Pick a day:
= Demo |
= Tool |
= Exploit
Get the schedule in printable PDF Format
Thursday
10:00
-
DC101, Paris Theatre
Exploiting Windows Exploit Mitigation for ROP Exploits
Omer Yair
11:00
-
DC101, Paris Theatre
Breaking Google Home: Exploit It with SQLite (Magellan)
Wenxiang Qian, YuXiang Li, HuiYu Wu
12:00
-
DC101, Paris Theatre
Andreas Baumhof
13:00
-
DC101, Paris Theatre
Philippe Laulheret
14:00
-
DC101, Paris Theatre
Web2Own: Attacking Desktop Apps From Web Security's Perspective
Junyu Zhou, Ce Qin, Jianing Wang
15:00
-
DC101, Paris Theatre
Highwiz, Nikita, Will, n00bz, Shaggy, SecBarbie, Tottenkoph
Friday
Friday at 10:00
-
Track 1
Behind the Scenes of the DEFCON 27 Badge
Joe Grand (Kingpin)
-
Track 2
Hacking Congress: The Enemy Of My Enemy Is My Friend
Former Rep. Jane Harman, Rep. James Langevin, Jen Ellis, Cris Thomas, Rep. Ted Lieu
-
Track 3
Behind the Scenes: The Industry of Social Media Manipulation Driven by Malware†
Olivier Bilodeau, Masarah Paquet-Clouston
-
Track 4
Duplicating Restricted Mechanical Keys
Bill Graydon, Robert Graydon
Friday at 11:00
-
Track 1
Don't Red-Team AI Like a Chump
Ariel Herbert-Voss
-
Track 2
The Tor Censorship Arms Race: The Next Chapter
Roger Dingledine
-
Track 3
All the 4G Modules Could Be Hacked
XiaoHuiHui, Ye Zhang, ZhengHuang
-
Track 4
Evil eBPF In-Depth: Practical Abuses of an In-Kernel Bytecode Runtime
Jeff Dileo
Friday at 12:00
-
Track 1
Process Injection Techniques—Gotta Catch Them All
Itzik Kotler, Amit Klein
-
Track 2
WillC
-
Track 3
Infiltrating Corporate Intranet Like NSA _Pre-auth RCE on Leading SSL VPNs
Orange Tsai, Meh Chang
-
Track 4
API-Induced SSRF: How Apple Pay Scattered Vulnerabilities Across the Web
Joshua Maddux
Friday at 13:00
-
Track 1
HackPac: Hacking Pointer Authentication in iOS User Space
Xiaolong Bai, Min (Spark) Zheng
-
Track 2
HVACking: Understand the Difference Between Security and Reality!
Douglas McKee, Mark Bereza
-
Track 3
No Mas—How One Side-Channel Flaw Opens Atm, Pharmacies and Government Secrets Up to Attack
phar
-
Track 4
More Keys Than A Piano: Finding Secrets In Publicly Exposed Ebs Volumes
xBen "benmap" Morris
Friday at 14:00
-
Track 1
Harnessing Weapons of Mac Destruction
Patrick Wardle
-
Track 2
Are Your Child's Records at Risk? The Current State of School Infosec
Bill Demirkapi
-
Track 3
How Deep Learning Is Revolutionizing Side-Channel Cryptanalysis
Elie Bursztein, Jean Michel Picod
-
Track 4
Practical Key Search Attacks Against Modern Symmetric Ciphers
Daniel "ufurnace" Crowley, Daniel Pagan
Friday at 15:00
-
Track 1
MOSE: Using Configuration Management for Evil
Jayson Grace
-
Track 2
Change the World, cDc Style: Cow tips from the first 35 years
Joseph Menn, Peiter Mudge Zatko, Chris Dildog Rioux, Deth Vegetable, Omega
-
Track 3
100 Seconds of Solitude: Defeating Cisco Trust Anchor With FPGA Bitstream Shenanigans
Jatin Kataria, Rick Housley, Ang Cui
-
Track 4
Relaying Credentials Has Never Been Easier: How to Easily Bypass the Latest NTLM Relay Mitigations
Marina Simakov, Yaron Zinar
Friday at 16:00
-
Track 1
Please Inject Me, a x64 Code Injection
Alon Weinberg
-
Track 2
I Know What You Did Last Summer: 3 Years of Wireless Monitoring at DEF CON
d4rkm4tter (Mike Spicer)
-
Track 3
Surveillance Detection Scout—Your Lookout on Autopilot
Truman Kain
-
Track 4
The JOP ROCKET: A Supremely Wicked Tool for JOP Gadget Discovery, or What to Do If ROP Is Too Easy
Dr. Bramwell Brizendine, Dr. Joshua Stroschien
Friday at 16:30
-
Track 1
Nicolas Oberli
-
Track 2
Can You Track Me Now? Why The Phone Companies Are Such A Privacy Disaster
U.S. Senator Ron Wyden
-
Track 3
Breaking The Back End! It Is Not Always A Bug. Sometimes, It Is Just Bad Design!
