadeparty.webp\'','\'pme-arcadeparty.webp\'','','','','',66410,'\'Map Page - LVCCW Level 1 Hall 3 801 (Creator Stage 1,2)\'','Friday, Aug 7, 20:00 - 00:59 PDT
'),(181987,'\'Front Man\'s Fête: An Octopus Game Party\'','pge','\'Creator: Social Gatherings/Events

Front Man’s Fête: An Octopus Game Party is a curated respite from the chaos of the city, offering a sophisticated and low-key lounge experience centered on strategy and soul. Instead of high-stakes elimination, we offer the timeless rhythm of old school hip-hop and the analog competition of classic board games. This event is designed for those who seek a chill atmosphere where the vibes are smooth and the conversation is clear. Come for the nostalgia of golden-era beats and stay for a relaxed evening where the only goal is to unwind and outsmart your opponents in a sanctuary of cool.

\nLinks:
    Mastodon (@OctopusGame@defcon.social) - @OctopusGame@defcon.social
\n    Website - https://octopusgame.org
\n\'','\'https://defcon.outel.org/defcon34/images/logos/pme-frontmansfete.webp\'','\'pme-frontmansfete.webp\'','','','','',66411,'\'Map Page - LVCCW Level 2 W212 (Misc Meeting Room)\'','Saturday, Aug 8, 21:00 - 00:59 PDT
'),(181988,'\'BIC R00T ACCESS 2026\'','pge','\'Creator: Social Gatherings/Events

Black culture has always shaped the sound of resistance, innovation, and celebration—and at DEF CON, we’re bringing that history to the dance floor. Blacks In Cyber invites you to a night where cybersecurity meets the soundtrack of Black history. From the soulful roots of jazz and blues that coded messages of freedom, to the revolutionary pulse of hip-hop and electronic beats that powered digital creativity, every track tells a story.

\n\n

This party celebrates the pioneers who pushed boundaries—musically, technologically, and culturally. Expect a curated journey through decades of sound: classic grooves, Afro-futurist vibes, and modern cyber-inspired mixes that honor the past while hacking the future. Whether you’re a seasoned hacker, a first-time DEF CON attendee, or just here for the vibe, this is your space to connect, celebrate, and move.

\n\n

Come dance through the timeline. Celebrate culture, community, and code. Blacks In Cyber at DEF CON—where history, rhythm, and innovation collide.

\nLinks:
    Website - https://blacksincyberconf.com
\n\'','NULL','NULL','','','','',66412,'\'Map Page - LVCCW Level 3 W322-W324 (BIC Village)\'','Friday, Aug 7, 21:00 - 00:59 PDT
'),(181989,'\'GOTHCON\'','pge','\'Creator: Social Gatherings/Events

Returning for their 9th year, Gothcon invites you to come dance the night away with a line-up of some of the community\'s best dark dance music DJ\'s from across the US! Dress however you would like in whatever makes you feel comfortable and happy, and all are welcome.

\nLinks:
    Website - https://gothcon.com
\n\'','\'https://defcon.outel.org/defcon34/images/logos/pme-gothcon.webp\'','\'pme-gothcon.webp\'','','','','',66413,'\'Map Page - LVCCW Level 1 Hall 3 801 (Creator Stage 2)\'','Saturday, Aug 8, 21:00 - 00:59 PDT
'),(181990,'\'Kayos Klub\'','pge','\'Creator: Social Gatherings/Events

The Kayos Klub will be a night of music and magic for all ages. To celebrate the life of a lost loved one, we are going all out on a party that will make even the most socially awkward computer nerd want to dance <3.

\nLinks:
    Website - https://digitalgangster.com
\n\'','\'https://defcon.outel.org/defcon34/images/logos/pme-kayosklub.webp\'','\'pme-kayosklub.webp\'','','','','',66414,'\'Map Page - LVCCW Level 1 North Lobby\'','Saturday, Aug 8, 22:00 - 00:59 PDT
'),(181991,'\'SecKC the WHOLE WIDE WORLD\'','pge','\'Creator: Social Gatherings/Events

Following the legendary chaos of SecKC the World and SecKC the World Again, the Kansas City crew returns to DEF CON to settle the digital frontier. This year, we aren’t just hosting a party, this isn’t just another loud room with a DJ; it’s gonna be a killer getogether for the hacker family. We’re merging the independent spirit of the DEF CON with the radical community of the Midwest.

\nLinks:
    Website - https://seckc.org
\n    Mastodon (@sec_kc@bird.makeup) - @sec_kc@bird.makeup
\n\'','NULL','NULL','','','','',66415,'\'Map Page - LVCCW Level 1 North Lobby\'','Friday, Aug 7, 22:00 - 00:59 PDT
'),(181992,'\'Operator, Please Hold - DCG Social\'','pge','\'Creator: Social Gatherings/Events

Operator, Please Hold is the official DEF CON Groups party at DEF CON 34 - a social for hackers, DCG organizers, and community builders from around the world.

\n\n

This is where DEF CON Groups converge off the mailing lists and out of Discord. Expect familiar faces, new connections, and conversations that jump from local meetups to global chaos in about five minutes. No talks. No agenda. Just hackers who actually show up for their communities, in one room, at the same time.

\n\n

Whether you run a group, help keep one alive, or are looking to plug into your local hacker scene, this is your stop. Come say hi, compare notes, and meet the humans behind the handles.

\n\n

Operator, please hold. Your people are on the line.

\n\'','NULL','NULL','','','','',66416,'\'Map Page - LVCCW Level 2 W238 (DEF CON Groups)\'','Thursday, Aug 6, 18:00 - 19:59 PDT
'),(181993,'\'Social Engineering Community Village Party\'','pge','\'Creator: Social Gatherings/Events

Join the Social Engineering Community for a night of connecting with fellow hackers, social engineers, researchers, and curious DEF CON attendees who share an interest in the human side of hacking. Whether you spent the weekend watching vishing calls, cheering on AI bots, competing, volunteering, or just discovering the craft for the first time, this meetup is a chance to relax, swap stories, and meet the people behind the voices, research, and chaos from the village. The exact theme will be announced soon, but the goal is simple: bring the community together, make new friends, reconnect with old ones, and celebrate another year of social engineering at DEF CON. Everyone is welcome, whether you\'re a longtime member of the community or just curious about what social engineering is all about.

\nLinks:
    Website - https://www.se.community/
\n\'','NULL','NULL','','','','',66417,'\'Map Page - LVCCW Level 3 W317-319 (SEC Village)\'','Saturday, Aug 8, 19:00 - 22:59 PDT
'),(181994,'\'15th Cycleoverride Bike Ride at DEF CON\'','pge','\'Creator: Social Gatherings/Events

At 6am on Friday, the @cycle_override crew will be hosting the 15th DEF CON Bikeride. We\'ll meet at a local bikeshop, get some rental bicycles, and about 7am will make the ride out to Red Rocks. It\'s about a 15 mile ride, all downhill on the return journey. So, if you are crazy enough to join us, get some water, and head over to cycleoverride.org for more info. See you at 6am Friday!

\nLinks:
    Website - https://cycleoverride.org
\n\'','NULL','NULL','','','','',66445,'\' Page - Other / See Description\'','Friday, Aug 7, 06:00 - 10:59 PDT
'),(181995,'\'DCNextGen Party!\'','pge','\'Creator: Social Gatherings/Events

Are you ready to rock? If so, come to the DCNextGen party where the theme is UV cyberpunk! What is there to do you might ask? We have games, music, create your own raccoon mask, glow in the dark tattoos, and so much more! There is no better place to make new friends and hang out with your fellow DCNextGen cyber warriors.

\n\'','\'https://defcon.outel.org/defcon34/images/logos/pme-nextgen.webp\'','\'pme-nextgen.webp\'','','','','',66447,'\'Map Page - LVCCW Level 3 W316 (DC NextGen)\'','Saturday, Aug 8, 19:00 - 20:59 PDT
'),(181996,'\'AWS Cloud Security 101: From IAM Misconfigurations to Account Takeover\'','workshops','\'Creator: DEF CON Workshops

The shortest path from a marketing-site SSRF to production root often runs through AWS, and most defenders can’t see it happening. This workshop teaches you to walk that path yourself.

\n\n

Working whitebox in provided lab accounts, you’ll move through eight hands-on modules: reading IAM policies for privilege escalation gadgets, turning a single SSRF into a working CLI session via IMDS, abusing cross-account trust, exploiting resource policies across S3/KMS/Lambda, compromising serverless functions, and evading CloudTrail. The workshop closes with a full-chain challenge: build a Python exploit that goes from external SSRF to administrative access in one script.

\n\n

Prerequisites: Basic AWS familiarity (console + CLI), comfort reading JSON policies, Python. Bring a laptop with AWS CLI v2 and Python 3.10+ installed. No prior offensive cloud experience required.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/fri_am_ws3_4073
\n
People:
    SpeakerBio:  zeta
\n

zeta is an internet plumber and computer toucher. \nhe spends his days reading IAM policies and his nights wondering why anyone wrote them that way.

\n\nSpeakerBio:  Rafa \"bane\" Gutierrez
\n

\"Rafael (bane) is the founder of Secure Origin, where he helps organizations doing public-interest work improve their security, infrastructure, and operational resilience. His work spans vulnerability research, security architecture, detection engineering, adversary emulation, infrastructure operations, and targeted technical engagements.

\n\n

He is also a researcher and technical lead for The Southlander, a local Los Angeles newsroom. He volunteers with Lucy Parsons Lab and conducts independent research on surveillance technology, supporting reporting on how these systems affect journalists, activists, and local communities.\"

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66448','','',66448,'\'Map Page - LVCCW Level 2 W228 (Workshops)\'','Friday, Aug 7, 09:00 - 12:59 PDT
'),(181997,'\'Agentic Threat Hunting: Building AI That Remembers What You Hunted\'','workshops','\'Creator: DEF CON Workshops

Attendees hunt a supply chain compromise in real telemetry. Not a walkthrough - a hunt.\nA trojanized developer tool has been backdoored. The artifacts are seeded across a shared Splunk instance at layered difficulty: some obvious, some buried. Over four hours, attendees progress through the Five Levels of Agentic Hunting using the open-source Agentic Threat Hunting Framework (ATHF). Each maturity level unlocks new capabilities — structure, searchability, AI research agents, and full agentic workflows — that help them find what they couldn\'t find before.\nThe first hunt is manual. By the last module, AI agents are surfacing hypotheses, identifying coverage gaps, and pointing hunters toward artifacts they missed. The human decides what to chase. The framework remembers what they found.\nThis is not a tool demo. Attendees will make real analytical decisions, write real SPL queries, hit dead ends, and use AI agents to recover. They leave with a working ATHF workspace, documented hunts from a real investigation, and the experience of hunting with an agentic system.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/fri_am_ws4_4061
\n
People:
    SpeakerBio:  Sydney \"letswastetime\" Marrone
\n

Sydney Marrone is a threat hunter, cybersecurity professional, co-founder of THOR Collective, author of the Agentic Threat Hunting Framework, and co-author of the PEAK Threat Hunting Framework. She is passionate about making security knowledge accessible and actionable through hands-on research, open-source collaboration, and community-driven projects like HEARTH (Hunting Exchange And Research Threat Hub). Sydney creates resources, leads workshops, and shares insights that spark curiosity and empower defenders. Outside of work, she writes for THOR Collective Dispatch, lifts weights, and makes cyber-themed music using AI to blend creativity and hacker culture.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66449','','',66449,'\'Map Page - LVCCW Level 2 W233 (Workshops)\'','Friday, Aug 7, 09:00 - 12:59 PDT
'),(181998,'\'Hands-on IoT firmware extraction and flash forensics\'','workshops','\'Creator: DEF CON Workshops

Did you ever wanted to hack an IoT device but did not know how to start? Having UART is nice, but does not help in many cases.

\n\n

For a complete analysis of an IoT device, it is required to look at the firmware itself. In most cases this means that the firmware, data or encryption keys need to be extracted from the device memory. Many researchers are hesitant to do that as there is a high risk of destroying the device or leaving it in an inoperable state. In this workshop we will look at different flash memory types (EEPROM, SPI flash, NAND flash, eMMC flash) and how to extract the information from them.

\n\n

We will show that you do not need very expensive hardware to archive your goal and that it is not as complicated as everyone believes. See which tools might be useful for your own lab!

\n\n

Participants will have the opportunity to work in groups and being provided different kinds of IoT devices (e.g. smart speakers). After a tear-down, you can use different chip-off methods (e.g. Hot air, IR soldering) to remove the flash chip and read it out. Optionally, the tools re-ball and re-solder the IC will be available after the workshop. In the end, each team should have the data and a functional device again.

\n\n

Bonus: If you brick the device, you can keep the parts as a souvenir or can wear them as badges.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/fri_am_ws7_4076
\n
People:
    SpeakerBio:  Dennis Giese
\n

Dennis Giese is a researcher with the focus on the security and privacy of IoT devices. While being interested in physical security and lockpicking, he enjoys applied research and reverse engineering malware and all kinds of devices. His most known projects are the documentation and hacking of various vacuum robots. He calls himself a \"robot collector\" and his current vacuum robot army consists of over 95 different models from various vendors. He talked about his research at the Chaos Communication Congress, REcon, HITCON, NULLCON, and DEFCON.

\n\nSpeakerBio:  Braelynn Luedtke
\n

Hacker and tomato farmer. Enjoys researching the security of anything that piques her curiosity. She has previously presented this research at conferences such as Chaos Communication Congress, HITCON and DEFCON.

\n\nSpeakerBio:  Arnold Wey
\n

Arnold Wey is an electronics security researcher. His recent work includes security testing of virtual GPU implementations, robot arm communication protocols, and repurposing a 3D printer for fault injection research.

\n\nSpeakerBio:  Harsha Potu
\n

Harsha has been taking things apart since he could get his hands on a screwdriver for fun and profit. Nowadays he is a cybersecurity researcher with a decade of experience in embedded security. He loves to reverse boards + firmware and regularly finds vulnerabilities at various layers of execution. Especially interested in breaking secure boot chain designs!

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66450','','',66450,'\'Map Page - LVCCW Level 2 W225 (Workshops)\'','Friday, Aug 7, 09:00 - 12:59 PDT
'),(181999,'\'Learning to Hack Bluetooth Low Energy with BLE CTF\'','workshops','\'Creator: DEF CON Workshops

BLE CTF is a series of Bluetooth Low Energy challenges in a capture-the-flag format, created to teach the fundamentals of interacting with and hacking BLE services. Each flag interactively introduces a new concept.

\n\n

Over the years, BLE CTF has expanded across platforms and skill levels. Books, workshops, trainings, and conferences have adopted it as both an educational platform and CTF. As an open source, low-cost, extensible solution, it has helped advance Bluetooth security research.

\n\n

This workshop teaches the fundamentals of hacking BLE through hands-on exercises that introduce beginners to new concepts while giving experienced users a chance to try new tools and techniques. After completing it, you will have a solid understanding of how to hack BLE devices in the wild.

\n\n

New for DEF CON 34: the workshop uses a brand new variant of BLE CTF built specifically for this event. Returning students will face fresh challenges they have not seen before, and the new exercises are designed to resist online walkthroughs and LLM-assisted shortcuts. We will also introduce new client tools, including gratttool, a modern replacement for gatttool (which has been deprecated from most Linux distributions). Whether this is your first BLE CTF or your eighth, you will leave with new skills and tools.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/fri_am_ws5_4054
\n
People:
    SpeakerBio:  Ryan \"Hackgnar\" Holeman
\n

Ryan Holeman resides in Austin, Texas, where he works as the CISO for Stability AI. He holds a Ph.D. in cyber defense from Dakota State University and has spoken at respected venues such as Black Hat, DEF CON, Lockdown, BSides, Ruxcon, Notacon, and Shmoocon. You can keep up with his current activity, open source contributions, and general news on his blog. His spare time is mostly spent digging into various network protocols, random hacking, creating art, surfing, and shredding local skateparks.

\n\nSpeakerBio:  Alek Amrani
\n

Alek Amrani runs the security team at Cape.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66451','','',66451,'\'Map Page - LVCCW Level 2 W232 (Workshops)\'','Friday, Aug 7, 09:00 - 12:59 PDT
'),(182000,'\'Long Live Empire: A C2 Workshop for Modern Red Teaming\'','workshops','\'Creator: DEF CON Workshops

Behind every breach report from the last decade is a Command and Control (C2) framework. C2 is how operators reach into a compromised network, move sideways, harvest credentials, and stay invisible. This 4-hour, hands-on workshop puts you in the operator\'s chair. You set up your own Empire team server, learn the listener-stager-agent model from scratch, and run seven exercises that take you from \"never touched a C2\" to dumping credentials off a box you compromised yourself.

\n\n

You\'ll spin up an HTTP listener, deploy a .NET agent to a Windows target, and run post-exploitation tradecraft: Rubeus for credentials, SharpHound for AD enumeration, port-forward pivots to internal hosts, and privesc modules that turn a foothold into full control. You\'ll even build a custom Empire plugin that auto-runs on every new agent. The capstone is a mini-CTF on a cloud-hosted range we keep open all weekend, with a prize for the winners.

\n\n

You leave with the mental model most operators take years to build: how modern C2 actually works, what it assumes about the target, and where defenders most often catch it. No VMs to download. No setup before class. Bring a laptop, get on WiFi, and we\'ll have agents running before the first break.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/fri_am_ws6_4068
\n
People:
    SpeakerBio:  Jake \"Hubbl3\" Krasnov
\n

Jake \"Hubble\" Krasnov is the Red Team Operations Lead at BC Security, with a distinguished career spanning engineering and cybersecurity. A U.S. Air Force veteran, Jake began his career as an Astronautical Engineer overseeing rocket modifications, leading test and evaluation efforts for the F-22, and conducting red team operations with the 57th Information Aggressors. He later served as a Technical Lead Engineer at Boeing Phantom Works, where he focused on embedded security for aviation and space defense projects. A seasoned speaker and trainer, Jake has presented at DEF CON, Black Hat, HackRedCon, HackSpaceCon, and HackMiami, and has previously taught Empire and offensive PowerShell at DEF CON.

\n\nSpeakerBio:  Vincent \"Vinnybod\" Rose
\n

Vincent \"Vinnybod\" Rose is the Lead Developer for Empire and Starkiller. He is a software engineer with a decade of expertise in building highly scalable cloud services, improving developer operations, and automation. Recently, his focus has been on the reliability and stability of the Empire C2 server. Vinnybod has presented at Black Hat and has taught courses at DEF CON on Red Teaming and Offensive PowerShell. He currently maintains a cybersecurity blog focused on offensive security at https://bcsecurity.io/blog/.

\n\nSpeakerBio:  Anthony \"Coin\" Rose
\n

Dr. Anthony \"Coin\" Rose is an officer in the United States Air Force, an Assistant Professor, and the Director of the Center for Cyberspace Research at the Air Force Institute of Technology. He holds a doctorate in Electrical Engineering and has expertise in machine learning, with a focus on its application to cybersecurity and malware detection. He is also the founder of SIMAPTIC and the Director of Security Research at BC Security, where he specializes in adversary tactics and emulation planning, Red and Blue Team operations, and embedded systems security. Dr. Rose is credited with 16 CVEs and has presented at numerous security conferences, including Black Hat, DEF CON, HackSpaceCon, HackMiami, and RSA Conference.

\n\nSpeakerBio:  Dan Niefeld
\n

Dan Niefeld is the founder of several Cyber Security and Technology organizations. An accomplished social engineer his career has spanned from program management to organizing conferences like Hack Space Con, Dan has spent his career, educating, mentoring and developing disrupting technologies with a focus of Mission and Community Development.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66452','','',66452,'\'Map Page - LVCCW Level 2 W231 (Workshops)\'','Friday, Aug 7, 09:00 - 12:59 PDT
'),(182001,'\'Malware Development 101 - From Zero to Hero: Adapt your payload to your environment\'','workshops','\'Creator: DEF CON Workshops

This workshop will give an initiation to offensive malware development in C/C++ and how it is possible to adapt the approach depending on the security solution that must be tackled down. Different methods such as ModuleStomping, DLL Injection, Threadless Injection and Hardware Breakpoint for dehooking will be seen.\nThe idea is to start with a basic malware performing process injection and apply additional techniques to start evading EDR. At each step, some analysis on the malware will be performed to understand the differences at the system level and the IOC detected by the EDR.\nAt the end of this workshop, you will have all the knowledge needed to develop your own malware and adapt it to the targeted environment to escape from the basic pattern and spawn your beacons as if EDR didn\'t exist.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/fri_am_ws1_4039
\n
People:
    SpeakerBio:  Yoann \"OtterHacker\" DEQUEKER
\n

Yoann Dequeker (@OtterHacker) is a red team operator at Wavestone entitle with OSCP and CRTO certification. Aside from his RedTeam engagements and his contributions to public projects such as Impacket, he spends time working on Malware Developpement to ease beacon deployment and EDR bypass during engagements and is currently developing a fully custom C2.

\n\n

His research leads him to present his results on several conferences such as LeHack (Paris), Insomni\'hack (Swiss) or even through a 4-hour malware workshop at Defcon31,32 and 33 (Las Vegas). All along the year, he publishes several white papers on the techniques he discovered or upgraded and the vulnerabilities he found on public products.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66453','','',66453,'\'Map Page - LVCCW Level 2 W230 (Workshops)\'','Friday, Aug 7, 09:00 - 12:59 PDT
'),(182002,'\'Offensive Packet Wizardry with Scapy\'','workshops','\'Creator: DEF CON Workshops

Offensive Packet Wizardry with Scapy is a four-hour, 100% hands-on workshop that teaches attendees to build offensive networking tools from scratch in Python using Scapy, the packet crafting library used by red teams, malware analysts, and vulnerability researchers worldwide.

\n\n

Starting from first principles, raw packet construction, layer stacking, and send/receive mechanics, the workshop moves progressively through active reconnaissance, ARP cache poisoning with live credential interception, TCP/IP stack abuse (session injection, SYN flood, RST killing), protocol fuzzing against an intentionally vulnerable binary service, and full covert channel implementation (ICMP C2 shell, DNS file exfiltration, TCP header steganography).

\n\n

Every technique is implemented live in Python against an isolated lab network. Students leave with a working, importable red team toolkit, a Python package with a unified CLI, that they built themselves and can adapt for future engagements.

\n\n

The workshop concludes with \"Silent Pivot\", a scored capstone scenario that chains all techniques into a realistic kill chain: stealth discovery, service identification, fuzzer- triggered crash, ICMP command execution, DNS exfiltration of /etc/shadow, and network cleanup, all subject to an IDS alert budget.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/fri_am_ws8_4025
\n
People:
    SpeakerBio:  Mike \"Chicolinux\" Guirao
\n

Mike “Chicolinux” Guirao began his journey in the security field roughly 25 years ago while completing a master\'s degree. Since then, they have developed both broad and deep expertise across this incredible discipline. Currently, they are pursuing a PhD at New Mexico State University, where their research intersects Cybersecurity and Machine Learning/Artificial Intelligence.

\n\n

In addition to their academic pursuits, Mike serves on the organizing team for the Crypto & Privacy Village. This marks their third time teaching a workshop at DEF CON since DEF CON 24. They also hold several notable industry certifications, including the SANS GCIH, ISC2 CC, and Linux+, and they are excited to share their wealth of experience and knowledge.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66454','','',66454,'\'Map Page - LVCCW Level 2 W222 (Workshops)\'','Friday, Aug 7, 09:00 - 12:59 PDT
'),(182003,'\'Web Hacking 101\'','workshops','\'Creator: DEF CON Workshops

Most security training starts with slides. This workshop starts with a target. Students spend the majority of the course attacking a purpose-built web application across progressive labs covering the vulnerability classes that define modern web security.

\n\n

Each module follows a difficulty curve. Entry-level labs present classic, unfiltered vulnerabilities for students to exploit independently. Difficulty escalates as filters and defenses appear, requiring adaptation and creative problem-solving. Failed payloads, broken assumptions, and dead ends are not setbacks. They are the learning journey. The frustration of a blocked payload and the persistence to find the bypass is how offensive intuition is built.

\n\n

A final exploit chaining challenge ties everything together, combining findings across vulnerability classes to demonstrate how moderate issues chain into critical impact, the way real attacks work.

\n\n

Students attack, fail, adapt, and break through. Hands-on exploitation and the willingness to struggle is the foundation of any security career. It starts here.

\n\n

All you need is a laptop and persistence.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/fri_am_ws2_4012
\n
People:
    SpeakerBio:  cale \"calebot\" smith
\nCale Smith has spent his entire life obsessed with one question: \"Yeah, but how does it actually work?\"
\n\n

He started out building things, then realized breaking them was more fun, and has been doing exactly that across web, cloud, binary, IoT, and mobile ever since. He now manages a device-focused security team at Amazon, where his \"what if I just...\" instincts are finally considered a job qualification.

\n\nSpeakerBio:  Ruchik Dave
\n

Ruchik Samir Dave is a software engineer and security specialist with nearly 20 years of experience at the intersection of complex systems security and emerging threat landscapes. Ruchik has contributed to security frameworks for aviation systems and privacy-compliant architectures for large consumer IoT ecosystems, bringing safety-critical systems expertise to emerging technology platforms. His current research explores cloud security paradigms, security compliance, AI-assisted threat detection systems, and the novel attack surfaces introduced by machine learning implementations in embedded environments, areas that represent the cutting edge of adversarial research and defensive innovation. With a passion for building secure, large-scale software systems, Ruchik’s work addresses the evolving security challenges where traditional cybersecurity meets artificial intelligence, IoT proliferation, and safety-critical infrastructure.

\n\nSpeakerBio:  Young Seuk Kim
\n

Husband, father, hacker, gamer. Young’s path into security started like a good game exploit—he wanted to win, bent the rules, and discovered a passion for hacking. He began as a web app security consultant, moved into penetration testing and red teaming, and now works in application security engineering, helping teams build secure systems (and still breaking things for fun). He also dives into all kinds of games and stories, especially fantasy with Eastern martial arts, and loves dissecting media with the same curiosity he brings to code.

\n\nSpeakerBio:  Luke Cycon
\n

Luke is a former builder turned security engineer at Amazon, focused on web, cloud, and embedded device security. He came up building things before he discovered that breaking them taught him more about how they really work. These days he likes to poke at things until they misbehave, then help the builders make sure it doesn\'t happen twice. Off the clock, you\'ll find him tinkering with hardware, firing lasers at something, and celebrating each fixed bug with a bit too much whisky.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66455','','',66455,'\'Map Page - LVCCW Level 2 W229 (Workshops)\'','Friday, Aug 7, 09:00 - 12:59 PDT
'),(182004,'\'AWS Principal Threat Hunting: Behavioral Baselining for Malicious Activity\'','workshops','\'Creator: DEF CON Workshops

Cloud security encounters attacks that elude standard detection. In AWS, unauthorized access keys are a common cause of breaches. The vastness of AWS—over 450 services and 20,000 API actions—complicates threat visibility and exposes gaps in traditional tools.

\n\n

This workshop empowers participants with direct, hands-on experience using the AWS Threat Hunter tool to improve threat detection. Attendees will focus on building behavioral baselines and leveraging data-driven analysis to detect subtle AWS principal anomalies, enabling more precise detection than traditional event monitoring.

\n\n

Attendees will move beyond standard techniques by building multi-stage detection pipelines that create individualized baselines for each IAM principal and systematically flag personalized deviations, linking outliers directly to risks.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/fri_pm_ws3_4091
\n
People:
    SpeakerBio:  Rodrigo \"Sp0oKeR\" Montoro
\n

Rodrigo Montoro is the CTO at Clavis Security, bringing over 25 years of leadership and technical expertise to the information technology and cybersecurity landscape. Throughout his career, Rodrigo has been a pioneer in open-source security, specializing in incident detection, response, and Cloud Security. A two-time patented inventor, he holds proprietary technologies for detecting malicious digital documents and analyzing malicious HTTP traffic. With a resume that includes key research roles at Tenchi Security, Apura, Tempest, Sucuri, and SpiderLabs, Rodrigo is a globally recognized authority who frequently speaks at elite conferences such as DEF CON Workshops (2023), DEF CON Cloud Village (3x), Black Hat Brazil Summit, SANS (DFIR, SIEM Summit, CloudSecNext), Source (Boston and Seattle), Toorcon (San Diego), Sector Canada (6x), and BSidesLV.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66456','','',66456,'\'Map Page - LVCCW Level 2 W228 (Workshops)\'','Friday, Aug 7, 14:00 - 17:59 PDT
'),(182005,'\'All About Stoopie InfoStealers: Malware Analysis for Understanding, Custom Coding for True Understanding!\'','workshops','\'Creator: DEF CON Workshops

Infostealers suck. We all know that. We don\'t like them. We want you to learn all that you can about them to help thwart the ongoing, ever-evolving threat. On that note, current infostealers are largely rule-based and path-driven, targeting known browser stores and wallets with noisy exfiltration methods. This four-hour workshop, led by Ryan Chapman and Aaron Rosenmund, moves beyond basic comprehension via observation to explore the evolution of precision-based malware. Students will utilize a live, on-demand lab environment to perform deep malware analysis using Ghidra to understand how current stealers operate.\nThe session then transitions from analysis to creation, where attendees code, compile, and re-build their own \"evolved\" stealers. We replace static file targeting with in-memory relevance models and trade obvious HTTPS exfiltration for stealthy timing and protocol-native patterns. This hands-on, kinesthetic experience focuses on building a custom arsenal from the ground up. Participants will learn to enhance their tools with behavioral stealth, transitioning from identifying \"stoopie\" patterns to implementing advanced, AI-driven tradecraft and custom red team tool operations.\nYou won\'t just learn how what an infostealer is. You\'ll learn how they operated end-to-end. Join us :).

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/fri_pm_ws6_4093
\n
People:
    SpeakerBio:  Ryan \"@rj_chap\" Chapman
\n

Ryan Chapman is the author of SANS‚ FOR528: Ransomware and Cyber Extortion‚ course, teaches SANS‚ FOR610: Reverse Engineering Malware‚ course, and works as a threat hunter @ $dayJob. Ryan has a passion for life-long learning, loves to teach people about ransomware-related attacks, and enjoys pulling apart malware. He has presented workshops at DefCon and other conferences in the past and knows how to create a step-by-step instruction set to maximize hands-on learning.

\n\nSpeakerBio:  Aaron \"Ironical\" Rosenmund
\n

Aaron Rosenmund is an accomplished cybersecurity professional with extensive experience in various leadership roles across multiple organizations. Currently serving as the Managing Director of Tradecraft and Programs at OnDefend since September 2024, Aaron also holds a position at the National Guard Bureau as Staff Lead for the Cyber Shield Red Team, demonstrating a commitment to enhancing cybersecurity defenses. With a background that includes significant roles at Pluralsight, where responsibilities spanned content strategy and security skills development, and the Florida Air National Guard as a Lead Cyber Operator focused on defensive operations, Aaron has developed a comprehensive skill set in threat emulation, cyber system operations, and training. Additionally, past leadership positions as CEO at Aestus Industries and Vice President at Concrete Surface Innovations underscore strong management capabilities and operational expertise. Aaron holds multiple degrees in technology and cybersecurity from respected institutions, underscoring a solid educational foundation in this field.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66457','','',66457,'\'Map Page - LVCCW Level 2 W231 (Workshops)\'','Friday, Aug 7, 14:00 - 17:59 PDT
'),(182006,'\'Embedded Computing Tools for Wireless Hardware Hacking\'','workshops','\'Creator: DEF CON Workshops

Hands-on exploration of embedded hardware tools implementing multiple wireless communication standards. Experiment with Wi-Fi wireless local area network (WLAN) technology and Bluetooth personal area network (PAN) technology. Stream audio to and from a variety of endpoints. Configure a Nordic nRF52 Bluetooth sniffer to capture and analyze wireless communications using Wireshark. Examine the design and manufacture of an exclusive dual-core embedded hardware target supporting both Wi-Fi and Bluetooth. Leverage the target to experiment with microcontroller-based wireless hardware hacking. Practice both sinking and sourcing Bluetooth Audio streams into and out of the hardware target. Capture Wi-Fi packets using onto the hardware target for transfer to Wireshark for analysis. Perform example security exploits and countermeasures using embedded wireless hardware tools.

\n\n

PLEASE NOTE: This workshop requires purchasing the necessary hardware tools. A link to complete the purchase of $60 will be provided upon registration for the workshop. The purchased kits will be distributed during the workshop.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/fri_pm_ws4_4046
\n
People:
    SpeakerBio:  Joseph Long
\n

Joseph Long has been tinkering, designing, and hacking electronic systems for about forty years. He is the founder of HackerBoxes.com, the monthly subscription box service for electronics, cybersecurity, and hacker culture. Joseph is a licensed professional engineer and patent attorney who loves to teach electrical engineering and computer science topics.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66458','','',66458,'\'Map Page - LVCCW Level 2 W233 (Workshops)\'','Friday, Aug 7, 14:00 - 17:59 PDT
'),(182007,'\'Introduction to Malware Analysis\'','workshops','\'Creator: DEF CON Workshops

Analyze malware to find indicators of compromise using static and dynamic techniques. We will analyze Windows executables at the binary level and modify them to cheat at games. We will examine both compiled code and DOTNET executables. We will also examine defenses to prevent memory-corruption attacks, including coding in Rust.

\n\n

We will demonstrate the techniques and help attendees solve challenges. There are dozens of hands-on projects, with a running CTF scoreboard. Some of the projects are easy enough for beginners, and others will challenge experienced experts. Every participant should leave with some new skills.

\n\n

All materials are freely available on the Web at samsclass.info and will remain available after the workshop is over.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/fri_pm_ws5_4019
\n
People:
    SpeakerBio:  Sam Bowne
\n

Sam Bowne has been teaching computer networking and security classes at City College San Francisco since 2000. He has given talks and hands-on trainings at DEF CON, DEF CON China, Black Hat USA, HOPE, BSidesSF, BSidesLV, RSA, and many other conferences and colleges. He founded Infosec Decoded, Inc., and does corporate training and consulting for several Fortune 100 companies, on topics including Incident Response and Secure Coding.

\n\n

Formal education: B.S. and Ph.D. in Physics\nIndustry credentials:

\n\n

Infosec: CISSP, Certified Ethical Hacker, Security+, Defcon Black Badge, Splunk Core Certified User\nNetworking: Network+, Certified Fiber Optic Technician, HE IPv6 Sage, CCENT, IPv6 Forum Silver & Gold, Juniper JN0-101, Wireshark WCNA\nMicrosoft: MCP, MCDST, MCTS: Vista

\n\nSpeakerBio:  Elizabeth Biddlecome
\n

Elizabeth Biddlecome is a consultant and instructor, delivering technical training and mentorship to students and professionals. She leverages her enthusiasm for architecture, security, and code to design and implement comprehensive information security solutions for business needs. Elizabeth enjoys wielding everything from soldering irons to cripting languages in cybersecurity competitions, hackathons, and CTFs.

\n\nSpeakerBio:  Kaitlyn Handelman
\n

Kaitlyn Handelman is an offensive security engineer at Amazon. Her\nfocus is cybersecurity in space. In addition to traditional\npenetration testing, Kaitlyn works on physical devices and RF signals.\nIn her free time, she enjoys ham radio, astronomy, and her cat,\nAstrocat.

\n\nSpeakerBio:  Irvin Lemus
\n

Irvin Lemus, CISSP is a Cyber Range Engineer at By Light IT\nProfessional Services, training military personnel through\ninternational cyber security exercises. Irvin has been in the field\nsince 2006, involved with cybersecurity competitions since 2015 as a\ntrainer, coach, and mentor. He also has taught IT and Cybersecurity\ncourses at Coastline and Cabrillo\nColleges.\nHe is the BACCC Cyber Competitions Regional Coordinator, Board member\nat Pacific Hackers and is a speaker at DEFCON. He describes himself\nas, \"A professional troublemaker who loves hacking all the things.\"

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66459','','',66459,'\'Map Page - LVCCW Level 2 W232 (Workshops)\'','Friday, Aug 7, 14:00 - 17:59 PDT
'),(182008,'\'Investigating and Responding to M365 account compromise on a shoestring: Living of the Land Incident Response\'','workshops','\'Creator: DEF CON Workshops

A compromised mailbox. An inbox rule named \".\". An OAuth consent to an unknown application. A sign-in from a cloud-hosting ASN with user-agent \"axios\" and MFA status \"satisfied by claim in token\". Somewhere in there is the story - and somewhere in the Microsoft 365 logs is the evidence.\nThis four-hour hands-on workshop teaches Business Email Compromise investigation in the tenants most responders actually see: M365 Business Premium or E3. No Sentinel. No SIEM. No problem. Using only native admin centers, PowerShell modules, and a few scripts, you will run a complete BEC investigation end to end.\nWorking through several progressive scenarios, from single-user compromise, through lateral-pivot case with MailItemsAccessed analysis, to multi-account incident with a malicious enterprise app and transport rule. You will learn how to contain, collect, triage, pivot, expand scope, remediate, and produce the three common reporting deliverables: investigation report, attestation letter, internal post-mortem.\nThis is Living off the Land Incident Response. Through chronology and topology, come correlate some logs with me and see what story they tell.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/fri_pm_ws8_4033
\n
People:
    SpeakerBio:  Vince \"bitpusher\" Weppner
\n

Vincent M. Weppner (Bitpusher) is an Information Security Specialist with 10+ years of dedicated cybersecurity focus and 25 years in IT overall. He works as a Security Analyst at a mid-market MSP and runs an independent IT consulting practice at theTechRelay.com. Generally found lurking in the mountains of Southern California, and occasionally maintaining his open-source tooling at github.com/bitpusher2k.\nHis day-to-day work covers M365 security operations, Active Directory and endpoint security, BEC/ransomware incident response, EDR/SIEM management, and security consulting for SMB and mid-market clients. Specialization in Business Email Compromise was built out of direct operational need: after dozens of BEC incidents, the pattern of \"which script do I need to run right now?\" became clear enough to codify. Passionately solving puzzles through scripting, and hoping to pass on some of it to you.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66460','','',66460,'\'Map Page - LVCCW Level 2 W222 (Workshops)\'','Friday, Aug 7, 14:00 - 17:59 PDT
'),(182009,'\'OT Systems: how to secure them in practice!\'','workshops','\'Creator: DEF CON Workshops

Securing OT systems is often presented as challenging, with multiple business constraints - but is it that complicated, especially considering a single industrial site?\nIn this 4-hour, hands-on workshop, each participant will manipulate a simple but realistic Industrial Control System setup with SCADA systems & PLCs. Attendees will have the opportunity to secure it step by step, through several hands-on exercises & discover how to manually secure OT systems: OT inventory, backups, network security, system hardening and detection.\nWhat if the real challenge is OT security at scale? Besides implementing manual security on our setup, we will address each step of the way OT security at scale and share feedback on how large companies are securing their OT systems, both at organizational & technical level: community of OT cyber correspondents, OT DMZ and security tools deployment.\nNo prior OT experience is required.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/fri_pm_ws7_4014
\n
People:
    SpeakerBio:  Alexandrine Torrents
\n

Alexandrine Torrents is a cybersecurity expert at Wavestone. She started as a penetration tester, and then specialized in OT cybersecurity. She is IEC 62443 certified. She performed dozens of OT cybersecurity assessments across various industries & worked on OT models to perform attacks on PLCs & SCADA systems. Alexandrine also helps secure OT both at technical & organization levels: secure architecture, system hardening, IAM, cyber resilience, detection, governance, awareness & training, risk assessment, cyber by design, etc. Alexandrine works with different CISOs on their OT cybersecurity roadmaps & programs at different scales of large industrial companies: site, business units, Group with worldwide scope. Alexandrine also gives training on OT cybersecurity.

\n\nSpeakerBio:  Arnaud SOULLIE
\n

Arnaud Soullie is a Senior Manager at Wavestone. He has over 15 years of experience in security assessments and penetration testing, with 10 years specializing in Industrial Control Systems cybersecurity. He has delivered talks and workshops at DEF CON, Black Hat Europe, BruCON, CS3STHLM, BSides Las Vegas, and others. He is the creator of the DYODE open-source data diode project and has been teaching ICS cybersecurity since 2015.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66461','','',66461,'\'Map Page - LVCCW Level 2 W225 (Workshops)\'','Friday, Aug 7, 14:00 - 17:59 PDT
'),(182010,'\'Reaching Mythos: Hands-On Vulnerability Discovery with Local AI Models\'','workshops','\'Creator: DEF CON Workshops

Anthropic, April 2026: Claude Mythos Preview is \"strikingly capable\" at zero-day discovery. They chose not to release it.

\n\n

AISLE, one week later: \"The moat in AI cybersecurity is the system, not the model.\" They reproduced Mythos-class findings on FreeBSD with a 1,700-line scan.py and a commodity model for under $100.

\n\n

This four-hour hands-on workshop is the local-hardware version of that argument. Two reproductions, two domains, one harness pattern.

\n\n

Part I: point AISLE\'s open-source pipeline at a pre-patch FreeBSD checkout through a hosted local-AI inference endpoint and reproduce the 17-year-old CVE-2026-4747 that drove Mythos, for sub-dollar spend.

\n\n

Part II: change domains. Drive Ghidra through MCP tool calls against unpatchable D-Link DNS-320L firmware. Validate CVE-2024-3273 with the advisory in hand, then rediscover it from a blank start once the harness moves enumeration into the driver.

\n\n

What happens next is what you come to find out. Same hardware, same model, same harness, four hours later: can local AI extend the famous disclosure with bugs the original missed? Come see for yourself.

