1. Events
  2. DEF CON 23
Star 0

Talks

Title Humans
I want these * bugs off my * Internet Dan Kaminsky , White Ops
I Hunt Penetration Testers: More Weaknesses in Tools and Procedures Wesley McGrew , Mississippi State University
Let's Encrypt - Minting Free Certificates to Encrypt the Entire Web Peter Eckersley , James Kasten , Yan Zhu , Electronic Frontier Foundation
Responsible Incident: Covert Keys Against Subverted Technology Latencies, Especially Yubikey LosT
Sorry, Wrong Number: Mysteries Of The Phone System - Past and Present "Unregistered436" Patrick McNeil , "Snide" Owen
Exploring Layer 2 Network Security in Virtualized Environments Ronny L. Bull , Jeanna N. Matthews , Clarkson University
Alice and Bob are Really Confused David Huerta
Put on your tinfo_t hat if you're my type miaubiz , Azimuth Security
Canary: Keeping Your Dick Pics Safe(r) Rob Bathurst (evilrob) , Jeff Thomas (xaphan)
I Will Kill You Chris Rock , Kustodian Pty Ltd
Shall We Play a Game? Tamas Szakaly , PR-Audit Ltd., Hungary
USB Attack to Decrypt Wi-Fi Communications Jeremy Dorrough , Genworth Financial
Fighting Back in the War on General Purpose Computers Cory Doctorow , Electronic Frontier Foundation
Remote Access, the APT Ian Latter , Midnight Code
Knocking my neighbor’s kid’s cruddy drone offline Michael Robinson , Stevenson University
Harness: Powershell Weaponization Made Easy (or at least easier) Rich Kelley , Gray Tier Technologies
High-Def Fuzzing: Exploring Vulnerabilities in HDMI-CEC Joshua Smith , Zero Day Initiative, HP Security Research
One Device to Pwn Them All Dr. Phil Polstra , Bloomsburg University
Do Export Controls on “Intrusion Software” Threaten Vulnerability Research? Tom Cross aka Decius , Collin Anderson , Drawbridge Networks
HamSammich – long distance proxying over radio Robert Graham , David Maynor , Erratasec.com
Cracking Cryptocurrency Brainwallets Ryan Castellucci , White Ops
Drive It Like You Hacked It: New Attacks and Tools to Wirelessly Steal Cars Samy Kamkar
From 0 To Secure In 1 Minute — Securing IAAS Nir Valtman , Moshe Ferber , NCR Retail , Cloud Security Alliance Israel
Spread Spectrum Satcom Hacking: Attacking The GlobalStar Simplex Data Service Colby Moore , Synack
Hacking Electric Skateboards: Vehicle Research For Mortals Mike Ryan , Richo Healey , Red Team, eBay , Stripe
Advances in Linux Process Forensics Using ECFS Ryan O'Neill , Leviathan Security Group
Forensic Artifacts From a Pass the Hash Attack Gerard Laygui
Fun with Symboliks atlas , Grimm
Red vs. Blue: Modern Active Directory Attacks & Defense Sean Metcalf , DAn Solutions, Inc.
Ask the EFF: The Year in Digital Civil Liberties Kurt Opsahl , Nate Cardozo , Mark Jaycox , Corynne McSherry , Nadia Kayyali , Peter Eckersley , Electronic Frontier Foundation , EFF , EFF Technology
Hacking SQL Injection for Remote Code Execution on a LAMP stack Nemus
"Quantum" Classification of Malware John Seymour , University of Maryland
Hooked Browser Meshed-Networks with WebRTC and BeEF Christian (@xntrik) Frichot , Asterisk Information Security
Hacking the Human Body/brain: Identity Shift, the Shape of a New Self, and Humanity 2.0 Richard Thieme , ThiemeWorks
How to Shot Web: Web and mobile hacking in 2015 Jason Haddix , Bugcrowd
Remote Exploitation of an Unaltered Passenger Vehicle Charlie Miller , Chris Valasek , Twitter , Vehicle Security Research at IOActive
How to secure the keyboard chain Paul Amicelli , Baptiste David , IT Engineer School - ESIEA in Laval, France
Secure Messaging for Normal People Justin Engler , iSEC Partners
Paranoia and ProxyHam: High-Stakes Anonymity on the Internet Benjamin Caudill , Rhino Security Labs
How to hack your way out of home detention AmmonRa
Who Will Rule the Sky? The Coming Drone Policy Wars Matt Cagle , Eric Cheng , ACLU of Northern California , Aerial Imaging, DJI , DJI SF
Goodbye Memory Scraping Malware: Hold Out Till "Chip And Pin” Weston Hecker , "KLJ Security”
Key-Logger, Video, Mouse — How To Turn Your KVM Into a Raging Key-logging Monster Yaniv Balmas , Lior Oppenheim , Check Point Software Technologies
Abusing native Shims for Post Exploitation Sean Pierce , iSIGHT Partners
REvisiting RE:DoS Eric (XlogicX) Davisson
Hacking Web Apps Brent White , Solutionary, Inc.
