2016-08-06

09:00

• Saflok or Unsaflok, That is the Question

10:00

• How to Overthrow a Government

• I Fight For The Users, Episode I - Attacks Against Top Consumer Products

• Developing Managed Code Rootkits for the Java Runtime Environment

• Escaping The Sandbox By Not Breaking It

• To Beat the Toaster, We Must Become the Toaster: How to Show A.I. Who's Boss in the Robot Apocalypse

• WCTF Day 2 Kickoff

• Silicon Valley Asks DC About Freedom, Crypto, & the Cybers

10:10

• Hot Wheels: Hacking Electronic Wheelchairs

• To Catch An APT: YARA

10:30

• Oops, I Cracked My PANs

11:00

• Jittery MacGyver: Lessons Learned from Building a Bionic Hand out of a Coffee Maker

• Light-Weight Protocol! Serious Equipment! Critical Implications!

• Picking Bluetooth Low Energy Locks from a Quarter Mile Away

• Secure Penetration Testing Operations: Demonstrated Weaknesses in Learning Material and Tools

• God is a Human II - Artificial Intelligence and the Nature of Reality

• JWTs in a flash!

• Evil ESP

• SSL Visibility, Uncovered

• Attacking EMR (Electronic Health Records) - Using HL7 and DICOM to Hack Critical Infrastructure

11:10

• How to Find 1,352 WordPress XSS Plugin Vulnerabilities in 1 Hour (not really)

11:30

• The State of HTTPS: Securing Web Traffic Is Not What It Used to Be

• Implants (2)

12:00

• Bypassing Captive Portals and Limited Networks

• Stargate: Pivoting Through VNC to Own Internal Networks

• CANSPY: A Framework for Auditing CAN Devices

• Attacking Network Infrastructure to Generate a 4 Tb/s DDoS for $5

• Art of Espionage (v.303)

• Overview and Evolution of Password-Based Authentication Schemes

• An Introduction To Pulling Software From Flash via I2C, SPI and JTAG

• Slaying Rogue Access Points with Python and Cheap Hardware

• Code breaking - Catching a cheat

• The New White Hat Hacking: Computational Biology for the Good of Mankind

12:10

• How the Smart-City becomes Stupid

• HTTP/2 & QUIC: Teaching Good Protocols To Do Bad Things

12:30

• Retweet to Win: How 50 lines of Python made me the luckiest guy on Twitter

• pin2pwn: How to Root an Embedded Linux Box with a Sewing Needle

• Open House - Key Signing Party & Lightning Talks

• Insteon, Inste-off, Inste-open?

• Reverse engineering biological research equipment for fun and open science

13:00

• Six Degrees of Domain Admin - Using Graph Theory to Accelerate Red Team Operations

• MouseJack: Injecting Keystrokes into Wireless Mice

• Cunning with CNG: Soliciting Secrets from Schannel

• NG9-1-1: The Next Generation of Emergency Ph0nage

• Panel - Oldtimers vs Noobz

• Drone Hijacking and other IoT hacking with GNU Radio and XTRX SDR

• SNMP and IoT Devices: Let me Manage that for you Bro!

13:10

• Now You See Me, Now You Don't

13:30

• Breaking Bad Crypto: BB'06 [WORKSHOP]

• Ethical Challenges & Responsibilities of Biohackers and Artists

14:00

• Weaponizing Data Science for Social Engineering: Automated E2E Spear Phishing on Twitter

• Universal Serial aBUSe: Remote Physical Access Attacks

• Hacker-Machine Interface - State of the Union for SCADA HMI Vulnerabilities

• SITCH - Inexpensive, Coordinated GSM Anomaly Detection

• Practical Penetration Testing of Embedded Devices

• Drone Security Advisory: Hacking Popular Drones

14:10

• Attacks on Enterprise Social Media

14:30

• It's Just Software, Right?

15:00

• Forcing a Targeted LTE Cellphone into an Unsafe Network

• Playing Through the Pain? - The Impact of Secrets and Dark Knowledge on Security and Intelligence Professionals

• Exploiting and Attacking Seismological Networks... Remotely

• Phishing without Failure and Frustration

• Tales from the Dongosphere: Lessons Learned Hosting Public Email for 4chan

• EFF - Ask the EFF: The Year in Digital Civil Liberties

• Use JTAG tools to get root on a Raspberry Pi (2)

• Blinded by the Light

• Reversing and Exploiting Embedded Devices

• 0day for the Soul

15:10

• Dynamic Population Discovery for Lateral Movement Detection (Using Machine Learning)

15:30

• Internet of Thieves (or DIY Persistence)

• The Bioethics of BioHacking

16:00

• 'Cyber' Who Done It?! Attribution Analysis Through Arrest History

• DIY Nukeproofing: A New Dig at 'Datamining'

• I've got 99 Problems, but Little Snitch ain't one

• A Journey Through Exploit Mitigation Techniques in iOS

• Oops! I made a machine gun: The Progressive Lowering of the Barrier to Entry in Firearms Manufacturing

• Highlights from the Matasano Challenges [WORKSHOP]

• Human Hacking: You ARE the weakest link.

• Multi-channel Wardriving Tools for IEEE 802.15.4 and Beyond

• Tranewreck

• The Era of Bio Big Data: Benefits and Challenges for Information Security, Health, the Economy, and National Security

16:10

• Fuzzing For Humans: Real Fuzzing in the Real World

16:30

• All Your Solar Panels are Belong to Me

• Ask the EFF

• Esoteric Exfiltration

• The Next Big Thing in Bioterrorism

17:00

• Drunk Hacker History: Hacker Stories Powered by C2H6O for Fun & Profit

• Abusing Bleeding Edge Web Standards for AppSec Glory

• Crypto: State of the Law

• Sticky Keys To The Kingdom: Pre-auth RCE Is More Common Than You Think

• The next John Moses Browning will use GitHub

• V2V communications an introduction

• Thermostat Randomware and Workshop

• ....and bad mistakes I've made a few....

• Imagine a Beowulf cluster of Pineapples!

• Intro to Brain Based Authentication

17:10

• Mining VirusTotal for Operational Data and Applying a Quality Control On It

17:30

• Propaganda and You (and your devices) - How media devices can be used to coerce, and how the same devices can be used to fight back.

• Make Your Own Brain Stimulation Device

18:00

• Taking Down Skynet (By Subverting the Command and Control Channel)

• Deep Learning on CAN BUS

• SCAM CALL – Call Dropped

18:10

• Fiddler on the Roof: A No-Nonsense Look at Fiddler and Its Usage

19:00

• Security Flaws in Automotive Immobilizer

• How to Un-Work your job: Revolutions, Radicals and Engineering by Committee

20:00

• Advanced social engineering techniques and the rise of cyber scams industrial complex