DEF CON 33 (backfill)
DEF CON 33 main-track backfill — 169 talks uploaded to YouTube after the initial defcon33 ingestion. Merged into defcon33 at deploy time.
→ See editor’s top picks at DEF CON 33 (backfill)
- Redefining Purple Teaming for Max impact - A Pennington, S Marrone, L Proehl — Sydney Moroni, Lauren Pill
In an insightful panel discussion at DEF CON, security experts Sydney Moroni, Lauren Pill, and Adam Pennington explored the evolving landscape of **purple teaming** and **adversary emulation**. The…
- Go Malware Meets IoT - Challenges, Blind Spots, and Botnets — Asher Davila
This talk, presented by Asher Davila and Chris from Palaton Networks, delves into the growing trend of malware written in Google's Go programming language, specifically focusing on its impact on…
- From Pwn to Plan: Turning Physical Exploits Into Upgrades — Shawn
In this compelling DEF CON presentation, Shawn, a seasoned physical red teamer, challenges the traditional "hack and report" mentality prevalent in security assessments. Titled "From Pwn to Plan…
- Deepfake Image and Video Detection — Mike Raggo
In an era increasingly saturated with synthetic media, the ability to discern genuine content from sophisticated fabrications is paramount. This talk, delivered by veteran security researcher Mike…
- Hacker v. Triage - Inside Bug Bounty Battleground — Richard Hyunho Im, Denis Smajlović
In the DEF CON talk "Hacker v. Triage - Inside Bug Bounty Battleground," security researcher Richard Hyunho Im and Principal Security Consultant Denis Smajlović delve into the often-strained…
- The Anatomy of a Crypto Scam — Nick Percoco, Kitboga
In an engaging and often humorous presentation at DEF CON, Nick Percoco, Chief Security Officer at Kraken, and Kitboga, a renowned scam baiter and YouTuber, delved into the pervasive and…
- Winners of DARPA’s AI Cyber Challenge — Andrew Carney, Jason Roos, Stephen Winchell
The DARPA AI Cyber Challenge (AICC) is a landmark public competition aimed at revolutionizing software security by developing autonomous systems capable of discovering and patching vulnerabilities…
- Intro to Physical Security Bypass — Karen Ng, Matthew Cancilla
In "Intro to Physical Security Bypass," Karen Ng and Matthew Cancilla deliver a rapid-fire exploration of common physical security vulnerabilities, demonstrating how many seemingly secure entry…
- Thinking Like a Hacker in the Age of AI — Richard 'neuralcowboy' Thieme
In his captivating DEF CON talk, "Thinking Like a Hacker in the Age of AI," Richard 'neuralcowboy' Thieme, a revered figure who has spoken at 27 DEF CONs over three decades, delivered a profound…
- Regex For Hackers — Adam 'BuildHackSecure' Langley, Ben 'nahamsec' Sadeghipour
In their DEF CON talk, "Regex For Hackers," Adam Langley and Ben Sadeghipour, co-founders of Hackinghub, delivered a rapid-fire, comprehensive session on the critical role of **regular expressions**…
- Hacking Context for Auto Root Cause and Attack Flow Discovery — Ezz Tahoun
In this compelling DEF CON talk, Ezz Tahoun presents a radical rethinking of how cybersecurity organizations approach log management, correlation, and threat detection. Titled "Hacking Context for…
- Whose Slide Is It Anyway? — Killer Grizz
The DEF CON tradition of "Whose Slide Is It Anyway?" stands as a vibrant testament to the hacker community's capacity for humor, spontaneity, and resilience. Far from a conventional technical…
- Designing and Participating in AI Bug Bounty Programs — Dane Sherrets, Shlomie Liberow
This talk, originally titled "Securing Intelligence: How Hackers are Breaking Modern AI Systems and How Bug Bounty Programs Can Keep Up," delves into the cutting-edge intersection of artificial…
- No Brain No Gain — Mehmet Önder Key, Temel Demir, Dr Ahmet Furkan Aydogan
This talk, "No Brain No Gain," presented by Temel Demir, Mehmet Önder Key, and Dr. Ahmet Furkan Aydogan, introduces a novel approach to authentication in **Industrial Internet of Things (IIoT)**…
- Managing Bug Bounties @ Scale — Gabriel Nitu, Jay Dancer, PayPal, Ryan Nolette, Goshak
This DEF CON panel, "Managing Bug Bounties @ Scale," brings together industry leaders from major technology and financial companies—Splunk, Shopify, and PayPal, alongside an experienced former AWS…
- How Not to IoT:Lessons in Security Failures — Zoltan "zh4ck" Balazs
In "How Not to IoT: Lessons in Security Failures," Zoltan "zh4ck" Balazs dissects a litany of pervasive security vulnerabilities found in common Internet of Things (IoT) devices, from smart…
- Thinking like an attacker is no longer optional — Abhijith 'Abx' B R, Keenan Skelly
In an insightful panel discussion at DEF CON, a group of seasoned cybersecurity experts — Abhijith 'Abx' B R, Bryson Bort, Anant, and Lt. Col. Gordon Boom — delved into the critical importance of…
- No Spook Leaves Randomness to Chance — Shaanan Cohney
In "No Spook Leaves Randomness to Chance," Shaanan Cohney, an academic researcher at the University of Melbourne, delves into the elusive question of how state-level adversaries, such as the NSA…
