Best Talks at DEF CON 33
Hand-picked from in-depth reviewer verdicts. View all talks at DEF CON 33 →
- 1. Exploiting Vulns in EV Charging Comms — Jan Berens, Marcell Szakály, Sebastian Köhler
Electric vehicle charging infrastructure runs on a stack of aging, largely unpatched hardware. The data link that negotiates charging sessions between a car and a DC fast charger uses Power Line Commu
- 2. Journey to the center of PSTN - I became a phone company — Enzo Damato
Enzo Damato's DEF CON 33 talk is a tour-de-force walkthrough of the Public Switched Telephone Network (PSTN) from the inside—not from the perspective of a hacker probing someone else's infrastructure,
- 3. Metal-as-a-Disservice: Exploiting Legacy Flaws in Cutting Edge Clouds — Bill Demirkapi
The rise of GPU-focused cloud providers has created a new class of infrastructure security problems. Unlike established hyperscalers such as AWS, Azure, and Google Cloud — which have invested more tha
- 4. Invoking Gemini Agents with a Google Calendar Invite — Ben Nassi, Or Yair, Stav Cohen
A team of three researchers — Ben Nassi (Black Hat board member and Tel Aviv University faculty), Or Yair (security research team leader at SafeBreach), and Stav Cohen (Technion PhD student) — present
- 5. The UnRightful Heir - My dMSA Is Your New Domain Admin — Yuval Gordon
Yuval Gordon, a security researcher at Akamai Technologies, presented a critical vulnerability in Windows Server's newest identity feature: Delegated Managed Service Accounts (dMSA). Introduced by Mic
- 6. SCCM: The tree that always bears bad fruits — Mehdi Elyassa
Microsoft Configuration Manager — still widely known in the industry as SCCM (System Center Configuration Manager) — is one of the most privileged and most abused systems in enterprise Windows environ
- 7. Mac PRT Cookie Theft & Entra ID Persistence — Shang-De Jiang, Dong-Yi Ye, Tung-lin Lee
This DEF CON 33 talk—titled in full "Original Sin of SSO: macOS PRT Cookie Theft & Entra ID Persistence via Device Forgery"—presents a novel attack chain against Microsoft Entra ID (formerly Azure Act
- 8. HTTP 1.1 Must Die! The Desync Endgame — James Kettle
James Kettle's fourth annual DEF CON session on HTTP desync attacks represents both the culmination of a multi-year research program and a sobering conclusion: the attack class has not been resolved,
- 9. Kill List: Hacking an Assassination Site on the Dark Web — Carl Miller, Chris Monteiro
This talk is one of the most unusual presentations ever given at DEF CON: a meticulous account of how a darknet investigator (Chris Monteiro) and a think-tank researcher (Carl Miller) spent nearly a d
- 10. Virtualization Based Insecurity: Weaponizing VBS Enclaves — Ori David
Windows Virtualization Based Security (VBS) is Microsoft's flagship security architecture innovation of the past decade, isolating the most sensitive OS components — credential stores, security polici
- 11. Breaking into thousands of cloud-based VPNs with one bug — David Cash, Rich Warren
Zero Trust Network Access (ZTNA) products — marketed as the successor to legacy VPNs — are increasingly deployed across enterprise environments following high-profile Ivanti, Pulse Secure, and Fortine
- 12. No VPN Needed? Cryptographic Attacks Against the OPC UA Protocol — Tom Tervoort
OPC UA (Unified Architecture) is the dominant open-standard protocol for industrial automation, connecting PLCs, SCADA systems, and remote monitoring endpoints in facilities ranging from gas pipelines