Defcon 2015 Aug. 6, 2015 to Aug. 9, 2015, Las vegas,usa

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
DEF CON 101: The Panel. Russ Rogers , Pushpin , Mike Petruzzi , Nikita Kronenberg , Plug DEF CON has changed for the better since the days at the Alexis Park. It ...
When the Secretary of State says: “Please Stop Hacking Us…” David An Senior American officials routinely hold dialogues with foreign officials to discuss cyber espionage. However, if ...
Game of Hacks: Play, Hack & Track Maty Siman , Amit Ashbel Fooling around with some ideas we found ourselves creating a hacker magnet. Game of Hacks, ...
Abusing XSLT for Practical Attacks Fernando Arnaboldi Over the years, XML has been a rich target for attackers due to flaws in ...
RFIDiggity: Pentester Guide to Hacking HF/NFC and UHF RFID Francis Brown , Shubham Shah Have you ever attended an RFID hacking presentation and walked away with more questions than ...
It's The Only Way To Be Sure: Obtaining and Detecting Domain Persistence Grant Bugher When a Windows domain is compromised, an attacker has several options to create backdoors, obscure ...
Introduction to SDR and the Wireless Village Dakahuna , Satanklawz In many circumstances, we all have to wear different hats when pursuing hobbies, jobs and ...
Guests N’ Goblins: Exposing Wi-Fi Exfiltration Risks and Mitigation techniques Naveed ul Islam , Peter Desfigies , Joshua Brierton Wi-Fi is a pervasive part of everyone’s everyday life. Whether it be home networks, open ...
Let's Encrypt - Minting Free Certificates to Encrypt the Entire Web Peter Eckersley , Yan Zhu , James Kasten Let's Encrypt is a new certificate authority that is being launched by EFF in collaboration ...
Ubiquity Forensics - Your iCloud and You Sarah Edwards Ubiquity or "Everything, Everywhere” - Apple uses this term describe iCloud related items and its ...
Crypto for Hackers Eijah Hacking is hard. It takes passion, dedication, and an unwavering attention to detail. Hacking requires ...
Extending Fuzzing Grammars to Exploit Unexplored Code Paths in Modern Web Browsers Etienne Stalmans , Saif El-sherei Fuzzing is a well-established technique for finding bugs, hopefully exploitable ones, by brute forcing inputs ...
Secure Messaging for Normal People Justin Engler "Secure" messaging programs and protocols continue to proliferate, and crypto experts can debate their minutiae, ...
Seeing through the Fog Zack Fasel Yes. "The Cloud" (drink). Even though many of us would much like to see use ...
Linux Containers: Future or Fantasy? Aaron Grattafiori Containers, a pinnacle of fast and secure deployment or a panacea of false security? In ...
How to Shot Web: Web and mobile hacking in 2015 Jason Haddix 2014 was a year of unprecedented participation in crowdsourced and static bug bounty programs, and ... IncludeThinkstScapes
Alice and Bob are Really Confused David Huerta There have been over 20 cryptoparties in New York City, in which people are introduced ...
LTE Recon and Tracking with RTLSDR Ian Kline Since RTLSDR became a consumer grade RX device, numerous talks and open source tools enabled ...
Forensic Artifacts From a Pass the Hash Attack Gerard Laygui A pass the hash (PtH) attack is one of the most devastating attacks to execute ...
I’m A Newbie Yet I Can Hack ZigBee – Take Unauthorized Control Over ZigBee Devices Li Jun , Yang Qing With the advent of the Internet of Things,more and more objects are connected via various ...
Are We Really Safe? - Bypassing Access Control Systems Dennis Maldonado Access control systems are everywhere. They are used to protect everything from residential communities to ...
Sorry, Wrong Number: Mysteries Of The Phone System - Past and Present Patrick Mcneil , Snide Owen Exploring the phone system was once the new and exciting realm of “phone phreaks,” an ...
Backdooring Git John Menerick Join us for a fun-filled tour of source control management and services to talk about ...
Hacking SQL Injection for Remote Code Execution on a LAMP stack Nemus Remember that web application you wrote when you where first learning PHP? Ever wonder how ...
Abusing native Shims for Post Exploitation Sean Pierce Shims offer a powerful rootkit-like framework that is natively implemented in most all modern Windows ...
Hacker in the Wires Phil Polstra This talk will show attendees how to use a small ARM-based computer that is connected ...
A Hacker’s Guide to Risk Bruce Potter When the latest and greatest vulnerability is announced, the media and PR frenzy can be ...
