Hubbry Logo
DEF CONDEF CONMain
Open search
DEF CON
Community hub
DEF CON
logo
7 pages, 0 posts
0 subscribers
Be the first to start a discussion here.
Be the first to start a discussion here.
Contribute something
DEF CON
DEF CON
DEF CON
View on Wikipedia
from Wikipedia
StatusActive
GenreSecurity Conference, Hacker Conference
FrequencyAnnual
VenueVaries
LocationsLas Vegas, Nevada
CountryUnited States
Years active32
InauguratedJune 9, 1993 (1993-06-09)[1]
FounderJeff Moss
Previous eventAugust 7–10, 2025
AttendanceOver 30,000
Website
Part of a series on
Computer hacking
History
Hacker culture and ethic
Conferences
Computer crime
Hacking tools
Practice sites
Malware
Computer security
Groups
Publications

DEF CON (also written as DEFCON, Defcon, or DC) is a hacker convention held annually in Las Vegas, Nevada. The first DEF CON took place in June 1993 and today many attendees at DEF CON include computer security professionals, journalists, lawyers, federal government employees, security researchers, students, and hackers with a general interest in software, computer architecture, hardware modification, conference badges, and anything else that can be "hacked". The event consists of several tracks of speakers about computer and hacking-related subjects, as well as cyber-security challenges and competitions (known as hacking wargames). Contests held during the event are extremely varied and can range from creating the longest Wi-Fi connection to finding the most effective way to cool a beer in the Nevada heat.[3]

Other contests, past and present, include lockpicking, robotics-related contests, art, slogan, coffee wars, scavenger hunt, and Capture the Flag. Capture the Flag (CTF) is perhaps the best known of these contests and is a hacking competition in which teams of hackers attempt to attack and defend computers and networks using software and network structures. CTF has been emulated at other hacking conferences as well as in academic and military contexts (as red team exercises).

Federal law enforcement agents from the FBI, DoD, United States Postal Inspection Service, DHS (via CISA) and other agencies regularly attend DEF CON.[4][5] Some have considered DEF CON to be the "world's largest" hacker conference given its attendee size and the number of other conferences modeling themselves after it.

History

[edit]

DEF CON was founded in 1993, by then 18-year-old Jeff Moss as a farewell party for his friend, a fellow hacker and member of "Platinum Net", a FidoNet protocol based hacking network from Canada.[6] The party was planned for Las Vegas a few days before his friend was to leave the United States, because his father had accepted employment out of the country. However, his friend's father left early, taking his friend along, so Jeff was left alone with the entire party planned. Jeff decided to invite all his hacker friends to go to Las Vegas with him and have the party with them instead. Hacker friends from far and wide got together and laid the foundation for DEF CON, with roughly 100 people in attendance.

The term DEF CON comes from the movie WarGames, referencing the U.S. Armed Forces defense readiness condition (DEF CON). In the movie, Las Vegas was selected as a nuclear target, and since the event was being hosted in Las Vegas, it occurred to Jeff Moss to name the convention DEF CON. However, to a lesser extent, CON also stands for convention and DEF is taken from the letters on the number 3 on a telephone keypad, a reference to phreakers.[7] The official name of the conference includes a space in-between DEF and CON.

Though intended to be a one-time event, Moss received overwhelmingly positive feedback from attendees, and decided to host the event for a second year at their urging. The event's attendance nearly doubled the second year, and has enjoyed continued success.[8] In 2019, an estimated 30,000 people attended DEF CON 27.[9]

For DEF CON's 20th Anniversary, a film was commissioned entitled DEF CON: The Documentary.[10] The film follows the four days of the conference, events and people (attendees and staff), and covers history and philosophy behind DEF CON's success and unique experiences.

In January 2018, the DEF CON China Beta event was announced. The conference was held May 11–13, 2018 in Beijing, and marked DEF CON's first conference outside the United States. The second annual DEF CON China was canceled due to concerns related to COVID-19.[11]

In 2020, due to safety concerns over COVID-19 the DEF CON 28 in-person Las Vegas event was cancelled[12] and replaced with DEF CON Safe Mode,[13] a virtual event planned for the same August 6–9 dates as DC 28.

In 2021, DEF CON 29 was held on August 5–8 in-person in Las Vegas and virtually (via Twitch and Discord). In-person attendees were required to wear masks in conference areas and to show proof of COVID-19 vaccination. Attendees with verified vaccine records (verified by a 3rd party) were given a wristband which was required for entry into the conference areas.[14]

Components

[edit]

Handles

[edit]

Attendees at DEF CON and other Hacker conferences often utilize an alias or "handle" at conferences. This is in keeping with the hacker community's desire for anonymity. Some known handles include DEF CON founder Jeff Moss' handle of "Dark Tangent". A notable event at DEF CON is DEF CON 101 which starts off the conference and may offer the opportunity for an individual to come up on stage and be assigned a handle by a number of members of the community.

Badges

[edit]
Multiple, electronic and non-electronic, DEF CON human badges along with other conference badges.

A notable part of DEF CON is the conference badge, which identifies attendees and ensures attendees can access conference events and activities. The DEF CON badge has historically been notable because of its changing nature, sometimes being an electronic badge (PCB), with LEDs, or sometimes being a non-electronic badge such as a vinyl record. Conference badges often contain challenges or callbacks to hacker or other technology history, such as the usage of the Konami Code in the DEF CON 24 badge, or the DEF CON 25 badge reverting to the look of the DEF CON 1 badge. DEF CON Badges do not (generally) identify attendees by name; however, the badges are used to differentiate attendees from others. One way of doing this has been to have different badges, a general conference attendee (HUMAN) badge, a Staff member (GOON), Vendor, Speaker, Press, and other badges. In addition, individuals and organizations have begun creating their own badges in what has become known as badgelife. These badges may be purchased in many cases, or earned at the conference by completing challenges or events. Some badges may give the holder access to after hours events at the conference. In 2018, the evolution of this came with what was termed "shitty addon's" or SAOs. These were miniature (usually) PCBs that connected to the official and other badges that may extend functionality or were just collected.[15][16]

Villages

[edit]

Villages are dedicated spaces arranged around a specific topic. Villages may be considered mini conferences within the con, with many holding their own independent talks as well as hands-on activities such as CTFs, or labs. Some villages include Aerospace Village, Car Hacking Village, IoT Village, Recon, Biohacking, lockpicking, ham radio, and the well known Social Engineering and vote hacking villages. In 2018 the vote hacking village gained media attention due to concerns about US election systems security vulnerabilities.[17][18]

Internal Conferences

[edit]

DEF CON has its own cultural underground which results in individuals wanting to create their own meetups or "cons" within DEF CON. These may be actual formal meetups or may be informal. Well known cons are:

  • Queercon, a meetup of LGBTQ community.
  • Linecon, any long line has the potential to turn into a con.
  • QuietCon, a meetup to hang out or talk quietly away from the hustle and bustle of the rest of the conference attendees.

Workshops

[edit]

Workshops are dedicated classes on various topics related to information security and related topics. Historical workshops have been held on topics such as Digital Forensics investigation, hacking IoT devices, playing with RFID, fuzzing and attacking smart devices.

Fundraising

[edit]

Since DEF CON 11, fundraisers have been conducted for the Electronic Frontier Foundation (EFF). The first fundraiser was a dunk tank and was an "official" event. The EFF now has an event named "The Summit" hosted by the Vegas 2.0 crew that is an open event and fundraiser. DEF CON 18 (2010) hosted a new fundraiser called MohawkCon.

Contests

[edit]

Within DEF CON there are many contests and events which range from, Capture the Flag, Hacker Jeopardy,[19] Scavenger Hunt,[20] Capture the Packet, Crash and Compile,[21] and Hackfortress[22] to name a few.

Black Badge

[edit]

The Black Badge is the highest award DEF CON gives to contest winners of certain events. Capture the flag (CTF) winners sometimes earn these, as well as Hacker Jeopardy winners. The contests that are awarded Black Badges vary from year to year, and a Black Badge allows free entrance to DEF CON for life, potentially a value of thousands of dollars.[23]

In April 2017, a DEF CON Black Badge was featured in an exhibit[24] in the Smithsonian Institution's National Museum of American History entitled "Innovations in Defense: Artificial Intelligence and the Challenge of Cybersecurity". The badge belongs to ForAllSecure's Mayhem Cyber Reasoning System,[25] the winner of the DARPA 2016 Cyber Grand Challenge at DEF CON 24 and the first non-human entity ever to earn a Black Badge.

