Presentations & Workshops

Packet Hacking Village Talks at DEF CON 27

4 years and 10,000+ Hours Later: Lessons Learned from Running a National Penetration Testing Competition

Tom Kopchak and Dan Borges

Augmenting the (Security) Onion: Facilitating Enhanced Detection and Response with Open Source Tools

Wes Lambert

Bestsellers in the Underground Economy: Measuring Malware Popularity by Forum

Winnona DeSombre

Beyond Sandboxes. How to Execute IoT Malware and Analyze Its Evolution

María José Erquiaga, Sebastian Garcia

The Cyberlous Mrs. Maisel: A Comedic (and slightly terrifying) Introduction to Information Warfare

Jessica "Zhanna" Malekos Smith

"First-Try" DNS Cache Poisoning with IPv4 and IPv6 Fragmentation

Travis Palmer and Brian Somers

Generating Personalized Wordlists With NLP by Analyzing Tweets

Utku Sen

Head in the Clouds

Matt Nash

Hunting Certificates and Servers

Sam Erb

Leveraging Passive Network Mapping with Raspberry Pi and Python

Chet Hosmer

Patching: It's Complicated

Cheryl Biswas

Phishing Freakonomics

Russell Butturini

Sandbox Creative Usage For Fun and Pro...Blems

Cesare Pizzi

Security to Make the CFO Happy


Solving Crimes with Wireless GeoFencing and Multi-Zone Correlation Analytics

Gleb Esman

Your Phone is Using Tor and Leaking Your PII

Milind Bhargava and Adam Podgorski

Packet Hacking Village Talks at DEF CON 26

An Analysis of Cybersecurity Educational Standards

Rob Olson

Burning the Lookout

Silas Cutler

Defense in Depth: The Path to SGX at Akamai

Samuel Erb

Grand Theft Auto: Digital Key Hacking

Huajiang "Kevin2600" Chen

How to Tune Automation to Avoid False Positives

Gita Ziabari

Mapping Wi-Fi Networks and Triggering on Interesting Traffic Patterns

Caleb Madrigal

Microcontrollers and Single Board Computers for Hacking, Fun and Profit


Normalizing Empire's Traffic to Evade Anomaly-Based IDS

Utku Sen

An OSINT Approach to Third Party Cloud Service Provider Evaluation

Lokesh Pidawekar

Protecting Crypto Exchanges From a New Wave of Man-in-the-Browser Attacks

Pedro Fortuna

Turning Deception Outside-In: Tricking Attackers with OSINT

Hadar Yudovich, Tom Kahana, Tom Sela

wpa-sec: The Largest Online WPA Handshake Database

A. Stanev

Speaker Workshops at DEF CON 25

AWS Persistence and Lateral Movement Techniques

Peter Ewane

CVE IDs and How to Get Them

Daniel Adinolfi and Anthony Singleton

Fooling the Hound: Deceiving Domain Admin Hunters

Tom Sela

Fortune 100 InfoSec on a State Government Budget

Eric Capuano

How Hackers Changed The Security Industry

Chris Wysopal

Hunting Down the Domain Admin and Rob Your Network

Keith Lee and Michael Gianarakis

IP Spoofing

Marek Majkowski

Iron Sights for Your Data

Leah Figueroa

Layer 8 and Why People are the Most Important Security Tool

Damon Small

Modern Day CovertTCP with a Twist

Mike Raggo and Chet Hosmer

Passwords on a Phone

Sam Bowne

Past, Present and Future of High Speed Packet Filtering on Linux

Gilberto Bertin

Stories from a 15 days SMB Honeypot: Mum, Tons of WannaCry and Evils Attacked Our Home!

Tan Kean Siong

Strengthen Your SecOps Team by Leveraging Neurodiversity

Megan Roddie

Threat Intel for All: There's More to Your Data Than Meets the Eye

Cheryl Biswas

Visual Network and File Forensics

Ankur Tyagi

When the Current Ransomware and Payload of the Day (CRAP of the day) Hits the Fan: Breaking the Bad News

Catherine Ullman and Chris Roberts

XSS FTW - What Can Really Be Done With Cross-Site Scripting

Brute Logic

YALDA - Large Scale Data Mining for Threat Intelligence

Gita Ziabari

You're Going to Connect to the Wrong Domain Name

Sam Erb

Speaker Workshops at DEF CON 24

Attacks on Enterprise Social Media

Mike Raggo

Automated Dorking for Fun and Profit^WSalary

Filip Reesalu

Building a Local Passive DNS Tool for Threat Intelligence Research

Kathy Wang

Chasing the Long Tail: Cracking Complex Passwords

Phil Trainor

Connections: From the Eisenhower Interstate System to the Internet


Deceive and Succeed: Measuring the Efficiency of a Deception Eco-System in Post-Breach Detection