\n\n

No GPU. No API. No cloud spend. The workshop hosts inference for the room.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/fri_pm_ws2_4092
\n
People:
    SpeakerBio:  John \"clearbluejar\" McIntosh
\n

John McIntosh (@clearbluejar) is a security researcher and founder of ClearSecLabs, specializing in reverse engineering, vulnerability research, and AI-assisted binary analysis. He is the author of ghidriff, an open-source Ghidra-based binary diffing engine, and pyghidra-mcp, a headless Ghidra MCP server enabling LLM-driven, project-wide, multi-binary reverse engineering workflows. An active contributor to the Agent Skills ecosystem, John bridges deterministic analysis with AI-driven reasoning to accelerate vulnerability research. He has delivered training and workshops at DEF CON, Black Hat, REcon, Ringzer0, 44CON, Objective by the Sea, and Insomni\'hack, covering topics from practical Windows reverse engineering to building private local LLM RE stacks. His recent work includes the \"Agentic RE\" training at DEF CON Singapore 2026, the MCP Ghidra workshop at REcon 2025, and the \"Supercharging Ghidra\" LLM workshop at Ringzer0 COUNTERMEASURE 2025. With over a decade of offensive security experience, John publishes detailed research on reversing CVEs, building RE tooling, and agentic patch diffing at clearbluejar.github.io. His teaching emphasizes reproducibility, progressive skill-building, and contributor empowerment.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66462','','',66462,'\'Map Page - LVCCW Level 2 W229 (Workshops)\'','Friday, Aug 7, 14:00 - 17:59 PDT
'),(182011,'\'Solder, Detect, Listen: Build Your Own EMF Explorer\'','workshops','\'Creator: DEF CON Workshops

Every electronic device around you is silently broadcasting electromagnetic signals. In this\nhands-on workshop, you will build an SMD (surface-mount) version of the EMF Explorer from bare PCB to\nworking device, learning progressive SMD soldering techniques from 1206 down to 0603 component sizes\nalong the way. Geared for absolute beginners who are new to soldering and electronics. This session pairs each build stage with a circuit theory deep dive: you will understand the voltage divider powering your board, the op-amp gain stages amplifying\nEMF signals into audible sound, and how inductor geometry shapes what you can hear. Walk\naway with a functional EMF listening device, new SMD skills transferable to real-world hardware hacking,\nand a deeper understanding of the electromagnetic emissions all around you.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/fri_pm_ws1_4045
\n
People:
    SpeakerBio:  Darcy \"@Drc3p0\" Neal
\n

Darcy Neal (Drc3p0) is an electronics educator and founder of SporkLogic, where they design open-source hardware kits and facilitate soldering workshops at maker and hacker events worldwide. With over 15 years in interactive audio-visual hardware design, Darcy\'s work spans RF experimentation, new media installations, boutique synthesizer production, and hands-on electronics education. Their flagship product, the EMF Explorer, is an accessible tool for sonifying electromagnetic fields. They collaborate regularly with Mitch Altman and the Hardware Hacking Assembly, and have taught large-scale soldering workshops across the global hacker community.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66463','','',66463,'\'Map Page - LVCCW Level 2 W230 (Workshops)\'','Friday, Aug 7, 14:00 - 17:59 PDT
'),(182012,'\'Battle-Tested Broadcasts: RF Insights From Ukraine\'','workshops','\'Creator: DEF CON Workshops

Every wireless thing in your life is broadcasting. The question is who\'s listening — and what they can do with it.\nBattle-Tested Broadcasts is a four-hour, hands-on workshop on RF detection and direction finding, framed by the most demanding live laboratory in the world for these techniques: the Ukrainian frontline. We start with universal foundations — frequency, modulation, antennas, what your SDR can and can\'t see — and pivot into where neural-time RF detection becomes existential: drones. A pilot powers up an FPV controller thirty seconds before impact. Pure RF detection is often the only sensor in the chain that catches the threat before the drone leaves the ground.\nWe cover what\'s actually in the air across a contested battlefield slice — controllers, video downlinks, telemetry beacons, battlefield comms, GNSS, and the increasingly exotic bands operators are pushing into to dodge electronic warfare. We dissect the honest limits of common off-the-shelf SDR tooling, and the ways adversaries already evade pure RF detection: from fiber-optic and autonomous drones to wired front-line networks, frequency hopping, and out-of-scan spectrum.\nAttendees solder and flash a Signal Compass — a pocket ESP32 signal detector with directional bearing. Rotating lab stations cover passive scanning, fingerprinting, direction findi

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/sat_am_ws4_4077
\n
People:
    SpeakerBio:  Preston Zen
\n

Preston Zen ‚ the original creator of 1337sheets.com, OSCE3 certified, now leading Kaizen Labs out of a Japan / Ukraine hybrid office. Software, hardware, and cybersecurity background. Volunteering in Ukraine since 2022 with NGOs including Dronarnia, BeeTA, American Made Freedom, and Shield of Freedom on drone systems, RF detection, EW countermeasures, and humanitarian logistics. DEFCON regular since DC25 and a Hac-Man CTF contributor for the past three years. He\'s shipped more boards than he\'s counted, and has spent enough time near the Ukrainian frontline to have strong opinions about which detection tools actually work when the noise floor is on fire.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66464','','',66464,'\'Map Page - LVCCW Level 2 W233 (Workshops)\'','Saturday, Aug 8, 09:00 - 12:59 PDT
'),(182013,'\'Detecting and Analyzing Memory Only Malware with Volatility 3\'','workshops','\'Creator: DEF CON Workshops

Memory-only malware is now commonly used by threat actors ranging from criminal organizations to ransomware operators to APT groups. To detect such malware, memory forensics, which is the examination of a system’s volatile memory (RAM), must be performed. Volatility 3 is the latest version of the Volatility Memory Analysis framework and is the most widely used open-source framework for memory forensics. In this workshop, students will learn how to use Volatility 3 to detect the most sophisticated malware techniques found in the wild. This learning will occur through a mixture of lectures, live demos, and extensive hands-on labs where students analyze memory samples infected with real malware. While students work through labs, instructors walk to each student’s station to ensure they are progressing. An instructor also walks through each lab live upon completion, and students are given a 35+ page lab guide that contains all the scenarios, questions, and detailed answers. Students can later use the course slides and lab guide to practice as well as to guide real-world investigations. The workshop’s instructors are core Volatility developers who have made significant contributions to the project. By attending this workshop, students will gain deep knowledge and hands-on experience analyzing memory-only malware.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/sat_am_ws5_4024
\n
People:
    SpeakerBio:  Andrew Case
\n

Andrew Case is the Director of Research at Volexity and has significant experience in incident response handling, digital forensics, and malware analysis. Case is a core developer of Volatility, the most widely used open-source memory forensics framework, and a co-author of the highly popular and technical forensics analysis book \"The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory.\" Case has spoken at many industry conferences, including DEF CON, Black Hat, RSA, DFRWS, SecTor, BSides*, and OMFW.

\n\nSpeakerBio:  Pierre \"Abyss Watcher\" Breton
\n

Pierre (Abyss Watcher) Breton is a researcher at Volexity, holding a Master of Science in Cybersecurity, specializing in digital forensics, malware analysis and detection engineering. He is a primary contributor to Volatility, the most widely used open-source memory forensics framework. Breton has demonstrated a great ability to assist the incident response community by developing innovative capabilities and resources. He conveys his passion through the organization of CTF events and training sessions that showcase both accessible and challenging topics.

\n\nSpeakerBio:  David McDonald
\n

David McDonald is a researcher and software engineer with 5 years of digital forensics R&D experience. His passion for this field began with his involvement in the University of New Orleans CTF team, as well as through his time as a Systems Programming teaching assistant. After over two years of digital forensics research and development on Cellebrite\'s computer forensics team, he joined Volexity\'s Volcano team, where he now works to develop next-generation memory analysis solutions. He believes deeply in sharing knowledge and helping others discover their abilities and interests through their own journeys in cybersecurity, and strives to pay forward the benefits of the mentorship that has opened so many doors for him.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66465','','',66465,'\'Map Page - LVCCW Level 2 W232 (Workshops)\'','Saturday, Aug 8, 09:00 - 12:59 PDT
'),(182014,'\'Explore the Windows instrumentation callback\'','workshops','\'Creator: DEF CON Workshops

The Nirvana Debug is a type of instrumentation callback existing since Windows 7. This workshop idea is to see how this feature can be weaponized in order to either:\n- Hijack execution flow\n- Perform process injection\n- Perform sleep obfuscation for C2 beacon

\n\n

During this workshop, you will learn the main principle of Nirvana Debugging, and try to weaponize it. Some debugging, reverse and coding will be needed in order to create a new malware that will evade classic EDR solutions.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/sat_am_ws7_4006
\n
People:
    SpeakerBio:  Yoann \"OtterHacker\" DEQUEKER
\n

Yoann Dequeker (@OtterHacker) is a red team operator at Wavestone entitle with OSCP and CRTO certification. Aside from his RedTeam engagements and his contributions to public projects such as Impacket, he spends time working on Malware Developpement to ease beacon deployment and EDR bypass during engagements and is currently developing a fully custom C2.

\n\n

His research leads him to present his results on several conferences such as LeHack (Paris), Insomni\'hack (Swiss) or even through a 4-hour malware workshop at Defcon31,32 and 33 (Las Vegas). All along the year, he publishes several white papers on the techniques he discovered or upgraded and the vulnerabilities he found on public products.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66466','','',66466,'\'Map Page - LVCCW Level 2 W225 (Workshops)\'','Saturday, Aug 8, 09:00 - 12:59 PDT
'),(182015,'\'HackTheCloud26: Chaining Cloud Misconfigurations to Compromise Infrastructure\'','workshops','\'Creator: DEF CON Workshops

HackTheCloud25 CTF Manager is an automated orchestration framework designed for the management of cloud cybersecurity challenges. It enables the deployment of intentionally vulnerable laboratories across AWS, Azure, and GCP using Terraform as the underlying Infrastructure-as-Code engine. The solution centralizes challenge definitions via YAML files, managing complex dependencies, dynamic variables, and resource outputs through a unified command-line interface (CLI) to list, deploy, destroy, and monitor resources in a controlled environment.

\n\n

Furthermore, the framework incorporates environment validation, automated credential detection, detailed event logging, and support for reusable configurations, ensuring high scalability and traceability for complex attack scenarios. Collectively, the CTF Manager provides a reproducible and extensible approach to orchestrating practical cloud security exercises for educational purposes, streamlining the creation, operation, and maintenance of vulnerable infrastructures within dedicated testing environments.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/sat_am_ws1_4034
\n
People:
    SpeakerBio:  HackeMate
\n

HackeMate is the host of the YouTube channel under the same name, where the creator, an Offensive Cybersecurity Engineer, shares their expertise in ethical hacking, as well as offensive and defensive security. With over 30,000 subscribers engaged in the world of cybersecurity, they have established themselves as a key figure in the community through challenges, technical analyses, and hands-on demonstrations.\nProfessionally, HackeMate holds Red Team certifications such as the eLearnSecurity Junior Penetration Tester (eJPT) and Web Penetration Tester (eWPT), along with Blue Team certifications like Microsoft Azure Fundamentals (AZ-900) and Microsoft Security, Compliance, and Identity Fundamentals (SC-900). They are also a Google Product Expert for Google Drive, contributing their knowledge in cloud security and optimization.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66467','','',66467,'\'Map Page - LVCCW Level 2 W230 (Workshops)\'','Saturday, Aug 8, 09:00 - 12:59 PDT
'),(182016,'\'Hecate: A Trivial UART Tool\'','workshops','\'Creator: DEF CON Workshops

Hecate is an open source UART implant framework designed to make common hardware hacking tasks easy with minimal code. It turns any CircuitPython microcontroller into a powerful, customizable UART implant.

\n\n

In this workshop, you\'ll get to use all the core features of Hecate and see how they work against multiple target devices. We\'ll start hands-on by listening to a device\'s UART output, and then configuring Hecate to operate in standalone mode and log that UART data to a file. Once we\'ve seen it in action, we\'ll step back for a bit of lecture about UART, what it\'s used for, and what we designed Hecate to be capable of. Armed with this knowledge, you\'ll dive into two more hands-on labs: a payload dropper that will playback a custom transaction and a simple detector that will signal an alert when it detects a pattern. We\'ll reconvene for a last bit of lecture on how to use some of Hecate\'s advanced features, before you dive into the final lab: implement a full implant-in-the-middle capable of modifying UART data in flight.

\n\n

Hecate makes developing embedded implants trivial, while remaining flexible enough for advanced research and rapid prototyping. You\'ll walk away with hands-on experience using the Hecate framework and a working understanding of what\'s possible with UART interception, manipulation, and exploitation

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/sat_am_ws6_4072
\n
People:
    SpeakerBio:  mx
\n

Maxie is an erstwhile cloud infrastructure engineer, formerly an SRE at Google Cloud Platform and others. She came to the world of hardware hacking and embedded devices first as a pleasant escape from the quotidian indignities of working in the cloud, and she stayed for the addictive aroma of flux fumes. She enjoys making ill-advised expansions to her homelab and spending evenings at her local hackerspace in Portland, OR.

\n\nSpeakerBio:  Joe \"SecurelyFitz\" FitzPatrick
\n

Joe FitzPatrick (@securelyfitz) is a trainer and researcher at SecuringHardware.com with a personal mission to make all hardware devices at least a bit more secure. He builds tools like Tigard and Erebus, and teaches Applied Hardware Attacks trainings to help people break - and secure - their hardware devices. His actual superpower is the ability to instantly end awkward conversational pauses if you ask him about BSides Portland, the CTRL-H Hackerspace, or drone taco delivery at ToorCamp.

\n\nSpeakerBio:  nyx
\n

nyx is a Portland-based hacker, engineer, and self-described cyberpunk. As an unwilling participant in the late-capitalist, mass-surveillance dystopia, he is passionate about digital privacy, data self-custody, and running his own infra. While voiding warranties has long been one of his favorite pastimes, he has lately been fortunate enough to do it professionally as well.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66468','','',66468,'\'Map Page - LVCCW Level 2 W231 (Workshops)\'','Saturday, Aug 8, 09:00 - 12:59 PDT
'),(182017,'\'Step-by-Step Malware Development: Evading EDR from Loaders to the Kernel\'','workshops','\'Creator: DEF CON Workshops

Endpoint Detection and Response (EDR) systems are key parts of modern security. This workshop provides a guide for custom malware development, C2 customization, defense evasion, and kernel exploitation. We will use Elastic Defend throughout the session. By analyzing detection logs and rules, we will understand what EDR monitors and why payloads are caught step by step.

\n\n

After a short overview of Windows defenses and EDR, we focus on malware development. Participants will implement typical malware techniques, such as APC Injection, Thread Hijacking, Fiber and Module Stomping in multiple languages. Next, we learn about call stack analysis. Attendees will implement Stack Spoofing and Indirect Syscalls to hide execution flows and bypass stack analysis.

\n\n

The workshop then moves to C2 customization using the Havoc C&C framework. By combining custom loaders with C2 source code modifications, participants will bypass static signatures, behavioral rules, and AI detection to successfully establish a C2 session.

\n\n

Finally, we’ll demonstrate the possibilities of Bring Your Own Vulnerable Driver (BYOVD) attacks for the post-exploitation phase. When we have access to the kernel space, we can take more aggressive measures. We’ll use some vulnerable drivers to kill or blind an EDR sensor itself.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/sat_am_ws3_4049
\n
People:
    SpeakerBio:  Yu Terada
\n

Yu Terada is a security researcher and a red team consultant for Fujitsu. He worked as a SOC Analyst and CSIRT for over five years. In 2021, he joined the company as a Security Researcher. He is primarily involved in developing new attack methods and tools. He also participates in internal red team activities and cyber exercises.\nHe has spoken at Black Hat USA/Europe, BSides Las Vegas, Code Blue, and several conferences in Japan. He holds a Master\'s degree in Computer Science, as well as certifications including OSEP, OSCP, CRTL, CETP, ODPC, CISSP, GIAC, etc.

\n\nSpeakerBio:  Kotaro \"@Decamark / @BinaryPoodle\" Osugi
\n

Kotaro Osugi is a security researcher and a red team consultant who has his profession in reverse-engineering.\nHis research area includes malware analysis and binary exploitation.\nHe has given a speech at BHEU Arsenal about a tool for kernel exploitation.\nOSED and OSEE certified.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66469','','',66469,'\'Map Page - LVCCW Level 2 W228 (Workshops)\'','Saturday, Aug 8, 09:00 - 12:59 PDT
'),(182018,'\'Wi-Fight Club: I am Jack\'s Evil Twin\'','workshops','\'Creator: DEF CON Workshops

\'Wi-Fight Club: I am Jack\'s Evil Twin\' will teach you how to deploy rogue AP (Evil Twins) in your client\'s environment. Using rogue APs lets you test your client\'s Wireless Intrusion Detection System, passwords, wireless phishing education, and overall wireless security.

\n\n

We will discuss rogue AP Tactics, Techniques, and Procedures, and how / why they work. In this workshop you will set up a CAPTIVE PORTAL, WPA2, and 802.1x rogue AP. We will also go over OWE and WPA3-SAE transition mode attacks.

\n\n

We will walk through a scenario at a client\'s site, then set up a rogue AP to harvest user credentials for the various client networks. We will then crack the harvested credentials. We will finish up with a section on defense. We will be using EAPHAMMER, HOSTAPD-MANA, WIFIPHISHER, and AIRBASE-NG for the rogue AP section. HASHCAT, AIRCRACK-NG, and JOHN for the password cracking section. This workshop is for beginners, but participants should have basic Linux and 802.11 knowledge and be comfortable using virtual machines.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/sat_am_ws8_4004
\n
People:
    SpeakerBio:  James Hawk
\n

James Hawk (He/Him) is a Principal Consultant with Google Public Sector within Proactive Services. He is the wireless subject matter expert for his team. James has led and contributed to numerous assessments (Red Teams and pentests). He has developed internal training and tool updates for 802.11 for his company. James is a 20-year veteran of the U.S. Army and has over 10 years of hands-on experience in wireless technologies. James is constantly researching/testing 802.11 attacks against his home lab. He is a fan of hockey, LetterKenny, and almost anything sci-fi.

\n\nSpeakerBio:  Jon \"C4V3M4N\" Milkins
\n

Jon Milkins (He/Him) is a principal penetration tester focusing on all types of penetration tests from network-based to web applications and APIs to more recently wireless networks. He has developed training and pentest utilities throughout his career to help advance team capabilities. He is a former Army veteran and is attempting to curate small and efficient rulesets for Hashcat in his free time to aid in wireless hash cracking. In his free time, he enjoys playing and running TTRPGs like Delta Green, password cracking, and making hard cider.

\n\nSpeakerBio:  Brian Burnett
\n

Brian Burnett is the founder of Offensive Technical Solutions (OTS) where he conducts web-application, internal network, and cloud penetration tests. Prior to founding OTS, he served five years in the United States Army, followed by seven years supporting internal teams at Fortune 500 companies. Brian holds degrees in computer science, pentesting, theology, and Russian. He enjoys tinkering with his home lab, collecting certifications, and committing poorly written code. His hobbies include Brazilian Jiu-Jitsu, purchasing unnecessary power tools, and CrossFit.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66470','','',66470,'\'Map Page - LVCCW Level 2 W222 (Workshops)\'','Saturday, Aug 8, 09:00 - 12:59 PDT
'),(182019,'\'Words As Weapons: Breaking AI and Agents; Then Securing Them\'','workshops','\'Creator: DEF CON Workshops

Most \"AI security\" talks stop at the slide that says \"prompt injection is bad.\" This workshop does the opposite. Attendees spend four hours inside a working, vulnerable production-style AI system - a mock car dealership backed by a real LLM, a real database, and real tool calls - and learn to break it, watch it break, then put it back together with defenses that actually hold.\nYou will: \n(1) manipulate prices and inventory using direct and indirect prompt injection, \n(2) reproduce an EchoLeak-style zero-click data exfiltration against a RAG pipeline, \n(3) execute a model-extraction attack against a deployed classifier, and \nEach of these modules will layer in defenses one at a time to see how the AI reacts. We close by mapping everything to OWASP LLM Top 10, OWASP Agentic Top 10, NIST AI RMF, and MITRE ATLAS.\nBuilt for red teamers handed AI in scope, blue teamers watching agents deploy faster than detections exist, AppSec engineers who used to own the API and now own a chat window, and developers curious what \"prompt injection\" looks like when it costs money. No prior AI-security background required.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/sat_am_ws2_4095
\n
People:
    SpeakerBio:  Pavan \"pavanreddysec\" Reddy
\n

Pavan Reddy is principal developer at Automata LLC, leading FIPS 140-3, FedRAMP ATO, and AI security initiatives. He is an independent AI security researcher and educator focused on making secure AI accessible at scale. He founded QBTrain, a free platform for hands-on AI and AI security education. His peer-reviewed work, published at AAAI, ACM, FLAIRS, HCII, ACSAC, and NeurIPS, spans adversarial ML, prompt injection, and foundation model vulnerabilities. He has delivered 25+ talks and workshops at BSides, OWASP, SquadCon, CAPWIC, ACM SIGCITE, NeurIPS Education, FLAIRS, CVPR 2026 and TechMentor at Microsoft HQ. He holds an MS in CS from George Washington University.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66471','','',66471,'\'Map Page - LVCCW Level 2 W229 (Workshops)\'','Saturday, Aug 8, 09:00 - 12:59 PDT
'),(182020,'\'Building Agentic Reverse Engineering \"Skills\"\'','workshops','\'Creator: DEF CON Workshops

Agentic reverse engineering blends interactive binary analysis with autonomous agent workflows. Building on workshops at REcon and DEF CON Singapore, this session introduces Agent Skills, structured bundles of instructions, scripts, and resources that coding agents discover and execute. Skills enable multi-step RE tasks with high accuracy and minimal prompting via workflow capture and progressive disclosure.

\n\n

Participants learn how coding agents operate through iterative loops (generate, execute, inspect, refine) and how Skills plug into these loops. The workshop is hands-on: attendees build a multi-platform driver-analysis Skill automating IOCTL enumeration, dispatch-flow analysis (Windows IRPs, Linux file ops, macOS IOKit), code-flow analysis, and workflow capture. A capstone challenge has participants build a second Skill from scratch.

\n\n

Supports Claude Code, OpenCode, Mistral Vibe, and pi. The instructor provides LLM inference for all attendees, so no paid API keys are required. Students may also use free inference tiers from OpenCode or similar providers.

\n\n

Attendees leave with practical experience to implement agentic RE Skills in their own workflows. Basic familiarity with RE concepts and a laptop with a coding agent installed is all that is needed.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/sat_pm_ws6_4009
\n
People:
    SpeakerBio:  John \"clearbluejar\" McIntosh
\n

John McIntosh (@clearbluejar) is a security researcher and founder of ClearSecLabs, specializing in reverse engineering, vulnerability research, and AI-assisted binary analysis. He is the author of ghidriff, an open-source Ghidra-based binary diffing engine, and pyghidra-mcp, a headless Ghidra MCP server enabling LLM-driven, project-wide, multi-binary reverse engineering workflows. An active contributor to the Agent Skills ecosystem, John bridges deterministic analysis with AI-driven reasoning to accelerate vulnerability research. He has delivered training and workshops at DEF CON, Black Hat, REcon, Ringzer0, 44CON, Objective by the Sea, and Insomni\'hack, covering topics from practical Windows reverse engineering to building private local LLM RE stacks. His recent work includes the \"Agentic RE\" training at DEF CON Singapore 2026, the MCP Ghidra workshop at REcon 2025, and the \"Supercharging Ghidra\" LLM workshop at Ringzer0 COUNTERMEASURE 2025. With over a decade of offensive security experience, John publishes detailed research on reversing CVEs, building RE tooling, and agentic patch diffing at clearbluejar.github.io. His teaching emphasizes reproducibility, progressive skill-building, and contributor empowerment.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66472','','',66472,'\'Map Page - LVCCW Level 2 W231 (Workshops)\'','Saturday, Aug 8, 14:00 - 17:59 PDT
'),(182021,'\'Entra ID Persistence - Because Passwords Were Never the Problem\'','workshops','\'Creator: DEF CON Workshops

Modern enterprise security has shifted from network boundaries to identity, making Microsoft Entra ID a critical control plane and a prime target for persistence. While credential theft remains common, sophisticated attackers increasingly establish long-term access through identity-layer backdoors that survive password resets and evade traditional monitoring.

\n\n

We will explore how attackers achieve durable persistence in Microsoft Entra ID by abusing service principals, federated identities, passwordless authentication methods, and device trust relationships. The session highlights techniques that remain effective even after common remediation actions like credential rotation and MFA enforcement. Through guided, hands-on scenarios, participants will simulate these identity-layer persistence techniques and understand their real-world impact demonstrating how adversaries integrate into legitimate identity workflows to maintain covert, long-term access without raising immediate suspicion.

\n\n

Participants will step into the role of an adversary and explore how persistence is established and maintained inside Microsoft Entra ID. Rather than focusing on theory, this workshop breaks down real-world attack paths used to retain access beyond initial compromise highlighting techniques that survive password resets, MFA enforcemen

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/sat_pm_ws3_4074
\n
People:
    SpeakerBio:  Raunak \"Trouble1\" Parmar
\n

Raunak Parmar works as a senior cloud security engineer at White Knight Labs with 6+ years of experience. His areas of interest include web penetration testing, Azure/AWS security, source code review, scripting, and development. He enjoys researching new attack methodologies and creating open-source tools that can be used during cloud red team activities. He has worked extensively on Azure and AWS and is the author of Vajra, AzDevRecon and MsCodePhish. He has spoken at multiple respected security conferences like Black Hat, Defcon, Nullcon, RootCon, HackspaceCon, NorthSec, LeHack , etc and also at local meetups.

\n\nSpeakerBio:  Chirag \"3xpl01tc0d3r\" Savla
\n

Chirag Savla is a Cyber Security professional with 10+ years of experience. His areas of interest include penetration testing, red teaming, azure and active directory security, and post-exploitation research. He prefers to create open-source tools and explore new attack methodologies in his leisure. He has worked extensively on Azure, Active Directory attacks, defense, and bypassing detection mechanisms. He is an author of multiple Open Source tools such as Process Injection, Callidus, etc. He has presented at multiple conferences and local meetups and has trained people in international conferences like Blackhat, BSides Milano, Wild West Hackin’ Fest.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66473','','',66473,'\'Map Page - LVCCW Level 2 W228 (Workshops)\'','Saturday, Aug 8, 14:00 - 17:59 PDT
'),(182022,'\'From Prompt to PWN: Exploiting LLM Powered Web Applications with OWASP Techniques\'','workshops','\'Creator: DEF CON Workshops

This hands-on workshop explores the offensive security of AI-powered applications where Large Language Models connect to real tools via MCP (Model Context Protocol) servers. Over four hours, participants attack 11 purpose-built AI agents across 9 exercises, exploiting vulnerabilities mapped to the OWASP Top 10 for LLM Applications 2025.

\n\n

You will perform prompt injection (direct and indirect via RAG poisoning), force AI agents to generate malicious SQL/NoSQL queries through MCP tool interfaces, chain path traversal and SSRF through tool-calling parameters, abuse excessive agency via MCP-exposed CRUD operations, trigger stored XSS through LLM output, and achieve remote code execution via a poisoned supply chain, all through natural language conversation.

\n\n

This workshop is ideal for red teamers, penetration testers, security engineers, and developers building with LLMs. No prior AI or ML experience is required; every technique is demonstrated before the hands-on lab. Just bring a laptop with a browser.

\n\n

You walk away with practical experience exploiting 93 attack objectives against live LLM agents, a clear understanding of how traditional web vulnerabilities are amplified through AI tool-calling architectures, and the instincts to spot these risks in your own AI deployments.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/sat_pm_ws2_4022
\n
People:
    SpeakerBio:  Abhinav Verma
\n

Abhinav Verma is a Senior Staff Security Engineer at Intuit Inc. with 15+ years of experience across AI security, offensive security, red teaming, product security, and security operations. He currently leads AI security architecture reviews, AI penetration testing, and vulnerability management programs, with a focus on AI security, AI threat modeling, and securing large-scale cloud platforms.

\n\n

Over the course of his career at Intuit, he has built security automation, scaled continuous security scanning across thousands of assets, led secure design reviews for platforms serving millions of customers, and developed secure coding programs that have helped thousands of engineers shift security left. Abhinav was formerly an independent security researcher and has identified and reported vulnerabilities in numerous major online services and technology companies.

\n\n

He holds certifications including OSEP, OSCP, OSWP, GWAPT and CEH. Outside of work, Abhinav is a passionate gamer, a trained chef, an avid camper, and a mentor to aspiring offensive security practitioners.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66474','','',66474,'\'Map Page - LVCCW Level 2 W229 (Workshops)\'','Saturday, Aug 8, 14:00 - 17:59 PDT
'),(182023,'\'Hands-on DuckyScript: An Introduction to HID Attack Tools with O.MG Devices\'','workshops','\'Creator: DEF CON Workshops

\"Don\'t plug in devices you don\'t trust.\" It\'s one of the most repeated pieces of security advice in the\nindustry. What actually happens when a malicious USB device is plugged in? How does it work? This hands-on, four-hour workshop answers those questions by putting the tools directly in attendees\'\nhands. Using O.MG Devices and the DuckyScript v3 scripting language, participants will learn the\nfundamentals of Human Interface Device (HID) attacks from the ground up. Starting from USB protocol basics all the way through real payload design, delivery strategy, and advanced techniques including wireless triggering, C2 integration, and air-gapped exfiltration (using HIDX StealthLink). The class is beginner-friendly and builds progressively: no prior red teaming experience is required. Only a DuckyScript v3 device is required. Attendees will leave with working scripts, a framework for payload design, and an\nunderstanding of what attackers and defenders need to look for. We will cover OpSec, detection (and evasion), and how accessibility-first design thinking can make both attackers and defenders more effective.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/sat_pm_ws8_4037
\n
People:
    SpeakerBio:  wasabi
\n

wasabi is a researcher, tinkerer, and professor of cybersecurity whose work spans IoT and embedded\nsystems, cloud infrastructure, and offensive tooling. Their research focuses on uncovering systemic weaknesses across modern embedded environments, with an emphasis on practical exploitation and defensive resilience. When not tinkering, wasabi spends most of his time outdoors in nature.

\n\nSpeakerBio:  Ø1
\n

Ø1 is a seasoned offensive security professional who turned a lifelong passion into a dynamic career. Beginning as a machine operator, he transitioned into the world of cybersecurity, where he has since traveled globally, conducting and leading numerous penetration tests and red team engagements. With a wealth of hands-on experience, he excels at identifying vulnerabilities and strengthening defenses for organizations worldwide. In 2022, he joined the O.MG team, balancing this role alongside his primary job to contribute to product testing, documentation, tooling, and customer support.\nBeyond his professional pursuits, √ò1 is a devoted cat father with a love for guns, cars, BBQ, and gardening.

\n\nSpeakerBio:  Tokugero
\n

Tokugero is a Site Reliability Engineer and Cloud Architect focused on incident response, operations engineering, and running resilient infrastructure at scale. He works across the full ops stack — from system design and automation to the messy realities of keeping production healthy.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66475','','',66475,'\'Map Page - LVCCW Level 2 W222 (Workshops)\'','Saturday, Aug 8, 14:00 - 17:59 PDT
'),(182024,'\'Intro to Writing Windows Malware with Rust!\'','workshops','\'Creator: DEF CON Workshops

In the Information Security news space, we often hear about the cool malware and\ntools nation states and APTs develop. While there are many tools out there that\n\"do the thing\", have you ever wonder how it \"does the thing\"? Instead of just\nusing tools and scripts that sound cool, why not make them?

\n\n

Using the Rust programming language, you\'ll be taken step-by-step into\nbuilding your own Windows malware! We\'ll break down the process and work our\nway into more complex tasks. From a simple, no-imports binary we\'ll slowly work\ninto loading and executing Windows API functions without ever calling\n\"LoadLibrary\" or \"GetProcAddress\" while not touching a single Rust \"std::*\"\nfunction or importing any extra crates!

\n\n

You\'ll be introduced into Windows concepts like the Process Environment Block (PEB),\nthe Thread Environment Block (TEB) and how we can use them to our advantage! At\nthe end of this workshop, you\'ll be able to build binaries without any imports\nwhile doing fun tricks like shellcode injection!

\n\n

Some of the topics we\'ll touch on are:

\n\n
    \n
  • Assembly!
  • \n
  • Rust Allocators
  • \n
  • Windows Structs
  • \n
  • API Function Calls
  • \n
  • Binary File Inspection
  • \n
\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/sat_pm_ws1_4071
\n
People:
    SpeakerBio:  iDigitalFlame
\n

iDigitalFlame is an experienced security researcher that uses his programming skills to expand his abilities and provide teams with the tools needed to complete any engagement. Outside of work, his passion for open source and knowledge sharing has led to the creation of many unique tools and resources. iDigitalFlame also uses his skills to help power many CTFs, including the ProsVJoes CTF at BSidesLV, where he leads the Red Team and provides the platform for Red operations. iDigitalFlame has spoken before at BSidesDE and BSidesLV about cool things learnt in his research like AV evasion or releases open source software like ThunderStorm, a custom C2 platform used in many CTFs he operates in.

\n\nSpeakerBio:  Daniel Bravo
\n

Daniel is a self-taught programmer who later earned a B.S. in Computer Science from the University of Maryland. He likes to understand how software works by decompiling binaries and reverse engineering APIs, whether they were meant to be understood or not. Daniel also enjoys working on geospatial projects and web scraping tools, particularly extracting and reconstructing data from mobile platforms. His other interests also include compiler theory, automated reasoning, and verification-aware languages.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66476','','',66476,'\'Map Page - LVCCW Level 2 W230 (Workshops)\'','Saturday, Aug 8, 14:00 - 17:59 PDT
'),(182025,'\'Learning to Reverse Engineer Compiled C as We Learn to Write It\'','workshops','\'Creator: DEF CON Workshops
Software reverse engineering is a fundamental skill: a prerequisite
\nto engaging with many fields of study in computer security that depend
\non low-level knowledge. Malware analysis, vulnerability research,
\noffensive tool development, and digital forensics all involve the
\nanalysis of code which has been compiled, obfuscated, or otherwise
\nstripped of useful names, data types, comments, and other
\nhuman-readable information. Without the ability to read disassembled
\ncode, you will not be able to understand code that your computer will
\nhappily execute.
\n\n

In this workshop, I will guide you through learning to read\ndisassembled code while you learn C. We will progress through the C\nprogramming language\'s constructs with as few assumptions as possible\nabout your background, and at each stage we will reverse engineer the\ncompiler\'s output in Ghidra and trace through with a debugger to\nunderstand the generated code. You do not need any prior experience in\nprogramming.

\n\n

I will also be demonstrating useful techniques for using\nlocally-hosted large language models to aid in the learning process.\nUse AI to improve your own skillset, rather than using it to do the\nwork for you.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/sat_pm_ws5_4002
\n
People:
    SpeakerBio:  Wesley McGrew
\n

Dr. Wesley McGrew directs research, development, reverse engineering, and offensive cyber operations as Senior Cybersecurity Fellow for MartinFederal. He has presented at DEF CON and Black Hat USA on topics of penetration testing, malware analysis, critical infrastructure, and vintage computing, and has taught self-designed courses on reverse engineering and cyber operations at Mississippi State University. Wesley has a Ph.D. in Computer Science from Mississippi State University for his research in vulnerability analysis of SCADA HMI systems. He has entertained audiences at many DEF CON parties as a house music DJ, as well.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66477','','',66477,'\'Map Page - LVCCW Level 2 W232 (Workshops)\'','Saturday, Aug 8, 14:00 - 17:59 PDT
'),(182026,'\'Purple Teaming Industrial Control Systems\'','workshops','\'Creator: DEF CON Workshops

Security monitoring is often presented as the silver bullet for Industrial Control System (ICS) security — but how effective is it against realistic adversaries?\nIn this 4-hour, hands-on workshop, participants will use CALDERA, the open-source adversary emulation framework, to conduct purple-team exercises against simulated & live industrial environments. Attendees will simulate real-world IT and OT attacks, observe what is (and is not) detected across EDR, logs, and network monitoring, and map results to MITRE ATT&CK for ICS.\nRather than focusing on exploitation alone, this workshop teaches a repeatable methodology to assess detection coverage, identify OT blind spots, and improve monitoring strategies. Participants leave with concrete techniques they can apply in their own environments — from tabletop exercises to continuous detection testing.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/sat_pm_ws7_4030
\n
People:
    SpeakerBio:  Arnaud SOULLIE
\n

Arnaud Soullie is a Senior Manager at Wavestone. He has over 15 years of experience in security assessments and penetration testing, with 10 years specializing in Industrial Control Systems cybersecurity. He has delivered talks and workshops at DEF CON, Black Hat Europe, BruCON, CS3STHLM, BSides Las Vegas, and others. He is the creator of the DYODE open-source data diode project and has been teaching ICS cybersecurity since 2015.

\n\nSpeakerBio:  Alexandrine TORRENTS
\n

Alexandrine Torrents is a cybersecurity expert at Wavestone. She started as a penetration tester, and then specialized in OT cybersecurity. She is IEC 62443 certified. She performed dozens of OT cybersecurity assessments across various industries & worked on OT models to perform attacks on PLCs & SCADA systems. Alexandrine also helps secure OT both at technical & organization levels: secure architecture, system hardening, IAM, cyber resilience, detection, governance, awareness & training, risk assessment, cyber by design, etc. Alexandrine works with different CISOs on their OT cybersecurity roadmaps & programs at different scales of large industrial companies: site, business units, Group with worldwide scope. Alexandrine also gives training on OT cybersecurity.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66478','','',66478,'\'Map Page - LVCCW Level 2 W225 (Workshops)\'','Saturday, Aug 8, 14:00 - 17:59 PDT
'),(182027,'\'Salesforce Apex Predator: Breaking Salesforce Sites\'','workshops','\'Creator: DEF CON Workshops

Salesforce Sites are one of the most under-tested attack surfaces in enterprise security. When pentesters encounter them, most skip past - the Aura framework doesn\'t behave like a standard web application, and standard web testing techniques don\'t apply. Salesforce sites run on proprietary frameworks (Aura and LWR) with their own API surfaces, access models, and injection patterns. In March 2026, ShinyHunters demonstrated what that blind spot costs: sensitive data exfiltrated from hundreds of organizations through sites no one had tested.

\n\n

This workshop teaches pentesters and red teamers a complete offensive methodology for Salesforce Experience Sites, going well past the record enumeration that makes up most public guidance on the topic.

\n\n

Attendees will enumerate objects and dump records via the Aura API, then learn to identify and invoke custom Apex controllers running in system mode - controllers that bypass standard access management mechanisms, and which are surprisingly common and criminally underexplored. We cover SOQL injection in depth: why normal SQL injection tests fail, and how to exploit it. We cover deterministic route enumeration as an unauthenticated user, and LWR sites - Salesforce\'s next-generation framework - including the release of LWRed, a new open-source scanner built specifically for them.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/sat_pm_ws4_4032
\n
People:
    SpeakerBio:  Nitay Bachrach
\n

Nitay Bachrach is a security researcher at Reco (Tel Aviv, Israel) specializing in offensive security research against enterprise SaaS platforms. He is a pioneer in Salesforce offensive security: he published new exploitation methods for the Aura framework, discovered the Einstein Wormhole vulnerability and a Public Link exploitation technique in Salesforce\'s platform, and identified and responsibly disclosed critical vulnerabilities in dozens of major Salesforce deployments. His research extends to Okta, GCP, and other enterprise platforms. He spoke at Insomni\'hack on \"Neo4jection\" - novel graph injection techniques against Neo4j. In May 2026, he is running a Salesforce-focused CTF event in Tel Aviv. The LWR exploitation methodology and LWRed tool premiering at this workshop represent previously unpublished research from original work on Salesforce\'s next-generation Experience Site framework.

\n\nSpeakerBio:  Cynthia Ardman
\n

Cynthia has spent 10+ years making life harder for attackers. She currently builds threat detection at Reco, and previously did the same at AppOmni, AWS, and Snowflake, places where \"the blast radius\" isn\'t a metaphor. At AWS she developed MITRE ATT&CK-mapped detection for corporate infrastructure, partnered with the Red Team to close gaps they found, and led a project that knocked hacking tool presence down by 30%. At Snowflake she ran blue team ops and built the SQL-based alerting pipeline from scratch. At StubHub she hunted down an active intrusion by tracing logs across systems and performed the root cause analysis so it wouldn\'t happen twice. She came up through desktop support, building Linux blade servers and remediating malware on customer machines, the kind of work that teaches you what actually breaks. CISSP. Splunk ES Admin. Writes Python when she has to and JSONata when nobody\'s looking.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66479','','',66479,'\'Map Page - LVCCW Level 2 W233 (Workshops)\'','Saturday, Aug 8, 14:00 - 17:59 PDT
'),(182028,'\'Attacking Cloud APIs from the IoT Edge\'','workshops','\'Creator: DEF CON Workshops

This course covers attacking the cloud REST APIs and IoT provider (cloud customer responsibility) configurations to demonstrate data exfiltration, remote code execution, and lateral movement. Hands-on experience with using an already compromised, simulated IoT device as well as navigating pen testing (fuzzing) of the common protocols (i.e. MQTT, HTTP) will be covered.

\n\n

Workshop goal\nTeach students practical, repeatable techniques to observe, extract, and abuse cloud API credentials and logic from the vantage of a compromised IoT device. Students will leave able to enumerate device‚Üícloud flows, extract tokens, fuzz REST/MQTT endpoints, and demonstrate controlled lateral movement inside an isolated cloud tenant.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/sun_am_ws7_4023
\n
People:
    SpeakerBio:  Rodney \"BenevolentWorm\" Beede
\n

Rodney is an offensive security red team pen tester. He has specialized in cloud, web, and IoT security for over 18 years. He has spoken at multiple conferences (BSides, Def Con, Black Hat) on topics ranging from cloud security engineering to IoT device hacking. Rodney has been accredited with multiple CVEs for web vulnerabilities in products such as Wi-Fi hardware and security appliances. He started his career in enterprise web application software development but shifted to the security industry with this master\'s thesis research project \"A Framework for Benevolent Computer Worms\" 2012. Website: https://www.rodneybeede.com/curriculum%20vitae/bio.html

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66480','','',66480,'\'Map Page - LVCCW Level 2 W222 (Workshops)\'','Sunday, Aug 9, 09:00 - 12:59 PDT
'),(182029,'\'Building your own hardware hacking kit to Pentest Bluetooth, WIFI, and more.\'','workshops','\'Creator: DEF CON Workshops

You will receive a free hardware kit, documentation, and class introduction to the same hardware configuration used by hundreds of hacking hardware tools as their main core.\nWe will cover Wifi Hacking on both 2 and 5ghz, Bluetooth hacking, packet capture, Flipper interface (bring yours if you have one), Sensor integration (also included), Mesh networking, point to point communications and more.\nRequirements: Laptop, Fully charged, USB-A interface, Windows OS (we will discuss MAC and Linux, but you will need to have knowledge and permissions to install tools).\nYou can attend without above and still get kit, but it will not be hands on. All information will be published after the workshop if you don’t have a laptop.\nYou will get a modern ESP32, Sensor, breadboard, USB cable, wires and more during the workshop.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/sun_am_ws8_4069
\n
People:
    SpeakerBio:  Dallas
\n

Dallas has been involved in hacking since early teens, which translates to sometime in the 80’s. Mentored by Satellite and Ham hackers, has been involved in a few organizations including all levels of government, 3 letter agencies, serving as Chief security officer, CISO, and technical manager of multiple world-wide organizations. Banking, Energy, Space, Telecom, Government and manufacturing. Elected, re-elected, served and got the trophy. OG Considered an expert in Pen testing, variety of related and unrelated technology – occasionally serving 15+ years as a Defcon security goon, and around 10 for B-sides organizations. Alexa Park being his first Defcon. Mostly bored, but thinks AI is kind of fun and enjoys giving back to the community. Doing his best to not get arrested, and share knowledge with those interested in seeking it.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66481','','',66481,'\'Map Page - LVCCW Level 2 W225 (Workshops)\'','Sunday, Aug 9, 09:00 - 12:59 PDT
'),(182030,'\'CI/CD Weaponization: Build It, Deploy It, Own It\'','workshops','\'Creator: DEF CON Workshops

GitHub Actions has become the de facto automation layer for modern software, and the de facto attack surface. In 2025, a single compromised Action leaked secrets across 23,000 repositories. One year later, the TeamPCP group ran the same playbook at scale by compromising Trivy\'s actions. Different victims, same root cause: a CI/CD pipeline that trusted what it shouldn\'t.

\n\n

In this hands-on workshop, participants will build a complete end-to-end attack chain in a controlled lab environment, emulating adversary TTPs observed in recent GitHub Actions breaches. From initial access through malicious workflow manipulation to secret exfiltration, each phase is paired with detection and analysis techniques to bridge offensive and defensive perspectives.

\n\n

Whether you\'re on a red or purple team looking to simulate attacker behavior, or part of a blue team (AppSec or DevSecOps) aiming to harden CI/CD pipelines, this workshop delivers practical, real-world skills grounded in today’s evolving threat landscape.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/sun_am_ws1_4043
\n
People:
    SpeakerBio:  Ricardo Sanchez
\n

Ricardo Sanchez is an accomplished cybersecurity professional with a passion for empowering others through knowledge sharing. He has built his career designing and implementing innovative technology strategies for threat intelligence, detection engineering, and threat hunting to combat evolving cyber threats.\nCurrently, Ricardo leads the Application Security (AppSec) practice at a leading insurance company in Peru, where he works closely with DevSecOps teams to enhance security across the software development lifecycle (SDLC) and supply chain.\nCommitted to lifelong learning, Ricardo thrives on analyzing malware and staying at the forefront of cybersecurity advancements.

