DEF CON 24 - Thursday, August 4
10:00
Chio
Machine Duping 101: Pwning Deep Learning Systems
11:00
Steiger
Maelstrom - Are You Playing with a Full Deck? : Using a Newly Developed Attack Life Cycle Game to Educate, Demonstrate and Evangelize.
12:00
Metcalf
Beyond the MCSE: Red Teaming Active Directory
13:00
Rosario
Weaponize Your Feature Codes
14:00
Granolocks, Zero_Chaos
Realtime Bluetooth Device Detection with Blue Hydra
15:00
LosT
Hacker Fundamentals and Cutting Through Abstraction
16:00
Clark, CrYpT, HighWiz, Korpi, Kronenberg, Petruzzi
DEF CON 101 Panel
DEF CON 24 - Friday, August 5
09:00
grecs
The Trials & Tribulations of an Infosec Pro in the Government Sector
10:00
Healey
Feds and 0Days: From Before Heartbleed to After FBI-Apple
Prabhakar, Walker
DARPA Cyber Grand Challenge Award Ceremony
Brossard
Introduction the Wichcraft Compiler Collection : Towards Universal Code Theft
Grand, Zoz
BSODomizer HD: A Mischievous FPGA and HDMI Platform for the (M)asses
Berry, Besel
Automated DNS Data Exfiltration and Mitigation
Vehicle-to-Infrastructure (V2X)
Use JTAG tools to get root on a Raspberry Pi
Wireless Capture the Flag Inbrief
O'Shea
Future Grind
10:10
Exploiting a Smart Fridge: a Case Study in Kinetic Cyber
10:30
nibb13
Tabletop Cryptography
Graafstra
Fancy Dancy Implanty
11:00
Levison
Compelled Decryption - State of the Art in Doctrinal Perversions
Zatko, Zatko
Project CITL
LoST, Tangent
DEF CON Welcome & Badge Talk
Cranor, Felten, Mayer
Meet the Feds
Munin
DNS Greylisting for Phun and Phishing Prevention
The Mitsubishi Hack Explained
This Year in Crypto & Privacy
Reversing LoRa: Deconstructing a Next-Gen Proprietary LPWAN
Mr_Br!ml3y
Biosafety for the Home Enthusiast
11:10
Williams
Presenting Security Metrics to the Board / Leadership
11:30
TBA
Graafstra
Implants
12:00
Noubir, Sanatinia
Honey Onions: Exposing Snooping Tor HSDir Relays
K2
Blockfighting with a Hooker -- BlockfFghter2!
Noelscher, Vidal
CAN i haz car secret plz?
Lee, Zhong
411: A framework for managing security alerts
Patel
Accessibility: A Creative Solution to Living Without Sight
Hacking the CHV Badge / Using Yard Stick One for FOB Fun
Gervais
Practical Text-Based Steganography: Exfiltrating Data from Secure Networks and Socially Engineering SecOps Analysts [WORKSHOP]
Building malicious hardware out of analog circuits
How Do I "BLE Hacking"?
Weber, Wegzyn
Biohacking for National Security
12:10
FCC 5G/IoT Security Policy Objectives
Zohar
Deceive and Succeed: Measuring the Efficiency of a Deception Eco-System in Post-Breach Detection
12:30
Vixie
Frontrunning the Frontrunners
Haystack, Six_Volts
Cheap Tools for Hacking Heavy Trucks
Handing Full Control of the Radio Spectrum Over to the Machines
Alan
Flavor-Tripping: a Whole New Way to Taste!
13:00
Cranor, McSweeny
Research on the Machines: Help the FTC Protect Privacy & Security
Beccaro, Collura
(Ab)using Smart Cities: The Dark Age of Modern Mobility
FitzPatrick, Leibowitz, McElroy, Michael, Pierce, Shkatov
How to Make Your Own DEF CON Black Badge
Kopchak
Sentient Storage - Do SSDs Have a Mind of Their Own?
