DEF CON 23 - Thursday, August 6
10:00
DaKahuna, satanklawz
Introduction to SDR and the Wireless Village
Anderson, Reed
Hardware and Trust Security: Explain it like I’m 5
11:00
IrishMASMS, Tottenkoph
Hackers Hiring Hackers - How to Do Things Better
White
Hacking Web Apps
12:00
Kronenberg, Petruzzi, Plug, PushPin, Rogers
DEF CON 101: The Panel.
Fasel
Seeing through the Fog
13:00
Huerta
Alice and Bob are Really Confused
14:00
Small
Beyond the Scan: The Value Proposition of Vulnerability Assessment
Polstra
Hacker in the Wires
15:00
LosT
Responsible Incident: Covert Keys Against Subverted Technology Latencies, Especially Yubikey
Laygui
Forensic Artifacts From a Pass the Hash Attack
16:00
Brierton, Desfigies, Islam
Guests N’ Goblins: Exposing Wi-Fi Exfiltration Risks and Mitigation techniques
McNeil, Owen
Sorry, Wrong Number: Mysteries Of The Phone System - Past and Present
17:00
Federico, Shoshitaishvili
Dark side of the ELF - leveraging dynamic loading to pwn noobs
Menerick
Backdooring Git
18:00
Collao, Erven
Medical Devices: Pwnage and Honeypots
Engler
Secure Messaging for Normal People
DEF CON 23 - Friday, August 7
00:00
Forrest
Workshop: How Do I TAILS? A Beginner's Guide to Anonymous Computing
Shultz
Pwning IoT with Hardware Attacks
Yang
Advanced SOHO Router Exploitation
Compton, Gershman
Phishing: Recon to Creds with the SpeedPhishing Framework
grecs
Creating REAL Threat Intelligence With Evernote
Schwartzberg
Hacking the Next Generation
Ramachandran
802.11 Monitoring with PCAP2XML/SQLite
Simmons
The Digital Cockroach Bait Station: How to Build Spam Honeypots
Kennedy
Understanding End-User Attacks – Real World Examples
Crowder
Fishing To Phishing: It's All About Slimy Creatures
Talmat
Hacking Satellite TV Receivers
Lodge, Munro
Hacking You Fat: The FitBit Aria
Street
Breaking in Bad! (I’m the one who doesn’t knock)
Newberry
Twitter, ISIL, and Tech
Hadnagy
A Peek Behind the Blue Mask: The Evolution of the SECTF
Hernández
Brain Waves Surfing - (In)security in EEG (Electroencephalography) Technologies
Caudill, Hornby
Underhanded Crypto Contest Wrapup
Fox, Thorsheim
Protecting global email - status & the road ahead
Brown, Levison, Nixon
Making Email Dark
Phillips
CrypTag: Building Encrypted, Taggable, Searchable Zero-knowledge Systems
Stealth
The Death of Privacy
Marina
Hacking Quantum Cryptography
Dahl, Jones
What is Bitcoin Tumbling and why do it?
Gandall, Sosa
Biohacking at home: Pragmatic DNA design, assembly, and transformation
Martin
From XSS to Root on Your NAS
Carlson, Doherty
Breaking CBC, or Randomness Never Was Happiness
Titonis
How Machine Learning Finds Malware Needles in an AppStore Haystack
Bhargavan
Skip, Freak, and Logjam: Moving past a legacy of weakness in TLS
Simpson
MITM 101: Easy Traffic Interception Techniques Using Scapy
Asghari
Where are the privacy-preserving services for the masses?
Sidorov
Should we trust crypto frameworks? A story about CVE-2015-2141
@CyberiseMe
Cloning Access Cards to Implants
Mittal
Powershell for Penetraton Testers
JoshInGeneral
Meeting People Over WiFi
Catatonic
Tospo Virus: Weaponizing WiFi Pineapple Vulnerabilities
Kinne, Kitchen
Rollin’ Down the Street Sniffin’ WiFi, Sippin’ on Pineapple Juice
O’Shea
GNU Radio Tools for Radio Wrangling and Spectrum Domination
Ramachandran
Automatic Live WPA/WPA2 Attacks and WPA_Supplicant
Beard, Wohlwinder
I See You
Koscher
DSP for SDR
Ward
The Packets Made Me Do It: Getting Started with Distributed Full Packet Capture Using OpenFPC
Bowne
Is Your Android App Secure?