Capture the flag

[edit]

The first instance of the DEF CON CTF was held in 1996, at the 4th DEF CON, and has been held since then every year.[26] It's one of the few CTF in the attack/defense format. The prize of the winning team is a couple of black badges.[27]

Capture the Flag Timeline [28][27]
Year DEF CON Competing Teams Organizers Architecture Platform Winning Team
1996 4 Goons AJ Reznor
1997 5 Goons AJ Reznor
1998 6 Goons SNI
1999 7 Goons Ghetto Hackers
2000 8 Goons Ghetto Hackers
2001 9 Goons Multiple Ghetto Hackers & digirev
2002 10 Ghetto Hackers Redhat 6.2 Digital Revelation
2003 11 8 Ghetto Hackers OpenBSD Anomaly
2004 12 8 Ghetto Hackers i386 Windows sk3wl0fr00t
2005 13 8 Kenshoto i386 FreeBSD 5.4 shellphish
2006 14 8 Kenshoto i386 Solaris 10 1@stplace
2007 15 8 Kenshoto i386 FreeBSD 1@stplace
2008 16 8 Kenshoto i386 FreeBSD Sk3wl of Root
2009 17 9 DDTEK i386 FreeBSD VedaGodz[29]
2010 18 12 DDTEK i386 FreeBSD & Debian ACME Pharm[30]
2011 19 12 DDTEK i386 FreeBSD European Nopsleders[31]
2012 20 20 DDTEK i386 FreeBSD Samurai
2013 21 20 Legitimate Business Syndicate armv7 Linux Plaid Parliament of Pwning
2014 22 20 Legitimate Business Syndicate armv7 & i386 Linux Plaid Parliament of Pwning
2015 23 15 Legitimate Business Syndicate MIPS, x86 & armv7 Linux DEFKOR
2016 24 15 Legitimate Business Syndicate i386 DECREE Plaid Parliament of Pwning
2017 25 15 Legitimate Business Syndicate cLEMENCy cLEMENCy Plaid Parliament of Pwning
2018 26 24 Order Of the Overflow MIPS, x86 & armv7 Linux DEFKOR00T[32]
2019 27 16 Order Of the Overflow x86, arm64, esoteric Linux, iOS, Xbox Plaid Parliament of Pwning[33]
2020 28 16 Order Of the Overflow x86, esoteric Linux A*0*E[34]
2021 29 16 Order Of the Overflow x86, microengine Linux Katzebin[35]
2022 30 16 Nautilus Institute mixed Maple Mallard Magistrates[36]
2023 31 12 Nautilus Institute mixed Maple Mallard Magistrates[37]
2024 32 12 Nautilus Institute mixed Maple Mallard Magistrates[38]

Capture the Flag History

[edit]

In 1996, the first DEF CON CTF was organized, with a couple of servers for participants to hack, and judges to decide if a machine has been hacked, and award points accordingly.[39]

In 2002, the company Immunix took part in the game under the moniker "immunex",[40] to benchmark the security of their Linux-based operating system, with modifications including StackGuard, FormatGuard, OpenWall's non-executable stack, SubDomain (the ancestor of AppArmor), ...[41] Confident in their defense capabilities, they even opened access to their servers to other teams, and even spent some time taunting them. The team got the second place, and all their services deployed on their Immunix stack were never compromised.[42] It was also the first year the contest had an organiser-provided services infrastructure connected to a real-time scoreboard.[43]

In 2003, the game had become so popular that a qualification round was introduced, with the previous winner automatically qualified.[44]

In 2008, the Sk3wl of Root team took advantage of a bug in the game (privilege dropping and forking were inverted), allowing them to have such a massive lead that they spent most of the CTF playing Guitar Hero.[45][46]

In 2009, it was announced[47] that "Diutinus Defense Technology Corp" (DDTEK) would be the new organisers, but nobody knew who they were. It was revealed at the end of the game that the team playing as sk3wl0fr00t was the organizer.[27] "Hacking the top hacker contest seemed like a fun way to introduce ourselves to CTF organization. The yells of "bullshit" from CTF teams during the DEF CON 17 awards ceremony were very gratifying." said vulc@n, a member of DDTEK, on the topic.[27]

In 2011, the team "lollerskaters dropping from roflcopters" used a 0day in FreeBSD (namely CVE-2011-4062[48]) to escape jails, causing havoc in the game's infrastructure.[49]

In 2016, the 15th edition of the CTF was done in partnership with the DARPA, as part of its Cyber Grand Challenge program, where teams wrote autonomous systems to play the game without any human interaction.[50]

In 2017, the Legitimate Business Syndicate came up with their very own CPU architecture called cLEMENCy: a middle-endian with 9 bits bytes CPU. With its specifications released only 24 hours before the beginning of the CTF, it was designed with the explicit goals of both surprising the teams, and leveling the playing field by breaking all their tools.[51]

Groups

[edit]

DEF CON Groups are worldwide, local chapters of hackers, thinkers, makers and others. DEF CON Groups were started as a splinter off of the 2600 meetup groups because of concerns over politicization. Local DEF CON groups are formed and are posted online.[52] DEF CON Groups are usually identified by the area code of the area where they are located in the US, and by other numbers when outside of the US e.g., DC801, DC201. DEF CON Groups may seek permission to make a logo that includes the official DEF CON logo with approval.

Notable incidents

[edit]

Following are a list of high-profile issues which have garnered significant media attention.

Year Description
1999 On July 10, 1999, the Cult of the Dead Cow hacker collective released Back Orifice 2000 (later discovered to be infected with the CIH virus) at DEF CON 7,[53] in what was, at the time, the largest presentation in DEF CON history.
2001 On July 16, 2001, Russian programmer Dmitry Sklyarov was arrested the day after DEF CON for writing software to decrypt Adobe's e-book format.[54]
2005 On July 31, 2005, Cisco used legal threats to suppress Mike Lynn from presenting at DEF CON about flaws he had found in the Cisco IOS used on routers.[55]
2007 In August 2007, Michelle Madigan, a reporter for Dateline NBC, attempted to secretly record hackers admitting to crimes at the convention. After being outed by DEF CON founder Jeff Moss during an assembly, she was heckled and chased out of the convention by attendees for her use of covert audio and video recording equipment. DEF CON staff tried to get Madigan to obtain a press pass before the outing happened.[56] A DEF CON source at NBC had tipped off organizers to Madigan's plans.[4]
2008
Main article: Massachusetts Bay Transportation Authority v. Anderson
MIT students Zack Anderson, R.J. Ryan and Alessandro Chiesa were to present a session entitled "The Anatomy of a Subway Hack: Breaking Crypto RFIDS and Magstripes of Ticketing Systems." The presentation description included the phrase "Want free subway rides for life?" and promised to focus on the Boston T subway.[57] However, the Massachusetts Bay Transit Authority (MBTA) sued the students and MIT in United States District Court in Massachusetts on August 8, 2008, claiming that the students violated the Computer Fraud and Abuse Act (CFAA) by delivering information to conference attendees that could be used to defraud the MBTA of transit fares.[58][59] The court issued a temporary restraining order prohibiting the students from disclosing the material for a period of ten days, despite the fact the material had already been disseminated to DEF CON attendees at the start of the show.

