| S32E01 |
Welcome to DEF CON
|
August 9, 2024
|
20
|
|
| S32E02 |
Where’s the Money: Defeating ATM Disk Encryption
|
August 9, 2024
|
45
|
|
| S32E03 |
Securing CCTV Cameras Against Blind Spots
|
August 9, 2024
|
45
|
|
| S32E04 |
Mobile Mesh RF Network Exploitation: Getting the Tea from goTenna
|
August 9, 2024
|
45
|
|
| S32E05 |
Behind Enemy Lines: Going undercover to breach the LockBit Ransomware Operation
|
August 9, 2024
|
45
|
|
| S32E06 |
Spies and Bytes: Victory in the Digital Age
|
August 9, 2024
|
45
|
|
| S32E07 |
Defeating magic by magic:Using ALPC security features to compromise RPC services
|
August 9, 2024
|
45
|
|
| S32E08 |
The XZ Backdoor Story: The Undercover Operation That Set the Internet on Fire
|
August 9, 2024
|
45
|
|
| S32E09 |
No Symbols When Reversing? No Problem: Bring Your Own
|
August 9, 2024
|
45
|
|
| S32E10 |
Atomic Honeypot: A MySQL Honeypot That Drops Shells
|
August 9, 2024
|
45
|
|
| S32E11 |
Listen to the whispers: web timing attacks that actually work
|
August 9, 2024
|
45
|
|
| S32E12 |
High Intensity Deconstruction: Chronicles of a Cryptographic Heist
|
August 9, 2024
|
45
|
|
| S32E13 |
Veilid Dev and Community Meetup
|
August 9, 2024
|
45
|
|
| S32E14 |
On Your Ocean's 11 Team, I'm the AI Guy (technically Girl)
|
August 9, 2024
|
45
|
|
| S32E15 |
Fireside Chat with DNSA Anne Neuberger
|
August 9, 2024
|
45
|
|
| S32E16 |
Kicking in the Door to the Cloud: Exploiting Cloud Provider Vulnerabilities for Initial Access
|
August 9, 2024
|
45
|
|
| S32E17 |
Sshamble: Unexpected Exposures in the Secure Shell
|
August 9, 2024
|
45
|
|
| S32E18 |
If Existing Cyber Vulnerabilities Magically Disappeared Overnight, What Would Be Next?
|
August 9, 2024
|
45
|
|
| S32E19 |
Defeating EDR Evading Malware with Memory Forensics
|
August 9, 2024
|
45
|
|
| S32E20 |
Xiaomi The Money - Our Toronto Pwn2Own Exploit and Behind The Scenes Story
|
August 9, 2024
|
45
|
|
| S32E21 |
Digital Emblems: When markings are required under international law, but you don’t have a rattle-can
|
August 9, 2024
|
45
|
|
| S32E23 |
Optical Espionage: Using Lasers to Hear Keystrokes Through Glass Windows
|
August 9, 2024
|
45
|
|
| S32E24 |
Joe and Bruno's Guide to Hacking Time: Regenerating Passwords from RoboForm's Password Generator
|
August 9, 2024
|
45
|
|
| S32E25 |
Breaching AWS Accounts Through Shadow Resources
|
August 9, 2024
|
45
|
|
| S32E26 |
DC101 Panel
|
August 9, 2024
|
45
|
|
| S32E27 |
Android App Usage and Cell Tower Location: Private. Sensitive. Available to Anyone?
|
August 9, 2024
|
45
|
|
| S32E28 |
Abusing Windows Hello Without a Severed Hand
|
August 9, 2024
|
45
|
|
| S32E29 |
Taming the Beast: Inside the Llama 3 Red Team Process
|
August 9, 2024
|
45
|
|
| S32E30 |
Social Engineering Like you’re Picard
|
August 9, 2024
|
45
|
|
| S32E31 |
Eradicating Hepatitis C With BioTerrorism
|
August 9, 2024
|
45
|
|
| S32E32 |
Outlook Unleashing RCE Chaos: CVE-2024-30103 & CVE-2024-38021
|
August 9, 2024
|
45
|
|
| S32E33 |
The Way To Android Root: Exploiting Your GPU On Smartphone
|
August 9, 2024
|
45
|
|
| S32E34 |
Making the DEF CON 32 Badge
|
August 9, 2024
|
45
|
|
| S32E35 |
Why are you still, using my server for your internet access.