,
A Guide to Outsmarting the Machines
Thieme
When Privacy Goes Poof! Why It's Gone and Never Coming Back
Introducing the HackMeRF
Sense & Avoid: Some laws to know before you break IoT
13:10
Beale
Adding Ramparts to your Bastille: An Introduction to SELinux Hardening
14:00
Perlman
How to Design Distributed Systems Resilient Despite Malicious Participants
Charbonneau, Cui, Kataria
A Monitor Darkly: Reversing and Exploiting Ubiquitous On-Screen-Display Controllers in Modern Monitors
Frisk
Direct Memory Attack the Kernel
int0x80
Anti-Forensics AF
Mansur
Financial Crime: Past, Present, and Future
Thorsheim
Lessons from the Hacking of Ashley Madison
Ramsey, Rose
Picking Bluetooth Low Energy Locks from a Quarter Mile Away
Detecting and Finding Rogue Access Points
14:10
GrayRaven
You Are Being Manipulated
15:00
Westerhold
How to Remote Control an Airliner: SecurityFLawsin Avionics
Granick
Slouching Towards Utopia: The State of the Internet Dream
Abdelgawad
The Remote Metamorphic Engine: Detecting, Evading, Attacking the AI and Reverse Engineering
Estell, Murray
Eavesdropping on the Machines
Valtman, Watson
Breaking Payment Points of Interaction
Anderson, Grant, Rousseau
Instegogram: Exploiting Instagram for C2 via Image Steganography
The Covert Cupid Under .11 Veil !!! /* Approach for Covert WIFI */
BtleJuice: the Bluetooth Smart Man In The Middle Framework
Lee
Rise of the Lovetron9000
15:10
Small
Connections: Eisenhower and the Internet
15:30
Matos
Introducing Man In The Contacts attack to trick encrypted messaging apps
16:00
Cecil
Robot Hacks Video Games: How TASBot Exploits Consoles with Custom Controllers
Plore
Side-channel Attacks on High-security Electronic Safe Locks
follower, goldfisk
Breaking the Internet of Vibrating Things : What We Learned Reverse Engineering Bluetooth- and Internet-Enabled Adult Toys
FitzPatrick, Grand
101 Ways to Brick your Hardware
Williams
Why Snowden's Leaks Were Inevitable
Sanatinia
Getting Started with Cryptography in Python [WORKSHOP]
TBD
Ishikawa
Does Cultural differences become a barrier for social engineering?
Kickin' It Old Skool: SDR for Ye Olde Signals
Is Your Internet Light On? Protecting Consumers in the Age of Connected Everything
Lawless, Szkatulski
To Beat the Toaster, You Must Become the Toaster: How to Show AI Who's Boss in the Robot Apocalypse
16:10
Reesalu
Automated Dorking for Fun and Profit^WSalary
16:30
Mendoza
Samsung Pay: Tokenized Numbers, Flaws and Issues
Adana, Rogers, Tangent
MR. ROBOT Panel
17:00
Hecker
Hacking Next-Gen ATM's From Capture to Cashout
Eagle
Sk3wlDbg: Emulating All (well many) of the Things with Ida
Woodberg
Malware Command and Control Channels: A journey into darkness
, Pordon
Lie to Me - LIE TO THEM - Chronicles of "How to save $ at the Strip Club"
Live Drone RF Reverse Engineering
Kennedy
The Wizard of Oz – Painting a reality through deception
Blalock, Caughron
Revocation, the Frailty of PKI
Stegman
Video Games Can Teach Science: ScienceGameCenter.org
17:10
Montgomery
Verifying IPS Coverage Claims: Here's How
17:30
Koivisto
privacy by design - it's n0t that difficult
18:00
Glass
Slack as Intelligence Collector or "how anime cons get weird"
Connolly
State of the Curve: 2016
Hadnagy
7 Jedi Mind Tricks: Influence Your Target With Out A Word
I Amateur Radio (And So Can You!)