\n\nSpeakerBio:  Daniel Malvaceda
\n

Daniel Malvaceda is a security architect who spends most of his time figuring out how CI/CD pipelines and supply chains actually fail, then writes it up so others don\'t have to learn it the hard way. Lately he\'s also poking at AI/LLM agents, since pipelines aren\'t the only thing shipping untrusted code anymore. He co-founded pipebreach.com, where real-world supply chain attacks get reproduced, dissected, and written up for everyone else. He also co-organizes the DevSecOps village at Ekoparty (Argentina and Miami), and has dragged these same topics to stages at Ekoparty, DevOps Days, and 8.8 Security Conference. If a pipeline can be weaponized, he wants to know about it first.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66482','','',66482,'\'Map Page - LVCCW Level 2 W230 (Workshops)\'','Sunday, Aug 9, 09:00 - 12:59 PDT
'),(182031,'\'Creating Shellcode for Hackers\'','workshops','\'Creator: DEF CON Workshops

Creating shellcode is for the brave! This workshop takes a modern approach to the time-honored tradition of Windows shellcode creation. Intended for those with intermediate to advanced knowledge, we will refresh x86 assembly and cover Windows internals.

\n\n

You will create Win32/WoW64 shellcode with NASM before moving onto intermediate, multi-API shellcode. Along the way, we will cover GetPC, position independence, bad characters, calling conventions, stack discipline, manual API resolution through the PEB/TEB, export walking, name/hash-based resolution, strings, and passing handles or pointers between calls.

\n\n

For evasion, we will explore manual/automated encoding techniques, making our shellcode self-modifying. We will also cover advanced techniques, including direct Windows syscalls with ShellWasp. You will learn Windows structures, native API parameter handling, and creating persistence with syscalls. Expect to be made privy to many shellcoding tips and tricks to bring out the best in your shellcode.

\n\n

By the end, you\'ll be able to: Create Windows shellcode using NASM; launch and debug it; resolve and chain WinAPIs by name or hash; obfuscate and encode shellcode; integrate direct syscalls with ShellWasp.

\n\n

Prep: Study x86 assembly and basic Windows debugging. A VM will be provided. Required: modern PC (Intel) / VM

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/sun_am_ws5_4055
\n
People:
    SpeakerBio:  Bramwell \"Bw3ll\" Brizendine
\n

Dr. Bramwell Brizendine has a Ph.D. in Cyber Operations and is the Director of the VERONA Lab. Bramwell has regularly spoken at DEFCON and presented at all regional editions of Black Hat (USA, Europe, Asia, MEA), as well as at Hack in the Box Amsterdam, Virus Bulletin, and Wild West Hackin\' Fest. Bramwell received a $300,000 NSA research grant to create the SHAREM shellcode analysis framework, which brings unprecedented capabilities to shellcode analysis and $500,000 as a 2025 DARPA YFA recipient for a PE file emulation framework. He has additionally authored ShellWasp, which facilitates using Windows syscalls in shellcode, as well as two code-reuse attack frameworks, ROP ROCKET and JOP ROCKET. Bramwell has previously taught undergraduate, master\'s, and Ph.D. courses on software exploitation, reverse engineering, offensive security, and malware analysis. He currently teaches cybersecurity courses at the University of Alabama in Huntsville.

\n\nSpeakerBio:  Austin \"quantumite\" Norby
\n

Dr. Austin Norby is a seasoned cybersecurity professional with over a decade of experience supporting the Department of Defense. He earned his bachelor\'s degrees in mathematics and computer science from the University of Minnesota, a master\'s degree from the Naval Postgraduate School, and a Doctorate in Cyber Operations from Dakota State University, specializing in anti-debugging techniques. Currently, Dr. Norby serves as the Director of Internal Research and Development at Bogart Associates, where he is responsible for spearheading the creation of advanced cybersecurity solutions for government use. His technical proficiencies include reverse engineering, malware analysis, and software engineering, with a strong focus on developing robust cyber capabilities in C, C++, Intel assembly, and Python.

\n\nSpeakerBio:  Micah Flack
\n

Micah Flack is a cybersecurity researcher at Idaho National Laboratory, where his work spans vulnerability research, firmware and hardware analysis, malware forensics, exploit development, and reverse engineering across multiple platforms and architectures. He is currently pursuing a Ph.D. in Cyber Operations at Dakota State University, with research interests rooted in applied cybersecurity, software exploitation, malware analysis, and shellcoding. Micah also holds both a Master’s degree in Computer Science and a Bachelor’s degree in Cyber Operations from DSU, where he was active in cybersecurity research and competitions. Micah brings a hands-on perspective from his varied experiences in working with assembly, payload development, embedded systems, and offensive security research.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66483','','',66483,'\'Map Page - LVCCW Level 2 W232 (Workshops)\'','Sunday, Aug 9, 09:00 - 12:59 PDT
'),(182032,'\'ICS Hack \'n Track\'','workshops','\'Creator: DEF CON Workshops

OT attacks are often discussed but rarely demonstrated - in this workshop we use Caldera for OT to demonstrate realistic attack vectors for Distributed Control Systems used in power plants and other critical infrastructure, as well as how FOSS tools like Malcolm give defenders the information needed to detect blast radius and impacts.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/sun_am_ws6_4085
\n
People:
    SpeakerBio:  Pedro Cabrera
\n

Pedro Cabrera is an OT cybersecurity professional and Omnivise Cybersecurity Solutions Architect at Siemens Energy. He specializes in industrial control systems and adversary simulation, focusing on bridging the gap between traditional IT security and operational technology through practical, real-world demonstrations. He has developed custom tooling to simulate PLC interactions and highlight detection challenges in OT environments. His work centers on improving visibility, strengthening defenses, and making complex security concepts more accessible.

\n\nSpeakerBio:  Hannes \"hercules_hannes\" Heck
\n

Hannes is an OT security practitioner currently completing a Bachelor\'s degree in Cybersecurity, with a thesis focused on Network Detection and Response systems including Malcolm. Active in the technology field since 2018, when he began a formal computer science apprenticeship, he has progressively deepened his specialization in cybersecurity and currently works at Siemens Energy in an OT Security role focused on solution architecture for industrial environments. He has presented technical topics in both academic and enterprise settings and brings direct hands-on experience with network traffic analysis, industrial control system design, and adversary emulation platforms to this workshop.

\n\nSpeakerBio:  Sam Miorelli
\n

Sam Miorelli is the Global Head of Innovation and Customer Success for Siemens Energy Omnivise Cybersecurity. By training he is a mechanical engineer and a lawyer. Prior to his involvement with OT cybersecurity, Sam was the primary lawyer for several billion dollars per year of energy and industrial automation transactions at Siemens worldwide.

\n\nSpeakerBio:  Jordan Sanchez
\n

Jordan Sanchez is a Cybersecurity Fellow at Siemens Energy, where he has spent three years doing R&D in OT and ICS security. Graduating from the University of Central Florida with a degree in Computer Science, he conducted undergraduate research on dependency downgrade vulnerabilities in the Android build system. Jordan is joining Amazon as a Security Engineer in September 2026.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66484','','',66484,'\'Map Page - LVCCW Level 2 W231 (Workshops)\'','Sunday, Aug 9, 09:00 - 12:59 PDT
'),(182033,'\'Pivot, Hunt, Publish: An Offline, Hands-On CTI Workshop for Blue Teams and Threat Researchers\'','workshops','\'Creator: DEF CON Workshops

Cyber Threat Intelligence is the most overspecified and underspecified\ndiscipline in security. Every vendor sells a feed. Every conference has\na track. Every blog post claims attribution. And yet - most blue teams\nstill drown in IOCs they cannot operationalize, and most aspiring threat\nresearchers do not know how to pivot from a single sample to a\ndiscovered campaign.

\n\n

This workshop fixes both problems in four hours, fully offline, with\nevery minute of those four hours spent on content rather than setup,\nand without distributing a single piece of malware.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/sun_am_ws4_4075
\n
People:
    SpeakerBio:  Rushikesh Nandedkar
\n

Rushikesh is a researcher. Having more than 10 years of experience under his belt, his assignments have always been pointed towards reducing the state of insecurity for information. His research papers were accepted at the nullcon \'14 \'18 \'20 \'21, BruCON \'16 \'17 \'18 \'19 \'21, Blackhat USA Arsenal \'18 \'19 \'25, DEFCON 24 26 27, x33fcon \'17 \'18 \'20 \'21, BSides Delhi \'17 \'20, c0c0n \'17 \'25, HITCON \'14, NCACNS \'13 + co-author of \"DARWIN\" (use cases for covert wireless), \"DECEPTICON\", an intelligent evil-twin and \"SASTRI\", Plug and Play VM for SAST and author of ARC (Artefact Reuse Comparator) and Q-TIP (QR Code Threat Inspection Platform). Being an avid CTF player, for him, solace is messing up with packets, frames, and shellcodes while attempting to reach the state of void *.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66485','','',66485,'\'Map Page - LVCCW Level 2 W233 (Workshops)\'','Sunday, Aug 9, 09:00 - 12:59 PDT
'),(182034,'\'Post-Quantum Cryptography (PQC) for Hackers\'','workshops','\'Creator: DEF CON Workshops

Secure communications are not a luxury — they are a foundational requirement for human dignity in the digital age. Our most meaningful conversations, transactions, and decisions demand end-to-end encryption, strong authentication, and verifiable integrity. The notion that \"only those with something to hide need strong crypto\" is not merely lazy; it is dangerously shortsighted. Privacy is the space where autonomy, intimacy, and authentic human experience thrive. When that space is violated, the damage ripples far beyond the individual.

\n\n

For decades, classical public-key cryptography has quietly protected everything from online banking to private messaging. That era is ending. Quantum computers are advancing rapidly, and the break of today\'s asymmetric algorithms — often called the Quantum Apocalypse — is no longer a question of if, but when. The window to prepare is narrowing. Migration must begin now.

\n\n

In this workshop, you\'ll implement PQC algorithms from the NSA\'s CNSA Suite 2.0. You\'ll use C++, OpenSSL and Linux to demonstrate the secure usage of ML-KEM, ML-DSA, AES-256, and SHA-512. You\'ll leave with clean, reusable code, deep implementation insight, and the practical skills needed to integrate PQC into real-world systems.

\n\n

We might not all have something to hide, but we all have something worth protecting.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/sun_am_ws3_4070
\n
People:
    SpeakerBio:  Eric \"Eijah\" Anderson
\n

Eijah is the founder of Code Siren, LLC and has 25+ years of experience in software development. He is the creator of Polynom, the world\'s first CNSA Suite 2.0 PQC collaboration app and the author of multiple FIPS 140-3 modules. He is also the developer of Demonsaw, an encrypted communications platform that allows you to share information without fear of data collection or surveillance. Before that Eijah was a Lead Programmer at Rockstar Games where he created Grand Theft Auto V and Red Dead Redemption 2. In 2007, Eijah hacked multiple implementations of the Advanced Access Content System (AACS) protocol and released the first Blu-ray device keys under the pseudonym, ATARI Vampire. He has been a faculty member at multiple colleges, has spoken at DEF CON and other security conferences, and holds a master\'s degree in Computer Science. Eijah is an active member of the hacking community and is an avid proponent of Internet freedom.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66486','','',66486,'\'Map Page - LVCCW Level 2 W228 (Workshops)\'','Sunday, Aug 9, 09:00 - 12:59 PDT
'),(182035,'\'Purple Protocol: Adversary emulation for everyone\'','workshops','\'Creator: DEF CON Workshops

Have you ever been curious about the techniques used by most notorious hackers to infiltrate some of the world\'s biggest networks? What would happen if they attacked yours? Companies burn millions of dollars in cybersecurity defenses, yet breaches still happen. Why? Because victory favors the prepared, not the well-funded.

\n\n

This beginner friendly workshop explores a practical way to test your defenses. You will learn to organize and execute a Threat Intelligence-led Purple Team Engagement with Open Source tooling. You will learn how to select relevant Threat Actors, execute test cases, document results, generate action items for the Blue Team to remediate, and report the results in a way that even executives can understand. (Spoiler: They like Pie Charts, Line Graphs, and bright colors) This will all be done on a VM we will provide with the Open Source tooling pre-installed. Everything learned in this course can be replicated at your organization.

\n\n

Join us in this workshop to learn why Purple Teaming is undeniably one of the most methodical and effective ways to improve your resilience against the threat actors most likely to attack your organization.

\nLinks:
    Registration (July 14, 2026, Noon US Pacific) - https://events.humanitix.com/sun_am_ws2_4001
\n
People:
    SpeakerBio:  Patrick \"PilotPat\" Raiden
\n

Patrick has been working in Cybersecurity for the past decade, ranging from Security Engineering, Vulnerability Management, Penetration Testing, and Red Team Ops.  He holds industry certs including the OSCP, CRTO and GRTP.  He led the effort to build a new Purple Team program at one of the largest healthcare organizations in the United States and continues to manage the program. Patrick is also a DEF CON Black Badge winner.

\n\nSpeakerBio:  Ben \"Marba$\" Strout
\n

Marba$ leads an Offensive Security Team and research vulnerabilities at one of the largest U.S. healthcare conglomerates. With experience spanning healthcare, biotech, pharma, and fintech, his work centers on application security, red teaming, and automation. He is the founder of DC207- Maine\'s DEF CON group - and the General Chair / Lead Organizer of BSides Maine.

\n\nSpeakerBio:  Brandon \"D43m0n\" Kraycirik
\n

D43m0n is a senior cyber security research engineer for one of the largest banking institutions in the world. Having over five years of experience in offensive security, specializing in red teaming, vulnerability research, and custom tool development.

\n\n

He holds advanced certifications that include OSCE3, BSCP, CRTO, CARTP, and eWPTX. While doing so, he was contributing to the cyber security community as the discoverer of CVE-2025-26332 (Dell) and CVE-2025-30398 (Microsoft), while also having authored “Debugging CVE-2023-37679: A Step-by-Step Guide to Fixing the Windows Exploit.”

\n\n

One of his most recent accomplishments at DEF CON is finally obtaining the accolade of being a Black Badge holder.

\n\n

Outside of cybersecurity, he is a passionate researcher with a deep appreciation for the outdoors.

\n\n\'','NULL','NULL','','https://defcon.org/html/defcon-34/dc-34-workshops.html#66487','','',66487,'\'Map Page - LVCCW Level 2 W229 (Workshops)\'','Sunday, Aug 9, 09:00 - 12:59 PDT
'),(182036,'\'Blue Team Village Movie Night\'','pge','\'Creator: Social Gatherings/Events

Join the Blue Team Village and our special guests for a mixer and screening. Popcorn and drinks from 7pm-8pm, movie starts at 8pm.

\n\'','NULL','NULL','','','','',66488,'\'Map Page - LVCCW Level 2 W213-W217 (Blue Team Village)\'','Saturday, Aug 8, 19:00 - 21:59 PDT
'),(182037,'\'10 years of K-rad (Hackers.Town Party)\'','pge','\'Creator: Social Gatherings/Events

HACK THE PLANET! Come celebrate 10 years of Hackers.Town doing whatever it is we actually do! We’ve fully embraced this year’s theme of agency, and given these renowned hacker-DJs free rein to do what they do best.

\n\n

Join us in the North Lobby for epic sets from: Kampf, Syntax976 and Luna, PatAttack, and Skittish and Bus!

\n\'','\'https://defcon.outel.org/defcon34/images/logos/pme-krad.webp\'','\'pme-krad.webp\'','','','','',66489,'\'Map Page - LVCCW Level 1 North Lobby\'','Saturday, Aug 8, 18:00 - 20:59 PDT
'),(182038,'\'AC Scanner: The Post-Quantum Cryptographic Exposure and CBOM Generator. You Need This!\'','demolabs','\'Creator: Demo Labs

AC Scanner is a tool to help providers of all kinds ensure their services can resist post-quantum cryptographic attacks including Harvest Now Decrypt Later (HNDL). The scanner is an open-source pipeline that automates full cryptographic surface discovery across TLS endpoints and SSH services, assessing every asset against NIST post-quantum standards and generating a structured Cryptographic Bill of Materials (CBOM). In a single command (sh scan.sh example.com) it runs subdomain enumeration, DNS resolution, TLS handshake analysis via OpenSSL, SSH auditing via ssh-audit, quantum vulnerability scoring, and CBOM output in JSONL/JSON/Markdown, ready to upload to an interactive dashboard. With NIST finalizing ML-KEM (FIPS 203), ML-DSA (FIPS 204), and SLH-DSA (FIPS 205) in 2024, and NIST IR 8547 mandating deprecation of quantum-vulnerable algorithms by 2030, AC Scanner gives blue teams a fast, evidence-grade path from cryptographic discovery to compliance reporting.

\nLinks:
    GitHub - https://github.com/qubitac/AC-Scanner
\n
People:
    SpeakerBio:  Anurag Swarnim Yadav
\n

Anurag Swarnim Yadav is Co-Founder and CTO of QubitAC, a company helping organizations with cryptographic discovery, post-quantum cryptography readiness assessment, migration framework development, and compliance readiness. He holds a PhD from the University of Florida, where his research examined how data quality impacts ML-based vulnerability detection systems and explored automated program repair for security flaws. He developed AC Scanner, a free open-source ACDI tool helping organizations discover, inventory, and prioritize their quantum-vulnerable cryptographic infrastructure, and has spoken at BSides security conferences educating practitioners on PQC adoption and the steps organizations need to take before the 2030 deadline.

\n\nSpeakerBio:  Joseph Wilson
\n

Joseph N. Wilson is a co-founder of QubitAC and an emeritus faculty member at the University of Florida who received his PhD in Computer Science from the University of Virginia. During his 41 year academic career, he carried out a wide variety of research projects and authored over 150 publications concerning topics including cybersecurity, machine learning, landmine detection and remediation, and computer vision. In addition to his academic work, Dr. Wilson has been a GIAC certified network and web application penetration tester as well as a malware and forensic analyst. His current work is aimed at helping organizations and people improve both their computational and communications security and privacy. He received the General Ronald W. Yates Award for Excellence in Technology Transfer for work leading to successful landmine and IED detection systems employed by US military support forces in Afghanistan.

\n\n\'','NULL','NULL','','','','',66490,'\'Map Page - LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2)\'','Saturday, Aug 8, 15:00 - 15:45 PDT
Friday, Aug 7, 16:00 - 16:45 PDT
'),(182039,'\'AD-Necromancer: Resurrecting Forgotten Control Paths in Active Directory\'','demolabs','\'Creator: Demo Labs

Every pentest, same story - BloodHound says no path to DA, client celebrates, meanwhile a 2019 service account has AddAllowedToAct on a production DC that nobody remembers. AD-Necromancer finds what humans forget. Give it a username, password, and domain — it bootstraps EDR evasion (ETW patching, DLL unhooking, Halos Gate syscalls), collects AD data over ADWS instead of LDAP, encrypts with AES-256-GCM, and exfils to C2 with zero artifacts. One command, credentials to findings. It feeds tokenized BloodHound data to an LLM for semantic reasoning - forgotten RBCD, ghost cross-forest delegations, orphaned admin accounts no compliance checklist catches. Privacy Cloak ensures real names never leave the box. Open source, MIT licensed. Come dig up what your tools missed.

\nLinks:
    GitHub - https://github.com/0xSense1/AD-Necromancer
\n
People:
    SpeakerBio:  Akbar \"0xsensei\" Abdullayev
\n

Offensive security professional with 5+ years of experience in Active Directory and cloud security, specializing in red teaming and enterprise attack chains.

\n\nSpeakerBio:  0xHera
\n

I am a freelance Offensive Tool Developer and Security Enthusiast building practical tools and sharing research with the community to help others better understand attack paths, real-world offensive techniques, and defensive improvements.

\n\n\'','NULL','NULL','','','','',66491,'\'Map Page - LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1)\'','Friday, Aug 7, 10:00 - 10:45 PDT
Saturday, Aug 8, 13:00 - 13:45 PDT
'),(182040,'\'AI Pipeline for N-days Weaponization\'','demolabs','\'Creator: Demo Labs

Most agentic exploit pipelines stall when there\'s no public PoC,they search, find nothing, and spin. This talk demos a multi-agent system that exploits n-days from scratch in under an hour, even with zero public exploit code available.\nGiven only a CVE ID, the pipeline autonomously: fetches vulnerability details and the upstream fix commit; spins up a pinned Docker lab running the exact vulnerable version; diffs the patch to identify the exploitable code path; generates vulnerability-class-specific attack guidance (not a generic checklist); and runs iterative exploit + validation loops until RCE is confirmed.\nDemonstrated live against four CVSS 9.8–10.0 vulnerabilities Apache OpenMeetings deserialization, n8n unauthenticated RCE, Langflow exec() injection, and Spring AI SpEL injection, with working exploits produced in minutes. Every run also outputs a containerized lab and defense report, making it equally useful for detection engineering and patch validation.

\n
People:
    SpeakerBio:  Andrea Brosio
\n

Andrea Brosio is a Security Researcher and Senior Content Engineer, specializing in red teaming, malware development, and offensive security. With prior experience as a Bug Hunter and Red Team Operator he combines real-world adversarial expertise with a passion for creating engaging cybersecurity training.

\n\nSpeakerBio:  Arun Nair
\n

Arun Nair is a Security Engineer at Google and founder of Ryvane Academy, specializing in AI Security, malware development, defense evasion, and adversary simulation. He holds several respected certifications, including OSCP, CRTP, CRTL, CodeMachine Malware Techniques, and HackSys Windows Kernel Exploitation.\nOver the years, Arun has worked with leading organizations such as JP Morgan, and EY, focusing on offensive security and red teaming engagements. Outside of his professional work, he is an active contributor to the cybersecurity community, from designing Capture the Flag (CTF) challenges to delivering talks and workshops at events like DEFCON Red Team Village, HeapCon, MCTTP, BSides Transylvania, HackSpaceCon, RingZer0, c0c0n, and various local meetups.\nWhen he’s not on engagements or speaking at conferences, Arun shares his research and insights through his blog at dazzyddos.github.io

\n\n\'','NULL','NULL','','','','',66492,'\'Map Page - LVCCW Level 1 Hall 3 902 (Demo Labs Track 6)\'','Friday, Aug 7, 11:00 - 11:45 PDT
Saturday, Aug 8, 15:00 - 15:45 PDT
'),(182041,'\'AOBTD: AI One Bites The DAST\'','demolabs','\'Creator: Demo Labs
I hate the way most DAST tools test: firing payloads at parameters with no idea what the app is. They catch the obvious stuff, but miss the parts that actually need context. Newer LLM scanners are either commercial black boxes (iykyk) or \"GPT, find bugs at this URL\" wrappers that fall over outside a CTF box.
\n\n

AOBTD is my attempt at a third option: a scanner that behaves less like a fuzzer and more like a pentester at the start of a test.

\n\n

Instead of fuzzing harder, AOBTD first tries to understand the target. It explores the surface, identifies what pages and endpoints are for, takes notes, builds hypotheses, and then sends targeted requests based on that context. This target understanding drives the rest of the testing process, which is the only realistic way automated tooling can get closer to business-logic bugs.

\n\n

The crawler is designed to avoid wasting time on repeated templates while still sampling outliers, so the odd page hidden in a sea of similar ones does not get ignored. When findings are confirmed, AOBTD can chain them into multi-step attack stories rather than reporting isolated payload hits.

\n\n

This is where LLMs are actually useful: reading a page, understanding the purpose of a form, naming the function behind a JSON endpoint, and doing the kind of prioritization a pentester normally spends hours on.

\nLinks:
    GitHub - https://github.com/oz9un/AOBTD
\n
People:
    SpeakerBio:  Ozgun \"ozzy\" Kultekin
\n

Ozgun (aka ozzy) is a Senior Application Security Engineer at Trendyol Group, where he spends his days breaking applications before the bad guys do. He holds the OSCE3 certification and specializes in offensive security research with a focus on application security and red team operations.

\n\n

He has presented at several conferences including DEF CON, Hacktivity, and multiple BSides events, covering topics ranging from red teaming to application security. He is currently focused on integrating AI into offensive security workflows and actively researching how large language models can be applied in practical, technical ways within cybersecurity. He regularly shares his work and tools as open source.

\n\n

When he\'s not hunting bugs or running red team ops, he\'s probably at the poker table.

\n\n\'','NULL','NULL','','','','',66493,'\'Map Page - LVCCW Level 1 Hall 3 901 (Demo Labs Track 5)\'','Saturday, Aug 8, 15:00 - 15:45 PDT
Friday, Aug 7, 11:00 - 11:45 PDT
'),(182042,'\'AzProwl: Prowling the Azure Attack Surface\'','demolabs','\'Creator: Demo Labs

Cloud environments aren’t being breached through zero-days—they’re being traversed through identity, misconfigurations, and overlooked data paths. Azure is no exception.

\n\n

This talk introduces AzProwl, an offensive-focused tool designed to emulate how real attackers enumerate and chain together access across Azure environments. Rather than stopping at surface-level enumeration, AzProwl maps identity relationships, token abuse opportunities, and data plane exposure to uncover realistic attack paths.

\n\n

We’ll walk through how attackers move from initial access to meaningful impact using Azure-native mechanisms—leveraging identity roles, service principals, tokens, and storage access. Attendees will see how seemingly low-risk permissions compound into high-impact compromise.

\n\n

Whether you’re red team, blue team, or somewhere in between, this session will provide practical insight into how Azure environments are actually attacked—and how to detect and defend against it.

\nLinks:
    GitHub - https://github.com/GonePhishing402/azprowl
\n
People:
    SpeakerBio:  Jared \"GonePhishing402\" Graff
\n

I’m a Lead Incident Response Analyst at Target with experience spanning red team operations, blue team defense, and incident response. My background working in Azure cloud security at Microsoft helped shape my approach to understanding and defending modern cloud environments and ultimately inspired the development of this training.

\n\n

I specialize in analyzing and emulating real-world attack paths across cloud identities, authentication tokens, and data planes to uncover gaps in detection and response capabilities. My work focuses on Azure identity compromise, token abuse, cloud persistence techniques, and understanding how adversaries actually operate within cloud environments—not just how we assume they do.

\n\n

I’m passionate about bridging the gap between offensive and defensive security, translating attacker tradecraft into actionable detection strategies, and developing hands-on labs that help defenders better understand cloud threats. My goal is to make complex attack techniques accessible, practical, and directly applicable to real-world security operations.

\n\nSpeakerBio:  Jeff Daniels
\n

Jeff Daniels is a Senior Cloud Solution Architect at Microsoft Federal specializing in cloud security, threat intelligence, and red team operations. With a background in military cyber operations, he brings real-world offensive experience to designing detection strategies, Zero Trust architectures, and large-scale SOC capabilities. Jeff focuses on translating adversary tradecraft into actionable security outcomes for government customers and is actively involved in red team tooling, adversary emulation, and ATT&CK-aligned training.

\n\n\'','NULL','NULL','','','','',66494,'\'Map Page - LVCCW Level 1 Hall 3 900 (Demo Labs Track 4)\'','Friday, Aug 7, 15:00 - 15:45 PDT
Friday, Aug 7, 14:00 - 14:45 PDT
'),(182043,'\'Be like a BRAT(BLE Recon and Attack Toolkit): Skip the Handshake, Own the Device\'','demolabs','\'Creator: Demo Labs

What happens when you buy a popular medical device and realize it blindly trusts any BLE connection within 30 meters?

\n\n

BRAT (BLE Recon and Attack Toolkit) is the open-source Python arsenal we built to systematically take over an FDA-listed consumer hormone analyzer and generalize the attack to the class of devices behind it. Relying on the Nordic UART Service (NUS), the target blindly trusts any connection within 30 meters. BRAT automates the exact attack chain we used to compromise it: passive BLE discovery, protocol reverse engineering, unauthenticated command injection, full bind takeover, and rogue peripheral impersonation to hijack live API session tokens.

\n\n

Every script is built on the ⁠bleak⁠ async BLE library and deliberately kept small so you can read the code and understand the exploit in minutes. Our Demo Lab features live, end-to-end attacks against a consumer medical device. We’ll demonstrate unauthenticated command injection, rogue peripheral spoofing that intercepts companion app handshakes, and how we injected spoofed hormone sensor data without ever pairing.

\n
People:
    SpeakerBio:  Gigi Xiaoqing Liu
\n

Gigi Liu is a graduate security researcher at Northeastern\'s Security And Privacy Research (SPQR) Group under Professor Kevin Fu, where her work covers embedded systems security, medical device attack surfaces, and AI-generated media detection. She interns at Lila Sciences as a Security and Cloud Engineer, building enterprise-wide agentic AI security infrastructure and detection capabilities for unauthorized AI activity across cloud and SaaS environments.

\n\n

Her technical work spans wireless protocol reverse engineering, binary exploitation, web and mobile reverse engineering, cloud and AI security. She has applied these skills across medical hardware, automotive platforms, and enterprise cloud environments — from BLE command injection on FDA-listed devices to CarPlay API exploitation to building agentic AI detection controls at scale. As a UCLA psychobiology alum with a consulting background, she brings a multidisciplinary lens to every system: understand what it\'s designed to do first, then find where it breaks.

\n\nSpeakerBio:  Muzzammil Mohammed
\n

Muzzammil Mohammed is an offensive security researcher, penetration tester at Maltek Solutions, and MS in Cybersecurity at Northeastern University. Operating out of the SPQR Lab under Professor Kevin Fu, and serving as a Teaching Assistant Network Security, his work bridges academic vulnerability research with real-world red team execution. As a core developer of WandKit an open-source BLE attack toolkit built to audit medical devices. Muzzammil led the cloud API exploitation phase, successfully confirming a complete authentication bypass and engineering the rogue peripheral session hijack chain. Beyond hardware and API hacking, he is actively developing autonomous multi-agent AI frameworks designed to orchestrate local LLMs for automated security auditing and vulnerability analysis.

\n\nSpeakerBio:  Narmina Karimova
\n

Narmina Karimova is a cybersecurity graduate researcher at Northeastern University with a background in enterprise technology across financial institutions and the United Nations. She came to security research from the infrastructure side, which shaped how she approached tearing apart a consumer fertility monitor.\nFor BRAT, she wrote the core BLE attack suite in Python: replay modules, rogue peripheral session capture, unauthenticated hormone data extraction, and the bind takeover chain that captures device ownership in under 15 seconds. She also reverse-engineered the APK with JADX, found hardcoded credentials, and confirmed a CVSS 9.1 IDOR in the third-party integration. Her interest is in the gap between how consumer health devices are marketed and how they actually handle sensitive data.

\n\n\'','NULL','NULL','','','','',66495,'\'Map Page - LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3)\'','Friday, Aug 7, 11:00 - 11:45 PDT
Saturday, Aug 8, 15:00 - 15:45 PDT
'),(182044,'\'Beyond Spidering: Behavior Driven DAST for Real Application Workflows\'','demolabs','\'Creator: Demo Labs

Modern web apps do not give up their best attack surface to a spider. The interesting routes, state changes, authenticated functions, and business logic usually sit behind real user behavior. This Demo Lab shows how to stop treating DAST like blind crawling and start driving it with realistic browser flows.

\n\n

The project began as a software quality proof of concept and evolved through collaboration between an engineering team and a red team into a real operational workflow. By routing Selenium based test scenarios through OWASP ZAP, we turn existing web automation into Behaviour Driven DAST: a practical way to capture richer traffic, exercise meaningful application actions, and uncover security findings that isolated scanning often misses.

\n\n

Current research shows more than 300% increase in observed attack surface and around 25% improvement in vulnerability detection compared with spider-driven analysis alone. The session will walk through the workflow live, show the comparative results, and introduce a new Python library built from this research.

\nLinks:
    GitHub - https://github.com/testingsoul/behave-zap
\n
People:
    SpeakerBio:  Sara \"testingSoul\" Martinez
\n

Hi, I am Sara!\nI started my career in 2014 as a Software Validation Engineer for Communication products. During five years I improved my testing skills by working on projects in Telecommunication, Geolocation, Big Data and Power Electronics.\nIn 2019, I started to focus all this quality knowledge on testing Cybersecurity Software products, and then magic just happened. I discovered a whole new world that fascinated me.\nSince then, I have been working to improve all my Software and Quality skills including Cybersecurity at every step I take.

\n\n\'','NULL','NULL','','','','',66496,'\'Map Page - LVCCW Level 1 Hall 3 901 (Demo Labs Track 5)\'','Friday, Aug 7, 13:00 - 13:45 PDT
Saturday, Aug 8, 12:00 - 12:45 PDT
'),(182045,'\'BigIron.ai: AI-Assisted Exploration and Security Analysis of Mainframe Systems\'','demolabs','\'Creator: Demo Labs

Most security tools assume Unix or Windows models built around processes, shells, and network services. On mainframe operating systems, authority is determined through control-plane behavior: job submission (JCL/JES), dataset access, library resolution, and transaction context. These relationships are difficult to observe and are systematically misunderstood by modern security teams; creating blind spots that traditional tooling cannot see.

\n\n

This Demo Lab shows a live MVS 3.8j environment running under Hercules with a browser-based TN3270 interface. Operational artifacts including submitted jobs, spool output, and execution context are captured and mapped into a graph that reveals hidden trust relationships and indirect execution paths.

\n\n

The demonstration walks a realistic privilege path: TSO user → JCL submission → STEPLIB hijack → APF library execution — showing how inherited authority creates system-level exposure without exploiting a single vulnerability. No shellcode. No memory corruption. Just the system working exactly as designed.

\n\n

The platform includes 13 automated walkthroughs across 6 control planes (TSO, JES, RACF, CICS, VTAM, PR/SM), an offline LLM for real-time screen interpretation, and a findings engine that maps results to a repeatable assessment framework.

\nLinks:
    GitHub - https://github.com/W00t3k/mainframe-ai
\n
People:
    SpeakerBio:  Adam \"w00tock\" Toscher
\n

Adam Toscher is a New York–based security engineer and red team operator with over two decades of experience in offensive security, adversary simulation, and automation. Born in New York City and raised upstate, Adam began his career as an “IT vagabond,” starting as a freshman IBM intern porting Linux applications to mainframe systems. That early mainframe work grounded him in large-scale computing, operating systems, and complex enterprise environments before he transitioned into offensive security.

\n\n

He later held senior security roles at Adobe, Optiv, Accenture, IBM X-Force, and NYC Cyber Command, focusing on realistic adversary emulation, red-team operations, and practical automation.

\n\n

Most recently, Adam has worked with Cobalt Labs, supporting advanced red-teaming and offensive security engagements for private-sector organizations. Prior to that, he led red-team and adversary simulation work supporting critical public infrastructure with NYC Cyber Command and the FDNY.

\n\n

His work centers on penetration testing, red teaming, adversary emulation, and security tooling across private-sector and government environments. Outside of security, Adam values balance and lifelong learning, and is an avid reader, runner, swimmer, and gamer.

\n\n\'','NULL','NULL','','','','',66497,'\'Map Page - LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3)\'','Saturday, Aug 8, 12:00 - 12:45 PDT
Friday, Aug 7, 15:00 - 15:45 PDT
'),(182046,'\'Clew: Untangling Evasive Malware with Per-Sample Fuzzing Seeds\'','demolabs','\'Creator: Demo Labs

Clew is an automated fuzzing-candidate extraction pipeline for environment-sensitive malware analysis. Evasive malware routinely queries its execution environment via Windows API calls to hide functionality until specific environmental conditions are met. By hooking these API calls, a fuzzer can reveal such execution paths that are typically hidden during standard analysis. No seed corpus of environmental fuzzing candidates currently exists for this application. As a result, current API-hooking fuzzers rely on hand-written, sample-agnostic starting values and blind mutations that cannot scale to the diverse evasion techniques seen in sophisticated samples. Clew addresses this by analyzing each PE32 binary and producing a per-sample seed corpus of candidate API return values that downstream environmental fuzzers use to systematically uncover hidden execution paths.

\n
People:
    SpeakerBio:  Kyler McElroy
\n

McElroy, a second lieutenant and developmental engineer in the United States Air Force, is pursuing a master\'s in computer science with an AI focus at the Air Force Institute of Technology. His research focuses on using machine learning and automated analysis to uncover hidden behaviors in evasive malware. He is an alumnus of the ACE Cyber Leadership Development program, where he authored S.A.N.D (Synthetic Adversarial and Natural Data Generation) under the Air Force Research Laboratory.

\n\nSpeakerBio:  Anita Ding
\n

Anita Ding is a second lieutenant and cyber operations officer in the United States Air Force, is pursuing a master\'s in cyber operations with an AI focus at the Air Force Institute of Technology. Her research focuses on LLM-orchestrated red team automation and graph neural networks for attack-path scoring in Active Directory environments. She earned a B.A. in Computer Science from UC Berkeley, where she conducted research at the Berkeley AI Research Lab and the Berkeley Risk and Security Lab. She is also an alumna of the ACE Cyber Leadership Development program, where she designed a CTF challenge for the British Army\'s Defence Cyber Marvel exercise.

\n\nSpeakerBio:  Daniel Koranek
\n

Dr. Daniel Koranek is an Assistant Professor of Computer Science at the Air Force Institute of Technology (AFIT) and a two-time graduate of AFIT in cyber operations (2010, M.S.) and computer science (2022, Ph.D.), where his research interests focus on the intersection of artificial intelligence/machine learning and cybersecurity. This includes using AI/ML to enhance cybersecurity and using vulnerability assessment and secure design techniques to improve AI deployments. He has spent most of his career on reverse engineering and vulnerability assessment of embedded systems, and overlapping AI and cybersecurity drove Dr. Koranek\'s dissertation research on using the reverse engineering tool Binary Ninja to visualize explanations of malware classifications.

\n\n\'','NULL','NULL','','','','',66498,'\'Map Page - LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3)\'','Friday, Aug 7, 14:00 - 14:45 PDT
Saturday, Aug 8, 11:00 - 11:45 PDT
'),(182047,'\'DFMI: Weaponizing MSI Installers for Fileless Code Execution\'','demolabs','\'Creator: Demo Labs

DFMI is a cross-platform, open-source offensive toolkit that hijacks & abuses the Windows Installer\'s own execution engine to detonate arbitrary payloads during software installation, with zero files written to disk and zero evidence left behind. And this can be achieved without corrupting the Authenticode of the binary. --Which means, ANY signed legitimate installer file can leveraged as an attack vector.

\n\n

Right now, DFMI provides 3 different methods for abusing MSI files:

\n\n
    \n
  • Inject: Simply injects a CustomAction (CA) into an existing MSI package.
  • \n
  • Rogue MST: Generates an MSI Transform File (.mst) and injects into legitimate \".msi\" file without corrupting it\'s Authenticode. The original MSI file is never modified — its Authenticode signature remains fully intact and valid. This means a signed, trusted MSI can be weaponized without leaving any forensic trace on the file itself; the transform rides alongside it at deployment time.
  • \n
  • Stub: Creates a malicious MSI file from scratch.
  • \n
\n\n

GitHub: https://github.com/ccelikanil/DFMI

\nLinks:
    GitHub - https://github.com/ccelikanil/DFMI
\n
People:
    SpeakerBio:  Anil Celik
\n

Computer Engineer & been working as a Red Teamer for the past ~7 years. Previously did presentations at DEFCON 33 Demo Labs, DEFCON 33 Red Team Village & Black Hat USA Arsenal 2025. Currently holding 6 CVEs, OSCP & OSWP.

\n\n

Interests: Windows Internals & AD Security

\n\n\'','NULL','NULL','','','','',66499,'\'Map Page - LVCCW Level 1 Hall 3 900 (Demo Labs Track 4)\'','Saturday, Aug 8, 10:00 - 10:45 PDT
Friday, Aug 7, 16:00 - 16:45 PDT
'),(182048,'\'Damn Vulnerable Agentic AI Application (DVAIA)\'','demolabs','\'Creator: Demo Labs

AI-powered Agentic applications now execute database queries, read files, send emails, and call APIs on behalf of users — all triggered through a chat window. DVAIA (Damn Vulnerable Agentic AI Application) is a new open-source platform purpose-built to let you break them.

\n\n

DVAIA pairs a production-grade secure platform with deliberately vulnerable AI-powered chat agents, each isolated in its own database and mapped to the OWASP Top 10 for LLM Applications 2025. In this demo we live-exploit nine exercise categories covering 93 attack objectives:

\n\n
    \n
  • Prompt injection: extract system prompts, jailbreak filters, poison RAG documents, and hijack an email-summarization agent
  • \n
  • SQL and NoSQL injection through AI: trick chat agents into constructing malicious queries — the injection never touches a traditional input field
  • \n
  • Sensitive info disclosure: chain path traversal and SSRF through a banking agent\'s tool interface to read server secrets and probe internal services
  • \n
  • Excessive agency and BOLA: make a customer-service agent access other users\' data, create unauthorized orders, and issue fraudulent refunds
  • \n
  • XSS and CSRF through LLM output: reflected, stored, and LLM-generated cross-site scripting fired from chat responses
  • \n
  • Supply chain RCE: exploit a poisoned dependency through conversation with a code-analysis agent
  • \n
\nLinks:
    GitHub - https://github.com/hackerabhinavverma/Damn-Vulnerable-Agentic-AI-Application
\n
People:
    SpeakerBio:  Abhinav Verma
\n

Abhinav Verma is a Senior Staff Security Engineer at Intuit Inc. with 15+ years of experience across AI security, offensive security, red teaming, product security, and security operations. He currently leads AI security architecture reviews, AI penetration testing, and vulnerability management programs, with a focus on AI security, AI threat modeling, and securing large-scale cloud platforms.

\n\n

Over the course of his career at Intuit, he has built security automation, scaled continuous security scanning across thousands of assets, led secure design reviews for platforms serving millions of customers, and developed secure coding programs that have helped thousands of engineers shift security left. Abhinav was formerly an independent security researcher and has identified and reported vulnerabilities in numerous major online services and technology companies.

\n\n

He holds certifications including OSEP, OSCP, OSWP, GWAPT and CEH. Outside of work, Abhinav is a passionate gamer, a trained chef, an avid camper, and a mentor to aspiring offensive security practitioners.

\n\nSpeakerBio:  Mukesh Aggarwal
\n

Mukesh Aggarwal is a Distinguished Security Engineer who has spent his career thinking like a hacker. For nearly two decades he has hunted fraudsters and abuse across fintech platforms, building the detection pipelines, automations, and controls that shut bad actors down. He now lives at the bleeding edge of GenAI and agentic AI security, secure-by-default agent patterns, adversarial pen-testing and prompt-injection defense. He breaks things to understand them and stays a step ahead of attackers, usually spotting the weaknessess before they do.

\n\n

Mukesh has spoken at RSA Conference (OWASP GenAI Security Track), RenderATL, and the Intel Capital CISO Summit on AI safety, fraud, and offensive security, and is a member of the GIAC Advisory Board.

\n\n

Off the clock he is a die-hard offensive-security tinkerer who reverse-engineers hardware and apps, pokes at IoT security, writes autonomous bots, and automates his home. He also mentors the next wave of offensive and AI security practitioners.

