Talks and Sessions


Automating Manual Penetration Testing with FACTION

This talk will discuss how to make penetration testing more efficient by implementing FACTION into your process. FACTION is an open-source and all-encompassing solution for streamlined security assessment workflows and enhancing collaboration within your teams. With FACTION you can automate reporting, build a database of vulnerability templates, enhance collaboration on assessments, track and alert when remediation timelines are due, integrate with external tools using its APIs and AppStore functionality, and much more.

About Josh Summitt


Plex, Starlink, and CGNAT

Media Streaming via Low Earth Orbit

About Nirtom


Taking a Cartridge Dump

This talk will provide an overview of the history of cartridge dumping hardware, with Nintendo acting as the through line. In addition to the history, I’ll be providing examples of hardware and software copy protection, outlining some unconventional uses of dumping hardware, as well as musings about obscure, long-dead platforms and accessories.

About _NSAKEY


An Introduction To Immutable Linux With NixOS

Immutable Linux distros are the latest craze, but what are they and how do they work? Come find out!

About M-Nelly


Pentest reporting sucks, how do we fix it?

About Ron Foster


From 0 to PCB.

Have you made a simple circuit with a breadboard before? Maybe put together a PCB kit? Well turns out the leap from doing that to designing and building a custom PCB yourself is not a big as you’d assume. Using an open source PCB design tool(KiCad) we’re going to go though the steps from idea, to circuit design to laying out traces and packaging and sending off for prototype boards in under 50min.

About Matt Varian


The Data Strikes Back: Defending Your Organization with DLP

Does the thought of the location of the Rebel base leaking keep you up at night? If not, what about your company’s sensitive information? If so, this talk is for you. Join me as I talk about the steps to implement a Modern DLP program.

About Mike Ivey


Getting Connected with Meshtastic

After getting hooked with Meshtastic at DEF CON, brimstone would love to share everything he’s learned with you. This includes a brief history of LoRa and Meshtastic, choosing a device, and getting it online. No previous experience with Meshtastic, LoRa, or radio communications needed. Bring any LoRa you have if you want to play along.

About brimstone


Hackers Guide to Entropy.

Entropy from information theory turns out to be an incredibly useful tool for hackers. This talk will go over the basics of how the math works, the ways it is commonly used today, and novel ways it can be applied to hacking.

About r0nk


Building Apps for the Flipper Zero (the easy way!)

The Flipper Zero is a fun and powerful all-in-one “multi-tool for geeks”, but sometimes you want it do even more! Tyler will show some simple ways to develop apps for the Flipper Zero using Javascript that doesn’t require setting up complex toolchains or environments. Starting with the evolution of coding on Flipper, he’ll explain the benefits and limitations of using the newly-added JS API. He’ll walk through designing, transferring, and executing a ‘Hello World’ app on the device, and even dig into communicating with external hardware add-ons and modules. He will also share more advanced examples like creating UI widgets and using images, and explore some of the other features of the API, such as USB storage, HID, SubGHz, BLE beacons, and FFI (Foreign Function Interface). This talk is an excellent opportunity to learn some Flipper Zero app development hands-on!

About Tyler Crumpton


Grey Hat Web Scraping

Ever wanted your own web scraping army? No? Well, this talk might change your mind. This is an introduction to web scraping for particularly spicy data such as API keys, private keys, cryptowallets, and all kinds of other loot sitting on the internet for the taking. In addition, we’ll also cover how to do this in the cheapest and laziest ways possible; minimizing hosting costs, proxy expenses, and even using self-hosted AI models to circumvent expensive “ready built” integrations.

About Altk3y (Evelyn)


The end of information

a conversation on the only problem facing humanity today, the destruction and loss of the ability to communicate and even process reality. Punch and Cake will be served.

About mog


Encrypted newspaper ads in the 19th century

The world’s first worldwide secure communication system

About Elonka Dunin


The Voynich Manuscript: A 600-year-old mystery

The Voynich Manuscript is a handwritten book that probably dates back to the early 1400s. It has hundreds of pictures of plants that cannot be identified, peculiar pools and pipes connecting what appear to be bathing chambers for scores of naked and possibly pregnant women, and many other strange contraptions, along with a script that no one can read, in an alphabet unlike anything else known to modern eyes. The manuscript, known as “The World’s Most Mysterious Book,” has been studied by many professional and amateur cryptographers, including American and British codebreakers from both the First and Second World Wars. Still, it has never been demonstrably deciphered, and the mystery of its meaning and origin has excited the popular imagination, making it the subject of speculation and pseudoscience. This presentation explores the background behind the manuscript and its cryptic features, and provides a summary of the most important scientific and pseudoscientific theories.

About Elonka


Bingsearchlib.com or “That time I bought a command and control domain”

About Forbin