DEF CON 32 Main Stage

August 8-11, 2024 · Las Vegas, Nevada · 91 talks

The world's premier hacker conference featuring cutting-edge research in exploit development, social engineering, hardware hacking, and security policy.

→ See editor’s top picks at DEF CON 32 Main Stage

• Breaking Secure Web Gateways for Fun and Profit — Vivek Ramachandran, Jeswin Mathai

  In "Breaking Secure Web Gateways for Fun and Profit," Vivek Ramachandran, joined by Dashita (and Jeswin Mathai in spirit), delivered a compelling and critical analysis of **Secure Web Gateways…

• Listen to the Whispers: Web Timing Attacks that Actually Work — James Kettle

  In this compelling DEF CON 32 talk, "Listen to the Whispers: Web Timing Attacks that Actually Work," renowned security researcher James Kettle tackles the notoriously elusive world of **web timing…

• Abusing Windows Hello Without a Severed Hand — Ceri Coburn, Dirk jan Mollema

  This talk, "Abusing Windows Hello Without a Severed Hand," presented by Ceri Coburn and Dirk Jan Mollema at DEF CON 32, delves into the intricate security mechanisms of Microsoft's **Windows Hello**…

• AMDSinkclose - Universal Ring2 Privilege Escalation — Enrique Nissim, Krzysztof Okupski
• Counter Deception: Defending Yourself in a World Full of Lies — Tom Cross, Greg Conti

  In "Counter Deception: Defending Yourself in a World Full of Lies," Tom Cross and Greg Conti tackle the pervasive and increasingly sophisticated nature of deception in the digital age, particularly…

• DEF CON Closing Ceremonies & Awards — Unknown

  The DEF CON 32 Closing Ceremonies, delivered by an unnamed but clearly central figure in the conference's organization, served as more than just a wrap-up; it was a strategic declaration of intent…

• On Your Ocean's 11 Team, I'm the AI Guy (technically Girl) — Harriet Farlow

  In "On Your Ocean's 11 Team, I'm the AI Guy (technically Girl)," Harriet Farlow, a seasoned expert in **AI security**, delves into the critical vulnerabilities emerging as organizations rapidly…

• Where’s the Money-Defeating ATM Disk Encryption — Matt Burch

  In his DEF CON 32 presentation, "Where’s the Money-Defeating ATM Disk Encryption," independent security researcher Matt Burch sheds light on critical vulnerabilities within the Automated Teller…

• Welcome to DEF CON 32 — The Dark Tangent

  This talk, delivered by The Dark Tangent, the founder of DEF CON, serves as an unofficial opening address for DEF CON 32. It focuses less on specific technical exploits and more on the philosophical…

• The edges of Surveilance System and its supply chain — Chanin Kim, Myounghun Pak

  This talk, "What's Being Watched: Exploiting the Surveillance System and its Supply Chain," presented by Chanin Kim and Myounghun Pak, delves into critical security vulnerabilities within **Network…

• OH MY DC Abusing OIDC all the way to your cloud — Aviad Hahami

  In the DEF CON 32 talk "OH MY DC Abusing OIDC all the way to your cloud," security researcher Aviad Hahami from Palo Alto Networks delves into the critical security implications of **OpenID Connect…

• MaLDAPtive: Obfuscation and De-Obfuscation — Daniel Bohannon, Sabajete Elezaj

  In the realm of cybersecurity, **Active Directory (AD)** remains a critical component of enterprise infrastructure, making **Lightweight Directory Access Protocol (LDAP)** a prime target for both…

• Open Sesame: how vulnerable is your stuff in electronic lockers — Dennis Giese, braelynn

  In "Open Sesame: how vulnerable is your stuff in electronic lockers," security researchers Dennis Giese and braelynn explore the often-overlooked security posture of electronic locker systems…

• 1 for All, All for WHAD: wireless shenanigans made easy — Romain Cayre, Damien Cauquil

  In the rapidly evolving landscape of wireless technology, security researchers and enthusiasts often face a significant hurdle: the fragmented ecosystem of tools and hardware required to analyze and…

• Your AI Assistant has a Big Mouth: A New Side Channel Attack — Yisroel Mirsky

  In an era where Artificial Intelligence (AI) assistants like ChatGPT, Google Gemini, and Microsoft Copilot are becoming ubiquitous, handling increasingly sensitive personal and professional data…