\n\n\'','NULL','NULL','','','','',66500,'\'Map Page - LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1)\'','Friday, Aug 7, 11:00 - 11:45 PDT
Saturday, Aug 8, 14:00 - 14:45 PDT
'),(182049,'\'Empire 7: Shipping a C2 at AI Speed\'','demolabs','\'Creator: Demo Labs

Empire 7 is a near-total overhaul of the Command and Control (C2) framework, from how agents communicate with the server to how operators move through engagements. This major release continues to expand Empire\'s supported agents to include PowerShell, Python, IronPython, Go, C#, and now C. New tradecraft includes more than 50 new modules derived from Atomic Red Team, patchless AMSI/ETW bypasses, EarlyBird process hollowing, BOF execution with ILRepack assembly merging, and RDP session hijacking, among others. Empire\'s new cryptographically secure communications leverage AES-256-GCM and mTLS, with MITRE ATT&CK integration to assist in emulating real-world Advanced Persistent Threat (APT) Tactics, Techniques, and Procedures (TTPs).

\n\n

One more thing we\'ll talk about, this release shipped at roughly 10x our prior pace, due to our team’s adoption of agentic coding tools as a core development collaborator. We\'ll share what worked, what didn\'t, and what LLM-assisted offensive tooling development looks like.

\nLinks:
    GitHub - https://github.com/BC-SECURITY/Empire
\n
People:
    SpeakerBio:  Vincent \"Vinnybod\" Rose
\n

Vincent \"Vinnybod\" Rose is the Lead Developer for Empire and Starkiller. He is a software engineer with a decade of expertise in building highly scalable cloud services, improving developer operations, and automation. Recently, his focus has been on the reliability and stability of the Empire C2 server. Vinnybod has presented at Black Hat and has taught courses at DEF CON on Red Teaming and Offensive PowerShell. He currently maintains a cybersecurity blog focused on offensive security at https://bcsecurity.io/blog/.

\n\nSpeakerBio:  Jake \"Hubbl3\" Krasnov
\n

Jake \"Hubble\" Krasnov is the Red Team Operations Lead at BC Security, with a distinguished career spanning engineering and cybersecurity. A U.S. Air Force veteran, Jake began his career as an Astronautical Engineer overseeing rocket modifications, leading test and evaluation efforts for the F-22, and conducting red team operations with the 57th Information Aggressors. He later served as a Technical Lead Engineer at Boeing Phantom Works, where he focused on embedded security for aviation and space defense projects. A seasoned speaker and trainer, Jake has presented at DEF CON, Black Hat, HackRedCon, HackSpaceCon, and HackMiami, and has previously taught Empire and offensive PowerShell at DEF CON.

\n\nSpeakerBio:  Anthony \"Coin\" Rose
\n

Dr. Anthony \"Coin\" Rose is an officer in the United States Air Force, an Assistant Professor, and the Director of the Center for Cyberspace Research at the Air Force Institute of Technology. He holds a doctorate in Electrical Engineering and has expertise in machine learning, with a focus on its application to cybersecurity and malware detection. He is also the founder of SIMAPTIC and the Director of Security Research at BC Security, where he specializes in adversary tactics and emulation planning, Red and Blue Team operations, and embedded systems security. Dr. Rose is credited with 16 CVEs and has presented at numerous security conferences, including Black Hat, DEF CON, HackSpaceCon, HackMiami, and RSA Conference.

\n\n\'','NULL','NULL','','','','',66501,'\'Map Page - LVCCW Level 1 Hall 3 902 (Demo Labs Track 6)\'','Saturday, Aug 8, 12:00 - 12:45 PDT
Friday, Aug 7, 10:00 - 10:45 PDT
'),(182050,'\'Ghost in the IDE\'','demolabs','\'Creator: Demo Labs
Hook: The Blind Spot
\nYour EDR sees the server compromise. Your SIEM catches the phishing campaign. Your firewall blocks the C2 traffic. But what happens when the attacker doesn\'t target your infrastructure—they target your developers?
\n\n

28 million developers worldwide rely on three IDE platforms: JetBrains IntelliJ, Microsoft VS Code, and Eclipse. These aren\'t just text editors—they\'re command-and-control platforms disguised as productivity tools. Developers trust them with AWS credentials, database passwords, SSH keys, source code, and network access to production systems. And here\'s the kicker: IDE plugins run with full user privileges, no sandboxing, no permission dialogs, no questions asked.

\n\n

We built GHOST IN THE IDE, a production-ready C2 framework that weaponizes IDE plugins across all three major platforms. Not a proof-of-concept. Not a research prototype. A functional red team tool with keystroke logging, clipboard monitoring, file exfiltration, and remote command execution—working silently inside IntelliJ, VS Code, and Eclipse on Windows, macOS, and Linux.

\n\n

The Attack: Multi-IDE C2 That Actually Works\nMost IDE plugin research stops at \"look, I can pop calc.exe from VS Code.\" We went further. Way further.

\n
People:
    SpeakerBio:  Venkata Jayaram Yalla
\n

Yalla, Jayaram is Director – Application Security at S&P Global, leading enterprise-wide initiatives in secure application development, vulnerability management, and security architecture. He has transformed the Application Security function from a primarily tactical penetration-testing team into a strategic security engineering organization, emphasizing automation, governance, and advanced threat modeling.

\n\n

Jayaram combines deep hands-on experience in offensive security and research (including multiple CVEs) with ownership of large-scale AppSec programs across SAST, SCA, DAST, CI/CD security, and emerging AI security initiatives.

\n\nSpeakerBio:  Pardhiv Reddy
\n

Pardhiv is a security specialist with vast experience in the field of information security ranging from health care,hospitality, banking and government sectors throughout the world. He also earned many industry standard certifications in the security, some of them are SANS GPEN, OSCP, OSWP, CISSP, Security+, ISO 27001 LA and many others.

\n\n

Pardhiv\'s interest areas includes cloud security and IOT security and his research has been presented at EuropeanSec 2016 in Portugal. His expertise helped teams to build secure products and applications by providing security guidelines and best practices.

\n\n

Pardhiv has performed various iOT security assessments which includes both embedded hardware security, firmware analysis, mobile applications, network security including wireless communications and backend cloud server assessments.

\n\n

Pardhiv is also an active bug bounty hunter and helped many companies around the world by pointing their security vulnerabilities to make their application and products secure. He spares his free time to build prototypes and security research by learning new techniques and methodologies.

\n\n\'','NULL','NULL','','','','',66502,'\'Map Page - LVCCW Level 1 Hall 3 900 (Demo Labs Track 4)\'','Saturday, Aug 8, 15:00 - 15:45 PDT
Friday, Aug 7, 12:00 - 12:45 PDT
'),(182051,'\'GhostCatcher (endpoint detection agent)\'','demolabs','\'Creator: Demo Labs

GhostCatcher is an open-source Linux endpoint detection agent written in Go. It runs as a single binary or a systemd service and looks for host-visible adversary tradecraft on Linux: web shells, LD_PRELOAD abuse, SSH, cron, and systemd persistence, PAM/sudoers tampering, SUID and capability drift, reverse shells and unexpected network behavior, reflective / memory-map signals, and related patterns aligned with MITRE ATT&CK-style coverage.\nDetections are driven by a versioned, optionally signed rule pack, baselines and learning mode, multi-signal scoring, time-windowed correlation, CEL-style boolean expressions, optional Sigma-lite rules, optional YARA (disk and memory) and eBPF (with auditd/proc fallbacks), and JSONL output to stdout plus optional syslog, Splunk HEC, Elasticsearch _bulk, or Grafana Loki. The goal is to give blue teams a transparent, self-hosted way to turn Linux host telemetry into actionable events in the SIEM—without a vendor cloud control plane.

\nLinks:
    GitHub - https://github.com/sercanokur/GhostCatcherEDR
\n
People:
    SpeakerBio:  Sercan Okur
\n

Sercan Okur is the Founder and CEO of NextRay AI Detection & Response, Inc., a San Jose–based cybersecurity company building AI-driven Network Detection and Response technology. A cybersecurity practitioner with more than fifteen years of experience across critical-infrastructure, defense, and enterprise environments,

\n\n\'','NULL','NULL','','','','',66503,'\'Map Page - LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1)\'','Saturday, Aug 8, 11:00 - 11:45 PDT
Friday, Aug 7, 15:00 - 15:45 PDT
'),(182052,'\'GnawLab: Open-Source AWS Attack Scenarios Based on Real-World Breaches\'','demolabs','\'Creator: Demo Labs

GnawLab is a community-driven, open-source offensive cloud security training platform that recreates real-world AWS\n attack chains. Each scenario is modeled after documented breaches—Capital One\'s SSRF-to-IMDS pivot, Uber\'s leaked\n credential exploitation, SolarWinds-style CI/CD pipeline hijacking—deployed via Terraform in your own AWS account.\n Attendees will see live demonstrations of multi-hop attack chains: from SSRF and command injection entry points,\n through IMDS credential theft and Secrets Manager extraction, to full CI/CD pipeline compromise with Blue/Green\n deployment backdoors. GnawLab bridges the gap between theoretical cloud security knowledge and hands-on exploitation\n skills.

\nLinks:
    GitHub - https://github.com/Beaver-Dam-Community/GnawLab
\n
People:
    SpeakerBio:  ialleejy
\n

I am ialleejy, a Security Researcher at ENKI focusing on web security and cloud security. I have created WEB challenges for CODEGATE and HACKTHEON SEJONG CTF, and I am interested in designing CTF challenges that connect real-world service architectures with practical vulnerability research.

\n\n

Recently, I have been exploring Offensive Cloud Security, especially how traditional web vulnerabilities can lead to privilege escalation, credential exposure, and abuse of trust relationships in cloud environments. I am currently diving deeper into AWS Bedrock AI Agents, RAG-based knowledge poisoning, OIDC authentication flows, and IAM trust policies.

\n\n

Through this talk, I aim to show how a small vulnerability on the web can evolve into a broader cloud security issue, crossing trust boundaries between applications, identities, and cloud services.

\n\nSpeakerBio:  Kyul
\n

I am a college student relentlessly exploring cloud vulnerabilities. I possess an exceptionally high threshold for hunting, gathering, and deeply analyzing whatever piques my interest.

\n\n

My mindset is clear: effective defense demands an attacker\'s lens. Only by understanding actual infiltration paths and how they trigger critical risks can defenders accurately prioritize assets and build robust controls.

\n\n

Driven by this, I’ve operated at the intersection of Red and Blue. In incident response projects, I analyzed real-world TTPs to build attack scenarios while collaborating to engineer detection rules and automated responses. I’ve also researched and presented how AWS misconfigurations can be weaponized to cause cascading breaches.

\n\n

Currently, alongside the BeaverDam community, I am developing GnawLab for the DEF CON Demo Lab. GnawLab is an open-source, community-driven cloud security training platform. It provides high-fidelity sandbox environments reflecting real-world flaws, enabling players to execute realistic scenarios and vividly master cloud exploitation and analysis.

\n\n

At DEFCON, my goal isn\'t just to show what I\'ve built. I want to share this sandbox, break it alongside you, and absorb the brilliant, diverse approaches of world-class hackers. I am here to hack, learn, and grow together.

\n\n\'','NULL','NULL','','','','',66504,'\'Map Page - LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2)\'','Friday, Aug 7, 12:00 - 12:45 PDT
Saturday, Aug 8, 16:00 - 16:45 PDT
'),(182053,'\'Goose Processing Unit (GPU): VRAM as an Unmonitored Attack Surface\'','demolabs','\'Creator: Demo Labs

Modern GPUs have become foundational to computing infrastructure for gaming, machine learning, and AI workloads at scale, yet GPU memory remains a largely unmonitored attack surface. No mainstream antivirus or endpoint-detection solution currently inspects it, creating a significant blind spot that sophisticated adversaries can exploit. This Demo Lab presents a novel technique that uses NVIDIA RTX 5090 CUDA APIs to stage payload data, such as DLLs, directly in GPU memory, entirely outside the visibility of host-based security tools, including Windows Defender. A benign executable, with no malicious code of its own, uses CUDA\'s native memory transfer capabilities to move binary payload data onto the GPU immediately upon execution. No CUDA Toolkit installation is required on the target host. When triggered, the same executable retrieves the payload from GPU memory, manually maps it into process space, and executes it. A working proof of concept has been validated as an Empire C2 module, confirming practical operational viability. The technique is particularly impactful for high-uptime environments such as AI inference servers, rendering farms, and enterprise GPU clusters, where small executables interacting with the GPU blend naturally into background workloads.

\n
People:
    SpeakerBio:  Gannon \"Dorf\" Gebauer
\n

Gannon \"Dorf\" Gebauer is a second lieutenant in the United States Air Force pursuing a master\'s in computer science at the Air Force Institute of Technology. He earned a Bachelor of Science in Computer Science from Arizona State University. His expertise spans red team operations, reverse engineering, and offensive tool development, and his current research focuses on novel persistence techniques that abuse GPU memory as an unmonitored attack surface.

\n\nSpeakerBio:  Anthony \"Coin\" Rose
\n

Dr. Anthony \"Coin\" Rose is an officer in the United States Air Force, an Assistant Professor, and the Director of the Center for Cyberspace Research at the Air Force Institute of Technology. He holds a doctorate in Electrical Engineering and has expertise in machine learning, with a focus on its application to cybersecurity and malware detection. He is also the founder of SIMAPTIC and the Director of Security Research at BC Security, where he specializes in adversary tactics and emulation planning, Red and Blue Team operations, and embedded systems security. Dr. Rose is credited with 16 CVEs and has presented at numerous security conferences, including Black Hat, DEF CON, HackSpaceCon, HackMiami, and RSA Conference.

\n\nSpeakerBio:  Hana Christensen
\n

Hana Christensen is a second lieutenant and developmental engineer (electrical) in the United States Air Force. She is currently pursuing a master\'s in electrical engineering, with a focus on signal processing and machine learning. Her research investigates security vulnerabilities in AI hardware, examining whether side-channel analysis can be used to extract information about machine learning algorithms. She holds a B.S. in Electrical and Computer Engineering from the United States Air Force Academy (class of 2025).

\n\n\'','NULL','NULL','','','','',66505,'\'Map Page - LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3)\'','Friday, Aug 7, 13:00 - 13:45 PDT
Saturday, Aug 8, 10:00 - 10:45 PDT
'),(182054,'\'Hook Crook - Extracting More From Discord Webhooks\'','demolabs','\'Creator: Demo Labs

A webhook URL is often thought to be write-only — post a message, nothing more. So when one leaks through a misconfigured repo, a paste site, or breached infrastructure, it\'s written off as a spam-or-phishing nuisance and left to rot. Hook Crook shows that assumption is the vulnerability — and that \"write-only\" was never really the case.

\n\n

By abusing how Discord resolves references, what it returns when you query users and messages, and how its error and rate-limit responses differ, the write-only token quietly becomes a read primitive — leaking by design, not by bug. With nothing but the URL — no account, no additional authentication, no interaction from anyone on the target server — Hook Crook fingerprints the host guild, enumerates and confirms members, pulls profile data on known users (including their home-server tag), and in some cases recovers message content. The same behaviors let it bypass the server\'s posting restrictions, stage convincing impersonation and phishing, quietly edit or delete messages to scrub the evidence, and — on the way out — delete the webhook itself. None of it breaks Discord — it just reads Discord more carefully than its designers intended.

\nLinks:
    GitHub - https://github.com/HnC-Sec/hook_crook
\n
People:
    SpeakerBio:  Jeremy Banker
\n

Jeremy Banker is a Senior Security Software Engineer at Horizon3.ai, where he focuses on the reliability and resiliency of Horizon3\'s automated penetration testing platform. Previously, he spent nearly a decade at VMware, where he co-founded the Security Product Engineering group and led efforts to secure VMware\'s software supply chain. His open-source security tooling has been featured at Black Hat Arsenal and DEF CON Demo Labs, including Build Inspector for CI/CD pipeline anomaly detection and Tommyknocker for automated security control validation. Jeremy holds a Master\'s degree in Information Security.

\n\nSpeakerBio:  Arity0
\n

Arity0 is an independent security researcher specializing in the Discord platform. A self-taught hacker, he focuses on uncovering undocumented behaviors, edge cases, and design-level privacy implications in Discord\'s API and rendering pipeline. His long-running exploration of Discord\'s rendering quirks led to the discovery of the webhook rendering oracles that form the foundation of the Hook Crook identity disclosure technique.

\n\n\'','NULL','NULL','','','','',66506,'\'Map Page - LVCCW Level 1 Hall 3 900 (Demo Labs Track 4)\'','Saturday, Aug 8, 13:00 - 13:45 PDT
Saturday, Aug 8, 14:00 - 14:45 PDT
'),(182055,'\'Intercept.js: Runtime-Aware Detection for JavaScript Environments\'','demolabs','\'Creator: Demo Labs

Modern attacks increasingly execute inside JavaScript runtimes (browsers, email clients, and embedded app environments) where traditional file-scanning and OS-level controls lack visibility into application-layer behavior. In these contexts, payloads often exist only as in-memory buffers, fetch responses, or dynamically constructed objects. Detection therefore depends not just on inspecting bytes, but on understanding their origin, transformation, and use at runtime.

\n\n

We present Intercept.js, an open-source detection engine that runs natively within JavaScript environments, combining byte-level inspection with execution context in real time. Built for YARA compatibility, it extends rule evaluation beyond static artifacts by incorporating signals such as origin provenance, user gesture state, MIME inconsistencies, and object construction paths.

\n\n

This unified model enables detection of threats as they are assembled and executed — including identifying executable buffers built in memory, anomalous data flows, or content whose structure diverges from its declared type.

\n\n

As a concrete demonstration, we show how HTML smuggling attacks can be intercepted at the moment of payload construction, preventing delivery before artifacts ever reach disk and exposing a class of threats that evade both network and endpoint controls.

\nLinks:
    GitHub - https://github.com/rishi-sekantsec/sekant-intercept-js
\n
People:
    SpeakerBio:  Rishi Kant
\n

A builder at heart, Rishi has spent his career turning deep technical ideas into real-world impact. He holds a PhD in Electrical Engineering from Stanford, and earned his B.S. in EECS from UC Berkeley. After 4.5 years of advising global high-tech firms at McKinsey & Company, he followed his passion for building and moved into product management. Rishi led product teams at several cybersecurity companies—including Tanium, Authentic8, and Uptycs. Now, as founder of Sekant Security, he’s embedding runtime intelligence directly into web browsers to protect users from phishing, ClickFix, unsafe downloads, shadow AI and other emerging online threats.

\n\n\'','NULL','NULL','','','','',66507,'\'Map Page - LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2)\'','Saturday, Aug 8, 14:00 - 14:45 PDT
Friday, Aug 7, 15:00 - 15:45 PDT
'),(182056,'\'Keychecker : SSH Key based attack tool for DVCS Systems\'','demolabs','\'Creator: Demo Labs

KeyChecker is a CLI tool to fingerprint SSH private keys and identify which Git hosting accounts they unlock. In incident response and red team work, finding a private key is common, but scoping impact is slow and manual. KeyChecker automates the two primitives defenders and attackers both use: safe SSH handshakes that can reveal the mapped username, and read only git ls-remote probes that confirm whether a key can access a target repo.

\n\n

The tool performs local key intelligence first, supporting OpenSSH, PEM, and DER formats, detecting key type (ed25519, rsa, ecdsa, dsa), key size, passphrase protection, fingerprints (SHA256 and MD5), and useful metadata from key comments. It then validates the key across multiple providers including GitHub, GitLab, Bitbucket, Codeberg, Gitea, and Hugging Face, extracting usernames where possible, and optionally using a GitHub token for organization discovery.

\n\n

KeyChecker also supports repository discovery with a wordlist and configurable concurrency, giving a clear blast radius report like “this key unlocks these private repositories.” It is designed for authorized assessments, runs locally, and avoids write operations.

\nLinks:
    GitHub - https://github.com/cyfinoid/keychecker
\n
People:
    SpeakerBio:  Anant Shrivastava
\n

Anant Shrivastava is the founder of Cyfinoid Research and a long time offensive security practitioner with a focus on application, cloud, and supply chain security. He has delivered trainings and talks at Black Hat (USA, Europe, Asia), Nullcon, c0c0n, BSides, Rootconf and multiple other events, and runs projects such as Hacking Archives of India to highlight real work from the security community. His courses are built from real consulting and red team experience, with an emphasis on attack chains that actually show up in the field and defenses that teams can implement the next day.

\n\n\'','NULL','NULL','','','','',66508,'\'Map Page - LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3)\'','Friday, Aug 7, 16:00 - 16:45 PDT
Saturday, Aug 8, 13:00 - 13:45 PDT
'),(182057,'\'L.A.Y.E.R.S - Layered Analysis Engine for Browser Extension Risk and Security\'','demolabs','\'Creator: Demo Labs

Browser Extensions is one of the overlooked attack surface in the modern era. Most browser extension have permissions to allow direct access to cookies, browsing history, network requests and a poorly written extension can help attackers with stuff like silently steal credentials, log keystrokes, fingerprint users etc.

\n\n

L.A.Y.E.R.S. (Logical Analyst for Your Extension Risk Surface) is a fully client-side chrome browser extension security engine that performs multi-layered security analysis on extensions. The tool performs analysis on various levels like JS analysis, permissions analysis, manifest analysis, secret scanning, URL extractions etc. simultaneously to uncover potential risks. The tool comes with its own scoring system guiding the team if the extension is safe to use or not.

\n\n

L.A.Y.E.R.S. is designed for security researchers auditing in-house extensions, third-party extensions, red teams assessing browser attack surfaces, enterprises enforcing extension policies, and developers seeking to harden their own extensions before publication.

\n\n

What sets L.A.Y.E.R.S. apart begins with its privacy-first architecture - the entire analysis runs in-browser via the File System API and JSZip, with very little setup required. On the detection side, it incorporates Shannon entropy analysis. To keep results actionable rat

\nLinks:
    GitHub - https://github.com/infosecak/layers
\n
People:
    SpeakerBio:  Abhinav Khanna
\n

Abhinav is an Information Security Professional with 7+ years of experience and currently works at S&P Global. His area of expertise include Web App Security, API Security, Mobile App Security, Secure Architecture. He has spoken at conferences like BlackHat USA, DefCon 33, BlackHat Europe, BlackHat Asia etc.

\n\nSpeakerBio:  Krishna Chaganti
\n

Krishna Chaganti works as Associate Director Application Security at S&P Global, based in the USA, with over a decade of experience in Information Security. As a Certified Information Security Manager (CISM), he leads a team of more than 10 pentesters and specializes in Application Security along with Security Architecture.

\n\n\'','NULL','NULL','','','','',66509,'\'Map Page - LVCCW Level 1 Hall 3 901 (Demo Labs Track 5)\'','Friday, Aug 7, 14:00 - 14:45 PDT
Saturday, Aug 8, 13:00 - 13:45 PDT
'),(182058,'\'LoKi: A LoRa/Meshtastic based implant for Red Teaming\'','demolabs','\'Creator: Demo Labs

LoKi is a covert USB HID implant for Red Teaming that builds on the work of tools like the O.MG cable by replacing Wi-Fi with LoRa, extending the operational range of physical layer attacks from meters to kilometers. The implant integrates a Heltec LoRa module with custom Meshtastic firmware into an off-the-shelf wired USB mouse, retaining full mouse functionality. When LoKi receives a direct Meshtastic message, it translates the payload into DuckyScript™-compatible USB HID keystrokes and executes them on the host machine. No Wi-Fi, no Bluetooth, and no network traffic — the mouse simply begins typing. LoKi requires no line of sight and produces no detectable wireless LAN or Bluetooth signatures, making it effectively invisible to standard wireless monitoring. The live demo will walk through a payload from a handheld Meshtastic device to acquire a remote admin shell and bypass UAC on a target machine. Bring your own Meshtastic device and you can send commands to the implant during the demo. The presentation covers the hardware build, the customized open-source Meshtastic firmware, reliability considerations for keystroke delivery over a mesh network, and actionable blue team detection strategies, including monitoring for rogue HID device enumeration and LoRa RF activity.

\nLinks:
    GitHub - https://github.com/venkyr/loki
\n
People:
    SpeakerBio:  Venky Raju
\n

Venky Raju is a lifelong maker and hacker who firmly believes that if you haven\'t voided the warranty, you don\'t truly own it. While he holds a Master’s in Comp. Sci. and an EE degree, his most prized \"certifications\" were earned at the business end of a soldering iron, a 3D printer, and an array of metal and wood-working tools.

\n\n

By day, he navigates the complex worlds of Zero Trust, IoT, and OT security. To keep the corporate world happy, he maintains his CISSP and CCSP credentials—validating that he knows the academic rules well enough to know exactly how to safely bend them. His professional expertise isn\'t just theoretical. By night, he’s a renewable energy vigilante who built an off-grid solar shed and a custom PowerWall clone, mostly because he refuses to sell his electrons back to the grid for pennies. An early contributor to the LIRC and LCDproc projects, Venky’s code has been riding along in Linux distros for years.  He loves C, Python and PLC Ladder Logic.

\n\n

Beyond the lab, Venky is dedicated to \"pay-it-forward\" hacking. Whether he’s teaching the next generation how to solder at Maker Faire or volunteering with the Pacific Hackers Association, he is committed to building the community as much as the tech. He is happiest when he’s elbow-deep in a project that requires both a compiler and a multimeter.

\n\n\'','NULL','NULL','','','','',66510,'\'Map Page - LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1)\'','Saturday, Aug 8, 15:00 - 15:45 PDT
Friday, Aug 7, 12:00 - 12:45 PDT
'),(182059,'\'MSCodePhish: Redeem Your Coupon. Surrender Your Session\'','demolabs','\'Creator: Demo Labs

MSCodePhish is a red‑team toolkit that turns Microsoft’s Device Code OAuth flow into an embeddable phishing primitive that works inside any lure (e.g., “grab your coupon,” “unlock access,” etc.). Instead of pre‑generating device codes and racing against the usual 15‑minute timeout, MSCodePhish exposes a simple API endpoint that phishing pages can call via JavaScript (XHR/fetch) at the exact moment a victim opens the page. The tool then generates a fresh device code on demand, returns it to the phishing page (e.g., rendered as a “coupon code”), and instructs the user to complete the login on the legitimate Microsoft device login portal using that code.

\n\n

Behind the scenes, MSCodePhish continuously polls Microsoft’s token endpoint for that device code and, once the victim finishes authentication, captures the resulting refresh token and related claims (tenant, user, etc.). From its web UI, operators can track active campaigns, monitor which lures are converting, and use captured refresh tokens to request new access tokens for different resources (ARM, Key Vault, Graph, Storage, or custom scopes) in real time. Because the code is generated only when the phishing HTML is actually loaded, MSCodePhish effectively sidesteps device‑code expiration issues and enables more realistic, flexible phishing flows that closely mimic

\nLinks:
    GitHub - https://github.com/TROUBLE-1/MSCodePhish
\n
People:
    SpeakerBio:  Raunak \"Trouble1\" Parmar
\n

Raunak Parmar works as a senior cloud security engineer at White Knight Labs with 6+ years of experience. His areas of interest include web penetration testing, Azure/AWS security, source code review, scripting, and development. He enjoys researching new attack methodologies and creating open-source tools that can be used during cloud red team activities. He has worked extensively on Azure and AWS and is the author of Vajra, AzDevRecon and MsCodePhish. He has spoken at multiple respected security conferences like Black Hat, Defcon, Nullcon, RootCon, HackspaceCon, NorthSec, LeHack , etc and also at local meetups.

\n\nSpeakerBio:  Chirag \"3xpl01tc0d3r\" Savla
\n

Chirag Savla is a Cyber Security professional with 10+ years of experience. His areas of interest include penetration testing, red teaming, azure and active directory security, and post-exploitation research. He prefers to create open-source tools and explore new attack methodologies in his leisure. He has worked extensively on Azure, Active Directory attacks, defense, and bypassing detection mechanisms. He is an author of multiple Open Source tools such as Process Injection, Callidus, etc. He has presented at multiple conferences and local meetups and has trained people in international conferences like Blackhat, BSides Milano, Wild West Hackin’ Fest.

\n\n\'','NULL','NULL','','','','',66511,'\'Map Page - LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2)\'','Saturday, Aug 8, 12:00 - 12:45 PDT
Friday, Aug 7, 13:00 - 13:45 PDT
'),(182060,'\'MailX-Ray: A TSA X-Ray for Emails — Air-Gapped Safe-Read and Quick Triage in an Ephemeral MicroVM\'','demolabs','\'Creator: Demo Labs

When TSA scans your luggage, they see what\'s inside without opening the bag. MailX-Ray brings that pattern to email triage.

\n\n

Phishing reports hit analysts as small crises: open carefully, don\'t trigger anything, extract IOCs, hand off to detection. Tooling lives at two extremes: cloud sandboxes that ship customer data offsite, or lightweight CLIs that run malicious parsers directly on the analyst\'s host. Neither produces a portable safe artifact, on-prem and hardware-isolated, in roughly 30 seconds.

\n\n

MailX-Ray does. Every email is processed inside an ephemeral hardware-virtualized microVM with no network device. Network egress is prevented by design. Output includes a single-file portable HTML safe-read report, structured JSON with 45+ offline signal categories, and optional STIX and MISP exports for SOC integration. Original attachment binaries are never re-distributed.

\n\n

It\'s not a malware sandbox. No decompilation, no execution, no verdicts. It\'s a non-invasive structural scan: the first 30 seconds of email triage, with zero network egress, on the analyst\'s own laptop.

\n\n

Demo Labs attendees will see the live pipeline across real phishing scenarios, including encrypted nested archives. Open source on the day of the talk.

\nLinks:
    GitHub - https://github.com/ugurcanatasoy/MailX-Ray
\n
People:
    SpeakerBio:  Uğur \"uJohn\" Can ATASOY
\n

Uğur Can Atasoy is a Senior Security Engineer at Udemy, working primarily on blue and purple team operations.

\n\n

A believer in hybrid approaches that combine technical fieldwork with academic rigor, he has spent the past decade across higher education, media, defense, and automotive sectors in roles spanning security architect, specialist, trainer, and consultant. His work spans both offense and defense — from security operations, threat hunting, intrusion detection, purple teaming, and adversary simulation to penetration testing and secure architecture. He has served as a Senior Content Engineer at TryHackMe and as an Information Security Architect at Mercedes-Benz. He has delivered security training for NATO personnel, law enforcement investigators, and military leadership, spoken at DeepSec (Vienna), holds CCSP, GCIA, OSCP, and OSWP, and served as an ISC2 SME for exam and training item development. He has been recognized by Oracle and IBM for responsible disclosure.

\n\n

MailX-Ray is his answer to a recurring annoyance: every tool in the email triage stack is either a cloud SaaS that ships customer data offsite, a heavyweight VM-based sandbox that takes minutes per sample, or an unprotected CLI that runs malicious parser input directly on the analyst\'s host. It produces a safe artifact analysts can read and forward.

\n\n\'','NULL','NULL','','','','',66512,'\'Map Page - LVCCW Level 1 Hall 3 902 (Demo Labs Track 6)\'','Saturday, Aug 8, 14:00 - 14:45 PDT
Friday, Aug 7, 16:00 - 16:45 PDT
'),(182061,'\'MalSkill Lab: Hands-On Natural Language Malware in AI Agent Orchestration Systems\'','demolabs','\'Creator: Demo Labs

Your AI agent trusts every skill in its directory. What if one of them is lying?\nIn this Demo Lab, I walk you through MalSkills, natural language malware planted inside AI agent skill systems. No binaries, no shellcode, no signatures.\nJust English sentences with OS-level access.\nUsing ORPHEUS, my open-source multi-skill orchestration framework, I demonstrate three escalating attacks live:\n 1. BURIED INSTRUCTION: A malicious sentence hidden in a legitimate skill exfiltrates .env files on first execution. I show you 12 skills and challenge you to spot it. \n 2. CHAIN ATTACK: Five individually benign skills that, when orchestrated together, create an emergent data exfiltration path. No single skill is malicious. The composition is the weapon.\n 3. PERSISTENT GHOST: A skill that writes itself into agent memory, surviving file deletion and session restarts. Remove the skill, restart the agent, exfiltration continues.\nAfter offense, I flip to defense. I demo the MalSkill Detection Toolkit: skill integrity verification, capability-based sandboxing, orchestration graph analysis, and runtime behavioral monitoring.\nAttendees leave with: the ORPHEUS framework, a MalSkill sample pack, and a detection toolkit, all open source!\nEvery AI agent with a plugin system is vulnerable today. Come see why.

\nLinks:
    GitHub - https://github.com/nuryslyrt/ORPHEUS
\n
People:
    SpeakerBio:  Nur \"BurritoTheNurrito\" Gucu
\n

Offensive security professional and AI security researcher with 10+ years across financial services, startups, and Amazon.\nCurrently on the foundational model red team at Amazon AGI Labs, where I break AI systems and build the tooling to detect what I find.\nCore focus: LLM security, agentic system exploitation, and the gaps between how AI frameworks are designed and how they actually behave under adversarial pressure.\n6 patent applications. Published author (AWS Security Blog, internal science papers). Invited speaker on MCP security and LLM training APT attack surfaces.\nI turn research into shipped products and open-source tools, not empty slide decks.

\n\n\'','NULL','NULL','','','','',66513,'\'Map Page - LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2)\'','Friday, Aug 7, 14:00 - 14:45 PDT
Saturday, Aug 8, 13:00 - 13:45 PDT
'),(182062,'\'Monitor, Compile, Enforce: A Compiler Pipeline for Container Security Policy in Rust and eBPF\'','demolabs','\'Creator: Demo Labs

Container security tools observe behavior (eBPF) and enforce policy (BPF-LSM, AppArmor, Seccomp). But the translation between observation and enforcement is manual and incomplete. We present the first tool that treats this translation as a compilation problem. Built in Rust with the Aya eBPF framework, three monitoring modules serve as compiler frontends feeding a normalized behavioral IR. Optimization passes operate on this IR: pattern classification, rule deduplication, dead rule elimination, conflict detection, and cross-category dependency linking. The backend compiles optimized IR into BPF-LSM enforcement rules across three LSM hooks: security_file_open, security_bprm_check_security, and security_socket_connect. Enforcement is default-deny: any operation not in the compiled profile is blocked. We demo end-to-end: a container is profiled, the profile compiled through the pipeline, and enforcement blocks unauthorized file access, process execution, and network connections at the kernel level. Zero manual policy writing. We document the friction points where monitoring context diverges from enforcement context. No existing tool, including vArmor and KubeArmor, implements this compilation architecture with a true IR, optimization passes, and multi-category LSM enforcement.

\nLinks:
    GitHub - https://github.com/BugrahanYucel/ebpf-mon
\n
People:
    SpeakerBio:  Buğrahan Yücel
\n

Buğrahan Yücel is a software engineer at a SaaS company in Turkey, where he works on infrastructure security. He currently builds eBPF-based behavioral profiling and enforcement tooling in Rust using the Aya framework. This is his first DEF CON presentation.

\n\n\'','NULL','NULL','','','','',66514,'\'Map Page - LVCCW Level 1 Hall 3 902 (Demo Labs Track 6)\'','Saturday, Aug 8, 10:00 - 10:45 PDT
Friday, Aug 7, 13:00 - 13:45 PDT
'),(182063,'\'Overcast: Video OSINT Agent. Point It at 100 Videos, Ask Anything\'','demolabs','\'Creator: Demo Labs

Conference talks, earnings calls, product demos, training videos. Organizations put hours of footage online every week, full of things they didn\'t mean to share: hostnames in terminal windows, org charts on slides, infrastructure details dropped during Q&A. Traditional OSINT can\'t touch video at scale, and manual review falls apart past a handful of recordings.

\n\n

Overcast is a CLI agent and skill pack for video OSINT that drops into any agentic harness, such as Claude Code, Codex, or Tinycloud, giving it senses plus recon and targeting reach, organized around an investigation case. Point it at 10 videos or 1,000 and it turns footage into cited evidence: speech, video understanding, on-screen text and objects, faces, and named entities, all accumulating in persistent case memory.

\n\n

Discovery runs on the same case: scan and monitor sweep sources and surface reviewable findings. Ask across the whole corpus and get answers cited to the exact record and timestamp, backed by tiered retrieval. Match a photo against thousands of clips to find a person. Each subcommand is modular and pluggable, so analysts can drop one into other agent flows, author custom skills, or feed Overcast\'s media analysis into existing recon and security tooling to complete the mission.

\nLinks:
    GitHub - https://github.com/kdr/overcast
\n
People:
    SpeakerBio:  Kevin \"kdrwins\" Dela Rosa
\n

Kevin Dela Rosa is a multimodal AI researcher and engineer with 17+ years in computer vision, NLU, and large-scale retrieval. He led engineering teams at Snapchat building billion-scale visual search and generative AI products, worked on large-scale ML at Amazon, and interned at NIST and SPAWAR on NLP and information retrieval for government applications. He\'s published at ACM WWW, ACM CAIS, IEEE ICCV, KDD, CVPR, NeurIPS, AAAI, and ISMIR, and has spoken at AWS re:Invent, KubeCon, and CascadiaJS. He\'s currently CTO of Cloudglue, where he builds video understanding infrastructure.

\n\n

At DEF CON 33 he presented \"Autonomous Video Hunter\" at Recon Village, demoing an AI agent that investigated video corpora using face recognition, logo detection, and content analysis to produce structured OSINT reports. Overcast is the evolution of that work: a CLI agent and skill pack that gives any agentic harness senses plus recon and targeting reach, organized around an investigation case with persistent memory, cited evidence, and modular subcommands that plug into other recon and security workflows.

\n\n\'','NULL','NULL','','','','',66515,'\'Map Page - LVCCW Level 1 Hall 3 902 (Demo Labs Track 6)\'','Saturday, Aug 8, 16:00 - 16:45 PDT
Friday, Aug 7, 12:00 - 12:45 PDT
'),(182064,'\'Peekaboo: Breaking the Black Box of Threat and Malware Emulation\'','demolabs','\'Creator: Demo Labs
Standard security testing often forces a choice: use \"script-kiddie\" tools that get caught instantly, or use high-end frameworks that are too complex for rapid detection testing. Peekaboo bridges this gap. In this Demo Lab, we present Peekaboo - a modular, open-source framework designed for safe threat emulation. Unlike traditional malware, Peekaboo focuses on generating high-fidelity telemetry through legitimate cloud API abuse (GitHub, Bitbucket, Slack, Discord, Azure, VirusTotal, XBOX, AngelCam, etc) and evasive execution techniques (Direct Syscalls, Callback-based execution).
\n\n

We will demonstrate how to:

\n\n
    \n
  • Generate polymorphic agents that bypass static analysis using rare cryptographic algorithms like Speck and Skipjack.
  • \n
  • Generate agents that leverage signal processing like Fast Fourier Transformation and Feistel-network based cryptography for bypass EDR.
  • \n
  • Establish covert C2 channels within the metadata of trusted enterprise applications.
  • \n
  • Rapidly test EDR/SIEM rules against modern persistence and lateral movement techniques without risking system stability.
  • \n
\n\n

Peekaboo isn\'t just a tool; it\'s a \"sandbox-friendly\" adversary in a box, designed to help Blue Teams level up by understanding the nuances of the Offensive Dev Loop. Come see how we turn \"hidden\" threats into \"visible\" learning opportunities.

\nLinks:
    GitHub - https://github.com/cocomelonc/peekaboo
\n
People:
    SpeakerBio:  Zhassulan \"cocomelonc\" Zhussupov
\n

cybersecurity enthusiast, author, speaker and mathematician. Author of popular books: MD MZ Malware Development Book (Github, 2022, 2024) MALWILD: Malware in the Wild Book (Github, 2023) Malware Development for Ethical Hackers Book: (Packt, 2024) AIYA Mobile Malware Development Book (Github, 2025) Malware Development for Ethical Hackers 2nd edition (Packt, 2026, in progress) Author and tech reviewer at Packt. Co founder of various cybersecurity research labs, author of many cybersecurity blogs, HVCK magazine Malpedia contributor Speaker at BlackHat, DEFCON, Security BSides, Arab Security Conference, Hack.lu, Standoff, Positive Hack Talks, etc conferences

\n\n\'','NULL','NULL','','','','',66516,'\'Map Page - LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2)\'','Saturday, Aug 8, 10:00 - 10:45 PDT
Friday, Aug 7, 10:00 - 10:45 PDT
'),(182065,'\'Phasmid: Deniable Storage for Rubber-Hose Scenarios\'','demolabs','\'Creator: Demo Labs
Phasmid is a prototype deniable storage system built for a problem ordinary encryption handles poorly: what happens when the attacker stops attacking the math and starts coercing the human holding the key. It implements the Janus Eidolon System, or Janus System, a coercion-aware storage method that explores how visible disclosure and true protected state can diverge through deniable cryptographic structure, local-only operation, dual-profile storage, camera-based object-image matching, and owner-controlled destructive actions. Framed by the question of Agency, the project asks how a user can retain meaningful control over disclosure when physical pressure breaks normal cryptographic assumptions. This demo presents a practical low-power implementation on Raspberry Pi Zero 2 W for hostile situations where the attacker targets the person rather than the cipher.
\n\n\nLinks:
    GitHub - https://github.com/01rabbit/Phasmid
\n
People:
    SpeakerBio:  Makoto \"Mr.Rabbit\" Sugita
\n

Makoto Sugita is a security engineer and security toolmaker focused on practical systems for hostile environments, where cryptographic assumptions break down under real-world pressure. His work sits at the intersection of cryptography, hardware, and adversarial human behavior. He has presented tools and research at venues including Black Hat Arsenal and BSides, and is interested in deniable systems, tactical hardware, and building prototypes that expose uncomfortable but real security problems.

\n\n\'','NULL','NULL','','','','',66517,'\'Map Page - LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1)\'','Saturday, Aug 8, 12:00 - 12:45 PDT
Friday, Aug 7, 16:00 - 16:45 PDT
'),(182066,'\'PromptPwn: Finding and Exploiting AI-Generated Vulnerabilities at Scale\'','demolabs','\'Creator: Demo Labs

AI-assisted development tools don’t just introduce vulnerabilities; they introduce the same vulnerabilities repeatedly.

\n\n

PromptPwn is a tool designed to identify, track, and exploit common insecure patterns found in AI-generated code. It maintains a database of known vulnerability patterns produced by popular “vibe coding” workflows and provides scanning capabilities to detect these issues in real applications.

\n\n

In this demo, we show how PromptPwn identifies vulnerable patterns such as injection flaws, authentication weaknesses, and insecure defaults across generated code. We demonstrate how these patterns can be exploited in practice, highlighting how repeatability makes them especially valuable from an attacker’s perspective.

\n\n

We also explore how prompt variations influence these outcomes and show how insecure patterns can be remediated by adjusting prompts, closing the loop between generation, exploitation, and correction.

\n\n

This session focuses on practical demonstrations of how AI-generated code fails in predictable ways, and how those failures can be identified and abused at scale.

\nLinks:
    GitHub - https://github.com/georgiaw/PromptPwn
\n
People:
    SpeakerBio:  Georgia Weidman
\n

Georgia Weidman is an offensive security researcher and author focused on breaking real-world systems. She wrote Penetration Testing: A Hands-On Introduction to Hacking, a practical guide used by students and practitioners to learn exploitation techniques.

\n\n

Her work centers on how modern systems fail under attack, from mobile and IoT to enterprise environments. As a DARPA Cyber Fast Track performer, she developed the Smartphone Pentest Framework (SPF), a platform for mobile exploitation research.

\n\n

She has conducted penetration tests, built exploitation tooling, and developed attack chains across multiple domains. Her approach prioritizes hands-on techniques over theory, demonstrating how assumptions about security break down in practice.

\n\n

Georgia has presented internationally at conferences including Black Hat and DEF CON, with a focus on showing how things actually get hacked.

