|
Attacking the Internet of Things using Time
|
Paul McMillan
,
Nebula
|
|
Burner Phone DDOS 2 dollars a day : 70 Calls a Minute
|
Weston Hecker
|
|
DEF CON 101 - The Talk
|
HighWiz
,
Pyr0
,
Roamer
,
LosT
|
|
Anatomy of a Pentest; Poppin' Boxes like a Pro
|
PushPin
|
|
The Monkey in the Middle: A pentesters guide to playing in traffic.
|
Anch
|
|
Panel — Surveillance on the Silver Screen- Fact or Fiction?
|
Nicole Ozer
,
Kevin Bankston
,
Timothy Edgar
,
ACLU of California
,
New America Foundation's Open Technology Institute
,
Watson Institute for International Studies, Brown University
|
|
AWS for Hackers
|
Beaker
|
|
Shellcodes for ARM: Your Pills Don't Work on Me, x86
|
Svetlana Gaivoronski
,
Ivan Petrov
,
Moscow State University, Russia
|
|
The Open Crypto Audit Project
|
Kenneth White
,
Matthew Green
,
Open Crypto Audit Project
,
Johns Hopkins University
|
|
Open Source Fairy Dust
|
John Menerick
,
Netsuite
|
|
Elevator Hacking - From the Pit to the Penthouse
|
Deviant Ollam
,
Howard Payne
,
The CORE Group
|
|
One Man Shop: Building an effective security program all by yourself
|
|
|
ShareEnum: We Wrapped Samba So You Don’t Have To
|
Lucas Morris
,
Michael McAtee
,
Crowe Horwath LLP
|
|
Advanced Red Teaming: All Your Badges Are Belong To Us
|
Eric Smith
,
Josh Perrymon
,
LARES
|
|
NSA Playset: DIY WAGONBED Hardware Implant over I2C
|
Josh Datko
,
Teddy Reed
,
Cryptotronix, LLC
|
|
RFIDler: SDR.RFID.FTW
|
Major Malfunction
,
Zac Franken
|
|
Check Your Fingerprints: Cloning the Strong Set
|
Richard Klafter (Free)
,
Eric Swanson (Lachesis)
,
Optimizely
|
|
The Only Way to Tell the Truth is in Fiction: The Dynamics of Life in the National Security State
|
Richard Thieme
,
ThiemeWorks
|
|
From root to SPECIAL: Pwning IBM Mainframes
|
Philip “Soldier of Fortran” Young
|
|
USB for all!
|
Jesse Michael
,
Mickey Shkatov
|
|
Blinding The Surveillance State
|
Christopher Soghoian
,
American Civil Liberties Union
|
|
Extreme Privilege Escalation On Windows 8/UEFI Systems
|
Corey Kallenberg
,
Xeno Kovah
,
MITRE
|
|
NinjaTV - Increasing Your Smart TV’s IQ Without Bricking It
|
Felix Leder
,
Blue Coat Norway
|
|
Optical Surgery; Implanting a DropCam
|
Patrick Wardle
,
Colby Moore
,
Synack
|
|
Empowering Hackers to Create a Positive Impact
|
Keren Elazari
|
|
Secure Random By Default
|
Dan Kaminsky
,
White Ops
|
|
DEF CON Comedy Jam Part VII, Is This The One With The Whales?
|
David Mortman
,
Rich Mogull
,
Chris Hoff
,
Dave Maynor
,
Larry Pesce
,
James Arlen
,
Rob Graham
,
Alex Rothman Shostack
|
|
I Hunt TR-069 Admins: Pwning ISPs Like a Boss
|
Shahar Tal
,
Check Point Software Technologies
|
|
NSA Playset : GSM Sniffing
|
Pierce
,
Loki
|
|
The Internet of Fails: Where IoT Has Gone Wrong and How We're Making It Right
|
Mark Stanislav
,
Zach Lanier
,
Duo Security
|
|
Weaponizing Your Pets: The War Kitteh and the Denial of Service Dog
|
Gene Bransfield
,
Tenacity Solutions, Inc.
|
|
The Cavalry Year[0] & a Path Forward for Public Safety
|
Joshua Corman
,
Nicholas J Percoco
,
Sonatype
,
Rapid7
|
|
Girl… Fault-Interrupted.
|
Maggie Jauregui
|
|
Masquerade: How a Helpful Man-in-the-Middle Can Help You Evade Monitoring.
|
Ryan Lackey
,
Marc Rogers
,
The Grugq
,
CryptoSeal, Inc.