In 2008's contest "Race to Zero," contestants submitted a version of given malware which was required to be undetectable by all of the antivirus engines in each round. The contest concept attracted much negative attention.[60][61]

2009 WIRED[62] reported that an ATM kiosk was positioned in the conference center of the Riviera Hotel Casino capturing data from an unknown number of hackers attending the DEF CON hacker conference.
2011 Security company HBGary Federal used legal threats to prevent former CEO Aaron Barr from attending a panel discussion at the conference.[63]
2012 The director of the National Security Agency, Keith B. Alexander, gave the keynote speech.[64] During the question and answers session, the first question for Alexander,[64] fielded by Jeff Moss,[65] was "Does the NSA really keep a file on everyone, and if so, how can I see mine?" Alexander replied "Our job is foreign intelligence" and that "Those who would want to weave the story that we have millions or hundreds of millions of dossiers on people, is absolutely false…From my perspective, this is absolute nonsense."[64]

On March 12, 2013, during a United States Senate Select Committee on Intelligence hearing, Senator Ron Wyden quoted the 2012 DEF CON keynote speech and asked Director of National Intelligence James Clapper if the U.S. conducted domestic surveillance; Clapper made statements saying that there was no intentional domestic surveillance.[64] In June 2013, NSA surveillance programs which collected data on US citizens, such as PRISM, had been exposed. Andy Greenberg of Forbes said that NSA officials, including Alexander, in the years 2012 and 2013 "publicly denied–often with carefully hedged words–participating in the kind of snooping on Americans that has since become nearly undeniable."[64]

2013 On July 11, 2013, Jeff Moss posted a statement,[66] located on the DEF CON blog, titled "Feds, We Need Some Time Apart". It stated that "I think it would be best for everyone involved if the feds call a 'time-out' and not attend DEF CON this year."[67] This was the first time in the organization's history that it had asked federal authorities not to attend.[66] Actor Will Smith visited the convention to study the DEF CON culture for an upcoming movie role.[68]
2016 On August 4, 2016, DEF CON and DARPA co-hosted the 2016 Cyber Grand Challenge, a first-of-its-kind all-machine hacking tournament. Competing teams had to create a bot capable of handling all aspects of offense and defense with complete autonomy. Seven finalists competed for a US$2M grand prize.[69]

The winner of the Cyber Grand Challenge was "Mayhem", an AI created by ForAllSecure of Pittsburgh, Pennsylvania.[69][70] Mayhem then went on to participate in the previously humans-only DEF CON Capture the Flag Contest,[71] where it finished in last place, despite pulling ahead of human teams often in a contest for which it was not specifically designed.

2017 At the "Voting Machine Village" event, dozens of voting machines brought to the conference were breached.[72]

In September 2017, the Voting Machine Village produced "DEF CON 25 Voting Machine Hacking Village: Report on Cyber Vulnerabilities in US Election Equipment, Databases and Infrastructure" summarizing its findings. The findings were publicly released at an event sponsored by the Atlantic Council[73] and the paper went on to win an O'Reilly Defender Research Award.[74]

Marcus Hutchins, better known online by his handle MalwareTech, the 23-year-old British security researcher who was credited with stopping the WannaCry outbreak was arrested by the FBI at the airport preparing to leave the country after attending DEF CON over his alleged involvement with the Kronos banking trojan.[75]

2018 In March 2018, the DEF CON Voting Machine Hacking Village was awarded a Cybersecurity Excellence Award.[76] The award cites both the spurring of a national dialog around securing the US election system and the release of the nation's first cybersecurity election plan.
2020 On May 8, 2020, the DEF CON in-person conference itself was cancelled[77] and virtualized due to COVID-19. DEF CON Safe Mode[78] was held August 6–9 online with a full roster of talks, villages, contests and events.
2024 On February 4, 2024, Caesar's Entertainment cancelled the contract with DEF CON without warning[79] with speculation that a ransomware attack[80] and bomb scare and subsequent evacuation[81] in 2023 were in part to blame. The conference was moved to the Las Vegas Convention Center as a result.

Entertainment references

[edit]

Venues, dates, and attendance

[edit]

Each conference venue and date has been extracted from the DEF CON archives for easy reference.[83]

Conference Name Venue Duration Year Attendance
DEF CON 33 Las Vegas Convention Center August 7–10 2025 ~26,000[84]
DEF CON 32 Las Vegas Convention Center, and The Sahara[85] August 8–11 2024 N/A
DEF CON 31 Caesars Forum, Flamingo, Harrah's Hotel, and Linq Hotel August 10–13 2023 ~25,000[citation needed]
DEF CON 30 Caesars Forum, Flamingo, Harrah's Hotel, and Linq Hotel August 11–14 2022 ~25,000[citation needed]
DEF CON 29 Paris Hotel and Bally's Hotel August 5–8 2021 ~8,700[citation needed]
DEF CON Safe Mode Virtual event August 6–9 2020 N/A
DEF CON 28 Planned Caesars Forum, Harrah's, The Linq, and Flamingo August 6–9 2020 0[86]
DEF CON 27 Paris Hotel, Bally's Hotel, Planet Hollywood, and Flamingo August 8–11 2019 ~30,000[9]
DEF CON China 1.0 751 D-Park May 31–June 2 2019 Unknown
DEF CON 26 Caesars Palace and Flamingo August 9–12 2018 28,000[87]
DEF CON China [Beta] Kuntai Hotel (Beijing) May 11–13 2018 Unknown
DEF CON 25 Caesars Palace July 27–30 2017 25,000[88]
DEF CON 24 Paris Hotel and Bally's Hotel August 4–7 2016 22,000[89]
DEF CON 23 Paris Hotel and Bally's Hotel August 6–9 2015 16,000+[90]
DEF CON 22 Rio Hotel & Casino August 7–10 2014 16,000[91]
DEF CON 21 Rio Hotel & Casino August 1–4 2013 12,000[91]
DEF CON 20 Rio Hotel & Casino July 26–29 2012 Unknown
DEF CON 19 Rio Hotel & Casino August 4–7 2011 Unknown
DEF CON 18 Riviera Hotel & Casino July 30–August 1 2010 Unknown
DEF CON 17 Riviera Hotel & Casino July 30–August 2 2009 Unknown
DEF CON 16 Riviera Hotel & Casino August 8–10 2008 8,000[92]
DEF CON 15 Riviera Hotel & Casino August 3–5 2007 Unknown
DEF CON 14 Riviera Hotel & Casino August 4–6 2006 Unknown
DEF CON 13 Alexis Park Resort July 29–31 2005 Unknown
DEF CON 12 Alexis Park Resort July 30–August 1 2004 Unknown
DEF CON 11 Alexis Park Resort August 1–3 2003 Unknown
DEF CON 10 Alexis Park Resort August 2–4 2002 Unknown
DEF CON 9 Alexis Park Resort July 13–15 2001 Unknown
DEF CON 8 Alexis Park Resort July 28–30 2000 Unknown
DEF CON 7 Alexis Park Resort July 9–11 1999 Unknown
DEF CON 6 Plaza Hotel & Casino July 31–August 2 1998 Unknown
DEF CON 5 Aladdin Hotel & Casino July 11–13 1997 Unknown
DEF CON 4 Monte Carlo Resort and Casino July 26–28 1996 Unknown
DEF CON 3 Tropicana Resort & Casino August 4–6 1995 Unknown
DEF CON 2 Sahara Hotel and Casino July 22–24 1994 ~200
DEF CON 1 Sands Hotel and Casino June 9–11 1993 ~100

See also

[edit]

References

[edit]

Further reading

[edit]
[edit]
Revisions and contributorsEdit on WikipediaRead on Wikipedia

DEF CON

View on Grokipedia
from Grokipedia
DEF CON is an annual hacker convention held in , , founded in 1993 by under the pseudonym Dark Tangent as a gathering for members of a hacking network. The event serves as a primary forum for computer security enthusiasts, researchers, and professionals to exchange knowledge on hacking techniques, exploitation, and defensive measures through informal presentations, hands-on workshops, and competitive challenges. Central to DEF CON are its signature contests, including the (CTF) competition, which originated at the event and remains one of the oldest and most prestigious hacking contests, pitting teams against complex network and software puzzles to simulate real-world penetration testing. Specialized "villages" provide dedicated spaces for practical demonstrations in subfields such as hacking, lockpicking, and social engineering, fostering skill-building and innovation among attendees estimated in the tens of thousands. The conference's influence extends to shaping cybersecurity practices, with outcomes from its demonstrations often highlighting systemic flaws in technology and , though its unfiltered environment has occasionally drawn federal investigations into participant activities. DEF CON's system, featuring custom hardware collectibles that double as hacking tools, underscores its emphasis on tangible, creative engagement over corporate sanitization.