\n\n\'','NULL','NULL','','','','',66518,'\'Map Page - LVCCW Level 1 Hall 3 901 (Demo Labs Track 5)\'','Friday, Aug 7, 10:00 - 10:45 PDT
Saturday, Aug 8, 14:00 - 14:45 PDT
'),(182067,'\'Reversing F5: Pure-Go Steganography, Live Forensic Cover Recovery, and JPEG Fragility Analysis\'','demolabs','\'Creator: Demo Labs

F5 (Westfeld, 2001) is the canonical \"do it right\" JPEG steganography algorithm — matrix encoding, permutative straddling, shrinkage handling — and still turns up on confiscated devices and in CTF challenges 25 years later. The public tooling has rotted: the original is Java, modern rewrites bind CGo to libjpeg, and every implementation surveyed is one-way (embed and extract, never un-embed).\nThis Demo Lab presents ten public GitHub repositories that fix that, in pure Go with zero third-party dependencies. The headline is the first open-source F5 cover-recovery tool: given the stego JPEG, the password, and the extracted message, it reverses the embed and restores the cover\'s DCT coefficients. Alongside it ship three CLIs (embed, extract, recover), a pure-Go JPEG-family codec (baseline, JPEG 2000, JPEG-LS, XL/XR/XS/XT, Pleno, lossless), a Fridrich chi-square steganalysis library and CLI, and the supporting crypto, i18n, and logging packages — all auditable end-to-end in one language.\nLive: embed, extract, cover recovery, defensive Fridrich detection, JPEG re-encoding fragility, and a 25-line external Go program importing the library. Useful for digital forensics, steganalysis research, CTF authoring, and anyone who wants a CGo-free stego stack they can read in a weekend.

\nLinks:
    GitHub - https://github.com/0verkilll
\n
People:
    SpeakerBio:  0verkilll
\n

Precise, Ruthless, Ethical

\n\n\'','NULL','NULL','','','','',66519,'\'Map Page - LVCCW Level 1 Hall 3 901 (Demo Labs Track 5)\'','Friday, Aug 7, 16:00 - 16:45 PDT
Saturday, Aug 8, 10:00 - 10:45 PDT
'),(182068,'\'SecretSifter: Production Apps Are Leaking Credentials. The Blindspot DAST Never Checked.\'','demolabs','\'Creator: Demo Labs

Shift-left tools scan what you commit, not what you serve. DAST scanners test for vulnerabilities but ignore live traffic. The industry left a gap: runtime secrets. Finding them requires intercepting live traffic: a proxy, a browser extension, or a bulk scanner. SecretSifter is all three.

\n\n

We tested 2,000 production apps against ten secret scanners. 194 confirmed credentials survived all ten scanners.

\n\n

SecretSifter monitors live HTTP traffic and finds credentials in JS bundles, lazy-loaded chunks, HTML responses, JSON and XML APIs, and request headers. No config, no source code. 160+ rules cover vendor tokens (AWS, Azure, Stripe, Twilio, GitHub), entropy-gated patterns, and CryptoJS-encrypted configs where the decryption key is hardcoded in the same bundle. No other scanner catches that case. Bulk mode scans 30-50 targets: paste URLs, scan, optional AI triage, export HTML, CSV, or ZIP.

\n\n

The session opens with a live tool comparison. Most tools scan one URL at a time and require manual browsing. SecretSifter bulk-scans both targets in parallel. Two findings none of the ten caught: Azure AD credentials baked into a webpack bundle past GitLeaks. A CryptoJS config with the decryption key three lines away.

\n\n

Your entire pipeline reported green. Were they right? Attendees leave with a free tool to run the same day.

\nLinks:
    GitHub - https://github.com/secretsifter/secretsifter-burp
\n
People:
    SpeakerBio:  Hemanth Gorijala
\n

Hemanth Gorijala is Global Pentest Lead at a Fortune 100 financial services company. He built SecretSifter to close the runtime security gap: the space between where shift-left secret scanning stops and where secrets actually appear in production. His research identified 194 confirmed credentials across 2,000 production applications that bypassed ten secret scanners. He is presenting that research at security conferences across the US. The GT-194 benchmark is published on Zenodo (DOI 10.5281/zenodo.19464446). SecretSifter is open source at github.com/secretsifter.

\n\n\'','NULL','NULL','','','','',66520,'\'Map Page - LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1)\'','Saturday, Aug 8, 10:00 - 10:45 PDT
Friday, Aug 7, 14:00 - 14:45 PDT
'),(182069,'\'Senrigan (千里眼) x Suzaku (朱雀): Threat Hunting & DFIR for AWS — No SIEM, Just Your Laptop\'','demolabs','\'Creator: Demo Labs

Senrigan (千里眼) and Suzaku (朱雀) are two complementary open-source tools that together form a complete threat hunting and DFIR platform for AWS CloudTrail logs. Both are built by Yamato Security, the volunteer-run Japanese security community behind Hayabusa(隼), the widely adopted Windows event log fast-forensics tool. Yamato Security provides free, open-source DFIR tools and resources to the community.

\n\n

Building on Hayabusa\'s philosophy of fast, offline, community rule-based detection, this toolset brings the same approach to the cloud. Security teams can hunt threats across CloudTrail logs on a single laptop — without a SIEM, dedicated infrastructure, or licensing cost.

\n\n

The two tools work together, with Suzaku\'s detections flowing into Senrigan for analysis. Senrigan, deployed via Docker Compose, ingests CloudTrail logs into DuckDB via a Rust-based ingester, then lets analysts investigate them through 100+ pre-built hunting queries and 80+ pre-built Apache Superset dashboard charts — no SQL or CloudTrail schema knowledge required. Suzaku is a high-performance, standalone Rust-based CLI that applies native Sigma detection rules to CloudTrail logs and generates a fast-forensics DFIR timeline — surfacing attacks buried in the noise, producing only the events analysts need to investigate.

\nLinks:
    GitHub - https://github.com/Yamato-Security/suzaku, https://github.com/Yamato-Security/senrigan
\n
People:
    SpeakerBio:  Fukusuke Takahashi
\n

Fukusuke Takahashi has been with NTTDATA-CERT (NTT DATA Group Corporation\'s CSIRT) since 2018, specializing in DFIR, OSINT, and SOAR. He is one of the developers of Yamato Security\'s OSS tools. He enjoys developing open-source Blue Team tools. He has presented at conferences such as FIRST Annual Conferences, SECCON, BSides Tokyo, HITCON CMT, SecTor and AUSCERT.

\n\nSpeakerBio:  Zach Mathis
\n

Zach Mathis has been working in Japan doing offensive and defensive security work for Japanese companies since 2006. In 2012, he founded Yamato Security, one of the largest hands-on hacker communities in Japan. With other Yamato Security members, he has been releasing free and open source DFIR tools and resources since 2020.

\n\nSpeakerBio:  Akira Nishikawa
\n

Akira Nishikawa started his career as a software engineer specializing in embedded development. He worked as a freelance engineer in 2007, focusing on system development and operation for various companies. Since 2021, he has been dedicated to fostering a security culture for SaaS product security and improving service security. Additionally, he is an AWS Community Builder as of 2024.

\n\n\'','NULL','NULL','','','','',66521,'\'Map Page - LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3)\'','Saturday, Aug 8, 14:00 - 14:45 PDT
Friday, Aug 7, 10:00 - 10:45 PDT
'),(182070,'\'TokenMesh: Exposing Azure\'s Hidden Identity Attack Surface\'','demolabs','\'Creator: Demo Labs

Modern cloud environments are riddled with identity misconfigurations that go undetected until it\'s too late. TokenMesh is an open-source Azure security reconnaissance tool built to expose exactly that — over-privileged identities, dormant service principals, misconfigured storage accounts, and potential backdoors hiding in plain sight across Microsoft Entra ID and Azure RBAC.\nUnlike traditional scanners that drown you in raw data, TokenMesh is designed with the security practitioner in mind. It integrates directly with the Model Context Protocol (MCP) and the OpenAI API, allowing AI-assisted analysis that surfaces critical findings in plain language — no SIEM required, no query language to master. Plug it into your AI workflow of choice, ask questions in natural language, and get answers that actually make sense.\nIn this session, we\'ll walk through how TokenMesh was built, the real-world attack paths it uncovers, and live demonstrations against a target Azure environment. We\'ll cover how attackers abuse identity misconfigurations, how privilege escalation paths hide inside legitimate role assignments, and how defenders can use TokenMesh to harden their posture before adversaries exploit it. Whether you\'re a red teamer mapping an Azure tenant or a blue teamer trying to get ahead of the next breach.

\nLinks:
    GitHub - https://github.com/NotSoSecure/TokenMesh/
\n
People:
    SpeakerBio:  Saksham Agrawal
\n

Saksham Agrawal is a Senior Security Consultant at NotSoSecure, specializing in cloud security. His work focuses on discovering new attack paths in cloud environments and helping organizations understand real-world risks. He has presented his research at DEF CON Cloud Village, where he introduced his tool NoPrompt and shared practical techniques for cloud security testing. He enjoys building tools, exploring cloud internals, and sharing his findings with the security community. He has also responsibly reported critical vulnerabilities in major cloud vendors as part of his independent security research and actively delivers training sessions on cloud security and offensive security techniques.

\n\n\'','NULL','NULL','','','','',66522,'\'Map Page - LVCCW Level 1 Hall 3 901 (Demo Labs Track 5)\'','Friday, Aug 7, 15:00 - 15:45 PDT
Saturday, Aug 8, 11:00 - 11:45 PDT
'),(182071,'\'Trajan: Cross-Platform CI/CD Security Scanner\'','demolabs','\'Creator: Demo Labs

For three years, Praetorian has consistently found that CI/CD pipelines are one of the fastest paths to compromise enterprise environments. A misconfigured workflow or an over-privileged service connection can provide you with credentials, cloud access, or code execution on internal infrastructure, often undetected.

\n\n

We built to keep up: Gato for GitHub Actions (BH 2024), then Glato for GitLab CI (BH 2025). Both proved the approach: parse the pipeline configuration, classify triggers, gates, and danger zones, build a graph of how they connect, and surface what\'s actually exploitable.

\n\n

The problem was that no client runs just one platform. A typical enterprise has GitHub Actions for open-source, Azure DevOps for internal deployments, and GitLab for containerized workloads. Assessing all of that meant juggling multiple tools with different output formats and coverage gaps.

\n\n

Trajan folds everything we learned into a single tool spanning GitHub Actions, GitLab CI, and Azure DevOps. Each platform runs through the same phased pipeline: collect the pipeline config and the org surface, normalize it, correlate multi-step attack chains, scan against a YAML detection-rule corpus organized by attack category, and report through one unified findings format. Support for Jenkins, CircleCI, and Bitbucket is in active development.

\nLinks:
    GitHub - https://github.com/praetorian-inc/trajan
\n
People:
    SpeakerBio:  Rahul Saranjame
\n

Lead Security Engineer at Praetorian focused on penetration testing, red/purple teaming, CI/CD pipeline security, and risk advisory assessments. Rahul is OSCP and CRTO certified, holds a Master\'s degree in Cybersecurity from Georgia Tech, and is a core contributor to Trajan.

\n\nSpeakerBio:  Ranganatha Rao Sridhar
\n

OSCE3 certified Lead Security Engineer at Praetorian with expertise spanning product, cloud, and corporate security. Rao holds a Master\'s degree in Cybersecurity from Georgia Tech and is a core contributor to Trajan.

\n\nSpeakerBio:  Tanishq Rupaal
\n

Staff Offensive Security Engineer at Praetorian specializing in cloud security across AWS, GCP, and Azure. He designed the Guard Platform\'s cloud integration mechanism, is a core contributor to Trajan, and holds an M.S. in Cybersecurity from Georgia Tech.

\n\n\'','NULL','NULL','','','','',66523,'\'Map Page - LVCCW Level 1 Hall 3 902 (Demo Labs Track 6)\'','Friday, Aug 7, 14:00 - 14:45 PDT
Saturday, Aug 8, 13:00 - 13:45 PDT
'),(182072,'\'VoiceLock: Offline, Robust On-Device Speech Transcription\'','demolabs','\'Creator: Demo Labs

VoiceLock analyzes audio to identify speakers, count participants, and understand what each person said and discussed, just from a microphone. The self-contained, entirely offline system is designed for continuous, long-term use cases of 72 to 168 hours or more. The system runs entirely on-device, with high accuracy as tested on datasets and in the real world. Key innovations include an on-device vector database for fast speaker-similarity search and robust noise reduction, which greatly improve transcript accuracy. The output is a transcript with name labels. The system is fast enough to transcribe and report in under a minute. Code is written as an open-source Python module with a provided runtime and setup script to enable quick deployment on IoT devices. The system has been tested in challenging environments, including high noise levels, many speakers/arguments, and a lecture-style format. We present a live demo, technical details, and a short runtime tutorial.

\nLinks:
    GitHub - https://github.com/qayyumayaan/voicelock
\n
People:
    SpeakerBio:  Ayaan Qayyum
\n

Ayaan is an MS in engineering student at Columbia University. His research interests include mobile computing, applied machine learning, edge AI, and data science. He is an expert in understanding customer needs and use cases to solve real-world problems.

\n\nSpeakerBio:  Parag Kalay
\n

Parag is a Biomedical Engineering MS student at Columbia University, combining expertise in CAD, rapid prototyping, and data-driven design to transform concepts into functional technologies under tight technical constraints. Skilled in translating clinical needs into robust engineering solutions from initial sketches to validated prototypes.

\n\n\'','NULL','NULL','','','','',66524,'\'Map Page - LVCCW Level 1 Hall 3 1003 (Demo Labs Track 3)\'','Saturday, Aug 8, 16:00 - 16:45 PDT
Friday, Aug 7, 12:00 - 12:45 PDT
'),(182073,'\'Weaponizing eBPF and XDP with Covert Triggered Reverse Shells\'','demolabs','\'Creator: Demo Labs
eBPF and XDP now underpin critical Linux infrastructure yet their kernel-level access creates a blind spot: adversaries can weaponize these primitives for stealth persistence that evades standard forensic tools. Current defenses are not equipped for this emerging threat.
\n\n

We built Phantasma, an open-source eBPF implant, to expose this gap. It combines three kernel-level techniques: (1) XDP covert triggering that intercepts packets at the NIC driver before they reach the networking stack, firewalls, or packet capture systems (2) getdents64 syscall interception to hide processes from /proc, defeating ps, top, and all enumeration tools; and (3) bpf() syscall interception to cloak loaded eBPF objects from bpftool and forensic inspection.

\n\n

We live-demonstrate the full attack chain deployment, self-cloaking, magic packet activation, and encrypted reverse shell showing the implant defeating packet capture, process listing, and BPF introspection simultaneously.

\n\n

We then present the defenses this threat demands: kernel audit rules for bpf() syscalls, /sys/fs/bpf inspection, XDP attachment monitoring, and behavioral indicators. Attendees leave with detection rules, hardening steps, and a clear understanding of why eBPF must be treated as an attack surface, not just a defense tool.

\nLinks:
    GitHub - https://gitlab.com/0xBabar0ka/Phantasma
\n
People:
    SpeakerBio:  Yll \"0xBabar0ka\" Berisha
\n

I am an offensive security researcher with 2 years of experience in penetration testing, red teaming, and custom tooling. I am the creator of Phantasma, an open-source eBPF/XDP implant framework for stealth persistence research.

\n\n

Professionally, I have worked at Sentry, conducting web, mobile, and internal/external network penetration tests. At Finbbug, I contributed to a US Embassy-supported project assessing the cybersecurity posture of NGOs and media organizations in Kosovo, identifying issues such as XSS, directory listing, and IDOR vulnerabilities. At Starlabs, I built dark web monitoring tools using HaveIBeenPwned and LeakX APIs for automated credential leak detection.

\n\n

I hold BSCP (Burp Suite Certified), CRT-ID (Certified Red Team Infra Dev), MCRTA (Multi Cloud Red Teamer), CISCO ETHICAL HACKER, and HACKWISER CAPT certifications. I placed 1st at the Iowa State Cyber Defense Competition and represented Kosovo at the 2024 ENISA European Cybersecurity Challenge in Turin.

\n\n

I have presented at CyberZero on prompt injection attacks and deepfake-based social engineering at the TechRisck conference, and co-organized national and international CTFs designing real-world attack chain challenges.

\n\n

I am also a member of DefCon Group Prishtina (DC38338), where I contribute to co-organizing meetups and community events.

\n\n\'','NULL','NULL','','','','',66525,'\'Map Page - LVCCW Level 1 Hall 3 901 (Demo Labs Track 5)\'','Friday, Aug 7, 12:00 - 12:45 PDT
Saturday, Aug 8, 16:00 - 16:45 PDT
'),(182074,'\'X-Ray Your Agents: Pentesting MCPs, Skills, and the Plugin Supply Chain\'','demolabs','\'Creator: Demo Labs

Agents now run with thousands of third-party plugins — MCP servers, Claude skills, GPT actions, IDE extensions, plugin marketplaces — and the prevailing trust model is roughly “read the README and hope.” Tool descriptions are executable prompts. Tool parameters are executable code paths. Tool outputs feed straight into the next agent step. Yet there is no npm audit for this ecosystem, no signed manifests, and no capability sandbox in the wild.

\n\n

MCP X-Ray is an open-source security scanner that ports classical pentest tradecraft to the agent plugin supply chain. It combines static config and repo audit, rules-based and LLM-driven semantic analysis, and active pentesting that actually invokes tools with adversarial inputs — emitting SARIF that drops into GitHub, VS Code, and CI gates today. In this 30-minute session we will (1) walk the threat model that ties MCPs, skills, and plugin bundles together; (2) live-demo X-Ray finding real vulnerabilities in each. Attendees walk away with a CI template they can drop in on Monday, and three intentionally vulnerable plugins to keep practicing on.

\nLinks:
    GitHub - https://github.com/traceforce/mcp-xray
\n
People:
    SpeakerBio:  Xia Hua
\n

Xia is co-founder and CEO of Traceforce which secures AI native apps running on devices. She previously led engineering at Clumio (acquired by Commvault), delivering cloud data protection products that were 20x faster and 10x more scalable than competitors. Earlier, she was an in-memory database architect at Oracle. Xia earned her PhD in Applied Mathematics from MIT.

\n\nSpeakerBio:  Abhijeet Kumar
\n

Abhijeet Kumar is an OSCP-certified offensive security researcher and M.Eng Cybersecurity student at the University of Maryland. He has disclosed critical vulnerabilities across NASA, SAIL critical infrastructure, Keurig Dr Pepper, and U.S. government programs which includes a CVSS 10.0 RCE that triggered an official CERT-In incident response and a full account takeover chain affecting users across 20+ countries. He captains UMD\'s CTF team RandomHackers, which placed 1st out of 64 universities at HTB Hack The Madness 2026, and has spoken at the Billington State and Local Cybersecurity Summit alongside the Director of Adversary Emulation.

\n\n\'','NULL','NULL','','','','',66526,'\'Map Page - LVCCW Level 1 Hall 3 900 (Demo Labs Track 4)\'','Friday, Aug 7, 10:00 - 10:45 PDT
Saturday, Aug 8, 11:00 - 11:45 PDT
'),(182075,'\'Zealot: An Autonomous Cloud Offensive Multi-Agent System\'','demolabs','\'Creator: Demo Labs

In November 2025, Anthropic disclosed a state-sponsored operation where AI didn\'t assist human attackers — it was the attacker, executing 80-90% of the campaign autonomously. The question shifted from \"could this happen?\" to \"how bad can it get?\"

\n\n

We built Zealot to find out.

\n\n

Zealot is a multi-agent offensive framework that autonomously chains reconnaissance, exploitation, privilege escalation, and data exfiltration against cloud environments — with no human directing individual steps. A supervisor agent coordinates three specialists (Infrastructure, AppSec, and Cloud) that share attack state and hand off context as the operation progresses. The result: an AI system that thinks strategically and executes tactically, the way a real red team does.

\n\n

In live sandbox tests against GCP, Zealot autonomously discovered an exposed web service, identified and exploited an SSRF vulnerability, extracted service account credentials from the metadata service, impersonated a higher-privileged account, and exfiltrated BigQuery datasets — start to finish, without a human touching the keyboard after the objective was set.

\n\n

We\'ll walk through the architecture, show the full attack chain on video, and share the honest lessons: where AI operators excel (systematic enumeration, credential chaining, API fluency), where they fall short (a

\nLinks:
    Website - https://unit42.paloaltonetworks.com/autonomous-ai-cloud-attacks/
\n
People:
    SpeakerBio:  Chen Doytshman
\n

I\'m a security researcher with a background in artificial intelligence and machine learning. I am passionate about using my skills to protect against cyber threats. With over 5 years of experience in the field, I have a strong understanding of both security and AI technologies and am skilled at combining the two to identify and mitigate vulnerabilities.

\n\n\'','NULL','NULL','','','','',66527,'\'Map Page - LVCCW Level 1 Hall 3 900 (Demo Labs Track 4)\'','Friday, Aug 7, 11:00 - 11:45 PDT
Saturday, Aug 8, 12:00 - 12:45 PDT
'),(182076,'\'Zero-Cloud Threat Modeling: Vector Embedding Architectures for Automated Vulnerability Detection\'','demolabs','\'Creator: Demo Labs

Traditional threat modeling is a tedious, manual process prone to human error. Conversely, modern \"AI\" threat modeling tools almost universally depend on sending sensitive, proprietary system architectures to third-party APIs in cleartext.

\n\n

We present AI Threat Modeler (AITM), a fully open-source, zero-cloud application designed to automate architecture-driven STRIDE threat modeling completely offline. AITM fundamentally shifts how we analyze system designs by replacing brittle, keyword-based regex rules with a local Semantic AI Engine.

\n\n

Under the hood, AITM leverages sentence-transformers and an in-memory FAISS vector database to embed a comprehensive, 116+ component knowledge base. During analysis, a custom NetworkX graph builder parses natural language or structured architecture descriptions (via spaCy) to map undocumented architectural features to known CVE classes and STRIDE categories.

\n\n

Furthermore, AITM introduces \"Architecture Intelligence\" using graph traversal algorithms to automatically infer missing trust boundaries and identify multi-step attack chains that standalone component scanning misses.\nIn this demo, we will:\nWalk through the automated ingestion of a microservice architecture.\nDemonstrate how the local FAISS engine discovers semantic threats that evade keyword matching.\nShow dynamic attack cha

\nLinks:
    GitHub - https://github.com/ankitspidy007/ai-threat-modeler
\n
People:
    SpeakerBio:  Ankit Vashisth
\n

Ankit Vashisth is a Security Engineer with over 4 years of experience in application security, cloud security, and DevSecOps. He has worked on security assessments across web, mobile, network, and enterprise systems for global clients. His interests include AI-driven security tooling, threat modeling, and security automation. Ankit actively researches ways to apply AI to improve security architecture analysis and vulnerability detection.

\n\n\'','NULL','NULL','','','','',66528,'\'Map Page - LVCCW Level 1 Hall 3 900 (Demo Labs Track 4)\'','Friday, Aug 7, 13:00 - 13:45 PDT
Saturday, Aug 8, 16:00 - 16:45 PDT
'),(182077,'\'pymsi: Interactive MSI Installer Analysis in Python and the Browser\'','demolabs','\'Creator: Demo Labs

pymsi is a pure-Python library for parsing, analyzing, and extracting files from Windows installer (MSI) packages, without relying on native Windows APIs or tooling. It provides direct access to MSI database tables, embedded binary streams, and installer metadata, enabling security researchers to inspect installer behavior and extract files from MSI installers.

\n\n

We will demonstrate its ability to safely tear apart malicious MSI droppers, dump internal database tables, and extract embedded payloads without risking accidental execution. Attendees will see how the CLI and Python API can be used to triage files and integrate it into automated analysis pipelines, including how it has been integrated into other open source tools to extract embedded payloads and identify malicious CustomAction behaviors.

\n\n

Because it is written entirely in Python, it runs seamlessly on any OS with a Python interpreter, including web browsers. The demo will showcase the online MSI viewer, a client-side tool powered by Pyodide that gives pymsi a familiar lessmsi-style UI for working with MSI installers from any device with a web browser. Demos will also show new security analysis features for identifying suspicious installer behaviors and inspecting contents of embedded binary streams within a browser.

\nLinks:
    GitHub - https://github.com/nightlark/pymsi
\n
People:
    SpeakerBio:  Ryan \"Nightlark\" Mast
\n

Ryan is a software engineer working on open source projects to make the electric grid more reliable. His interests include software security, niche video games, tearing apart \"smart\" devices, and reverse engineering audio/video hardware used in live productions.

\n\n\'','NULL','NULL','','','','',66529,'\'Map Page - LVCCW Level 1 Hall 3 902 (Demo Labs Track 6)\'','Friday, Aug 7, 15:00 - 15:45 PDT
Saturday, Aug 8, 11:00 - 11:45 PDT
'),(182078,'\'sisakulint:CI-Friendly static linter with autofix, SAST, semantic analysis for GitHub Actions\'','demolabs','\'Creator: Demo Labs

GitHub Actions workflows are vulnerable by default. Hardening such as commit-hash pinning, least-privilege permissions, and timeouts is optional, never enforced at pipeline level. Exploitable configs ship daily, increasingly written by Coding Agents.\nsisakulint is a fast heuristic static analyzer for GitHub Actions covering all OWASP Top 10 CI/CD risks, with 52 rules, a taint engine, and 38+ auto-fixes. It outpaces CodeQL on speed and quality, with 100% detection on 18 GHSL advisories and 81.6% on 38 GHSAs covering exploits in PX4-Autopilot, vets-api, weaviate, nrwl/nx.

\n\n

Impostor Commit at CVSS 9.8 validates pinned SHAs against the claimed repository, not impostors via Git forks, a check unique to sisakulint. Code Injection at CVSS 9.8 tracks untrusted input through ${{ }} and step outputs. AI Action Rules detect Clinejection on claude-code-action, copilot-swe-agent, and openai-actions, covering tool grants, prompt injection, and wildcard triggers, as in Cline 2026/02 where issue title injection stole NPM_RELEASE_TOKEN. Known Vulnerable Actions catches tj-actions/changed-files.

\n\n

In the Coding Agent era, linters matter more. Delegating 52 rules to an LLM degrades precision; deterministic engines run in ms with no variance. The session covers end-to-end detection, taint propagation, and automated remediation.

\nLinks:
    GitHub - https://sisaku-security.github.io/lint/
\n
People:
    SpeakerBio:  Atsushi Sada
\n

Atsushi Sada is a CSIRT member specializing in cloud security on AWS and GitHub, and enterprise security with MDM, EDR, AI governance. He is an ethical hacker and security tool developer. He built sisakulint and MachStealer for practical security research in static/network analysis, Malware.

\n\n

He co-founded and organizes @sec_wakate, a community for junior security engineers in Japan. He has spoken at Black Hat USA/Asia Arsenal, AVTOKYO, and AWS Security JAWS.

\n\nSpeakerBio:  hikae
\n

Security Engineer in Red Team @ freee inc, AI Security Specialist.

\n\n\'','NULL','NULL','','','','',66530,'\'Map Page - LVCCW Level 1 Hall 3 1002 (Demo Labs Track 2)\'','Friday, Aug 7, 11:00 - 11:45 PDT
Saturday, Aug 8, 11:00 - 11:45 PDT
'),(182079,'\'xEndity: IoT Firmware Analysis & Digital Twin Platform\'','demolabs','\'Creator: Demo Labs

IoT devices are embedded in critical infrastructure globally, yet security teams face a fundamental constraint: you cannot aggressively test what you cannot safely replicate. Physical hardware is expensive, limited in supply, and testing against production systems is off-limits. This leaves defenders operating blind against an expanding attack surface of billions of connected devices.

\n\n

xEndity is an open-source, end-to-end IoT firmware emulation platform that transforms raw firmware binaries into fully functional, network-ready virtual device instances, no physical hardware required. It provides an automated pipeline spanning firmware acquisition, binary analysis, filesystem extraction, emulation packaging, and orchestrated deployment of emulated device networks at scale.

\n\n

The platform enables two high-impact use cases: first, as a scopeless penetration testing range where red teams and researchers can conduct unrestricted vulnerability validation, exploit development, and attack simulation against realistic IoT environments. Second, as a deceptive defense layer where emulated devices are deployed as high-interaction honeypots to capture adversary tradecraft, collect OS-level and network telemetry, and generate actionable threat intelligence.

\nLinks:
    GitHub - https://github.com/kenleejl/xEndity
\n
People:
    SpeakerBio:  Zeus \"LightningGod\" Chan
\n

Zeus Chan is a security researcher on the Adversary Emulation Team at HTX (Home Team Science and Technology Agency), where he focuses on IoT firmware analysis, device emulation, and offensive security research. His work spans building automated pipelines for firmware emulation, security testbed development, and honeypot deployment for threat intelligence collection against embedded systems. Zeus has presented IoT security research at DEFCON events globally and Milipol TechX Singapore, and has supported community initiatives including the HTX Public Safety Village at DEFCON Singapore. He holds experience in red team operations supporting critical national infrastructure across the finance and healthcare sectors.

\n\nSpeakerBio:  Kenneth \"kenleejl\" Lee
\n

Cyber security enjoyer

\n\n\'','NULL','NULL','','','','',66531,'\'Map Page - LVCCW Level 1 Hall 3 1001 (Demo Labs Track 1)\'','Saturday, Aug 8, 16:00 - 16:45 PDT
Friday, Aug 7, 13:00 - 13:45 PDT
'),(182080,'\'Hacker Jeopardy\'','pge','\'Creator: Social Gatherings/Events
\n\'','NULL','NULL','','','','',66532,'\'Map Page - LVCCW Level 1 Hall 3 1006,904 (Main Tracks 1,4)\'','Saturday, Aug 8, 20:00 - 21:59 PDT
Friday, Aug 7, 20:00 - 21:59 PDT
'),(182081,'\'Policy Party\'','pge','\'Creator: Social Gatherings/Events
\n\'','NULL','NULL','','','','',66533,'\'Map Page - LVCCW Level 2 W210-211 (Policy Village)\'','Friday, Aug 7, 18:00 - 20:59 PDT
'),(182082,'\'Whose Slide Is It Anyway?\'','pge','\'Creator: Social Gatherings/Events

DEF CON 34 marks an entire DECADE of “Whose Slide Is It Anyway?”” being the unholy union of improv comedy, hacking, and slide deck sado-masochism. We are the embodiment of the hacker battle cry \"\"FUCK IT, WE\'LL DO IT IN PROD.\"\"

\n\n

For the last 10 years, our team of slide monkeys have created a stupid amount of short slide decks on whatever nonsense tickles our fancies. Slides are not exclusive to technology, they can and will be about anything. Contestants will take the stage and choose a random number corresponding to a specific slide deck. They will then improvise a minimum 5 minute / maximum 10 minute lightning talk, becoming instant subject matter experts on whatever topic/stream of consciousness appears on the screen.

\n\n

But....why?

\n\n

Because for us, the stage is hallowed ground and since stupidity can\'t be stopped, we decided to weaponize it. Whether you delight in the chaos of watching your fellow hackers squirm or would like to sacrifice yourself to the Contest Gods, it’s a night of schadenfreude for the whole family.

\n\'','NULL','NULL','','','','',66539,'\'Map Page - LVCCW Level 1 Hall 1-100 (Contest Stage)\'','Friday, Aug 7, 22:00 - 23:59 PDT
'),(182083,'\'Global OSINT Search Party CTF – DEF CON 34 Edition\'','creatorEvt','\'Creator: TNF

The Trace Labs Global OSINT Search Party CTF is a non-theoretical CTF where teams of up to 4 people use their OSINT skills to look for actual missing people. For DEF CON 34, we will be working directly with Las Vegas Metro PD to source local missing person cases they have requested the public’s assistance with. This is a hybrid event, open to participants of all skill levels, from anywhere in the world. Prizes will be awarded for 1st, 2nd, and 3rd places, as well as for Most Valuable OSINT. Participants at DEF CON can pickup their free event ticket by stopping by the OSINT4Good Community anytime prior to the event start. Global participants can get a ticket by going to https://www.tracelabs.org/tickets. Bring a laptop and some snacks and get ready to use OSINT4Good!

\nLinks:
    Virtual Registration - https://www.tracelabs.org/tickets
\n\'','NULL','NULL','','','','',66547,'\'Map Page - LVCCW Level 1 Hall 4-1307 (OSINT For Good Community)\'','Saturday, Aug 8, 12:00 - 15:59 PDT
'),(182084,'\'The KEVOPS Sellout Pool Party II: Sponsored by Zyn\'','pge','\'Creator: Social Gatherings/Events

The Sellout Pool Party is back. Join us for tacos and music!

\n\'','NULL','NULL','','','','',66548,'\'Map Page - Sahara Hotel/Sahara Azul Ultra Pool\'','Friday, Aug 7, 19:00 - 21:59 PDT
'),(182085,'\'Welcome Party at The Industrial\'','pge','\'Creator: Social Gatherings/Events

Kick off DEF CON at our official Welcome Party! We\'ll meet at The Industrial at 18:30.

\n\n

Standby for details about shuttles from LVCC to The Industrial.

\n\'','NULL','NULL','','','','',66549,'\' Page - The Industrial\'','Thursday, Aug 6, 18:30 - 23:30 PDT
'),(182086,'\'DEF CON After party @ LIV Fontainebleau\'','pge','\'Creator: Social Gatherings/Events

Close out DEF CON at LIV Fontainebleau. Bring your DEF CON badge for free admission and a free drink.