- Exploiting Shadow Data from AI Models and Embeddings — Patrick Walsh
Patrick Walsh, CEO of Iron Core Labs, delivered a compelling talk at DEF CON, "Exploiting Shadow Data from AI Models and Embeddings," shedding light on the alarming ease with which sensitive data…
- All your keyboards are belong to us! — Federico Lucifredi
In this comprehensive DEF CON talk, Federico Lucifredi, an experienced embedded engineer and co-founder of an R&D shop, delves into the often-overlooked and repeatedly rediscovered world of keyboard…
- Carding is Dead, Long Live Carding — Federico Valentini, Allesandro Strino
This talk, "Carding is Dead, Long Live Carding," delivered by Federico Valentini and Alessandro Strino from Clifi, delves into the alarming evolution of credit card fraud, specifically highlighting…
- Threat Dynamics on the Seas — John Mauger, Michael Sulmeyer, Adam Segal
This talk, sponsored by the Maritime Hacking Village at DEF CON, delves into the critical intersection of cybersecurity policy and geopolitical competition, specifically focusing on the Indo-Pacific…
- Fingerprint-Based Bot Blocking & Dynamic Deception — Adel Karimi
In this DEF CON talk, Adel Karimi introduces an innovative approach to bot detection and adversary deception through network fingerprinting and dynamic response generation. His presentation, titled…
- DEF CON 33 3- Red teaming fraud prevention systems with GenAI — Karthik Tadinada, Martyn Higson
This talk, presented by Karthik Tadinada and Martyn Higson, delves into the escalating threat of payment fraud, specifically how **Generative AI (GenAI)** is democratizing sophisticated attack…
- How NOT to Perform Covert Entry Assessments — Brent White, Tim Roberts
In this highly engaging and refreshingly candid DEF CON talk, Brent White and Tim Roberts, seasoned physical security penetration testers with over 12 years of experience, dismantle common…
- Access to secure dependency management everywhere w Nix- T Berek, F Zakaria & D Baker — Thomas Berek, Fared, Morgan Jones
This talk, "Rebuild the World," at DEF CON marks a significant moment as the first official DEF CON stage presentation dedicated entirely to **Nix**. Speakers Morgan Jones, Thomas Berek, and Fared…
- Passing the Torch - Mentoring and Protecting Our Students — Navaar Johnson, Sam Comini
"Passing the Torch - Mentoring and Protecting Our Students" at DEF CON was an unconventional yet highly insightful session that transformed from a planned panel discussion into an interactive…
- Securing Agentic AI Systems and Multi-Agent Workflows — Andra Lezza, Jeremiah Edwards
In an era witnessing the rapid proliferation of AI agents and multi-agent systems, this DEF CON talk by Andra Lezza and Jeremiah Edwards of Sage delves into the critical security considerations for…
- Scamming Scammers - Weaponizing OSS Against Pig Butchering, Organized Crime — Erin West
Erin West, a veteran prosecutor with 26 years of experience in Santa Clara County, delivered a stark and urgent call to action at DEF CON, exposing the devastating global crisis of **pig butchering…
- Private, Private, Private Access Everywhere — Meghan Jacquot
Meghan Jacquot's DEF CON 33 workshop, "Private, Private, Private Access Everywhere," delved into the critical subject of personal digital privacy in an era where information is increasingly…
- DC101 Panel - Alethe Denis, Nikita Kronenberg , zziks, Nicole Schwartz, Nina Alli — Alith, Nina Ali, Circuit Swan, Zeke
This talk, titled "DC 101: Your Hacker Survival Guide to Defcon," serves as an indispensable primer for navigating the world's largest and most chaotic hacker conference, DEF CON. Presented as a…
- How malicious packages on npm bypass existing security tools — Paul McCarty
In this compelling talk from DEF CON, Paul McCarty, Head of Research at Safety, sheds light on the escalating threat of malicious packages within the open-source ecosystem, particularly **npm**…
- So you want to make a badge? Badge Creation 101 — Jeff Geisperger
Jeff Geisperger, also known as Big Taro, delivered an insightful and highly practical talk at DEF CON titled "So you want to make a badge? Badge Creation 101." Geisperger, a security engineer by day…
- How Extra Features In Contactless Payments Break Security, What We Can Do — Tom Chotia
In this DEF CON talk, Tom Chotia from the University of Birmingham dives deep into the often-overlooked security implications of "extra features" added to the otherwise robust **EMV contactless…
- Hacking Hotel Locks: The Saflok Vulnerabilities Expanded -Noah Holland, Josh Stiebel — Noah Holland, Josh Stiebel
This talk, "Hacking Hotel Locks: The Saflok Vulnerabilities Expanded," presented by Noah Holland and Josh Stiebel, delves into the pervasive security flaws within Dormakaba's Saflok and Sapphire…
- Game Hacking 101 — Julian 'Julez' Dunning
In "Game Hacking 101," Julian 'Julez' Dunning, co-founder of **Truffle Security** and founder of the **Game Hacking Village**, delves into the fascinating intersection of video games and…
- DDoS: The Next Generation — Andrew Cockburn
