skip to main content

DEF CON 27 Hacking Conference

Contests & Events

Contests & Events

Contests | Events


Contests


AI Village CTF

Contest | Location: AI Village

Do you want to test your mettle at security machine learning? Want to try your hand at detecting spam and malware? Or do you want to attack the spam filter or next gen AV? Or even attack the AI itself. The AI Village CTF is here for all your red & blue AI needs. There is a challenge for everyone and a learning curve for beginners. We also have cutting edge problem for experts to try their hands at.

More Info: http://aivillage.org
DEF CON Forums: https://forum.defcon.org/node/227728

Back to top



Beverage Cooling Contraption Contest

Contest | Location: Contest Stage (PH Mezzanine)
Friday: 1300-1500

Trump is trumping, Theresa May is waffling, Vladimir Putin is meddling, Xi Jinping reeducating, Angela Merkel is resigning, but worst of all the beverage isn't cooling! I've tried everything! I built a wall around it! I posted misleading information on social media about it! I locked it in a closet and sang inspiring nationalistic songs at it for five hours! I tried to convince it to just be cold but gave up! Nothing is working!

The BCCC returns to DEFCON bringing warm beverage somebody needs to make cold. That somebody could be you! Didn't bring a contraption? No problem! You can enter the hacked category and only compete against others who build their contraption at the convention. The BCCC is a light hearted contest with a crazy yet easy going atmosphere. We are always looking for new faces and hope to see you there!

More Info: https://bcccweb.wordpress.com/
DEF CON Forums: https://forum.defcon.org/node/227730

Back to top



Car Hacking Village CTF

Contest | Location: Car Hacking Village

Come learn, hack, play at the Car Hacking Village. The village is an open, collaborative space to hack actual vehicles that you don't have to worry about breaking! Don't have tools? We'll loan you some. Never connected to a car? We'll show you how. Don't know where the controllers are? We'll show you how to take it apart.

Additionally we'll host a Donkey Car race. Check out our web site for up to date info.

Want to race? Check out of full car simulator(s).

Want to learn more about automotive hacking and cyber security? Check out our talks.

Want to hack mobility scooters? Yes! We'll do that to.

Also, check out the CHV CTF.

More Info: http://www.carhackingvillage.com
DEF CON Forums: https://forum.defcon.org/node/226665
Twitter: @CarHackVillage

Back to top



CMD+CTRL CyberRange

Contest | Location: Contest Floor (PH Celebrity Ballroom)
Friday: 1000-2100, Saturday: 1000-2100, Sunday: 1000-1200

CMD+CTRL is unleashing two new vulnerable apps at DEFCON 27, these aren’t your grandfather’s CTFs. We’ve created an Android app and a tough client side JS app & API ready to be hacked.

As always, CMD+CTRL challenges are automatically detected and scored, awarding points with every successful exploit. There are over 100 different challenges, including authentication vulns, cipher cracking, OWASP Top 10 weaknesses, and more. There are basic challenges and getting started guides for beginners, as well fortified defenses that will challenge even the most clever hackers.

Come apply your Red Team kung fu on the latest AppSec Cyber Range!

Twitter: @SecInnovation

Back to top



Coindroids

Contest | Location: Contest Floor (PH Celebrity Ballroom)
Friday: 1000-2100, Saturday: 1000-2100, Sunday: 1000-1200

The year is 20X5 and humanity has fallen: now there are only Coindroids. The machines we designed to manage our finances have supplanted and destroyed the human race by turning our own economy against us. Now they battle each other in the ruins of our fallen cities, driven by a single directive: money is power.

Battle your way to the top of the leaderboard through manual labor or the sweet power of automation.

New to cryptocurrencies? No DEFCOIN to play with? Not a problem! Just come visit our booth in the contest area and we can help get you started.

More Info: https://www.coindroids.com
DEF CON Forums: https://forum.defcon.org/node/227724
Twitter: @coindroids

Back to top



Crack Me If You Can

Contest | Location: Contest Floor (PH Celebrity Ballroom)
Friday: 1000-2100, Saturday: 1000-2100, Sunday: 1000-1200

As a part of authorized penetration tests of companies' internal corporate networks and external websites, you have captured a large number of password hashes and some encrypted files of various types. You owned the firmware of some weird devices, and got hashes. You found corrupted backups with partial password hashes in them. You found password-protected ZIP and RAR files and you want to know whats inside. You were able to do a SQL injection, and extract the users' hashes from the database. But now, you have to crack all these hashes.

In it's 8th year, Crack Me If You Can (CMIYC) is the premiere password cracking contest. We challenge teams of the world's best password crackers. And force them to share their knowledge, tips, and tricks with the community. The challenges presented in the 2010 contest are now trivial and easily completed by even a novice password cracker. So, in 2019, we hope to introduce new challenges that will continue to push the boundaries of what is possible with password recovery.