Breaking SSL Using Time Synchronisation Attacks Jose Selvi , NCC Group
Hacker in the Wires Dr. Phil Polstra , Bloomsburg University
Staying Persistent in Software Defined Networks Gregory Pickett , Hellfire Security
Malware in the Gaming Micro-economy Zack Allen , Rusty Bower , ZeroFOX
Dissecting the Design of SCADA Web Human Machine Interfaces (HMIs) - Hunting Vulnerabilities Aditya K Sood , Elastica inc. , Threat Research Labs, Elastica inc.
Backdooring Git John Menerick , NetSuite
Security Necromancy: Further Adventures in Mainframe Hacking Philip Young , Chad "Bigendian Smalls” Rikansrud , Mainframe Hacking
ThunderStrike 2: Sith Strike Trammel Hudson , Xeno Kovah , Corey Kallenberg , Two Sigma Investments , LegbaCore, LLC
Seeing through the Fog Zack Fasel , Urbane Security
Why nation-state malwares target Telco Networks: Dissecting technical capabilities of Regin and its counterparts Omer Coskun , KPN REDteam
Separating Bots from the Humans Ryan Mitchell , LinkeDrive Inc
802.11 Massive Monitoring Andres Blanco , Andres Gazzoli , Core Security
Rocking the Pocket Book: Hacking Chemical Plant for Competition and Extortion Marina Krotofil , Jason Larsen , European Network for Cyber Security , IOActive, Inc.
Inter-VM data exfiltration: The art of cache timing covert channel on x86 multi-core Etienne Martineau , Cisco Systems
Are We Really Safe? - Bypassing Access Control Systems Dennis Maldonado , KLC Consulting
Docker, Docker, Give Me The News, I Got A Bad Case Of Securing You David Mortman , Dell Software
'DLL Hijacking' on OS X? #@%& Yeah! Patrick Wardle
Build a free cellular traffic capture tool with a vxworks based femoto Yuwei Zheng , Haoqi Shan , Qihoo 360 Technology Co., Ltd
BurpKit - Using WebKit to Own the Web Nadeem Douba , Red Canari
Unbootable: Exploiting the PayLock SmartBoot Vehicle Immobilizer fluxist , Entrepreneur
NSM 101 for ICS Chris Sistrunk , FireEye, Inc.
I Am Packer And So Can You Mike Sconzo
How to Hack a Tesla Model S Marc Rogers , Kevin Mahaffey , CloudFlare , Lookout Inc
QARK: Android App Exploit and SCA Tool Tony Trummer , Tushar Dalvi , LinkedIn
Scared Poopless – LTE and *your* laptop Mickey Shkatov , Jesse Michael , Intel Advanced Threat Research.
Switches Get Stitches Colin Cassidy , Éireann Leverett , Robert M. Lee , IOActive, Inc.
How to Hack Government: Technologists as Policy Makers Terrell McSweeny , Ashkan Soltani , Federal Trade Commission
Looping Surveillance Cameras through Live Editing of Network Streams Eric Van Albert , Zach Banks
F*ck the attribution, show us your .idb! Morgan Marquis-Boire , Marion Marschalek , Claudio Guarnieri , Citizen Lab , Cyphort Inc , Cuckoo Sandbox
The Bieber Project: Ad Tech 101, Fake Fans and Adventures in Buying Internet Traffic Mark Ryan Talabis , zVelo
Confessions of a Professional Cyber Stalker Ken Westin , Tripwire Inc.
Applied Intelligence: Using Information That's Not There Michael Schrenk
LTE Recon and Tracking with RTLSDR Ian Kline , Wolf Den Associates
Chigula — a framework for Wi-Fi Intrusion Detection and Forensics Vivek Ramachandran
Ubiquity Forensics - Your iCloud and You Sarah Edwards , SANS Institute
Stagefright: Scary Code in the Heart of Android Joshua J. Drake , Zimperium
Stick That In Your (root)Pipe & Smoke It Patrick Wardle , Synack
Licensed to Pwn: The Weaponization and Regulation of Security Research Jim Denaro , Dave Aitel , Matt Blaze , Nate Cardozo , Mara Tam , Catherine “Randy” Wheeler
Hardware and Trust Security: Explain it like I’m 5 Teddy Reed , Nick Anderson , Facebook
DEF CON Comedy Inception: How many levels deep can we go? Larry Pesce , Chris Sistrunk , Will "illwill" Genovese , Chris Blow , Dan Tentler , Amanda Berlin , InGuardians , Mandiant , FireEye, Inc. , Rook Security , Carbon Dynamics , Hurricane Labs
When the Secretary of State says: “Please Stop Hacking Us…” David An
Quantum Computers vs. Computers Security Jean-Philippe Aumasson , Kudelski Security, Switzerland
I’m A Newbie Yet I Can Hack ZigBee – Take Unauthorized Control Over ZigBee Devices LI Jun , YANG Qing , Qihoo 360 Technology Co., Ltd , Chengdu University of Information Technology , Chengdu ,China , Unicorn Team, Qihoo 360 Technology Co. Ltd.
