| 13:00 | DEF CON 101 |
|
| 15:00 |
Abstrct
|
When Space Elephants Attack: A DEFCON Challenge for Database Geeks |
| 09:00 |
Databeast
|
When the going gets weird, the weird turn pro |
| 10:00 | Welcome and the Making of the DEF CON 19 Badge |
|
Operational Use of Offensive Cyber |
||
The History and Evolution of Computer Viruses |
||
Chiu,
Lai,
Peikan,
Wu
|
Balancing The Pwn Trade Deficit – APT Secrets in Asia |
|
DEFCON Challenge for Database Geeks |
||
Vandevanter
|
Distributed Denial of Service Attacks for White Hats |
|
| 11:00 |
Conti
|
The Art and Science of Security Research |
Schearer
|
WTF Happened to the Constitution? |
|
Butler
|
Physical Memory Forensics for Cache |
|
Krick
|
DCFluX in: License to Transmit |
|
Ross
|
Alice and Bob are Fucked |
|
| 12:00 |
Marlinspike
|
SSL And The Future Of Authenticity |
Meet the Federal Agent 2.0 |
||
Heiland
|
From Printer To Pwnd: Leveraging Multifunction Printers During Penetration Testing |
|
Rahman
|
Sneaky PDF |
|
Wilhelm
|
Staying Connected during a Revolution or Disaster |
|
Malley
|
If you want to go phishing, you need the right bait… |
|
| 12:30 |
Schorr
|
TSA-Proof Get Home Bags |
| 13:00 |
Kaminsky
|
Black Ops of TCP/IP 2011 |
Kimball,
Phillips,
Salons,
Schearer
|
Net Neutrality Panel |
|
Lenik
|
I'm Your MAC(b)Daddy |
|
Bowne
|
Three Generations of DoS Attacks |
|
Fiddler,
Tobias
|
Insecurity: An Analysis Of Current Commercial And Government Security Lock Designs |
|
Kingtuna,
Pyro
|
Hacking with QR Codes |
|
| 14:00 |
Alonso,
Garrido
|
Dust: Your Feed RSS Belongs To You! |
Beckstrom,
Dixon,
Moss,
Sager,
Wells
|
Former Keynotes - The Future |
|
Robinson
|
What Time Are You Anyway? |
|
Jakhar
|
Jugaad – Linux Thread Injection Kit |
|
Engelman,
Rezchikov,
Wang
|
Why Airport Security Can't Be Done FAST |
|
warezjoe
|
Wireless Dirty Sisters – The other RF shit you aren't Looking at, and why you're going to get fscked |
|
| 15:00 |
Lawson,
Ollam,
Potter
|
And That's How I Lost My Eye: Exploring Emergency Data Destruction |
Ilyas,
Percoco
|
Malware Freak Show 3: They're pwning er'body out there! |
|
McGrew
|
Covert Post-Exploitation Forensics With Metasploit |
|
Webb
|
Runtime Process Insemination |
|
Kennedy
|
Hacking Your Victims Over Power Lines |
|
McGinley
|
Putting the Hack in Ikea Hacks -or- Some Assembler Required |
|
| 16:00 |
Bankston,
Eckersley,
Fakhoury,
Hofmann,
Opsahl,
Reagan
|
Ask EFF: The Year in Digital Civil Liberties |
Engebretson,
Pauli
|
Mamma Don't Let Your Babies Grow Up to be Pen Testers |
|
Clark,
Haines
|
Familiarity Breeds Contempt |
|
Weyers
|
Key Impressioning |
|
Timmay
|
Meta-Work and Zombie Flows: How Compliance and Standards Strangled Infosec |
|
| 17:00 |
Anarchy Angel,
Anch,
blakdayz,
converge,
Jake,
Kotler,
ngharo
|
Represent! Defcon Groups, Hackerspaces, and You. |
Shrdlu
|
Are You In Yet? The CISO's View of Pentesting |
|
Garcia
|
UPnP Mapping |
|
Joyce
|
The Art of Trolling |
|
Guy
|
Fame: Not The Musical |
|
| 17:30 |
Gavin
|
Gone in 60 Minutes: Stealing Sensitive Data from Thousands of Systems Simultaneously with OpenDLP |
Cook
|
Kernel Exploitation Via Uninitialized Stack |
|
| 18:00 |
Christey,
Eiram,
Holden,
Hutton,
Kouns,
Manion,
Martin,
Moussouris
|
Is it 0-day or 0-care? |
Alonso,
Garrido
|
Bosses love Excel, Hackers too. |
|
Rosenberg
|
Owned Over Amateur Radio: Remote Kernel Exploitation in 2011 |
|
Archer,
Freaksworth
|
IP4 TRUTH: The IPocalypse is a LIE |
|
| 19:00 | We owe it all to the Hackers |
| 09:00 |
Radcliffe
|
Hacking Medical Devices for Fun and Insulin: Breaking the Human SCADA System |
| 10:00 |
Kornbrust
|
Hacking and Securing DB2 LUW Databases |