In "DDoS: The Next Generation," Andrew Cockburn from NetScout delivers a compelling and data-driven presentation on the evolving landscape of Distributed Denial of Service (DDoS) attacks. Drawing…
- SSH Honeypots and Walkthrough Workshops: A History — Ryan Mitchell
In this engaging DEF CON talk, software engineer Ryan Mitchell, known as "clugist" at the Packet Hacking Village (PHP), delves into his dual passions: SSH honeypots and the evolution of interactive…
- State of Open Source in the Federal Government — Jordan Kasper
Jordan Kasper's DEF CON talk, "State of Open Source in the Federal Government," delivers a candid and critical assessment of how U.S. federal agencies interact with open source software (OSS)…
- Post Quantum Panic: When Will the Cracking Begin, & Can We Detect it? — K Karagiannis
In a stark and urgent presentation at DEF CON, K Karagiannis, Quantum Computing Services Leader at Pertivity, delivered a sobering assessment of the impending threat posed by quantum computers to…
- Elevators 101 — Bobby Graydon, Ege Feyzioglu
In "Elevators 101," Ege Feyzioglu and Bobby Graydon from the Physical Security Village at DEF CON shed light on the often-overlooked vulnerabilities inherent in modern elevator systems. The talk…
- Quantum Resistant Healthcare — Katarina Amrichova
Katarina Amrichova's talk, "Quantum Resistant Healthcare," addresses the critical and looming threat that quantum computing poses to current cryptographic standards, particularly within the…
- Dark Capabilities - When Tech Companies Become Threat Actors — Greg Conti, Tom Cross
In an era where technology giants wield immense influence, Tom Cross and Greg Conti presented a provocative and deeply analytical talk at DEF CON titled "Dark Capabilities - When Tech Companies…
- The 2025 Pwnie Awards — Ian Roos, Mark Trumpbour
The 2025 Pwnie Awards, presented at DEF CON, served as a vibrant and often humorous retrospective on the most significant achievements, spectacular failures, and critical vulnerabilities discovered…
- Fighting a Digital Blockade: View from Taiwan — Herming Chiueh, Jason Vogt, Frank Smith
This talk, "Fighting a Digital Blockade: View from Taiwan," delves into the critical challenges Taiwan faces in maintaining digital connectivity and resilience in the event of a conflict with the…
- How Nation-State Hackers Turn Human Error into Catastrophic Failures — N Case, J McCoy
In this DEF CON talk, "How Nation-State Hackers Turn Human Error into Catastrophic Failures," speakers N Case and J McCoy pull back the curtain on the insidious tactics employed by nation-state…
- Building Onramps for Emergency Web Archiving in Ukraine and Beyond — Quinn Dombrowski
In the wake of Russia's full-scale invasion of Ukraine in February 2022, a critical but often overlooked battlefront emerged: the preservation of Ukraine's digital cultural heritage. Quinn…
- Third Party Access Granted : Postmortem on Student Privacy — Sharlene Toney
In "Third Party Access Granted: Postmortem on Student Privacy," Sharlene Toney dissects the intricate and often opaque flow of student data from educational institutions to commercial data brokers…
- What Game Hackers teach us about Offensive Security & Red Teaming — Joe 'Juno' Aurelio
In this DEF CON talk, security researcher Joe 'Juno' Aurelio explores the intricate world of game hacking, drawing compelling parallels between the techniques employed by game cheats and those…
- Defending Reddit at Scale — Pratik Lotia, Spencer Koch
In "Defending Reddit at Scale," Spencer Koch and Pratik Lotia, veteran security engineers from Reddit, pull back the curtain on the intricate strategies and architectural decisions behind protecting…
- Satellite Networks Under Siege: Cybersecurity Challenges of Targeted DDoS — Roee Idan
In an increasingly interconnected world, **Low Earth Orbit (LEO) satellite networks** like Starlink, OneWeb, and Kuiper are becoming indispensable. They bridge connectivity gaps in remote areas…
- Letthemin: Facilitating High Value Purple Teams Using Assumed Compromise — Sarah Hume
In this DEF CON talk, Sarah Hume, Purple Team Service Lead at Security Risk Advisors, introduces a unique and highly effective strategy for conducting purple team engagements: the **assume…
- The Worst ICS OT Love Story Ever Told — Mike Holcomb
Mike Holcomb's DEF CON talk, "The Worst ICS OT Love Story Ever Told," delves into the alarming state of cybersecurity within Industrial Control Systems (ICS) and Operational Technology (OT)…
- Tunnelpocalypse — Rich Compton
Rich Compton's DEF CON talk, "Tunnelpocalypse," unveils a critical and pervasive vulnerability that significantly escalates the threat of IP spoofing and, consequently, distributed denial-of-service…
- State of the Pops: Mapping the Digital Waters — Vlatko Kosturjak, MJ Casado
In "State of the Pops: Mapping the Digital Waters," MJ Casado and Vlatko Kosturjak present a groundbreaking, passive open-source intelligence (OSINT) investigation into the cybersecurity posture of…
