• 08:30

  • Opening Ceremonies

     
    Fri, 08:30 - 08:55
    Track 1 - Break Me
  • 09:00

  • Subverting Trust in Windows - A Case Study of the "How" and "Why" of Engaging in Security Research

    Matthew Graeber
    Fri, 09:00 - 09:50
    Track 1 - Break Me
  • 10:00

  • I had my mom break into a prison, then we had pie.

    John Strand
    Fri, 10:00 - 10:50
    Track 1 - Break Me
  • 12:00

  • So you want to be a Social Engineer

    Chris Hadnagy
    Fri, 12:00 - 12:50
    Track 1 - Break Me

  • Further Adventures in Smart Home Automation: Honey, Please Don’t Burn Down Your Office

    Ed Skoudis
    Fri, 12:00 - 12:50
    Track 2 - Fix Me

  • When to Test, and How to Test It

    Bruce Potter
    Fri, 12:00 - 12:50
    Track 3 - Teach Me

  • How to Measure Your Security: Holding Security Vendors Accountable

    Winn Schwartau
    Fri, 12:00 - 12:50
    Track 4 - Three Way

  • Eye on the Prize

    Adam Hogan
    Fri, 12:00 - 12:25
    Stable Talks
  • 12:30

  • Building Better Backdoors with WMI

    Alexander Leary
    Fri, 12:30 - 12:55
    Stable Talks
  • 13:00

  • Here Be Dragons: The Unexplored Land of Active Directory ACLs

    Andy Robbins, Will Schroeder, Rohan Vazarkar
    Fri, 13:00 - 13:50
    Track 1 - Break Me

  • Securing Windows with Group Policy

    Josh Rickard
    Fri, 13:00 - 13:50
    Track 2 - Fix Me

  • A New Take at Payload Generation: Empty-Nest

    James Cook, Tom Steele
    Fri, 13:00 - 13:50
    Track 3 - Teach Me

  • How we accidentally created our own RAT/C2/Distributed Computing Network

    Adam Compton, Bill Harsbarger
    Fri, 13:00 - 13:50
    Track 4 - Three Way

  • Beyond xp_cmdshell

    Alexander Leary, Scott Sutherland
    Fri, 13:00 - 13:25
    Stable Talks
  • 13:30

  • Bots, Trolls, and Warriors

    Andrea Little Limbago
    Fri, 13:30 - 13:55
    Stable Talks
  • 14:00

  • TBD

    John Cramb, Josh Schwartz
    Fri, 14:00 - 14:50
    Track 1 - Break Me

  • Defending against PowerShell Attacks

    Lee Holmes
    Fri, 14:00 - 14:50
    Track 2 - Fix Me

  • VMware Escapology: How to Houdini The Hypervisor

    Joshua Smith, Jasiel Spelman
    Fri, 14:00 - 14:50
    Track 3 - Teach Me

  • Active Defense for web apps

    Scott M
    Fri, 14:00 - 14:50
    Track 4 - Three Way
  • 14:30

  • Building Google for Criminal Enterprises

    Anthony Russell
    Fri, 14:30 - 14:55
    Stable Talks
  • 15:00

  • Invoke-CradleCrafter: Moar PowerShell obFUsk8tion & Detection (@('Tech','niques') -Join'')

    Daniel Bohannon
    Fri, 15:00 - 15:50
    Track 1 - Break Me

  • CredDefense Toolkit

    Derek Banks, Beau Bullock, Brian Fehrman
    Fri, 15:00 - 15:50
    Track 2 - Fix Me

  • 3rd Annual Metasploit Townhall

    Brent Cook, James Lee, David Maloney, Spencer McIntyre
    Fri, 15:00 - 15:50
    Track 3 - Teach Me

  • IoT Security – Executing an Effective Security Testing Process

    Deral Heiland
    Fri, 15:00 - 15:50
    Track 4 - Three Way

  • V!4GR4: Cyber-Crime, Enlarged

    Koby Kilimnik
    Fri, 15:00 - 15:25
    Stable Talks
  • 16:00

  • PSAmsi - An offensive PowerShell module for interacting with the Anti-Malware Scan Interface in Windows 10

    Ryan Cobb
    Fri, 16:00 - 16:50
    Track 1 - Break Me

  • Steel Sharpens Steel: Using Red Teams to improve Blue Teams

    Christopher Payne
    Fri, 16:00 - 16:50
    Track 2 - Fix Me

  • Purpose Driven Hunt: What do I do with all this data?

    Jared Atkinson, Robby Winchester
    Fri, 16:00 - 16:50
    Track 3 - Teach Me

  • Fileless Malware - The New “Cyber”

    Edmund Brumaghin, Colin Grady
    Fri, 16:00 - 16:50
    Track 4 - Three Way

  • The skills gap: how can we fix it?

    Bill Gardner
    Fri, 16:00 - 16:25
    Stable Talks
  • 16:30

  • Extending Burp

    Carl Sampson
    Fri, 16:30 - 16:55
    Stable Talks
  • 17:00

  • An ACE in the Hole: Stealthy Host Persistence via Security Descriptors

    Lee Christensen, Matt Nelson, Will Schroeder
    Fri, 17:00 - 17:55
    Track 1 - Break Me

  • Introducing DeepBlueCLI v2, now available in PowerShell and Python

    Eric Conrad
    Fri, 17:00 - 17:55
    Track 2 - Fix Me

  • DanderSpritz: How the Equation Group's 2013 tools pwn in 2017

    Francisco Donoso
    Fri, 17:00 - 17:55
    Track 3 - Teach Me

  • Hunting Lateral Movement for Fun and Profit

    Mauricio Velazco
    Fri, 17:00 - 17:55
    Track 4 - Three Way

  • Shellcode Via VBScript/JScript Implications

    Casey Smith
    Fri, 17:00 - 17:25
    Stable Talks
  • 17:30

  • Retail Store/POS Penetration Testing

    Daniel Brown
    Fri, 17:30 - 17:55
    Stable Talks
  • 18:00

  • War Stories on Embedded Security: Pentesting, IoT, Building Managers, and how to do Better

    Jared DeMott
    Fri, 18:00 - 18:55
    Track 1 - Break Me

  • Run your security program like a boss / practical governance advice

    Rockie Brockway, Justin Leapline
    Fri, 18:00 - 18:55
    Track 2 - Fix Me

  • Defending the Cloud: Lessons from Intrusion Detection in SharePoint Online

    Matt Swann
    Fri, 18:00 - 18:55
    Track 3 - Teach Me

  • (Mostly) Free Defenses Against the Phishing Kill Chain

    Schuyler Dorsey
    Fri, 18:00 - 18:55
    Track 4 - Three Way

  • Improv Comedy as a Social Engineering Tool

    Dave Mattingly
    Fri, 18:00 - 18:25
    Stable Talks
  • 18:30

  • How to safely conduct shenanigans

    Evil_Mog, Renderman
    Fri, 18:30 - 18:55
    Stable Talks
  • 19:00

  • Digital Vengeance: Exploiting the Most Notorious C&C Toolkits

    Waylon Grange
    Fri, 19:00 - 19:55
    Track 3 - Teach Me

  • The .NET Inter-Operability Operation

    James Forshaw
    Fri, 19:00 - 19:25
    Stable Talks
  • 19:30

  • A presentation or presentations because...

    Jason Blanchard
    Fri, 19:30 - 19:55
    Stable Talks