The contest is geared in a way so that even beginner password crackers will get some points, and hopefully learn along the way.

Fire up your GTX 3080 Tis and EC2 clusters. Ask your boss for time on that super computer your company has. Buy a CRAY on ebay. Email your college professor and ask for your account to be re-enabled on the cluster. Get a few extra box fans. You are going to need it all. Stop wasting your GPUs on playing FortNight, there are passwords to crack!

More Info: https://contest.korelogic.com/
DEF CON Forums: https://forum.defcon.org/node/227733
Twitter: @crackmeifyoucan

Back to top



Creative Writing Short Story Contest

Contest | Location: Online

The DEF CON Short Story contest is a pre-con contest that is run entirely online utilizing the DEF CON forums. This contest follows the theme of DEF CON for the year and encourages hackers to roll up their sleeves and write the best creative story that they can. The Short Story Contest encourages skills that are invaluable in the hacker’s world, but are sometimes overlooked. Creative writing in a contest setting helps celebrate creativity and originality in arenas other than hardware or software hacking and provides a creative outlet for individuals who may not have another place to tell their stories.

This year's winners:
1st Place: "Dye Sublimation" by Selene Sun
2nd Place: "Parsnips" by David Hash Miller
People's Choice: "Red Balloons over China" by FengJiu

More Info: May 1, 2019 - June 15, 2019
DEF CON Forums: https://forum.defcon.org/node/227709
Twitter: @dcshortstory

Back to top



DarkNet Project

Contest | Location: Contest Floor (PH Celebrity Ballroom)
Friday: 1000-2100, Saturday: 1000-2100, Sunday: 1000-1200

The DarkNet project is an online and in person game in which players interact with an chat bot that sends them on quests which teach as well as challenge them. Technical challenges related to hacking and security are the most prominent. Each quest line requires the players to work independently or together to solve puzzles, research ciphers, learn new technologies such as PGP or Tor in order to gain points and progress. Many, but not all, of our quests have an in-person component -- we have in the past had a lock picking challenge box at our table, an RFID reader challenge, and badge kits that are involved in making progress in certain parts of the game. We collaborate with other Events, Villages and Contests to share content and send people around DefCon to learn new things -- almost like a mini-DC101 program with a game around it.

More Info: https://dcdark.net
DEF CON Forums: https://forum.defcon.org/node/227711
Twitter: @DCDarknet

Back to top



DEF CON Beard Contest

Contest | Location: Contest Stage (PH Mezzanine)
Saturday: 1300-1500

The annual celebration of facial hair at DEF CON. There are four categories for entry:

Full Beard - meant for the truly hairy and bearded.
Partial Beard - For those sporting Van Dykes, Goatees, Mutton Chops, and more.
Mustache Only - Bring us your handlebars, Fu Manchus, or whatever else adorns your upper lip.
Freestyle - Anything goes, the wilder the better.

So fertilize your face and join us. Sign-up early via https://goo.gl/forms/cSb3p5A7A0HWd3wG2 or sign-up on site. No more than 2 categories per contestant please.

More Info: http://www.dcbeard.com
DEF CON Forums: https://forum.defcon.org/node/227712

Back to top



Defcon Ham Radio Fox Hunting Contest

Contest | Location: HAM Radio Village (Flamingo)
Friday: 1000-2100, Saturday: 1000-2100, Sunday: 1000-1200

In the world of amateur/ham radio, groups of hams will often put together a transmitter hunt (also called "fox hunting") in order to hone their radio direction finding skills to locate one or more hidden radio transmitters broadcasting. The Defcon Fox Hunt will require participants to locate a number of hidden radio transmitters broadcasting at very low power which are hidden throughout the conference. Each transmitter will transmit on a different frequency, requiring them to "hunt" for transmissions.

Each transmitter when located will have a small message encoded next to the transmitter, which will decode to a unique web address which will contain a flag. Finding the flag will verify they have found the transmitter.

Each day the transmitters will be moved to new locations and a new flag will need to be found.

Scores will be kept for each day, with a daily winner, and an all-round winner. Participants will receive a ham radio themed participation ribbon, and daily winners and all-round winners (1st - 3rd place) will get this year's engraved silly trophy. A map with rough search areas will be given to participants to guide them on their hunt. Additional hints and tips will be provided throughout Defcon to help people who find themselves stuck.

More Info: http://defcon26foxhunt.com/
DEF CON Forums: https://forum.defcon.org/node/227734

Back to top



Defcon Scavenger Hunt

Contest | Location: Contest Floor (PH Celebrity Ballroom)
Friday: 1000-2100, Saturday: 1000-2100, Sunday: 1000-1200

It is the distant dystopian future, the year 2019; Las Vegas, Nevada. You have been tasked with collecting as much as possible from our list; including a Nexus 6, a synthetic owl, and a Sean Young blow-up doll. Let nothing stand in your way. Be it replicant, retire them; be it goon, beer them. Your time is limited, go now, you have only from 10AM Friday until noon on Sunday. Find us in the contest area to administer your submissions; be advised trigger warnings are in full effect.