Detecting Randomly Generated Strings; A Language Based Approach Mahdi Namazifar , Cisco Talos Group
Crypto for Hackers Eijah , Demonsaw
Low-cost GPS simulator – GPS spoofing by SDR Lin Huang , Qing Yang , Qihoo 360 Technology Co., Ltd , Unicorn Team, Qihoo 360 Technology Co. Ltd.
Investigating the Practicality and Cost of Abusing Memory Errors with DNS Luke Young , Hydrant Labs LLC
Bugged Files: Is Your Document Telling on You? Daniel “unicornFurnace” Crowley , Damon Smith , NCC Group
NetRipper - Smart traffic sniffing for penetration testers Ionut Popescu , KPMG Romania
Bruce Schneier Q&A Bruce Schneier , Resilient Systems
Linux Containers: Future or Fantasy? Aaron Grattafiori , iSEC Partners/NCC Group
Drinking from LETHE: New methods of exploiting and mitigating memory corruption vulnerabilities Daniel Selifonov , Skyport Systems Inc
Hijacking Arbitrary .NET Application Control Flow Topher Timzen , Intel Corporation
Machine vs. Machine: Inside DARPA’s Fully Automated CTF Michael Walker , Jordan Wiens , DARPA/I2O
And That's How I Lost My Other Eye: Further Explorations In Data Destruction Zoz
Medical Devices: Pwnage and Honeypots Scott Erven , Mark Collao , Protiviti
Don't Whisper my Chips: Sidechannel and Glitching for Fun and Profit Colin O'Flynn , Dalhousie University
NSA Playset: JTAG Implants Joe FitzPatrick , Matt King , SecuringHardware.com
Hackers Hiring Hackers - How to Do Things Better Tottenkoph , IrishMASMS , Rapid7
Introduction to SDR and the Wireless Village DaKahuna , satanklawz
It's The Only Way To Be Sure: Obtaining and Detecting Domain Persistence Grant Bugher , Perimeter Grid
When IoT attacks: hacking a Linux-powered rifle Runa A. Sandvik , Michael Auger
Tell me who you are and I will tell you your lock pattern Marte Løge
Hack the Legacy! IBM i (aka AS/400) Revealed. Bart Kulach (Bartlomiej Jakub Kulach)
Extracting the Painful (blue)tooth Matteo Beccaro , Matteo Collura
REpsych: Psychological Warfare in Reverse Engineering Chris Domas
Guests N’ Goblins: Exposing Wi-Fi Exfiltration Risks and Mitigation techniques Peter Desfigies , Joshua Brierton , Naveed Ul Islam , TELUS Security Solutions , TELUS
Beyond the Scan: The Value Proposition of Vulnerability Assessment Damon Small
Insteon' False Security And Deceptive Documentation Peter Shipley , Ryan Gooler
Abusing XSLT for Practical Attacks Fernando Arnaboldi , IOActive, Inc.
Game of Hacks: Play, Hack & Track Amit Ashbel , Maty Siman , Checkmarx
Chellam – a Wi-Fi IDS/Firewall for Windows Vivek Ramachandran , SecurityTube.net
Angry Hacking - the next generation of binary analysis Yan Shoshitaishvili , Fish Wang , UC Santa Barbara
WhyMI so Sexy? WMI Attacks, Real-Time Defense, and Advanced Forensic Analysis Matt Graeber , Willi Ballenthin , Claudiu Teodorescu , FireEye, Inc.
Abusing Adobe Reader’s JavaScript APIs Brian Gorenc , Abdul-Aziz Hariri , Jasiel Spelman , Zero Day Initiative, HP Security Research
Extending Fuzzing Grammars to Exploit Unexplored Code Paths in Modern Web Browsers Saif El-Sherei , Etienne Stalmans , SensePost
Let's Talk About SOAP, Baby. Let's Talk About UPNP Ricky "HeadlessZeke" Lawshae , HP TippingPoint
DEF CON 101: The Panel. Mike Petruzzi (wiseacre) , Nikita Kronenberg , PushPin , Plug , Russ Rogers
How to Train Your RFID Hacking Tools Craig Young , Tripwire VERT
DIY Nukeproofing: a new dig at "data-mining" 3AlarmLampscooter
Hacking Smart Safes: On the "Brink" of a Robbery Dan “AltF4” Petro , Oscar Salazar , Bishop Fox
RFIDiggity: Pentester Guide to Hacking HF/NFC and UHF RFID Francis Brown , Shubham Shah , Bishop Fox
Pivoting Without Rights – Introducing Pivoter Geoff Walton , Dave Kennedy , TrustedSec , Binary Defense Systems
A Hacker’s Guide to Risk Bruce Potter , The Shmoo Group
Working together to keep the Internet safe and secure Alejandro Mayorkas , Homeland Security
Dark side of the ELF - leveraging dynamic loading to pwn noobs Alessandro Di Federico , Yan Shoshitaishvili , Politecnico di Milano , UC Santa Barbara
Attacking Hypervisors Using Firmware and Hardware Yuriy Bulygin , Mikhail Gorobets , Alexander Matrosov , Oleksandr Bazhaniuk , Andrew Furtak , Intel Advanced Threat Research.