Chellam – a Wi-Fi IDS/Firewall for Windows Vivek Ramachandran This talk will introduce techniques to detect Wi-Fi attacks such as Honeypots, Evil Twins, Mis-association ...
Hardware and Trust Security: Explain it like I’m 5 Teddy Reed , Nick Anderson There are a lot of presentations and suggestions that indicate HSMs, TrustZone, AMT, TrEE, SecureBoot, ...
Bruce Schneier Q&A Bruce Schneier Bruce Schneier Talks Security. Come hear about what's new, what's hot, and what's hype in ...
Applied Intelligence: Using Information That's Not There Michael Schrenk Organizations continue to unknowingly leak trade secrets on the Internet. To those in the know, ...
I Am Packer And So Can You Mike Sconzo Automating packer and compiler/toolchain detection can be tricky and best and downright frustrating at worst. ...
NSM 101 for ICS Chris Sistrunk Is your ICS breached? Are you sure? How do you know? The current state of ...
Beyond the Scan: The Value Proposition of Vulnerability Assessment Damon Small Vulnerability Assessment is, by some, regarded as one of the least “sexy” capabilities in information ...
The Bieber Project: Ad Tech 101, Fake Fans and Adventures in Buying Internet Traffic Mark Ryan Talabis In the past year, I found myself immersed in the multi-billion dollar digital advertising industry. ...
Hijacking Arbitrary .NET Application Control Flow Topher Timzen This speech will demonstrate attacking .NET applications at runtime. I will show how to modify ...
Hackers Hiring Hackers - How to Do Things Better Tottenkoph , Irishmasms There are a lot of talks about how to be a better pen tester and ...
QARK: Android App Exploit and SCA Tool Tushar Dalvi , Tony Trummer Ever wonder why there isn't a metasploit-style framework for Android apps? We did! Whether you're ...
Hacking Web Apps Brent White Assessing the security posture of a web application is a common project for a penetration ...
And That's How I Lost My Other Eye: Further Explorations In Data Destruction Zoz How much more paranoid are you now than you were four years ago? Warrantless surveillance ...
Malware in the Gaming Micro-economy Zack Allen Rusty Bower Information Security Engineer Microeconomics focuses on how patterns of supply and demand determine ...
How to secure the keyboard chain Paul Amicelli , Baptiste David Keyloggers are hardware or software tools that record keystrokes. They are an overlooked threat to ...
How to hack your way out of home detention Ammonra Home detention and criminal tracking systems are used in hostile environments, and because of this, ...
Fun with Symboliks Atlas Asking the hard questions... and getting answer! Oh binary, where art thine vulns? Symbolic analysis ...
Quantum Computers vs. Computers Security Jean-Philippe Aumasson We've heard about hypothetical quantum computers breaking most of the public-key crypto in use—RSA, elliptic ...
Key-Logger, Video, Mouse — How To Turn Your KVM Into a Raging Key-logging Monster Lior Oppenheim , Yaniv Balmas Key-Loggers are cool, really cool. It seems, however, that every conceivable aspect of key-logging has ...
Canary: Keeping Your Dick Pics Safe(r) Rob Bathurst , Jeff Thomas The security of SSL/TLS is built on a rickety scaffolding of trust. At the core ...
Extracting the Painful (blue)tooth Matteo Beccaro , Matteo Collura Do you know how many Bluetooth-enabled devices are currently present in the world? With the ...
802.11 Massive Monitoring Andres Blanco , Andres Gazzoli Wireless traffic analysis has been commonplace for quite a while now, frequently used in penetration ... IncludeThinkstScapes
Exploring Layer 2 Network Security in Virtualized Environments Ronny L. Bull , Jeanna N. Matthews Cloud service providers offer their customers the ability to deploy virtual machines in a multi-tenant ...
Attacking Hypervisors Using Firmware and Hardware Yuriy Bulygin , Andrew Furtak , Oleksandr Bazhaniuk , Alexander Matrosov , Mikhail Gorobets In this presentation, we explore the attack surface of modern hypervisors from the perspective of ...
Who Will Rule the Sky? The Coming Drone Policy Wars Matt Cagle , Eric Cheng Your private drone opens up limitless possibilities – how can manufacturers and policymakers ensure you ...
Switches Get Stitches Eireann Leverett , Robert m. Lee , Colin Cassidy This talk will introduce you to Industrial Ethernet Switches and their vulnerabilities. These are switches ...
Cracking Cryptocurrency Brainwallets Ryan Castellucci Imagine a bank that, by design, made everyone's password hashes and balances public. No two-factor ...