More Info: http://defconscavhunt.com
DEF CON Forums: https://forum.defcon.org/node/227658
Twitter: @defconscavhunt

Back to top



Drunk Hacker History

Contest | Location: Contest Stage (PH Mezzanine)
Saturday: 2200-2400

One night only at DEF CON 27, Drunk Hacker History is back by popular demand for a 5th triumphant year! The past four years proved to the entire planet that in the game of intoxicated nostalgic recall, there are no losers and those who won, lost. The DEF CON community has a history of sorts. It is a history is filled with mephitic adventures, quarter-truths, poor life choices, incontinence, and various forms of C2H6O. This year, we will journey to the land of the shadows to extract some of the most celebrated, exaggerated and entertaining moments in Hacker History through the interpretation of a group of well-trained participants. In the end, we will, again, crown the Drunkest Hacker in History and you, the audience, will rejoice! Hosted by c7five & jaku, if you like eating from candy from Japan, deli meat sliced by a sword, Orange Whips, and feats of strength, you won’t want to miss the return of Drunk Hacker History! Presented in DEF CON 4D, 5G, GPRS and made possible by a grant from https://ghost.express. Note: If you arrive early, you might enjoy the festive dancing, music and handfuls of Cinnamon Life cereal. Yum!

DEF CON Forums: https://forum.defcon.org/node/227713
Twitter: @DrunkHackerHist

Back to top



Dungeons@Defcon

Contest | Location: Contest Floor (PH Celebrity Ballroom)
Friday: 1000-2100, Saturday: 10:00-20:00, Sunday: 1000-1200

Dungeons@Defcon is an RPG style puzzling campaign for 1-4 players. - .... . .-. . / .. ... / - .-. . .- ... ..- .-. . / - --- / -... . / ..-. --- ..- -. -..

More Info: dungeonsatdefcon.com
DEF CON Forums: https://forum.defcon.org/node/227714

Back to top



EFF Tech Trivia

Contest | Location: Contest Stage (PH Mezzanine)
Friday: 1700-1900

EFF's team of technology experts have crafted challenging trivia about the fascinating, obscure, and trivial aspects of digital security, online rights, and Internet culture. Competing teams will plumb the unfathomable depths of their knowledge, but only the champion hive mind will claim the First Place Tech Trivia Cup and EFF swag pack. The second and third place teams will also win great EFF gear. * For this year we have updated the trivia to reflect the latest in security and make it even better!

More Info: https://eff.org
DEF CON Forums: https://forum.defcon.org/node/227725
Twitter: @eff

Back to top



Hack the Plan[e]t

Contest | Location: ICS Village

Hack the Plan[e]t Capture the Flag (CTF) contest will feature Howdy Neighbor and the Industrial Control System (ICS) Range. This first of its kind CTF will integrate both Internet of Things (IoT) and ICS environments with interactive components for competitors to test their skills and knowledge.

Howdy Neighbor is an interactive IoT CTF challenge where competitors can test their hacking skills and learn about common oversights made in development, configuration, and setup of IoT devices. Howdy Neighbor is a miniature home - made to be “smart” from basement to garage. It’s a test-bed for reverse engineering and hacking distinct consumer-focused smart devices, and to understand how the (in)security of individual devices can implicate the safety of your home or office, and ultimately your family or business. Within Howdy Neighbor there are over 18 emulated or real devices and over 40 vulnerabilities that have been staged as challenges. Each of the challenges are of varying levels to test a competitors ability to find vulnerabilities in an IoT environment. Howdy Neighbor’s challenges are composed of a real or simulated devices controlled by an App or Network interface and additional hardware sensors; each Howdy Neighbor device contains 1 to 3 staged vulnerabilities which when solved present a key for scoring/reporting that it was discovered.

In the same vein, this CTF challenge will also leverage the ICS Village’s ICS Range to provide an additional testbed for more advanced challenges in critical infrastructure and ICS environments.

