DEF CON
29

TALK SCHEDULE

DEF CON Discord Server
Discord
DEF CON Twitch Server
Twitch
DEF CON Entertainment Twitch Server
A&E
DEF CON Info Booth Server
Info
DEF CON YouTube Page
YouTube
DEF CON Forums Logo
Forums

Jump to Friday | Saturday | Sunday

Friday

09:00

Virtual
Dark Tangent Welcome on Discord and Making the DEF CON 29 Badge
Michael Whiteley & Katie Whiteley
Demo

10:00

Track 1
Welcome To DEF CON & Making the DEF CON 29 Badge
Dark Tangent, Michael Whiteley, & Katie Whiteley
Demo

Track 2
Gone Apple Pickin': Red Teaming macOS Environments in 2021
Cedric Owens
Demo

Virtual
HTTP/2: The Sequel is Always Worse
James Kettle
Demo, Tool, Exploit

11:00

Track 2
2021—Our Journey Back To The Future Of Windows Vulnerabilities and the 0-days we brought back with us
Tomer Bar & Eran Segal
Demo, Tool, Exploit

Virtual
Caught you—reveal and exploit IPC logic bugs inside Apple
Zhipeng Huo, Yuebin Sun, & Chuanda Ding
Demo, Exploit

12:00

12:30

Track 2
The Mechanics of Compromising Low Entropy RSA Keys
Austin Allshouse

Virtual
Worming through IDEs
David Dworken
Demo, Exploit

13:00

Track 1
Ransomeware’s Big Year – From Nuisance to “Scourge”?
DEF CON Policy Panel

Track 2
Sleight of ARM: Demystifying Intel Houdini
Brian Hong
Demo

Virtual
eBPF, I thought we were friends!
Guillaume Fournier, Sylvain Afchain, & Sylvain Baubeau
Demo, Tool

14:00

Track 1
MAVSH> Attacking from Above
Sach
Demo, Tool

Track 2
Hacking Humans with AI as a Service
Eugene Lim, Glenice Tan, & Tan Kee Hock
Demo, Tool

Virtual
Rotten code, aging standards, & pwning IPv4 parsing across nearly every mainstream programming language
Kelly Kaoudis & Sick Codes
Demo, Exploit

15:00

16:00

17:00

18:00

Track 1
Do No harm; Health Panel : Live version
A DEF CON Policy Panel

Track 2
Response Smuggling: Pwning HTTP/1.1 Connections
Martin Doyhenard
Demo, Exploit

Virtual
How I use a JSON Deserialization 0day to Steal Your Money On The Blockchain
Hao Xing & Zekai Wu
Demo, Exploit

Saturday

10:00

Track 1
High-Stakes Updates BIOS RCE OMG WTF BBQ
Mickey Shkatov & Jesse Michael
Demo, Tool, Exploit

Track 2
Crossover Episode: The Real-Life Story of the First Mainframe Container Breakout
Ian Coldwater & Chad Rikansrud (Bigendian Smalls)
Demo

Virtual
Privacy Without Monopoly: Paternalism Works Well, But Fails Badly
Cory Doctorow

11:00

12:00

12:30

Track 1
Hack the hackers: Leaking data over SSL/TLS
Ionut Cernica
Demo, Exploit

Track 2
A new class of DNS vulnerabilities affecting many DNS-as-Service platforms
Shir Tamari & Ami Luttwak
Demo

13:00

Track 1
PINATA: PIN Automatic Try Attack
Salvador Mendoza
Demo

Track 2
Defeating Physical Intrusion Detection Alarm Wires
Bill Graydon
Tool

Virtual
TEMPEST radio station
Paz Hameiri
Tool

14:00

15:00

Track 1
Hacking G Suite: The Power of Dark Apps Script Magic
Matthew Bryant
Tool

Track 2
Central bank digital currency, threats and vulnerabilities
Ian Vitek
Exploit

Virtual
Breaking Secure Bootloaders
Christopher Wade
Demo, Tool, Exploit

16:00

Track 1
New Phishing Attacks Exploiting OAuth Authentication Flows
Jenko Hwong
Demo, Tool

Track 2
PunkSPIDER and IOStation: Making a Mess All Over the Internet
_hyp3ri0n aka Alejandro Caceres & Jason Hopper
Demo, Tool

Virtual
Adventures in MitM-land: Using Machine-in-the-Middle to Attack Active Directory Authentication Schemes
Sagi Sheinfeld, Eyal Karni, & Yaron Zinar
Demo

17:00

Track 1
You're Doing IoT RNG
Dan "AltF4" Petro & Allan "DwangoAC" Cecil

Track 2
Hacking the Apple AirTags
Thomas Roth
Demo, Tool

Virtual
Don't Dare to Exploit—An Attack Surface Tour of SharePoint Server
Yuhao Weng, Steven Seeley, & Zhiniang Peng
Demo, Exploit

18:00

Sunday

10:00

11:00

Track 1
The PACS-man Comes For Us All: We May Be Vaccinated, but Physical Access Control Still Sucks
Babak Javadi, Nick Draffen, Eric Betts, & Anze Jensterle
Demo, Tool, Exploit

Track 2
Glitching RISC-V chips: MTVEC corruption for hardening ISA
Adam 'pi3' Zabrocki & Alex Matrosov
Demo, Exploit

Virtual
Fuzzing Linux with Xen
Tamas K Lengyel
Demo, Tool, Exploit

12:00

13:00

Track 1
Extension-Land: exploits and rootkits in your browser extensions
Barak Sternberg
Demo, Tool, Exploit

Track 2
Why does my security camera scream like a Banshee? Signal analysis and RE of a proprietary audio-data encoding protocol
Rion Carter
Demo, Tool

Virtual
Timeless Timing Attacks
Tom Van Goethem & Mathy Vanhoef
Demo, Tool, Exploit

14:00

14:30

15:00

Virtual
Discord Closing Ceremonies
Dark Tangent & DEF CON Goons

16:00

Track 1
DEF CON Closing Ceremonies, Black Badge Ceremonies
with Dark Tangent & DEF CON Goons