InfoconDB

DEF CON 31 took place Aug. 10, 2023 through Aug. 13, 2023 (1 year, 3 months ago) at Caesars Forum, Flamingo, Linq, and Harrah's in Las Vegas, Nevada, USA.

The general admission cost for the conference was $440.00^[1].

Presentations

Thursday, Aug. 10, 2023

09:00 - Applied Emulation - A Practical Approach to Emulating Malware Workshop
09:00 - Introduction to Cryptographic Attacks Workshop
09:00 - Pentesting Inductiral Control Systems: OCP-U-HACK Workshop
09:00 - Hacking The Metal: An Intro to ARM Assembly Language Programming Workshop
09:00 - Protecting the AWS ecosystem - Misconfigurations, IAM, and Monitoring Workshop
10:00 - Boston Infinite Money Glitch: Hacking Transit Cards Without Ending Up In Handcuffs
11:00 - UNConventional Cybercrime: How a Bad Anti-Hacking Treaty is Becoming a Law
11:30 - Cracking Cicada 3301: The Future of Collaborative Puzzle-Solving
12:30 - New Isn’t Always Novel: Grep’ing Your Way to $20K at Pwn2Own, and How You Can Too
13:30 - Damned if you do - The risks of pointing out the emperor is buck naked
14:00 - DotNet Malware Analysis Masterclass Workshop
14:00 - Analysis 101 for Incident Responders Workshop
14:00 - Hide your kids, turn off your Wi-Fi, they Rogue APing up in here Workshop
14:00 - These Port Scans are Trash: Improving Nmap by Writing New Scripts and Libraries Workshop
14:00 - Flipping the Coin: Red and Blue Teaming in Windows Environments Workshop
14:30 - Designing RFID Implants - How flipping the bird opens doors for me
15:30 - Nuthin But A G Thang: Evolution of Cellular Networks
16:30 - Small Leaks, Billions Of Dollars: Practical Cryptographic Exploits That Undermine Leading Crypto Wallets
17:00 - Snoop on to them, as they snoop on to us
17:30 - DEF CON 101 - Welcome to DEF CON Panel

