Star 0


Title Humans
Stumping the Mobile Chipset Adam Donenfeld , Check Point
CANSPY: a Framework for Auditing CAN Devices Jonathan-Christofer Demay , AIRBUS Defence and Space CyberSecurity
Universal Serial aBUSe: Remote Physical Access Attacks Rogan Dawes , Sensepost
Six Degrees of Domain Admin - Using Graph Theory to Accelerate Red Team Operations Andy Robbins (@_wald0) , Veris Group
Exploiting and Attacking Seismological Networks... Remotely Bertin Bervis Bonilla , NETDB.IO
Slouching Towards Utopia: The State of the Internet Dream Jennifer S. Granick , Civil Liberties, Stanford Center for Internet and Society
Realtime Bluetooth Device Detection with Blue Hydra Zero_Chaos , Pwnie Express
All Your Solar Panels are Belong to Me Fred Bret-Mounet
Frontrunning the Frontrunners Dr. Paul Vixie , Farsight Security, Inc.
Research on the Machines: Help the FTC Protect Privacy & Security Terrell McSweeny , Federal Trade Commission
How to get good seats in the security theater? Hacking boarding passes for fun and profit. Przemek Jaroszewski , CERT Polska/NASK
Retweet to Win: How 50 lines of Python made me the luckiest guy on Twitter Hunter Scott
Platform agnostic kernel fuzzing James Loureiro , MWR InfoSecurity
Use Their Machines Against Them: Loading Code with a Copier Mike , The MITRE Corporation
SITCH - Inexpensive, Coordinated GSM Anomaly Detection ashmastaflash
A Journey Through Exploit Mitigation Techniques in iOS Max Bazaliy , Lookout
Side-channel Attacks on High-security Electronic Safe Locks Plore
How to Overthrow a Government Chris Rock , Kustodian
Phishing without Failure and Frustration Jay Beale
Toxic Proxies - Bypassing HTTPS and VPNs to Pwn Your Online Identity Alex Chapman , Context Information Security Ltd.
Beyond the MCSE: Red Teaming Active Directory Sean Metcalf , Trimarc
Ask the EFF Kurt Opsahl , EFF
Light-Weight Protocol! Serious Equipment! Critical Implications! Lucas Lundgren , FortConsult , NCC Group
How to Design Distributed Systems Resilient Despite Malicious Participants Radia Perlman
Samsung Pay: Tokenized Numbers, Flaws and Issues Salvador Mendoza , Sean Metcalf , Mike , Marc Newlin , Guevara Noubir , Radia Perlman , Dan ‘AltF4’ Petro , Kurt Opsahl , Plore , regilero , WIlla Cassandra Riggins(abyssknight) , Andy Robbins (@_wald0) , Chris Rock , Anthony Rose , Nicholas Rosario (MasterChen) , The Bob Ross Fan Club , Henrik Schmidt , Hunter Scott , Mickey Shkatov (@Laplinker) , Haoqi Shan , Yan Shoshitaishvili , Six_Volts , Shane Steiger, Esq. , Tamas Szakaly , Richard Thieme , Javier Vazquez Vidal , Dr. Paul Vixie , Dr. Phil , Mike Walker , Patrick Wardle , Sebastian Westerhold , Brad Woodberg , Luke Young , Bryant Zadegan , Mudge Zatko , Zero_Chaos , Kai Zhong , Trimarc , The MITRE Corporation , Bastille Networks , Northeastern University , Bishop Fox , EFF , Makina Corpus , Veracode , Veris Group , Kustodian , ERNW GmbH , Intel Advanced Threat Research. , Qihoo 360 , UC Santa Barbara , PR-Audit Ltd., Hungary , ThiemeWorks , Code White Gmbh , Farsight Security, Inc. , Bloomsburg University of Pennsylvania , Synack , Proofpoint,Inc. , Emerging Threats, Proofpoint,Inc. , Proofpoint , Hydrant Labs LLC , Mach37 , CITL , Pwnie Express , Etsy
Developing Managed Code Rootkits for the Java Runtime Environment Benjamin Holland , DARPA's Space , ISU Team
101 Sentient Storage - Do SSDs Have a Mind of Their Own? Tom Kopchak , Hurricane Labs
Hacking Next-Gen ATM's From Capture to Cashout Weston Hecker , Rapid7
How to Do it Wrong: Smartphone Antivirus and Security Applications Under Fire Stephan Huber , Fraunhofer SIT