Paranoia and ProxyHam: High-Stakes Anonymity on the Internet Benjamin Caudill From the US to China and beyond, anonymity on the internet is under fire – ...
Why nation-state malwares target Telco Networks: Dissecting technical capabilities of Regin and its counterparts Omer Coskun The recent research in malware analysis suggests state actors allegedly use cyber espionage campaigns against ...
Bugged Files: Is Your Document Telling on You? Daniel Crowley , Damon Smith Certain file formats, like Microsoft Word and PDF, are known to have features that allow ...
Do Export Controls on “Intrusion Software” Threaten Vulnerability Research? Tom ( Decius ) Cross , Collin Anderson At the end of 2013, an international export control regime known as the Wassenaar Arrangement ...
REvisiting RE:DoS Eric Davisson Regular Expression Denial of Service has existed for well over a decade, but has not ...
Licensed to Pwn: The Weaponization and Regulation of Security Research Dave Aitel , Matt Blaze , Nate Cardozo , Jim Denaro , Mara Tam , Catherine Wheeler Security research is under attack. Updates to the Wassenaar Arrangement in 2013 established among its ...
Dark side of the ELF - leveraging dynamic loading to pwn noobs Yan Shoshitaishvili , Alessandro Di Federico The ELF format is ancient, and much mystery lurks in its dark depths. For 16 ...
Fighting Back in the War on General Purpose Computers Cory Doctorow EFF's Apollo 1201 project is a 10-year mission to abolish all DRM, everywhere in the ...
REpsych: Psychological Warfare in Reverse Engineering Chris Domas Your precious 0-day? That meticulously crafted exploit? The perfect foothold? At some point, they'll be ...
USB Attack to Decrypt Wi-Fi Communications Jeremy Dorrough The term “Bad USB” has gotten some much needed press in last few months. There ...
BurpKit - Using WebKit to Own the Web Nadeem Douba Today's web apps are developed using a mashup of client- and server-side technologies. Everything from ...
Stagefright: Scary Code in the Heart of Android Joshua j. Drake With over a billion activated devices, Android holds strong as the market leading smartphone operating ...
Medical Devices: Pwnage and Honeypots Scott Erven , Mark Collao We know medical devices are exposed to the Internet both directly and indirectly, so just ...
NSA Playset: JTAG Implants Joe Fitz Patrick , Matt King While the NSA ANT team has been busy building the next generation spy toy catalog ...
Unbootable: Exploiting the PayLock SmartBoot Vehicle Immobilizer Fluxist Many of us have seen the big yellow "boot" on the wheel of a parked ...
Hooked Browser Meshed-Networks with WebRTC and BeEF Christian "xntrik" Frichot One of the biggest issues with BeEF is that each hooked browser has to talk ...
Abusing Adobe Reader’s JavaScript APIs Brian Gorenc , Jasiel Spelman , Abdul-aziz Hariri Adobe Reader’s JavaScript APIs offer a rich set of functionality for document authors. These APIs ...
WhyMI so Sexy? WMI Attacks, Real-Time Defense, and Advanced Forensic Analysis Willi Ballenthin , Matt Graeber , Claudiu Teodorescu Windows Management Instrumentation (WMI) is a remote management framework that enables the collection of host ... IncludeThinkstScapes
HamSammich – long distance proxying over radio David Maynor , Robert Graham The ProxyHam talk was mysteriously canceled. However, it’s easy to replicate the talk from the ...
Goodbye Memory Scraping Malware: Hold Out Till "Chip And Pin” Weston Hecker Proof of concept for stopping credit card theft in memory skimming operations . Alternative methods ...
Low-cost GPS simulator – GPS spoofing by SDR Lin Huang Qing Yang Team Leader of Unicorn Team, Qihoo 360 Technology Co. Ltd. It is known ... IncludeThinkstScapes
I want these * bugs off my * Internet Dan Kaminsky Are you interested in the gory details in fixing ugly bugs? No? Just like watching ...
Drive It Like You Hacked It: New Attacks and Tools to Wirelessly Steal Cars Samy Kamkar Gary Numan said it best. Cars. They’re everywhere. You can hardly drive down a busy ...
Harness: Powershell Weaponization Made Easy (or at least easier) Rich Kelley The Harness toolset aims to give penetration testers and red teams the ability to pull ...
ThunderStrike 2: Sith Strike Xeno Kovah , Corey Kallenberg , Trammel Hudson The number of vulnerabilities in firmware disclosed as affecting Wintel PC vendors has been rising ...