Sup3r S3cr3t!
Calabro
Software Defined Radio Performance Trades and Tweaks
Cyb3r-Assassin
Wireless Pentesting: So Easy a Cave Man Can Do It
Ryan, Spill
Seeing Blue: Tools, Tricks, and Techniques for Messin’ With Bluetooth
10:00
Sistrunk
NSM 101 for ICS
Szakaly
Shall We Play a Game?
Mayorkas
Working together to keep the Internet safe and secure
LoST, Moss
Welcome to DEF CON
Crowley, Smith
Bugged Files: Is Your Document Telling on You?
Chow
Tools and Techniques Used at the Wall of Sheep
Bratus, Goodspeed
PSK31 Modulation Polyglots
indolering
DNS and the Future of Authenticity
Powell
Parallels in BioSec and InfoSec
Stanislav
The Hand that Rocks the Cradle: Hacking IoT Baby Monitors
10:25
Goetzman
Social Implications of DNA Acquisition & Storage
10:30
Hatti
Getting into the Trust Store We Trust
11:00
Eijah
Crypto for Hackers
Drake
Stagefright: Scary Code in the Heart of Android
Aitel, Blaze, Cardozo, Denaro, Tam
Licensed to Pwn: The Weaponization and Regulation of Security Research
Doctorow
Fighting Back in the War on General Purpose Computers
Hecker
Goodbye Memory Scraping Malware: Hold Out Till "Chip And Pin”
Raggo
Mobile Data Loss - Threats & Countermeasures
D’Otreppe, Ramachandran
WPA Enterprise Hacking
Rogers, Rogers
Using Privacy and Crypto Tools
Weis
Modern Crypto: 15 Years of Advancement in Cryptography
11:30
Kobeissi
Peerio: Productivity with end-to-end encryption
12:00
Schneier
Bruce Schneier Q&A
Allen, Bower
Malware in the Gaming Micro-economy
Dorrough
USB Attack to Decrypt Wi-Fi Communications
Westin
Confessions of a Professional Cyber Stalker
Koscher
Sniffing SCADA
Arcieri, Culbertson, Kayyali, Lacoste, Merrill, Teoh
Keynote: Crypto & Privacy Village
12:30
Caudill, Hornby
Keynote: Underhanded Crypto Contest
13:00
Schrenk
Applied Intelligence: Using Information That's Not There
Gooler, Shipley
Insteon' False Security And Deceptive Documentation
Kamkar
Drive It Like You Hacked It: New Attacks and Tools to Wirelessly Steal Cars
Metcalf
Red vs. Blue: Modern Active Directory Attacks & Defense
O'Flynn
Don't Whisper my Chips: Sidechannel and Glitching for Fun and Profit
Vixie
dnstap - A Standard Interface to Real Time DNS Transaction Flows
Seeber
SIGINT and Blind Signal Analysis with GNU Radio + Advanced SDR
Kloc
Life of PII: A Day in the Life of Your Personally Identifiable Information
14:00
Nemus
Hacking SQL Injection for Remote Code Execution on a LAMP stack
Shan, Zheng
Build a free cellular traffic capture tool with a vxworks based femoto
Mahaffey, Rogers
How to Hack a Tesla Model S
Latter
Remote Access, the APT
Castellucci
Cracking Cryptocurrency Brainwallets
Pidawekar
Hacker's Practice Ground
Caudill
Opening Backdoors: The Importance of Backdoor Research
Special Presentation
14:30
Koscher
How to Engineer a Cryptographic 'Front Door'
15:00
Ramachandran
Chellam – a Wi-Fi IDS/Firewall for Windows
AmmonRa
How to hack your way out of home detention
Huang, Yang
Low-cost GPS simulator – GPS spoofing by SDR
Davisson
REvisiting RE:DoS
Aumasson
Quantum Computers vs. Computers Security
Brink
Global Honeypot Trends
Dunning
The Wireless World of the Internet of Things
Budindgton
Let's Talk about Let's Encrypt
