DEF CON 20 July 26, 2012 to July 29, 2012, Las Vegas, USA
Tell us about missing data
Tell us about missing data
Title | Speakers | Summary | Topic Types |
---|---|---|---|
Welcome / Making the DEF CON 20 Badge | The Dark Tangent | DT will address the con and officially open DEF CON 20. Following his address LostboY ... | Security |
Before, During, and After | Gail Thackeray , Jason Scott , Dead | As you may have heard, in honor of our 20th anniversary, we have a DEF ... | |
Shared Values, Shared Responsibility | Keith b. Alexander | We as a global society are extremely vulnerable and at risk for a catastrophic cyber ... | Security |
Def Con 101 [Panel] | Pyr0 , Lockheed , Highwiz , Roamer , Alxrogan , Lost , Flipper | DC101 is the Alpha to the closing ceremonies Omega. Its the place to go to ... | |
Breaking Wireless Encryption Keys | Dakahuna | Cracking Wireless encryption keys is a fundamental capability that should be in every penetration testers ... | Security |
Intro to digital Forensics: Tools & Tactics | Ripshy , Hackajar | Putting up a flag and asking for help on the Internet is not for the ... | |
The Cerebral Source Code | Siviak | YOU: are part of the problem. You should count yourself among the ranks of the ... | Security |
SCREW THE PLANET, HACK THE JOB! | Lockheed , Roamer , Alxrogan | Have you ever wondered how you can translate your mad skillz into an actual job? ... | |
HF SKIDDIES SUCK, DONT BE ONE. LEARN SOME BASIC PYTHON | Terrence tuna Garreau | Fuck a bunch of skiddie tools acquired from bobo forums. One does not have to ... | Security |
HACKING THE HACKERS: HOW FIRM IS YOUR FOUNDATION? | Lost | Since this is DC101, Ive got some things I want to get off my chest ... | Security |
INTRODUCTION TO LOCKPICKING AND BYPASSING PHYSICAL SECURITY | Tran | Everyone relies on their locks to keep things secure. From front doors to filing cabinets, ... | Security |
Owning Bad Guys [And Mafia] With Javascript Botnets | Chema Alonso , Manu the Sur | Man in the middle attacks are still one of the most powerful techniques for owning ... | |
The Darknet of Things, Building Sensor Networks That Do Your Bidding | Anch | The Internet of Things... It is coming, wearing hardware that communicates across the Internet is ... | Security |
Drones! | Chris Anderson | Thanks to the plummeting cost of powerful motion sensors like those found in smartphones, the ... | Security |
<GHZ or bust: DEF CON | Atlas | Wifi is cool and so is cellular, but the real fun stuff happens below the ... | Security |
Blind XSS | Adam evilpacket Baldwin | This talk will announce the release and demonstrate the xss.io toolkit. xss.io is a platform ... | Security |
Should the Wall of Sheep Be Illegal? A Debate Over Whether and How Open WiFi Sniffing Should Be Regulated | Jennifer Granick , Kevin Bankston , Matt Blaze | Prompted by the Google Street View WiFi sniffing scandal, the question of whether and how ... | |
Cryptohaze Cloud Cracking | Bitweasil | Bitweasil goes through the latest developments in the Cryptohaze GPU based password cracking suite. WebTables ... | Security |
Overwriting the Exception Handling Cache Pointer Dwarf Oriented Programming | James Oakley , Sergey Bratus , Rodrigo Rubira Branco | This presentation describes a new technique for abusing the DWARF exception handling architecture used by ... | |
Exploit Archaeology: Raiders of the Lost Payphones | Josh ( savant ) Brashars | Payphones. Remember those? They used to be a cornerstone of modern civilation, available at every ... | Security |
Hardware Backdooring is Practical | Jonathan Brossard | This presentation will demonstrate that permanent backdooring of hardware is practical. We have built a ... | Security |
DIY Electric Car | Dave Brown | Electric Vehicles are an exciting area of developing technology entering the mainstream market. Every major ... | Security |
Tenacious Diggity: Skinny Dippin in a Sea of Bing | Rob Ragan , Francis Brown | All brand new tool additions to the Google Hacking Diggity Project The Next Generation Search ... | |
KinectasploitV2: Kinect Meets 20 Security Tools | Jeff Bryner | Last year saw the release of Kinectasploit v1 linking the Kinect with Metasploit in a ... | Security |
Fuzzing Online Games | Elie Bursztein , Patrick Samy | Fuzzing online games to find interesting bugs requires a unique set of novel techniques. In ... | |