- Examining Access Control Vulnerabilities in GraphQL: A Feeld Case Study — Bogdan Tiron
In this compelling DEF CON presentation, Bogdan Tiron, a Senior Pentester at Brbridge, delivered a critical analysis of access control vulnerabilities within modern API architectures, specifically…
- Blurred Lines: Evolving Tactics of North Korean Cyber Threat Actors — Seongsu Park
In his DEF CON talk, "Blurred Lines: Evolving Tactics of North Korean Cyber Threat Actors," Seongsu Park, a Staff Threat Researcher at Gscaler, delves into the increasingly complex landscape of…
- The Worst ICS/OT Love Story Every Told - 2025 Mike Holcomb — Mike Holcomb
In "The Worst ICS/OT Love Story Ever Told," Mike Holcomb, a seasoned professional from Fluor, delves into the critical and often overlooked cybersecurity challenges within Industrial Control Systems…
- Escaping the Privacy Sandbox with Client Side Deanonymization Attacks — Eugene Lim
In this insightful DEF CON talk, Eugene Lim, also known as Space Raccoon, delved into the intricacies of Google's **Privacy Sandbox** and exposed critical client-side deanonymization vulnerabilities…
- Red Russians: How Russian APT groups follow offensive security research — Will Thomas
In this compelling DEF CON talk, Will Thomas, a Senior Threat Intelligence Adviser at Team Camry, unveils a critical trend observed over years of tracking sophisticated adversaries: Russian advanced…
- China's Health Sector Ambitions and Info Needs — Amelia Shapiro
In this compelling DEF CON presentation, Amelia Shapiro of Margin Research delivered a critical analysis of the People's Republic of China's (PRC) strategic motivations for targeting US medical big…
- Take all my money - penetrating ATMs — Fredrik Sandstom
Fredrik Sandstrom, a veteran penetration tester with a decade of experience in offensive security, delivers a revealing talk at DEF CON titled "Take all my money - penetrating ATMs." This…
- Pirates of the North Sea — John Andre Bjørkhaug-
- Hacking the Nautical Rules of the Road Turn Left for Global Pwnage — Amp, Data
In an era where cyber warfare often focuses on digital infrastructure, the DEF CON talk "Hacking the Nautical Rules of the Road Turn Left for Global Pwnage" by Amp and Data pivoted the conversation…
- What’s Really in the Box? The Case for Hardware Provenance and HBOMs — Allan Friedman
In this DEF CON talk, Allan Friedman, a prominent figure in the **Software Bill of Materials (SBOM)** movement during his decade as a US government lead for supply chain security, shifts focus to…
- ReclaimTech: A community movement — Janet Vertesi, Andy Hull
The "ReclaimTech: A community movement" talk at DEF CON presented a compelling vision for a **grassroots social movement** aimed at empowering individuals to reclaim control over their digital lives…
- They deployed Health AI on us: We’re bringing the rights & red teams — Andrea Downing
In this compelling DEF CON talk, Andrea Downing, co-founder and board president of the light collective, shines a critical light on the rapid deployment of Artificial Intelligence in healthcare…
- Sometimes you find bugs, sometimes bugs find you — Jasmin Landry JR0ch17
In the dynamic world of cybersecurity, the pursuit of vulnerabilities often involves meticulous reconnaissance, advanced tooling, and complex exploit chains. However, as Jasmin Landry (JR0ch17)…
- Hacking a head unit with malicious PNG — Danilo Erazo
In a compelling presentation at DEF CON, Danilo Erazo, founder of RE Everything, unveiled a significant **zero-day technique** targeting Kia **infotainment consoles**. The talk, titled "Hacking a…
- Never enough about cameras: Firmware keys hidden under the rug — Alexandru Lazar
In this DEF CON talk, Alexandru Lazar, a Security Researcher at B Defender, delves into the often-overlooked security posture of IP cameras, specifically focusing on devices from Dahua Technology…
- Resilient & Reconfigurable Maritime Comms — Avinash Srinivasan, Brien Croteau
In an era of increasing global trade and geopolitical complexities, the security and efficiency of maritime communications are paramount. This talk, "Resilient & Reconfigurable Maritime Comms,"…
- Fingerprinting Maritime NMEA2000 Networks — Constantine Macris TheDini, Anissa Elias
In this DEF CON presentation, Constantine Macris (TheDini) and Anissa Elias introduce a novel method for deterministically fingerprinting **NMEA 2000** networks, a critical bus protocol for maritime…
- Red Teaming Space: Hacking the Final Frontier — Tim Fowler
Tim Fowler, Founder and CEO of Ethos Labs and RBX Space, delivered a compelling talk at DEF CON titled "Red Teaming Space: Hacking the Final Frontier." This presentation illuminated the critical and…
- Uncovering the Secrets of Tire Pressure Monitoring Systems — Yago Lizarribar
In this DEF CON talk, Yago Lizarribar, a researcher specializing in the intersection of cybersecurity and artificial intelligence, sheds light on significant vulnerabilities within **Tire Pressure…
- Modern Odometer Manipulation - collin & oblivion — Colin