,
Lookout
|
|
A Survey of Remote Automotive Attack Surfaces
|
Charlie Miller
,
Chris Valasek
,
Twitter
,
IOActive, Inc.
|
|
From Raxacoricofallapatorius With Love: Case Studies In Insider Threat
|
Tess Schrodinger
|
|
Panel: Ask the EFF: The Year in Digital Civil Liberties
|
Kurt Opsahl
,
Nate Cardozo
,
Mark Jaycox
,
Yan Zhu
,
Eva Galperin
,
Electronic Frontier Foundation
,
EFF
|
|
Saving Cyberspace by Reinventing File Sharing
|
Eijah
|
|
Instrumenting Point-of-Sale Malware: A Case Study in Communicating Malware Analysis More Effectively
|
Wesley McGrew
,
Mississippi State University
|
|
Practical Aerial Hacking & Surveillance
|
Glenn Wilkinson
,
SensePost
|
|
Why Don’t You Just Tell Me Where The ROP Isn’t Suppose To Go
|
David Dorsey
,
Click Security
|
|
PropLANE: Kind of keeping the NSA from watching you pee
|
Rob Bathurst
,
Russ Rogers
,
Mark Carey
,
Ryan Clarke
|
|
Is This Your Pipe? Hijacking the Build Pipeline.
|
Kyle Kelley
,
Greg Anderson
,
Rackspace
|
|
Through the Looking-Glass, and What Eve Found There
|
Luca "kaeso" Bruno
,
Mariano "emdel" Graziano
,
Eurecom
|
|
Playing with Car Firmware or How to Brick your Car
|
Paul Such 0x222
,
Agix
,
SCRT
|
|
DEF CON the Mystery, Myth and Legend
|
|
|
Screw Becoming A Pentester - When I Grow Up I Want To Be A Bug Bounty Hunter!
|
Jake Kouns
,
Carsten Eiram
,
Risk Based Security
|
|
Measuring the IQ of your Threat Intelligence feeds
|
Alex Pinto
,
Kyle Maxwell
,
MLSec Project
|
|
PoS Attacking the Traveling Salesman
|
Alex Zacharis
,
Tsagkarakis Nikolaos
,
Census
|
|
How to Disclose an Exploit Without Getting in Trouble
|
Jim Denaro
,
Tod Beardsley
,
CipherLaw
,
Metasploit project
|
|
Raspberry MoCA - A recipe for compromise
|
Andrew Hunt
,
Bechtel
|
|
Detecting Bluetooth Surveillance Systems
|
Grant Bugher
,
Perimeter Grid
|
|
Bug Bounty Programs Evolution
|
Nir Valtman
|
|
Android Hacker Protection Level 0
|
Tim Strazzere
,
Jon Sawyer
,
Applied Cybersecurity LLC
|
|
Old Skewl Hacking: Porn Free!
|
Major Malfunction
|
|
Am I Being Spied On? Low-tech Ways Of Detecting High-tech Surveillance
|
Dr. Phil Polstra
,
Bloomsburg University of Pennsylvania
|
|
Panel: Ephemeral Communications: Why and How?
|
Ryan Lackey
,
Jon Callas
,
Elissa Shevinsky
,
CryptoSeal, Inc.