History

Founding and Early Years

DEF CON was founded by , known by the handle Dark Tangent, in 1993 as an informal gathering for members of online communities he participated in, including a farewell event for a friend exiting the scene from the Platinum Net network. The inaugural DEF CON 1 occurred from June 9 to 11, 1993, at the Sands Hotel & Casino in , , drawing approximately 100 attendees focused on technical discussions rather than commercial or institutional agendas. Presentations at the event covered emerging security concerns, including Dan Farmer's announcement of the Security Administrator Tool for Analyzing Networks (SATAN), a scanning program; Mark Ludwig's talk on virus development; and sessions on , computer privacy, and hacking . These early talks emphasized practical demonstrations and knowledge sharing among participants from the hacker underground, without formal vetting or corporate sponsorship.%20-%20Audio.m4b) In its initial years, DEF CON expanded modestly but steadily, with DEF CON 2 held July 22–24, 1994, at the Sahara Hotel and Casino, attracting around 200 participants and introducing more structured elements like contests. Subsequent editions shifted to larger venues, such as the Tropicana Hotel for DEF CON 3 (August 4–6, 1995) and the Monte Carlo Resort for DEF CON 4 (July 26–28, 1996), reflecting growing interest from security researchers and enthusiasts amid rising public awareness of cyber threats. This period solidified the convention's reputation as a neutral forum for unfiltered discourse on vulnerabilities and defenses, distinct from government or industry-controlled events.

Expansion in the 2000s

During the , DEF CON transitioned from a niche underground gathering to a major annual event, with attendance surging into the thousands. DEF CON 8, held July 28–30, 2000, at the Alexis Park Resort in , drew more than 4,000 participants, reflecting sustained growth from its earlier years as a small hacker party. This scale-up was accompanied by heightened media scrutiny and the presence of U.S. Defense Department representatives, signaling the convention's emerging role as a venue for both adversarial hacking demonstrations and discussions. Organizers adapted to the larger crowds by repurposing spaces like the DJ room for daytime presentations, underscoring logistical challenges from rapid expansion. The program's diversification contributed to this growth, with an increasing emphasis on specialized contests and technical demonstrations. By DEF CON 12 in 2004, events included the Shootout, where global enthusiasts competed in long-range wireless signal challenges, highlighting the convention's adaptation to emerging technologies like widespread adoption. (CTF), formalized since in 1996, evolved further with more structured judging and international team participation, solidifying its status as a premier hacking competition that drew skilled competitors and observers. These additions attracted a broader , including security professionals, while maintaining the core ethos of hands-on vulnerability exploration and knowledge sharing. By the late 2000s, DEF CON's scale prompted venue shifts to accommodate demand, such as moving to the Riviera Hotel & Casino for DEF CON 16 in 2008, which hosted expanded talks on topics like network attacks and social engineering. The event's reputation for unfiltered disclosures—often preceding vendor patches—fostered its growth amid rising cybersecurity awareness post-dot-com bust and early enterprise network threats. This period also saw greater corporate and engagement, though the community retained its independent, countercultural edge, prioritizing open technical exchange over commercial agendas. Overall, the established DEF CON as the de facto gathering for the infosec world, with attendance and programming reflecting the field's maturation.

Maturation and Institutionalization in the 2010s

During the , DEF CON underwent significant expansion, with attendance growing from approximately 10,000 at DEF CON 18 in 2010, hosted at the Riviera Hotel & Casino, to around 16,000 by DEF CON 22 in 2014. This surge prompted logistical adaptations, including a venue shift to the larger Rio All-Suite Hotel and Casino starting in 2011, where participation reportedly reached 17,000. By mid-decade, crowds stabilized at 18,000 to 22,000 annually, reflecting broader interest from professionals amid rising cybersecurity awareness. A key development was the proliferation of villages—dedicated, community-driven zones for specialized hacking activities—which formalized niche explorations and hands-on demonstrations. The Social Engineering Village debuted at DEF CON 18 in 2010, offering structured training in psychological manipulation techniques relevant to . Subsequent years saw additions like the Lock Picking Village by DEF CON 23 in 2015, emphasizing challenges. These villages enhanced organizational depth, enabling parallel programming tracks while preserving decentralized, volunteer-led operations. This period marked a shift toward greater institutional maturity, with expanded programming encompassing advanced contests like evolving events and themed workshops on emerging threats such as systems and mobile vulnerabilities. Corporate and attendees increased, blending with professional networking, yet the conference maintained its independence under founder (Dark Tangent), avoiding formal corporate sponsorships or centralized governance. Such changes balanced scale with core principles, though critics noted strains on the event's original underground ethos from overcrowding and commercialization pressures.

Recent Developments and Shifts (2020s)

The prompted significant adaptations for DEF CON in 2020, with organizers canceling the in-person DEF CON 28 event originally scheduled for August 6–9 in and shifting to a fully virtual "" format, which was offered free to all participants to ensure broad accessibility amid health uncertainties. In 2021, DEF CON 29 adopted a hybrid model, blending virtual sessions with limited in-person elements, reflecting ongoing caution while attempting to restore community engagement disrupted by the crisis. DEF CON resumed primarily in-person operations with DEF CON 30 in August 2022, themed "Hacker Homecoming" and held semi-hybrid at the Las Vegas Convention Center from August 11–14, marking a return to large-scale physical gatherings after two years of pandemic constraints, though with updated protocols including masking recommendations in certain areas. This shift facilitated renewed emphasis on hands-on villages and contests, but highlighted logistical strains from surging attendance, as the event's scale continued to expand into the tens of thousands. Throughout the decade, villages evolved to address emerging threats, with the AI Village gaining prominence for workshops on artificial intelligence's dual role in offensive tools like automation and defensive strategies, alongside simulations of adversarial attacks. The Voting Village, active since 2017, intensified focus on election infrastructure vulnerabilities, hosting demonstrations of exploits and symposia countering , particularly relevant post-2020 U.S. elections and ahead of 2024 cycles, where researchers identified flaws in systems from multiple vendors without real-world deployment risks. Newer additions like ship hacking sessions at DEF CON 33 in 2025 underscored growing attention to , including maritime systems amid geopolitical tensions. Organizational adjustments included enhanced transparency reporting on convention incidents since prior years, extending into the 2020s to address attendee safety and . However, scale-related challenges surfaced, such as the badge production controversy, where overbudget costs exceeding 60% led to a stop-work order on a preproduction vendor amid disputes over charges, prompting debates on and . By 2025, DEF CON refined group sanctioning processes to streamline village operations and reduce administrative burdens, aiming to sustain growth while managing complexity. These developments reflect a broader maturation, balancing autonomy with practical amid heightened scrutiny on cybersecurity's societal impacts.

Event Components

Core Schedule and Activities

DEF CON's core schedule spans four days, typically through in , with initial registration and badge distribution on morning at designated hotels or convention centers in . Badges, required for entry to talks and events, are collected in person and often feature interactive hardware elements. Activities intensify on , with formal programming running through . The daily structure centers on technical presentations and talks delivered in multiple parallel tracks, commencing at 10:00 AM and extending to 17:30 or later. These include main speaking tracks and specialized stages like the Creator Stage, where security researchers present findings on topics such as vulnerabilities, , and system exploits. Sessions occur every 30 minutes to an hour, enabling attendees to navigate between tracks based on interest, though overlap requires prioritization. The opening event features a welcome address by founder , known as The Dark Tangent. Hands-on workshops and demo labs supplement talks, offering practical sessions on tools and techniques, often with limited seating and prior registration. Evenings transition to social and entertainment activities, including parties, music performances, and informal meetups that facilitate networking among hackers, professionals, and enthusiasts. These extend late into the night, contrasting the structured daytime agenda and contributing to the event's informal, community-driven atmosphere. The schedule concludes Sunday afternoon, followed by optional post-event training.