The Open Cyber Challenge Platform | Linda c. Butler | Everyone from MIT to the DoD have agreed that teaching cyber security using cyber challenges, ... | Security |
Into the Droid: Gaining Access to Android User Data | Thomas Cannon | This talk details a selection of techniques for getting the data out of an Android ... | Android Exploitation ExcludeThinkstScapes Mobile Security |
Panel: Meet the Feds 1 | Jim Christy , Andrew Fried , Jon Iadonisi , Rich Marshall , David Mccallum , Leon Caroll , Justin Wykes | Did you ever wonder if the Feds were telling youre the truth when you asked ... | |
Panel: Meet the Feds 2: Policy | Riley Repko , Rod Beckstrom , Mark Weatherford , Jim Christy , Jerry Dixon , Bob Lentz , Linton Wells , Mischel Kwon | Did you ever wonder if the Feds were telling youre the truth when you asked ... | |
SIGINT and Traffic Analysis for the Rest of Us | Sandy Clark , Matt Blaze | Last year, we discovered practical protocol weaknesses in P25, a secure two-way radio system used ... | |
Bad (and Sometimes Good) Tech Policy: Its Not Just a DC Thing | Chris Conley | Efforts at the federal level to pass laws like SOPA and CISPA and require that ... | Security |
Life Inside a Skinner Box: Confronting our Future of Automated Law Enforcement | Greg Conti , Lisa Shay | From smart pajamas that monitor our sleep patterns to mandatory black boxes in cars to ... | |
Owning the Network: Adventures in Router Rootkits | Michael Coppola | Routers are the blippy switchy boxes that make up the infrastructure of networks themselves, yet ... | Security |
World War 3.0: Chaos, Control & the Battle for the Net | Rod Beckstrom , Joshua Corman , Jeff ( Dark Tangent ) Moss , Dan Kaminsky , Michael joseph Gross | There is a battle under way for control of the Internet. Some see it as ... | |
Embedded Device Firmware Vulnerability Hunting Using FRAK, the Firmware Reverse Analysis Konsole | Ang Cui | We present FRAK, the firmware reverse analysis konsole. FRAK is a framework for unpacking, analyzing, ... | Security |
Looking Into The Eye Of The Meter | Cutaway | When you look at a Smart Meter, it practically winks at you. Their Optical Port ... | Security |
SQL Injection to MIPS Overflows: Rooting SOHO Routers | Zachary Cutlip | Three easy steps to world domination: Pwn a bunch of SOHO routers. ??? Profit I ... | Security |
DC RECOGNIZE Awards | Jeff ( Dark Tangent ) Moss , Russ Rogers , Jericho | DEF CON is proud to announce the 2nd annual DEF CON awards ceremony, renamed the ... | |
Hacking Humanity: Human Augmentation and You | Christian quaddi Dameff , Jeff r3plicant Tully | Youve played Deus Ex. Youve seen Robocop. Youve read Neuromancer. Youve maybe even wondered just ... | |
Connected Chaos: Evolving the DCG/Hackspace Communication Landscape | Nick Farr , Dave Marcus , Anarchy Angel , Anch , Blakdayz | As hackers, we have access to tremendous informational power. At our individual hackerspaces and DCGs ... | |
Not-So-Limited Warranty: Target Attacks on Warranties for Fun and Profit | Darkred | Frequently people consider a serial number as nothing but a number but in this presentation ... | Security |
DivaShark Monitor your Flow | Robert Deaton | Analyzing live network traffic is nothing new but the tools still seem limited. Wireshark is ... | Security |
Beyond the War on General Purpose Computing: Whats Inside the Box? | Cory Doctorow | Assuming the failure of all the calls to regulate PCs and the Internet because people ... | Security |
Sploitego Maltegos (Local) Partner in Crime | Nadeem Douba | Have you ever wished for the power of Maltego when performing internal assessments? Ever hoped ... | Security |
Not So Super Notes: How Well Does US Dollar Note Security Prevent Counterfeiting? | Matthew Duggan | The security of US dollar notes is paramount for maintaining their value and safeguarding the ... | Security |
Post Metasploitation: Improving Accuracy and Efficiency in Post Exploitation Using the Metasploit Framework | Egypt | As many in this community have echoed, shell is just the beginning. Owning a box ... | Security |
The Paparazzi Platform: Flexible, Open-Source, UAS Software and Hardware | Esden , Dotaero , Misterj , Cifo | This presentation introduces the Paparazzi framework, an Open-Source (GPL3 and OSHW CC-by-SA) software and hardware ... | |
hacking the google tv | Dan Rosenberg , Amir ( zenofex ) Etemadieh , Cj Heres , Tom tdweng Dwenger | This presentation will focus on the current GoogleTV devices, including X86 platform details, and the ... | Hardware Reverse Engineering IncludeThinkstScapes Hardware Hacking Google TV |
