This talk will discuss how to make penetration testing more efficient by implementing FACTION into your process. FACTION is an open-source and all-encompassing solution for streamlined security assessment workflows and enhancing collaboration within your teams. With FACTION you can automate reporting, build a database of vulnerability templates, enhance collaboration on assessments, track and alert when remediation timelines are due, integrate with external tools using its APIs and AppStore functionality, and much more.<\/p>\n
\nAbout Josh Summitt<\/a><\/p>\n Media Streaming via Low Earth Orbit<\/p>\n \nAbout Nirtom<\/a><\/p>\n This talk will provide an overview of the history of cartridge dumping hardware, with Nintendo acting as the through line. In addition to the history, I’ll be providing examples of hardware and software copy protection, outlining some unconventional uses of dumping hardware, as well as musings about obscure, long-dead platforms and accessories.<\/p>\n \nAbout _NSAKEY<\/a><\/p>\n Immutable Linux distros are the latest craze, but what are they and how do they work? Come find out!<\/p>\n \nAbout M-Nelly<\/a><\/p>\n <\/p>\n \nAbout Ron Foster<\/a><\/p>\n Have you made a simple circuit with a breadboard before? Maybe put together a PCB kit? Well turns out the leap from doing that to designing and building a custom PCB yourself is not a big as you’d assume. Using an open source PCB design tool(KiCad) we’re going to go though the steps from idea, to circuit design to laying out traces and packaging and sending off for prototype boards in under 50min.<\/p>\n \nAbout Matt Varian<\/a><\/p>\n Does the thought of the location of the Rebel base leaking keep you up at night? If not, what about your company’s sensitive information? If so, this talk is for you. Join me as I talk about the steps to implement a Modern DLP program.<\/p>\n \nAbout Mike Ivey<\/a><\/p>\n After getting hooked with Meshtastic at DEF CON, brimstone would love to share everything he’s learned with you. This includes a brief history of LoRa and Meshtastic, choosing a device, and getting it online. No previous experience with Meshtastic, LoRa, or radio communications needed. Bring any LoRa you have if you want to play along.<\/p>\n \nAbout brimstone<\/a><\/p>\n Entropy from information theory turns out to be an incredibly useful tool for hackers. This talk will go over the basics of how the math works, the ways it is commonly used today, and novel ways it can be applied to hacking.<\/p>\n \nAbout r0nk<\/a><\/p>\n The Flipper Zero is a fun and powerful all-in-one “multi-tool for geeks”, but sometimes you want it do even more! Tyler will show some simple ways to develop apps for the Flipper Zero using Javascript that doesn\u2019t require setting up complex toolchains or environments. Starting with the evolution of coding on Flipper, he’ll explain the benefits and limitations of using the newly-added JS API. He’ll walk through designing, transferring, and executing a ‘Hello World’ app on the device, and even dig into communicating with external hardware add-ons and modules. He will also share more advanced examples like creating UI widgets and using images, and explore some of the other features of the API, such as USB storage, HID, SubGHz, BLE beacons, and FFI (Foreign Function Interface). This talk is an excellent opportunity to learn some Flipper Zero app development hands-on!<\/p>\n \nAbout Tyler Crumpton<\/a><\/p>\n Ever wanted your own web scraping army? No? Well, this talk might change your mind. This is an introduction to web scraping for particularly spicy data such as API keys, private keys, cryptowallets, and all kinds of other loot sitting on the internet for the taking. In addition, we’ll also cover how to do this in the cheapest and laziest ways possible; minimizing hosting costs, proxy expenses, and even using self-hosted AI models to circumvent expensive “ready built” integrations.<\/p>\n \nAbout Altk3y (Evelyn)<\/a><\/p>\n a conversation on the only problem facing humanity today, the destruction and loss of the ability to communicate and even process reality. Punch and Cake will be served.<\/p>\n \nAbout mog<\/a><\/p>\n Are You Still Using Outdated Methods for PenTest Reporting? Penetration test reporting has long been bogged down with word docs, spreadsheets, and PDFs. Despite the wide array of tools available for report generation during active testing, many reports never make it to reporting solutions for tracking. With the rise of ASPM solutions, it’s crucial to ask: How are you integrating your PenTest data into these platforms? Please join me as I look at the field of ASPM solutions and WHY PenTest data needs to be visible in these solutions. Beyond compliance, observability of PenTest data is necessary for assessing the core of security programs. As well as measuring KPI\u2019s to prove the success of our programs where dollars are tied to performance.<\/p>\n \nAbout Ron<\/a><\/p>\n The world’s first worldwide secure communication system<\/p>\n \nAbout Elonka Dunin<\/a><\/p>\n The Voynich Manuscript is a handwritten book that probably dates back to the early 1400s. It has hundreds of pictures of plants that cannot be identified, peculiar pools and pipes connecting what appear to be bathing chambers for scores of naked and possibly pregnant women, and many other strange contraptions, along with a script that no one can read, in an alphabet unlike anything else known to modern eyes. The manuscript, known as “The World’s Most Mysterious Book,” has been studied by many professional and amateur cryptographers, including American and British codebreakers from both the First and Second World Wars. Still, it has never been demonstrably deciphered, and the mystery of its meaning and origin has excited the popular imagination, making it the subject of speculation and pseudoscience. This presentation explores the background behind the manuscript and its cryptic features, and provides a summary of the most important scientific and pseudoscientific theories.<\/p>\n
\n\nPlex, Starlink, and CGNAT\n<\/h2>\n
\n\nTaking a Cartridge Dump\n<\/h2>\n
\n\nAn Introduction To Immutable Linux With NixOS\n<\/h2>\n
\n\nPentest reporting sucks, how do we fix it?\n<\/h2>\n
\n\nFrom 0 to PCB.\n<\/h2>\n
\n\nThe Data Strikes Back: Defending Your Organization with DLP\n<\/h2>\n
\n\nGetting Connected with Meshtastic\n<\/h2>\n
\n\nHackers Guide to Entropy.\n<\/h2>\n
\n\nBuilding Apps for the Flipper Zero (the easy way!)\n<\/h2>\n
\n\nGrey Hat Web Scraping\n<\/h2>\n
\n\nThe end of information\n<\/h2>\n
\n\nPenTest Reporting Sucks, how to Revolutionize PenTest Delivery\n<\/h2>\n
\n\nEncrypted newspaper ads in the 19th century\n<\/h2>\n
\n\nThe Voynich Manuscript: A 600-year-old mystery\n<\/h2>\n