In this insightful DEF CON talk, Colin delves into the surprisingly straightforward world of modern odometer manipulation. Challenging the common assumption that digital odometers are tamper-proof…
- Welcome to DEF CON 33 - The Dark Tangent — The Dark Tangent
The "Welcome to DEF CON 33" address by The Dark Tangent (DT), the founder of DEF CON, is a quintessential opening keynote that transcends a mere greeting to encapsulate the ethos, history, and…
- Veilid la revoluçion : Your data is yours to own — Katelyn Bowden, Paul Miller
In an era where personal data is increasingly commodified and centralized platforms dominate digital communication, Katelyn Bowden and Paul Miller presented "Veilid la revolución: Your data is yours…
- Cryptocurrency Weekend Keynote Chelsea Button, Alfonso Tinoco & Elaine Shi — Elaine Shi
In this keynote address, Professor Elaine Shi from Carnegie Mellon University demystifies **Oblivious RAM (ORAM)**, a foundational cryptographic primitive that has transitioned from complex…
- Decision Making in Adversarial Automation — Bobby Kuzma, Michael Odell
In the intricate dance between attackers and defenders, the speed and accuracy of decision-making often dictate the outcome. This talk, "Decision Making in Adversarial Automation," delivered by…
- Cryptocurrency Opening Keynote — Michael Schloh MsvB, Chad Calease, Param D Pithadia
The DEF CON Cryptocurrency Opening Keynote for 2024 provided a comprehensive overview of the current security landscape within the rapidly evolving cryptocurrency space. Moderated by Michael Schloh…
- Don’t Cry Wolf: Evidence based assessments of ICS Threats — Jimmy Wylie, Sam Hanson
In the realm of Industrial Control Systems (ICS) security, the stakes are exceptionally high. Misinformation, sensationalized reporting, or a lack of analytical rigor can lead to unnecessary panic…
- Reverse Engineering Marine Engines: Make powerboats do your bidding — Alex Lorman
In this illuminating DEF CON talk, Alex Lorman unveils practical strategies for gaining autonomous control over marine engines, challenging the prevailing industry trend of heavily locked-down…
- Reconfigurable HSMs: Future Proofing Hardware Security — Pablo Trujillo
This talk, presented by Pablo Trujillo at DEF CON, addresses the critical need for robust and adaptable security mechanisms in an increasingly complex threat landscape. Trujillo, an FPGA designer…
- Locked Down, Not Locked Out: How I Escaped Yr Secure Operator Workstation — Aaron Boyd
In his compelling DEF CON talk, "Locked Down, Not Locked Out: How I Escaped Yr Secure Operator Workstation," Aaron Boyd, a seasoned system engineer at Liberty Energy with a distinguished background…
- Making the DEF CON 33 Badge — Mar
Mar Williams, a distinguished UX designer and artist with a long history of contributing to DEF CON's unique aesthetic, took the stage to demystify the complex process behind creating the iconic DEF…
- How Computers Kill People: Marine Systems — Michael DeVolld, Austin Reid
In an era dominated by discussions of nation-state hackers, ransomware, and AI-driven threats, Michael DeVolld and Austin Reid from ABS Consulting, joined by Chris Stein, delivered a sobering talk…
- How AI + Hardware can Transform Point of Care Workflows — PamirAI
In a compelling presentation at DEF CON, Dr. Shiferlay Olen Brock, affectionately known as Jen Su, delivered a powerful "call to action from the front lines of healthcare," advocating for the…
- Firmware Decryption: For, and By, the Cryptographically Illiterate — Craig Heffner
In this insightful DEF CON talk, Craig Heffner, renowned for developing the **Binwalk** firmware analysis tool, delves into the increasingly common practice of firmware encryption by device…
- HoloConnect AI - From Space to Biohacking — Dr. Fernando De La Peña Llaca
In a captivating DEF CON presentation, Dr. Fernando De La Peña Llaca from AXA introduced **HoloConnect AI**, a groundbreaking system designed to provide real-time holographic presence and AI-driven…
- Moonlight Defender : Purple Teaming in Space! — Ben Hawkins
This talk, "Moonlight Defender: Purple Teaming in Space!", delivered by Ben Hawkins, a Senior Research Engineer at Aerospace Corporation, delves into a critical initiative aimed at bridging the…
- What is Dead May Never Die: The Immortality of SDK Bugs — Richard Lawshae
In "What is Dead May Never Die: The Immortality of SDK Bugs," Richard Lawshae, a Principal Security Researcher at Ksite Technologies, delves into the pervasive and enduring threat posed by…
- Navigating the Invisible — Mehmet Onder Key, Furkan Aydogan
This talk, "Navigating the Invisible," delivered by Furkan Aydogan at DEF CON, delves into the complex and often opaque world of maritime security, presenting a dual perspective on intelligence…
- Operational Twilight: APTs, OT, & geopolitics of a dying climate — Cybelle Oliveira
In an increasingly volatile global landscape, Cybelle Oliveira, a prominent CTI researcher and founder of Lavilla Hacker, presented a compelling and urgent talk at DEF CON titled "Operational…
