Please find details for all talks here.

Two Days of Trainings (8./9. November)

Workshop 01 Workshop 02 Workshop 03 Workshop 04 Workshop 05
Hacking Web Applications: Case Studies of Award-winning Bugs in Google, Yahoo, Mozilla and more
Dawid Czagan (Silesia Security Lab)
Do-It-Yourself Patching: Writing Your Own Micropatch (closed)
Mitja Kolsek (ACROS d.o.o.)
Deploying Secure Applications with TLS (closed)
Juraj Somorovsky (Hackmanit GmbH / Ruhr University Bochum)
Offensive iOS Exploitation
Marco Lancini (MWR InfoSecurity)
IoT Hacking: Linux Embedded, Bluetooth Smart, KNX Home Automation
Slawomir Jasek (SecuRing)
Workshop 06 Workshop 07 Workshop 08 Workshop 09 Workshop 10
Hands on Hacking with the WiFi Pineapple, USB Rubber Ducky and LAN Turtle (closed)
Darren Kitchen, Sebastian Kinne, Robin Wood (Hak5 LLC, Digininja)
Offensive PowerShell for Red and Blue Teams (closed)
Nikhil Mittal (Independent)
Fundamentals of Routing and Switching from a Blue and Red Team Perspective (sold out)
Paul Coggin (Representing self)
Penetration Testing Humans (closed)
Bethany Ward & Cyni Winegard (TraceSecurity)
Secure Web Development (closed)
Marcus Niemietz (Hackmanit)

All Trainings cover two days (from 09:30 to 18:30 every day) and include Lunch and two Coffee Breaks.

Two Days of Conference (10./11. November)

Throughout the conference you will get the opportunity of meeting experts at the Hacker's Lounge to discuss security issues and see demonstrations.

Conference, day 1 - Thu, 10 Nov
Left Pirouette Right Pirouette
08:00 Registration opens
09:00   Opening
Michael 'MiKa' Kafka & René 'Lynx' Pfeiffer (DeepSec Conference)
09:10   Keynote: Security in my Rear-View Mirror
Marcus J. Ranum (Tenable Security Inc.)
10:00 Advanced Concepts for SMM Malware
Sebastian Schrittwieser / Julian Rauchberger (St. Poelten University of Applied Sciences)
When your Firewall turns against you
René Freingruber & Raschin Tavakoli (SEC Consult Unternehmensberatung GmbH)
10:50 Coffee Break
11:10 Brace Yourselves - Exploit Automation is Coming!
Andreas Follner (TU Darmstadt / CRISP)
Why Companies Must Control Their Data in the Era of IoT - and How To
Kurt Kammerer (regify GmbH)
12:00 Go Hack Yourself…Or Someone Else Will
Frans Rosén (Detectify)
HSTS and Cookie Side-Channels: Stealing Browser History
Adrian Dabrowski (SBA Research)
12:50 Lunch
14:00 Systematic Fuzzing and Testing of TLS Libraries
Juraj Somorovsky (Hackmanit GmbH / Ruhr University Bochum)
Of Mice and Keyboards: On the Security of Modern Wireless Desktop Sets
Gerhard Klostermeier (SySS GmbH)
14:50 Fuzzing Remote Interfaces for System Services in Android
Alexandru Blanda (Intel Corporation)
I Thought I Saw a |-|4><0.-
Thomas Fischer (Digital Guardian)
15:40 Coffee Break
16:00 badGPO - Using GPOs for Persistence and Lateral Movement
Yves Kraft & Immanuel Willi (Oneconsult AG, Switzerland)
Security and Privacy in the Current E-Mobility Charging Infrastructure
Achim Friedland (GraphDefined GmbH)
16:50 DROWN: Breaking TLS using SSLv2
Nimrod Aviram (Tel Aviv University)
Human vs Artificial intelligence – Battle of Trust
Hemil Shah (ExtendedITArms Solutions Pvt Ltd)
17:40 Inside Stegosploit
Saumil Shah (Net-Square)
Malicious Hypervisor Threat – Phase Two: How to Catch the Hypervisor
Mikhail A. Utin (Rubos, Inc.)
20:00 Speaker's Dinner
Conference, day 2 - Fri, 11 Nov
Left Pirouette Right Pirouette
09:00 Java Deserialization Vulnerabilities - The Forgotten Bug Class
Matthias Kaiser (Code White)
TLS 1.3: Lessons Learned from Implementing and Deploying the Latest Protocol
Nick Sullivan (CloudFlare Inc.)
09:50 The Perfect Door and The Ideal Padlock
Deviant Ollam (The CORE Group)
Obfuscated Financial Fraud Android Malware: Detection And Behavior Tracking
Inseung Yang (KrCERT/CC, KISA)
10:40 Coffee Break
11:00 Machine Duping: Pwning Deep Learning Systems
Clarence Chio (Shape Security)
Exploiting First Hop Protocols to Own the Network
Paul Coggin (Representing self - No employer / affiliation to disclose)
11:50 AMSI: How Windows 10 Plans To Stop Script Based Attacks and How Good It Does That
Nikhil Mittal (Independent)
CSP Is Dead, Long Live Strict CSP!
Lukas Weichselbaum (Google)
12:40 Lunch
14:00 802.11 Complexity. An Introduction to 802.11 Protocol Chaos
Andrés Blanco (Independent Researcher)
Behavioral Analysis from DNS and Network Traffic
Josh Pyorre (OpenDNS/Cisco)
14:50 Advanced SSH
Leyrer & MacLemon (Both C3W; @Leyrer (IBM Admin & Dev), @MacLemon (Self employed Sysadmin, Trainer))
Smart Sheriff, Dumb Idea: The Wild West of Government Assisted Parenting
Abraham Aranguren & Fabian Fäßler (Cure53)
15:40 Coffee Break
16:00 Protecting Against Tomorrow's Adversaries - Post-Quantum Cryptography
Hanno Böck (Freelance Journalist)
Social Engineering The Most Underestimated APT – Hacking the Human Operating System
Dominique C. Brack (Reputelligence, Social Engineering Engagement Framework (SEEF))
16:50 Where Should I Host My Malware?
Attila Marosi (Sophos)
Assessing the Hacking Capabilities of Institutional and Non-institutional Players
Stefan Schumacher (Magdeburg Institute for Security Research)
17:40 COVER YOUR SAAS: Protecting Your Cloud With Analytics and Machine Learning
Ian Thornton-Trump (SolarWindsMSP)
Abusing LUKS to Hack the System
Ismael Ripoll & Hector Marco (Universidad Politécnica de Valencia & University of the West of Scotland)
18:20 Closing Ceremony
21:00 - .:.
22:30 - Party & Networking at Metalab, Rathausstrasse 6, 1010 Wien