2023 archived version go to current version

AGENDA

Two days of conferences | 19 speakers

Day 1 - Friday 13th of October | Day 2 - Saturday 14th of October

09:00

Registration, coffee & croissants

1h

10:00

Introduction

15 min

10:15

The two-sided mirror, perspective on infosec from both a defensive and an offensive point of view

xerub | 45 min

11:00

Coffee break

30 min

11:30

A 3-Year Tale of Hacking a Pwn2Own Target: The Attacks, Vendor Evolution, and Lesson Learned

Orange Tsai | 45 min

12:15

Finding and exploiting an old XNU logic bug

Eloi Benoist-Vanderbeken | 30 min

12:45

Lunch

1h30

14:15

Bypassing the Secure Kernel/Core Isolation (HVCI) memory protection

Viviane Zwanger, Henning Braun | 45 min

15:00

Breaking Out of the Box: Technical analysis of VirtualBox VM escape with Windows LPE

Thomas Bouzerar, Thomas Imbert | 30 min

15:30

Unveiling Hidden Paths: Unearthing Vulnerabilities and Exploiting Modern Windows Kernel

Junoh Lee, JeongOh Kyea | 30 min

16:00

Coffee break

45 min

16:45

The Hazards of Technological Variety and Parallelism: An Avocado Nightmare

Stefan Schiller | 45 min

17:30

A Year Fuzzing XNU Mach IPC

Nguyen Vu Hoang | 30 min

18:15

Lightning talks & beers

1 h

19:30

Social event

Until 2 am.

Day 1 - Friday 13th of October | Day 2 - Saturday 14th of October

09:00

Welcoming participants, coffee & croissants

1h15

10:15

A Comprehensive Review on the Less-Traveled Road: 9 Years of Overlooked MikroTik Pre-Auth RCE

NiNi | 45 min

11:00

Coffee break

30 min

11:30

XORtigate: zero-effort, zero-expense, 0-day on Fortinet SSL VPN

Charles Fol | 30 min

12:00

Bug Tales: Life and Death in the Sahara

Seamus Burke, Aaron Willey | 45 min

12:45

Lunch

1h30

14h15

Don't Lookaside or you'll miss it: Turning a Hyper-V cache miss into 200k cash

Leo Adrien | 45 min

15:00

Exploiting Hardened .NET Deserialization: New Exploitation Ideas and Abuse of Insecure Serialization

Piotr Bazydło | 45 min

15:45

Coffee break

45 min

16:30

Back to the Future with Platform Security

Krzysztof Okupski | 45 min

17:15

You have become the very thing you swore to destroy: Remotely exploiting an Antivirus engine

Simon Scannell | 45 min

18:00

Closing session

15 min

Prepare your venue at Hexacon

Brace yourselves, it is going to be amazing

Reserve your place

Talks and speakers

Trainings