Omer Zohar

Dynamic Population Discovery for Lateral Movement Detection (Using Machine Learning)

Rod Soto and Joseph Zadeh

Fuzzing For Humans: Real Fuzzing in the Real World

Joshua Pereyda

How to Find 1,352 WordPress XSS Plugin Vulnerabilities in 1 Hour (not really)

Larry Cashdollar

LTE and Its Collective Insecurity

Chuck McAuley and Chris Moore

Presenting Security Metrics to the Board / Leadership

Walt Williams

To Catch An APT: YARA

Jay DiMartino

You Are Being Manipulated


Speaker Workshops at DEF CON 23

All videos are now available on YouTube:

Creating REAL Threat Intelligence with Evernote


The Digital Cockroach Bait Station: How to Build Spam Honeypots

Robert Simmons

dnstap - A Standard Interface to Real Time DNS Transaction Flows

Paul Vixie

From XSS to Root on Your NAS

Tony Martin

Global Honeypot Trend

Elliott Brink

Hacker's Practice Playground

Lokesh Pidawekar

I See You

Brian Wohlwinder and Andrew Beard, Fidelis

Is Your Android App Secure?

Sam Bowne

MITM 101: Easy Traffic Interception Techniques Using Scapy

Bob Simpson

The Packets Made Me Do It: Getting Started with Distributed Full Packet Capture Using OpenFPC

Leon Ward

PowerShell for Penetration Testers

Nikhil Mittal

Speaker Workshops at DEF CON 22

Abusing Microsoft Kerberos: Sorry You Guys Don't Get It (Black Hat 2014 Encore)

Alva Duckwall
Benjamin Delpy

  • Presentation slides

The Art of Botnet Tracking and Attribution

Jozef Mlodzianowski, Malware Researcher at Sub0Day

  • Presentation slides

Data Hiding: A Peek at the Latest Innovations

Michael Raggo, Security Evangelist at MobileIron
Chet Hosmer, Founder & Chief Scientist at WetStone Technologies, Inc.

  • Presentation slides

Don't Get Owned at DEF CON: Single Packet Authorization and SSH Tunneling

Jay Beale, InGuardians

Exploit Development for Beginners

Sam Bowne, Instructor at CCSF

How Machine Learning Finds Malware Needles in an AppStore Haystack

Theodora Titonis, Vice President of Mobile Security at Veracode

  • Presentation slides

iOS Attachment Vulnerability

Michael Raggo, Security Evangelist at MobileIron

  • Presentation slides

Making Mongo Cry: Automated NoSQL exploitation with NoSQLMap

Russell Butturini

MetaData: PII at Risk

Sudesh Gadewar, Information Security Engineer at Cisco

Mobile Network Forensics

Michael Raggo, Security Evangelist at MobileIron

  • Presentation slides

Mobile SSL Failures

Tony Trummer, Senior Information Security Engineer, Vulnerability Research and Assessment at LinkedIn
Tushar Dalvi, Senior Information Security Engineer, Vulnerability Research and Assessment at LinkedIn

Multipath TCP: Breaking Today's Networks with Tomorrow's Protocols (Black Hat 2014 Encore)

Catherine (Kate) Pearce, Security Consultant at Neohapsis
Patrick Thomas, Security Consultant at Neohapsis

  • Presentation slides

Network Based File Carving

GTKlondike, Independent Security Researcher

One Social Profile To Rule Them All

Joseph Muniz, Consulting Security Engineer at Cisco
Aamir Lakhani,

  • Presentation slides

Tools and Techniques Used at the Wall of Sheep

Ming Chow, Wall of Sheep

Vaccinating APK's and even Android

Milan Gabor, CEO of Viris Ltd.
Danijel Grah, Consultant at Viris d.o.o.

Violent Python

Sam Bowne, Instructor at CCSF

ZitMo NoM (ZeuS-in-the-Mobile No More)

David Schwartzberg, Senior Security Engineer at MobileIron

  • Presentation slides

Speaker Workshops at DEF CON 21

For abstract and bios, see original schedule

Got Spies in Your Wires?

Evan Peña, Mandiant Corporation
Chuck Willis Mandiant Corporation

Juice Jacking Unearthed

Robert Rowley Security Researcher, Trustwave

Owning a Fully Patched Windows 7 Machine with RDP

Wicked Clown

Reverse Engineering with DOSBox for LOLz and Profit

Michael Spicer

SO HOpelessly Broken: The Implications of Pervasive Vulnerabilities in SOHO Router Products

Jacob Holcomb Security Analyst, Independent Security Evaluators

Tools and Techniques to Succeed at the Wall of Sheep

Ming Chow, Wall of Sheep