Villages and Themed Areas

Villages at DEF CON constitute specialized, community-driven zones that provide immersive environments for hands-on exploration of particular hacking disciplines, including workshops, demonstrations, and capture-the-flag-style challenges tailored to niche topics. These areas operate semi-autonomously within the convention, allowing organizers to curate activities that emphasize practical skills over passive lectures, often featuring equipment loans, live hacking sessions, and knowledge exchange. Villages emerged as a core component of DEF CON's structure in the mid-2000s, evolving from informal gatherings to formalized spaces that attract dedicated subcommunities and contribute to the event's reputation for fostering technical innovation in cybersecurity. Prominent villages cover diverse domains, such as , communications, and biological interfaces. The Lockpicking Village, for instance, offers tools and training for bypassing mechanical locks, picks, and related hardware, promoting skills in physical penetration testing that have influenced professional and security auditing practices. Similarly, the Hardware Hacking Village concentrates on embedded systems, circuit board analysis, and device extraction, providing soldering stations and components for attendees to prototype exploits or custom gadgets. Other established villages target digital and interdisciplinary threats. The Wireless Village specializes in radio frequency protocols, spectrum analysis, and applications, with activities including signal interception and custom antenna builds to demonstrate vulnerabilities in IoT and cellular networks. The Biohacking Village examines intersections of biology and technology, featuring demos, implantable device security tests, and ethical discussions on genetic data privacy, drawing from advancements in . The Car Hacking Village focuses on automotive electronics, such as and keyless entry flaws, with real-vehicle teardowns that have informed industry standards for connected vehicles.
VillageFocus AreasKey Activities
AI VillageArtificial intelligence security, machine learning vulnerabilitiesModel poisoning workshops, adversarial AI demos
Blue Team VillageDefensive cybersecurity, incident responseDefensive CTF challenges, threat hunting simulations
Adversary VillageRed team tactics, emulation of advanced persistent threatsPurple team exercises, supply chain attack simulations
Villages typically align with DEF CON's annual schedule, operating during core con hours—Friday and Saturday from 10:00 to 18:00, and Sunday until 14:00—and remain accessible to all badged attendees without additional fees, though some require pre-registration for limited resources. Their decentralized model encourages innovation but can lead to variability in content quality, with community feedback driving iterations across conferences. This structure has enabled villages to influence broader cybersecurity discourse, such as by highlighting zero-day flaws in consumer hardware or protocol weaknesses through public disclosures.

Badges, Handles, and Participant Identification

DEF CON badges function as both entry credentials and interactive hardware artifacts central to participant engagement. Typically designed as printed circuit boards (PCBs) with artistic elements and embedded electronics, these badges have evolved since the early to include features like LEDs, RFID chips, and programmable components that attendees hack, modify, or compete with during the event. For instance, the DEF CON 16 badge incorporated infrared-based capabilities between attendees, while later iterations featured multiplayer games or mechanical elements like watches. This "badgelife" subculture has spawned communities dedicated to badge design, , and custom gadgets, extending beyond official releases to unofficial variants produced by attendees. Participant identification at DEF CON prioritizes pseudonymity to preserve , a core tenet of . Attendees adopt "handles"—unique nicknames or aliases—instead of real names for all interactions, presentations, and networking, providing an additional layer of against identity tracing. This practice, rooted in historical traditions, discourages the use of legal identities within the conference environment, with some participants further enhancing privacy through disguises like masks or fake beards. While badge scans or ticket purchases may involve verifiable for and legal compliance, such information remains undisclosed in public discourse or event activities, reinforcing the event's emphasis on operational over traceability. Handles facilitate social and competitive dynamics without compromising privacy, often becoming long-term identifiers in the cybersecurity community. For example, prominent figures like the event founder are known exclusively by handles such as "Dark Tangent" in conference contexts. This system contrasts with more formalized professional events, as DEF CON's structure actively resists real-name policies to mitigate risks like doxxing or , though evolving external pressures from and corporate attendance have prompted debates on balancing with accountability. Badges often incorporate spaces or digital fields for personalizing with handles, integrating identification seamlessly into the hardware ecosystem.

Workshops, Talks, and Fundraising Mechanisms

DEF CON features a variety of talks delivered across multiple tracks, including main speaking tracks and specialized stages such as the Creator Stage, where experts present on topics ranging from cybersecurity vulnerabilities to novel hacking techniques. These presentations are scheduled over the core days of the event, typically spanning through Sunday, with sessions starting as early as 10:00 AM and continuing into the evening. Recordings of talks from past conferences, such as DEF CON 33, are archived on the official for public access, preserving content like demonstrations of social engineering tactics enhanced by AI tools. Workshops at DEF CON emphasize practical, hands-on learning, often integrated into villages or dedicated sessions where participants engage with tools, simulations, and challenges. For instance, villages like the Adversary Village host scheduled workshops on topics such as adversary emulation and red teaming, with sessions allocated specific time slots across multiple days. Similarly, the Payment Village offers workshops on security, including emulating magstripe technologies, complementing broader village activities like talks and contests. These workshops differ from standard presentations by focusing on interactive demos and skill-building, such as approaching CTF-style challenges distinct from real-world hacking. Fundraising at DEF CON primarily occurs through charity auctions tied to badge contests, where participants create custom badge replicas, and winning entries are auctioned to benefit organizations like Hackers for Charity. This mechanism leverages attendee creativity to generate proceeds, with auctions emphasizing detail and innovation in badge designs. Event organizers also discuss donation strategies publicly, allocating funds transparently to community initiatives after covering operational costs like setup. These efforts support the volunteer-driven nature of the conference, directing revenue toward hacker community projects rather than institutional overhead.

Contests and Challenges

Capture the Flag Competitions

(CTF) competitions at DEF CON originated in 1996 during , establishing the event as one of the earliest formalized cybersecurity hacking contests. Initially structured with judges awarding points for exploits against flexible targets, the format evolved from chaotic early iterations to a more organized attack-defense model by DEF CON 10 in 2002, incorporating custom services on platforms like 6.2 and limiting participation to eight teams. Early winners included the AJ Reznor goons in 1996 and 1997, followed by the Ghettohackers' dominance from 1999 to 2001, with subsequent victors like Shellphish in 2005 and Vedagodz in 2009 highlighting the growing sophistication of participating teams. The core format of DEF CON CTF finals employs an attack-defense structure, where teams of 5-10 members defend a shared network of vulnerable services—such as web applications, cryptographic modules, and custom binaries—while launching exploits against identical setups on opponents' networks to capture hidden flags verifying successful compromises. Rules prohibit denial-of-service attacks, exploitation of administrative infrastructure or hypervisors, and sharing of flags or exploits, enforcing fair play within an isolated game environment typically hosted in a like the Mezzanine. Challenges span , web vulnerabilities (e.g., ), and remote code execution, with organizers like the Nautilus Institute automating scoring and concealing network layouts in recent years to prevent preemptive preparations. Qualification occurs via an online event in spring, adopting a Jeopardy-style format of independent puzzle-solving across categories like forensics and , drawing hundreds of teams—such as 586 in one prior year—with the top performers advancing alongside select invitees to . feature 10-15 teams competing over two to three days, with adaptive scoring in qualifiers decreasing point values based on solve frequency (starting at 500 points). In the finals, teams earn attack points for each successful exploitation against rivals (scaled by the number of affected teams in timed rounds) and defense points for maintaining service uptime, often visualized in real-time via public scoreboards and streams like LiveCTF. Prizes emphasize prestige over monetary rewards, with victors receiving black badges for lifetime DEF CON access and recognition as hackers, though the primary incentive remains competitive dominance. Notable repeat champions include Carnegie Mellon University's Plaid Parliament of Pwning (PPP), which secured its ninth title at DEF CON 33 in August 2025, and the Maple Mallard Magistrates, who won DEF CON 30 and 31 with scores exceeding 6,000 points. These competitions have influenced broader CTF standards, promoting hybrid formats and rigorous qualification to filter talent.

