100 Seconds of Solitude: Defeating Cisco Trust Anchor With FPGA Bitstream Shenanigans

Adventures In Smart Buttplug Penetration (testing)

A Hacker Guide To Deep-Learning Based Side Channel Attacks

All the 4G modules Could be Hacked

Apache Solr Injection

API-Induced SSRF: How Apple Pay Scattered Vulnerabilities Across the Web

Are Quantum Computers Really A Threat To Cryptography? A Practical Overview Of Current State-Of-The-Art Techniques With Some Interesting Surprises

Are Your Child's Records at Risk? The Current State of School Infosec

Backdooring Hardware Devices By Injecting Malicious Payloads On Microcontrollers

Behind the Scenes of the DEF CON 27 Badge

Behind the Scenes: The Industry of Social Media Manipulation Driven by Malware

Breaking Google Home: Exploit It with SQLite(Magellan)

Breaking The Back End! It Is Not Always A Bug. Sometimes, It Is Just Bad Design!

Can You Track Me Now? Why The Phone Companies Are Such A Privacy Disaster

Change the World, cDc Style: Cow tips from the first 35 years

Cheating in eSports: How to Cheat at Virtual Cycling Using USB Hacks

Closing Ceremonies

Confessions of an Nespresso Money Mule: Free Stuff & Triangulation Fraud

Contests Awards Ceremony

D0 N0 H4RM: A Healthcare Security Conversation

DEF CON 101 Panel

Defeating Bluetooth Low Energy 5 PRNG for Fun and Jamming

Don't Red-Team AI Like a Chump

Duplicating Restricted Mechanical Keys

EDR Is Coming; Hide Yo Sh!t

Evil eBPF In-Depth: Practical Abuses of an In-Kernel Bytecode Runtime

Exploiting Qualcomm WLAN and Modem Over The Air

Exploiting Windows Exploit Mitigation for ROP Exploits

Firmware Slap: Automating Discovery of Exploitable Vulnerabilities in Firmware

Get off the Kernel if you can’t Drive

Go NULL Yourself or: How I Learned to Start Worrying While Getting Fined for Other’s Auto Infractions

GSM: We Can Hear Everyone Now!

Hacking Congress: The Enemy Of My Enemy Is My Friend

Hacking WebAssembly Games with Binary Instrumentation

Hacking Your Thoughts - Batman Forever meets Black Mirror

HackPac: Hacking Pointer Authentication in iOS User Space

HAKC THE POLICE

Harnessing Weapons of Mac Destruction

Help Me, Vulnerabilities. You're My Only Hope

How You Can Buy AT&T, T-Mobile, and Sprint Real-Time Location Data on the Black Market

HTTP Desync Attacks: Smashing into the Cell Next Door

HVACking: Understand the Difference Between Security and Reality!

I Know What You Did Last Summer: 3 Years of Wireless Monitoring at DEF CON

I'm In Your Cloud... Pwning Your Azure Environement

I'm on your phone, listening - Attacking VoIP Configuration Interfaces

Infiltrating Corporate Intranet Like NSA ̶Pre-auth RCE on Leading SSL VPNs

Information Security in the Public Interest

Intro to Embedded Hacking—How you too can find a decade old bug in widely deployed devices. [REDACTED] Deskphones, a case study.

Malproxying: Leave Your Malware at Home

Meet the EFF - Meetup Panel

Meticulously Modern Mobile Manipulations

[ MI CASA-SU CASA ] My 192.168.1.1 is Your 192.168.1.1

More Keys Than A Piano: Finding Secrets In Publicly Exposed Ebs Volumes

MOSE: Using Configuration Management for Evil

.NET Malware Threats: Internals And Reversing

Next Generation Process Emulation with Binee

NOC NOC. Who's there? All. All who? All the things you wanted to know about the DEF CON NOC and we won't tell you about

No Mas – How One Side-Channel Flaw Opens Atm, Pharmacies and Government Secrets Up to Attack

Owning The Cloud Through Server-Side Request Forgery

Panel: DEF CON Groups

Phreaking Elevators

Please Inject Me, a x64 Code Injection

Poking the S in SD cards

Practical Key Search Attacks Against Modern Symmetric Ciphers

Process Injection Techniques - Gotta Catch Them All

RACE - Minimal Rights and ACE for Active Directory Dominance

Relaying Credentials Has Never Been Easier: How to Easily Bypass the Latest NTLM Relay Mitigations

Reverse Engineering 17+ Cars in Less Than 10 Minutes

Reverse-Engineering 4g Hotspots for Fun, Bugs and Net Financial Loss

Re: What's up Johnny? – Covert Content Attacks on Email End-to-End Encryption

Rise of the Hypebots: Scripting Streetwear

Say Cheese - How I Ransomwared Your DSLR Camera

SDR Against Smart TVs: URL and Channel Injection Attacks

SELECT code_execution FROM * USING SQLite;—Gaining code execution using a malicious SQLite database

Sound Effects: Exploring Acoustic Cyber-weapons

SSO Wars: The Token Menace

State of DNS Rebinding - Attack & Prevention Techniques and the Singularity of Origin

Surveillance Detection Scout - Your Lookout on Autopilot

Tag-side attacks against NFC

The ABC of Next-Gen Shellcoding

The Ether Wars: Exploits, counter-exploits and honeypots on Ethereum

The JOP ROCKET: A Supremely Wicked Tool for JOP Gadget Discovery, or What to Do If ROP Is Too Easy

The Tor Censorship Arms Race: The Next Chapter

Unpacking Pkgs: A Look Inside Macos Installer Packages And Common Security Flaws

Vacuum Cleaning Security—Pinky and the Brain Edition

Want Strong Isolation? Just Reset Your Processor

Weaponizing Hypervisors to Fight and Beat Car and Medical Devices Attacks

Web2Own: Attacking Desktop Apps From Web Security's Perspective

We Hacked Twitter… And the World Lost Their Sh*t Over It!

Why You Should Fear Your “mundane” Office Equipment

Your Car is My Car

Your Secret Files Are Mine: Bug Finding And Exploit Techniques On File Transfer App Of All Top Android Vendors

Zero bugs found? Hold my Beer AFL! How To Improve Coverage-Guided Fuzzing and Find New 0days in Tough Targets

Zombie Ant Farm: Practical Tips for Playing Hide and Seek with Linux EDRs