Rocking the Pocket Book: Hacking Chemical Plant for Competition and Extortion Jason Larsen , Marina Krotofil The appeal of hacking a physical process is dreaming about physical damage attacks lighting up ...
Hack the Legacy! IBM i (aka AS/400) Revealed. Bart Kulach Have you ever heard about the famous "green screen"? No, it's not a screensaver... Believe ...
Remote Access, the APT Ian Latter ThruGlassXfer (TGXf) is a new and exciting technique to steal files from a computer through ...
Let's Talk About SOAP, Baby. Let's Talk About UPNP Ricky Lawshae Whether we want it to be or not, the Internet of Things is upon us. ...
Tell me who you are and I will tell you your lock pattern Marte Løge You are predictable. Your passwords are predictable, and so are your PINs. This fact is ...
Responsible Incident: Covert Keys Against Subverted Technology Latencies, Especially Yubikey Lost We're no strangers to love You know the rules and so do I A full ...
F*ck the attribution, show us your .idb! Morgan Marquis-boire , Claudio Guarnieri , Marion Marschalek Over the past few years state-sponsored hacking has received attention that would make a rockstar ...
Inter-VM data exfiltration: The art of cache timing covert channel on x86 multi-core Etienne Martineau On x86 multi-core covert channels between co-located Virtual Machine (VM) are real and practical thanks ...
Working together to keep the Internet safe and secure Alejandro Mayorkas We all have a role to play when it comes to ensuring the safety and ...
I Hunt Penetration Testers: More Weaknesses in Tools and Procedures Wesley Mcgrew When we lack the capability to understand our tools, we operate at the mercy of ...
How to Hack Government: Technologists as Policy Makers Ashkan Soltani , Terrell Mcsweeny As the leading federal agency responsible for protecting your privacy rights online, technology is at ...
Red vs. Blue: Modern Active Directory Attacks & Defense Sean Metcalf Kerberos "Golden Tickets" were unveiled by Alva "Skip" Duckwall & Benjamin Delpy in 2014 during ...
Put on your tinfo_t hat if you're my type Miaubiz The IDA Pro APIs for interacting with type information are full of opportunities (horrible problems). ...
Remote Exploitation of an Unaltered Passenger Vehicle Chris Valasek , Charlie Miller Although the hacking of automobiles is a topic often discussed, details regarding successful attacks, if ...
Separating Bots from the Humans Ryan Mitchell There’s an escalating arms race between bots and the people who protect sites from them. ...
Spread Spectrum Satcom Hacking: Attacking The GlobalStar Simplex Data Service Colby Moore Recently there have been several highly publicized talks about satellite hacking. However, most only touch ...
Docker, Docker, Give Me The News, I Got A Bad Case Of Securing You David Mortman Docker is all the rage these days. Everyone is talking about it and investing in ...
Detecting Randomly Generated Strings; A Language Based Approach Mahdi Namazifar Numerous botnets employ domain generation algorithms (DGA) to dynamically generate a large number of random ...
Don't Whisper my Chips: Sidechannel and Glitching for Fun and Profit Colin O'flynn If you thought the security practices of regular software was bad, just wait until you ...
Advances in Linux Process Forensics Using ECFS Ryan O'neill Many hackers today are using process memory infections to maintain stealth residence inside of a ...
Ask the EFF: The Year in Digital Civil Liberties Peter Eckersley , Kurt Opsahl , Corynne Mcsherry , Mark Jaycox , Nate Cardozo , Nadia Kayyali Get the latest information about how the law is racing to catch up with technological ...
DEF CON Comedy Inception: How many levels deep can we go? Dan Tentler , Chris Sistrunk , Larry “@haxorthematrix” Pesce , Amanda Berlin , Will Genovese , Chris Blow This year at DEF CON a former FAIL PANEL panelist attempts to keep the spirit ...
Hacking Smart Safes: On the "Brink" of a Robbery Dan "altf4" Petro , Oscar Salazar Have you ever wanted to crack open a safe full of cash with nothing but ...
Staying Persistent in Software Defined Networks Gregory Pickett The Open Network Install Environment, or ONIE, makes commodity or WhiteBox Ethernet possible. By placing ... IncludeThinkstScapes
One Device to Pwn Them All Phil Polstra This talk will present a device that can be used as a dropbox, remote hacking ...
NetRipper - Smart traffic sniffing for penetration testers Ionut Popescu The post-exploitation activities in a penetration test can be challenging if the tester has low-privileges ...