,
Silent Circle
,
Glimpse
|
|
Protecting SCADA From the Ground Up
|
AlxRogan
|
|
What the Watchers See: Eavesdropping on Municipal Mesh Cameras for Giggles (or Pure Evil)
|
Dustin Hoffman
,
Thomas (TK) Kinsey
,
Exigent Systems Inc.
|
|
Weird-Machine Motivated Practical Page Table Shellcode & Finding Out What's Running on Your System
|
Shane Macaulay
,
Cloud Security, IOActive
|
|
Catching Malware En Masse: DNS and IP Style
|
Dhia Mahjoub
,
Thibault Reuille
,
Andree Toonk
,
OpenDNS
,
OpenDNS Inc
|
|
Generating ROP payloads from numbers
|
Alexandre Moneger
,
Cisco Systems
|
|
Meddle: Framework for Piggy-back Fuzzing and Tool Development
|
Geoff McDonald
,
Microsoft Corporation
|
|
Don't DDoS Me Bro: Practical DDoS Defense
|
Blake Self
,
Shawn "cisc0ninja" Burrell
,
SOLDIERX Crew
|
|
Paging SDR... Why should the NSA have all the fun?
|
Xaphan
,
n00bz
|
|
Hacking the FBI: How & Why to Liberate Government Records
|
Ryan Noah Shapiro
,
Massachusetts Institute of Technology
|
|
Dark Mail
|
Ladar Levison
,
Stephen Watt
,
Lavabit, LLC
|
|
Oh Bother, Cruising The Internet With Your Honeys, Creating Honeynets For Tracking Criminal Organizations
|
Terrence Gareau
,
Mike Thompson
|
|
Mass Scanning the Internet: Tips, Tricks, Results
|
Robert Graham
,
Paul McMillan
,
Dan Tentler
|
|
Dropping Docs on Darknets: How People Got Caught
|
Adrian Crenshaw
,
TrustedSec
|
|
Client-Side HTTP Cookie Security: Attack and Defense
|
David Wyde
,
Cisco Systems
|
|
Data Protection 101 - Successes, Fails, and Fixes
|
PTzero
|
|
The NSA Playset: RF Retroreflectors
|
Michael Ossmann
,
Great Scott Gadgets
|
|
Domain Name Problems and Solutions
|
Dr. Paul Vixie
,
Farsight Security
|
|
Investigating PowerShell Attacks
|
Ryan Kazanciyan
,
Matt Hastings
,
Mandiant
|
|
Stolen Data Markets: An Economic and Organizational Assessment
|
Tom Holt
,
Olga Smirnova
,
Yi-Ting Chua
,
Michigan State University
,
Eastern Carolina University
|
|
Panel - Diversity in Information Security
|
Jennifer Imhoff-Dousharm
,
Sandy “Mouse” Clark
,
Kristin Paget
,
Jolly
,
Vyrus
,
Scott Martin
,
CIO Spikes Security
|
|
Home Alone with localhost: Automating Home Defense
|
Chris Littlebury
,
Knowledge Consulting Group, Inc.
|
|
You're Leaking Trade Secrets
|
Michael Schrenk
|
|
Deconstructing the Circuit Board Sandwich: Effective Techniques for PCB Reverse Engineering
|
Joe Grand aka Kingpin
,
Grand Idea Studio
|
|
Blowing up the Celly - Building Your Own SMS/MMS Fuzzer
|
Brian Gorenc
,
Matt Molinyawe
,
Trend Micro's Zero Day Initiative
,
HP Security Research
|
|
NSA Playset: PCIe
|
Joe FitzPatrick
,
Miles Crabill
,
Hardware Security Resources, LLC
|
|
Logging ALL THE THINGS Without All The Cost With Open Source Big Data Tools </buzzwords>
|
Zack Fasel
,
Urbane Security
|
|
"Around the world in 80 cons” - A Perspective
|
Jayson E. Street
,
Krypton Security
|
|
Abuse of Blind Automation in Security Tools
|
Eric (XlogicX) Davisson
,
Ruben Alejandro (chap0)
|
|
A Journey to Protect Points-of-sale
|
Nir Valtman
,
NCR Retail
|
|
Acquire current user hashes without admin privileges
|
Anton Sapozhnikov
,
KPMG
|
|
Hacking 911: Adventures in Disruption, Destruction, and Death
|
Christian “quaddi” Dameff
,
Jeff “r3plicant” Tully
,
Peter Hefley
,
Sunera
|
|
Steganography in Commonly Used HF Radio Protocols
|
Paul Drapeau
,
Brent Dukes
,
Confer Technologies Inc.