|
August 9, 2024
|
45
|
|
| S32E36 |
Leveraging private APNs for mobile network traffic analysis
|
August 9, 2024
|
45
|
|
| S32E37 |
One for all and all for WHAD: wireless shenanigans made easy !
|
August 9, 2024
|
45
|
|
| S32E38 |
Bricked & Abandoned: How To Keep The IoT From Becoming An Internet of Trash
|
August 9, 2024
|
45
|
|
| S32E39 |
Breaking Secure Web Gateways (SWG) for Fun and Profit
|
August 9, 2024
|
45
|
|
| S32E40 |
Stranger in a Changed Land
|
August 9, 2024
|
45
|
|
| S32E41 |
Exploiting Bluetooth - from your car to the bank account$$
|
August 9, 2024
|
45
|
|
| S32E42 |
DEF CON Franklin Project
|
August 9, 2024
|
45
|
|
| S32E43 |
The Pwnie Awards
|
August 10, 2024
|
45
|
|
| S32E44 |
Reverse Engineering MicroPython Frozen Modules: Data Structures, Reconstruction, and Reading Bytecod
|
August 10, 2024
|
45
|
|
| S32E45 |
Mutual authentication is optional
|
August 10, 2024
|
45
|
|
| S32E46 |
Laundering Money
|
August 10, 2024
|
20
|
|
| S32E47 |
CULT OF THE DEAD COW & Friends Present: Prime Cuts from Hacker History - 40 Years of 31337
|
August 10, 2024
|
105
|
|
| S32E48 |
Smishing Smackdown: Unraveling the Threads of USPS Smishing and Fighting Back
|
August 10, 2024
|
45
|
|
| S32E49 |
Gotta Cache ‘em all: bending the rules of web cache exploitation
|
August 10, 2024
|
45
|
|
| S32E50 |
The Rise and Fall of Binary Exploitation
|
August 10, 2024
|
45
|
|
| S32E51 |
SHIM me what you got - Manipulating Shim and Office for Code Injection
|
August 10, 2024
|
45
|
|
| S32E52 |
Sudos and Sudon’ts - Peering inside Sudo for Windows
|
August 10, 2024
|
45
|
|
| S32E53 |
QuickShell: Sharing is caring about an RCE attack chain on Quick Share
|
August 10, 2024
|
45
|
|
| S32E54 |
automobiles, alcohol, blood, sweat, and creative reversing of an obfuscated Car-Modding tool
|
August 10, 2024
|
45
|
|
| S32E55 |
Grand Theft Actions: Abusing Self-Hosted GitHub Runners at Scale
|
August 10, 2024
|
45
|
|
| S32E56 |
Disenshittify or die! How hackers can seize the means of computation and build a new, good internet
|
August 10, 2024
|
45
|
|
| S32E57 |
The Secret Life of a Rogue Device - Lost IT Assets on the Public Marketplace
|
August 10, 2024
|
45
|
|
| S32E58 |
AMD Sinkclose: Universal Ring -2 Privilege Escalation
|
August 10, 2024
|
45
|
|
| S32E59 |
OH-MY-DC: Abusing OIDC all the way to your cloud
|
August 10, 2024
|
45
|
|
| S32E60 |
Inside the FBI’s Secret Encrypted Phone Company ‘Anom’
|
August 10, 2024
|
45
|
|
| S32E61 |
Fireside Chat with Jay Healey and National Cyber Director Harry Coker, Jr.