Black Badge and Elite Recognition

The Black Badge constitutes one of the most prestigious awards at DEF CON, granted exclusively to individuals or teams demonstrating exceptional skill in designated elite competitions. These contests, often including variants of (CTF) and other high-difficulty challenges, evaluate participants' abilities in exploiting vulnerabilities, , and strategic defense under time constraints. Organizers designate specific events as Black Badge-eligible, with awards determined by unbeaten performance or top rankings, as outlined in DEF CON's official policy. Recipients receive lifetime free admission to all future DEF CON conferences, a benefit that enhances the badge's value amid rising attendance fees and logistical demands. The award serves as a formal recognition of elite technical proficiency, distinguishing holders in professional cybersecurity circles where practical hacking expertise often outweighs formal credentials. For instance, in DEF CON 30 (2022), teams like Echelon secured Black Badges through CTF victories, highlighting the competitive intensity required. A public Hall of Fame maintains records of Black Badge winners, preserving their contributions and fostering a legacy of innovation within the hacker community. While not every CTF or yields a Black Badge—decisions rest with DEF CON leadership based on event caliber—the designation underscores causal links between demonstrated prowess and broader impacts, such as advancing vulnerability disclosure practices. Controversial raffles or post-event distributions have occasionally sparked attendee feedback on transparency, though core awards remain tied to merit-based outcomes.

Domain-Specific Challenges

DEF CON villages host specialized challenges that target vulnerabilities in niche domains, complementing the broader competitions by emphasizing hands-on exploitation in areas like hardware, industrial systems, and . These events, often structured as CTFs or timed contests, draw participants to dissect real-world technologies, such as or cloud infrastructures, fostering skills in , forensics, and protocol analysis. At DEF CON 33 in August 2025, over 70 villages operated, many featuring such domain-tailored activities that award points, badges, or prizes based on successful breaches. The Hardware Hacking Village CTF exemplifies physical and embedded systems challenges, requiring competitors to employ soldering, debugging, and extraction on custom devices during sessions from 10:00 to 18:00 on Friday and Saturday. Participants tackle tasks like bypassing hardware protections or exploiting microcontrollers, with resources provided onsite for prototyping attacks. Industrial control systems (ICS) challenges in the ICS Village CTF simulate attacks on , involving protocol manipulation, system intrusions, and PLC reprogramming to disrupt virtual plants or extract data. Held via platforms like CTFd, these contests highlight vulnerabilities in , with teams competing to identify and exploit flaws in emulated environments. Physical security domains feature contests like those in the Lockpicking Village and warl0ck gam3z CTF, where participants race to defeat locks, safes, and entry mechanisms using tools such as picks, decoders, and impression techniques, often incorporating on associated . These hands-on trials test mechanical weaknesses and hybrid phys-digital bypasses, with challenges escalating from basic padlocks to high-security models. IoT-focused challenges in the IoT Village include live bug hunting and CTFs targeting device , protocols, and supply chain flaws, awarding Black Badges for top performers across four rounds. Competitors reverse-engineer smart devices, exploit or stacks, and demonstrate remote compromises, underscoring pervasive risks in consumer and enterprise IoT ecosystems. Cloud security contests, such as the Cloud Village's Jeopardy-style CTF spanning 2.5 days, challenge teams to breach multi-provider infrastructures (e.g., AWS, Azure) through misconfiguration exploits, IAM escalations, and serverless function hijacks, with categories progressing in difficulty to mimic enterprise-scale threats. Other domains include automotive hacking in the Car Hacking Village CTF, probing protocols and ECU firmware for takeover simulations, and in the Password Village, evaluating hash-breaking tools against modern defenses like or Argon2. These specialized events not only reveal domain-specific weaknesses but also drive vendor patches through disclosed findings.

Communities and Participants

Attendee Profiles and Culture

DEF CON attracts a diverse array of participants, including cybersecurity professionals, ethical hackers, software engineers, IT specialists, and blue team operators, chief information security officers (CISOs), and officials. Attendance has grown significantly, exceeding 30,000 individuals in recent years, encompassing both seasoned experts and newcomers from around the world. Students and academics also participate, often through programs, alongside independent researchers and technology enthusiasts. The attendee base reflects a blend of employees, representatives, and hobbyists, with historical inclusion of federal agents despite occasional restrictions on their attendance. This mix fosters interactions across skill levels and affiliations, from ethical hackers focused on responsible disclosure to policymakers engaging in roundtables. While corporate and presence has increased, the core remains rooted in independent and community-driven participants who prioritize technical curiosity over institutional agendas. DEF CON's culture embodies "hacker summer camp," characterized by an informal, vibrant atmosphere that combines intense technical exploration with social camaraderie. It emphasizes collaboration, knowledge sharing, and hands-on experimentation in villages, contests, and workshops, promoting values like openness, deep system understanding, and ethical investigation. The event features late-night parties, movie screenings, and networking, but maintains a focus on substantive discussions and innovation, often countering overly commercialized events. This environment encourages mutual respect among diverse attendees, though it can overwhelm first-timers due to its scale and intensity.

Affiliated Groups and Networks

DEF CON supports a decentralized network of local chapters called DEF CON Groups, which operate as independent communities of cybersecurity practitioners, hackers, and technology enthusiasts in various cities worldwide. These groups, often identified by a "DC" prefix followed by a numeric code derived from regional area codes or other locators (e.g., DC702 for or DC907 for ), organize regular meetups, skill-sharing sessions, and events to sustain hacking culture between annual conferences. As of 2025, active DEF CON Groups span multiple U.S. states and international locations, including DCG , DC757 (, ), DCG , and DC35321 (Cork, ). The groups emphasize , with participants contributing to local cybersecurity and research without direct financial oversight from the central DEF CON organization, though they align with its ethos of sharing. Local chapters like DC702 host pre- and post-conference gatherings, such as casual meetups during DEF CON events, to build continuity in the community. Beyond local chapters, DEF CON intersects with broader hacker networks through informal ties to international organizations like the Chaos Computer Club (CCC) in , where members frequently participate in DEF CON activities and share techniques via cross-event collaborations, though no formal affiliation exists. These connections facilitate knowledge exchange but remain ad hoc, relying on individual attendees rather than institutional partnerships. DEF CON Groups also integrate with virtual communities, such as DEF CON Groups VR, offering online spaces for remote participation in discussions and simulations.

Cybersecurity Impact

Vulnerability Discoveries and Fixes

DEF CON has facilitated numerous vulnerability disclosures through its villages, contests, and presentations, often leading to vendor patches and improved security practices. Participants in specialized villages, such as the Car Hacking Village and IoT Village, demonstrate exploits on real-world devices, prompting manufacturers to issue fixes. For instance, in 2015, researchers at the Car Hacking Village remotely exploited a Jeep Cherokee's systems via its Uconnect infotainment unit, hijacking controls over cellular networks; responded by recalling 1.4 million vehicles and deploying a software patch within days. Similarly, addressed vulnerabilities in its Modicon M340 programmable logic controllers (PLCs) disclosed at DEF CON 23 in 2015, which allowed attackers to modify code and disrupt industrial processes; the company released firmware updates to mitigate remote code execution risks. In the realm of consumer software, a researcher at DEF CON 30 in 2022 disclosed two high-severity vulnerabilities in Zoom's macOS client (CVEs 2022-28762 and 2022-29217), enabling via malicious Meeting SDK plugins; Zoom patched these flaws in version 5.11.0 shortly after, confirming the issues allowed local without user interaction. Voting Village demonstrations at DEF CON 26 in 2018 exposed flaws in election systems, including weak administrator passwords and unencrypted ballot data on machines from vendors like Diebold and ES&S; while immediate patches varied, the disclosures influenced U.S. election security reforms, such as enhanced federal guidelines for verifiable paper trails. More recent efforts include the 2023 disclosure by researchers at DEF CON 31 of vulnerabilities in software like Schneider Electric's EcoStruxure and ' Desigo, which could enable remote denial-of-service attacks on ; vendors issued advisories and patches to address the flaws in web interfaces and authentication mechanisms. DEF CON's emphasis on responsible disclosure, often coordinated through villages' disclosure programs, has accelerated fixes, though challenges persist with legacy systems in sectors like and maritime, where villages highlight unpatched exploits without always yielding public patches due to proprietary constraints. These activities underscore DEF CON's role in bridging offensive with defensive remediation, though efficacy depends on vendors' responsiveness and the absence of legal barriers to disclosure.