• Windows Downdate: Downgrade Attacks Using Windows Updates — Alon Leviev

  In this compelling DEF CON 32 presentation, security researcher Alon Leviev unveiled a novel and deeply concerning class of downgrade attacks targeting the very core of Windows' security mechanisms…

• QuickShell Sharing is caring abt RCE attack chain on QuickShare — Or Yair, Shmuel Cohen

  This talk, "QuickShell: Sharing is caring about an RCE attack chain on Quick Share," presented by Or Yair and Shmuel Cohen from SafeReach, delves into the discovery and exploitation of multiple…

• Smishing Smackdown: Unraveling the Threads of USPS Smishing and Fighting Back — S1nn3r

  In "Smishing Smackdown: Unraveling the Threads of USPS Smishing and Fighting Back," S1nn3r, a red team operator and bug bounty hunter, takes the audience on a journey through his personal…

• Securing CCTV Cameras Against Blind Spots — Jacob Shams

  In the realm of modern surveillance, Artificial Intelligence (AI)-powered object detectors are increasingly deployed in Closed-Circuit Television (CCTV) systems to automate threat detection and…

• Taming the Beast: Inside Llama 3 Red Team Process — Grattafiori, Evtimov, Bitton

  This talk delves into the intricate and evolving process of red teaming large language models (LLMs), specifically focusing on the methodologies employed for Meta's Llama 3. Presented by…

• SQL Injection Isn't Dead Smuggling Queries at the Protocol Level — Paul Gerste

  In "SQL Injection Isn't Dead: Smuggling Queries at the Protocol Level," Paul Gerste from SonarSource challenges the prevailing notion that modern application development practices have largely…

• Reverse Engineering MicroPython Frozen Modules — Wesley McGrew

  This talk, presented by Wesley McGrew at DEF CON 32, delves into the often-misunderstood security implications of **MicroPython frozen modules**. While MicroPython is a lightweight implementation of…

• Optical Espionage: Using Lasers to Hear Keystrokes Through Glass Windows — samy kamkar

  This talk, "Optical Espionage: Using Lasers to Hear Keystrokes Through Glass Windows," delivered by Samy Kamkar at DEF CON 32, promises to delve into a fascinating and concerning area of physical…

• The hack, the crash and two smoking barrels. — Thomas Sermpinis

  In "The hack, the crash and two smoking barrels," Thomas Sermpinis, a lead at Auxilium Pentest Labs, delivers a candid and critical assessment of the cybersecurity landscape within the automotive…

• Sshamble Unexpected Exposures in the Secure Shell — HD Moore, Rob King

  In "Sshamble Unexpected Exposures in the Secure Shell," HD Moore and Rob King from runZero delve into the intricate and often overlooked security landscape of the Secure Shell (SSH) protocol…

• Splitting the email atom exploiting parsers to bypass access controls — Gareth Heyes

  In "Splitting the Email Atom: Exploiting Parsers to Bypass Access Controls," Gareth Heyes, a prominent security researcher, delves into the often-overlooked complexities and inherent vulnerabilities…

• Redefining V2G: How to use your vehicle as game controller — Timm Lauser, Jannis Hamborg

  In a captivating presentation at DEF CON 32, Timm Lauser and Jannis Hamborg from Darmstadt University of Applied Sciences introduced a novel interpretation of the widely recognized acronym **V2G**…

• Spies and Bytes: Victory in the Digital Age — General Paul M. Nakasone

  General Paul M. Nakasone, former Commander of U.S. Cyber Command (USCYBERCOM) and Director of the National Security Agency (NSA), delivered a highly anticipated address at DEF CON 32 titled "Spies…

• Sudos and Sudon’ts: Peering inside Sudo for Windows — Michael Torres

  Michael Torres's DEF CON 32 presentation, "Sudos and Sudon’ts: Peering inside Sudo for Windows," delves into the security implications of Microsoft's new Sudo for Windows utility. This tool, slated…

• Manipulating Shim and Office for Code Injection — Ron Ben-Yizhak, David Shandalov

  This talk, "Shimmy What You Got: Manipulating Shim and Office for Code Injection," delivered by Ron Ben-Yizhak and David Shandalov of Deep Instinct, delves into novel methods for achieving code…