More Info: https://www.icsvillage.com
DEF CON Forums: https://forum.defcon.org/node/227732
Twitter: @ics_village

Back to top



Hacker Jeopardy

Contest | Location: Contest Stage (PH Mezzanine)
Friday: 2000-2200, Saturday: 20:00-22:00

DEFCON's longest running show Hacker Jeopardy turns 25 this year, and it's going to be HUUUGE! For our Silver Anniversary, we conducted qualifying rounds around the world and invited the winners. Three teams of three will compete in this hilarious parody game, with additional points awarded for beer consumed. Anything can happen on stage (we even had a marriage proposal!) -- you just gotta be there (our sponsors give away AWESOME swag.) Adult-themed, this show is not for minors and emotionally sensitive persons. We're offended if you're not offended. Be there. Aloha

More Info: www.hackerjeopardy.com
DEF CON Forums: https://forum.defcon.org/node/227657
Twitter: @hackerjeopardy

Back to top



Hackfortress

Contest | Location: Contest Floor (PH Celebrity Ballroom)
Friday: 1000-2100, Saturday: 1000-2100, Sunday: 1000-1200

Hackfortress is a unique blend of Team Fortress 2 and a computer security contest. Teams are made up of 6 TF2 players and 4 hackers, TF2 players duke it out while hackers are busy solving puzzles. As teams start scoring they can redeem points in the hack fortress store for bonuses. Bonuses range from crits for the TF2, lighting the opposing team on fire, or preventing the other teams hackers from accessing the store.

More Info: http://hackfortress.net
DEF CON Forums: https://forum.defcon.org/node/227715

Back to top



H@ck3r Runw@y

Contest | Location: Contest Stage (PH Mezzanine)
Friday: 1000-2100, Saturday: 1000-2100, Sunday: 1000-1200

In the times I’ve been to Defcon, I’ve seen a lot of cool styles around the conference and at the parties. People with brooches that counted handshakes, skirts with interactive LEDs, etc. This contest is to celebrate all of the cyber fashionistas out there. Whether it’s something that lights up, interactive, multipurpose, or just geeky but aesthetically pleasing. Items entered can be in the form of clothing, shoes, jewelry or accessories. Participants can predesign their entry or create something on site during Defcon as long as it’s before final votes.

There are four (4) categories for predesign and one (1) for anything designed during contest hours:

§ Digital (electronic, led, etc)
§ Smart wear (interactive, temperature sensing, mood changing, etc)
§ Aesthetics (3d printed, geeky wear, passive design)
§ Physical security (lock picks, shims, card skimmers)
§ Live creations

Entries will be judged based on the following criteria:

§ Uniqueness
§ Trendy
§ Practical
§ Couture
§ Creativity
§ Relevance
§ Originality
§ Presentation
§ Mastery

Twitter: @Hack3rRunway

Back to top



Homebrew Hardware Contest

Contest | Location: Contest Stage (PH Mezzanine)
Saturday: 1500-1700

Are you fulfilling the promise of tomorrow's technology today? Are you etching circuit-boards in your lab, or soldering in a toaster oven in your garage? Are you hosting a MUD on your helmet, or making malicious USB hardware? Did you make something to help you in your every day life, a unique wearable, or something really nefarious?

We want to see the awesome things you've been building over the last year. The HomebrewHardware competition is a place to showcase your skill, techniques, and project.
Rules:
1. Bring your hardware, and proof of how you made it (video, pictures, etc.)
2. Each entry will be given 5 minutes to discuss what they built, how they built it, and show a practical demonstration.
3. A panel of judges will rank entries based on a number of categories including: innovativeness, construction techniques, utility, and aesthetics.
4. Prizes will be awarded for 1st, 2nd, and 3rd place.
5. Entries can submit early (watch our twitter) but must be present to talk through their hardware on stage.
6. Entries can be teams or individuals.
7. Entries can leverage commercial parts and gear, but should strive to meet the spirit of homebrew!
8. No badges, please. We <3 badgelife, but there are already some awesome contests for them.

DEF CON Forums: https://forum.defcon.org/node/228300
Twitter: @homebrewharwa1

Back to top



Hospital Under Siege

Contest | Location: BioHacking Village

Adversaries have gained a foothold in your local hospital and are increasing their control over clinical systems and medical devices. Soon they make it clear they’re not after patient records or financial information, but are out to disrupt care delivery and put patients lives at risk. Your team received an urgent request to use your blue, red, and purple team skills to defend against the escalating attacks, attempt to unmask the adversary, and - above all - protect patient lives.

Hospital Under Siege is a scenario-driven Capture the Flag contest run by the Biohacking Village, pitting teams of participants against adversaries and against a clock, to protect human life and public safety. Participants will compete against each other on both real and simulated medical devices, in the fully immersive Biohacking Village: Device Lab, laid out as a working hospital. Teams of any size are welcome, as are players from all backgrounds and skill levels. Challenges will be tailored for all skill levels and draw from expertise areas including forensics, RF hacking, network exploitation techniques, web security, protocol reverse engineering, hardware hacking, and others. You will hack actual medical devices and play with exotic protocols like DICOM, HL7 and FHIR.

More Info: https://www.vilageb.io
DEF CON Forums: https://forum.defcon.org/node/228301
Twitter: @dc_bhv

Back to top



Maps of the Digital Lands

Contest | Location: Contest Floor (PH Celebrity Ballroom)
Friday: 1000-2100, Saturday: 1000-2100, Sunday: 1000-1200

This is a contest where contestants will draw a diagram of the provided network scenarios within the time allotted and judges will determine the winners based on feasibility, practicality, readability, whether or not the key components have been included and clearly identified, and most importantly the least amount of room for hackers to take over their proposed network. Prizes will be awarded for the best of each scenario which will all have increasing difficulties.

