0day for the Soul

0-day Hunting

101 Ways to Brick your Hardware

411: A framework for managing security alerts

7 Jedi Mind Tricks: Influence Your Target With Out A Word

Abusing Bleeding Edge Web Standards for AppSec Glory

(Ab)using Smart Cities: The Dark Age of Modern Mobility

Accessibility: A Creative Solution to Living Without Sight

Active Incident Response

Adding Ramparts to your Bastille: An Introduction to SELinux Hardening

Ads and Messengers: Exploit Me How You Can

Advanced social engineering techniques and the rise of cyber scams industrial complex

A Guide to Outsmarting the Machines

A Journey Through Exploit Mitigation Techniques in iOS

All Your Solar Panels are Belong to Me

A Monitor Darkly: Reversing and Exploiting Ubiquitous On-Screen-Display Controllers in Modern Monitors

....and bad mistakes I've made a few....

An Introduction to Pinworm: Man in the Middle for your Metadata

An Introduction To Pulling Software From Flash via I2C, SPI and JTAG

Anti-Forensics AF

Art of Espionage (v.303)

Ask the EFF

Attacking BaseStations - an Odyssey through a Telco's Network

Attacking EMR (Electronic Health Records) - Using HL7 and DICOM to Hack Critical Infrastructure

Attacking Network Infrastructure to Generate a 4 Tb/s DDoS for $5

Attacks on Enterprise Social Media

Attention Hackers: Cannabis Needs Your Help!

Auditing 6LoWPAN Networks using Standard Penetration Testing Tools

Automated DNS Data Exfiltration and Mitigation

Automated Dorking for Fun and Profit^WSalary

Backdooring Cryptocurrencies: The Underhanded Crypto Contest Winners

Backdooring the Frontdoor

Beyond the MCSE: Red Teaming Active Directory

BioHacking and Mortal Limitations

Biohacking for National Security

Biosafety for the Home Enthusiast

Blinded by the Light

Blockfighting with a Hooker -- BlockfFghter2!

Breaking Bad Crypto: BB'06 [WORKSHOP]

Breaking Payment Points of Interaction

Breaking the Internet of Vibrating Things : What We Learned Reverse Engineering Bluetooth- and Internet-Enabled Adult Toys

BSODomizer HD: A Mischievous FPGA and HDMI Platform for the (M)asses

BtleJuice: the Bluetooth Smart Man In The Middle Framework

Building a Local Passive DNS Tool for Threat Intelligence Research

Building malicious hardware out of analog circuits

Bypassing Captive Portals and Limited Networks

CAN i haz car secret plz?

CANSPY: A Framework for Auditing CAN Devices

Can You Trust Autonomous Vehicles: Contactless Attacks against Sensors of Self-driving Vehicle

Cheap Tools for Hacking Heavy Trucks

Closing Ceremonies

Code breaking - Catching a cheat

Compelled Decryption - State of the Art in Doctrinal Perversions

Connections: Eisenhower and the Internet

Crawling for APIs

CRISPR/Cas9: Newest Tools for Biohacking fun

Crypto for Criminals - The OPSEC Concerns in Using Cryptography

Crypto: State of the Law

Cunning with CNG: Soliciting Secrets from Schannel

Cyber Grand Shellphish

'Cyber' Who Done It?! Attribution Analysis Through Arrest History

DARPA Cyber Grand Challenge Award Ceremony

Deceive and Succeed: Measuring the Efficiency of a Deception Eco-System in Post-Breach Detection

Deep Learning on CAN BUS

DEF CON 101 Panel

DEF CON Welcome & Badge Talk

Detecting and Finding Rogue Access Points

Developing Managed Code Rootkits for the Java Runtime Environment

Direct Memory Attack the Kernel

Discovering and Triangulating Rogue Cell Towers

DIY Nukeproofing: A New Dig at 'Datamining'

DNS Greylisting for Phun and Phishing Prevention

Does Cultural differences become a barrier for social engineering?

Drone Hijacking and other IoT hacking with GNU Radio and XTRX SDR

Drone Security Advisory: Hacking Popular Drones

Drones Hijacking - multi-dimensional attack vectors and countermeasures

Drunk Hacker History: Hacker Stories Powered by C2H6O for Fun & Profit

Dynamic Population Discovery for Lateral Movement Detection (Using Machine Learning)

EagleCAD Basics

Eavesdropping on the Machines

EFF - Ask the EFF: The Year in Digital Civil Liberties

Escaping The Sandbox By Not Breaking It

Esoteric Exfiltration

Ethical Challenges & Responsibilities of Biohackers and Artists

Evil ESP

Examining the Internet's pollution

Exploiting and Attacking Seismological Networks... Remotely

Exploiting a Smart Fridge: a Case Study in Kinetic Cyber

Fancy Dancy Implanty

FCC 5G/IoT Security Policy Objectives

Feds and 0Days: From Before Heartbleed to After FBI-Apple

Fiddler on the Roof: A No-Nonsense Look at Fiddler and Its Usage

Financial Crime: Past, Present, and Future

Flavor-Tripping: a Whole New Way to Taste!