• Process Injection Attacks w ROP — Bramwell Brizendine, Shiva Shashank Kusuma

  This talk, "Process Injection Attacks w ROP," presented by Dr. Bramwell Brizendine and Shiva Shashank Kusuma at DEF CON 32, delves into advanced techniques for **process injection** on Windows…

• Secrets & Shadows: Leveraging Big Data for Vulnerability Discovery — Bill Demirkapi

  In "Secrets & Shadows: Leveraging Big Data for Vulnerability Discovery," independent security researcher Bill Demirkapi presents a compelling case for shifting traditional perspectives on…

• Autos, alcohol, blood, sweat, & creative reversing obfuscated Car Modding tool — Atlas

  In this DEF CON 32 talk, "Autos, alcohol, blood, sweat, & creative reversing obfuscated Car Modding tool," speaker Atlas from Grim delves into the challenging world of automotive security and…

• How To Keep IoT From Becoming An IoTrash — Roberts, Wysopal, Doctorow, Wheeler, Giese

  This DEF CON 32 panel, "Bricked and Abandoned: How to Keep the IoT From Becoming an Internet of Trash," delves into the critical and growing problem of **abandonware** and **end-of-life (EOL)…

• Threat Modeling in the Age of AI — Adam Shostack

  In an insightful presentation at DEF CON 32’s AppSec Village, renowned threat modeling expert Adam Shostack addressed the critical intersection of artificial intelligence and cybersecurity. His…

• Breaching AWS Through Shadow Resources — Yakir Kadkoda, Michael Katchinskiy, Ofek Itach

  This talk, presented by Yakir Kadkoda, Michael Katchinskiy, and Ofek Itach from Aqua Security, delves into a critical but often overlooked aspect of cloud security: **Shadow Resources** within AWS…

• AMD Sinkclose-Universal Ring2 Privilege Escalation — Enrique Nissim, Krzysztof Okupski

  This talk, "AMD Sinkclose-Universal Ring2 Privilege Escalation," delivered by Enrique Nissim and Krzysztof Okupski at DEF CON 32, reveals a critical architectural flaw present in AMD processors for…

• What History’s Greatest Heist Can Teach Us About Defense In Depth — Pete Stegemeyer

  In "What History’s Greatest Heist Can Teach Us About Defense In Depth," Pete Stegemeyer, a seasoned senior security engineer and an unexpected authority on historical heists, draws compelling…

• Unlocking the Gates: Understanding Authentication Bypass Vulnerabilities — Vikas Khanna

  In his DEF CON 32 talk, "Unlocking the Gates: Understanding Authentication Bypass Vulnerabilities," Vikas Khanna, a Technical Specialist at Privasec, delved into critical security flaws that allow…

• Unlocking the Gates Hacking a secure Industrial Remote Access Solution — Moritz Abrell

  In a compelling presentation at DEF CON 32, Moritz Abrell, a senior IT security consultant and penetration tester at the German company Sys, unveiled critical vulnerabilities within the Ewon Cosy…

• Troll Trapping Through TAS Tools Exposing Speedrunning Cheaters — Allan Cecil

  In "Troll Trapping Through TAS Tools Exposing Speedrunning Cheaters," Allan Cecil, known as Dngo AC and the founder of the Tasbot organization, delves into the fascinating intersection of…

• The XZ Backdoor Story: The Undercover Op That Set the Internet on Fire — Thomas Roccia

  The XZ Backdoor story represents one of the most sophisticated and alarming supply chain attacks ever uncovered, a testament to the persistent and insidious nature of modern cyber threats. Presented…

• The Pwnie Awards — Unknown

  The 2024 Pwnie Awards ceremony at DEF CON 32 served as a vibrant and often satirical barometer for the preceding year's achievements and missteps within the cybersecurity community. Hosted by Ian…

• Behind Enemy Lines: Going undercover to breach LockBit Ransomware Op — Jon DiMaggio

  In a groundbreaking talk at DEF CON 32, cybersecurity expert Jon DiMaggio of Analyst One unveiled an unprecedented methodology for infiltrating one of the world's most prolific ransomware…

• From getting JTAG on the iPhone 15 to hacking Apple's USB-C Controller — Stacksmashing