- Safeguarding the Industrial Frontier OT SOC & Incident Response — Adam Robbie
This talk delves into the critical and often overlooked realm of Operational Technology (OT) security, specifically focusing on the establishment and operation of an **OT Security Operations Center…
- Hull Integrity: Applying MOSAICS to Naval Mission Systems — Michael Frank
In a revealing talk at DEF CON, Michael Frank, the Deputy CTO for the Department of the Navy, presented a critical initiative aimed at fortifying the cybersecurity posture of the U.S. Navy and…
- Fear vs Physics: Diagnosing Grid Chaos — Emma Stewart
Emma Stewart, Chief Grid Scientist at Idaho National Lab, delivered a compelling talk titled "Fear vs Physics: Diagnosing Grid Chaos" at DEF CON, challenging the prevalent tendency within the…
- How AI + Hardware can Transforming Point-of-Care Workflows — PamirAI
This talk, presented by a co-founder of PamirAI, delves into the transformative potential of integrating **Artificial Intelligence (AI)** with **hardware** to revolutionize various workflows…
- Bare Metal Reverse Engineering — SolaSec
This talk, "Bare Metal Reverse Engineering" by SolaSec, dives deep into the intricate world of analyzing firmware that runs directly on hardware without a conventional operating system. SolaSec…
- Your Passkey is Weak: Phishing the Unphishable — Chad Spensky, Ph D
In a revealing and impactful presentation at DEF CON, Chad Spensky, Ph D, delivered a critical analysis of the current state of **passkeys**, challenging the prevailing industry narrative that they…
- Killing Killnet — Alex Holden
In a captivating talk at DEF CON, Alex Holden, a cybersecurity veteran and founder of Hold Security, unveiled an extraordinary tale of cyber warfare and unconventional disruption. Titled "Killing…
- Here and Now: Exploiting the Human Layer at the Right Moment — Daniel Isler
In a field often fixated on meticulously crafted plans and technical exploits, Daniel Isler's DEF CON talk, "Here and Now: Exploiting the Human Layer at the Right Moment," offers a profound paradigm…
- Reclaim Tech: A Community Movement — Janet Vertesi, Andy Hull
In an era defined by perpetual digital and sociopolitical upheaval, Rebecca Miller, a seasoned cyber risk analyst and CISSP instructor, delivered a compelling talk at DEF CON, challenging attendees…
- Referral Beware, Your Rewards Are Mine — Whit @un1tycyb3r Taylor
In his compelling DEF CON talk, "Referral Beware, Your Rewards Are Mine," Whit Taylor from Rhino Security Labs delves into the often-overlooked security vulnerabilities within incentive referral…
- Dead Reckoning: Hijacking Marine Autopilots — Carson Green, Rik Chatterjee
In "Dead Reckoning: Hijacking Marine Autopilots," Carson Green and Rik Chatterjee from Colorado State University's System Cyber Research Lab unveil critical vulnerabilities within marine autopilot…
- Prompt Scan Exploit AI’s Journey Through 0Days and 1000 Bugs — D. Jurado, J. Nogue
This talk, presented by D. Jurado and J. Nogue at DEF CON, delves into the development and capabilities of an autonomous AI-powered penetration testing system. The speakers unveil a sophisticated…
- How API flaws led to admin access to 1k+ USA dealers & control of yr car — Eaton Zveare
In an eye-opening presentation at DEF CON, security researcher Eaton Zveare unveiled a critical vulnerability chain that granted him national administrative access to the proprietary dealer system…
- VDP in Aviation How it shouldn't be done! — Matt Gaffney
Matt Gaffney, known as "gaffers," delivers a candid and critical assessment of **Vulnerability Disclosure Programs (VDPs)** within the aviation sector, highlighting pervasive failures and offering…
- Countering Forensics Software by Baiting Them — Weihan Goh, Joseph Lim, Isaac Soon
This talk, presented by Professor Weihan Goh and his students Joseph Lim and Isaac Soon from Singapore, delves into a novel approach to anti-forensics in the mobile domain. Titled "Countering…
- Cybersecurity in Latin America - Stories of Resilience & Innovation — Giovanni Forero
Giovanni Forero's talk, "Cybersecurity in Latin America - Stories of Resilience & Innovation," delivers a compelling narrative about the unique cybersecurity landscape in Latin America. Far from…
- The depths that marketers will plummet to - 4dw@r3 — Adwear
In this DEF CON talk, "The depths that marketers will plummet to," speaker Adwear exposes the increasingly invasive and legally ambiguous data collection practices employed by the digital marketing…
- Bio Cryptography is the Game Genie in a post quantum dystopia — James Utley, PhD
Dr. James Utley's DEF CON talk, "Bio Cryptography is the Game Genie in a post quantum dystopia," introduces a provocative vision for secure human communication in an age dominated by pervasive…
- There and Back Again: Detecting OT Devices Across Protocol Gateways — Rob King
In the realm of Operational Technology (OT) and Industrial Control Systems (ICS), maintaining a comprehensive inventory of devices is paramount for security and operational integrity. Rob King's DEF…