Friday, Aug. 11, 2023

09:00 - Growing the Community of AI Hackers with the Generative Red Team
09:00 - House of Heap Exploitation Workshop
09:00 - Long Live the Empire: A C2 Workshop for Modern Red Teaming Workshop
09:00 - The Hackers, The Lawyers, And The Defense Fund
09:00 - Getting into Trouble with Machine Learning Models Workshop
09:00 - Android App Hacking - Hacking for Good! Workshop
09:00 - Snakes on a Screen: Taming Offensive IronPython Techniques Workshop
09:00 - The Internals of Veilid, a New Decentralized Application Framework
09:00 - Welcome to DEF CON 31
09:30 - Secretary of the Department of Homeland Security Alejandro Mayorkas
10:00 - T3SF (Technical TableTop Exercises Simulation Framework) Demo
10:00 - The RingHopper Journey or How We Almost Zero-day’d the World
10:00 - SucoshScanny Demo
10:00 - Strix Interceptor Demo
10:00 - Katalina Demo
10:00 - A Different Uber Post Mortem
10:00 - Vulnerable by Design: Unguard, The Insecure Cloud-Native Twitter Clone Demo
10:00 - Contain Yourself: Staying Undetected Using the Windows Container Isolation Framework
10:00 - Look Ma I'm the CEO! Real-Time Video and Audio Deep-Fake!
10:00 - The Metasploit Framework Demo
10:30 - Making The DEF CON 31 Badge
10:30 - Route to bugs: Analyzing the security of BGP message parsing
11:00 - The Nightmare of Apple's OTA Update: Bypassing the Signature Verification and Pwning the Kernel Canceled
11:00 - Defending KA-SAT: The detailed story of the response, how it was analyzed, and what was learned
11:00 - mTLS: when certificate authentication done wrong
11:00 - SpamChannel: Spoofing Emails From 2 Million+ Domains and Virtually Becoming Satan
11:00 - Warshopping - further dalliances in phreaking smart shopping cart wheels, RF sniffing and hardware reverse engineering
11:30 - I Watched You Roll the Die: Unparalleled RDP Monitoring Reveal Attackers Tradecraft
11:30 - Civil Cyber Defense: Use Your Resources to Defend Non-Profits as they Combat Human Trafficking and Subvert Authoritarian Regimes
12:00 - Still Vulnerable Out of the Box: Revisiting the Security of Prepaid Android Carrier Devices
12:00 - Shufflecake, AKA Truecrypt on Steroids for Linux Demo
12:00 - CNAPPGoat Demo
12:00 - Dracon Demo
12:00 - Build Inspector - A modern Javert on the trail of CI/CD Anomalies and Intruders Demo
12:00 - You're Not George Clooney, and This Isn't Ocean's Eleven
12:00 - FlowMate Demo
12:00 - GhostToken: Exploiting Google Cloud Platform App Infrastructure to Create Unremovable Trojan Apps
12:00 - Ek47 – Payload Encryption with Environmental Keys Demo
12:30 - A Pain in the NAS: Exploiting Cloud Connectivity to PWN your NAS
12:30 - Defender-Pretender: When Windows Defender Updates Become a Security Risk
12:30 - Backdoor in the Core - Altering the Intel x86 Instruction Set at Runtime
13:00 - Over the Air, Under the Radar: Attacking and Securing the Pixel Modem
13:00 - Living Next Door to Russia
13:30 - Fantastic Ethertypes and Where to Find Them
13:30 - Private Until Presumed Guilty
13:30 - Private Keys in Public Places
14:00 - Tracking the Worlds Dumbest Cyber-Mercenaries
14:00 - OpenSSF Scorecard Demo
14:00 - EvilnoVNC: Next-Gen Spear Phishing Attacks Demo
14:00 - Vacuum Robot Hacking Demo
14:00 - OWASP crAPI: Completely Ridiculous API Demo
14:00 - Glyph Demo
14:00 - There are no mushroom clouds in cyberwar
14:00 - Malware development on secured environment - Write, adapt, overcome Workshop
14:00 - Learning to Hack Bluetooth Low Energy with BLE CTF Workshop
14:00 - How hackers can send feedback directly to policymakers like the pros Workshop
14:00 - Attack Surface Framework Demo
14:00 - Advanced WiFi Attacks for Red Team Professionals Workshop
14:00 - Machine Learning for N00bs Workshop
14:30 - Getting a Migraine - uncovering a unique SIP bypass on macOS
14:30 - "You can't cheat time" - Finding foes and yourself with latency trilateration
14:30 - Second Breakfast: Implicit and Mutation-Based Serialization Vulnerabilities in .NET
15:00 - CON trolling the weather
15:30 - A Comprehensive Review on the Less-Traveled Road: 9 Years of Overlooked MikroTik Pre-Auth RCE
15:30 - Game-Changing Advances in Windows Shellcode Analysis
15:30 - Turning my virtual wallet into a skimming device: mPOS solutions
16:00 - A Series of Unfortunate Events
16:00 - Visual Studio Code is why I have (Workspace) Trust issues
16:30 - Malware design - abusing legacy Microsoft transports and session architecture
16:30 - Nothing but Net: Leveraging macOS's Networking Frameworks to Heuristically Detect Malware
16:30 - certmitm: automatic exploitation of TLS certificate validation vulnerabilities
17:00 - HL7Magic: Medical Data Hacking Made Easy
17:00 - Legend of Zelda: Use After Free (TASBot glitches the future into OoT)
17:30 - Fireside Chat with the National Cyber Director Kemba Walden
17:30 - Track the Planet! Mapping Identities, Monitoring Presence, and Decoding Business Alliances in the Azure Ecosystem
20:00 - Ask the EFF