Corman,
Jericho,
Roberts
|
Whoever Fights Monsters... Aaron Barr, Anonymous, and Ourselves |
|
Abraham,
Eston,
Johnson
|
Don't Drop the SOAP: Real World Web Service Testing for Web Hackers |
|
Holt,
Kilger
|
Assessing Civilian Willingness to Participate in On-Line Political and Social Conflict |
|
Ollam
|
Safe to Armed in Seconds: A Study of Epic Fails of Popular Gun Safes |
|
Anch
|
Fun with EC2/Amazon Cloud Services |
|
| 11:00 |
Miller
|
Battery Firmware Hacking |
Barisani,
Bianco,
Franken,
Laurie
|
Chip & PIN is Definitely Broken |
|
Engler,
Fleischer,
Hamiel,
Law
|
Smartfuzzing The Web: Carpe Vestra Foramina |
|
Brooks,
Wilson
|
Traps of Gold |
|
Towne
|
DIY Non-Destructive Entry |
|
| 12:00 | Hacking and Forensicating an Oracle Database Server |
|
Arlen
|
Security When Nano Seconds Count |
|
Bouillon
|
Federation and Empire |
|
Johansen,
Osborne
|
Hacking Google Chrome OS |
|
Searle
|
Attacking and Defending the Smart Grid |
|
Diekman,
Roberts
|
Tractor Jacking 101 |
|
| 13:00 |
Alien,
B,
Sumner
|
Weaponizing Cyberpsychology and Subverting Cybervetting for Fun, Profit and Subterfuge |
Arlen,
Graham,
Hoff,
Maynor,
Mogull,
Mortman,
Pesce
|
DEF CON Comedy Jam IV |
|
Karlsson,
Swende
|
Web Application Analysis With Owasp Hatkit |
|
McCoy
|
Hacking .Net Applications: The Black Arts |
|
McNabb
|
Vulnerabilities of Wireless Water Meter Networks |
|
Pordon
|
Advanced High Security Lock Bypass and Its Implications |
|
| 14:00 |
Scott
|
Archive Team: A Distributed Preservation of Service Attack |
Gomez
|
Bulletproofing The Cloud: Are We Any Closer To Security? |
|
Feinstein,
Jarmoc
|
Get Off of My Cloud: Cloud Credential Compromise and Exposure |
|
Thieme
|
Staring into the Abyss: The Dark Side of Crime-fighting, Security, and Professional Intelligence |
|
| 15:00 | DEF CON Awards |
|
Imhoff
|
Economics of Password Cracking in the GPU Era |
|
Chow
|
Abusing HTML5 |
|
Carey,
Rude,
Vandevanter
|
Metasploit vSploit Modules |
|
Gostom,
Marpet
|
Smile for the Grenade! "Camera Go Bang!" |
|
Roamer
|
Network Migration for Penetration Testers |
|
| 16:00 |
Arlen,
Corman,
Daniel,
Hutton,
McKeay,
Shackleford
|
PCI 2.0: Still Compromising Controls and Compromising Security |
Fritschie,
Wright
|
Getting F***** On the River |
|
Amit,
Kotler
|
Sounds Like Botnet |
|
Howard
|
An Insider's Look at International Cyber Security Threats and Trends |
|
Indi
|
Out of the basement and into the BEDROOM |
|
| 17:00 |
Pittman
|
My password is: #FullOfFail! — The Core Problem with Authentication and How We Can Overcome It |
Network Security Podcast Meetup |
||
Ostrom
|
VoIP Hopping the Hotel: Attacking the Crown Jewels through VoIP |
|
Geers
|
Strategic Cyber Security: An Evaluation of Nation-State Cyber Attack Mitigation Strategies |
|
Schearer
|
Contractors, Clearances, and Chaos: Tales from the Crypt |
|
| 18:00 |
Bianchi,
Zoz
|
Vanquishing Voyeurs: Secure Ways To Authenticate Insecurely |
Ozer
|
Big Brother on the Big Screen: Fact/Fiction? |
|
Bilodeau
|
Fingerbank - Open DHCP Fingerprints Database |
|
Zhu
|
Phishing and Online Scam in China |
|
Baskin
|
Walking the Green Mile: How to Get Fired After a Security Incident |
|
| 18:30 |
Baldwin
|
Pillaging DVCS Repos For Fun And Profit |
Foofus
|
Handicapping the US Supreme Court |
|
| 19:00 |
Percoco,
Schulte
|
This is REALLY not the droid you're looking for... |
| 09:00 |
Arcon,
Dr. Kaos
|
Becoming Jack Flack – Real Life Cloak and Dagger |
| 10:00 |
Havelt,
Henrique
|
Earth vs. The Giant Spider: Amazingly True Stories of Real Penetration Tests |
Whitfield Diffie & Moxie Marlinspike |
||
Linn
|
PIG: Finding Truffles Without Leaving A Trace |
|