Owned in 60 Seconds: From Network Guest to Windows Domain Admin | Zachary Fasel | Their systems were fully patched, their security team watching, and the amateur pentesters just delivered ... | Security |
Hellaphone: Replacing the Java in Android | John Floren | Android is the only widespread open-source phone environment available today, but actually hacking on it ... | Security |
Hacking [Redacted] Routers | Felix ( FX ) Lindner , Greg | [Redacted] routers are no longer devices only seen in [Redacted]. Entire countries run their Internet ... | |
Demorpheus: Getting Rid Of Polymorphic Shellcodes In Your Network | Dennis Gamayunov , Svetlana Gaivoronski | One of the most effective techniques used in CTF is the usage of various exploits, ... | |
New Techniques in SQLi Obfuscation: SQL never before used in SQLi | Nick Galbreath | SQLi remains a popular sport in the security arms-race. However, after analysis of hundreds of ... | Security |
Uncovering SAP Vulnerabilities: Reversing and Breaking the Diag Protocol | Martin Gallo | This talk is about taking SAP penetration testing out of the shadows and shedding some ... | Security |
Post-Exploitation Nirvana: Launching OpenDLP Agents over Meterpreter Sessions | Andrew Gavin , Michael Baucom , Charles Smith | OpenDLP is a free and open source agent- based data discovery tool that works against ... | |
The Art of Cyberwar | Kenneth Geers | The establishment of US Cyber Command in 2010 confirmed that cyberspace is a new domain ... | Security |
SCADA Strangelove or: How I Learned to Start Worrying and Love the Nuclear Plants | Sergey Gordeychik , Denis Baranov | Modern civilization unconditionally depends on information systems. It is paradoxical but true that SCADA systems ... | |
more projects of prototype this | Joe ( Kingpin ) Grand , Zoz | For 18 months, Joe Grand and Zoz Brooks were co-hosts of Discovery Channels Prototype This, ... | |
Hacking Measured Boot and UEFI | Dan Griffin | Theres been a lot buzz about UEFI Secure Booting, and the ability of hardware and ... | Security |
Exchanging Demands | Peter Hannay | Smart phones and other portable devices are increasingly used with Microsoft Exchange to allow people ... | Security |
Changing the Security Paradigm: Taking Back Your Network and Bringing Pain to the Adversary | Shawn Henry | The threat to our networks is increasing at an unprecedented rate. The hostile environment we ... | Security |
Busting the BARR: Tracking Untrackable Private Aircraft for Fun & Profit | Dustin Hoffman , Semon Rezchikov | Private aircraft provide transportation to interesting people: corporate officers, business owners, celebrities, high net-worth individuals, ... | |
Crypto and the Cops: the Law of Key Disclosure and Forced Decryption | Marcia Hofmann | Can the government force you to turn over your encryption passphrase or decrypt your data ... | Security |
Passive Bluetooth Monitoring in Scapy | Ryan Holeman | Recognizing a need to support passive bluetooth monitoring in Scapy, Pythons interactive monitoring framework, a ... | Security |
Cyber PatriotA Students Perspective | Kevin Houk , Jake Robie , Matt Brenner | As the world grows more reliant upon digital technology, cyber-attacks are posing a more significant ... | |
How to Hack All the Transport Networks of a Country | Alberto garcia Illera | The presentation is about a real black hacking act against the transport network of a ... | Security |
Bigger Monster, Weaker Chains: The National Security Agency and the Constitution | James Bamford , Jameel Jaffer , William Binney , Alex Abdo | The National Security Agency, the largest, most powerful spy agency in the world, has taken ... | |
Black Ops | Dan Kaminsky | If theres one thing we know, its that were doing it wrong. Sacred cows make ... | Security |
Owning One to Rule Them All | Dave Kennedy , Dave Desimone | As penetration testers, we often try to impact an organization as efficient and effective as ... | |
Detecting Reflective Injection | Andrew King | This talk will focus on detecting reflective injection with some mildly humorous notes and bypassing ... | Security |
An Inside Look Into Defense Industrial Base (DIB) Technical Security Controls: How Private Industry Protects Our Countrys Secrets | James Kirk | With an ever changing threat of nation states targeting the United States and its infrastructure ... | Security |