- Back to Basics: Building Resilient Cyber Defenses — Yael Grauer
In "Back to Basics: Building Resilient Cyber Defenses," Yael Grauer, a Program Manager overseeing cybersecurity research at Consumer Reports and an investigative tech reporter, challenges the…
- Evolution of Drain Attacks — Utvecklas, George
The talk "Evolution of Drain Attacks" by Utvecklas and George at DEF CON delves into the escalating sophistication of cryptocurrency drain attacks, a prevalent and financially devastating form of…
- Creating a Virtual Ship Environment Optimized for Cybersecurity Use — Jeff Greer
In an increasingly interconnected world, the maritime industry, once seen as a realm apart, is now a critical frontier for cybersecurity. Jeff Greer, a professor at the University of North Carolina…
- Context Aware Anomaly Detection in Automotive CAN Without Decoding — Ravi Rajput
In this DEF CON presentation, Ravi Rajput, a Principal Architect at New Tech Global, addresses the critical challenge of securing the **Controller Area Network (CAN) bus** in modern vehicles. The…
- Hacking Space to Defend It: Generating IoBs with SPARTA — Brandon Bailey
In an increasingly space-dependent world, securing orbital assets against cyber threats is paramount. Brandon Bailey's DEF CON talk, "Hacking Space to Defend It: Generating IoBs with SPARTA,"…
- Vulns to end your space mission - A. Olchawa, M. Starcik, R. Fradique & A.Boulaich — Mileno, Andre, Ricardo
This talk by the Vision Space team, led by Mileno and featuring Andre and Ricardo, delves into critical security vulnerabilities discovered in widely used software components of space systems…
- QRAMM: The Cryptographic Migration to a Post Quantum World — Emily Fane, Abdel Sy Fane
In this critical DEF CON presentation, Emily Fane and Abdel Sy Fane introduced the **Quantum Readiness Assurance Maturity Model (QRAMM)**, an open-source framework designed to guide organizations…
- The PowerPoint Glove — Parsia Hakimian
In "The PowerPoint Glove" at DEF CON, Parsia Hakimian from Microsoft presented an ambitious and entertaining project: repurposing a vintage Nintendo Power Glove as a modern Bluetooth Human Interface…
- Intro to Common Industrial Protocol Exploitation — Trevor Flynn
Trevor Flynn's DEF CON talk, "Intro to Common Industrial Protocol Exploitation," provides a foundational yet detailed exploration into the Common Industrial Protocol (**CIP**), a cornerstone…
- Crossing the Line: Advanced Techniques to Breach the OT DMZ — Christopher Nourrie
This talk, presented by Christopher Nourrie at DEF CON, delves into advanced penetration testing techniques specifically designed to breach the **Operational Technology (OT) Demilitarized Zone…
- Planting C4: Cross Compatible External C2 for Your Implants — Scott Taylor
In the ever-evolving landscape of red team operations and advanced persistent threats, establishing resilient and covert command and control (C2) channels is paramount. Scott Taylor, a Red Team…
- Let AI Autogenerate Neural ASR Rules for OT Attacks via NLP — Mars Cheng, Jr Wei-Huang
In this DEF CON talk, Mars Cheng and Jr Wei-Huang (Jay Jong) from TX1 Networks presented a groundbreaking approach to enhance Operational Technology (OT) security by leveraging Artificial…
- Unveiling IoT Vulns: From Backdoors to Bureaucracy — Kai-Ching Wang, Chiao-Lin Yu
This talk by Kai-Ching Wang and Chiao-Lin Yu, seasoned security researchers from Trend Micro and CHT Security in Taiwan, delves into the often-overlooked realm of manufacturer-created backdoors and…
- Cloned Vishing : A case study — Katherine Rackliffe
In an era where digital threats evolve at an unprecedented pace, social engineering tactics continue to be a primary vector for cybercriminals. Katherine Rackliffe's DEF CON talk, "Cloned Vishing: A…
- The Things know What You Did Last Session — Will Baggett
Will Baggett's DEF CON talk, "The Things know What You Did Last Session," delves into the critical intersection of digital forensics and the Internet of Things (IoT). Baggett, a seasoned expert with…
- Off Grid Datarunning in Oppresive Regimes: Sneakernet and Pirate Box — Robert Menes
In an era of increasing digital fragility and pervasive censorship, Robert Menes of Hacker Town delivered a compelling talk at DEF CON, advocating for the revival and modernization of **off-grid…
- The Missing Link: Draytek’s New RCEs Complete the Chain — O. Gianatiempo, G. Aznarez
This talk, presented by Gastonas Narees and Octavio Gianatiempo, security researchers at Faraday, unveils new pre-authentication remote code execution (RCE) vulnerabilities in Draytek routers…
- Quiet Confidence An Introvert's Journey to Technical Public Speaking — Emma Fang
In her compelling DEF CON talk, "Quiet Confidence: An Introvert's Journey to Technical Public Speaking," Emma Fang, a Senior Security Architect at EPAM, shared her transformative experience of…
- Vibe School: Making dumb devices smart with AI — Dr Katie Paxton Fear
Dr. Katie Paxton Fear, known online as Insider PhD and a Security Advocate at Smrat, took the DEF CON audience on a "deeply unserious" yet highly insightful journey into the practicalities and…