Examining the Internet's pollution Karyn Benson
Hacker-Machine Interface - State of the Union for SCADA HMI Vulnerabilities Brian Gorenc , Trend Micro's Zero Day Initiative
Stargate: Pivoting Through VNC to Own Internal Networks Yonathan Klijnsma , Fox-IT
Vulnerabilities 101: How to Launch or Improve Your Vulnerability Research Game Joshua Drake , Zimperium
Secure Penetration Testing Operations: Demonstrated Weaknesses in Learning Material and Tools Wesley McGrew , HORNE Cyber
101 Ways to Brick your Hardware Joe FitzPatrick ,
Compelled Decryption - State of the Art in Doctrinal Perversions Ladar Levison , Lavabit, LLC
Breaking the Internet of Vibrating Things : What We Learned Reverse Engineering Bluetooth- and Internet-Enabled Adult Toys
Cunning with CNG: Soliciting Secrets from Schannel Jake Kambic
BSODomizer HD: A Mischievous FPGA and HDMI Platform for the (M)asses Joe Grand (Kingpin) , Grand Idea Studio
Backdooring the Frontdoor Jmaxxz
MouseJack: Injecting Keystrokes into Wireless Mice Marc Newlin , Bastille Networks
Introduction the Wichcraft Compiler Collection : Towards Universal Code Theft Jonathan Brossard (endrazine) ,
(Ab)using Smart Cities: The Dark Age of Modern Mobility Matteo Beccaro , Opposing Force
Bypassing Captive Portals and Limited Networks Grant Bugher , Perimeter Grid
Help, I've got ANTs!!! Tamas Szakaly , PR-Audit Ltd., Hungary
Anti-Forensics AF int0x80
Meet the Feds Jonathan Mayer , Federal Communications Commission
VLAN hopping, ARP Poisoning and Man-In-The-Middle Attacks in Virtualized Environments Ronny Bull , Utica College , Clarkson University
Blockfighting with a Hooker -- BlockfFghter2! K2 , IOActive, Inc.
Eavesdropping on the Machines Tim ‘t0rch’ Estell , BAE Systems
I Fight For The Users, Episode I - Attacks Against Top Consumer Products Zack Fasel , Urbane
MR. ROBOT Panel Kor Adana , MR. ROBOT
Feds and 0Days: From Before Heartbleed to After FBI-Apple Jay Healey , Columbia University
Hiding Wookiees in HTTP - HTTP smuggling is a thing we should know better and care about regilero , Makina Corpus
DIY Nukeproofing: A New Dig at 'Datamining' 3AlarmLampScooter
Crypto: State of the Law Nate Cardozo , Electronic Frontier Foundation
Weaponizing Data Science for Social Engineering: Automated E2E Spear Phishing on Twitter Delta Zero (John Seymour) , ZeroFOX
Escaping The Sandbox By Not Breaking It Marco Grassi , Tencent Keen Security Lab
Abusing Bleeding Edge Web Standards for AppSec Glory Bryant Zadegan , Mach37
Malware Command and Control Channels: A journey into darkness Brad Woodberg , Proofpoint,Inc. , Emerging Threats, Proofpoint,Inc. , Proofpoint
Playing Through the Pain? - The Impact of Secrets and Dark Knowledge on Security and Intelligence Professionals Richard Thieme , ThiemeWorks
DEF CON 101 Panel Mike Petruzzi (wiseacre)
Direct Memory Attack the Kernel Ulf Frisk
Sticky Keys To The Kingdom: Pre-auth RCE Is More Common Than You Think Dennis Maldonado (AKA Linuz) , LARES Consulting
A Monitor Darkly: Reversing and Exploiting Ubiquitous On-Screen-Display Controllers in Modern Monitors Ang Cui , Red Balloon Security
Project CITL Mudge Zatko , CITL
Discovering and Triangulating Rogue Cell Towers JusticeBeaver (Eric Escobar) , Barracuda Networks Inc
Sk3wlDbg: Emulating All (well many) of the Things with Ida Chris Eagle
Attacking BaseStations - an Odyssey through a Telco's Network Henrik Schmidt , ERNW GmbH
NG9-1-1: The Next Generation of Emergency Ph0nage CINCVolFLT (Trey Forgety)
How to Make Your Own DEF CON Black Badge Mickey Shkatov (@Laplinker) , Intel Advanced Threat Research.