|
|
In the forest of knowledge with 1o57
|
LosT
|
|
Just What The Doctor Ordered?
|
Scott Erven
,
Shawn Merdinger
,
SecMedic, Inc
|
|
The Making of DEFCOIN
|
Xaphan
,
Beaker
,
Anch
|
|
Cyberhijacking Airplanes: Truth or Fiction?
|
Dr. Phil Polstra
,
Captain Polly
,
Bloomsburg University of Pennsylvania
,
University of Dubuque
|
|
Bypass firewalls, application white lists, secure remote desktops under 20 seconds
|
Zoltán Balázs
,
MRG Effitas
|
|
Veil-Pillage: Post-exploitation 2.0
|
Will Schroeder
,
Veris Group
|
|
Secure Because Math: A Deep Dive On Machine Learning-Based Monitoring
|
Alex Pinto
,
MLSec Project
|
|
Oracle Data Redaction is Broken
|
David Litchfield
,
Datacom TSS
|
|
Hack All The Things: 20 Devices in 45 Minutes
|
CJ Heres
,
Amir Etemadieh
,
Mike Baker
,
Hans Nielsen
,
Accuvant LABS
,
Matasano Security
|
|
An Introduction to Back Dooring Operating Systems for Fun and Trolling
|
Nemus
|
|
The Secret Life of Krbtgt
|
Christopher Campbell
|
|
Impostor — Polluting Tor Metadata
|
Charlie Vedaa
,
Mike Larsen
|
|
Reverse Engineering Mac Malware
|
Sarah Edwards
,
SANS Institute
|
|
Standing Up an Effective Penetration Testing Team
|
Wiseacre
|
|
Don't Fuck It Up!
|
Zoz
|
|
Abusing Software Defined Networks
|
Gregory Pickett
,
Hellfire Security
|
|
Manna from Heaven: Improving the state of wireless rogue AP attacks
|
Dominic White
,
Ian de Villiers
,
SensePost
|
|
Practical Foxhunting 101
|
Adam Wirth (SimonJ)
,
MasterPeace Solutions LTD
|
|
Touring the Darkside of the Internet. An Introduction to Tor, Darknets, and Bitcoin
|
Metacortex
,
Grifter
|
|
The $env:PATH less Traveled is Full of Easy Privilege Escalation Vulns
|
Christopher Campbell
|
|
Saving the Internet (for the Future)
|
Jason Healey
,
Atlantic Council
|
|
Detecting and Defending Against a Surveillance State
|
Robert Rowley
,
Trustwave Spiderlabs
|
|
Getting Windows to Play with Itself: A Hacker's Guide to Windows API Abuse
|
Brady Bloxham
,
Silent Break Security
|
|
VoIP Wars: Attack of the Cisco Phones
|
Fatih Ozavci
,
Sense of Security
|
|
How To Get Phone Companies To Just Say No To Wiretapping
|
Phil Zimmermann
,
Silent Circle
|
|
Summary of Attacks Against BIOS and Secure Boot
|
Yuriy Bulygin
,
Oleksandr Bazhaniuk
,
Andrew Furtak
,
John Loucaides
,
Intel Security
|
|
Hacking US (and UK, Australia, France, etc.) traffic control systems
|
Cesar Cerrudo
,
IOActive Labs
|
|
RF Penetration Testing, Your Air Stinks
|
RMellendick
,
DaKahuna
|
|
Learn how to control every room at a luxury hotel remotely: the dangers of insecure home automation deployment
|
Jesus Molina
|
|
I am a legend: Hacking Hearthstone with machine learning
|
Elie Bursztein
,
Celine Bursztein
,
Google Inc.
,
PetSquare
|