  This talk, "Ace of the Sleeve: Hacking into Apple's New USB-C Controller," presented by Thomas Roth, also known as Stacksmashing, delves into the intricate process of re-establishing low-level debug…

• The Rise and Fall of Binary Exploitation — Stephen Sims

  Stephen Sims, a veteran vulnerability researcher with two decades of experience, delivered a compelling talk at DEF CON 32 titled "The Rise and Fall of Binary Exploitation." This presentation…

• Behind Enemy Lines: Engaging and Disrupting Ransomware Web Panel — Vangelis Stykas

  This talk, "Behind Enemy Lines: Engaging and Disrupting Ransomware Web Panel," delivered by Vangelis Stykas at DEF CON 32, offers a unique perspective on the ongoing battle against ransomware…

• Abusing legacy railroad signaling systems — David Meléndez, Gabriela Gabs Garcia

  In "Abusing legacy railroad signaling systems," David Meléndez and Gabriela Gabs Garcia shed light on critical vulnerabilities within the foundational infrastructure of railway networks. Their DEF…

• A Shadow Librarian: Fighting back against encroaching capitalism — Daniel Messe

  Daniel Messe's DEF CON 32 talk, "A Shadow Librarian: Fighting back against encroaching capitalism," offered a provocative reinterpretation of the librarian's role in the digital age, framing it as a…

• Secret Life of Rogue Device: Lost IT Assets on the Public Marketplace — Matthew Bryant

  In the contemporary digital landscape, the lifecycle management of IT assets extends beyond initial deployment and internal use, often overlooking the critical security implications of their…

• DEF CON Unplugged: Cocktails & Cyber with Jeff & Jen — Jen Easterly, Jeff Moss

  This DEF CON Unplugged session, titled "Cocktails & Cyber," offered a unique glimpse into the evolving relationship between the U.S. government's lead civilian cybersecurity agency and the broader…

• AWS CloudQuarry: Digging for secrets in public AMIs — Eduard Agavriloae, Matei Josephs

  This talk, "AWS CloudQuarry: Digging for secrets in public AMIs," presented by Eduard Agavriloae and Matei Josephs, unveils a widespread security vulnerability stemming from misconfigured public…

• Breaking the Beam:Exploiting VSAT Modems from Earth — Lenders, Willbold, Bisping

  This presentation, "Breaking the Beam: Exploiting VSAT Modems from Earth," by Vincent Lenders, Johannes Willbold, and Robin Bisping, unveils a novel attack vector against **Very Small Aperture…

• AIxCC Closing Ceremonies — Unknown

  This talk serves as the closing ceremony for the AI Cyber Challenge (AIxCC) semifinal competition held at DEF CON 32. Presented by Perry Adams, Special Assistant to the Director at DARPA and the…

• Unsaflok: Hacking millions of hotel locks — Lennert Wouters, Ian Carroll

  In a groundbreaking presentation at DEF CON 32, security researchers Lennert Wouters and Ian Carroll unveiled "Unsaflok," a critical vulnerability impacting millions of hotel locks manufactured by…

• Atomic Honeypot-A MySQL Honeypot That Drops Shells — Alexander Rubin, Martin Rakhmanov

  In an era dominated by automated threats and relentless scanning, database servers remain a prime target for malicious actors. The talk "Atomic Honeypot-A MySQL Honeypot That Drops Shells" presented…

• The Way To Android Root: Exploiting Smartphone GPU — Xiling Gong, Eugene Rodionov

  In "The Way To Android Root: Exploiting Smartphone GPU," members of the Android Red Team — Shishin, Xiling Gong, and Eugene Rodionov — unveiled a critical vulnerability, CVE 2024 23380, within…

• Nano Enigma Uncovering the Secrets in eFuse Memories — Michal Grygarek, Martin Petr

  In the realm of embedded system security, hardware-based protections are often considered the strongest line of defense. Among these, **eFuse memories** play a critical role, serving as one-time…

• Bug Hunting In VMware Device Virtualization — JiaQing Huang, Hao Zheng, Yue Liu

  This talk, "Bug Hunting In VMware Device Virtualization," delivered by JiaQing Huang and Hao Zheng from the Tiangong team at Qianxin Group, offers a comprehensive guide for security researchers…