No More Hooks: Trustworthy Detection of Code Integrity Attacks | Xeno Kovah , Corey Kallenberg | Hooking is the act of redirecting program control flow somewhere other than it would go ... | |
DDoS Black and White Kungfu Revealed | Anthony ( darkfloyd ) Lai , Tony mt Miu , Kelvin captain Wong , Alan avenir Chung | Enterprises currently dump millions of bucks to defense against DDoS, some trading firms here are ... | |
NFC Hacking: The Easy Way | Eddie Lee | Until now, getting into NFC/RFID hacking required enthusiasts to buy special hardware and learn about ... | Security |
Robots: Youre Doing It Wrong 2 | Katy Levinson | By popular demand, DEF CONs angry little roboticist is back with more stories of robot ... | Security |
Anonymous and the Online Fight for Justice | Marcia Hofmann , Gabriella Coleman , Amber Lyon , Mercedes Haefer , Jay Leiderman , Grinne Oneill | How the media mischaracterizes, & portrays hackers. IRL protest VS. online protest. Politically motivated prosecution. ... | |
OPFOR 4EVER | Tim Maletic , Christopher E. Pogue | Training utilizing Opposing Forces, or OPFOR, is an exercise focused on improving detection and response ... | |
Weaponizing the Windows API with Metasploits Railgun | David thelightcosine Maloney | No part of the Metasploit Framework has been shrouded in more mystery and confusion than ... | Security |
Defeating PPTP VPNs and WPA2 Enterprise with MS-CHAPv2 | Marsh Ray , Moxie Marlinspike , David Hulton | MS-CHAPv2 is an authentication and key negotiation protocol that, while old and battered, is still ... | |
Dont Stand So Close To Me: An Analysis of the NFC Attack Surface | Charlie Miller | Near Field Communication (NFC) has been used in mobile devices in some countries for a ... | Security |
How to Hack VMware vCenter Server in 60 Seconds | Alexander Minozhenko | This talk will discuss some ways to gain control over the virtual infrastructure through vCenters ... | Security |
DEF CON Comedy Jam V, V for Vendetta | James Arlen , David Maynor , David Mortman , Rich Mogull , Chris Hoff , Larry Pesce | You know you cant stay away! The most talked about panel at DEF CON! Nearly ... | |
Cortana: Rise of the Automated Red Team | Raphael Mudge | Meet Cortana, a new scripting language to automate Metasploit and extend Armitage. Cortana is a ... | Security |
Making Sense of Static New Tools for Hacking GPS | Fergus Noble , Colin Beighley | Current GPS receivers found in mobile phones etc. are capable of about 5m accuracy but ... | |
SQL ReInjector Automated Exfiltrated Data Identification | Andrea (drea) London , Jason a. Novak | This presentation will debut SQL ReInjector, a tool for the rapid assessment of logs from ... | |
meet the eff | Peter Eckersley , Marcia Hofmann , Kurt Opsahl , Eva Galperin , Hanni Fakhouri , Trevor Timm | Get the latest information about how the law is racing to catch up with technological ... | |
The End of the PSTN As You Know It | Jason Ostrom , Jkarl Feinauer , William Borskey | In this talk, we will explore the so-called market buzz of UC Federation. Rather, we ... | |
APK File Infection on an android system | Bob Pan | This concept of APK file infection on Android is similar to the concept of PE ... | Security |
Panel: The Making of DEF CON 20 | Def Heads | Have you ever wondered what it takes to put DEF CON together, Well now is ... | Security |
Anti-Forensics and Anti-Anti-Forensics: Attacks and Mitigating Techniques for Digital-Forensic Investigations | Michael Perklin | Digital investigations may be conducted differently by various labs (law enforcement agencies, private firms, enterprise ... | Security |
Creating an A1 Security Kernel in the 1980s (Using Stone Knives and Bear Skins) | Tom Perrine | This is a retrospective of computer security research and the process of building a secure ... | Security |
Network Anti-Reconnaissance: Messing with Nmap Through Smoke and Mirrors | Dan ( altf4 ) Petro | Reconnaissance on a network has been an attackers game for far too long, wheres the ... | Security |
Bypassing Endpoint Security for $20 or Less | Philip Polstra | In this talk cheap easily constructed devices which can be used to bypass endpoint security ... | Security |
The Safety Dance Wardriving the Public Safety Band | Brad Antoniewicz , Robert Portvliet | The 4.9Ghz Public Safety Band has been deployed to a town near you! Police, Emergency ... | |
Kevin Poulsen Answers Your Questions | Kevin Poulsen | N/A | Security |