Gregory Pickett
-
Track 4
Re: What's up Johnny?—Covert Content Attacks on Email End-to-End Encryption
Jens Müller
Friday at 20:00
-
Firesides Lounge
D0 N0 H4RM: A Healthcare Security Conversation
Christian "quaddi" Dameff, Jeff "r3plicant" Tully MD, Suzanne Schwartz MD, Marie Moe PhD, Billy Rios, Jay Radcliffe
Friday at 22:15
-
Firesides Lounge
Brent White / B1TK1LL3R, Jayson E. Street, Darington, April Wright, Tim Roberts (byt3boy), Casey Bourbonnais, s0ups
Saturday
Saturday at 10:00
-
Track 1
Weaponizing Hypervisors to Fight and Beat Car and Medical Devices Attacks
Ali Islam, Dan Regalado (DanuX)
-
Track 2
Rise of the Hypebots: Scripting Streetwear
finalphoenix
-
Track 3
Information Security in the Public Interest
Bruce Schneier
-
Track 4
Michael Leibowitz, Topher Timzen
Saturday at 11:00
-
Track 1
Jmaxxz
-
Track 2
Bill Swearingen
-
Track 3
Hacking Your Thoughts—Batman Forever meets Black Mirror
Katherine Pratt/GattaKat
-
Track 4
Meticulously Modern Mobile Manipulations
Leon Jacobs
Saturday at 12:00
-
Track 1
How You Can Buy AT&T, T-Mobile, and Sprint Real-Time Location Data on the Black Market
Joseph Cox
-
Track 2
Defeating Bluetooth Low Energy 5 PRNG for Fun and Jamming
Damien Cauquil (virtualabs)
-
Track 3
Why You Should Fear Your "mundane" Office Equipment
Daniel Romero, Mario Rivas
-
Track 4
Zombie Ant Farm: Practical Tips for Playing Hide and Seek with Linux EDRs
Dimitry Snezhkov
Saturday at 13:00
-
Track 1
RACE—Minimal Rights and ACE for Active Directory Dominance
Nikhil Mittal
-
Track 2
GSM: We Can Hear Everyone Now!