Kloc
Security Logs Aren't Enough: Logging for User Data Protection
Gostomelsky, Naydin
BioHacking and Mortal Limitations
18:10
Mitchell
Crawling for APIs
19:00
Anderson
US Interrogation Techniques and Social Engineering
Wong
How to backdoor Diffie-Hellman
20:00
Powell
You are being manipulated
DEF CON 24 - Saturday, August 6
09:00
Saflok or Unsaflok, That is the Question
10:00
Rock
How to Overthrow a Government
Fasel, Jacobs
I Fight For The Users, Episode I - Attacks Against Top Consumer Products
Holland
Developing Managed Code Rootkits for the Java Runtime Environment
Grassi, He
Escaping The Sandbox By Not Breaking It
,
To Beat the Toaster, We Must Become the Toaster: How to Show A.I. Who's Boss in the Robot Apocalypse
WCTF Day 2 Kickoff
Hurd, Stamos, Swalwell
Silicon Valley Asks DC About Freedom, Crypto, & the Cybers
10:10
Hot Wheels: Hacking Electronic Wheelchairs
DiMartino
To Catch An APT: YARA
10:30
qu0rum
Oops, I Cracked My PANs
11:00
Booth
Jittery MacGyver: Lessons Learned from Building a Bionic Hand out of a Coffee Maker
Hindocha, Lundgren
Light-Weight Protocol! Serious Equipment! Critical Implications!
Ramsey, Rose
Picking Bluetooth Low Energy Locks from a Quarter Mile Away
McGrew
Secure Penetration Testing Operations: Demonstrated Weaknesses in Learning Material and Tools
Cassiopiea
God is a Human II - Artificial Intelligence and the Nature of Reality
Johnson
JWTs in a flash!
Evil ESP
Brandt
SSL Visibility, Uncovered
Hudson
Attacking EMR (Electronic Health Records) - Using HL7 and DICOM to Hack Critical Infrastructure
11:10
Cashdollar
How to Find 1,352 WordPress XSS Plugin Vulnerabilities in 1 Hour (not really)
11:30
J4RV1S
The State of HTTPS: Securing Web Traffic Is Not What It Used to Be
Graafstra
Implants (2)
12:00
Bugher
Bypassing Captive Portals and Limited Networks
Klijnsma, Tentler
Stargate: Pivoting Through VNC to Own Internal Networks
Demay, Lebrun
CANSPY: A Framework for Auditing CAN Devices
Young
Attacking Network Infrastructure to Generate a 4 Tb/s DDoS for $5
Borden, Pyr0
Art of Espionage (v.303)
Korchagin
Overview and Evolution of Password-Based Authentication Schemes
An Introduction To Pulling Software From Flash via I2C, SPI and JTAG
Slaying Rogue Access Points with Python and Cheap Hardware
Zaidenberg
Code breaking - Catching a cheat
Schumann, Stevens
The New White Hat Hacking: Computational Biology for the Good of Mankind
12:10
How the Smart-City becomes Stupid
Pearce, Vincent
HTTP/2 & QUIC: Teaching Good Protocols To Do Bad Things
12:30
Scott
Retweet to Win: How 50 lines of Python made me the luckiest guy on Twitter
Dixon
pin2pwn: How to Root an Embedded Linux Box with a Sewing Needle
Open House - Key Signing Party & Lightning Talks
Insteon, Inste-off, Inste-open?
Dapello, Fracchia
Reverse engineering biological research equipment for fun and open science
13:00
Robbins, Schroeder, Vazarkar
Six Degrees of Domain Admin - Using Graph Theory to Accelerate Red Team Operations
Newlin
MouseJack: Injecting Keystrokes into Wireless Mice
Kambic
Cunning with CNG: Soliciting Secrets from Schannel
Forgety, Kreilein
NG9-1-1: The Next Generation of Emergency Ph0nage
Panel - Oldtimers vs Noobz
Drone Hijacking and other IoT hacking with GNU Radio and XTRX SDR
SNMP and IoT Devices: Let me Manage that for you Bro!
13:10
Lakhani, Muniz
Now You See Me, Now You Don't
13:30
Valsorda
Breaking Bad Crypto: BB'06 [WORKSHOP]
Sundman
Ethical Challenges & Responsibilities of Biohackers and Artists
14:00
Seymour, Tully
Weaponizing Data Science for Social Engineering: Automated E2E Spear Phishing on Twitter
Dawes, White
Universal Serial aBUSe: Remote Physical Access Attacks
Gorenc, Sands
Hacker-Machine Interface - State of the Union for SCADA HMI Vulnerabilities
ashmastaflash
SITCH - Inexpensive, Coordinated GSM Anomaly Detection
Edge
Practical Penetration Testing of Embedded Devices
Drone Security Advisory: Hacking Popular Drones
14:10
Raggo
Attacks on Enterprise Social Media
14:30
It's Just Software, Right?