Hacker + Airplanes = No Good Can Come Of This | Renderman | What happens when a hacker gets bored and starts looking at an aircraft tracking systems? ... | Security |
MegaUpload: Guilty or Not Guilty? | Jennifer Granick , Jim Rennie | On January 19, 2012, Kim DotCom was arrested in a dramatic raid after being indicted ... | |
Stamp Out Hash Corruption! Crack All The Things! | Ryan Reynolds , Jonathan Claudius | The precursor to cracking any password is getting the right hash. In this talk we ... | |
Spy vs Spy: Spying on Mobile Device Spyware | Michael Robinson , Chris Taylor | Commercial spyware is available for mobile devices, including iPhones, Android Smartphones, BlackBerries, and Nokias. Many ... | Computer Forensics IncludeThinkstScapes Mobile Security |
Scylla: Because Theres no Patch for Human Stupidity | Sergio flacman Valderrama , Carlos alberto Rodriguez | When theres no technical vulnerability to exploit, you should try to hack what humans left ... | |
Bruce Schneier Answers Your Questions | Bruce Schneier | Bruce Schneier will answer questions topics ranging from the SHA-3 competition to the TSA to ... | Security |
Programming Weird Machines with ELF Metadata | Sergey Bratus , Rebecca bx Shapiro | The Executable and Linkable Format (ELF) is omnipresent; related OS and library code is run ... | |
We Have You by the Gadgets | Toby Kohlenberg , Mickey Shkatov | Why send someone an executable when you can just send them a sidebar gadget? We ... | |
Can You Track Me Now? Government And Corporate Surveillance Of Mobile Geo-Location Data | Christopher Soghoian , Ashkan Soltani , Ben Wizner , Catherine Crump | Our mobile phones and apps systematically collect and store comprehensive historical lists of our locations ... | |
Botnets Die Hard Owned and Operated | Aditya K Sood , Richard Enbody | Botnet designs are becoming more robust and sophisticated with the passage of time. While the ... | |
How to Channel Your Inner Henry Rollins | Jayson E. Street | Have you ever found yourself thinking Boy I sure wish I could witness a guy ... | Security |
Can Twitter Really Help Expose Psychopath Killers Traits? | Chris Sumner , Randall Wald | Recent research has identified links between Psychopaths and the language they use (Hancock et al ... | |
Attacking the TPM Part 2 : A look at the ST19WP18 TPM device | Christopher Tarnovsky | The STMicroelectronics ST19WL18P TPM die-level analysis. Companies like Atmel, Infineon and ST are pushing motherboard ... | Security |
Twenty Years Back, Twenty Years Ahead: The Arc of DEF CON Past and Future | Richard Thieme | Thiemes keynote at DEF CON 4 for a few hundred people was Hacking as Practice ... | Security |
Off-Grid Communications with Android: Meshing the Mobile World | Josh m0nk Thomas , Jeff stoker Robble | Join the SPAN team for a deep dive into the Android network stack implementation and ... | |
Socialized Data: Using Social Media as a Cyber Mule | Thor | When thinking like a bad guy with the goal of distributing any number of covert ... | Security |
Safes and Containers: Insecurity Design Excellence | Marc Weber Tobias , Tobias Bluzmanis , Matt Fiddler | Insecure designs in physical security locks, safes, and other products have consequences in terms of ... | |
Rapid Blind SQL Injection Exploitation with BBQSQL | Ben Toews , Scott Behrens | Blind SQL injection can be a pain to exploit. When the available tools work they ... | |
Subterfuge: The Automated Man-in-the-Middle Attack Framework | Matthew Toussain , Christopher Shields | Walk into Starbucks, plop down a laptop, click start, watch the credentials roll in. Enter ... | |
Drinking From the Caffeine Firehose We Know as Shodan | Viss | Shodan is commonly known for allowing users to search for banners displayed by a short ... | Security |
The DCWG Debriefing How the FBI Grabbed a Bot and Saved the Internet | Paul A. Vixie , Andrew Fried | Shodan is commonly known for allowing users to search for banners displayed by a short ... | |
The Christopher Columbus Rule and DHS | Mark Weatherford | Never fail to distinguish whats new, from whats new to you. This rule applies to ... | Security |
The Art Of The Con | Paul Wilson | Paul Wilson is the writer and star of The Real Hustle and creator of The ... | Security |
Improving Web Vulnerability Scanning | Dan Zulla | A new approach for web vulnerability scanning that outbids most existing scanners. | Security |