Chigula — a framework for Wi-Fi Intrusion Detection and Forensics Vivek Ramachandran Most of Wi-Fi Intrusion Detection & Forensics is done today using million dollar products or ...
Knocking my neighbor’s kid’s cruddy drone offline Michael Robinson My neighbor’s kid is constantly flying his quad copter outside my windows. I see the ...
I Will Kill You Chris Rock Have you ever wanted to kill someone? Do you want to get rid of your ...
How to Hack a Tesla Model S Kevin Mahaffey , Marc Rogers The Tesla Model S is the most connected car in the world. It might surprise ...
Hacking Electric Skateboards: Vehicle Research For Mortals Mike Ryan , Richo Healey In the last year there's been an explosion of electric skateboards onto the market- seemingly ...
When IoT attacks: hacking a Linux-powered rifle Runa a. Sandvik , Michael Auger TrackingPoint is an Austin startup known for making precision-guided firearms. These firearms ship with a ...
Drinking from LETHE: New methods of exploiting and mitigating memory corruption vulnerabilities Daniel Selifonov Memory corruption vulnerabilities have plagued computer systems since we started programming software. Techniques for transforming ...
Breaking SSL Using Time Synchronisation Attacks Jose Selvi What time? When? Who is first? Obviously, Time is strongly present in our daily life. ...
"Quantum" Classification of Malware John Seymour Quantum computation has recently become an important area for security research, with its applications to ...
Insteon' False Security And Deceptive Documentation Peter Shipley , Ryan Gooler Insteon is a leading home automation solution for controlling lights, locks, alarms, and much more. ...
Scared Poopless – LTE and *your* laptop Mickey Shkatov , Jesse Michael With today’s advancement in connectivity and internet access using 3G and LTE modems it seems ...
Angry Hacking - the next generation of binary analysis Yan Shoshitaishvili , Fish Wang Security has gone from a curiosity to a phenomenon in the last decade. Fortunately for ...
High-Def Fuzzing: Exploring Vulnerabilities in HDMI-CEC Joshua Smith The HDMI (High Definition Multimedia Interface) standard has gained extensive market penetration. Nearly every piece ...
Dissecting the Design of SCADA Web Human Machine Interfaces (HMIs) - Hunting Vulnerabilities Aditya K Sood Human Machine Interfaces (HMIs) are the subsets of the Supervisory Control and Data Acquisition (SCADA) ...
Shall We Play a Game? Tamas Szakaly Everybody plays games, and a whole lot of people plays computer games. Despite this fact, ...
DIY Nukeproofing: a new dig at "data-mining" 3alarmlampscooter Does the thought of nuclear war wiping out your data keep you up at night? ...
Hacking the Human Body/brain: Identity Shift, the Shape of a New Self, and Humanity 2.0 Richard Thieme This presentation is beyond fiction. Current research in neuroscience and the extension and augmentation of ...
From 0 To Secure In 1 Minute — Securing IAAS Nir Valtman , Moshe Ferber Recent hacks to IaaS platforms reveled that we need to master the attack vectors used: ...
Looping Surveillance Cameras through Live Editing of Network Streams Eric Van Albert , Zach Banks This project consists of the hardware and software necessary to hijack wired network communications. The ...
Machine vs. Machine: Inside DARPA’s Fully Automated CTF Jordan Wiens , Michael a Walker For 22 years, the best binary ninjas in the world have gathered at DEF CON ...
Pivoting Without Rights – Introducing Pivoter Dave Kennedy , Geoff Walton One of the most challenging steps of a penetration test is popping something and not ...
DLL Hijacking' on OS X? #@%& Yeah! Patrick Wardle Remember DLL hijacking on Windows? Well, turns out that OS X is fundamentally vulnerable to ...
Stick That In Your (root)Pipe & Smoke It Patrick Wardle You may ask; "why would Apple add an XPC service that can create setuid files ...
Confessions of a Professional Cyber Stalker Ken Westin For several years I developed and utilized various technologies and methods to track criminals leading ...
How to Train Your RFID Hacking Tools Craig Young With insecure low frequency RFID access control badges still in use at businesses around the ...
Investigating the Practicality and Cost of Abusing Memory Errors with DNS Luke Young In a world full of targeted attacks and complex exploits this talk explores an attack ... IncludeThinkstScapes
Security Necromancy: Further Adventures in Mainframe Hacking Philip Young , Chad Rikansrud You thought they were dead didn't you? You thought "I haven't seen a mainframe since ...