15:00
Shan, Zhang
Forcing a Targeted LTE Cellphone into an Unsafe Network
Thieme
Playing Through the Pain? - The Impact of Secrets and Dark Knowledge on Security and Intelligence Professionals
Bonilla, Jara
Exploiting and Attacking Seismological Networks... Remotely
Beale, Pesce
Phishing without Failure and Frustration
Canfield
Tales from the Dongosphere: Lessons Learned Hosting Public Email for 4chan
Cardozo, Crocker, Galperin, Giliula, Opsahl, Rodriguez
EFF - Ask the EFF: The Year in Digital Civil Liberties
Use JTAG tools to get root on a Raspberry Pi (2)
Blinded by the Light
Reversing and Exploiting Embedded Devices
Tarah
0day for the Soul
15:10
Soto, Zadeh
Dynamic Population Discovery for Lateral Movement Detection (Using Machine Learning)
15:30
Internet of Thieves (or DIY Persistence)
Dameff
The Bioethics of BioHacking
16:00
Kouns
'Cyber' Who Done It?! Attribution Analysis Through Arrest History
3AlarmLampScooter
DIY Nukeproofing: A New Dig at 'Datamining'
Wardle
I've got 99 Problems, but Little Snitch ain't one
Bazaliy
A Journey Through Exploit Mitigation Techniques in iOS
Oops! I made a machine gun: The Progressive Lowering of the Barrier to Entry in Firearms Manufacturing
Cheung
Highlights from the Matasano Challenges [WORKSHOP]
Ward, Winegard
Human Hacking: You ARE the weakest link.
Multi-channel Wardriving Tools for IEEE 802.15.4 and Beyond
Tranewreck
You
The Era of Bio Big Data: Benefits and Challenges for Information Security, Health, the Economy, and National Security
16:10
Pereyda
Fuzzing For Humans: Real Fuzzing in the Real World
16:30
Bret-Mounet
All Your Solar Panels are Belong to Me
Cardozo, Crocker, Galperin, Giliula, Opsahl, Rodriguez
Ask the EFF
Riggins
Esoteric Exfiltration
Sutton
The Next Big Thing in Bioterrorism
17:00
Drunk Hacker History: Hacker Stories Powered by C2H6O for Fun & Profit
Lester, Zadegan
Abusing Bleeding Edge Web Standards for AppSec Glory
Cardozo
Crypto: State of the Law
Maldonado, McGuffin
Sticky Keys To The Kingdom: Pre-auth RCE Is More Common Than You Think
Kasarda, McCollum
The next John Moses Browning will use GitHub
V2V communications an introduction
Thermostat Randomware and Workshop
Street
....and bad mistakes I've made a few....
Imagine a Beowulf cluster of Pineapples!
Segado, Swaine-Simon
Intro to Brain Based Authentication
17:10
Ziabari
Mining VirusTotal for Operational Data and Applying a Quality Control On It
17:30
Propaganda and You (and your devices) - How media devices can be used to coerce, and how the same devices can be used to fight back.
Segado, Swaine-Simon
Make Your Own Brain Stimulation Device
18:00
Taking Down Skynet (By Subverting the Command and Control Channel)
Deep Learning on CAN BUS
Borg
SCAM CALL – Call Dropped
18:10
Gangwere
Fiddler on the Roof: A No-Nonsense Look at Fiddler and Its Usage
19:00
Security Flaws in Automotive Immobilizer
Zani
How to Un-Work your job: Revolutions, Radicals and Engineering by Committee
20:00
Sidek
Advanced social engineering techniques and the rise of cyber scams industrial complex
DEF CON 24 - Sunday, August 7
09:00
Raggo
What's Lurking Inside MP3 Files That Can Hurt You?