Sullivan
CFSSL: the evolution of a PKI toolkit
Aganovic, Dameff, Hefley, Tully, Whitlock
Physiology from the Perspective of Control: A Bio-hacker's Guide
15:30
Wildani
Examining the Robustness of the Brain Against a Malicious Adversary
16:00
Kline
LTE Recon and Tracking with RTLSDR
Graham, Maynor
HamSammich – long distance proxying over radio
Kelley
Harness: Powershell Weaponization Made Easy (or at least easier)
An
When the Secretary of State says: “Please Stop Hacking Us…”
Løge
Tell me who you are and I will tell you your lock pattern
Hosmer, Raggo
Remaining Covert in an Overt World
Beddome
Yellow Means Proceed with Caution - Applied De-escalation for Social Engineering
Warrior
Covert Wireless: Practical Hacker LPI-LPD
Helsby
Machine Learning and Manipulation
Strobi, Zillner
Security of Wireless Home Automation Systems - A World Beside TCP/IP
16:30
Namazifar
Detecting Randomly Generated Strings; A Language Based Approach
Amicelli, David
How to secure the keyboard chain
Rock
I Will Kill You
miaubiz
Put on your tinfo_t hat if you're my type
Mitchell
Separating Bots from the Humans
Engler
Beginner Crypto for Application Developers
Martinez
IMSI Catcher Counter-Surveillance
17:00
Sconzo
I Am Packer And So Can You
Auger, Sandvik
When IoT attacks: hacking a Linux-powered rifle
atlas
Fun with Symboliks
Popescu
NetRipper - Smart traffic sniffing for penetration testers
Kulach
Hack the Legacy! IBM i (aka AS/400) Revealed.
Taylor
Violating Web Services
Fincher
"I Didn’t Think it was Loaded" and Other Mental Derps
Fernick
Breaking RSA - new cryptography for a post-quantum world
18:00
Krotofil, Larsen
Rocking the Pocket Book: Hacking Chemical Plant for Competition and Extortion
Young
How to Train Your RFID Hacking Tools
Selifonov
Drinking from LETHE: New methods of exploiting and mitigating memory corruption vulnerabilities
Frichot
Hooked Browser Meshed-Networks with WebRTC and BeEF
Selvi
Breaking SSL Using Time Synchronisation Attacks
Harris
Understanding Social Engineering Attacks with Natural Language Processing
19:00
Polstra
One Device to Pwn Them All
Ridpath
I Am Not What I Am: Shakespeare and Social Engineering
20:00
Guan
Classify Targets to Make Social Engineering Easier to Achieve
DEF CON 23 - Saturday, August 8
10:00
Potter
A Hacker’s Guide to Risk
Michael, Mickey Shkatov
Scared Poopless – LTE and *your* laptop
Hudson, Kallenberg, Kovah
ThunderStrike 2: Sith Strike
Anderson, Cross
Do Export Controls on “Intrusion Software” Threaten Vulnerability Research?
Sood
Dissecting the Design of SCADA Web Human Machine Interfaces (HMIs) - Hunting Vulnerabilities
11:00
Zoz
And That's How I Lost My Other Eye: Further Explorations In Data Destruction
Balmas, Oppenheim
Key-Logger, Video, Mouse — How To Turn Your KVM Into a Raging Key-logging Monster
Walker, Wiens
Machine vs. Machine: Inside DARPA’s Fully Automated CTF
Wardle
'DLL Hijacking' on OS X? #@%& Yeah!
Dalvi, Trummer
QARK: Android App Exploit and SCA Tool
12:00
Maldonado
Are We Really Safe? - Bypassing Access Control Systems
Petro, Salazar
Hacking Smart Safes: On the "Brink" of a Robbery
Guarnieri, Marquis-Boire, Marschalek
F*ck the attribution, show us your .idb!