• DC101 Panel — Unknown

  The "DC101 Panel" at DEF CON 32 served as an essential orientation for attendees, particularly those new to the sprawling and often overwhelming environment of one of the world's largest hacker…

• Encrypted newspaper ads in the 19th century — Elonka Dunin, Klaus Schmeh

  This talk, delivered by renowned cryptographers Elonka Dunin and Klaus Schmeh, delves into the fascinating world of **19th-century encrypted newspaper advertisements**. Far from being mere…

• Clash, Burn, and Exploit Manipulate Filters to Pwn kernelCTF — HexRabbit Chen

  In this highly technical talk, HexRabbit Chen, a security researcher from Devcore, dissects the intricacies of **NS tables**, the Linux kernel's modern packet filtering framework, revealing critical…

• Prime Cuts from Hacker History :40 Years of 31337 — Cult of the Dead Cow

  This talk, titled "Prime Cuts from Hacker History :40 Years of 31337," was introduced as a panel discussion designed to commemorate the 40th anniversary of several foundational entities within the…

• Compromising Electronic Logger & Creating Truck2Truck Worm — Jake Jepson, Rik Chatterjee

  Jake Jepson and Rik Chatterjee, master’s students from Colorado State University, presented groundbreaking research at DEF CON 32 detailing the first known wireless drive-by attack on a heavy-duty…

• DriverJack Turning NTFS and Emulated ROFs into an Infection — Alessandro Magnosi

  Alessandro Magnosi's talk, "DriverJack Turning NTFS and Emulated ROFs into an Infection," introduces a novel and stealthy technique for loading malicious kernel drivers on Windows 11 systems. This…

• If Existing Cyber Vulns Magically Disappeared, What Next — Dr Stefanie Tompkins

  Dr. Stefanie Tompkins, the Director of the Defense Advanced Research Projects Agency (**DARPA**), delivered a thought-provoking keynote at DEF CON 32, challenging the cybersecurity community to…

• Fireside Chat - The Dark Tangent and DNSA Anne Neuberger — The Dark Tangent, Anne Neuberger

  The DEF CON 32 Fireside Chat featured a rare and significant dialogue between The Dark Tangent (DT), founder of DEF CON, and Anne Neuberger, the Deputy National Security Advisor for Cyber (DNSA) at…

• Changing Global Threat Landscape — Rob Joyce, The Dark Tangent

  This talk, presented as a fireside chat at DEF CON 32, features Rob Joyce, a recently retired senior executive with 34 years of distinguished service at the National Security Agency (NSA)…

• Defeating EDR Evading Malware with Memory Forensics — Case, Sellers, Richard

  In this DEF CON 32 presentation, Andrew Case, a core developer on the Volatility memory analysis project and Director of Research at Volexity, delves into the critical issue of sophisticated malware…

• Digital Emblems-When markings are required, but you have no rattle-can — Bill Woodcock

  In his DEF CON 32 talk, "Digital Emblems: When markings are required, but you have no rattle-can," Bill Woodcock introduced a novel concept designed to modernize and secure the myriad physical…

• Exploiting the Unexploitable Insights from the Kibana Bug Bounty — Mikhail Shcherbakov

  In this insightful talk from DEF CON 32, Mikhail Shcherbakov, a seasoned bug bounty hunter and PhD student, shares captivating stories from his extensive participation in the Kibana bug bounty…

• Using ALPC security features to compromise RPC services — WanJunJie Zhang, Yisheng He

  In this DEF CON 32 talk, security researcher WanJunJie Zhang, from Hillstone Networks, delved into the intricacies of inter-process communication mechanisms within the Windows operating system…

• Outlook Unleashing RCE Chaos CVE 2024 30103 — Michael Gorelik, Arnold Osipov

  In this DEF CON 32 presentation, Michael Gorelik and Arnold Osipov from Morphic shed light on a critical and often overlooked aspect of cybersecurity: the incompleteness of security patches. Their…

• Cultivating M4D SK1LLZ In the DEF CON Community — Yan Shoshitaishvili, Perri Adams

  This talk, "Cultivating M4D SK1LLZ In the DEF CON Community," introduces **Defcon Academy**, a new initiative aimed at providing structured, accessible cybersecurity education to the broader DEF CON…

• MobileMesh RF Network Exploitation Getting the Tea from goTenna — Erwin Karincic, Woody

  In an era increasingly defined by interconnectedness, mesh network technologies are rapidly becoming ubiquitous, underpinning everything from cellular infrastructure to specialized communication…

• Fireside Chat - The Dark Tangent and National Cyber Director Harry Coker Jr. — The Dark Tangent, Harry Coker Jr.