DEF CON Forums: https://forum.defcon.org/node/228302

Back to top



OpenCTF

Contest | Location: Contest Floor (PH Celebrity Ballroom)
Friday: 1000-2100, Saturday: 1000-2100, Sunday: 1000-1200

OpenCTF, a hacking contest built on the principle of inclusion with challenges for all skill levels, is returning to DEFCON this year under new management. OpenCTF will continue to be open to all, so if you're new to CTF come talk to us and we'll help you get started or find a team, but bring your dedication if you aspire to win. Neg9, long time players and former winners, will be organizing and hosting the contest. Get ready for the next level!

DEF CON Forums: https://forum.defcon.org/node/227729

Back to top



OpenSOC Blue Team CTF

Contest | Location: Blue Team Village

OpenSOC is a Digital Forensics, Incident Response (DFIR), and Threat Hunting challenge meant to teach and test practical incident response skills in an environment that closely resembles a real enterprise network. This virtual environment is a scaled down version of what you would find in an enterprise network, including: workstations, servers, firewalls, email, web browsing, user activity, etc. Simulated users are browsing the Internet, downloading files, watching videos, and accessing LAN resources. This creates a high fidelity training environment for unleashing real-world attacks and testing a responder’s ability to filter out the noise and find malicious activity on the network.

This isn’t just another CTF. We’ve built this platform to train real-world responders to handle real-world situations.

What’s even better? 100% of the security tools demonstrated on OpenSOC are FREE and OPEN SOURCE! These projects include Wazuh + ossec, Kolide + osquery, Suricata, Snort, Moloch, OPNsense, pfSense and Graylog bringing it all together in an awesome way.

The Challenge:

• Given an initial IOC’s (indicator of compromise (or pivot point)), identify attacks that are being carried out against and within the enterprise environment.
• Trace the attackers throughout the kill chain, submitting key IOCs and observables to the scoreboard as you reveal their tactics.
• Reverse engineer any artifacts connected to hostile activities.
• Perform forensics analysis on PCAPs (Packet Captures), memory images, etc.

Win awesome prizes, learn new skills, and get experience with some of the best OPEN SOURCE tools for SecOps!

More Info: https://opensoc.io
DEF CON Forums: https://forum.defcon.org/node/228303
Twitter: @recon_infosec

Back to top



OSINT CTF for Missing Persons

Contest | Location: Contest Floor (PH Celebrity Ballroom)
Friday: 1000-2100, Saturday: 1000-2100, Sunday: 1000-1200

Want to help solve actual crimes? Want be the hero that brings home a loved one?

Join us for the 2nd year of the OSINT CTF for Missing Persons Challenge!

Each day we will present 8 real missing persons for you to track and submit open source intelligence into our CTF platform.

Prizes awarded at the end of each day include a virtual training voucher from the highly respected Michael Bazzell of Intel techniques as well as licenses for Hunchly, the software every OSINT operator needs.

This is fantastic opportunity to get into the OSINT community, learn intelligence gathering and to become a hero.

Get your team together and join us at the Trace Labs table in the contest area to get started.

If you want to get familiar with Trace Labs, our community and the CTF, sign up here and we will answer any of your questions on our Slack channel: https://www.tracelabs.org/accounts/register/updated description

More Info: www.tracelabs.org
DEF CON Forums: https://forum.defcon.org/node/228304
Twitter: @tracelabs

Back to top



Red Alert ICS CTF

Contest | Location: Contest Floor (PH Celebrity Ballroom)
Friday: 1000-2100, Saturday: 1000-2100, Sunday: 1000-1200

Red Alert ICS CTF is based on ICS test bed (simulation) so all participant can hack actual devices in ICS/SCADA environment. We create virtual SCADA environment in order for participants to penetrate several layers of security to gain points, and eventually gain control of SCADA system. Some challenges includew Bypassing Airgap, ICS protocols and PLC & HMI softwares, Forensics, and Cyber Incidents (including classic and basic challenge, reversing and web).

More Info: http://icssecurity.net/ctf
DEF CON Forums: https://forum.defcon.org/node/227727

Back to top



Schemaverse

Contest | Location: Contest Floor (PH Celebrity Ballroom)
Friday: 1000-2100, Saturday: 1000-2100, Sunday: 1000-1200

The Schemaverse [skee-muh vurs] is a space battleground that lives inside a PostgreSQL database. Mine the hell out of resources and build up your fleet of ships, all while trying to protect your home planet. Once you're ready, head out and conquer the map from other DEF CON rivals. New this year, time travel!