|
August 10, 2024
|
45
|
|
| S32E62 |
NTLM - The Last Ride
|
August 10, 2024
|
45
|
|
| S32E63 |
Behind Enemy Lines: Engaging and Disrupting Ransomware Web Panels
|
August 10, 2024
|
45
|
|
| S32E64 |
Hacking Millions of Modems (and Investigating Who Hacked My Modem)
|
August 10, 2024
|
45
|
|
| S32E65 |
Discovering and exploiting local attacks against the 1Password MacOS desktop application
|
August 10, 2024
|
45
|
|
| S32E66 |
SQL Injection Isn't Dead: Smuggling Queries at the Protocol Level
|
August 10, 2024
|
45
|
|
| S32E67 |
Troll Trapping Through TAS Tools - Exposing Speedrunning Cheaters
|
August 10, 2024
|
45
|
|
| S32E68 |
ACE up the Sleeve: From getting JTAG on the iPhone 15 to hacking into Apple's new USB-C Controller
|
August 10, 2024
|
45
|
|
| S32E69 |
Measuring the Tor Network
|
August 10, 2024
|
45
|
|
| S32E70 |
Exploiting the Unexploitable: Insights from the Kibana Bug Bounty
|
August 10, 2024
|
45
|
|
| S32E71 |
A Shadow Librarian in Broad Daylight: Fighting back against ever encroaching capitalism
|
August 10, 2024
|
45
|
|
| S32E72 |
Unsaflok: Hacking millions of hotel locks
|
August 10, 2024
|
45
|
|
| S32E73 |
HookChain: A new perspective for Bypassing EDR Solutions
|
August 10, 2024
|
45
|
|
| S32E74 |
Secrets and Shadows: Leveraging Big Data for Vulnerability Discovery at Scale
|
August 10, 2024
|
45
|
|
| S32E75 |
Encrypted newspaper ads in the 19th century
|
August 10, 2024
|
45
|
|
| S32E76 |
Compromising an Electronic Logging Device and Creating a Truck2Truck Worm
|
August 10, 2024
|
20
|
|
| S32E77 |
Watchers being watched: Exploiting the Surveillance System and its supply chain
|
August 10, 2024
|
45
|
|
| S32E78 |
DEF CON Academy: Cultivating M4D SK1LLZ In the DEF CON Community
|
August 10, 2024
|
45
|
|
| S32E79 |
Breaking the Beam: Exploiting VSAT Satellite Modems from the Earth's Surface
|
August 10, 2024
|
45
|
|
| S32E80 |
Techniques for Creating Process Injection Attacks with Advanced Return-Oriented Programming
|
August 10, 2024
|
20
|
|
| S32E81 |
A Treasure Trove of Failures: What History’s Greatest Heist Can Teach Us About Defense In Depth
|
August 10, 2024
|
45
|
|
| S32E82 |
Nano-Enigma: Uncovering the Secrets Within eFuse Memories
|
August 10, 2024
|
45
|
|
| S32E83 |
Iconv, set the charset to RCE: exploiting the glibc to hack the PHP engine
|
August 10, 2024
|
45
|
|
| S32E84 |
Windows Downdate: Downgrade Attacks Using Windows Updates
|
August 11, 2024
|
45
|
|
| S32E85 |
Unlocking the Gates: Hacking a secure Industrial Remote Access Solution
|
August 11, 2024
|
20
|
|
| S32E86 |
The not-so-silent type: Breaking network crypto in almost every popular Chinese keyboard app
|
August 11, 2024
|
45
|
|
| S32E87 |
Splitting the email atom: exploiting parsers to bypass access controls
|
August 11, 2024
|
45
|
|
| S32E88 |
AWS CloudQuarry: Digging for secrets in public AMIs
|
August 11, 2024
|
45
|
|
| S32E89 |
Changing Global Threat Landscape with Rob Joyce and Dark Tangent
|
August 11, 2024
|
45
|
|
| S32E90 |
The hack, the crash and two smoking barrels. (And all the times I (almost) killed an engineer.)