Forcing a Targeted LTE Cellphone into an Unsafe Network

Front Door Nightmare

Frontrunning the Frontrunners

Future Grind

Fuzzing For Humans: Real Fuzzing in the Real World

Game over, man! – Reversing Video Games to Create an Unbeatable AI Player

Getting Started with Cryptography in Python [WORKSHOP]

God is a Human II - Artificial Intelligence and the Nature of Reality

Hacker Fundamentals and Cutting Through Abstraction

Hacker-Machine Interface - State of the Union for SCADA HMI Vulnerabilities

Hacking Hotel Keys and Point of Sale Systems: Attacking Systems Using Magnetic Secure Transmission

Hacking Next-Gen ATM's From Capture to Cashout

Hacking Sensory Perception

Hacking the CHV Badge / Using Yard Stick One for FOB Fun

Handing Full Control of the Radio Spectrum Over to the Machines

Heavy Duty Networks vs Light Duty

Help, I've got ANTs!!!

Hiding Wookiees in HTTP - HTTP smuggling is a thing we should know better and care about

Highlights from the Matasano Challenges [WORKSHOP]

Homologation - Friend or Frenemy?

Honey Onions: Exposing Snooping Tor HSDir Relays

Hot Wheels: Hacking Electronic Wheelchairs

How Do I "BLE Hacking"?

How the Smart-City becomes Stupid

How to backdoor Diffie-Hellman

How to Design Distributed Systems Resilient Despite Malicious Participants

How to Do it Wrong: Smartphone Antivirus and Security Applications Under Fire

How to Find 1,352 WordPress XSS Plugin Vulnerabilities in 1 Hour (not really)

How to get good seats in the security theater? Hacking boarding passes for fun and profit.

How to Make Your Own DEF CON Black Badge

How to Overthrow a Government

How to Remote Control an Airliner: SecurityFLawsin Avionics

How to Un-Work your job: Revolutions, Radicals and Engineering by Committee

HTTP/2 & QUIC: Teaching Good Protocols To Do Bad Things

Human Hacking: You ARE the weakest link.

I Amateur Radio (And So Can You!)

I Fight For The Users, Episode I - Attacks Against Top Consumer Products

Imagine a Beowulf cluster of Pineapples!

Implants

Implants (2)

Implants (3)

Incident Code Name: When SkyFalls A Shaken, Not Stirred, James Bond Tale on Incident Response

Instegogram: Exploiting Instagram for C2 via Image Steganography

Insteon, Inste-off, Inste-open?

Internet of Thieves (or DIY Persistence)

Introducing Man In The Contacts attack to trick encrypted messaging apps

Introducing the HackMeRF

Introduction the Wichcraft Compiler Collection : Towards Universal Code Theft

Intro to Brain Based Authentication

IoT Defenses - Software, Hardware, Wireless and Cloud

Is Your Internet Light On? Protecting Consumers in the Age of Connected Everything

It's Just Software, Right?

I've got 99 Problems, but Little Snitch ain't one

Jittery MacGyver: Lessons Learned from Building a Bionic Hand out of a Coffee Maker

JWTs in a flash!

Kickin' It Old Skool: SDR for Ye Olde Signals

Lessons from the Hacking of Ashley Madison

Let’s Get Physical: Network Attacks Against Physical Security Systems

Lie to Me - LIE TO THEM - Chronicles of "How to save $ at the Strip Club"

Light-Weight Protocol! Serious Equipment! Critical Implications!

Live Drone RF Reverse Engineering

LTE and Its Collective Insecurity

Machine Duping 101: Pwning Deep Learning Systems

Maelstrom - Are You Playing with a Full Deck? : Using a Newly Developed Attack Life Cycle Game to Educate, Demonstrate and Evangelize.

Make Your Own Brain Stimulation Device

Malware Command and Control Channels: A journey into darkness

Managing Digital Codesigning Identities in an Engineering Company

Meet the Feds

Mining VirusTotal for Operational Data and Applying a Quality Control On It

MouseJack: Injecting Keystrokes into Wireless Mice

Mouse Jiggler Offense and Defense

MR. ROBOT Panel

Multi-channel Wardriving Tools for IEEE 802.15.4 and Beyond

My Usability Goes to 11": A Hacker's Guide to User Experience Research

NG9-1-1: The Next Generation of Emergency Ph0nage

Nootropics: Better Living Through Chemistry or Modern-Day Prometheus

Now You See Me, Now You Don't

Oops, I Cracked My PANs

Oops! I made a machine gun: The Progressive Lowering of the Barrier to Entry in Firearms Manufacturing

Open House - Key Signing Party & Lightning Talks

Overview and Evolution of Password-Based Authentication Schemes

Panel - Oldtimers vs Noobz

Phishing without Failure and Frustration

Picking Bluetooth Low Energy Locks from a Quarter Mile Away

Picking Bluetooth Low Energy Locks from a Quarter Mile Away

pin2pwn: How to Root an Embedded Linux Box with a Sewing Needle

Platform agnostic kernel fuzzing

Playing Through the Pain? - The Impact of Secrets and Dark Knowledge on Security and Intelligence Professionals

Practical Penetration Testing of Embedded Devices

Practical Text-Based Steganography: Exfiltrating Data from Secure Networks and Socially Engineering SecOps Analysts [WORKSHOP]

Presenting Security Metrics to the Board / Leadership

privacy by design - it's n0t that difficult

Project CITL

Propaganda and You (and your devices) - How media devices can be used to coerce, and how the same devices can be used to fight back.