- Smart Bus Smart Hacking: Free WiFi to Total Control — Kai Ching Wang, Chiao-Lin Yu
In an era where smart infrastructure is rapidly integrating into daily life, the security implications of these interconnected systems often lag behind their convenience. This talk, "Smart Bus Smart…
- OSINT Enabled Ghost Mode: Counter Surveillance for Everyday People — Desiree Wilson
In an era defined by ubiquitous data collection and constant digital exposure, Desiree Wilson's DEF CON talk, "OSINT Enabled Ghost Mode: Counter Surveillance for Everyday People," presents a…
- Access Control Done Right the First Time — Tim Clevenger
In this insightful DEF CON talk, Tim Clevenger, a Network Cyber Security Engineer with a unique background in physical access control system installation and maintenance, dissects the common…
- TotalTest Simulations 2 Oh! From Exploits to Economics — Nebu Varghese
In his DEF CON talk, "TotalTest Simulations 2 Oh! From Exploits to Economics," Nebu Varghese, a Senior Director in FDI Consulting's cybersecurity practice, presented a compelling framework designed…
- Secure software dependency management everywhere with Nix — Tom Berek, Farid Zakaria
In this groundbreaking DEF CON talk, "Secure software dependency management everywhere with Nix," Tom Berek, Farid Zakaria, and Morgan Jones introduce the Nix ecosystem as a revolutionary approach…
- Smart Devices, Dumb Resets:Testing Firmware Persistence in Commercial IoT — Matei Jose
In "Smart Devices, Dumb Resets," Matei Jose, a Senior Penetration Tester at Happening XYZ, delves into the critical security vulnerability posed by the inadequate sanitization of returned Internet…
- Incident Response from a Maritime Sysadmin’s War Room — Kit Louttit, Steve Winston
- Bypassing Intent Destination Checks, LaunchAnyWhere Privilege Escalation — Qidan He
In this DEF CON talk, Qidan He, a distinguished security researcher, unveils "Bad Resolve," a novel class of **LaunchAnywhere** privilege escalation vulnerabilities impacting modern Android systems…
- Breaking into thousands of cloud based VPNs with 1 bug -David Cash, Rich Warren — Dave, Rich
In their DEF CON talk, "Zero Trust, Total Bust," Dave and Rich from Amberwolf unveiled a disturbing reality: the much-touted Zero Trust Network Access (ZTNA) solutions, often marketed as the secure…
- Ask EFF — Cooper Quintin, Lisa Femia, Thorin Klosowski, Alexis Hancock, Hannah Zhao
This DEF CON talk, "Ask EFF," brings together key members of the Electronic Frontier Foundation (EFF)'s Public Interest Technology and Activism teams to discuss their multifaceted approach to…
- Hard Hat Brigade Creations Q&A — MrBill, M0nkeyDrag0n, CoD_Segfault
The "Hard Hat Brigade Creations Q&A" talk at DEF CON provided a fascinating deep dive into a burgeoning subculture that merges art, technology, and community engagement through the medium of…
- Preventing One of The Largest Supply Chain Attacks in History — Maksim Shudrak
Maksim Shudrak's DEF CON talk, "Preventing One of The Largest Supply Chain Attacks in History," unveils a critical and widespread supply chain vulnerability rooted in the recycling of cloud storage…
- Critically Neglected: Cybersecurity for buildings — Thomas Pope
In an era where digital infrastructure underpins nearly every aspect of modern life, the cybersecurity of physical buildings remains a critically overlooked and dangerously vulnerable attack…
- DEF CON 33 VIdeo — TeamHackerPager
The "Hacker Pager" talk at DEF CON unveiled a unique and highly anticipated hardware badge that transcends the typical conference collectible, evolving into a robust open-source communication and…
- 40 Years Of Phrack: Hacking, Zines & Digital Dissent -richinseattle, Netspooky, Chompie — Rich in Seattle, Net Spooky, Chompy
The DEF CON talk "40 Years Of Phrack: Hacking, Zines & Digital Dissent" offered a comprehensive journey through the history, evolution, and enduring cultural significance of **Phrack**, arguably the…
- One Modem to Brick Them All -Vulns in EV Charging Comms — Jan Berens, Marcell Szakaly
This talk, "One Modem to Brick Them All," delivered by Marcell Szakaly from the University of Oxford and Jan Berens from Albertronic, delves into critical security vulnerabilities found within the…
- Turning Camera Surveillance on its Axis — Noam Moshe
In this compelling DEF CON presentation, Noam Moshe, a lead vulnerability researcher at Clarity, unveiled critical security flaws within Axis Communications' enterprise-grade IP camera management…
- DEF CON 33 Preview — Cryptocurrency Preview
This presentation served as a concise yet informative preview of the expanded **Cryptocurrency Areas** at DEF CON 33. Delivered by Michael, one of the founding members, the talk outlined the…
- DEF CON 33 Preview - AIXCC — Andrew Carney
The DEF CON 33 Preview for the **AI Cyber Challenge (AICC)** introduces an ambitious and critical initiative spearheaded by DARPA and ARPAH. This 2-year competition is designed to accelerate the…