\n\'','NULL','NULL','','','','',66550,'\' Page - LIV Nightclub at Fontainebleau\'','Sunday, Aug 9, 22:30 - 01:59 PDT
'); /*!40000 ALTER TABLE `pages` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `speakers` -- DROP TABLE IF EXISTS `speakers`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!50503 SET character_set_client = utf8mb4 */; CREATE TABLE `speakers` ( `speaker_sort` varchar(128) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `speaker` varchar(128) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `hash` varchar(64) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `autoincre` int NOT NULL AUTO_INCREMENT, PRIMARY KEY (`autoincre`), KEY `speaker_sort` (`speaker_sort`) USING BTREE ) ENGINE=InnoDB AUTO_INCREMENT=494768 DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `speakers` -- LOCK TABLES `speakers` WRITE; /*!40000 ALTER TABLE `speakers` DISABLE KEYS */; INSERT INTO `speakers` VALUES ('\'Jeff \"The Dark Tangent\" Moss\'','\'Jeff \"The Dark Tangent\" Moss\'','DEF CON Talks_019b30bc90c89863853b5ebceda03871',494554),('\'zeta\'','\'zeta\'','DEF CON Workshops_56a9e4196bc014b9a39107eb499483d6',494555),('\'Rafa \"bane\" Gutierrez\'','\'Rafa \"bane\" Gutierrez\'','DEF CON Workshops_56a9e4196bc014b9a39107eb499483d6',494556),('\'Sydney \"letswastetime\" Marrone\'','\'Sydney \"letswastetime\" Marrone\'','DEF CON Workshops_c56cb6cb97a64a451639f0dc0c651ef1',494557),('\'Dennis Giese\'','\'Dennis Giese\'','DEF CON Workshops_c93df3d33af69f178f2c4459a679c648',494558),('\'Braelynn Luedtke\'','\'Braelynn Luedtke\'','DEF CON Workshops_c93df3d33af69f178f2c4459a679c648',494559),('\'Arnold Wey\'','\'Arnold Wey\'','DEF CON Workshops_c93df3d33af69f178f2c4459a679c648',494560),('\'Harsha Potu\'','\'Harsha Potu\'','DEF CON Workshops_c93df3d33af69f178f2c4459a679c648',494561),('\'Ryan \"Hackgnar\" Holeman\'','\'Ryan \"Hackgnar\" Holeman\'','DEF CON Workshops_fa7f7e02956f62648d482d652c420621',494562),('\'Alek Amrani\'','\'Alek Amrani\'','DEF CON Workshops_fa7f7e02956f62648d482d652c420621',494563),('\'Jake \"Hubbl3\" Krasnov\'','\'Jake \"Hubbl3\" Krasnov\'','DEF CON Workshops_fd99c6b85e805fafe4bfffa54b107266',494564),('\'Vincent \"Vinnybod\" Rose\'','\'Vincent \"Vinnybod\" Rose\'','DEF CON Workshops_fd99c6b85e805fafe4bfffa54b107266',494565),('\'Anthony \"Coin\" Rose\'','\'Anthony \"Coin\" Rose\'','DEF CON Workshops_fd99c6b85e805fafe4bfffa54b107266',494566),('\'Dan Niefeld\'','\'Dan Niefeld\'','DEF CON Workshops_fd99c6b85e805fafe4bfffa54b107266',494567),('\'Yoann \"OtterHacker\" DEQUEKER\'','\'Yoann \"OtterHacker\" DEQUEKER\'','DEF CON Workshops_32b8f20f3d6c668995065ee1b0a5c735',494568),('\'Mike \"Chicolinux\" Guirao\'','\'Mike \"Chicolinux\" Guirao\'','DEF CON Workshops_a4b379a5a65083f7154bfa84cea7458a',494569),('\'cale \"calebot\" smith\'','\'cale \"calebot\" smith\'','DEF CON Workshops_6c7d13c7e8d7467df06461ffc67eae78',494570),('\'Ruchik Dave\'','\'Ruchik Dave\'','DEF CON Workshops_6c7d13c7e8d7467df06461ffc67eae78',494571),('\'Young Seuk Kim\'','\'Young Seuk Kim\'','DEF CON Workshops_6c7d13c7e8d7467df06461ffc67eae78',494572),('\'Luke Cycon\'','\'Luke Cycon\'','DEF CON Workshops_6c7d13c7e8d7467df06461ffc67eae78',494573),('\'Rodrigo \"Sp0oKeR\" Montoro\'','\'Rodrigo \"Sp0oKeR\" Montoro\'','DEF CON Workshops_e9e6900ec58290824f11da37ccdaace4',494574),('\'Ryan \"@rj_chap\" Chapman\'','\'Ryan \"@rj_chap\" Chapman\'','DEF CON Workshops_0f088b32270c9209c3dbc99e5980a778',494575),('\'Aaron \"Ironical\" Rosenmund\'','\'Aaron \"Ironical\" Rosenmund\'','DEF CON Workshops_0f088b32270c9209c3dbc99e5980a778',494576),('\'Joseph Long\'','\'Joseph Long\'','DEF CON Workshops_9ad6c291742ea1bf4b2caf0da707fadd',494577),('\'Sam Bowne\'','\'Sam Bowne\'','DEF CON Workshops_6c7e1e0b18d478a5ae368810f635311a',494578),('\'Elizabeth Biddlecome\'','\'Elizabeth Biddlecome\'','DEF CON Workshops_6c7e1e0b18d478a5ae368810f635311a',494579),('\'Kaitlyn Handelman\'','\'Kaitlyn Handelman\'','DEF CON Workshops_6c7e1e0b18d478a5ae368810f635311a',494580),('\'Irvin Lemus\'','\'Irvin Lemus\'','DEF CON Workshops_6c7e1e0b18d478a5ae368810f635311a',494581),('\'Vince \"bitpusher\" Weppner\'','\'Vince \"bitpusher\" Weppner\'','DEF CON Workshops_5b739960a13ffaec11a3f89b252b7823',494582),('\'Alexandrine Torrents\'','\'Alexandrine Torrents\'','DEF CON Workshops_a32db55433ef700088de2f3a1a27fabc',494583),('\'Arnaud SOULLIE\'','\'Arnaud SOULLIE\'','DEF CON Workshops_a32db55433ef700088de2f3a1a27fabc',494584),('\'John \"clearbluejar\" McIntosh\'','\'John \"clearbluejar\" McIntosh\'','DEF CON Workshops_3d1f153431a07f113282f50042f7a5c9',494585),('\'Darcy \"@Drc3p0\" Neal\'','\'Darcy \"@Drc3p0\" Neal\'','DEF CON Workshops_5f4228229a836bd91dfe339849f00768',494586),('\'Preston Zen\'','\'Preston Zen\'','DEF CON Workshops_e03b907cd32d3b4edfea8698bc81c83a',494587),('\'Andrew Case\'','\'Andrew Case\'','DEF CON Workshops_d966a5334d4aaae7ef2c13f66dfdd6e4',494588),('\'Pierre \"Abyss Watcher\" Breton\'','\'Pierre \"Abyss Watcher\" Breton\'','DEF CON Workshops_d966a5334d4aaae7ef2c13f66dfdd6e4',494589),('\'David McDonald\'','\'David McDonald\'','DEF CON Workshops_d966a5334d4aaae7ef2c13f66dfdd6e4',494590),('\'Yoann \"OtterHacker\" DEQUEKER\'','\'Yoann \"OtterHacker\" DEQUEKER\'','DEF CON Workshops_c99ff5e831a392560d9081b224e96252',494591),('\'HackeMate\'','\'HackeMate\'','DEF CON Workshops_0952de90fbb8007d21a5952105ff5ae7',494592),('\'mx\'','\'mx\'','DEF CON Workshops_bc62c472f92ebacfa03c5357c4cffb25',494593),('\'Joe \"SecurelyFitz\" FitzPatrick\'','\'Joe \"SecurelyFitz\" FitzPatrick\'','DEF CON Workshops_bc62c472f92ebacfa03c5357c4cffb25',494594),('\'nyx\'','\'nyx\'','DEF CON Workshops_bc62c472f92ebacfa03c5357c4cffb25',494595),('\'Yu Terada\'','\'Yu Terada\'','DEF CON Workshops_57c46d5b288c27ea0d555367d285d3cb',494596),('\'Kotaro \"@Decamark / @BinaryPoodle\" Osugi\'','\'Kotaro \"@Decamark / @BinaryPoodle\" Osugi\'','DEF CON Workshops_57c46d5b288c27ea0d555367d285d3cb',494597),('\'James Hawk\'','\'James Hawk\'','DEF CON Workshops_9681975a4c10f188de547cbb69b8e58d',494598),('\'Jon \"C4V3M4N\" Milkins\'','\'Jon \"C4V3M4N\" Milkins\'','DEF CON Workshops_9681975a4c10f188de547cbb69b8e58d',494599),('\'Brian Burnett\'','\'Brian Burnett\'','DEF CON Workshops_9681975a4c10f188de547cbb69b8e58d',494600),('\'Pavan \"pavanreddysec\" Reddy\'','\'Pavan \"pavanreddysec\" Reddy\'','DEF CON Workshops_dc0fa0067c30caec39867e9a91849dad',494601),('\'John \"clearbluejar\" McIntosh\'','\'John \"clearbluejar\" McIntosh\'','DEF CON Workshops_9b95fef97a6674af257fdd2837866096',494602),('\'Raunak \"Trouble1\" Parmar\'','\'Raunak \"Trouble1\" Parmar\'','DEF CON Workshops_0d632dd2fd73a18a1f58036cc8701936',494603),('\'Chirag \"3xpl01tc0d3r\" Savla\'','\'Chirag \"3xpl01tc0d3r\" Savla\'','DEF CON Workshops_0d632dd2fd73a18a1f58036cc8701936',494604),('\'Abhinav Verma\'','\'Abhinav Verma\'','DEF CON Workshops_bad8a21d635d04fa59d2284858f65580',494605),('\'wasabi\'','\'wasabi\'','DEF CON Workshops_ead0f37c0e8c79ef519012fcd80e1425',494606),('\'Ø1\'','\'Ø1\'','DEF CON Workshops_ead0f37c0e8c79ef519012fcd80e1425',494607),('\'Tokugero\'','\'Tokugero\'','DEF CON Workshops_ead0f37c0e8c79ef519012fcd80e1425',494608),('\'iDigitalFlame\'','\'iDigitalFlame\'','DEF CON Workshops_cc412b89b7afd15edbd59bcc43919896',494609),('\'Daniel Bravo\'','\'Daniel Bravo\'','DEF CON Workshops_cc412b89b7afd15edbd59bcc43919896',494610),('\'Wesley McGrew\'','\'Wesley McGrew\'','DEF CON Workshops_9577306b75d1de04e7c77d623c7ba1eb',494611),('\'Arnaud SOULLIE\'','\'Arnaud SOULLIE\'','DEF CON Workshops_16b57642176291640ea8c554c8f12aaa',494612),('\'Alexandrine TORRENTS\'','\'Alexandrine TORRENTS\'','DEF CON Workshops_16b57642176291640ea8c554c8f12aaa',494613),('\'Nitay Bachrach\'','\'Nitay Bachrach\'','DEF CON Workshops_c487c36cc7cc08a7ac6fcf0a1dfb5e03',494614),('\'Cynthia Ardman\'','\'Cynthia Ardman\'','DEF CON Workshops_c487c36cc7cc08a7ac6fcf0a1dfb5e03',494615),('\'Rodney \"BenevolentWorm\" Beede\'','\'Rodney \"BenevolentWorm\" Beede\'','DEF CON Workshops_046d54909dc84f12c1f3b7aebdab3603',494616),('\'Dallas\'','\'Dallas\'','DEF CON Workshops_47c5740b95a6f48f711b148d55f15d4b',494617),('\'Ricardo Sanchez\'','\'Ricardo Sanchez\'','DEF CON Workshops_2a9d3e3ecccaa18c019519107e131a87',494618),('\'Daniel Malvaceda\'','\'Daniel Malvaceda\'','DEF CON Workshops_2a9d3e3ecccaa18c019519107e131a87',494619),('\'Bramwell \"Bw3ll\" Brizendine\'','\'Bramwell \"Bw3ll\" Brizendine\'','DEF CON Workshops_7f30d3ec8e062524d823f5f9b88bf030',494620),('\'Austin \"quantumite\" Norby\'','\'Austin \"quantumite\" Norby\'','DEF CON Workshops_7f30d3ec8e062524d823f5f9b88bf030',494621),('\'Micah Flack\'','\'Micah Flack\'','DEF CON Workshops_7f30d3ec8e062524d823f5f9b88bf030',494622),('\'Pedro Cabrera\'','\'Pedro Cabrera\'','DEF CON Workshops_d8a54c2ecbaac5d2abdc73316ca971f0',494623),('\'Hannes \"hercules_hannes\" Heck\'','\'Hannes \"hercules_hannes\" Heck\'','DEF CON Workshops_d8a54c2ecbaac5d2abdc73316ca971f0',494624),('\'Sam Miorelli\'','\'Sam Miorelli\'','DEF CON Workshops_d8a54c2ecbaac5d2abdc73316ca971f0',494625),('\'Jordan Sanchez\'','\'Jordan Sanchez\'','DEF CON Workshops_d8a54c2ecbaac5d2abdc73316ca971f0',494626),('\'Rushikesh Nandedkar\'','\'Rushikesh Nandedkar\'','DEF CON Workshops_a1bf162acc13b9a63286b8abcb0ded2c',494627),('\'Eric \"Eijah\" Anderson\'','\'Eric \"Eijah\" Anderson\'','DEF CON Workshops_588b8997e34b79ffd2d792149d60230e',494628),('\'Patrick \"PilotPat\" Raiden\'','\'Patrick \"PilotPat\" Raiden\'','DEF CON Workshops_d81254ded6ff58faecda6be908a23bc9',494629),('\'Ben \"Marba$\" Strout\'','\'Ben \"Marba$\" Strout\'','DEF CON Workshops_d81254ded6ff58faecda6be908a23bc9',494630),('\'Brandon \"D43m0n\" Kraycirik\'','\'Brandon \"D43m0n\" Kraycirik\'','DEF CON Workshops_d81254ded6ff58faecda6be908a23bc9',494631),('\'Anurag Swarnim Yadav\'','\'Anurag Swarnim Yadav\'','Demo Labs_9598fadffd090dcd17c1481087662bb1',494632),('\'Joseph Wilson\'','\'Joseph Wilson\'','Demo Labs_9598fadffd090dcd17c1481087662bb1',494633),('\'Anurag Swarnim Yadav\'','\'Anurag Swarnim Yadav\'','Demo Labs_df32d46bcc664c5dadaaa265337f433f',494634),('\'Joseph Wilson\'','\'Joseph Wilson\'','Demo Labs_df32d46bcc664c5dadaaa265337f433f',494635),('\'Akbar \"0xsensei\" Abdullayev\'','\'Akbar \"0xsensei\" Abdullayev\'','Demo Labs_30256cdaf0063998ab91528ee883a9cd',494636),('\'0xHera\'','\'0xHera\'','Demo Labs_30256cdaf0063998ab91528ee883a9cd',494637),('\'Akbar \"0xsensei\" Abdullayev\'','\'Akbar \"0xsensei\" Abdullayev\'','Demo Labs_57cdba7f0533f4ed84015c217deef1eb',494638),('\'0xHera\'','\'0xHera\'','Demo Labs_57cdba7f0533f4ed84015c217deef1eb',494639),('\'Andrea Brosio\'','\'Andrea Brosio\'','Demo Labs_a6199c2ba672821b6b69101e9b388545',494640),('\'Arun Nair\'','\'Arun Nair\'','Demo Labs_a6199c2ba672821b6b69101e9b388545',494641),('\'Andrea Brosio\'','\'Andrea Brosio\'','Demo Labs_254a78d45fd1178dfe5c225a5ec5e270',494642),('\'Arun Nair\'','\'Arun Nair\'','Demo Labs_254a78d45fd1178dfe5c225a5ec5e270',494643),('\'Ozgun \"ozzy\" Kultekin\'','\'Ozgun \"ozzy\" Kultekin\'','Demo Labs_8fe640565878ce4ecb4937e785d40a7a',494644),('\'Ozgun \"ozzy\" Kultekin\'','\'Ozgun \"ozzy\" Kultekin\'','Demo Labs_2cde4f195630e3e5aa633555878c845f',494645),('\'Jared \"GonePhishing402\" Graff\'','\'Jared \"GonePhishing402\" Graff\'','Demo Labs_3c6ffd3dbb08e1fb401ee36269101eb0',494646),('\'Jeff Daniels\'','\'Jeff Daniels\'','Demo Labs_3c6ffd3dbb08e1fb401ee36269101eb0',494647),('\'Jared \"GonePhishing402\" Graff\'','\'Jared \"GonePhishing402\" Graff\'','Demo Labs_40b44a026682f7c348d4d76c3e5814a7',494648),('\'Jeff Daniels\'','\'Jeff Daniels\'','Demo Labs_40b44a026682f7c348d4d76c3e5814a7',494649),('\'Gigi Xiaoqing Liu\'','\'Gigi Xiaoqing Liu\'','Demo Labs_e01211d51e8841567e08bbe3e4237962',494650),('\'Muzzammil Mohammed\'','\'Muzzammil Mohammed\'','Demo Labs_e01211d51e8841567e08bbe3e4237962',494651),('\'Narmina Karimova\'','\'Narmina Karimova\'','Demo Labs_e01211d51e8841567e08bbe3e4237962',494652),('\'Gigi Xiaoqing Liu\'','\'Gigi Xiaoqing Liu\'','Demo Labs_8c18bbca4cca057feac8db83e05165b5',494653),('\'Muzzammil Mohammed\'','\'Muzzammil Mohammed\'','Demo Labs_8c18bbca4cca057feac8db83e05165b5',494654),('\'Narmina Karimova\'','\'Narmina Karimova\'','Demo Labs_8c18bbca4cca057feac8db83e05165b5',494655),('\'Sara \"testingSoul\" Martinez\'','\'Sara \"testingSoul\" Martinez\'','Demo Labs_b2c911ba1927d922f597b85230be63e9',494656),('\'Sara \"testingSoul\" Martinez\'','\'Sara \"testingSoul\" Martinez\'','Demo Labs_a3ea791dadc0df5c85ebb0c18b37095f',494657),('\'Adam \"w00tock\" Toscher\'','\'Adam \"w00tock\" Toscher\'','Demo Labs_05e4b3ad8df2793ef156f385cacb2e83',494658),('\'Adam \"w00tock\" Toscher\'','\'Adam \"w00tock\" Toscher\'','Demo Labs_babbb7d0ac6373e461b289afbb21022d',494659),('\'Kyler McElroy\'','\'Kyler McElroy\'','Demo Labs_f24ddf95ae4696addd1dd8f3c485d59d',494660),('\'Anita Ding\'','\'Anita Ding\'','Demo Labs_f24ddf95ae4696addd1dd8f3c485d59d',494661),('\'Daniel Koranek\'','\'Daniel Koranek\'','Demo Labs_f24ddf95ae4696addd1dd8f3c485d59d',494662),('\'Kyler McElroy\'','\'Kyler McElroy\'','Demo Labs_4b12f642db95bab9c8e99842ea34852e',494663),('\'Anita Ding\'','\'Anita Ding\'','Demo Labs_4b12f642db95bab9c8e99842ea34852e',494664),('\'Daniel Koranek\'','\'Daniel Koranek\'','Demo Labs_4b12f642db95bab9c8e99842ea34852e',494665),('\'Anil Celik\'','\'Anil Celik\'','Demo Labs_0e8e2910b01e66f2df08befeb3341d4f',494666),('\'Anil Celik\'','\'Anil Celik\'','Demo Labs_343a514c616c8e83f7bb5fbf95965896',494667),('\'Abhinav Verma\'','\'Abhinav Verma\'','Demo Labs_7ad1db9e9f598b2b2716c3df8cbf7098',494668),('\'Mukesh Aggarwal\'','\'Mukesh Aggarwal\'','Demo Labs_7ad1db9e9f598b2b2716c3df8cbf7098',494669),('\'Abhinav Verma\'','\'Abhinav Verma\'','Demo Labs_05532acd85fba6e6989f718a864ef7f7',494670),('\'Mukesh Aggarwal\'','\'Mukesh Aggarwal\'','Demo Labs_05532acd85fba6e6989f718a864ef7f7',494671),('\'Vincent \"Vinnybod\" Rose\'','\'Vincent \"Vinnybod\" Rose\'','Demo Labs_78395b25e0d892e7d3811b2c396ac511',494672),('\'Jake \"Hubbl3\" Krasnov\'','\'Jake \"Hubbl3\" Krasnov\'','Demo Labs_78395b25e0d892e7d3811b2c396ac511',494673),('\'Anthony \"Coin\" Rose\'','\'Anthony \"Coin\" Rose\'','Demo Labs_78395b25e0d892e7d3811b2c396ac511',494674),('\'Vincent \"Vinnybod\" Rose\'','\'Vincent \"Vinnybod\" Rose\'','Demo Labs_8af408e7807525e1d28db9816e46ebc3',494675),('\'Jake \"Hubbl3\" Krasnov\'','\'Jake \"Hubbl3\" Krasnov\'','Demo Labs_8af408e7807525e1d28db9816e46ebc3',494676),('\'Anthony \"Coin\" Rose\'','\'Anthony \"Coin\" Rose\'','Demo Labs_8af408e7807525e1d28db9816e46ebc3',494677),('\'Venkata Jayaram Yalla\'','\'Venkata Jayaram Yalla\'','Demo Labs_1abe3def95e372b23496562c71004054',494678),('\'Pardhiv Reddy\'','\'Pardhiv Reddy\'','Demo Labs_1abe3def95e372b23496562c71004054',494679),('\'Venkata Jayaram Yalla\'','\'Venkata Jayaram Yalla\'','Demo Labs_eaf256bae3e39ef49a936b241e6ee44d',494680),('\'Pardhiv Reddy\'','\'Pardhiv Reddy\'','Demo Labs_eaf256bae3e39ef49a936b241e6ee44d',494681),('\'Sercan Okur\'','\'Sercan Okur\'','Demo Labs_06cde76a2cd8a8d7ff851c813729147c',494682),('\'Sercan Okur\'','\'Sercan Okur\'','Demo Labs_6b54f175d246dd854024e3409d954b8c',494683),('\'ialleejy\'','\'ialleejy\'','Demo Labs_fb3a76b6147cd6019d4e05900007279a',494684),('\'Kyul\'','\'Kyul\'','Demo Labs_fb3a76b6147cd6019d4e05900007279a',494685),('\'ialleejy\'','\'ialleejy\'','Demo Labs_17e29c94807e5a08746327baabf467d6',494686),('\'Kyul\'','\'Kyul\'','Demo Labs_17e29c94807e5a08746327baabf467d6',494687),('\'Gannon \"Dorf\" Gebauer\'','\'Gannon \"Dorf\" Gebauer\'','Demo Labs_fa04e26391e0cb6b48f9399d8e32a441',494688),('\'Anthony \"Coin\" Rose\'','\'Anthony \"Coin\" Rose\'','Demo Labs_fa04e26391e0cb6b48f9399d8e32a441',494689),('\'Hana Christensen\'','\'Hana Christensen\'','Demo Labs_fa04e26391e0cb6b48f9399d8e32a441',494690),('\'Gannon \"Dorf\" Gebauer\'','\'Gannon \"Dorf\" Gebauer\'','Demo Labs_01004a7fd39249376c6eb6c46afa535d',494691),('\'Anthony \"Coin\" Rose\'','\'Anthony \"Coin\" Rose\'','Demo Labs_01004a7fd39249376c6eb6c46afa535d',494692),('\'Hana Christensen\'','\'Hana Christensen\'','Demo Labs_01004a7fd39249376c6eb6c46afa535d',494693),('\'Jeremy Banker\'','\'Jeremy Banker\'','Demo Labs_6cd8b8a27aadecbee40b38a85536d866',494694),('\'Arity0\'','\'Arity0\'','Demo Labs_6cd8b8a27aadecbee40b38a85536d866',494695),('\'Jeremy Banker\'','\'Jeremy Banker\'','Demo Labs_c1c1252ff218f1e0e34ca956010fcca6',494696),('\'Arity0\'','\'Arity0\'','Demo Labs_c1c1252ff218f1e0e34ca956010fcca6',494697),('\'Rishi Kant\'','\'Rishi Kant\'','Demo Labs_18a71eb428166696211d7a74a9836836',494698),('\'Rishi Kant\'','\'Rishi Kant\'','Demo Labs_8737a195555cd14bd4775dcb51cbebe4',494699),('\'Anant Shrivastava\'','\'Anant Shrivastava\'','Demo Labs_40361ce82b4435cc764487f80c19097b',494700),('\'Anant Shrivastava\'','\'Anant Shrivastava\'','Demo Labs_b8304ab42f479ab93a9237584ddce5ce',494701),('\'Abhinav Khanna\'','\'Abhinav Khanna\'','Demo Labs_410ee729def850a10d45ee7cdeef84d0',494702),('\'Krishna Chaganti\'','\'Krishna Chaganti\'','Demo Labs_410ee729def850a10d45ee7cdeef84d0',494703),('\'Abhinav Khanna\'','\'Abhinav Khanna\'','Demo Labs_f4eb309f3f977a661a79b282edeb648a',494704),('\'Krishna Chaganti\'','\'Krishna Chaganti\'','Demo Labs_f4eb309f3f977a661a79b282edeb648a',494705),('\'Venky Raju\'','\'Venky Raju\'','Demo Labs_75f90d9c300b5ae162aeb3a0d1a518c5',494706),('\'Venky Raju\'','\'Venky Raju\'','Demo Labs_f362cc5c6bd794157a6f73c8da1fb0b0',494707),('\'Raunak \"Trouble1\" Parmar\'','\'Raunak \"Trouble1\" Parmar\'','Demo Labs_6aff253acd04478ec86a95b3bde62c52',494708),('\'Chirag \"3xpl01tc0d3r\" Savla\'','\'Chirag \"3xpl01tc0d3r\" Savla\'','Demo Labs_6aff253acd04478ec86a95b3bde62c52',494709),('\'Raunak \"Trouble1\" Parmar\'','\'Raunak \"Trouble1\" Parmar\'','Demo Labs_41fc477c8df31210961e48070557997d',494710),('\'Chirag \"3xpl01tc0d3r\" Savla\'','\'Chirag \"3xpl01tc0d3r\" Savla\'','Demo Labs_41fc477c8df31210961e48070557997d',494711),('\'Uğur \"uJohn\" Can ATASOY\'','\'Uğur \"uJohn\" Can ATASOY\'','Demo Labs_c69be90de0b5c628f1de2bc76c559951',494712),('\'Uğur \"uJohn\" Can ATASOY\'','\'Uğur \"uJohn\" Can ATASOY\'','Demo Labs_af446d630fec7205279ade7b6f1aeea5',494713),('\'Nur \"BurritoTheNurrito\" Gucu\'','\'Nur \"BurritoTheNurrito\" Gucu\'','Demo Labs_2502eeb14ce1bcf4ea23769efcdd71e8',494714),('\'Nur \"BurritoTheNurrito\" Gucu\'','\'Nur \"BurritoTheNurrito\" Gucu\'','Demo Labs_7754bfee11053da5dcb2ee1793bb9c68',494715),('\'Buğrahan Yücel\'','\'Buğrahan Yücel\'','Demo Labs_45fd73ae7a34c18bd818f38e9b2c440b',494716),('\'Buğrahan Yücel\'','\'Buğrahan Yücel\'','Demo Labs_8b2d0a19b248c59491b7bb6b35e4b48d',494717),('\'Kevin \"kdrwins\" Dela Rosa\'','\'Kevin \"kdrwins\" Dela Rosa\'','Demo Labs_f783363c600d150979b26f1a29ed8079',494718),('\'Kevin \"kdrwins\" Dela Rosa\'','\'Kevin \"kdrwins\" Dela Rosa\'','Demo Labs_5f2411e5d907237b0c5a666a5a3da730',494719),('\'Zhassulan \"cocomelonc\" Zhussupov\'','\'Zhassulan \"cocomelonc\" Zhussupov\'','Demo Labs_79b686c4be02f3b8d55e803a06775393',494720),('\'Zhassulan \"cocomelonc\" Zhussupov\'','\'Zhassulan \"cocomelonc\" Zhussupov\'','Demo Labs_72e74f15c0b941c6622374373bc31adb',494721),('\'Makoto \"Mr.Rabbit\" Sugita\'','\'Makoto \"Mr.Rabbit\" Sugita\'','Demo Labs_a0126f42417f3a75f533b822244c039d',494722),('\'Makoto \"Mr.Rabbit\" Sugita\'','\'Makoto \"Mr.Rabbit\" Sugita\'','Demo Labs_f6dfdb74517628aeb250e8158a6069d8',494723),('\'Georgia Weidman\'','\'Georgia Weidman\'','Demo Labs_2930819a1bb3c3ef613ab5011b38a75b',494724),('\'Georgia Weidman\'','\'Georgia Weidman\'','Demo Labs_13fe7538011761d1f8c739a045d69b4c',494725),('\'0verkilll\'','\'0verkilll\'','Demo Labs_f5466b5a1b96dada5ed2a2680935efd9',494726),('\'0verkilll\'','\'0verkilll\'','Demo Labs_d5162bfe7e662a19779a76dd1aa3bf23',494727),('\'Hemanth Gorijala\'','\'Hemanth Gorijala\'','Demo Labs_bd68a904bdfbcb385bdee978a6a01c35',494728),('\'Hemanth Gorijala\'','\'Hemanth Gorijala\'','Demo Labs_9445f9c9522685789d3eb9ebbcc6626d',494729),('\'Fukusuke Takahashi\'','\'Fukusuke Takahashi\'','Demo Labs_5a7e3dc4ddf12e419a3fd3504e98f56e',494730),('\'Zach Mathis\'','\'Zach Mathis\'','Demo Labs_5a7e3dc4ddf12e419a3fd3504e98f56e',494731),('\'Akira Nishikawa\'','\'Akira Nishikawa\'','Demo Labs_5a7e3dc4ddf12e419a3fd3504e98f56e',494732),('\'Fukusuke Takahashi\'','\'Fukusuke Takahashi\'','Demo Labs_56ee5c0a8aba0b446741df0c2f9832cb',494733),('\'Zach Mathis\'','\'Zach Mathis\'','Demo Labs_56ee5c0a8aba0b446741df0c2f9832cb',494734),('\'Akira Nishikawa\'','\'Akira Nishikawa\'','Demo Labs_56ee5c0a8aba0b446741df0c2f9832cb',494735),('\'Saksham Agrawal\'','\'Saksham Agrawal\'','Demo Labs_440b37b146c59712f5db8a953d6ba266',494736),('\'Saksham Agrawal\'','\'Saksham Agrawal\'','Demo Labs_1d7e80660e7dc086976501928b410afb',494737),('\'Rahul Saranjame\'','\'Rahul Saranjame\'','Demo Labs_ef0643d3eb6218ec5b966d06cd241563',494738),('\'Ranganatha Rao Sridhar\'','\'Ranganatha Rao Sridhar\'','Demo Labs_ef0643d3eb6218ec5b966d06cd241563',494739),('\'Tanishq Rupaal\'','\'Tanishq Rupaal\'','Demo Labs_ef0643d3eb6218ec5b966d06cd241563',494740),('\'Rahul Saranjame\'','\'Rahul Saranjame\'','Demo Labs_61951773d2696ad1c1dc30775ea6d1a8',494741),('\'Ranganatha Rao Sridhar\'','\'Ranganatha Rao Sridhar\'','Demo Labs_61951773d2696ad1c1dc30775ea6d1a8',494742),('\'Tanishq Rupaal\'','\'Tanishq Rupaal\'','Demo Labs_61951773d2696ad1c1dc30775ea6d1a8',494743),('\'Ayaan Qayyum\'','\'Ayaan Qayyum\'','Demo Labs_3b07030e6020ff7a84cb713e83bffc8a',494744),('\'Parag Kalay\'','\'Parag Kalay\'','Demo Labs_3b07030e6020ff7a84cb713e83bffc8a',494745),('\'Ayaan Qayyum\'','\'Ayaan Qayyum\'','Demo Labs_3139de42123a70d974c80e09f2a77adc',494746),('\'Parag Kalay\'','\'Parag Kalay\'','Demo Labs_3139de42123a70d974c80e09f2a77adc',494747),('\'Yll \"0xBabar0ka\" Berisha\'','\'Yll \"0xBabar0ka\" Berisha\'','Demo Labs_e6f6cf9539fde04a901fce0be96c143f',494748),('\'Yll \"0xBabar0ka\" Berisha\'','\'Yll \"0xBabar0ka\" Berisha\'','Demo Labs_583c71769a10d7a419810e2715a09f3e',494749),('\'Xia Hua\'','\'Xia Hua\'','Demo Labs_20977489b2362288240c2aba86c1b93e',494750),('\'Abhijeet Kumar\'','\'Abhijeet Kumar\'','Demo Labs_20977489b2362288240c2aba86c1b93e',494751),('\'Xia Hua\'','\'Xia Hua\'','Demo Labs_90c5782379c186f2d2f125932b562863',494752),('\'Abhijeet Kumar\'','\'Abhijeet Kumar\'','Demo Labs_90c5782379c186f2d2f125932b562863',494753),('\'Chen Doytshman\'','\'Chen Doytshman\'','Demo Labs_d15d7126d97a8752c2f459341919ecf9',494754),('\'Chen Doytshman\'','\'Chen Doytshman\'','Demo Labs_8709fec5bc1ec0e8c8f37803d1bbfd47',494755),('\'Ankit Vashisth\'','\'Ankit Vashisth\'','Demo Labs_298560f2a4d26f600c235d595a30c81f',494756),('\'Ankit Vashisth\'','\'Ankit Vashisth\'','Demo Labs_683655ab4f6ae6b1ac71376cf0883232',494757),('\'Ryan \"Nightlark\" Mast\'','\'Ryan \"Nightlark\" Mast\'','Demo Labs_f1a57cb3aa8eab29df76d104c4a333f5',494758),('\'Ryan \"Nightlark\" Mast\'','\'Ryan \"Nightlark\" Mast\'','Demo Labs_1f21b811c65a54327e9be368e7770186',494759),('\'Atsushi Sada\'','\'Atsushi Sada\'','Demo Labs_3bb357d3e542ee576fb789006bc5326a',494760),('\'hikae\'','\'hikae\'','Demo Labs_3bb357d3e542ee576fb789006bc5326a',494761),('\'Atsushi Sada\'','\'Atsushi Sada\'','Demo Labs_f54b6af95a1a7927f03af1b64ae3f0cc',494762),('\'hikae\'','\'hikae\'','Demo Labs_f54b6af95a1a7927f03af1b64ae3f0cc',494763),('\'Zeus \"LightningGod\" Chan\'','\'Zeus \"LightningGod\" Chan\'','Demo Labs_d207f34edcce8c9d3c26191b6f85fdd4',494764),('\'Kenneth \"kenleejl\" Lee\'','\'Kenneth \"kenleejl\" Lee\'','Demo Labs_d207f34edcce8c9d3c26191b6f85fdd4',494765),('\'Zeus \"LightningGod\" Chan\'','\'Zeus \"LightningGod\" Chan\'','Demo Labs_8e470110e011edb413e9f5ce1ac17d1e',494766),('\'Kenneth \"kenleejl\" Lee\'','\'Kenneth \"kenleejl\" Lee\'','Demo Labs_8e470110e011edb413e9f5ce1ac17d1e',494767); /*!40000 ALTER TABLE `speakers` ENABLE KEYS */; UNLOCK TABLES; -- -- Table structure for table `villages` -- DROP TABLE IF EXISTS `villages`; /*!40101 SET @saved_cs_client = @@character_set_client */; /*!50503 SET character_set_client = utf8mb4 */; CREATE TABLE `villages` ( `ID` int NOT NULL AUTO_INCREMENT, `Activated` tinyint(1) NOT NULL, `Name` varchar(55) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `JSONname` varchar(55) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `TagName` varchar(5) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `HomePage` varchar(70) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `SchedulePage` varchar(200) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `Map` enum('None','Other-See Desc','Sahara_Full','LVCCW_Level1_Hall1','LVCCW_Level1_Hall2','LVCCW_Level1_Hall3','LVCCW_Level1_Hall4','LVCCW_Level2_North','LVCCW_Level2_West','LVCCW_Level2_East','LVCCW_Level3_North','LVCCW_Level3_South','LVCCW_Level1_Reg','LVCCN_Level2') CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `Mode` enum('Virtual','IRL','Hybrid','') CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `DCVillagesPage` varchar(60) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `DCForumPage` varchar(50) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci DEFAULT NULL, `DCForumArticle` varchar(50) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci DEFAULT NULL, `DCDiscordChan` varchar(70) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `DCDiscordChanName` varchar(35) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `SocialMediaLink1` varchar(60) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `SocialMediaLink2` varchar(60) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `SocialMediaLink3` varchar(60) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `SocialMediaLink4` varchar(60) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `SocialMediaLink5` varchar(60) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `SocialMediaLink6` varchar(80) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `SocialMediaLink7` varchar(80) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `VideoStreamSIte` enum('dcdiscord','villdiscord','youtube','twitch','dcdiscordyoutubetwitch','none') CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci DEFAULT NULL, `VIdeoStreamURL` varchar(90) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `ThurHours` varchar(20) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `FriHours` varchar(20) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `SatHours` varchar(20) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `SunHours` varchar(20) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `Venue` varchar(30) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `VillageLoc` varchar(100) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `TalkLoc` varchar(50) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `VillageDesc` text CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `jsonVillageDesc` text CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci, `DCVillageDescLink` varchar(60) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL, `VillageLogoURL` varchar(150) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci DEFAULT NULL, PRIMARY KEY (`ID`), UNIQUE KEY `TagName` (`TagName`) ) ENGINE=InnoDB AUTO_INCREMENT=84 DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci; /*!40101 SET character_set_client = @saved_cs_client */; -- -- Dumping data for table `villages` -- LOCK TABLES `villages` WRITE; /*!40000 ALTER TABLE `villages` DISABLE KEYS */; INSERT INTO `villages` VALUES (2,1,'Aerospace Village','','ASV','https://aerospacevillage.org/','','None','IRL','#orga_40720','','','https://discord.com/channels/708208267699945503/732393044363444264','#av-lounge-bar-text','https://twitter.com/secureaerospace','https://www.linkedin.com/company/aerospace-village/','https://twitter.com/hack_a_sat','https://discord.gg/gV4EWuk','https://www.youtube.com/c/AerospaceVillage','https://defcon.social/@aerospacevillage','',NULL,'','','','','','','LVCCW Level 1 Hall 2-700 (Aerospace Village)','','
\r\n\r\n

Aerospace Village

\r\n \r\n

\r\n\r\nMastodon (@aerospacevillage@defcon.social)\r\n | \r\nWebsite\r\n

\r\n\r\n\"logo\r\n\r\n

The aviation and space industries, security researchers, and the public share a common goal: safe, reliable, and trustworthy aviation and space operations. For too long, negative perceptions and fractured trust on all sides have held back collaboration between the aviation, space, and security researcher communities that has advanced safety, reliability, and security of other industries. As the traditional domains of aviation safety and cybersecurity increasingly overlap, more effective collaboration between stakeholders ensures we will be safer, sooner, together.

\r\n

Through the Aerospace Village, the security research community invites industry leaders, researchers and academia interested in aviation and space security, safety, and resilience to attend, understand, collaborate together to achieve our common goals. Empathy and understanding build common ground, while acts and words likely to increase division between these two communities undermine these efforts. The Aerospace Village welcomes those who seek to improve aviation and space security, safety, and resilience through positive, productive collaboration among all ecosystem stakeholders.

\r\n

Our Goal

\r\n

The Aerospace Village is a volunteer team of hackers, pilots, and policy advisors who come from the public and private sectors. We believe the flying public deserves safe, reliable, and trustworthy air travel which is highly dependent on secure aviation and space operations.

\r\n\r\n
','\'

The aviation and space industries, security researchers, and the public share a common goal: safe, reliable, and trustworthy aviation and space operations. For too long, negative perceptions and fractured trust on all sides have held back collaboration between the aviation, space, and security researcher communities that has advanced safety, reliability, and security of other industries. As the traditional domains of aviation safety and cybersecurity increasingly overlap, more effective collaboration between stakeholders ensures we will be safer, sooner, together. Through the Aerospace Village, the security research community invites industry leaders, researchers and academia interested in aviation and space security, safety, and resilience to attend, understand, collaborate together to achieve our common goals. Empathy and understanding build common ground, while acts and words likely to increase division between these two communities undermine these efforts. The Aerospace Village welcomes those who seek to improve aviation and space security, safety, and resilience through positive, productive collaboration among all ecosystem stakeholders.\n

Our Goal\n

The Aerospace Village is a volunteer team of hackers, pilots, and policy advisors who come from the public and private sectors. We believe the flying public deserves safe, reliable, and trustworthy air travel which is highly dependent on secure aviation and space operations.\n

Links:
    Website - https://aerospacevillage.org
\n    Mastodon (@aerospacevillage@defcon.social) - @aerospacevillage@defcon.social
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-aerospace.webp\''),(3,1,'AI Village','AI Village','AIV','https://aivillage.org/','','None','IRL','#orga_40718','','','https://discord.com/channels/708208267699945503/732733090568339536','#aiv-general-text','https://twitter.com/aivillage_dc','https://www.twitch.tv/aivillage','https://www.youtube.com/channel/UCBUw0vVET-kB7LPj_XsNQ9Q','https://discord.com/invite/GX5fhfT','https://linkedin.com/in/aivillage','','','twitch','','','','','','','LVCCW Level 1 Hall 2-603 (AI Village)','','
\r\n\r\n

AI Village

\r\n \r\n

\r\n\r\nWebsite\r\n

\r\n\r\n\"logo\r\n\r\n

Join us at the AI Village for interactive demonstrations at the intersection of AI and security. We’ve got something new this year with a full purple team demonstration from the AI Cyber League.

\r\n

For the third Generative Red Team we are going to “red team” the evaluations that establish a model’s performance. We are bringing several model systems built to do different tasks each with their own model card. These model cards will define uses and restrictions the model creators want and determine what we mean by “trust” when it comes to fuzzier concepts like “can write good Rust” and “doesn’t help you hack”. This model card will be built off of open source evaluations that prove and establish how effective the model is. We will be paying bounties for findings against the evaluations that the model cards used to make their claims.

\r\n

Following the success of last year\'s real-time deepfake demonstrations, we\'re taking things to the next level. This year, we\'re showcasing five different deepfake systems across a spectrum of computational requirements – from high-end professional setups to consumer-grade hardware that\'s becoming increasingly accessible. You can see how detections we have will break down as compute per dollar keeps improving.

\r\n\r\n
\r\n','\'

We’re bringing AI Village back to focus on what actually matters: practical, no-bullshit AI security. LLMs are an amazing technology, but they’re not magic. We are stripping away the industry hype and focusing on hands-on skills, whether you are building your first exploit or leading an AI red team.\n

Here is what you can expect this year:\n

Drop-In Workshops: Walk up, grab a seat, and learn. We have drop in hands on mini-workshops on a bunch of topics. These include basic AI topics like how LLMs actually work, and how to build agents from scratch. For red teamers we have ones ranging from prompt injection to manipulating malware detection models. This is all running locally on a cluster we’re bringing to DEF CON.\n

HalCTF: Our main competition this year will teach you how to write and fine-tune your own pentesting agent using open-source models. To handle the massive compute load, we\'re safely detonating these agents on GCP, giving each participant a dedicated GPU for their models.\n

Other Agent Shenanigans: The field moves fast and there’s going to be something new by defcon. We’re bringing a lot of compute to host things and we’ll have some surprises in the space.\n

Whether you want to hear top-tier research from the people actually breaking these models or you just want to sit down and write an autonomous pentesting agent, we have the hardware and the labs ready for you.\n

Links:
    Website - https://aivillage.org/
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-ai.webp\''),(4,1,'AppSec Village','','APV','https://www.appsecvillage.com/','','None','IRL','#orga_40721','','','https://discord.com/channels/708208267699945503/790973922949726228','#asv-general-text','https://twitter.com/AppSec_Village','https://linkedin.com/company/appsecvillage','https://www.youtube.com/c/AppSecVillage','https://discord.gg/5XY8qYXd7R','','','',NULL,'','','','','','','LVCCW Level 1 Hall 2-604 (Appsec Village)','','article class=\"talk\" id=\"orga_40721\">\r\n\r\n

AppSec Village

\r\n \r\n

\r\n\r\nWebsite\r\n | \r\nMastodon (@AppSecVillage@defcon.social)\r\n

\r\n\r\n\"logo\r\n\r\n

Come immerse yourself in everything the world of application security has to offer. Whether you are a red, blue, or purple teamer, come learn from the best of the best to exploit software vulnerabilities and secure software. Software is everywhere, and Application Security vulnerabilities are lurking around every corner, making the software attack surface attractive for abuse. If you are just an AppSec n00b or launch deserialization attacks for fun and profit, you will find something to tickle your interest at the AppSec Village.

\r\n

Software runs the world. Everything from IoT, medical devices, the power grid, smart cars, and voting apps - all have software behind them. Such a variety of topics will be reflected in our cadre of guest speakers representing all backgrounds and walks of life.

\r\n

AppSec Village welcomes all travelers to choose from talks and workshops by expert community members, an all-AppSec-focused CTF, contests that challenge your mind and your skillz, and more. Bring your thirst for knowledge and passion for breaking things, and your visit to AppSec Village will be thrilling!​

\r\n\r\n','\'

The AppSec Village is a 100% volunteer-run creator space at DEF CON where hackers learn how modern software gets broken and how to make it harder to break. Expect attacker-minded talks and live demos, plus hands-on workshops and Practical On-Demand sessions where you can practice techniques with the community, from finding and exploiting vulnerabilities to fixing them correctly. You can also explore the village Arsenal for rapid demos of open-source AppSec tools, and compete in the Fix the Flag wargame, a CTF-style contest that rewards you for remediating vulnerabilities and hardening an app before turning to offense. If software is your target or your craft, you will leave with practical skills, tools, and mental models you can use immediately.\n

\n
Prerequisites
\n
\n

For talks, panels, and tool demos, there are no prerequisites, and no special equipment is needed. For hands-on activities (workshops, some Practical On-Demand sessions, and the Fix the Flag wargame), bringing a laptop is strongly recommended so you can follow along and run tools. No specialized hardware is required, and any session-specific setup notes will be provided by the activity owner ahead of time.\n

Links:
    Website - https://www.appsecvillage.com/
\n    Mastodon (@AppSecVillage@defcon.social) - https://defcon.social/@AppSecVillage
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-appsec.webp\''),(6,1,'Blacks in Cyber Village','Blacks In Cyber Village','BICV','https://www.blacksincyberconf.com/bic-village','https://www.blacksincyberconf.com/bic-village','None','IRL','#orga_40724','','','','','https://twitter.com/BlackInCyberCo1','https://defcon.social/@blacksincyber','https://www.twitch.tv/blacksincybersecurity','https://www.youtube.com/channel/UCEBEQ0oRA2LPnc2wm2TO5IA','https://www.linkedin.com/company/blackincyberconference','https://www.patreon.com/blacksincybersecurity','https://www.facebook.com/blackincyberconf/',NULL,'','','','','','','LVCCW Level 3 W322-W324 (BIC Village)','','
\r\n\r\n

Blacks In Cyber Village

\r\n \r\n

\r\n\r\nMastodon (defcon.social)\r\n | \r\nWebsite\r\n | \r\nMastodon (infosec.exchange)\r\n

\r\n\r\n\"logo\r\n\r\n

The Blacks In Cybersecurity (B.I.C.) Village seeks to bring culturally diverse perspectives to the holistic Cybersecurity community; by way of a series of talks and a capture the flag event. In providing these activities, we hope to help highlight Black experiences, innovations in the field, Black culture and educate the community about Black history.

\r\n

In doing this, we believe that we can better educate and normalize the discussion of deficiency or prejudices in Cybersecurity education/development for minority communities. We also believe this effort can be translated to aid in eradication of these issues in the Cybersecurity and Hacker/Maker community and allow for more diverse hobbyists and professionals to engage and contribute.

\r\n\r\n
','\'

The Blacks In Cybersecurity (B.I.C.) Village seeks to bring culturally diverse perspectives to the holistic Cybersecurity community; by way of a series of talks and a capture the flag event. In providing these activities, we hope to help highlight Black experiences, innovations in the field, Black culture and educate the community about Black history.\n

In doing this, we believe that we can better educate and normalize the discussion of deficiency or prejudices in Cybersecurity education/development for minority communities. We also believe this effort can be translated to aid in eradication of these issues in the Cybersecurity and Hacker/Maker community and allow for more diverse hobbyists and professionals to engage and contribute.\n

\n
Prerequisites
\n
\n

Laptop, Tablet\n

Links:
    Mastodon (@blacksincyber@infosec.exchange) - https://infosec.exchange/@blacksincyber
\n    Website - https://www.blacksincyberconf.com/bic-village
\n    Mastodon (@blacksincyber@defcon.social) - https://defcon.social/@blacksincyber
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-bic_v2.webp\''),(7,1,'Biohacking Village','Biohacking Village','BHV','https://www.villageb.io/','','None','IRL','#orga_40723','','','https://discord.com/channels/708208267699945503/735273390528528415','#bhv-orientation-text','http://twitter.com/dc_bhv','https://www.linkedin.com/company/biohacking-village','http://youtube.com/biohackingvillage','https://www.twitch.tv/biohackingvillage','https://discord.gg/Q8ubDb5','https://bsky.app/profile/villageb.io','https://defcon.social/@biohacking_village@mastodon.social',NULL,'','','','','','','LVCCW Level 1 Hall 1-408 (Biohacking Village)','','
\r\n\r\n

Biohacking Village

\r\n \r\n

\r\n\r\nWebsite\r\n

\r\n\r\n\"logo\r\n\r\n

At the Biohacking Village, attendees can expect an immersive, hands-on experience at the intersection of cybersecurity, healthcare, and medical technology, offering opportunities to learn, explore, and collaborate on some of the most pressing challenges in the industry.

\r\n

What Attendees Can Learn at the Biohacking Village:

\r\n
    \r\n
  1. Medical Device Security: Understand how medical devices work, the cybersecurity vulnerabilities they face, and the critical importance of securing these devices for patient safety and national security. Participate in hands-on demonstrations, such as penetration testing on virtualized devices, learning real-world techniques for identifying and addressing vulnerabilities.
  2. \r\n
  3. Critical Infrastructure Resilience: Explore the intersection of healthcare and critical infrastructure, including how hospitals and medical systems rely on interconnected technologies. Learn about best practices for securing healthcare networks, including strategies to mitigate ransomware attacks and manage incident response.
  4. \r\n
  5. Collaboration and Ecosystem Development: Discover how to work effectively with manufacturers, regulators, researchers, and practitioners to build secure and innovative healthcare technologies. Engage in discussions about fostering trust, transparency, and accountability within the cybersecurity and healthcare communities.
  6. \r\n
  7. New Technologies in Healthcare: Get hands-on with cutting-edge innovations, such as AI-driven medical devices, digital twins, and IoT-enabled healthcare systems. Learn about emerging regulatory requirements, including those surrounding AI, cybersecurity, and the EU Cyber Resilience Act (CRA).
  8. \r\n
  9. Ethical Hacking and Vulnerability Disclosure: Delve into the principles of responsible disclosure and how ethical hackers contribute to securing patient safety. Understand the legal and ethical considerations of hacking medical devices, guided by frameworks like the Hippocratic Oath for Hackers.
  10. \r\n
  11. Policy and Regulatory Insights: Gain insights into the latest global regulations, standards, and metrics impacting medical technology, such as FDA guidelines, GDPR, NIS2, and more. Participate in workshops and panels with experts discussing policy advocacy and global harmonization of cybersecurity standards.
  12. \r\n
  13. Tabletop Exercises and CTFs (Capture the Flags): Engage in interactive tabletop exercises designed to simulate real-world scenarios, from ransomware incidents to critical system failures, promoting teamwork and problem-solving. Compete in cybersecurity challenges and CTFs to test your skills in securing medical and healthcare IT systems.
  14. \r\n
  15. Networking and Community Building: Connect with a diverse group of stakeholders, including hackers, healthcare professionals, medical device manufacturers, and policymakers. Collaborate in an environment that fosters innovation, trust, and shared learning.
  16. \r\n
\r\n

The Biohacking Village is your gateway to understanding and addressing the complex challenges of medical technology and cybersecurity. Attendees will leave equipped with knowledge, skills, and connections to drive meaningful change in the industry.