This unique game gives you direct access to the database that governs the rules. Write SQL queries directly by connecting with any supported PostgreSQL client or use your favourite language to write AI that plays on your behalf. This is DEF CON of course so start working on your SQL Injections - anything goes!

More Info: https://schemaverse.com
DEF CON Forums: https://forum.defcon.org/node/227718
Twitter: @schemaverse

Back to top



SECTF

Contest | Location: SE Village

Description Coming Soon

Back to top



SECTF4Kids

Contest | Location: SE Village

Description Coming Soon

Back to top



SECTF4Teens

Contest | Location: SE Village

Description Coming Soon

Back to top



Secure Code Review Challenge

Contest | Location: AppSec Village

Secure Code Review is an important “tool” in an AppSec practitioners tool box. This contest aims to challenge contestants on performing Secure Code Review and crown someone supreme Secure Code Reviewer. Contestants will be asked questions after being presented with merge requests taken from Open Source projects where a confirmed vulnerability has been addressed or CVE descriptions.

More Info: http://www.appsecvillage.org/
DEF CON Forums: https://forum.defcon.org/node/228305
Twitter: @AppSec_Village

Back to top



SOHOpelessly Broken

Contest | Location: IoT Village

A DEFCON 24-26 Black Badge Village CTF, players compete against one another by exploiting off-the-shelf IoT devices. These 25+ devices all have known vulnerabilities, but to successfully exploit these devices requires lateral thinking, knowledge of networking, and competency in exploit development. CTFs are a great experience to learn more about security and test your skills, so join up in a team (or even by yourself) and compete for fun and prizes! Exploit as many devices as you can across three network segments. The top three teams will be rewarded.

Zero-Day Contest
The Zero-Day contest is focused on the discovery and demonstration of new exploits (0-day vulnerabilities). This track relies on the judging of newly discovered attacks against connected embedded electronic devices. Devices that are eligible for the contest can be found at https://www.sohopelesslybroken.com/contests.php#0day The winners who score the highest on their judged entries will be rewarded with prizes. Contestants will need to provide proof that they disclosed the vulnerability to the vendor.

More Info: http://www.sohopelesslybroken.com
DEF CON Forums: https://forum.defcon.org/node/227731
Twitter: @sohobroken

Back to top



SpellCheck: The Hacker Spelling Bee

Contest | Location: Contest Stage (PH Mezzanine)
Friday: 1500-1700

A year ago, under dystopian conditions, one worthy speller lifted the champion’s belt above her head. The ascent of that gleaming trophy parted the clouds of confusion and brought with it the promise of a new day. Through the bee, the Cybersecurity Style Guide strengthened the emerging union between humans and technology. Now, that hope-filled guide has spawned an itty-bitty helper — a fierce little dictionary to augment your word processor’s native spell check list.

In celebration of a blossoming age of digital-analog cooperation, we’re taking time this golden summer to revisit the high drama and awkward humor of the good old-fashioned spelling bee.

We’ll use the most recent version of the Cybersecurity Style Guide for the official spelling of each term. Rounds will increase in difficulty and eventually include saying proper capitalization out loud for tricky everyday terms and rare attack vectors alike.

25 challengers can compete! Sign up in advance by emailing style@bishopfox.com before August 7, or just come to the event a little early and volunteer on the spot. All spellers will get participation badges, and the winner will receive a unique prize.

It’s a lovely day. Take a stroll with us down random-access memory lane.

More Info: http://cybersecuritystyleguide.com
DEF CON Forums: https://forum.defcon.org/node/227735

Back to top



Spy Contest (Who's the Best Social Engineer)

Contest | Location: Contest Floor (PH Celebrity Ballroom)
Friday: 1000-2100, Saturday: 1000-2100, Sunday: 1000-1200

This contest is trying to figure out which individual or team is the best social engineer in the DEFCON kingdom. You will receive a URL used to generate points for your score. Using any means necessary via social engineering (aka Phishing, Phone Calls, Physical Face-to-Face Requests, etc.), your goal is to generate the highest number of unique visits to your URL from DEFCON attendees. There will be extra points awarded for specifically named “Monsters” such as DEFCON staff, specific high profile individuals, etc.

DEF CON Forums: https://forum.defcon.org/node/228306

Back to top



Back to top



TeleChallenge

Contest | Location: Contest Floor (PH Celebrity Ballroom)
Friday: 1000-2100, Saturday: 1000-2100, Sunday: 1000-1200

Would you like to play a game? The TeleChallenge is a fully immersive puzzle challenge. Playable via your phone, the Challenge combines real-world clues with phreakable systems in an epic battle of wits and skill. While anyone with a phone can play, this is not a simple Challenge. Winning will require an intense level of dedication from you and your team. See you on the game grid!