Saturday, Aug. 12, 2023

09:00 - Hack the Future: Why Congress and the White House are supporting AI Red Teaming
09:00 - Creating and uncovering malicious containers Redux Workshop
09:00 - The Petting Zoo: Breaking into CTFs Workshop
09:00 - Smashing the state machine: the true potential of web race conditions
09:00 - Assessing the Security of Certificates at Scale
09:00 - ELECTRONizing macOS privacy - a new weapon in your red teaming armory
09:00 - Active Directory Attacks: The Good, The Bad, and The LOLwut Workshop
09:00 - BLE Security 201 Workshop
09:00 - Email Detection Engineering and Threat Hunting Inbox Workshop
09:30 - Badge of Shame: Breaking into Secure Facilities with OSDP
09:30 - J4 Gate, The Hustler Poker Cheating Scandal investigation and how Hacking helped me do it
10:00 - Lupo: Malware IOC Extractor Demo
10:00 - USBvalve - Expose USB activity on the fly Demo
10:00 - Demystifying (& Bypassing) macOS's Background Task Management
10:00 - Defeating VPN Always-On
10:00 - Lambda Looter Demo
10:00 - D0 N0 H4RM: A Healthcare Security Conversation
10:00 - Veilid Demo
10:00 - Saturday Demo
10:00 - The Wifydra: Multiheaded RF Panopticon Demo
10:30 - Calling it a 0-Day - Hacking at PBX/UC Systems
10:30 - Unlocking Doors from Half a Continent Away
11:00 - Weaponizing Plain Text: ANSI Escape Sequences as a Forensic Nightmare
11:00 - Spread spectrum techniques in disposable drones for anti drone evasion
11:30 - Apple's Predicament: NSPredicate Exploitation on macOS and iOS
11:30 - Physical Attacks Against Smartphones
11:30 - Mass Owning of Seedboxes - A Live Hacking Exhibition
12:00 - Kraken, a modular multi-language webshell for defense evasion Demo
12:00 - Am I Exploitable? (MI-X) Demo
12:00 - From Feature to Weapon: Breaking Microsoft Teams and SharePoint Integrity
12:00 - Red Wizard: user-friendly Red Teaming infrastructure Demo
12:00 - Abusing Microsoft SQL Server with SQLRecon Demo
12:00 - BBOT (Bighuge BLS OSINT Tool) Demo
12:00 - Pcapinator: Rise of the PCAP Machines Demo
12:00 - Internet censorship: what governments around the globe have in store for you
12:30 - An Audacious Plan to Halt the Internet's Enshittification
12:30 - Off the record talks - Signs Ups On Site
12:30 - Video-based Cryptanalysis: Extracting Secret Keys from Power LEDs of Various Non-compromised Devices Using a Video Camera
13:00 - Looking into the future, what can we learn about hacking in science-fiction?
13:00 - Azure B2C 0-Day: An Exploit Chain from Public Keys to Microsoft Bug Bounty
13:30 - Meduza: How an exiled pirate media outlet breaks through the Kremlin's propaganda firewall
13:30 - The GitHub Actions Worm: Compromising GitHub repositories through the Actions dependency tree
14:00 - ThreatScraper: Automated Threat Intelligence Gathering and Analysis for VirusTotal Demo
14:00 - The Joy of Reverse Engineering: Learning With Ghidra and WinDbg Workshop
14:00 - Introduction to Exploit Development Workshop
14:00 - Power Corrupts; Corrupt It Back! Hacking Power Management in Data Centers
14:00 - ICS Forensics tool Demo
14:00 - Starbase: open source graph security analysis Workshop
14:00 - Hands-On TCP/IP Deep Dive with Wireshark - How this stuff really works Workshop
14:00 - Digital Forensics and Incident Response Against the Digital Darkness: An Intro to Forensicating Evil Workshop
14:00 - A SSLippery Slope: Unraveling the Hidden Dangers of Certificate Misuse
14:00 - HardHat Command & Control Framework Demo
14:00 - BLE CTF Demo
14:00 - RuleProcessorY & Gramify - Rule Optimization & Password Analysis tools Demo
14:00 - ProjectDiscovery Nuclei Demo
14:30 - Contactless Overflow: Code execution in payment terminals and ATM’s over NFC
14:30 - Exploiting OPC-UA in Every Possible Way: Practical Attacks Against Modern OPC-UA Architectures
15:00 - Revolutionizing ELF binary patching with Shiva: A JIT binary patching system for Linux
15:00 - Spooky authentication at a distance
15:30 - ndays are also 0days: Can hackers launch 0day RCE attack on popular softwares only with chromium ndays?
15:30 - Breaking BMC: The Forgotten Key to the Kingdom
16:00 - A Broken Marriage: Abusing Mixed Vendor Kerberos Stacks
16:00 - Runtime Riddles: Abusing Manipulation Points in the Android Source
16:30 - Abortion Access in the Age of Surveillance
16:30 - Your Clocks Have Ears — Timing-Based Browser-Based Local Network Port Scanner
16:30 - All information looks like noise until you break the code: Futureproofing the transportation sector
17:00 - Polynonce: An ECDSA Attack and Polynomial Dance
17:00 - Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js
17:30 - Lions and Tigers and Fancy Bears, Oh My!: A Cautionary Tale for our Cyber Future

Sunday, Aug. 13, 2023

Presenters

^ This price is meant to give a general idea of the cost of attending the conference. Many conferences have varying prices based on number of days of attendance, early registration, tiers of support, or additional costs for workshops or trainings. The price here is meant to represent the most common cost for the majority of attendees. See the conference's homepage, if applicable, for details.

DEF CON 31 (2023)

Presentations

Presenters