Policy and Infrastructure Advancements

The DEF CON Voting Village, initiated in 2017, has exposed systemic vulnerabilities in U.S. election infrastructure, including remote code execution on voting machines from multiple vendors within two hours of the event's start in its inaugural year. These demonstrations, replicated annually, revealed persistent issues such as unpatched flaws dating to in machines used across states, prompting congressional attention and advocacy for risk-limiting audits and paper ballot requirements. While direct legislative causation remains debated, the village's findings informed the U.S. House's passage of the Secure Elections Act in 2018, mandating paper records and audits, and contributed to federal guidance from the emphasizing auditable systems. In domains, the DEF CON Franklin project, launched in 2024 by DEF CON organizers in partnership with the University of Chicago's Cyber Policy Initiative and the National Rural Water Association, deploys hackers to test and fortify water utility systems against nation-state threats from actors like and . By August 2025, participants identified exploitable weaknesses in industrial control systems across multiple U.S. utilities, yielding a "Hackers " resource for policymakers to prioritize defenses like and . This initiative addressed resource constraints in underfunded sectors, with early adopters like , implementing hacker-recommended patches to enhance remote access controls and firmware integrity checks. Policy @ DEF CON, formalized as a dedicated track by 2023, bridges technologists and government officials through panels on vulnerability disclosure and regulatory frameworks, fostering collaborations that influenced discussions on privatizing elements of the program for greater stability amid federal funding uncertainties. Complementing this, the 2025 AI Cyber Challenge at DEF CON 33, backed by executive directives under President Trump, tested AI-driven tools for automated threat detection, advancing infrastructure resilience by integrating open-source models into national defense protocols. These efforts underscore DEF CON's role in translating adversarial testing into actionable standards, though implementation lags due to interagency coordination challenges.

Broader Industry and Research Influences

DEF CON has shaped cybersecurity research by providing a venue for disclosing vulnerabilities that often inform subsequent peer-reviewed studies and industry benchmarks. Demonstrations in specialized villages, such as the Voting Village established in 2017, have exposed flaws in electronic voting machines from vendors like Election Systems & Software (ES&S), leading to detailed reports that document exploitable weaknesses in voter check-in systems and ballot marking devices, thereby influencing academic analyses of election integrity. Similarly, the annual Hackers' Almanack compiles findings from DEF CON contests, including critical vulnerabilities in mobile voting products and physical security systems, which researchers reference to advance studies on supply chain risks and access controls. The conference drives industry standards through its emphasis on practical, adversarial testing, exemplified by disclosures at events like DEF CON 33, where researchers revealed remote exploitation paths in systems, prompting vendors like Trustonic to enhance hardware root-of-trust mechanisms. Contests promoting responsible disclosure, such as those in AI and villages, have accelerated remediation timelines; for example, AI-driven vulnerability hunting has been shown to shorten patching from discovery to fix, contrasting with slower sectors like healthcare where averages exceed 400 days. Initiatives like the DEF CON Franklin project, launched to secure U.S. utilities, recruit ethical hackers for ongoing assessments, yielding volunteer networks and resources that bridge research gaps in public infrastructure defense against state-sponsored threats. These efforts extend to AI red-teaming challenges, where participants identify prompt injection flaws in large language models, spurring industry-wide adoption of defensive AI tools and highlighting empirical advantages for defenders over attackers in emerging domains.

Controversies and Criticisms

Organizational and Logistical Failures

In February 2024, abruptly terminated its 25-year contract with DEF CON for the 32nd conference, citing a strategic change unrelated to the event's conduct, forcing organizers to secure the Las Vegas Convention Center as an alternative venue just months before the dates. This incident exposed vulnerabilities in venue contracting reliability, as DEF CON staff had to rapidly pivot logistics including distribution and workshop arrangements to accommodate over 30,000 expected attendees. The production of DEF CON 32 badges, priced at $460 each and based on Pico 2 hardware with a emulator, overrun the budget by more than 60%, leading to a stop-work order and heated disputes with hardware designer Entropic Engineering and volunteer firmware developer Dmitry Grinberg. Organizers accused the team of unauthorized modifications, including Grinberg's addition of an displaying Entropic's logo and a request after credits were removed; in response, Grinberg was physically escorted from a badge presentation during the event. Similar and shipping plagued badge distribution in 2023, contributing to attendee frustration over pre-registration processes. DEF CON's annual transparency reports document persistent logistical shortcomings, including multiple falling ceilings at venues in and 2019, unsecured doors in 2024, and recurring accessibility complaints such as difficulties for attendees with disabilities navigating crowded spaces or villages in 2022 and 2024. Emergency responses have also faltered, with instances like a fire evacuation due to an unattended package in 2023 and staff handling mistaken registration inquiries overwhelming operations in 2022. These issues underscore organizational strains from rapid growth and decentralized event management across multiple sites.

Ethical Debates on Hacking Practices

The DEF CON Ethics Village, introduced around DEF CON 26 in 2018, serves as a dedicated forum for examining ethical challenges in , highlighting the field's lack of codified professional standards akin to those in or . Panels and presentations address practitioner responsibilities, including the moral obligations of security researchers in vulnerability handling and technology deployment. For example, discussions explore dilemmas faced by ethical hackers contributing to open-source tools that adversaries might repurpose for malicious ends, underscoring tensions between advancing defensive capabilities and unintended proliferation of offensive techniques. A central debate revolves around vulnerability disclosure practices, pitting full public disclosure—often exemplified by DEF CON's live demonstrations—against coordinated responsible disclosure. Proponents of full disclosure argue that rapid, transparent revelation compels vendors to prioritize fixes, as evidenced by historical DEF CON talks like Barnaby Jack's 2010 ATM jackpotting demo, which exposed exploitable flaws and influenced industry hardening. Critics, however, contend that such immediacy equips attackers with actionable exploits before mitigations, potentially exacerbating real-world harms; this view gained traction in critiques of DEF CON's Voting Village, where 2017 and 2018 hacks on election systems revealed ballot secrecy compromises but drew vendor accusations of aiding foreign adversaries by publicizing unpatched methods. Further contention arises over offensive practices like "hack back" retaliation, debated in Ethics Village sessions as a potential necessity against persistent threats from state actors, such as , despite legal prohibitions under frameworks like the U.S. . Advocates frame it as pragmatic when defensive measures fail, citing empirical inefficacy of passive strategies against asymmetric attackers, while opponents highlight risks of escalation, misattribution, and erosion of international norms. These discussions reflect broader causal realities: hacking knowledge at DEF CON yields dual-use outcomes, driving cybersecurity advancements—such as post-Jeep hack recalls in 2015—but also enabling misuse absent robust constraints. Security researchers at the conference often emphasize empirical over vendor assurances, prioritizing systemic resilience over deferred disclosures that may delay fixes.

Geopolitical Alignments and Alienation

DEF CON's hacker-centric ethos, rooted in skepticism toward centralized authority, has historically fostered tensions with governments, particularly during periods of heightened surveillance revelations. In July 2013, amid fallout from Edward Snowden's disclosures on NSA programs, organizers requested that U.S. federal employees, including and intelligence personnel, refrain from attending DEF CON 21 to allow open discourse without perceived intimidation. This stance reflected broader alienation within the community from state surveillance apparatuses, echoing principles of privacy and autonomy over institutional oversight. Despite such frictions, DEF CON has pursued pragmatic alignments with U.S. government entities on specific cybersecurity challenges, bridging countercultural roots with imperatives. The annual Voting Village, launched in 2017, collaborates with election officials and vendors to expose vulnerabilities in voting systems, influencing policy like enhanced machine testing protocols ahead of U.S. elections. Similarly, in 2023, the partnered with DEF CON for the largest public red-teaming exercise on AI biases, involving hundreds of attendees to probe large language models for flaws. These initiatives position DEF CON as a contributor to U.S.-led defensive postures against cyber threats, including state-sponsored actors. Geopolitically, DEF CON's U.S.-based operations and participant demographics align it with Western interests, drawing scrutiny over foreign espionage risks. U.S. officials have expressed concerns about attendees from adversarial nations like China and Russia, who could exploit the conference for intelligence gathering on vulnerabilities or networking. In 2014, amid escalating U.S.-China cyber tensions, agencies considered measures to restrict Chinese hackers' participation, citing patterns of economic espionage. Recent events, such as 2025 demonstrations on maritime hacking amid Indo-Pacific rivalries, underscore DEF CON's implicit embedding in U.S. strategic priorities. This evolution has alienated segments of the global hacker community wary of institutional co-optation. Critics, including former insiders, argue that partnerships with defense contractors and military entities erode DEF CON's purity, transforming it into an extension of empire rather than independent . Such alignments risk estranging international participants from non-aligned or adversarial states, where attendance may invite domestic repercussions, while reinforcing barriers against state-affiliated actors perceived as threats.