Campbell Murray, Eoin Buckley, James Kulikowski
-
Track 3
Christopher Wade
-
Track 4
Alvaro MuÒoz, Oleksandr Mirosh
Saturday at 14:00
-
Track 1
SELECT code_execution FROM * USING SQLite;—Gaining code execution using a malicious SQLite database
Omer Gull
-
Track 2
I'm on your phone, listening—Attacking VoIP Configuration Interfaces
Stephan Huber, Philipp Roskosch
-
Track 3
Maksim Shudrak
-
Track 4
Next Generation Process Emulation with Binee
Kyle Gwinnup, John Holowczak
Saturday at 15:00
-
Track 1
Get Off the Kernel if You Canít Drive
Jesse Michael, Mickey Shkatov
-
Track 2
Reverse-Engineering 4g Hotspots for Fun, Bugs and Net Financial Loss
g richter
-
Track 3
State of DNS Rebinding—Attack & Prevention Techniques and the Singularity of Origin
Gerald Doussot, Roger Meyer
-
Track 4
.NET Malware Threats: Internals And Reversing
Alexandre Borges
Saturday at 16:00
-
Track 1
Reverse Engineering 17+ Cars in Less Than 10 Minutes
Brent Stone
-
Track 2
The DEF CON NOC
-
Track 3
Confessions of an Nespresso Money Mule: Free Stuff & Triangulation Fraud
Nina Kollars, Kitty Hegemon
-
Track 4
Vacuum Cleaning SecurityóPinky and the Brain Edition
jiska, clou (Fabian Ullrich)
Saturday at 16:30
-
Track 1
Unpacking Pkgs: A Look Inside Macos Installer Packages And Common Security Flaws
Andy Grant
-
Track 2
(cont) The DEF CON NOC
-
Track 3
droogie
-
Track 4
Michael Stepankin
Saturday at 20:00
-
Firesides Lounge
Kurt Opsahl, Camille Fischer, Bennett Cyphers, Nathan 'nash' Sheard, Shahid Buttar
Saturday at 22:15
-
Firesides Lounge
We Hacked Twitter... And the World Lost Their Sh*t Over It!
Mike Godfrey, Matthew Carr
Sunday
Sunday at 10:00
-
Track 1
Backdooring Hardware Devices By Injecting Malicious Payloads On Microcontrollers
Sheila Ayelen Berta
-
Track 2
Adventures In Smart Buttplug Penetration (testing)
smea
-
Track 3
Hacking WebAssembly Games with Binary Instrumentation
Jack Baker
-
Track 4
Xiangqian Zhang, Huiming Liu
Sunday at 11:00
-
Track 1
The ABC of Next-Gen Shellcoding
Hadrien Barral, RÈmi GÈraud-Stewart, Georges-Axel Jaloyan
-
Track 2
SDR Against Smart TVs: URL and Channel Injection Attacks
Pedro Cabrera Camara
-
Track 3
Exploiting Qualcomm WLAN and Modem Over The Air
Xiling Gong, Peter Pi
-
Track 4
Say Cheese—How I Ransomwared Your DSLR Camera
Eyal Itkin
Sunday at 12:00
-
Track 1
I'm In Your Cloud... Pwning Your Azure Environement
Dirk-jan Mollema
-
Track 2
Malproxying: Leave Your Malware at Home
Hila Cohen, Amit Waisel
-
Track 3
HTTP Desync Attacks: Smashing into the Cell Next Door
albinowax
-
Track 4
Help Me, Vulnerabilities. You're My Only Hope
Jacob Baines
Sunday at 13:00
-
Track 1
[ MI CASA-SU CASA ] My 192.168.1.1 is Your 192.168.1.1
Elliott Thompson
-
Track 2
Sound Effects: Exploring Acoustic Cyber-weapons
Matt Wixey
-
Track 3
Owning The Cloud Through Server-Side Request Forgery
Ben Sadeghipour, Cody Brocious (Daeken)
-
Track 4
Want Strong Isolation? Just Reset Your Processor
Anish Athalye
Sunday at 14:00
-
Track 1
Firmware Slap: Automating Discovery of Exploitable Vulnerabilities in Firmware
Christopher Roberts
-
Track 2
Cheating in eSports: How to Cheat at Virtual Cycling Using USB Hacks
Brad Dixon
-
Track 3
The Ether Wars: Exploits, counter-exploits and honeypots on Ethereum
Bernhard Mueller, Daniel Luca
-
Track 4
Contests & Events
Sunday at 16:00
-
Paris Ballroom
The Dark Tangent & Goons