McGrew
I Hunt Penetration Testers: More Weaknesses in Tools and Procedures
Ramachandran
Chigula — a framework for Wi-Fi Intrusion Detection and Forensics
13:00
Bugher
It's The Only Way To Be Sure: Obtaining and Detecting Domain Persistence
Moore
Spread Spectrum Satcom Hacking: Attacking The GlobalStar Simplex Data Service
Shoshitaishvili, Wang
Angry Hacking - the next generation of binary analysis
Ballenthin, Graeber, Teodorescu
WhyMI so Sexy? WMI Attacks, Real-Time Defense, and Advanced Forensic Analysis
Ferber, Valtman
From 0 To Secure In 1 Minute — Securing IAAS
14:00
Arnaboldi
Abusing XSLT for Practical Attacks
Beccaro, Collura
Extracting the Painful (blue)tooth
Miller, Valasek
Remote Exploitation of an Unaltered Passenger Vehicle
Douba
BurpKit - Using WebKit to Own the Web
15:00
El-Sherei, Stalmans
Extending Fuzzing Grammars to Exploit Unexplored Code Paths in Modern Web Browsers
Albert, Banks
Looping Surveillance Cameras through Live Editing of Network Streams
Healey, Ryan
Hacking Electric Skateboards: Vehicle Research For Mortals
Smith
High-Def Fuzzing: Exploring Vulnerabilities in HDMI-CEC
Eckersley, Kasten, Zhu
Let's Encrypt - Minting Free Certificates to Encrypt the Entire Web
16:00
Haddix
How to Shot Web: Web and mobile hacking in 2015
Cassidy, Lee, Leverett
Switches Get Stitches
Kaminsky
I want these * bugs off my * Internet
Young
Investigating the Practicality and Cost of Abusing Memory Errors with DNS
FitzPatrick, King
NSA Playset: JTAG Implants
17:00
Talabis
The Bieber Project: Ad Tech 101, Fake Fans and Adventures in Buying Internet Traffic
Bull, Matthews
Exploring Layer 2 Network Security in Virtualized Environments
Rikansrud, Young
Security Necromancy: Further Adventures in Mainframe Hacking
Blanco, Gazzoli
802.11 Massive Monitoring
Thieme
Hacking the Human Body/brain: Identity Shift, the Shape of a New Self, and Humanity 2.0
18:00
Ashbel, Siman
Game of Hacks: Play, Hack & Track
Pickett
Staying Persistent in Software Defined Networks
Cardozo, Eckersley, Jaycox, Kayyali, McSherry, Opsahl
Ask the EFF: The Year in Digital Civil Liberties
Berlin, Blow, Crain, Moussouris, Pesce, Sistrunk, Tentler
DEF CON Comedy Inception: How many levels deep can we go?
3AlarmLampscooter
DIY Nukeproofing: a new dig at "data-mining"
19:00
Grattafiori
Linux Containers: Future or Fantasy?
Jun, Qing
I’m A Newbie Yet I Can Hack ZigBee – Take Unauthorized Control Over ZigBee Devices
DEF CON 23 - Sunday, August 9
10:00
Pierce
Abusing native Shims for Post Exploitation
Gorenc, Hariri, Spelman
Abusing Adobe Reader’s JavaScript APIs
Mortman
Docker, Docker, Give Me The News, I Got A Bad Case Of Securing You
McSweeny, Soltani
How to Hack Government: Technologists as Policy Makers
11:00
Edwards
Ubiquity Forensics - Your iCloud and You
Cagle, Cheng
Who Will Rule the Sky? The Coming Drone Policy Wars
Bathurst, Thomas
Canary: Keeping Your Dick Pics Safe(r)
Domas
REpsych: Psychological Warfare in Reverse Engineering
12:00
Timzen
Hijacking Arbitrary .NET Application Control Flow
Robinson
Knocking my neighbor’s kid’s cruddy drone offline
Kennedy, Walton
Pivoting Without Rights – Introducing Pivoter
Wardle
Stick That In Your (root)Pipe & Smoke It
13:00
Brown, Shah
RFIDiggity: Pentester Guide to Hacking HF/NFC and UHF RFID
Bazhaniuk, Bulygin, Furtak, Gorobets, Matrosov
Attacking Hypervisors Using Firmware and Hardware
Coskun
Why nation-state malwares target Telco Networks: Dissecting technical capabilities of Regin and its counterparts
Seymour
"Quantum" Classification of Malware
14:00
Contest Closing Ceremonies
Martineau
Inter-VM data exfiltration: The art of cache timing covert channel on x86 multi-core
Lawshae
Let's Talk About SOAP, Baby. Let's Talk About UPNP
O'Neill
Advances in Linux Process Forensics Using ECFS
16:30
Closing Ceremonies


Instructions

This "Old School" schedule is an automatically-generated evolution of a manually-generated hack Darth Null has been using at ShmooCon since 2007. It won't work too well for a large conference, like DEFCON, but for smaller events like ShmooCon or BlackHat DC, it might be useful.

Simply print this out at whatever scale is most helpful to you. For example, for ShmooCon: print at 65%, fold Friday and Sunday back behind Saturday, and laminate, for a two-sided 3" x 4" card that you can keep in your shirt pocket.