Realtime Bluetooth Device Detection with Blue Hydra

Research on the Machines: Help the FTC Protect Privacy & Security

Retweet to Win: How 50 lines of Python made me the luckiest guy on Twitter

Reverse engineering biological research equipment for fun and open science

Reversing and Exploiting Embedded Devices

Reversing LoRa: Deconstructing a Next-Gen Proprietary LPWAN

Revocation, the Frailty of PKI

Rise of the Lovetron9000

Robot Hacks Video Games: How TASBot Exploits Consoles with Custom Controllers

Saflok or Unsaflok, That is the Question

Samsung Pay: Tokenized Numbers, Flaws and Issues

SCAM CALL – Call Dropped

Secure Penetration Testing Operations: Demonstrated Weaknesses in Learning Material and Tools

Security Flaws in Automotive Immobilizer

Security Logs Aren't Enough: Logging for User Data Protection

Sense & Avoid: Some laws to know before you break IoT

Sentient Storage - Do SSDs Have a Mind of Their Own?

Side-channel Attacks on High-security Electronic Safe Locks

Silicon Valley Asks DC About Freedom, Crypto, & the Cybers

SITCH - Inexpensive, Coordinated GSM Anomaly Detection

Six Degrees of Domain Admin - Using Graph Theory to Accelerate Red Team Operations

Sk3wlDbg: Emulating All (well many) of the Things with Ida

Slack as Intelligence Collector or "how anime cons get weird"

Slaying Rogue Access Points with Python and Cheap Hardware

Slouching Towards Utopia: The State of the Internet Dream

SNMP and IoT Devices: Let me Manage that for you Bro!

So You Think You Want To Be a Penetration Tester

SSL Visibility, Uncovered

Stargate: Pivoting Through VNC to Own Internal Networks

State of the Curve: 2016

Sticky Keys To The Kingdom: Pre-auth RCE Is More Common Than You Think

Stumping the Mobile Chipset

Tabletop Cryptography

Taking Down Skynet (By Subverting the Command and Control Channel)

Tales from the Dongosphere: Lessons Learned Hosting Public Email for 4chan

TBA

TBD

The Bioethics of BioHacking

The Covert Cupid Under .11 Veil !!! /* Approach for Covert WIFI */

The Era of Bio Big Data: Benefits and Challenges for Information Security, Health, the Economy, and National Security

The Live SEPodcast

The Mitsubishi Hack Explained

The New White Hat Hacking: Computational Biology for the Good of Mankind

The Next Big Thing in Bioterrorism

The next John Moses Browning will use GitHub

The Other Way to Get a Hairy Hand; or, Contracts for Hackers

The Remote Metamorphic Engine: Detecting, Evading, Attacking the AI and Reverse Engineering

Thermostat Randomware and Workshop

The State of HTTPS: Securing Web Traffic Is Not What It Used to Be

The Trials & Tribulations of an Infosec Pro in the Government Sector

The Wizard of Oz – Painting a reality through deception

This Year in Crypto & Privacy

To Beat the Toaster, We Must Become the Toaster: How to Show A.I. Who's Boss in the Robot Apocalypse

To Beat the Toaster, You Must Become the Toaster: How to Show AI Who's Boss in the Robot Apocalypse

To Catch An APT: YARA

Toxic Proxies - Bypassing HTTPS and VPNs to Pwn Your Online Identity

Tranewreck

Universal Serial aBUSe: Remote Physical Access Attacks

Use JTAG tools to get root on a Raspberry Pi

Use JTAG tools to get root on a Raspberry Pi (2)

Use Their Machines Against Them: Loading Code with a Copier

US Interrogation Techniques and Social Engineering

V2V communications an introduction

Vehicle-to-Infrastructure (V2X)

Verifying IPS Coverage Claims: Here's How

Video Games Can Teach Science: ScienceGameCenter.org

VLAN hopping, ARP Poisoning and Man-In-The-Middle Attacks in Virtualized Environments

Vulnerabilities 101: How to Launch or Improve Your Vulnerability Research Game

WCTF Day 2 Kickoff

Weaponize Your Feature Codes

Weaponizing Data Science for Social Engineering: Automated E2E Spear Phishing on Twitter

What's Lurking Inside MP3 Files That Can Hurt You?

When Privacy Goes Poof! Why It's Gone and Never Coming Back

Why Snowden's Leaks Were Inevitable

Wireless Capture the Flag

Wireless Capture the Flag Inbrief

You Are Being Manipulated

You are being manipulated