\r\n\r\n
','\'

Biohacking Village (BHV) is DEF CON’s hands-on home for hacking the systems that keep humans alive. We bring a hacker lens to healthcare, medical devices, and the messy reality where firmware, networks, clinical workflows, and cybersecurity collide. If you like breaking things to understand them - BHV is your stop.\n

At BHV, attendees don’t just watch talks. They do the work: crack open artifacts, follow packets, unravel bad assumptions, and learn how vulnerabilities show up in real clinical contexts. Our creator space is built like a lab-meets-playground: part training ground, part CTF arena, part community hub- where beginners get a friendly on-ramp and experienced researchers get puzzles that bite back.\n

Healthcare is critical infrastructure, and medical devices are computers with unique constraints: safety requirements, legacy environments, weird protocols, long lifecycles, and a threat surface that spans from embedded firmware to cloud dashboards to the humans using them. BHV translates that complexity into hacker-accessible challenges, with clear rules-of-engagement and responsible research guardrails.\n

The Biohacking Village:
\n- Treats healthcare tech as a systems hacking problem, not a niche specialty\n- Turns real-world failure modes into repeatable labs and CTF challenges\n- Brings together hackers, engineers, clinicians, and policy folks for cross-pollination you don’t get anywhere else\n- Teaches not only “how to break it,” but also how to document, disclose, and improve it\n

Who BHV is for:
\n- Beginners who want a welcoming first step into hardware/firmware, medical tech, and embedded research\n- Experienced hackers who want high-signal challenges and healthcare-specific nuance\n- Builders and defenders who want to understand the attacker mindset without compromising safety\n

Come by Biohacking Village if you want to learn real skills, meet a community that’s equal parts brilliant and helpful, and explore one of the most consequential targets in security: healthcare.\n

\n
Prerequisites
\n
    \n
  • A laptop (Windows/Mac/Linux) that can run a VM or containers\n
  • USB-A/USB-C adapters (because the dongle life chose us)\n
  • Basic comfort with \'terminal stuff\' helps, but we’ll have ramps for beginners\n
  • Hacking Tools
\n
\nLinks:
    Website - https://villageb.io
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-biohacking.webp\''),(8,1,'Blue Team Village','Blue Team Village (BTV)','BTV','https://blueteamvillage.org/','','None','IRL','#orga_40725','','','https://discord.com/channels/708208267699945503/732454317658734613','#btv-general-text','https://twitter.com/BlueTeamVillage','https://twitch.tv/blueteamvillage','https://www.youtube.com/c/blueteamvillage','https://discord.gg/blueteamvillage','https://defcon.social/@blueteamvillage','','','twitch','','','','','','','LVCCW Level 2 W213-217 (Blue Team Village)','','
\r\n\r\n

Blue Team Village (BTV)

\r\n \r\n

\r\n\r\nMastodon (@blueteamvillage@defcon.social)\r\n | \r\nWebsite\r\n

\r\n\r\n\"logo\r\n\r\n

Blue Team Village (BTV) is both a place and a community built for and by people who defend computer systems, networks, and people against cyber attacks. It\'s a place to gather, talk, share, and learn from each other about the latest tools, technologies, and tactics that our community can use to detect attackers and prevent them from achieving their goals.

\r\n

The Blue Team Village\'s Project Obsidian is a defensive cybersecurity learning experience that provides attendees with the opportunity to gain knowledge of Incident Response (IR), Digital Forensics (DF), Malware Analysis, Cyber Threat Intelligence (CTI), and Cyber Threat Hunting (CTH). Deep dive into technical topics through training and exercises that provide practical hands-on experience across each discipline. Project Obsidian 101 trainings provide cybersecurity knowledge that will enable attendees to develop the skills needed to be successful in their current and future roles.

\r\n

Two of the most valuable takeaways are how to strategically approach a task and the operational processes supporting each task\'s objectives. Knowing \'how\' to do something is only part of the challenge. Knowing \'when\' and \'why\' to perform specific tasks adds the necessary context to develop the full story of defensive cybersecurity.

\r\n\r\n
','\'

Welcome to the other side of the hacking mirror. Blue Team Village (BTV) is both a place and a community built for and by people who defend computer systems, networks, and people against cyber attacks. It\'s a place to gather, talk, share, and learn from each other about the latest tools, technologies, and tactics that our community can use to detect attackers and prevent them from achieving their goals.

Links:
    blueteamvillage.bsky.social - https://blueteamvillage.bsky.social
\n    Website - https://blueteamvillage.org
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-blueteam.webp\''),(9,1,'Car Hacking Village','','CHV','https://www.carhackingvillage.com/','','None','IRL','#orga_40727','','','https://discord.com/channels/708208267699945503/732722838942777474','#chv-general-text','https://x.com/CarHackVillage','http://youtube.com/@carhackingvillage','https://www.linkedin.com/company/car-hacking-village','','','https://discord.gg/zz7xUPZcre','https://github.com/car-hacking-village',NULL,'','','','','','','LVCCW Level 1 Hall 2-701 (Car Hacking Village)','','
\r\n\r\n

Car Hacking Village

\r\n \r\n

\r\n\r\nWebsite\r\n

\r\n\r\n\"logo\r\n\r\n

For over a decade, we’ve been leading the charge in automotive security, and this year, we’re shifting into high gear! Get ready for an electrifying DEF CON 33 experience packed with interactive challenges, exclusive badges, and mind-bending exercises designed to supercharge your skills.

\r\n

Join us and make this DEF CON one for the record books!

\r\n\r\n
','\'

The Car Hacking Village is the primary hub for the global community dedicated to securing over a billion vehicles. For DEF CON 34, we move beyond theory and put you directly into the driver’s seat of modern exploitation. This year’s experience is built around raw, hands-on access to live vehicle architectures and hardware benches. Whether you’re intercepting CAN bus traffic in real-time or probing wireless entry points, you’ll be working with the same systems used by top researchers. We’ve curated a high-intensity environment where you can tear down ECUs, bypass security gateways, and collaborate to dismantle the latest threats facing the industry.\n

\n
Prerequisites
\n
\n

To participate effectively in the Car Hacking Village at DEF CON 34, attendees should bring a laptop with multiple USB ports (or appropriate adapters) and a functional Linux environment. We do not provide specialized tools on-site, so you\'ll need to bring your own—such as a USB-to-CAN adapter (e.g., Canable, ValueCAN), a SDR (e.g., RTL-SDR, HackRF), or a multimeter—is encouraged for independent exploration.\n

Knowledge of the Linux command line and basic Python is highly recommended. For those looking to hit the ground running, we suggest brushing up on CAN bus fundamentals and basic reverse engineering of binary data. Familiarity with tools like wireshark and can-utils will allow you to dive straight into the live vehicle architectures.\n

Links:
    Website - https://www.carhackingvillage.com/
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-carhacking_v2.webp\''),(11,1,'Cloud Village','','CLV','https://cloud-village.org/','https://www.cloud-village.org/dc34','None','IRL','#orga_40728','','','https://discord.com/channels/708208267699945503/732733373172285520','#cloudv-general-text','https://x.com/cloudvillage_dc','https://www.youtube.com/cloudvillage_dc','https://discord.com/invite/p3S3KVD2Tp','https://www.linkedin.com/company/cloudvillage-dc','https://www.facebook.com/share/1DVeGSw5KT/','https://www.instagram.com/cloudvillage_dc/','',NULL,'','','','','','','LVCCW Level 3 W311-W313 (Cloud Village)','','
\r\n\r\n

Cloud Village

\r\n \r\n

\r\n\r\nMastodon (@cloudvillage_dc@mastodon.social)\r\n | \r\nWebsite\r\n

\r\n\r\n\"logo\r\n\r\n

With the industry’s rapid growth in cloud infrastructure, the presence of an open platform to discuss and showcase cloud research becomes a necessity.\r\nCloud village is an open platform for researchers interested in the area of cloud security. We plan to organise talks, tool demos, CTF and workshops around Cloud Security and advancements.

\r\n

Our CTF will be a jeopardy style 2.5 days contest where participants will have to solve challenges around Cloud infrastructure, security, recon, etc. These challenges will cover different cloud platforms including AWS, GCP, Azure, Alibaba, Digital Ocean, etc. We will also reward our top 3 teams with awards.​

\r\n\r\n
','\'

Cloud Village is an open space to meet folks interested in offensive and defensive aspects of cloud security. The village helps security professionals understand evolving threats, implement best practices and defend against real-world cloud vulnerabilities via Talks, Labs, Panels and a continuous two-day Cloud Security focussed CTF.\n

Our CTF will be a jeopardy-style, two-day competition (Friday and Saturday) focused on real-world cloud security. Participants will tackle challenges centered around securing, exploiting, and analyzing cloud environments across major platforms including AWS, GCP, and Azure. The contest will feature scenarios involving IAM misconfigurations, container and Kubernetes security, cloud reconnaissance, infrastructure exploitation, logging and detection, serverless security, secrets management, and cloud-native attack paths. Teams will test their skills across offensive and defensive cloud security domains while competing for prizes awarded to the top 3 teams.\n

\n
Prerequisites
\n
    \n
  • Come with an open mind and zeal to learn as a group.\n
  • For Labs and CTF, please bring a laptop with admin right and unfiltered internet access.
\n
\nLinks:
    Website - https://www.cloud-village.org/
\n    Mastodon (@cloudvillage_dc@mastodon.social) - https://mastodon.social/@cloudvillage_dc
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-cloud.webp\''),(13,1,'Crypto Privacy Village','Crypto & Privacy Village','CPV','https://cryptovillage.org/','','None','IRL','#orga_40729','','','https://discord.com/channels/708208267699945503/732734002011832320','#cpv-general-text','https://twitter.com/cryptovillage','https://cryptovillage.slack.com/','https://www.youtube.com/channel/UCGWMS6k9rg9uOf3FmYdjwwQ','https://www.twitch.tv/cryptovillage/','https://defcon.social/@cryptovillage','','','dcdiscordyoutubetwitch','','','','','','','LVCCW Level 1 Hall 1-401 (Crypto & Privacy Village)','','
\r\n\r\n

Crypto Privacy Village

\r\n \r\n

\r\n\r\nWebsite\r\n | \r\nMastodon (@cryptovillage@defcon.social)\r\n

\r\n\r\n\"logo\r\n\r\n

Launched in 2014, Crypto & Privacy Village (CPV) is a community-run village centred on privacy and cryptography that aims to educate and inform the general public, students, educators, hackers, security and privacy professionals, and policymakers. We provide a unique hybrid space that features talks; chill space for relaxing with friends, doing CTFs, and cross industry networking; the Gold Bug Challenge and desk for hints and support; privacy-related art installations; and an information desk for questions about privacy and cryptography. Come talk with us about facial recognition technology, privacy-preserving data analytics, or crypto backdoor laws!

\r\n\r\n
','\'

Launched in 2014, Crypto & Privacy Village (CPV) is a community-run village centred on privacy and cryptography that aims to educate and inform the general public, students, educators, hackers, security and privacy professionals, and policymakers. We provide a unique hybrid space that features talks; chill space for relaxing with friends, doing CTFs, and cross industry networking; the Gold Bug Challenge and desk for hints and support; privacy-related art installations; and an information desk for questions about privacy and cryptography. Come talk with us about facial recognition technology, privacy enhancing clothing, or crypto backdoor laws!\n

\n
Prerequisites
\n
\n

We will provide make up but it would be better for attendees to bring their own if possible (to see how effective they are); laptops and notebooks for the Gold Bug and other activities (we will provide paper)\n

Links:
    Website - https://cryptovillage.org
\n    Mastodon (@cryptovillage@defcon.social) - @cryptovillage@defcon.social
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-cryptoprivacy.webp\''),(14,1,'Data Duplication Village','','DDV','https://dcddv.org/','','None','IRL','#orga_40730','','','https://discord.com/channels/708208267699945503/732732641694056478','#ddv-general-text','https://twitter.com/DDV_DC','','','','','','',NULL,'','','','','','','LVCCW Level 2 W203 (Data Duplication Village)','','
\r\n\r\n

Data Duplication Village

\r\n \r\n

\r\n\r\nWebsite\r\n

\r\n\r\n\"logo\r\n\r\n

The Data Duplication Village has all the updated bits and bytes available from infocon.org packed up into nice, neat packages. If you\'re looking for a copy of just about any security con talk known to hacker-kind or a copy of the VX-Underground archive (along with a few hundred gigs of cat pictures), you\'ll find it here. Our village provides a "free-to-you" service of direct access to terabytes of useful data to help build those hacking skills and allow open discussions with other storage enthusiasts.

\r\n

We\'ll also be partnering with DC Next Gen to ensure that our future generations have the opportunity to explore the details of how past and current data storage works!

\r\n\r\n
','\'

The Data Duplication Village has all the updated bits and bytes available from infocon.org packed up into nice, neat packages.  If you\'re looking for a copy of just about any security con talk known to hacker-kind, a copy of the VX-Underground archive, hash tables or those elusive rainbow tables, you\'ll find them here. Our village provides a \"free-to-you\" service of providing you with direct access to terabytes of useful data to help build those hacking skills and allow open discussions with others.\n

We also encourage DC Next Gen participation to ensure that our future generations have the opportunity to explore the details of how past and current data storage works!\n

Links:
    Website - https://dcddv.org
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-ddv-horiz.webp\''),(16,1,'Ham Radio Village','','HRV','https://hamvillage.org/','','None','IRL','#orga_40732','','','https://discord.com/channels/708208267699945503/732733631667372103','#hrv-ctf-nye','https://twitter.com/HamRadioVillage','https://www.twitch.tv/HamRadioVillage','https://discord.gg/hrv','https://defcon.social/@HamRadioVillage','','','',NULL,'','','','','','','LVCCW Level 3 W315 (Ham Radio Village)','','
\r\n\r\n

Ham Radio Village

\r\n \r\n

\r\n\r\nWebsite\r\n

\r\n\r\n\"logo\r\n\r\n

Ham Radio has been considered to be the original group of hackers, launching before computers, integrated circuits, and even the transistor! Hams of all generations have a hacker mindset, solving problems their own way, regardless of what the manual has to say. Continuing this pioneer spirit, the Ham Radio Community is here to support advancement of the hobby with a cybersecurity slant.

\r\n

Everything we do today involves wireless communications of some sort, and a basic knowledge of how radio works is crucial. In the Ham Radio Community, you can learn hand-on with topics such as how to legally use a radio to send commands to a satellite, communicating around the globe when no other methods exist, and how to send and receive real-time location data without relying on any cellular networks. You can put your skills to the test by trying to find the hidden transmitters in the Ham Radio Fox Hunt contest, as well as transmitting memes over the airwaves to DEF CON attendees.

\r\n

We provide license testing services for those looking to become licensed or upgrade their license class, as well as guidance on how to hack on the medium to achieve the best results and have the most fun!

\r\n\r\n
','\'

The Ham Radio Village (HRV) is your home base for all things amateur radio; whether you’ve never touched a radio or you’re already licensed and looking to branch out. From getting licensed and making your first transmission, to hacking and modifying radio/antenna hardware, to prowling on the hunt for radio ‘foxes’, there’s something here for every level of curiosity. Attendees will walk away with hands-on radio frequency (RF) knowledge immediately applicable to other DEF CON contests, talks, and village demos. Interacting with licensed hams and other wireless enthusiasts will discover how ham radio knowledge transfers directly to RFID hacking, WiFi, and other wireless security work. \n \n

Have questions about ham radio? Come ask them. HRV is an open space for anyone curious about amateur radio; from first-timers to seasoned operators. Presented talks, contests, and volunteer tables cover everything from different modes of communication (voice, digital, Morse code) to the nuts and bolts of antenna design and signal propagation. Topics that typically carry a high barrier to entry become a lot more approachable when you can just walk up and ask someone.\n

When it\'s time to go home, participants take with them a foundation with applications well beyond the conference; including \n

    \n
  • Understanding the base concepts of amateur radio, including how to use it as part of their day to day life, both for regular talking as well as building community\n
  • Connect with like minded folks year round who have a vested interest in the hobby\n
  • Find out how to Legally transmit with 1500w of power, more than what you use to heat your hot pocket!\n
  • Learn how the radio hobby and radiosport can improve your hacking skills, because AX25 is quite easy to understand when building a basic network\n
  • Provide for the future of the hobby, where you can learn, as well as teach others, enhancing the hacker community
\nLinks:
    Website - https://hamvillage.org/
\n    Mastodon (@hamradiovillage@defcon.social) - @hamradiovillage@defcon.social
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-hrv.webp\''),(17,1,'Hardware Hacking and Soldering Skills Village (HHV-SSV)','Hardware Hacking and Soldering Skills Village (HHV/SSV)','HHV','https://dchhv.org/','','None','IRL','#orga_40733','','','https://discord.com/channels/708208267699945503/732728536149786665','#hhv-welcome-text','https://twitter.com/DC_HHV','https://defcon.social/@DC_HHV','','','','','',NULL,'','','','','','','LVCCW Level 1 Hall 1-400 (Hardware Hacking Village and Solder Skills Village)','','
\r\n\r\n

Hardware Hacking Village

\r\n \r\n

\r\n\r\nWebsite\r\n | \r\nMastodon (@DC_HHV@defcon.social)\r\n

\r\n\r\n\"logo\r\n\r\n

Every day our lives become more connected to consumer hardware. Every day the approved uses of that hardware are reduced, while the real capabilities expand. Come discover hardware hacking tricks and tips regain some of that capacity, and make your own use for things! We have interactive demos to help you learn new skills. We have challenges to compete against fellow attendees. We have some tools to help with your fever dream modifications. Come share what you know and learn something new.​

\r\n\r\n
','\'

Every day our lives become more connected to consumer hardware. Every day the approved uses of that hardware are reduced, while the real capabilities expand. Come discover hardware hacking tricks and tips regain some of that capacity, and make your own use for things! We have interactive demos to help you learn new skills. We have challenges to compete against fellow attendees. We have some tools to help with your fever dream modifications. Come share what you know and learn something new.\n

Prerequisites: \n

Tools are all provided. Bringing your own setup if you have one will allow users to use a path they are familiar with.\n

Links:
    Mastodon (@DC_HHV@defcon.social) - @DC_HHV@defcon.social
\n    Website - https://dchhv.org
\n    Website - https://ddhhv.org
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-hardware.webp\''),(18,1,'ICS Village','ICS Village','ICSV','https://www.icsvillage.com/','','None','IRL','#orga_40734','','','https://discord.com/channels/708208267699945503/735938018514567178','#ics-101-text','https://twitter.com/ICS_Village','https://www.linkedin.com/company/icsvillage/','https://www.youtube.com/channel/UCI_GT2-OMrsqqglv0JijHhw','https://www.twitch.tv/ics_village','','','',NULL,'','','','','','','LVCCW Level 1 Hall 2-502 (ICS Village)','','
\r\n\r\n

ICS Village

\r\n \r\n

\r\n\r\nWebsite\r\n

\r\n\r\n\"logo\r\n\r\n

Mission. ICS Village is a non-profit organization with the purpose of providing education and awareness of Industrial Control System security.

\r\n
    \r\n
  • Connecting public, industry, media, policymakers, and others directly with ICS systems and experts.
  • \r\n
  • Providing educational tools and materials to increase understanding among media, policymakers, and general population.
  • \r\n
  • Providing access to ICS for security researchers to learn and test.
  • \r\n
  • Hands on instruction for industry to defend ICS systems.
  • \r\n
\r\n

Exhibits. Interactive simulated ICS environments that provide safe yet realistic examples to preserve safe, secure, and reliable operations. We bring real components such as Programmable Logic Controllers (PLC), Human Machine Interfaces (HMI), Remote Telemetry Units (RTU), and actuators, to simulate a realistic environment throughout different industrial sectors. Visitors can connect their laptops to assess these ICS devices with common security scanners, network sniffers to sniff the industrial traffic, and more! We will also have space dedicated to Maritime technology as well as Escape Rooms ran by Idaho National Labs and CISA. In addition to talks, hands-on demos/hacking, and escape rooms we are collaborating with BioHacking Village to demonstrate how Industrial Control Systems are used in Health Care.

\r\n\r\n
','\'

ICS Village is a non-profit organization with the purpose of providing education and awareness of Industrial Control System security. \n

Interactive simulated ICS environments, such as Hack the Plan(e)t and Howdy Neighbor, provide safe yet realistic examples to preserve safe, secure, and reliable operations. We bring real components such as Programmable Logic Controllers (PLC), Human Machine Interfaces (HMI), Remote Telemetry Units (RTU), and actuators, to simulate a realistic environment throughout different industrial sectors. Visitors can connect their laptops to assess these ICS devices with common security scanners, network sniffers to sniff the industrial traffic, and more!\n

\n
Prerequisites
\n
\n

Laptops, no other required hardware. ICS Fundamentals is recomended.\n

Links:
    Website - https://www.icsvillage.com
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-ics_v2.webp\''),(19,1,'IOT Village','IoT Village','IOTV','https://www.iotvillage.org/','','None','IRL','#orga_40735','','','https://discord.com/channels/708208267699945503/732734565604655114','#iotv-hangout-zone-text','https://twitter.com/iotvillage','https://twitter.com/ISEsecurity','https://twitter.com/Villageidiotlab','https://defcon.social/@IoTVillage/','https://www.twitch.tv/iotvillage','https://www.youtube.com/c/IoTVillage/videos','https://discord.gg/EFKbNFrFaN',NULL,'','','','','','','LVCCW Level 1 Hall 1-215 (IoT Village)','','
\r\n\r\n

IOT Village

\r\n \r\n

\r\n\r\nWebsite\r\n

\r\n\r\n\"logo\r\n\r\n

IoT Village advocates for advancing security in the Internet of Things (IoT) industry through bringing researchers and industry together. IoT Village hosts talks by expert security researchers, interactive hacking labs, live bug hunting in the latest IoT tech, and competitive IoT hacking contests, including our 4 time black badge DEF CON CTF. Over the years, IoT Village has served as a platform to showcase and uncover hundreds of new vulnerabilities, giving attendees from around the globe the opportunity to learn about the most innovative techniques to both hack and secure IoT. IoT Village is organized by security consulting and research firm, Independent Security Evaluators (ISE).

\r\n\r\n
','\'

Hack all the things at IoT Village!\n

IoT Village advocates for advancing security in the Internet of Things (IoT) industry through bringing researchers and industry together. IoT Village hosts talks by expert security researchers, interactive hacking labs, live bug hunting in the latest IoT tech, and competitive IoT hacking contests. Over the years IoT Village has served as a platform to showcase and uncover hundreds of new vulnerabilities, giving attendees the opportunity to learn about the most innovative techniques to both hack and secure IoT. IoT Village is organized by security consulting and research firm, Independent Security Evaluators (ISE).\n

\n
Prerequisites
\n
\n

IoT Village welcomes individuals of all skill levels. A base knowledge of HTML is a nice to have, but we offer activities for everyone. Bringing your own laptop could help in beating around long lines for terminals for hands-on labs.\n

Links:
    Website - https://iotvillage.org/
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-iot.webp\''),(20,1,'Physical Security Village','','PSV','https://www.physsec.org/','','None','IRL','#orga_40970','','','https://discord.com/channels/708208267699945503/732732893830447175','#lbv-social-text','https://twitter.com/physsec','https://www.twitch.tv/bypassvillage','https://linkedin.com/company/physsec','https://defcon.social/@physsec','https://discord.gg/XmuEF62eun','https://instagram.com/physsecvillage','',NULL,'','','','','','','LVCCW Level 1 Hall 2-601 (Physical Security Village)','','
\r\n\r\n

Physical Security Village

\r\n \r\n

\r\n\r\nMastodon (@physsec/media@defcon.social)\r\n | \r\nWebsite\r\n

\r\n\r\n\"logo\r\n\r\n

Physical security is an important aspect to think about when considering securing your facility. The Physical Security Village provides an important opportunity to learn about real-world threats, hands-on mitigation techniques, and best practices for protecting assets. Our village brings together experts, practitioners, and enthusiasts to share knowledge through interactive demos, talks, and discussions. Whether you\'re new to physical security or a seasoned professional, you\'ll find valuable insights and practical skills.

\r\n\r\n
','\'

The Physical Security Village explores the world of hardware bypasses and techniques generally outside of the realm of cyber-security and lockpicking. Come learn some of these bypasses, how to fix them, and have the opportunity to try them out for yourself. We’ll be covering the basics, like the under-the-door-tool and latch slipping attacks, as well as an in depth look at more complicated bypasses. Learn about elevator hacking, attacking alarm systems at the sensor and communication line, and cut-away and display models of common hardware to show how it works on the inside!

Links:
    Mastodon (@physsec@defcon.social) - @physsec@defcon.social
\n    Website - https://www.physsec.org
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-physicalsecurity.webp\''),(22,1,'Lock Pick Village','Lockpick Village','LPV','https://www.toool.us/','','None','IRL','#orga_40736','','','https://discord.com/channels/708208267699945503/732734164780056708','#lpv-general-text','https://twitter.com/toool','https://www.twitch.tv/toool_us','https://youtube.com/c/TOOOL-US','https://techhub.social/@TOOOL','https://discord.gg/KVzJ9QK2az','','',NULL,'','','','','','','LVCCW Level 1 Hall 1-407 (Lock Pick Village)','','
\r\n\r\n

Lock Pick Village

\r\n \r\n

\r\n\r\nWebsite\r\n

\r\n\r\n\"logo\r\n\r\n

Want to tinker with locks and tools the likes of which you\'ve only seen in movies featuring secret agents, daring heists, or covert entry teams?

\r\n

Then come on by the Lockpick Village, run by The Open Organization Of Lockpickers, where you will have the opportunity to learn hands-on how the fundamental hardware of physical security operates and how it can be compromised.

\r\n

The Lockpick Village is a physical security demonstration and participation area. Visitors can learn about the vulnerabilities of various locking devices, techniques used to exploit these vulnerabilities, and practice on locks of various levels of difficultly to try it themselves.

\r\n

Experts will be on hand to demonstrate and plenty of trial locks, pick tools, and other devices will be available for you to handle. By exploring the faults and flaws in many popular lock designs, you can not only learn about the fun hobby of sport-picking, but also gain a much stronger knowledge about the best methods and practices for protecting your own property.

\r\n\r\n
','\'

Want to tinker with locks and tools the likes of which you\'ve only seen in movies featuring secret agents, daring heists, or covert entry teams?\n

Then come on by the Lock Pick Village, run by The Open Organization Of Lockpickers (TOOOL), where you will have the opportunity to learn hands-on how the fundamental hardware of physical security operates and how it can be compromised.\n

The Lock Pick Village is a physical security demonstration and participation area. Visitors can learn about the vulnerabilities of various locking devices, techniques used to exploit these vulnerabilities, and practice on locks of various levels of difficultly to try it themselves.\n

Experts will be on hand to demonstrate and plenty of trial locks, pick tools, and other devices will be available for you to handle. By exploring the faults and flaws in many popular lock designs, you can not only learn about the fun hobby of sport-picking, but also gain a much stronger knowledge about the best methods and practices for protecting your own property.\n

Links:
    Mastodon (@TOOOL@techhub.social) - https://techhub.social/@TOOOL
\n    Website - https://toool.us/
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-lockpick_v2.webp\''),(23,1,'Packet Hacking Village','','PHV','https://www.wallofsheep.com/','','None','IRL','#orga_40737','','','https://discord.com/channels/708208267699945503/708242376883306526','#phv-infobooth-text','https://x.com/wallofsheep','https://www.facebook.com/wallofsheep','https://youtube.com/wallofsheep','https://twitch.tv/wallofsheep','https://www.periscope.tv/wallofsheep','https://defcon.social/@wallofsheep','https://www.instagram.com/wallofsheep/',NULL,'','','','','','','LVCCW Level 3 W303-310 (Packet Hacking Village)','','
\r\n\r\n

Packet Hacking Village

\r\n \r\n

\r\n\r\nWebsite\r\n | \r\nMastodon (defcon.social)\r\n

\r\n\r\n\"logo\r\n\r\n

The Packet Hacking Village at DEF CON provides a community learning experience for people of all skill levels, from absolute beginners to seasoned professionals. While DEF CON is made up of dozens of small community-of-interest villages, we are one of the largest and most well known. We host practical training, network forensics and analysis games, and the renowned Capture The Packet event, which has been a Black Badge contest over 10 times and draws world-class hackers from around the world. Our mission has always been simple: to teach people good internet safety practices, and to provide an atmosphere that encourages everyone to explore and learn.

\r\n

We provide a welcoming environment for hackers of all skill levels and backgrounds to network, learn new things, and be active participants in DEF CON. Our famous “Wall of Sheep” provides a fun and interactive take on internet security and privacy, while our contests Packet Inspector, Packet Detective, and Capture The Packet serve as a zero-to-hero pathway for individuals to learn network security, packet analysis, and delve into advanced security topics. Every year we strive to bring something new and innovative to DEF CON, whether it’s never-seen-before talks or creative games to teach and test skills.

\r\n\r\n
','\'

The Packet Hacking Village at DEF CON provides a community learning experience for people of all skill levels, from absolute beginners to seasoned professionals. While DEF CON is made up of dozens of small community-of-interest villages, we are one of the largest and most well known. We host practical training, network forensics and analysis games, and the renowned Capture The Packet event, which has been a Black Badge contest over 10 times and draws world-class hackers from around the world. Our mission has always been simple: to teach people good internet safety practices, and to provide an atmosphere that encourages everyone to explore and learn.\n

We provide a welcoming environment for hackers of all skill levels and backgrounds to network, learn new things, and be active participants in DEF CON. Our famous “Wall of Sheep” provides a fun and interactive take on internet security and privacy, while our contests Packet Inspector, Packet Detective, and Capture The Packet serve as a zero-to-hero pathway for individuals to learn network security, packet analysis, and delve into advanced security topics. Every year we strive to bring something new and innovative to DEF CON, whether it’s never-seen-before talks or creative games to teach and test skills.\n

Depending on what talks, contests, and events participants select, they can expect to learn any/all of the following: Basic Internet security and privacy, network cable construction, honeypot setup and operation, regex, Linux training, packet interception and decoding, network analysis, sniffing, and forensics, reverse engineering, file forensics, system forensics, cryptography analysis, and more to be determined by the talks and workshops that we accept.\n

The Packet Hacking Village and Wall of Sheep have been a part of DEF CON since DEF CON 9, and we are proud to provide education and training to the hacker community at no cost.\n

Links:
    Website - https://www.wallofsheep.com
\n    Mastodon (@wallofsheep@defcon.social) - https://defcon.social/@wallofsheep
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-packet.webp\''),(25,1,'Payment Village','','PAYV','https://www.paymentvillage.org/','','None','IRL','#orga_40738','','','https://discord.com/channels/708208267699945503/732733473558626314','#payv-labs-text','https://x.com/paymentvillage','https://www.twitch.tv/paymentvillage','https://www.youtube.com/c/PaymentVillage','https://t.me/paymentvillage','https://www.linkedin.com/company/payment-village','https://bsky.app/profile/paymentvillage.bsky.social','',NULL,'','','','','','','LVCCW Level 2 W204-205 (Payment Village)','','
\r\n\r\n

Payment Village

\r\n \r\n

\r\n\r\nWebsite\r\n | \r\nMastodon (@paymentvillage@mastodon.social)\r\n

\r\n\r\n\"logo\r\n\r\n

Come to the Payment Village to learn about payment technologies! Payments play a crucial role in our daily lives, yet many of us lack an understanding of how they work. Our mission is to educate and cultivate the next generation of payment security experts and to foster open discussions around payments. We want to raise the bar in payment security! We invite you to explore the history of payments and to learn how modern-day payments work.

\r\n

The village is jam-packed with hands-on experiences and exciting challenges! Unsure of where to start? Register for one of our workshops to acquire new skills or attend a talk by one of our carefully chosen experts. Already a pro? Pick up a Payment Village credit card to take part in our contest! Looking for unique challenges? Take home all the money from our cash-grab machine or have a go at our scavenger hunt!

\r\n

As if that is not enough, this year we have created the largest badge EVER at DEF CON, our vulnerable ATM badge. We are bringing ATM hacking to the masses; our badge simulates an ATM attack surfaces in a physical form factor you can carry with two hands! not a forklift truck.

\r\n\r\n
','\'

Come to the Payment Village to learn about payment technologies! Payments play a crucial role in our daily lives, yet many of us lack an understanding of how they work. Our mission is to educate and cultivate the next generation of payment security experts and to foster open discussions around payments. We want to raise the bar in payment security! We invite you to explore the history of payments and to learn how modern-day payments work. \n

The village is jam-packed with hands-on experiences and exciting challenges! Unsure of where to start? Register for one of our workshops to acquire new skills or attend a talk by one of our carefully chosen experts. Already a pro? Pick up a Payment Village credit card to take part in our contest! Looking for unique challenges? Take home all the money from our cash-grab machine or have a go at our scavenger hunt!\n

Links:
    Website - https://paymentvillage.org
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-payment.webp\''),(26,1,'Recon Village','','RCV','https://reconvillage.org/','','None','IRL','#orga_40743','','','https://discord.com/channels/708208267699945503/732733566051418193','#rv-general-text','https://x.com/ReconVillage','https://www.facebook.com/reconvillage','https://www.youtube.com/reconvillage/','https://www.threads.com/@recon_villa','https://www.linkedin.com/company/reconvillage','https://discord.gg/reconvillage','',NULL,'','','','','','','LVCCW Level 1 Hall 2-501 (Recon Village)','','
\r\n\r\n

Recon Village

\r\n \r\n

\r\n\r\nMastodon (@reconvillage@defcon.social)\r\n | \r\nWebsite\r\n

\r\n\r\n\"logo\r\n\r\n

Recon Village is an Open Space with Talks, Live Demos, Workshops, Discussions, CTFs, etc., with a common focus on Reconnaissance. The core objective of this village is to spread awareness about the importance of reconnaissance and open-source intelligence (OSINT) and demonstrate how even a small piece of information about a target can cause catastrophic damage to individuals and organizations.

\r\n

As recon is a vital phase for infosec as well as investigations, folks should have this skill set in their arsenal. People should check out Recon Village, as they get to learn novel point/recon techniques, play hands-on CTF, participate in Live Recon, and, most of all, have fun. At RV, we keep things simple, and the focus is on generating quality content using talks, workshops, CTF, live hacking, hackathons, and other hands-on activities, etc.

\r\n

We also run fun and hands-on live competitions where participants learn while they play.

\r\n\r\n
','\'

Recon Village is an Open Space with Talks, Live Demos, Workshops, Discussions, Beginner Sessions, and CTFs, all centered around one theme: Reconnaissance.\n

Here, you explore recon and OSINT as practical disciplines across security research, investigation, journalism, and intelligence. You will learn how to map infrastructure, trace digital footprints, analyze open data, pivot across sources, and understand how systems, people, and signals connect across internet, cloud, AI, and the physical world.\n

Expect GeOSINT, live recon, do your own recon sessions, recon dashboards, and practitioner-led talks that go deep into real tradecraft.\n

You will not just listen. You will investigate, enumerate, validate, and think. If you want to see what is exposed before others do, and turn scattered signals into actionable insight, this is your space.\n

\n
Prerequisites
\n
\n

Not a lot is needed to participate in Recon Village.\n

If you plan to participate seriously in contests such as CTFs, live recon, or GeOSINT challenges, a laptop is strongly recommended so you can enumerate, pivot, and document findings in real time. For lighter participation, a smartphone with internet access is sufficient.\n

There will be content and activities for all levels, from beginners exploring fundamentals to experienced practitioners diving into deeper investigations.\n

Good to Have - asic familiarity with domains, IP addresses, DNS, and search operators is helpful. Prior experience with command line tools or recon and OSINT frameworks is a plus, but not required.\n

Required mindset: curiosity, patience, and the instinct to follow the signal.\n

Links:
    Mastodon (@reconvillage@defcon.social) - https://defcon.social/@reconvillage
\n    Website - https://reconvillage.org
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-recon.webp\''),(27,1,'Radio Frequency Village','','RFV','https://rfhackers.com/','','None','IRL','#orga_40742','','','https://discord.com/channels/708208267699945503/732732595493666826','#rfv-general-text','https://twitter.com/rfhackers','https://twitter.com/rf_ctf','','','https://wiki.brandmeister.network/index.php/TalkGroup/98638','https://discordapp.com/invite/JjPQhKy','',NULL,'','','','','','','LVCCW Level 1 Hall 1-409 (Radio Frequency Village)','','
\r\n\r\n

Radio Frequency Village

\r\n \r\n

\r\n\r\nWebsite\r\n

\r\n\r\n\"logo\r\n\r\n

After 17 years of evolution, from the WiFi Village, to the Wireless Village, RF Hackers Sanctuary presents: The Radio Frequency Village at DEFCON 32. The Radio Frequency Village is an environment where people come to learn about the security of radio frequency (RF) transmissions, which includes wireless technology, applications of software defined radio (SDR), Bluetooth (BT), Zigbee, WiFi, Z-wave, Radio Frequency Identification (RFID), Infrared (IR) and other protocols within the usable RF spectrum. As a security community we have grown beyond WiFi, and even beyond Bluetooth and Zigbee. The RF Village includes talks on all manner of radio frequency command and control as well as communication systems. While everyone knows about the WiFi and Bluetooth attack surfaces, most of us rely on many additional technologies every day. RF Hackers Sanctuary is supported by a group of experts in the area of information security as it relates to RF technologies. RF Hackers Sanctuary’s common purpose is to provide an environment in which participants may explore these technologies with a focus on improving their skills through offense and defense. These learning environments are provided in the form of guest speakers, panels, and Radio Frequency Capture the Flag games, to promote learning on cutting edge topics as it relates to radio communications. We promise to still provide free WiFi.

\r\n

Co-located with the RF Village is the RF Capture the Flag. Come for the talks, stay for the practice and the competition.

\r\n

Who runs this thing?

\r\n

RF Hackers Sanctuary is a group of all volunteers with expertise in radio security and various other related fields. We are the original creators of the WiFi Capture the Flag, Wireless Capture the Flag, and RF Capture the Flag. We are the original founders of the WiFi Village, Wireless Village, and RF Village. Often imitated, never duplicated.

\r\n\r\n
','\'

After 20 years of evolution, from the WiFi Village, to the Wireless Village, RF Hackers Sanctuary presents: The Radio Frequency Village at DEF CON 34. The Radio Frequency Village is an environment where people come to learn about the security of radio frequency (RF) transmissions, which includes wireless technology, applications of software defined radio (SDR), Bluetooth (BT), Zigbee, WiFi, Z-wave, Radio Frequency Identification (RFID), Infrared (IR) and other protocols within the usable RF spectrum. As a security community we have grown beyond WiFi, and even beyond Bluetooth and Zigbee. The RF Village includes talks on all manner of radio frequency command and control as well as communication systems. While everyone knows about the WiFi and Bluetooth attack surfaces, most of us rely on many additional technologies every day. RF Hackers Sanctuary is supported by a group of experts in the area of information security as it relates to RF technologies. RF Hackers Sanctuary’s common purpose is to provide an environment in which participants may explore these technologies with a focus on improving their skills through offense and defense. These learning environments are provided in the form of guest speakers, panels, and Radio Frequency Capture the Flag games, to promote learning on cutting edge topics as it relates to radio communications. We promise to still provide free WiFi.\n

Co-located with the RF Village is the RF Capture the Flag. Come for the talks, stay for the practice and the competition.\n

Links:
    Website - http://rfhackers.com
\n    Website - https://rfhackers.com
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-rf.webp\''),(30,1,'Social Engineering Community Village','Social Engineering Community Village','SEV','https://www.se.community/','','None','IRL','#orga_40745','','','https://discord.com/channels/708208267699945503/732733952867172382','#sev-general-text','https://twitter.com/sec_defcon','https://www.youtube.com/channel/UCFlepVHh7k5rBRTXwDrHyJA','https://www.twitch.tv/se_community','','','https://www.linkedin.com/company/social-engineering-community/','https://www.facebook.com/Social-Engineering-Community-108883855139272',NULL,'','','','','','','LVCCW Level 3 W317-319 (SEC Village)','','
\r\n\r\n

Social Engineering Community Village

\r\n \r\n

\r\n\r\nWebsite\r\n

\r\n\r\n\"logo\r\n\r\n

The Social Engineering Community is formed by a group of individuals who have a passion to enable people of all ages and backgrounds interested in Social Engineering with a venue to learn, discuss, and practice this craft. We plan to use this opportunity at DEF CON to present a community space that offers those elements through panels, research opportunities, and contests in order to act as a catalyst to foster discussion, advance the craft and create a space for individuals to expand their network. DEF CON attendees can either participate in these events, or they can watch the events unfold and learn about Social Engineering as an audience member. We plan to accomplish the above by bringing together passionate individuals to have a shared stake in building this community.

\r\n\r\n
','\'

The Social Engineering Community village dives into one of the most powerful attack surfaces in security: humans. Our village creates a space where attendees can explore the psychology, tactics, and tradecraft behind human-focused hacking. Through presentations, live demonstrations (via contests), and interactive activities, students, defenders, hackers, and the curious can see how reconnaissance, persuasion, and improvisation are used to bypass even the best defenses.\n

At DEF CON the village becomes a live stage for the craft. In the Social Engineering Community Vishing Competition (SECVC), competitors step into a soundproof booth and place real calls using OSINT, creative pretexts, and quick thinking while the audience watches the strategy unfold in real time. In Battle of the Bots, human-created AI agents attempt social engineering calls of their own, exploring what happens when automated systems try their hand at elicitation. Alongside the contests, attendees can have the opportunity to place calls in our \"Cold Calls\" or listen in to some presentations. \n

The village is built by the community that practices the craft. Volunteers, researchers, hackers, defenders, and curious newcomers all contribute to the content each year, creating space for new voices and ideas to take the stage. Whether you want to watch live un-scripted social engineering calls, understand the psychology behind it, or meet others who love the human side of security, the Social Engineering Community village is the place to experience it at DEF CON.\n

\n
Prerequisites
\n
\n

Attendees are welcome to watch contests, join discussions, and participate in interactive activities with no preparation needed.\n

Competitors in the Social Engineering Community Vishing Competition and Battle of the Bots Contest are selected in advance through a Call for Competitors prior to DEF CON, but some activities such as Cold Calls allow audience members to sign up onsite and participate.\n

Attendees who want to participate in Cold Calls may benefit from brushing up on basic social engineering skills such as rapport building, influence and elicitation techniques.\n

Links:
    Website - https://www.se.community/
\n    Website - https://www.se.community
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-socialengineering.webp\''),(31,1,'Voting Village','Voting Machine Village','VMV','https://votingvillage.org/','','None','IRL','#orga_40748','','','https://discord.com/channels/708208267699945503/732733881148506164','#vmhv-general-text','https://x.com/votingvillagedc','https://youtube.com/@defconvotingvillage','https://twitch.tv/votingvillagedc','','','https://www.linkedin.com/company/election-integrity-foundation/','https://www.instagram.com/votingvillage?igsh=MWJreTh6dGl3eDEzNg==',NULL,'','','','','','','LVCCW Level 2 W219-220 (Voting Village)','','
\r\n\r\n

Voting Village

\r\n \r\n

\r\n\r\nWebsite\r\n

\r\n\r\n\"logo\r\n\r\n

The Voting Village has been an annual event since 2017 that provides hands-on opportunities to understand and analyze voting system hardware and software. Before the Voting Village, ordinary technologists and citizens had no access to the systems that run our election infrastructure. As the only open environment that gives the public hands-on access to their election systems, it is a critical antidote to rampant misinformation about election security and provides an opportunity to strengthen these systems against malicious attacks. The Voting Village is brought to you by our 501(c)3 tax exempt not for profit organization, the Election Integrity Foundation, EIN: 83-4089169.

\r\n

The Voting Village has been invited to testify to Congress several times about how to strengthen election infrastructure. Conversely, we have drawn fire from voting system manufacturers, prompting a bipartisan group of senators to co-sign a public letter defending the Voting Village against some of the largest voting machine companies in 2018.

\r\n

Even between presidential election cycles, expanding the reach of the Voting Village and providing education about how our election systems work is critical to democracy.