More Info: https://telechallenge.org
DEF CON Forums: https://forum.defcon.org/node/227720
Twitter: @telechallenge

Back to top



The d(struction)20 CTF

Contest | Location: Contest Stage (PH Mezzanine)
Saturday: 1100-1300

Are you tired of CTFs where contestants' computers aren't in danger of being smashed with a sledgehammer by a person wearing a hot dog costume? Do normal CTFs that don't decide the fate of their competitors at random with a novelty oversized 20-sided die bore you? Then come see the only CTF where the stack isn't the only thing being smashed:

The d(struction)20 CTF!

Part CTF, part lemon race, part game show, part demolition derby, the D(struction)20 CTF is a contest to build an affordable, low-cost, usable, and powerful hacking platform, and compete with it! Periodically during the competition, a random contestant from the leaderboard will be chosen to roll the d20 of Destruction to decide what will happen to their rig. If they're very lucky, they roll a natural 20 and no damage will be inflicted! Otherwise, the d20 of Destruction will decide what type of damage will be done to their rig. If the rig survives their chosen fate, the contestant may continue playing, but either way, rolling the d20 of Destruction results in a big point bonus that may make the difference between winning and losing, even if the rig is destroyed in the process!

DEF CON Forums: https://forum.defcon.org/node/227710
Twitter: @d20ctf

Back to top



Back to top



Threat Modeling Challenge

Contest | Location: AppSec Village

Threat Modeling is arguably the single most important activity in an application security program and if performed early can identify a wide range of potential flaws before a single line of code has been written. While being so critically important there is no single correct way to perform Threat Modeling, many techniques, methodologies and/or tools exist. As part of our challenge we will present contestants with the exact same design and compare the outputs they produce against a number of categories in order to identify a winner.

More Info: http://www.appsecvillage.org/
Twitter: @AppSec_Village

Back to top



Tinfoil Hat

Contest | Location: Contest Floor (PH Celebrity Ballroom)
Friday: 1000-2100, Saturday: 1000-2100, Sunday: 1000-1200

NSA Mind control rays have you down? Those pesky grays trying to control your neural cortex? Fear not, for we here at the Tinfoil Hat contest have your back. Come find us in the contest area, and we'll have you build a Tinfoil hat which is guaranteed to provide top quality protection for your noggin. How you ask? SCIENCE!

Show us your skills by building a tin foil hat to shield your subversive thoughts. There are 2 categories: stock and unlimited. The hat in each category that causes the most signal attenuation will receive the "Substance" award for that category. We all know that hacker culture is all about looking good, though, so a single winner will be selected from each category for “Style”. Finally, a single overall winner will be selected from all combined categories for “Style and Substance”.

DEF CON Forums: https://forum.defcon.org/node/227736
Twitter: @dc_tin_foil_hat

Back to top



warl0ck gam3z CTF

Contest | Location: Contest Floor (PH Celebrity Ballroom)
Friday: 1000-2100, Saturday: 1000-2100, Sunday: 1000-1200

warl0ck gam3z CTF is a hands-on 24/7 throw-down, 3 time black badge hacker competition, focusing on areas of physical security, digital forensics, hacker challenges and whatever craziness our exploit team develops. This is an online framework so participants can access it regardless of where they are or what network they are connected to via laptop, netbook, tablet or phone.

Most challenges require participants to download something that pertains to the problem at hand and solve the challenge using whatever tools, techniques or methods they have available.There are a multitude of point gainers on and off the game board. Extra point gainers will randomly appear on the game board in the form of The Judge, Bonus Questions, Free Tokens, One Time Tokens, Movie Trivia Quotes, Scavenger Hunts (online and onsite), Lock Picking (onsite) and Flash Challenges. Be careful of the 50/50 Token which may add or subtract points to your score.

The game board contains a scoring area so participants can view current standings. There is always on onsite/online moderator to assist participants that may be experiencing issues as well. All events highlights that occur on the game board are sent o to Twitter as they happen. Additionally, our Facebook site will be populated with information regarding the challenge and the current state of events.

More Info: https://www.facebook.com/Gam3zInc
DEF CON Forums: https://forum.defcon.org/node/227721
Twitter: @gam3z_inc

Back to top



Whose Slide Is It Anyway?

Contest | Location: Contest Stage (PH Mezzanine)
Friday: 2200-2400

The What: “Whose Slide Is It Anyway?”” is an unholy union of improv comedy, hacking and slide deck sado-masochism.

The How:
Our team of slide monkeys will create a stupid amount of short slide decks on whatever nonsense tickles our fancies. Slides are not exclusive to technology, they can and will be about anything. Contestants will take the stage and choose a random number corresponding to a specific slide deck. They will then improvise a minimum 5 minute / maximum 10 minute lightning talk, becoming instant subject matter experts on whatever topic/stream of consciousness appears on the screen.

The Why:
Whether you delight in the chaos of watching your fellow hackers squirm or would like to sacrifice yourself to the Contest Gods, it’s a night of schadenfreude for the whole family. Sign ups will be the day of the contest with some special ways to secure your spot early.