'Cyber' Who Done It?! Attribution Analysis Through Arrest History Jake Kouns , Risk Based Security
Machine Duping 101: Pwning Deep Learning Systems Clarence Chio
Esoteric Exfiltration WIlla Cassandra Riggins(abyssknight) , Veracode
CAN i haz car secret plz? Javier Vazquez Vidal , Code White Gmbh
Jittery MacGyver: Lessons Learned from Building a Bionic Hand out of a Coffee Maker Evan Booth
Maelstrom - Are You Playing with a Full Deck? : Using a Newly Developed Attack Life Cycle Game to Educate, Demonstrate and Evangelize. Shane Steiger, Esq.
I've got 99 Problems, but Little Snitch ain't one Patrick Wardle , Synack
Hacking Hotel Keys and Point of Sale Systems: Attacking Systems Using Magnetic Secure Transmission Weston Hecker , Rapid7
Picking Bluetooth Low Energy Locks from a Quarter Mile Away Anthony Rose
Game over, man! – Reversing Video Games to Create an Unbeatable AI Player Dan ‘AltF4’ Petro , Bishop Fox
How to Remmote Control an Airliner: SecurityFLawsin Avionics Sebastian Westerhold
Cyber Grand Shellphish Yan Shoshitaishvili , UC Santa Barbara
Mouse Jiggler Offense and Defense Dr. Phil , Bloomsburg University of Pennsylvania
Auditing 6LoWPAN Networks using Standard Penetration Testing Tools Jonathan-Christofer Demay , AIRBUS Defence and Space CyberSecurity
Hacker Fundamentals and Cutting Through Abstraction LosT
pin2pwn: How to Root an Embedded Linux Box with a Sewing Needle Brad Dixon
The Remote Metamorphic Engine: Detecting, Evading, Attacking the AI and Reverse Engineering Amro Abdelgawad , Immuneye
Propaganda and You (and your devices) - How media devices can be used to coerce, and how the same devices can be used to fight back. The Bob Ross Fan Club
An Introduction to Pinworm: Man in the Middle for your Metadata bigezy
Honey Onions: Exposing Snooping Tor HSDir Relays Guevara Noubir , Northeastern University
Robot Hacks Video Games: How TASBot Exploits Consoles with Custom Controllers Allan Cecil (dwangoAC) , North Bay Linux User's Group
Can You Trust Autonomous Vehicles: Contactless Attacks against Sensors of Self-driving Vehicle Jianhao Liu , ADLAB, Qihoo 360
Attacking Network Infrastructure to Generate a 4 Tb/s DDoS for $5 Luke Young , Hydrant Labs LLC
Drones Hijacking - multi-dimensional attack vectors and countermeasures Aaron Luo , Trend Micro, Inc.
Cheap Tools for Hacking Heavy Trucks Six_Volts
DARPA Cyber Grand Challenge Award Ceremony Mike Walker
Let’s Get Physical: Network Attacks Against Physical Security Systems Ricky ‘HeadlessZeke’ Lawshae
Forcing a Targeted LTE Cellphone into an Unsafe Network Haoqi Shan , Qihoo 360
So You Think You Want To Be a Penetration Tester Anch
411: A framework for managing security alerts Kai Zhong , Etsy
Weaponize Your Feature Codes Nicholas Rosario (MasterChen)