  This Fireside Chat from DEF CON 32 featured a significant dialogue between the hacker community and high-level U.S. government, represented by National Cyber Director Harry Coker Jr., moderated by…

• Hi-Intensity Deconstruction: Chronicles of a Cryptographic Heist — Javadi, Levy, Draffe

  This talk, "Hi-Intensity Deconstruction: Chronicles of a Cryptographic Heist," delves into the critical security vulnerabilities discovered within widely deployed physical **access control…

• Iconv, set the charset to RCE exploiting glibc to hack the PHP engine — Charles Fox

  In this DEF CON 32 talk, Charles Fox unveils a critical **buffer overflow vulnerability** discovered within the **glibc `iconv` library**, a fundamental component for character set conversion in…

• Leveraging private APNs for mobile network traffic analysis — Aapo Oksman

  In an era where ubiquitous connectivity defines our digital landscape, the security of mobile network traffic remains a critical yet often overlooked frontier. Aapo Oksman's DEF CON 32 talk…

• HookChain A new perspective for Bypassing EDR Solutions — Helvio Carvalho Junior

  In the ever-escalating arms race between attackers and defenders, Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) solutions are critical components of modern…

• Feet Feud — Unknown
• Gotta Cache ‘em all bending the rules of web cache exploitation — Martin Doyhenard

  In this DEF CON 32 presentation, "Gotta Cache ‘em all: bending the rules of web cache exploitation," Martin Doyhenard delves into novel techniques for exploiting web cache vulnerabilities, moving…

• Mutual authentication is optional — Xavier Zhang

  In the DEF CON 32 talk "Mutual authentication is optional," security researcher Xavier Zhang delves into critical vulnerabilities within HID iClass SE physical access control systems, demonstrating…

• Exploiting Cloud Provider Vulnerabilities for Initial Access — Nick Frichette

  In his DEF CON 32 talk, Nick Frichette, a security researcher at DataDog specializing in AWS offensive security, unveiled a novel approach to gaining initial access to AWS accounts: exploiting…

• Measuring the Tor Network — Silvia Puglisi, Roger Dingledine

  This article delves into the critical and complex topic of measuring the Tor Network, a talk delivered by Silvia Puglisi and Roger Dingledine at DEF CON 32. The Tor Network, renowned for its…

• Laundering Money — Michael Orlitzky

  In "Laundering Money," Michael Orlitzky presents a compelling and humorous exposé on the security vulnerabilities of commercial laundry machines operated by CSC Service Works. The talk details how…

• Finding & exploiting local attacks on 1Password Mac desktop app — J. Hoffman, C. Morgan

  This talk, presented by Colby Morgan and Jeffrey Hoffman, offensive security engineers at Robin Hood, delves into their research on identifying and exploiting local vulnerabilities within the…

• Grand Theft Actions Abusing Self Hosted GitHub Runners — Adnan Khan, John Stawinski

  In "Grand Theft Actions," Adnan Khan and John Stawinski expose a pervasive and critical vulnerability within the GitHub Actions ecosystem: the insecure configuration of **self-hosted runners**…

• NTLM The Last Ride — Jim Rush, Tomais Williamson

  In "NTLM The Last Ride" at DEF CON 32, security researchers Jim Rush and Tomais Williamson delivered a sobering assessment of the enduring vulnerability posed by **NTLM (New Technology LAN…

• Hacker Jeopardy — Unknown

  This article is based on an introductory segment for "Hacker Jeopardy 30" at DEF CON 32. The provided transcript, while short, captures the vibrant, community-centric atmosphere of a major…

• Disenshittify or die! How hackers can seize the means of computation — Cory Doctorow

  In a compelling and provocative talk at DEF CON 32, renowned author and activist Cory Doctorow introduced and elaborated on his widely discussed concept of **enshittification**. This presentation…