New This Year:
Battle of Champions! Anyone who has won a version of Whose Slide at other conferences during the last year will compete against our previous Vegas champs in a Slide Slaughter Royale.

Guerrilla Talks. Have portable projector and sound, will travel. :)

More Info: http://www.improvhacker.com
DEF CON Forums: https://forum.defcon.org/node/227722

Back to top



Wireless Capture the Flag

Contest | Location: Wireless Village

Do you have what it takes to hack WiFi, Bluetooth, and Software Defined Radio (SDR)?

RF Hackers Sanctuary (the group formerly known as Wireless Village) is once again holding the Wireless Capture the Flag (WCTF) at DEF CON in the Wireless Village.

We cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The WCTF can be completely done with a little knowledge, a pentester’s determination, and $50 or $5000 worth of equipment. The key is to read the clues and determine the goal of each challenge. Each WCTF event begins with a presentation: How to WCTF. There will be clues everywhere, and we will provide periodic updates. Make sure you pay attention to what’s happening at the WCTF desk, on Twitter: @wctf_us,@rfhackers, and the interwebz, etc. If you have a question ASK! We may or may not answer at our discretion.

FOR THE NEW FOLKS

Bring your laptop, wifi dongles, SDR, Bluetooth, IR, and anything else you think may help.

Read the presentations at: http://wctf.us/resources.html
Check out the resources at: http://sdr.ninja/training-events/sdr-wctf/
Read the Blog at: https://wirelessctf.blogspot.com/
Follow on Twitter: @wctf_us, @WIFI_Village, and @rfhackers

More Info: https://wctf.us/
DEF CON Forums: https://forum.defcon.org/node/228630
Twitter: @wctf_us

Back to top



Events


8th Annual DEF CON Bike Ride

Event | Location:
Friday: 0600-0600

At 6am on Friday, the @cycle_override crew will be hosting the 8th Defcon Bikeride. We'll meet at a local bikeshop, get some rental bicycles, and about 7am will make the ride out to Red Rocks. It's about a 15 mile ride, all downhill on the return journey. So, if you are crazy enough to join us, get some water, and head over to cycleoverride.org for more info. See at 6am Friday! @jp_bourget @gdead @heidishmoo. Go to cycleoverride.org for more info.

More Info: cycleoverride.org
DEF CON Forums: https://forum.defcon.org/node/227740
Twitter: @cycle_override

Back to top



DEAF CON Meetup

Event | Location: DEAF CON Village

The 7th DEAF CON Meet Up is happening at Defcon 27!

DEAF CON is a California 501 (c)(3) Non-profit organization outreach to the Deaf and HH community and information security community. We encourage Deaf and HH information security professionals to attend conferences. We help to provide communication services and spaces for professionals to meet and network with others. Anyone can come and attend our meet up and hangout!

More Info: https://www.deafconinc.org/
Twitter: @_DEAFCON_

Back to top



Ham Radio Exams

Event | Location: Ham Radio Village

Amateur Radio is for hacking the airwaves! All it takes is a passing score on a 35 question exam to become one of many licensed "Hams" who get to build, modify, and tinker with radio equipment and the modes they use to communicate. Now you can get your Ham Radio license (or upgrade your existing one) at DEF CON for free. There is no fee to sit for the exams at this session and most will get their new license and call sign electronically by the next business day. For more information and to register, visit: con-exam.com

More Info: https://con-exam.com
DEF CON Forums: https://forum.defcon.org/node/227726
Twitter: @DC_Ham_Exams

Back to top



Mohawk-Con

Event | Location: Vendor Area

Mohawk-Con returns for another year of shaving & coloring heads and transforming you into the cool kid at the con.

Charitable event to support the EFF & Hackers For Charity, get a cool new hawk in support of the causes that matter to you.

Visit us in the contest area on Fri & Sat 10-7, Sun 10-12 (Shaving off only!)

More Info: https://www.facebook.com/MohawkCon/
DEF CON Forums: https://forum.defcon.org/node/227739

Back to top



Toxic BBQ

Event | Location: Sunset Park, Pavilion F
Thursday 1600-2200

The humans of Vegas invite everyone to kick off the con at this unofficial welcome party.

Bring your thinking-meat to Sunset Park, Pavilion F on Thursday afternoon. Burgers and dogs are provided; you bring everything else (more food, drinks, grill skills, conversation, rides, and donations). This year, help us explore "Textured Protein's Promise" through food, meetups, and contests.

This event is off-site, so watch #ToxicBBQ or the Info Booth @dcib for updates. Check with me on Twitter, @duncanyoudaho and on Reddit /u/DuncanYoudaho.

DEF CON Forums: https://forum.defcon.org/node/228155
Twitter: #ToxicBBQ

Back to top