\r\n\r\n
','\'

Voting Village at DEF CON, launched in 2017, is the first public forum where hackers and members of the public have legal, unconstrained, hands-on experience with actual election systems used in the United States and elsewhere. It has become the premier venue for exploring the theory and practice of election security. This unique voting laboratory helps participants – in person and around the world – understand where gaps in security are, how to mitigate vulnerabilities, and why hackers are such an important part of investigating election security. Most importantly, the Voting Village helps election officials at all levels understand how to make systems more secure and more trustworthy.\n

The Voting Village returns for its 10th year at DEF CON 34. As in the past, the Voting Village will feature a 2-day speaking track (Friday and Saturday) that will highlight various aspects of election cybersecurity, including the technical components that make up our election infrastructure: hardware, software, and databases, new vulnerabilities, and ways to mitigate them.\n

\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-voting.webp\''),(32,0,'Social Gatherings/Events','','SOC','','','None','Hybrid','','',NULL,'','','','','','','','','',NULL,'','','','','','','','','',NULL,'',NULL),(33,0,'Music','','MUS','https://defconmusic.org','','None','Hybrid','',NULL,NULL,'','','http://www.twitter.com/defcon_music','https://www.youtube.com/channel/UCgKdcBC_lR6yxZzyehcLgsA','https://www.twitch.tv/defcon_music','https://www.twitch.tv/defcon_chill','','','',NULL,'','','','','','','','','Music Link All the Things: \r\n\r\nhttps://www.twitch.tv/defcon_music\r\nhttps://www.twitch.tv/defcon_chill\r\nhttp://www.defconmusic.org/',NULL,'',NULL),(34,0,'DEF CON Workshops','','DCW','https://defcon.org/html/defcon-33/dc-33-workshops.html','','None','IRL','',NULL,NULL,'','','','','','','','','',NULL,'','','','','','','','','',NULL,'',NULL),(35,0,'Demo Labs','','DL','https://forum.defcon.org/node/252635','','None','Hybrid','',NULL,NULL,'','','','','','','','','',NULL,'','','','','','','','','',NULL,'',NULL),(36,0,'DEF CON Talks','','DCT','https://defcon.org/html/defcon-33/dc-33-speakers.html','','None','Hybrid','',NULL,NULL,'','','https://twitter.com/defcon','https://www.facebook.com/defcon','https://www.youtube.com/user/DEFCONConference','http://www.reddit.com/r/defcon','https://www.instagram.com/wearedefcon/','https://discord.gg/defcon','',NULL,'','','','','','','','','',NULL,'',NULL),(37,0,'Contests','','CON','https://defcon.outel.org/dcwp/dc33/activities/c/','','None','Hybrid','','',NULL,'','','https://defcon.org/html/defcon-33/dc-33-contests.html','','','','','','',NULL,'','','','','','','','','Various contests, some lasting all 4 days of DEF CON, some short time on stage',NULL,'',NULL),(39,0,'Misc','','MISC','','','None','','',NULL,NULL,'','','','','','','','','',NULL,'','','','','','','','','',NULL,'',NULL),(42,1,'Red Team Village','','RTV','https://redteamvillage.io/','','None','IRL','#orga_40744','','','','','https://x.com/redteamvillage_','https://www.youtube.com/redteamvillage','https://www.twitch.tv/redteamvillage','https://discord.gg/redteamvillage','https://www.instagram.com/theredteamvillage/','https://bsky.app/profile/theredteamvillage.bsky.social','',NULL,'','','','','','','LVCCW Level 1 Hall 1-309 (Red Team Village)','','
\r\n\r\n

Red Team Village

\r\n \r\n

\r\n\r\nWebsite\r\n

\r\n\r\n\"logo\r\n\r\n

The Red Team Village is focused on training the art of critical thinking, collaboration, and strategy in offensive security. The RTV brings together information security professionals to share new tactics and techniques in offensive security.

\r\n\r\n
','\'

The Red Team Village is focused on training the art of critical thinking, collaboration, and strategy in offensive security. The RTV brings together information security professionals to share new tactics and techniques in offensive security. Attendees may spend time engaged in workshops or challenge themselves in an immersive Capture the Flag competition to put their newly obtained skills to the test.\n

\n
Prerequisites
\n
\n

Laptops are highly encouraged for participation in Red Team Village tactics and workshops, and are mandatory for CTF and Wargames.\n

Links:
    Website - https://redteamvillage.io/
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-redteam_v2.webp\''),(43,1,'Tamper Evident Village','Tamper-Evident Village','TEV','','','None','IRL','#tev','','','','','','','','','','','',NULL,'','','','','','','LVCCW Level 1 Hall 1-406 (Tamper Evident)','','','\'

\"Tamper-evident\" refers to a physical security technology that provides evidence of tampering (access, damage, repair, or replacement) to determine authenticity or integrity of a container or object(s). In practical terms, this can be a piece of tape that closes an envelope, a plastic detainer that secures a hasp, or an ink used to identify a legitimate document. Tamper-evident technologies are often confused with \"tamper resistant\" or \"tamper proof\" technologies which attempt to prevent tampering in the first place. Referred to individually as \"\"seals,\"\" many tamper technologies are easy to destroy, but a destroyed (or missing) seal would provide evidence of tampering! The goal of the TEV is to teach attendees how these technologies work and how many can be tampered with without leaving evidence.\n

The Tamper-Evident Village includes the following contests and events:\n

    \n
  • **The Box (Bomb Defusal Contest)** - The Box is an electronic tamper-evident challenge in which you have 10 minutes to defuse a bomb. Learn about electronic sensors, traps, and other crafty tricks while solving puzzles to figure out how to defuse the bomb. One mistake lets The Box know you\'re doing something you shouldn\'t and BOOM, you\'re dead. Make every second count! Don\'t worry - you can respawn at the back of the line.
  • ** Tamper-Evident Contest: King of the Hill** - Compete against your fellow DEF CON attendees identifying and exploiting tamper-evident seal defeats! Work with several mechanical tamper seals to figure out how they can be defeated and fool the would-be seal inspectors. Score is based on how hard it is for inspectors to identify tampering and how much time it took. Beat the current best and claim your spot as King of the Hill!
  • **Counterfeit Badge Contest** - Submit your best forgery of a DEF CON human badge. Other (non DEF CON) target badges are also available for those looking for more counterfeit challenges and fun! Please play responsibly and do not use counterfeit badges for untoward purposes at con.
\n
\'','','NULL'),(44,1,'Quantum Village','','QTV','https://quantumvillage.org/','','None','IRL','#orga_40741','','','','','https://twitter.com/quantum_village','https://discord.gg/6WUjH5cBXu','https://www.linkedin.com/company/quantumvillage/','https://youtube.com/@quantum_village/','','','',NULL,'','','','','','','LVCCW Level 1 Hall 2-605 (Quantum Village)','','
\r\n\r\n

Quantum Village

\r\n \r\n

\r\n\r\nWebsite\r\n

\r\n\r\n\"logo\r\n\r\n

Quantum Village Returns with our Year of Quantum Edition @ DEF CON 33!! Our theme this year is “Sense and Security” and we are bringing some amazing talks, workshops, demos, and hands-on activities to this year’s incredible Quantum Village! Come and find out how to hack quantum computers, learn more about quantum technologies, and meet the engineers and scientists who are building the machines that manipulate the quantum world. We also introduce the world’s first hackable, fully open sourced diamond-based quantum sensing platform - and we’ll be showing some of the amazing things it can do! We have quantum computers, quantum sensors, The OG Quantum CTF, quantum art (and artists), and all you need to prepare for the quantum future!

\r\n\r\n
','\'

We are excited to bring you the 5th Edition of Quantum Village @ Def Con! Last year was a blast and our open source hardware sparked a revolution in quantum tech, and we have only just begun! QV provides vital resources and spaces for the hacker community to have access to quantum hardware and start designing the next generation of quantum technologies on their own terms. \n

This year we are bringing even more Open Quantum Hardware to Vegas, and we want you to come and be part of this seismic shift in how we innovate and adopt these exciting new technologies and ideas. You wanted more quantum, and quantum needs your Hacker Ingenuity! \n

With most of quantum tech being the preserve of academics and venture capitalists, we believe the Quantum Village is a vital space that hackers of all capabilities can benefit from and deserve. Let’s build stuff from the Atom Up!\n

Links:
    Website - https://quantumvillage.org/
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-quantum.webp\''),(50,1,'Policy @ DEF CON','Policy @ DEF CON','PLV','https://defcon.org/policy/','','None','IRL',' #orga_40740','','','','','https://twitter.com/DEFCONPolicy','https://www.defcon.org/html/links/dc-policy.html','https://defcon.social/@defconpolicy','https://bsky.app/profile/defconpolicy.bsky.social','https://www.linkedin.com/company/policy-def-con/','https://www.youtube.com/@policyatdefcon','',NULL,'','','','','','','LVCCW Level 2 W210-211 (Policy Village)','','
\r\n\r\n

Policy Village

\r\n \r\n

\r\n\r\nWebsite\r\n | \r\nMastodon (defcon.social)\r\n

\r\n\r\n\"logo\r\n\r\n

The DEF CON community understands that creating a safer digital society requires collaboration between security and policy experts. Policy @ DEF CON provides a space for representatives of all areas of security to come together to educate and engage each other.

\r\n

Tech policy is being written as we speak and we believe that including diverse expert voices will improve outcomes and help to bridge gaps between technical and policy practitioners. Senior government officials, nonprofit and private sector experts, security researchers, hackers, academics and technologists from around the world all come together at Policy @ DEF CON.

\r\n\r\n
','\'

DEF CON welcomes policymakers and technology professionals to join Policy@DEF CON and participate with our community of knowledgeable experts. We need to work together.\n

Over the past 30 years the DEF CON community, has evolved and grown along with the cyber domain. We understand that creating a safer digital society requires collaboration between security and policy experts. DEF CON provides a space for representatives of all areas of security to come together to educate and engage each other.\n

Tech policy is being written as we speak and we believe including diverse expert voices will improve outcomes across the policy-technology spectrum by bridging the gap between technical and policy practitioners. Senior government officials, policy experts, nonprofit and the private sector, security researchers, hackers, academics and technologists from around the world all come together at Policy @ DEF CON.\n

Links:
    Website - https://defcon.org/policy/
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-policy.webp\''),(54,0,'DEF CON Training','','TRN','https://defcontrainings.myshopify.com/collections/all','','None','IRL','','https://forum.defcon.org/node/244768',NULL,'','','','','','','','','',NULL,'','','','','','','','','',NULL,'',NULL),(55,0,'DEF CON Groups VR (DCGVR)','','DCGVR','https://www.dcgvr.org/','','None','Virtual','',' ',NULL,'','','https://twitter.com/DCGVR','https://www.twitch.tv/defcon_groups','https://discord.gg/bsX4QXf3rD','https://www.youtube.com/channel/UCRQRZ6AmjZmaRYR_MUggmwA','','','',NULL,'','','','','','','','','',NULL,'',NULL),(56,1,'Embedded Systems Village','Embedded Village','ESV','https://embeddedvillage.org/','','None','','#orga_40731','','','','','https://twitter.com/EmbeddedVillage','','','','','','',NULL,'','','','','','','LVCCW Level 1 Hall 2-503 (Embedded Systems Village)','','
\r\n\r\n

Embedded Systems Village

\r\n \r\n

\r\n\r\nWebsite\r\n

\r\n\r\n\"logo\r\n\r\n

Embedded systems exist at the intersection of hardware and software, built to accomplish a specific task. Often these disciplines are dealt with individually, but understanding the custom relationships between hardware and software is key to performing security research on these devices.

\r\n

Embedded Systems Village advances the security of embedded systems by hosting hands-on hacking workshops, showcasing new security research demos, and organizing exciting hacking contests to educate attendees and manufacturers on the approach hackers use to attack these devices. Attendees will leave the village with an understanding of how to reduce complex, exotic devices to their underlying embedded components and to extract the information required to use the tools and techniques taught at other villages where embedded systems are on display.

\r\n\r\n
','\'

Embedded Systems Village (ESV) is a community of enthusiastic hackers who love working with hardware. Run by Hacking Villages Inc., a US-based 501(c)3 nonprofit, ESV\'s mission is to educate attendees on how embedded systems work, how to analyze their hardware components, how to identify vulnerabilities, and how to prevent cyberattacks on these systems.\n

Everything ESV does is grounded in real embedded devices — occasionally jamming a whole bunch of concepts onto a single piece of hardware, but always with an authentic real-world analog. Whether you\'re walking in for the first time or you\'ve been hacking hardware for years, ESV provides a challenging yet supportive environment to hack, learn, and innovate.\n

Prerequisites: \n

    \n
  • Attendees wishing to compete in the competition should bring a laptop, and any tools that might reasonably required for hacking embedded devices.
\nLinks:
    Website - https://embeddedvillage.org/
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-embedded.webp\''),(57,1,'Telecom Village','','TELV','https://telecomvillage.com/','','None','','#orga_40747','','','','','https://x.com/TelecomVillage','https://www.linkedin.com/company/telecom-village','','','','','',NULL,'','','','','','','LVCCW Level 3 W321 (Telecom Village)','','
\r\n\r\n

Telecom Village

\r\n \r\n

\r\n\r\nWebsite\r\n

\r\n\r\n\"logo\r\n\r\n

At Telecom Village, our mission is to cultivate critical and innovative thinking in telecom security, with a strong focus on 5G networks. We offer a structured learning approach that enables participants to:

\r\n
    \r\n
  • Identify key areas for research and security analysis.
  • \r\n
  • Explore telecom vulnerabilities and misconfigurations in depth.
  • \r\n
  • Develop essential skills, including security gap analysis, penetration testing of telecom protocols, Radio Access Networks (RAN), 5G API gap analysis and ICT-related threat mitigation.
  • \r\n
\r\n

Our goal is to bridge the gap between theory and real-world application, equipping participants with the expertise to navigate and counter emerging telecom security challenges effectively. Through guided research, hands-on learning, and continuous exploration, we foster a community of skilled professionals ready to tackle the evolving telecom landscape.

\r\n\r\n
','\'

The Telecom Security Village focuses on the intersection of telecommunications infrastructure, security operations, and advanced threat research. As telecom networks form the backbone of global communication, they have become a high-value target for Advanced Persistent Threats (APTs), nation-state actors, and sophisticated cybercriminal groups. This village explores how modern telecom environments—including 4G/5G core networks, signaling systems, IMS infrastructure, and routing protocols such as BGP—are monitored, defended, and analyzed within a telecom Security Operations Center (SOC).\n

Attendees will learn how telecom SOC teams detect and investigate threats targeting mobile networks, signaling systems, and subscriber infrastructure. The village will demonstrate techniques used to identify signaling abuse, network manipulation, SIM and identity attacks, and telecom-specific intrusion patterns that are often leveraged by APT groups for surveillance, interception, and disruption.\n

Through talks, live demonstrations, and research discussions, participants will gain insight into telecom threat intelligence, network telemetry analysis, anomaly detection in signaling networks, and defensive strategies used by operators and researchers to protect critical communications infrastructure. The goal of the Telecom Security Village is to bridge the gap between the telecom engineering community and the cybersecurity research ecosystem while promoting deeper understanding of threats targeting global telecom networks.\n

\n
Prerequisites
\n
\n

Participants do not need prior telecom experience to attend the Telecom Security Village, but a basic understanding of networking concepts will be helpful. Familiarity with IP networking, TCP/IP protocols, and general cybersecurity concepts will allow attendees to gain more value from the hands-on demonstrations and discussions.\n

For technical workshops and labs, participants are encouraged to have some exposure to Linux environments, packet analysis tools such as Wireshark, and basic scripting or programming knowledge (e.g., Python). Attendees interested in deeper exploration may benefit from familiarity with mobile network concepts such as LTE/5G architecture, SIP/IMS signaling, or routing protocols like BGP, though these are not strict requirements.\n

The village is designed to accommodate a broad audience including security researchers, telecom engineers, network operators, students, and hackers who are interested in understanding telecom infrastructure and its security challenges. Introductory explanations will be provided so that newcomers can follow along while more advanced participants can engage with deeper technical content.\n

Links:
    Website - https://telecomvillage.com
\n    Mastodon (@akibsayyed@mastodon.social) - https://mastodon.social/@akibsayyed
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-telecom.webp\''),(61,1,'Adversary Village','','ADV','https://adversaryvillage.org','https://adversaryvillage.org/adversary-events/DEFCON-34/','None','IRL','#orga_40719','','','','','https://twitter.com/AdversaryVillag','https://defcon.social/@AdversaryVillage','https://youtube.com/AdversaryVillage','https://discord.gg/GDB3rC7KYz','https://twitch.tv/AdversaryVillage','https://facebook.com/AdversaryVillage','https://www.linkedin.com/company/adversaryvillage',NULL,'','','','','','','LVCCW Level 1 Hall 2-602 (Adversary Village)','','
\r\n\r\n

Adversary Village

\r\n \r\n

\r\n\r\nMastodon (defcon.social)\r\n | \r\nWebsite\r\n

\r\n\r\n\"logo\r\n\r\n

Adversary Village is a community initiative which primarily focuses on adversary simulation/emulation, purple teaming, and adversary tradecraft. The village covers offensive operations, threat/APT/ransomware simulation, breach and adversarial attack simulation, supply chain security, adversary tactics, research on nation-state-sponsored threat-actors, adversary intelligence, adversarial mindset, philosophy, and hacker survival skills.

\r\n

The goal of the Adversary Village is to build an open security community for the researchers and organizations, who are putting together new means, methodologies towards the simulation-emulation of adversary tactics and collaboration.

\r\n

Subsequent to feedback from past editions, Adversary Village shall focus on hosting hands-on deep technical workshops, live demonstrations, panel discussions and a ton of other hands-on activities on adversarial attack simulation/emulation, offensive tradecraft to engage and educate the community.\r\nAdversary Village would have the following hands-on activities for this year at DEF CON;

\r\n

Adversary simulator and purple teaming hands-on booth

\r\n

Adversary Simulator booth is a volunteer assisted activity, which has hands-on adversary emulation plans and exercises specific to a wide variety of threat-actors; these are meant to provide the participants with a better understanding of adversarial attack emulation. The booth will be hosting a simulated environment meant to recreate enterprise infrastructure, operational technology environment, which serves targets for various attack simulations.\r\nThe hands-on simulator booth also hosts an activity, which would need the participants to generate their own adversary emulation plans to assess the efficacy of the defense systems based on publicly available cyber threat intelligence.

\r\n

Choose-your-own-Adversary-Adventure Tabletop Game

\r\n

Adversary adventure is a story-scenario based, interactive, cyber war-gaming, choose-your-own adventure model interactive game. This is a gamified version of table-top exercises which is presented to the participants as they can choose to play as an attacker, post exploitation OR a Defender who is defending against an attacker group-threat actor OR even play as a CISO who is dealing with an adversarial situation such as a ransomware incident.

\r\n

Hands-on deep technical workshops

\r\n

Adversary Village will feature a limited number of deep technical workshops focused on advanced adversary tradecraft and techniques.

\r\n

Hands-on guided breach and offensive attack simulation exercises

\r\n

This area will feature guided attack simulation exercises for participants to engage with. There will be a few scenario-focused activities, "Breach-the-Hospital", "Breach-the-Office", “Breach-the-Bank” etc., visually represented by modular-brick-LEGO sets. A simulated cyber range will be available for each scenario, providing an exact replica of an enterprise production environment. We will provide a detailed walkthrough of the attack scenarios, including Tools-Techniques-and-Procedures, commands and how-to guides, demonstrating how to attack and breach the target environment.\r\nThis exercise will give participants a clear understanding of how threat actors infiltrate corporate environments.

\r\n

Adversary Wars CTF

\r\n

Adversary Village will be hosting "Adversary Wars CTF", where the participants will have to pose as adversaries and replicate adversarial actions against each element of a “target” organization. Adversary Wars would have real world challenge scenarios and challenges, where the participants can perform various attacks and learn new TTPs. To visualize the CTF environment, the contest area will feature a miniature model of the city made using interlocking-plastic-bricks. The breached components will be physically marked in the city model as the CTF progresses.\r\nThere will be prizes, complimentary hoodies (yes, the iconic adversary village hoodies), free t-shirts, cool stickers, village coins, badges, and various other swags.

\r\n\r\n
','\'

Adversary Village is a community initiative focused on adversary simulation, emulation, offensive cyber security, purple teaming, and adversary tradecraft. The village explores how real adversaries operate, how offensive capabilities are built and deployed, and how nation state sponsored threat actors continue to shape the modern cyber threat landscape.\n

Our focus spans adversary and APT simulation, ransomware and breach emulation, adversarial attack simulation, supply chain security, adversary intelligence, research on nation state threat actors, hacker survival skills and the broader adversarial mindset. If it involves thinking and operating like an adversary, pull up a chair, that\'s a conversation we want to have.\n

The goal of Adversary Village is to build an open and collaborative security community where researchers, practitioners, and organizations can come together to develop and share new approaches to adversary simulation and emulation. Understanding how adversaries think and operate is essential to building stronger defenses.\n

At the village, the community will experience deep technical workshops, live demonstrations, panel discussions, adversary emulation labs, breach simulation exercises, CTFs, and other hands on activities. Everything is designed to give participants practical exposure to adversarial operations while encouraging collaboration and knowledge sharing across the security community.\n

Links:
    Website - https://adversaryvillage.org
\n    Mastodon (@AdversaryVillage@defcon.social) - https://defcon.social/@AdversaryVillage
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-adversary_v2.webp\''),(62,0,'Artificial Intelligence Cyber Challenge','Artificial Intelligence Cyber Challenge (AIxCC)','AIxCC','https://aicyberchallenge.com/','','None','IRL','#orga_40722','','','','','https://twitter.com/DARPA','','','','','','',NULL,'','','','','','','LVCC West-Level 1-Exhibit Hall 1-404 (AIxCC)','','
\r\n\r\n

Artificial Intelligence Cyber Challenge (AIxCC)

\r\n \r\n

\r\n\r\nWebsite\r\n

\r\n\r\n\"logo\r\n\r\n

The AIxCC Finals will unfold at DEF CON 33 in August 2025. The top seven teams who qualified during Semifinals will compete for a grand prize of $4 million.

\r\n

The AIxCC Final Competition will introduce new challenge repositories and vulnerabilities, encouraging teams to improve upon their current CRS implementations and push forward their systems\' capabilities in terms of robustness, scale, and real-world impact.

\r\n\r\n
\r\n','\'

The AIxCC Finals will unfold at DEF CON 33 in August 2025. The top seven teams who qualified during Semifinals will compete for a grand prize of $4 million.\n

The AIxCC Final Competition will introduce new challenge repositories and vulnerabilities, encouraging teams to improve upon their current CRS implementations and push forward their systems\' capabilities in terms of robustness, scale, and real-world impact.\n

Links:
    Website - https://aicyberchallenge.com/
\n
\'','','\'https://defcon.outel.org/defcon33/images/logos/vlg-aixcc.webp\''),(65,1,'Bug Bounty Village','','BBV','https://bugbountydefcon.com/','','None','IRL','#orga_40726','','','','','https://twitter.com/BugBountyDEFCON','https://www.youtube.com/BountyTalks','https://twitter.com/arl_rose','https://twitter.com/infinitelogins','https://www.youtube.com/infinitelogins','https://www.instagram.com/bugbountydefcon','','none','','','','','','','LVCCW Level 2 W206-207 (Bug Bounty Village)','','
\r\n\r\n

Bug Bounty Village

\r\n \r\n

\r\n\r\nWebsite\r\n

\r\n\r\n\"logo\r\n\r\n

The global bug bounty community has witnessed exponential growth, with thousands of members actively engaged in the field. This thriving ecosystem now represents a legitimate and sought-after profession for hackers and cybersecurity specialists. After a big success and great feedback during the first ever Bug Bounty Village during DEFCON 32, We want to be part of DEFCON 33 and keep celebrating the bug bounty community, where hunters, learners, and enthusiasts can converge, interact with top-tier hackers, attend insightful workshops, talks, and immerse themselves in hands-on activities.

\r\n

With over 20 workshops, panels and talks, the Bug Bounty Village at DEFCON 32 was a huge success. The room was completely full of hackers at all times, Some of the best bug bounty hunters in the community were part of our village to share knowledge, create content, teach others, and also, to make new friends. With waiting lines of over 100 people waiting to get in for some of our workshops, we have demonstrated that there is a huge interest in Bug Bounty to remain as a specific village at DEFCON, and have that special place in the biggest hacker conference in the world, where the Bug Bounty community can connect, grow and help others become the future of Bug Bounty.

\r\n\r\n
','\'

Welcome to the Bug Bounty Village at DEF CON, the central hub for the global community of bug bounty hunters, security researchers, and hackers. Now in our third year, we are returning to DEF CON bigger and better than ever.\n

Hacking is at the core of everything we do. Whether you are a newcomer looking to submit your first report or a seasoned veteran chasing critical exploits, our space offers the tools, community support, and technical insights you need to level up. Attendees can expect a high-energy environment filled with technical talks, hands-on workshops, and live hacking challenges. Following the massive success of our inaugural CTF in 2025—which drew over 750 participants—we are expanding our competitive offerings to push your skills to the limit.\n

Visit us and participate in our custom electronic badges giveaways, get an exclusive challenge coin, and engage with some of the world\'s most prolific bug bounty hunters. You will learn everything from the \"\"obvious\"\" essentials—like setting up a secure testing environment—to cutting-edge techniques for breaking complex modern systems. If you want to see how the world’s most impactful bugs are found, fixed, and rewarded, this is the place to be.\n

Prerequisites: \n

To fully participate in any of the workshops, trainings, and / or CTF, attendees should bring a laptop and a charger. For the safety of your hardware and personal data, it is a prerequisite that all participants have their laptops configured for the DEF CON Wi-Fi in a secure manner prior to joining village activities.\n

While the village offers content for all experience levels, a foundational understanding of web protocols and a curious, analytical mindset will help you get the most out of our hands-on challenges. Those interested in the CTF may want to brush up on common web vulnerability classes and basic scripting to hit the ground running.\n

Links:
    Website - https://www.bugbountydefcon.com/
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-bugbounty_v2.webp\''),(69,0,'DEF CON Hackers with Disabilities','','HDA','','','None','IRL','',NULL,NULL,'','','https://twitter.com/HDA_DEFCON','','','','','','',NULL,'','','','','','','','','',NULL,'',NULL),(70,0,'DEF CON Groups (DCG)','','DCG','','','None','','',NULL,NULL,'','','','','','','','','',NULL,'','','','','','','','','',NULL,'',NULL),(71,1,'Game Hacking Village','GameHacking.GG','GHV','https://gamehacking.gg/','','None','IRL','#orga_40967','','','','','https://youtube.com/@gamehackingvillage','https://x.com/GameHackingGG','https://instagram.com/gamehacking.gg','https://discord.com/invite/bNYz8Xws8j','','','',NULL,'','','','','','','LVCCW Level 1 Hall 1-211 (Game Hacking Village)','','
\r\n\r\n

GameHacking.GG

\r\n \r\n

\r\n\r\nWebsite\r\n

\r\n\r\n\"logo\r\n\r\n

Gaming and cybersecurity intersect in many exciting and interactive ways. Our mission is to delve into various aspects of game security, fostering an environment of exploration, play, and learning. At the Game Hacking Community, participants can engage in activities ranging from modding games to exploring the intricacies of memory hacking and multiplayer cheats and learning about game malware. Whether you\'re a beginner or an experienced hacker, we will have presentations and activities to challenge your skills. Be part of the evolution of game security. Dive into our activities, engage with other game hackers, and explore opportunities to contribute to and support the Game Hacking Community. Let\'s play, learn, exploit, and perhaps even profit. Our community focuses on learning and does NOT endorse cheating in competitive online games.

\r\n\r\n
','\'

A community dedicated to game security. Come play with hands-on reversing, modding, exploring, and exploiting games across various platforms. Our goal is to make game security accessible, learnable and playable for all skill levels. Game security is an exciting way to understand modern security concerns in a fun and interactive way.\n

\n
Prerequisites
\n
\n

Some content may require a laptop. Certain talks and workshops may have some base knowledge required, but we also offer game hacking 101 material as well to get started with no prior knowledge.\n

Links:
    Website - https://gamehacking.gg
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-gamehacking.webp\''),(72,1,'Malware Village','','MWV','https://malwarevillage.org/','','None','IRL','#orga_40968','','','','','https://x.com/MalwareVillage','https://www.linkedin.com/company/malwarevillage/','https://discord.com/invite/xQwqY48SrJ','','','','',NULL,'','','','','','','LVCCW Level 1 Hall 2-600 (Malware Village)','','
\r\n\r\n

Malware Village

\r\n \r\n

\r\n\r\nMastodon (@malwarevillage@defcon.social)\r\n | \r\nWebsite\r\n

\r\n\r\n\"Malware\r\n\r\n

Malware Village is dedicated to providing a safe and engaging environment for participants to learn and share knowledge about malware analysis. Our mission is to equip attendees with the skills, techniques, and historical context needed to understand, research, and combat malware. Participants will gain hands-on experience with real-world analysis techniques, guided by seasoned infosec professionals.

\r\n

Beyond technical training, Malware Village fosters a strong community where researchers, enthusiasts, and professionals can connect. We welcome everyone—whether you\'re an artist creating malware-inspired art, a hardware researcher discovering unexpected connections to malware analysis, or a seasoned analyst reminiscing about early malware history. Even children can explore malware through Malmons (Malware Monsters), making cybersecurity education more accessible.

\r\n

At its core, Malware Village is about uniting people—newcomers and experts alike—with a shared mission: understanding, analyzing, and defending against malware to protect society.

\r\n\r\n
','\'

Malware Village is dedicated to providing a safe and engaging environment for participants to learn and share knowledge about malware analysis. Our mission is to equip attendees with the skills, techniques, and historical context needed to understand, research, and combat malware. Participants will gain hands-on experience with real-world analysis techniques, guided by seasoned infosec professionals.\n

Village participants will have opportunities to immerse themselves in various aspects of malware-analysis under the guidance of (and supported by) experienced infosec professionals. Malware Village also provides participants opportunities to connect and network with infosec professionals and malware-analysis enthusiasts.\n

Beyond technical training, Malware Village fosters a strong community where researchers, enthusiasts, and professionals can connect. We welcome everyone—whether you\'re an artist creating malware-inspired art, a hardware researcher discovering unexpected connections to malware analysis, or a seasoned analyst reminiscing about early malware history.\n

\n
Prerequisites
\n
    \n
  • For talks, there is no requirement just come and learn\n
  • For workshops, an attendee will likely need the use of a laptop
\n
\nLinks:
    Website - https://malwarevillage.org
\n    Mastodon (@malwarevillage@defcon.social) - https://defcon.social/@malwarevillage
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-malware.webp\''),(73,1,'Maritime Hacking Village','','MHV','https://maritimehackingvillage.com/','','None','IRL','#orga_40969','','','','','https://x.com/maritimevillage','https://www.linkedin.com/company/maritimehackingvillage','','','','','',NULL,'','','','','','','LVCCW Level 1 Hall 2-703 (Maritime Hacking Village)','','
\r\n\r\n

Maritime Hacking Village

\r\n \r\n

\r\n\r\nWebsite\r\n | \r\nMastodon (@maritimehackingvillage@defcon.social)\r\n

\r\n\r\n\"placeholder\r\n\r\n

The Maritime Hacking Village (MHV) has set sail for LVCC to deliver the first and only immersive maritime hacking experience for you to learn what it takes to exploit and defend real-world maritime systems. Our mission is simple: we are creating a space for stakeholders to come together and navigate the changing tides in the maritime sector’s technological, geopolitical, and adversarial landscapes which demand ever-more-urgent collective action to address the systemic cybersecurity vulnerabilities in the systems which underpin global maritime defense and trade. Together we hack to facilitate the discovery and sharing of knowledge integral to the development of effective maritime cybersecurity policy, industry standards and regulations, vulnerability information sharing, cyber threat intelligence, and most importantly – a capable and trusted workforce and community-of-interest.

\r\n

Why? Maritime infrastructure is the backbone of the global economy and order. Countries, companies, and militaries all use the sea for power projection and commerce, but no single stakeholder controls the implementation of policies and regulations. Stakeholders unanimously agree that from machines, to systems, to governance, the maritime domain is fundamentally insecure. Still, seemingly insurmountable access barriers are preventing the security community, and anyone else, from doing anything to help.

\r\n

MHV has made it our purpose to eliminate these barriers – and to provide every human with the access and resources necessary to engage in maritime vulnerability research and cybersecurity innovation. Our village is a safe, shared space where the security community (elite hackers, trusted providers, and young talent alike) can develop and demonstrate their competence in attacking and defending real maritime systems – and where maritime industry stakeholders can engage with this community on neutral ground to grow their arsenals of knowledge, tools, trusted and capable providers, and fresh talent. We believe that this work together will create rising tides of awareness, information sharing, and innovation that will lift all ships and allow us to gradually secure the maritime sector.

\r\n\r\n
','\'

The Maritime Hacking Village (MHV) has set sail for Las Vegas to deliver the next evolution of our immersive maritime hacking experience for the participants of DEF CON 34 to learn what it takes to exploit and defend real-world maritime systems. Our mission is simple: we are creating a space for hackers, stakeholders, and policy makers to come together and navigate the changing tides in the maritime sector’s technological, geopolitical, and adversarial landscapes which demand ever-more-urgent collective action to address the systemic cybersecurity vulnerabilities in the systems which underpin global maritime defense and trade. \n

Maritime infrastructure is the undeniable backbone of our global economy and society as we know it. It is central to the supply chains for nearly all critical infrastructure -- and still, stakeholders unanimously agree that maritime systems (ships, ports, and maritime communication infrastructure) are some of the most digitally vulnerable, and that the sector has systemically under-invested in developing the policy, tools, and workforce necessary to change this. Evidently these are issues that require engagement with the security community to solve – but seemingly insurmountable access barriers prevent the security community, and anyone else, from doing anything to help – and so, as we see it, these access barriers have become the primary issue which stands in the way of progress.\n

MHV has made it our purpose to eliminate these barriers, and provide every human with the access and resources necessary to engage in maritime vulnerability research and cybersecurity innovation. Together we hack to facilitate the discovery and sharing of knowledge integral to the development of effective maritime cybersecurity policy, industry standards and regulations, vulnerability information sharing, cyber threat intelligence, and most importantly – a capable and trusted workforce. Our village is a safe, shared space where the security community (elite hackers, trusted providers, and young talent alike) can develop and demonstrate their competence in attacking and defending real maritime systems – and where maritime industry stakeholders can engage with this community to find trustworthy security professionals to help their cause, to discover tools and techniques to protect their systems, and to access a talent pipeline to feed their next-generation workforce. We believe that this work together will create rising tides of awareness, information sharing, and innovation that will lift all ships and allow us to gradually secure the maritime sector.\n

\n
Prerequisites
\n
\n

Ideally, participants will be familiar with using a terminal, the screen utility, basic /dev/tty devices, and wireshark. Beyond this, there are no hard prerequisites, but participating individuals and teams are encouraged to bring experience in the following areas to accelerate successful engagement in our more advanced hacking challenges: \n

    \n
  • CAN-based protocols, ex. CAN bus, J1939, NMEA2000. Familiarity using can-utils \n
  • Serial protocols, ex. Modbus (RS485 and tcp), NMEA0183 (RS422), and RS232\n
  • SDR/software defined radio - basic usage of gnuradio with HackRF or more advanced radio \n
  • Firmware/binary analysis and reverse engineering \n
  • Attacking WiFi (802.11) networks \n
  • Understanding of common radio frequency modulation schemes \n
  • Familiarity with LoRA and 802-based mesh networking
\nLinks:
    Mastodon (@maritimehackingvillage@defcon.social) - https://defcon.social/@maritimehackingvillage
\n    Website - https://maritimehackingvillage.com/
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-maritime.webp\''),(74,1,'Cryptocurrency Village','','CCV','https://www.cryptocurrencyvillage.cc/','','None','IRL','#orga_41359','','','','','','','','','','','',NULL,'','','','','','','LVCCW Level 1 Hall 2-702 (Cryptocurrency Village)','','The Cryptocurrency Community welcomes you to discover and develop your blockchain finance technology hacking skills. Learn the unique ways that cryptocurrency systems are attacked, defended, and secured while building new applications using testnet tokens. Meet hackers, be entertained, and get inspired to explore cryptocurrency where practical finance hacking for the public good is encouraged.\r\n\r\nOur mission prioritizes education of computing enthusiasts curious about the hype of cryptocurrency and our community discusses the challenges facing modern day finance technology. Workshops and challenges offer you the experience of mentored participation in a well equipped and comfortable environment. The community inclusively welcomes all cryptocurrency projects and their cousins from other blockchain based communities. Come hack with us!','\'

They told us blockchains were immutable, trustless, autonomous. Like a fortress of math and consensus. But every protocol hides a human fingerprint where math has edge cases, and consensus can be forked.\n

At the Cryptocurrency Village, we don’t just read the whitepaper — we set it on fire. You’ll discover how financial technology really works: by breaking it. Learn the unique ways cryptocurrency systems are attacked, defended, and secured. Whether you are looking to audit smart contracts, track illicit funds across chains, or analyze the cryptographic primitives powering decentralized networks, the Cryptocurrency Village offers a deep dive into the unique intersection of economics, math, and offensive security.\n

Win prizes in the Cryptocurrency Challenge, colocated within the village walls. Workshops and competitions provide a safe workspace and give the experience of mentored participation in a well‑equipped and comfortable environment. Visit the hackathon floor to witness teams building strange new financial tools, breaking assumptions, and pushing hardware and software beyond their intended limits.\n

From curious newcomers asking their first questions to seasoned cryptohackers hunting new exploits and allies, the Cryptocurrency Village is a meeting point for those drawn to the intersection of money, code, cryptography, and rebellion. It is a place to interrogate the financial systems that increasingly govern freedom, privacy, ownership, and trust itself. Get inspired to explore cryptocurrency where practical finance hacking for the public good is encouraged — even while wearing the red team jersey.\n

We inclusively welcome all cryptocurrency projects and their cousins across adjacent cryptographic and decentralized technology communities. Come hack with us. The testnet vault is waiting, and we’ve already left the door unlocked!\n

Links:
    Mastodon (@cryptocurrency@defcon.social) - https://defcon.social/@cryptocurrency
\n    Website - https://www.cryptocurrencyvillage.cc/
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/com-cryptocurrency.webp\''),(78,1,'Badgelife Village','','BLV','https://badge.life/','https://badge.life/','None','IRL','#orga_41349','','','','','https://reanimationxp.bsky.social/','https://github.com/badgelife/website','https://discord.gg/R4jGhTqJ3J','','','','',NULL,'','','','','','','LVCCW Level 1 Hall 1-209 (Badgelife Village)','','','\'

You asked for it and we\'re back again! The Badgelife Village (formerly Community) is a proper home for all things Badgelife on the con floor! Visit us to experience the Badgelife Museum, featuring hundreds of current and past community-made badges, SAO\'s, MiniBadges and more! Donate your own badges and SAOs you\'ve made or collected to the museum, and see them come back to con year after year.. or bring what you\'ve got to trade with the community via our \"\"take-one, leave-one\"\" SAO Trading Wall! Attend our in-person Badge Trading meetups to swap badges you\'ve already enjoyed for new creations!\n

If you\'re interested in creating Badges or SAOs yourself, we will have lots of interesting badge creators around showing off their work and giving training in the form of talks and workshops on their methodologies. Come learn from the best and meet your favorite creators at our various Badgemaker Meetups! Before and after con, visit our village at https://badge.life, where we\'re kicking off our online Badge Archive. Closer to con we\'ll post our schedule for any con workshops, talks or activities on the site as well, so check there for our meetup times and events. Hope to see you at the village!\n

Links:
    reanimationxp.bsky.social - https://reanimationxp.bsky.social
\n    Website - https://badge.life
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-badgelife.webp\''),(79,1,'Call Center Village','','CAV','https://www.callcentervillage.com/','','None','IRL','#orga_41429','','','','','https://defcon.social/@callcentervillage','https://github.com/callcentervillage','','','','','',NULL,'','','','','','','LVCCW Level 2 W218 (Call Center Village)','','','\'

Security teams have spent years hardening web-apps, email-gateways, and network-perimeters. Meanwhile, the phone line sitting on every receptionist\'s desk remains almost completely unmonitored. Nobody\'s deploying a firewall between a caller and the person who picks up. Caller ID authentication has made some progress, but the conversation itself? Wide open. \n

And now that AI-generated voices can pass for the real thing and automated agents are handling account resets and payment processing, that gap is getting a lot more interesting.Call Center Village is where voice security, conversational AI, and social engineering collide — across both voice and text channels.\n

Sit down at a workstation and synthesize a copy of your own voice with open-source tools running on a local GPU, or let our staff walk you through the process. Dig into voice pipelines, deepfake audio detection, and the arms race between the two. Wire up a working conversational AI agent — stitching together the real-time audio infrastructure, transcription, language model, and speech synthesis that make these systems speak.\n

On the text side, go after chatbot agents tasked with handling simulated customer interactions. Find the cracks in their system prompts, hijack conversation logic, and convince them to do things their developers never intended. Once you\'re ready, muster all your skills to take on our Escalation Desk CTF, the official Call Center Village contest at DEF CON 34. \n

We\'ve also got a collection of vintage telephones, prank extensions, chatty AI-agents, and a British-style telephone booth worth stopping by for. \n

No prior experience required. If you know how to make a phone call or type a message, you\'re already qualified. Equipment is provided, including laptops and ANC headsets - but you\'re more than welcome to bring your own devices.\n

Links:
    Mastodon (@callcentervillage@defcon.social) - https://defcon.social/@callcentervillage
\n    Website - https://www.callcentervillage.com
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-callcenter.webp\''),(82,1,'Maker\'s Village','','MKV','https://dcmakerscommunity.com/','','None','','#orga_41289','','','','','https://discord.gg/VBwjCCvqG','','','','','','',NULL,'','','','','','','LVCCW Level 1 Hall 1-301 (Makers\' Village)','','','\'

The Makers Village is an artistic, hands-on creative lab where DEF CON attendees can explore modern making as a form of hacking through design, experimentation, and fabrication. This space introduces participants to the tools and processes used in today’s maker movement — including 3D printing, digital design software, textile machines, laser etchers and cutting tools, two-part epoxy and resin work, and other creative fabrication techniques. Attendees can expect to learn how ideas move from concept to physical object while experimenting with materials, machines, and workflows in a supportive environment.\n

\n
Prerequisites
\n
\n

Makers of all experiences welcome. Learners under 18 need their responsible adult... or as responsible as DEF CON gets.\n

Links:
    Website - https://makersvillage.space
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/vlg-makers.webp\''),(83,1,'Scambait Village','','SBV','https://teamtda.org/','','None','IRL','#orga_41428','','','','','','','','','','','',NULL,'','','','','','','LVCCW Level 1 Hall 1-208 (Scambait Village)','','','\'

Learn the art of Scambaiting. Speak with experts in our community to get an introduction to the skills needed to better understand common scams & fraud. Explore ethical OSINT used to track criminal infrastructure and learn the Social Engineering tactics required for disrupting call center operations. We’ll cover the foundations of identifying victims, reporting to authorities, and safely navigating the world of counter-fraud. Stop hanging up and start learning how to hit back.\n

\n
Prerequisites
\n
    \n
  • Laptop or phone with internet connection to join sessions with live scam bait calls to listen or join in.
\n
\n
\'','','\'https://defcon.outel.org/defcon34/images/logos/cnt-scambait.webp\''); /*!40000 ALTER TABLE `villages` ENABLE KEYS */; UNLOCK TABLES; SET @@SESSION.SQL_LOG_BIN = @MYSQLDUMP_TEMP_LOG_BIN; /*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */; /*!40101 SET SQL_MODE=@OLD_SQL_MODE */; /*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */; /*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */; /*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */; /*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */; /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */; /*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */; -- Dump completed on 2026-07-12 2:32:18