|
August 11, 2024
|
45
|
|
| S32E91 |
Dragon SlayingGuide: Bug Hunting In VMware Device Virtualization
|
August 11, 2024
|
45
|
|
| S32E92 |
(|(MaLDAPtive:¯\_(LDAP)_/¯=ObFUsc8t10n) (De-Obfuscation &:=De*te)(!c=tion))
|
August 11, 2024
|
45
|
|
| S32E93 |
Deception & Counter Deception – Defending Yourself in a World Full of Lies
|
August 11, 2024
|
45
|
|
| S32E94 |
Open sesame - or how vulnerable is your stuff in electronic lockers
|
August 11, 2024
|
45
|
|
| S32E95 |
Solving the "Lover, Stalker, Killer" Murder with strings, grep, and Perl
|
August 11, 2024
|
20
|
|
| S32E96 |
DriverJack: Turning NTFS and Emulated Read-only Filesystems in an Infection and Persistence Vector
|
August 11, 2024
|
45
|
|
| S32E97 |
Redefining V2G - How to use your vehicle as a game controller
|
August 11, 2024
|
45
|
|
| S32E98 |
Clash, Burn, and Exploit: Manipulate Filters to Pwn kernelCTF
|
August 11, 2024
|
45
|
|
| S32E99 |
AIxCC Closing Ceremonies
|
August 11, 2024
|
45
|
|
| S32E100 |
DARPA and ARPA-H joined forces for the AI Cyber Challenge (AIxCC), a two-year competition aimed at r
|
August 11, 2024
|
45
|
|
| S32E101 |
Incubated Machine Learning Exploits: Backdooring ML Pipelines Using Input-Handling Bugs
|
August 11, 2024
|
45
|
|
| S32E102 |
Contest Closing Ceremonies and Awards
|
August 11, 2024
|
115
|
|
| S32E103 |
Abusing legacy railroad signaling systems
|
August 11, 2024
|
45
|
|
| S32E104 |
DEF CON Closing Ceremonies & Awards
|
August 11, 2024
|
165
|
|
| S32E105 |
A dive into world of Aircraft PKI
|
August 10, 2024
|
30
|
|
| S32E106 |
Adversarial Approach to Airline Revenue Management
|
August 9, 2024
|
30
|
|
| S32E107 |
Analyzing the Security of Satellite-Based Air Traffic Control
|
August 9, 2024
|
30
|
|
| S32E108 |
Behind the Badge: How we used and abused hardware to create the AV badge for DC32
|
August 11, 2024
|
30
|
|
| S32E109 |
From Theory to Reality: Demonstrating the Simplicity of SPARTA Techniques
|
August 10, 2024
|
30
|
|
| S32E110 |
GPS spoofing: it's about time, not just position
|
August 10, 2024
|
30
|
|
| S32E111 |
Ground Control to Major Threat Hacking the Space Link Extension Protocol
|
August 9, 2024
|
30
|
|
| S32E112 |
Fly Catcher - How I Developed a Low-Cost Raspberry Pi Based Device for ADS-B Spoof
|
August 10, 2024
|
30
|
|
| S32E113 |
Offensive Security Testing: Safeguarding the Final Frontier
|
August 10, 2024
|
30
|
|
| S32E114 |
RF Attacks on Aviation's Last Line of Defense Against Mid-Air Collisions (TCAS II)
|
August 10, 2024
|
45
|
|
| S32E115 |
Small Satellite Modeling and Defender Software
|
August 10, 2024
|
30
|
|
| S32E116 |
The Interplay between Safety and Security in Aviation Systems
|
August 11, 2024
|
30
|
|
| S32E117 |
Warflying in a Cessna
|
August 11, 2024
|
30
|
|
| S32E118 |
0.0.0.0 Day: Exploiting Localhost APIs From The Browser
|
August 10, 2024
|
30
|
|
| S32E119 |
BOLABuster: Harnessing LLMs for Automating BOLA Detection
|
August 10, 2024
|
30
|
|
| S32E120 |
Engineers & Exploits: The Quest for Security
|
August 10, 2024
|
30
|
|
| S32E121 |
Fine Grained Authorisation with Relationship-Based Access Control
|
August 9, 2024
|
30
|
|
| S32E122 |
Gridlock: The Dual-Edged Sword of EV and Solar APIs in Grid Security
|
August 11, 2024
|
30
|
|
| S32E123 |
Hacking Corporate Banking for Fun and Profit
|
August 9, 2024
|
30
|
|
| S32E124 |
I've got 99 problems but a prompt injection ain't watermelon
|
August 9, 2024
|
30
|
|
| S32E125 |
Maturing Your Application Security Program
|
August 10, 2024
|
30
|
|
| S32E126 |
Navigating the Cyber Security Labyrinth: Choose Your Own Security Adventure?
