This month we are joined by @TactiFail who will be presenting his talk “Chapter 1: Designing Graphical Interface…”:
Serial interfaces to conference badge challenges are almost a given at this point, and the badge from the recent SecretCon 3 in Minnesota was no exception. In this talk, Tacti will briefly cover the badge’s interactive challenge element, then go a bit into serial communications, and finally take a slight detour into Unity game development, ultimately leading to a demo of a quick and dirty 3D interface wrapper around the badge’s serial challenges.
Bio: Tacti is the DC612 lead, but not POC in case any Defcon staff are reading this 😉 He does infosec for a living, hacking for fun, and cooking because if he has to eat, it may as well taste good.
Meeting will be on Discord. If you need an invite, look no further.
Talk starts at 6:12 PM U.S. Central, but feel free to hop in early and chat.
— TactiFail (hey, that’s me!)
P.S. Please note that there will be no meeting for August next month, as that is when Defcon proper occurs. We take that month off, as a lil treat.
NOTE: This is the same site from last year (2024) and we’ll likely be sticking with it going forward if possible.
What:
Food! Bring food and we will grill it, or just show up and eat.
No frozen grilling items please – they take forever to thaw
Hackers! We have been told there may be hackers in attendance.
Music? Games? Prizes? Stickers? Whatever you bring!
Beeeeeees! Due to budget cuts, we will again not be providing bees this year. BYOBeeeeee.
Cost: Zero dollars!
Nobody is required to bring anything or pay anything to attend and eat, but keep in mind that our official budget is also zero dollars, so we will only have what we all contribute.
This is a group-led event, so it is only as good as we make it. We have a sign-up sheet here to track what everyone is bringing, please fill it out if you plan on bringing stuff or want ideas for what’s missing. We always need food, but paper plates, plastic utensils, and napkins never go out of style. If someone wants to bring musical entertainment, or games, or a vulnerable WiFi spot, all the better! This is also considered a “family event” so alcohol is not technically allowed per the permit (I will not be checking contents of personal bottles however).
A quick note on weather: Last year we had some heavy rain toward the end. I’ll be bringing a portable grill to move things under the pavilion if necessary, but barring a literal tornado we’re planning on keeping this going rain or shine.
For those of you keeping score at home, this will be our fifth year running:
This month we are joined by Drakespirit who will be presenting their talk “I had copilot offer up some titles because titles are something I suck at [sic]”:
Can you make lava cakes at home? Yes, but can you make lava cakes at home with only some brownie mix, ice cream and pudding mix? Possibly, but you need an advanced degree in hackery with a reckless disregard for your own safety if you’re going to engineer something of this magnitude. Join us as we take an in depth look at what makes a lava cake a lava cake, and what kinds of gastronomic alchemy we will need to barter with to create a lava cake that’s as much party trick to make as it is to eat.
Bio: Short for biology, of which DrakeSpirit is purported to have. So much biology, more -ology than bio at this point really. They are known for use of -ology where ever possible, and especially when the use of hats is involved. All stalling for time and attempt to pad out the bio not withstanding, there is not much to say. DrakeSpirit is a (mostly) carbon based life whose knowledge base is obscure at best and eclectic at worst. Sneakiest “ah~ha” moment I’m willing to cop to: Figuring out that an oven that can hold a constant 250 temp is perfect for making caramel, and terrible for the diet.
Meeting will be on Discord. If you need an invite, look no further.
Talk starts at 6:12 PM U.S. Central, but feel free to hop in early and chat.
This month we are joined by Floofinfried who will be presenting their talk “Root Cause Analysis (and Getting it Right)”:
People talk at length about RCA reports, and the cybersecurity industry seems to be slowly settling on a standardized method for going about RCAs. However, there are several other industries that have had this nailed down for decades (for example, aviation and occupational safety) that we can learn from to improve our methodology. In this talk, we’ll go through the basics of the RCA process from multiple perspectives in order to deepen our understanding of the process and do better in the future.
Bio: Aspiring NPC with experience in several aspects of Blue Team work and a bit of experience in the physical & social engineering side of Red Team. Not much to write home about, but I’m here to help where I can.
Meeting will be on Discord. If you need an invite, look no further.
Talk starts at 6:12 PM U.S. Central, but feel free to hop in early and chat.
This month we are joined again by @brianhalbach who will be presenting his talk “Tools of the Trade: How basic items can get you access almost anywhere.”:
You do not have to be James Bond to break into most buildings; in fact, a handful of simple items are often all you need. Success isn’t just about having the latest gadgets—it’s about knowing how to use simple, everyday items in creative ways. This talk explores the tools of physical penetration testing, from advanced lock picks and RFID cloners to common objects like clipboards, duct tape, and hotel key cards, demonstrating how these can be effective in bypassing physical security controls. Attendees will gain an understanding of the commonly used tools, including both specialized gear and unconventional items that can provide surprising advantages. We’ll discuss the importance of hands-on familiarity with your tools, selecting the right approach for a given scenario, and how to use these tools to expose real-world vulnerabilities.
Bio: Brian Halbach has eight years of cybersecurity experience, six of which have been penetration testing. He has been featured on Nightline ABC where a camera crew followed him and his coworker around while they broke into multiple companies in the Twin Cities Metro area. Brian was also featured on Darknet Diaries where he has regaled audiences with stories of physical penetration testing gone wrong. Brian has spoken about cybersecurity at conferences such as Defcon’s Physical Security Village, Wild West Hackin’ Fest, and GrrCon, Secure360. While he is passionate about hacking into things, he is equally as passionate about helping organizations learn how to secure themselves.
Meeting will be on Discord. If you need an invite, look no further.
Talk starts at 6:12 PM U.S. Central, but feel free to hop in early and chat.