10:00
Huber, Rasthofer
How to Do it Wrong: Smartphone Antivirus and Security Applications Under Fire
Hecker
Hacking Hotel Keys and Point of Sale Systems: Attacking Systems Using Magnetic Secure Transmission
Benson
Examining the Internet's pollution
Jaroszewski
How to get good seats in the security theater? Hacking boarding passes for fun and profit.
O’Connor
The Other Way to Get a Hairy Hand; or, Contracts for Hackers
Heavy Duty Networks vs Light Duty
0-day Hunting
The Live SEPodcast
10:30
Keenan
CRISPR/Cas9: Newest Tools for Biohacking fun
11:00
regilero
Hiding Wookiees in HTTP - HTTP smuggling is a thing we should know better and care about
Escobar
Discovering and Triangulating Rogue Cell Towers
Mike
Use Their Machines Against Them: Loading Code with a Copier
Coley, Drake
Vulnerabilities 101: How to Launch or Improve Your Vulnerability Research Game
Front Door Nightmare
IoT Defenses - Software, Hardware, Wireless and Cloud
Novich
Hacking Sensory Perception
11:10
Wang
Building a Local Passive DNS Tool for Threat Intelligence Research
11:30
Sidorov, Zaitov
Managing Digital Codesigning Identities in an Engineering Company
Graafstra
Implants (3)
12:00
Butterly, Schmidt
Attacking BaseStations - an Odyssey through a Telco's Network
Lawshae
Let’s Get Physical: Network Attacks Against Physical Security Systems
Petro
Game over, man! – Reversing Video Games to Create an Unbeatable AI Player
Anch
So You Think You Want To Be a Penetration Tester
,
Active Incident Response
Bambenek
Crypto for Criminals - The OPSEC Concerns in Using Cryptography
EagleCAD Basics
Wireless Capture the Flag
Norcie
My Usability Goes to 11": A Hacker's Guide to User Experience Research
12:10
McAuley, Moore
LTE and Its Collective Insecurity
12:30
Caudill, Hornby
Backdooring Cryptocurrencies: The Underhanded Crypto Contest Winners
13:00
Liu, Xu, Yan
Can You Trust Autonomous Vehicles: Contactless Attacks against Sensors of Self-driving Vehicle
Luo
Drones Hijacking - multi-dimensional attack vectors and countermeasures
Jmaxxz
Backdooring the Frontdoor
Dr. Pill
Mouse Jiggler Offense and Defense
Chook, Kemper
Homologation - Friend or Frenemy?
Zaytsev
Attention Hackers: Cannabis Needs Your Help!
13:10
Plug
Incident Code Name: When SkyFalls A Shaken, Not Stirred, James Bond Tale on Incident Response
13:30
GingerBread Man
Nootropics: Better Living Through Chemistry or Modern-Day Prometheus
14:00
Szakaly
Help, I've got ANTs!!!
bigezy, saci
An Introduction to Pinworm: Man in the Middle for your Metadata
Bull, Matthews, Trumbull
VLAN hopping, ARP Poisoning and Man-In-The-Middle Attacks in Virtualized Environments
Chapman, Stone
Toxic Proxies - Bypassing HTTPS and VPNs to Pwn Your Online Identity
Saadeldin, Saher
Ads and Messengers: Exploit Me How You Can
15:00
Donenfeld
Stumping the Mobile Chipset
Bianchi, Borgolte, Corbetta, Disperati, Dutcher, Machiry, Salls, Shoshitaishvili, Stephens, Vigna, Wang
Cyber Grand Shellphish
Geshev, Loureiro
Platform agnostic kernel fuzzing
Demay, Lebrun, Reziouk
Auditing 6LoWPAN Networks using Standard Penetration Testing Tools
16:30
Tangent
Closing Ceremonies


Instructions

This "Old School" schedule is an automatically-generated evolution of a manually-generated hack Darth Null has been using at ShmooCon since 2007. It won't work too well for a large conference, like DEFCON, but for smaller events like ShmooCon or BlackHat DC, it might be useful.

Simply print this out at whatever scale is most helpful to you. For example, for ShmooCon: print at 65%, fold Friday and Sunday back behind Saturday, and laminate, for a two-sided 3" x 4" card that you can keep in your shirt pocket.