|
August 10, 2024
|
30
|
|
| S32E127 |
Relative Path File Injection: The Next Evolution in RPO
|
August 9, 2024
|
30
|
|
| S32E128 |
SDLC Nightmares Defeating Secure Code Review GPT Hallucinations
|
August 9, 2024
|
30
|
|
| S32E129 |
Securing Frontends at Scale: Paving our Way to the Post-XSS World
|
August 9, 2024
|
30
|
|
| S32E130 |
Speed Bumps and Speed Hacks: Adventures in Car Manufacturers Security
|
August 10, 2024
|
30
|
|
| S32E131 |
The Darkest Side of Bug Bounty
|
August 10, 2024
|
30
|
|
| S32E132 |
The Immortal Retrofuturism of Mainframe Computers and How to Keep Them Safe
|
August 11, 2024
|
30
|
|
| S32E133 |
The Missing Link How we collect and leverage SBOMs
|
August 10, 2024
|
30
|
|
| S32E134 |
Threat Modeling in the Age of AI
|
August 9, 2024
|
30
|
|
| S32E135 |
Ticking SQLi
|
August 9, 2024
|
30
|
|
| S32E136 |
Transforming AppSec: Protecting 'Everything as Code' & Emerging Tech
|
August 10, 2024
|
45
|
|
| S32E137 |
Unlocking the Gates Understanding Authentication Bypass Vulnerabilities
|
August 10, 2024
|
30
|
|
| S32E138 |
Using EPSS for Better Management Vulnerability Management
|
August 10, 2024
|
30
|
|
| S32E139 |
Web2 Meets Web3: Hacking Decentralized Applications
|
August 10, 2024
|
30
|
|
| S32E140 |
When Chatbots Go Rogue – Lessons Learned from Building and Defending LLM Applications
|
August 9, 2024
|
30
|
|
| S32E141 |
Winning big: AppSec Considerations From the Casino Industry
|
August 9, 2024
|
30
|
|
| S32E142 |
Your CI/CD Pipeline Is Vulnerable, But It's Not Your Fault
|
August 11, 2024
|
30
|
|
| S32E143 |
Evading Modern Defenses When Phishing with Pixels
|
August 10, 2024
|
|
|
| S32E144 |
Exploiting Voice Cloning in Adversarial Simulation
|
|
|
|
| S32E145 |
Formidable Adversaries: Responding to Breaches, Ransomware, and State-Sponsored Threat Actors
|
August 9, 2024
|
60
|
|
| S32E146 |
Kubernetes Attack Simulation: The Definitive Guide
|
August 11, 2024
|
30
|
|
| S32E147 |
MFT: Malicious Fungible Tokens
|
August 9, 2024
|
30
|
|
| S32E148 |
Master Splinter's initial physical access dojo: Storytelling of a complex adversarial
|
August 9, 2024
|
30
|
|
| S32E149 |
Sneaky Extensions: The MV3 Escape Artists
|
August 10, 2024
|
30
|
|
| S32E150 |
Tough Adversary? Don't Blame Sun Tzu
|
|
|
|
| S32E151 |
Unknown
|
|
|
|
| S32E152 |
3DU: Homo (e)x Machina
|
August 11, 2024
|
30
|
|
| S32E153 |
Breaking Boundaries: Popping Shells in the Airgap with $10 and a Dash of Arduino Magic
|
August 9, 2024
|
30
|
|
| S32E154 |
Bridging Space and Medicine
|
August 10, 2024
|
60
|
|
| S32E155 |
D0N0H4RM: Cyber STEM Storytime (Panel)
|
August 10, 2024
|
60
|
|
| S32E156 |
DIY Pharmaceuticals
|
|
|
|
| S32E157 |
Dysfunctional Unity: The Road to Nowhere
|
August 9, 2024
|
30
|
|
| S32E158 |
The Past, Present, and Future of Bioweapons
|
August 10, 2024
|
45
|
|
| S32E159 |
You got a lighter? I need to do some Electroporation.
|
August 10, 2024
|
30
|
|