Fulton
|
Cellular Privacy: A Forensic Analysis of Android Network Traffic |
|
Cohen
|
Look At What My Car Can Do |
|
| 11:00 |
Chamales
|
Lives On The Line: Securing Crisis Maps In Libya, Sudan, And Pakistan |
Bilodeau
|
PacketFence, The Open Source Nac: What We've Done In The Last Two Years |
|
Pickett
|
Port Scanning Without Sending Packets |
|
Chin,
O'Neil
|
Seven Ways to Hang Yourself with Google Android |
|
Craig
|
Internet Kiosk Terminals: The Redux |
|
Redman
|
The REAL cutting edge to hash cracking |
|
| 12:00 |
Maresca
|
We're (The Government) Here To Help: A Look At How FIPS 140 Helps (And Hurts) Security |
Duckwall
|
A Bridge Too Far: Defeating Wired 802.1x with a Transparent Bridge Using Linux |
|
Crenshaw
|
Cipherspaces/Darknets: An Overview Of Attack Strategies |
|
Kehrer,
Percoco
|
Getting SSLizzard |
|
Scarito
|
Build your own Synthetic Aperture Radar |
|
Gomez
|
Hacking Healthcare |
|
| 13:00 |
Sutherland
|
How To Get Your Message Out When Your Government Turns Off The Internet |
Cryer
|
Taking Your Ball And Going Home; Building Your Own Secure Storage Space That Mirrors Dropbox's |
|
Shah
|
Mobile App Moolah: Profit taking with Mobile Malware |
|
Ocepek
|
Blinkie Lights: Network Monitoring with Arduino |
|
Ross
|
Agnitio: the security code review Swiss army knife. Its static analysis, but not as we know it. |
|
| 13:30 |
Weitzel
|
Steganography and Cryptography 101 |
| 14:00 |
Trimble
|
The Future of Cybertravel: Legal Implications of the Evasion of Geolocation |
Woodberg
|
Network Application Firewalls vs. Contemporary Threats |
|
Manning
|
Pervasive Cloaking |
|
Skunkworks
|
Hacking the Global Economy with GPUs or How I Learned to Stop Worrying and Love Bitcoin |
|
Bryner
|
Kinectasploit: Metasploit Meets Kinect |
|
Long
|
TBD |
|
| 14:30 |
Kennish
|
Tracking the Trackers: How Our Browsing History Is Leaking into the Cloud |
Arpaia,
Reed
|
Beat to 1337: Creating A Successful University Cyber Defense Organization |
|
Smith
|
How Haunters Void Warranties |
|
| 15:00 |
Elrod,
Morris
|
I Am Not a Doctor but I Play One on Your Network |
Dinaburg
|
Bit-squatting: DNS Hijacking Without Exploitation |
|
Crowley
|
Speaking with Cryptographic Oracles |
|
Barnett
|
Deceptive Hacking: How Misdirection Can Be Used To Steal Information Without Being Detected |
|
Levinson
|
Don't Fix It In Software |
|
Roberts
|
Planes Keep Falling On My Head |
|
| 16:00 |
Weeks
|
Network Nightmare: Ruling The Nightlife Between Shutdown And Boot With Pxesploit |
Devarajan,
LeBert
|
VDLDS — All Your Voice Are Belong To Us |
|
datagram
|
Introduction to Tamper Evident Devices |
|
Perkins,
Tassey
|
Wireless Aerial Surveillance Platform |
|
| 17:00 |
Bryan,
Eduardo
|
Building The DEF CON Network, Making A Sandbox for 10,000 Hackers |
Elhage
|
Virtualization under attack: Breaking out of KVM |
|
Phillips
|
Hacking MMORPGs for Fun and Mostly Profit |
|
Dora the SCADA Explorer,
Newman,
Rad,
Strauchs
|
SCADA & PLCs in Correctional Facilities: The Nightmare Before Christmas |
|
| 18:00 |
Street
|
Steal Everything, Kill Everyone, Cause Total Financial Ruin! |
| 19:00 | Awards Ceremonies |
This "Old School" schedule is an automatically-generated evolution of a manually-generated hack Darth Null has been using at ShmooCon since 2007. It won't work too well for a large conference, like DEFCON, but for smaller events like ShmooCon or BlackHat DC, it might be useful.
Simply print this out at whatever scale is most helpful to you. For example, for ShmooCon: print at 65%, fold Friday and Sunday back behind Saturday, and laminate, for a two-sided 3" x 4" card that you can keep in your shirt pocket.