Presentations & Workshops

Speaker Workshops at DEF CON 24

Attacks on Enterprise Social Media

Mike Raggo

Automated Dorking for Fun and Profit^WSalary

Filip Reesalu

Building a Local Passive DNS Tool for Threat Intelligence Research

Kathy Wang

Chasing the Long Tail: Cracking Complex Passwords

Phil Trainor

Connections: From the Eisenhower Interstate System to the Internet


Deceive and Succeed: Measuring the Efficiency of a Deception Eco-System in Post-Breach Detection

Omer Zohar

Dynamic Population Discovery for Lateral Movement Detection (Using Machine Learning)

Rod Soto and Joseph Zadeh

Fuzzing For Humans: Real Fuzzing in the Real World

Joshua Pereyda

How to Find 1,352 WordPress XSS Plugin Vulnerabilities in 1 Hour (not really)

Larry Cashdollar

LTE and Its Collective Insecurity

Chuck McAuley and Chris Moore

Presenting Security Metrics to the Board / Leadership

Walt Williams

To Catch An APT: YARA

Jay DiMartino

You Are Being Manipulated


Speaker Workshops at DEF CON 23

All videos are now available on YouTube:

Creating REAL Threat Intelligence with Evernote


The Digital Cockroach Bait Station: How to Build Spam Honeypots

Robert Simmons

dnstap - A Standard Interface to Real Time DNS Transaction Flows

Paul Vixie

From XSS to Root on Your NAS

Tony Martin

Global Honeypot Trend

Elliott Brink

Hacker's Practice Playground

Lokesh Pidawekar

I See You

Brian Wohlwinder and Andrew Beard, Fidelis

Is Your Android App Secure?

Sam Bowne

MITM 101: Easy Traffic Interception Techniques Using Scapy

Bob Simpson

The Packets Made Me Do It: Getting Started with Distributed Full Packet Capture Using OpenFPC

Leon Ward

PowerShell for Penetration Testers

Nikhil Mittal

Speaker Workshops at DEF CON 22

Abusing Microsoft Kerberos: Sorry You Guys Don't Get It (Black Hat 2014 Encore)

Alva Duckwall
Benjamin Delpy

  • Presentation slides

The Art of Botnet Tracking and Attribution

Jozef Mlodzianowski, Malware Researcher at Sub0Day

  • Presentation slides

Data Hiding: A Peek at the Latest Innovations

Michael Raggo, Security Evangelist at MobileIron
Chet Hosmer, Founder & Chief Scientist at WetStone Technologies, Inc.

  • Presentation slides

Don't Get Owned at DEF CON: Single Packet Authorization and SSH Tunneling

Jay Beale, InGuardians

Exploit Development for Beginners

Sam Bowne, Instructor at CCSF

How Machine Learning Finds Malware Needles in an AppStore Haystack

Theodora Titonis, Vice President of Mobile Security at Veracode

  • Presentation slides

iOS Attachment Vulnerability

Michael Raggo, Security Evangelist at MobileIron

  • Presentation slides

Making Mongo Cry: Automated NoSQL exploitation with NoSQLMap

Russell Butturini

MetaData: PII at Risk

Sudesh Gadewar, Information Security Engineer at Cisco

Mobile Network Forensics

Michael Raggo, Security Evangelist at MobileIron

  • Presentation slides

Mobile SSL Failures

Tony Trummer, Senior Information Security Engineer, Vulnerability Research and Assessment at LinkedIn
Tushar Dalvi, Senior Information Security Engineer, Vulnerability Research and Assessment at LinkedIn

Multipath TCP: Breaking Today's Networks with Tomorrow's Protocols (Black Hat 2014 Encore)

Catherine (Kate) Pearce, Security Consultant at Neohapsis
Patrick Thomas, Security Consultant at Neohapsis

  • Presentation slides

Network Based File Carving

GTKlondike, Independent Security Researcher

One Social Profile To Rule Them All

Joseph Muniz, Consulting Security Engineer at Cisco
Aamir Lakhani,

  • Presentation slides

Tools and Techniques Used at the Wall of Sheep

Ming Chow, Wall of Sheep

Vaccinating APK's and even Android

Milan Gabor, CEO of Viris Ltd.
Danijel Grah, Consultant at Viris d.o.o.

Violent Python

Sam Bowne, Instructor at CCSF

ZitMo NoM (ZeuS-in-the-Mobile No More)

David Schwartzberg, Senior Security Engineer at MobileIron

  • Presentation slides

Speaker Workshops at DEF CON 21

For abstract and bios, see original schedule

Got Spies in Your Wires?

Evan Peña, Mandiant Corporation
Chuck Willis Mandiant Corporation

Juice Jacking Unearthed

Robert Rowley Security Researcher, Trustwave

Owning a Fully Patched Windows 7 Machine with RDP

Wicked Clown

Reverse Engineering with DOSBox for LOLz and Profit

Michael Spicer

SO HOpelessly Broken: The Implications of Pervasive Vulnerabilities in SOHO Router Products

Jacob Holcomb Security Analyst, Independent Security Evaluators

Tools and Techniques to Succeed at the Wall of Sheep

Ming Chow, Wall of Sheep