Venues, Attendance, and Logistics

Historical Venues and Event Timing

DEF CON has been held exclusively in , , since its inception as the primary annual gathering for the hacker community. The first edition, DEF CON 1, took place from June 9 to 11, 1993, at the , which has since been demolished. This initial event drew approximately 100 attendees and featured informal presentations and networking in a single hotel setting. Early subsequent conferences followed a similar model, utilizing individual properties to accommodate growing participation, such as the Sahara Hotel and Casino for DEF CON 2. As attendance expanded into the thousands, venues shifted to larger or multiple hotel-convention combinations to handle contests, villages, and talks. For instance, DEF CON 11 in 2003 designated the Alexis Park Resort as the official host hotel. DEF CON 15 in 2007 was centered at the Riviera Hotel and Casino. Mid-2010s events often spanned Paris Las Vegas and Bally's, as with DEF CON 23 from August 6 to 9, 2015. By the late 2010s and 2020s, the scale necessitated distributed setups across several Caesars Entertainment properties, including DEF CON 27 from August 8 to 11, 2019, at Paris, Bally's, Flamingo, and Planet Hollywood.
DEF CON EditionDatesPrimary Venue(s)
1 (1993)June 9–11Sands Hotel and Casino
11 (2003)August 8–10Alexis Park Resort
15 (2007)August 3–5Riviera Hotel and Casino
23 (2015)August 6–9Paris and Bally's
27 (2019)August 8–11Paris, Bally's, Flamingo, Planet Hollywood
30 (2022)August 11–14Caesars Forum, Flamingo, LINQ, Harrah's
31 (2023)August 10–13Caesars Forum, Flamingo, LINQ, Harrah's
32 (2024)August 8–11Las Vegas Convention Center West Hall, Sahara Hotel
Event timing has evolved from the inaugural mid-June weekend to a consistent four-day Thursday-to-Sunday format in late summer, predominantly early to align with post-Black Hat scheduling and seasonal travel patterns. This structure facilitates extended programming, including goons (volunteer staff) setup on Wednesday and teardown post-Sunday. Exceptions include occasional late-July slots, such as DEF CON 25 from July 27 to 30, 2017, to avoid calendar overlaps. The Las Vegas location persists due to its infrastructure for large crowds, options, and historical ties, despite logistical strains from hotel security and .

Attendance Patterns and Scale

DEF CON began modestly in 1993 with approximately 100 attendees at its inaugural event in , organized by as an informal gathering of hacker friends. Attendance grew rapidly in subsequent years, reflecting increasing interest in cybersecurity and hacking culture; by 2014, the conference drew about 15,000 participants. This expansion accelerated, with DEF CON 24 in 2016 reporting over 22,000 attendees—a 46% increase from the prior year—driven by broader mainstream awareness of cybersecurity threats and the event's reputation for technical depth. By 2019, attendance reached an estimated 30,000 for DEF CON 27, establishing the conference as the world's largest annual hacking event and earning recognition in the for its longevity and scale. Post-pandemic recovery saw stabilization around this figure, with DEF CON 32 in 2024 attracting 28,000 attendees amid venue changes to the Las Vegas Convention Center, though daily peaks exceeded 35,000 due to high-density programming. DEF CON 33 in 2025 projected over 30,000 participants, representing professionals, researchers, and enthusiasts from more than 60 countries, underscoring a plateau after decades of growth influenced by digital threats, industry maturation, and global participation. The event's scale manifests in extensive demands, including multiple hotels, dedicated convention halls, and parallel tracks for villages, contests, and talks, accommodating a diverse crowd that includes software engineers, officials, and independent hackers. Average annual attendance of 30,000 highlights its dominance in the infosec calendar, outpacing predecessors like early iterations that fit into single venues, though growth has prompted logistical shifts to manage overcrowding without official caps on tickets. This pattern of exponential early expansion followed by sustained high volume reflects DEF CON's evolution from niche to global benchmark for vulnerability disclosure and knowledge exchange.

Logistical Challenges and Adaptations

The in , from smaller gatherings in its to over 25,000 participants by DEF CON 25 in 2017, has strained venue capacities and amplified overcrowding issues across multiple sites. Held annually in late July or early August, DEF CON coincides with Las Vegas's peak summer heat, often surpassing 100°F (38°C), which poses risks including for attendees traversing between venues outdoors. Registration and badge pickup processes frequently result in extended lines, compounded by uncertainties such as delayed badge shipments to host hotels and high on-site demand. Some partnering hotels, such as in 2024, have enforced invasive room inspections on all guests, including DEF CON attendees, sparking widespread complaints over intrusions in a attuned to risks. To address capacity constraints, organizers have progressively adopted larger facilities, including expansion to dual venues by DEF CON 25 and utilization of the Las Vegas Convention Center's West Hall for recent iterations like DEF CON 33 in 2025. The 2021 edition (DEF CON 29) implemented a hybrid model combining in-person events with virtual access, broadening participation amid restrictions and demonstrating flexibility for future disruptions. Operational adaptations include attendee guidance on heat mitigation—such as early arrival for acclimation, hydration protocols, comfortable , and route planning to minimize sun exposure—alongside reliance on taxis or indoor connections between sites.

References

  1. https://defcon.org/html/links/dc-about.html
  2. https://www.twingate.com/blog/glossary/def-con
  3. https://defcon.org/
  4. https://www.cisa.gov/news-events/events/def-con
  5. https://defcon.org/html/links/dc-ctf-history.html
  6. https://infosec-conferences.com/hub/event-series/def-con/
  7. https://www.eff.org/deeplinks/2022/07/hacking-future-def-con-30
  8. https://www.exabeam.com/blog/infosec-trends/def-con-from-failed-party-and-movie-inspiration-to-global-dominance/
  9. https://defcon.org/html/links/dc-archives/dc-1-archive.html
  10. https://infosec-conferences.com/hub/notable-def-con-moments/
  11. https://www.cringely.com/2013/07/30/the-origins-of-defcon/
  12. https://defcon.org/html/links/dc-archives.html
  13. https://www.cybereason.com/blog/malicious-life-podcast-jeff-moss-on-the-history-of-def-con
  14. https://defcon.org/html/links/dc_press/archives/8/zdnet_defconlegit.htm
  15. https://www.cnn.com/2000/TECH/computing/08/03/defcon.notebook.idg/index.html
  16. https://defcon.org/html/defcon-16/dc-16-post.html
  17. https://www.theverge.com/2012/8/17/3249232/def-con-xx-twenty-years-of-hacker-evolution
  18. https://www.forbes.com/2000/08/02/mu5.html
  19. https://www.reddit.com/r/Defcon/comments/1moykmr/defcon_attendee_reflections/
  20. https://systemoverlord.com/2014/08/13/def-con-22-recap/
  21. https://defcon.outel.org/archive/dc26-consolidated_page_split.html
  22. https://defcon.org/html/defcon-27/dc-27-villages.html
  23. https://www.youtube.com/watch?v=fU7-r83Nx3Y
  24. https://defcon.org/html/links/dc-archives/dc-18-archive.html
  25. https://news.ycombinator.com/item?id=44888236
  26. https://www.wired.com/story/defcon-is-canceled/
  27. https://portswigger.net/daily-swig/def-con-2020-safe-mode-virtual-event-will-be-free-to-attend-organizers-confirm
  28. https://www.alixpartners.com/insights/102hvl8/def-con-delivers-invaluable-hacking-insight-whatever-color-hat-you-wear/
  29. https://defcon.org/html/defcon-30/dc-30-faq.html
  30. https://aivillage.org/
  31. https://cybersecurityventures.com/backstory-of-the-def-con-voting-machine-hacking-village/
  32. https://freespeechforpeople.org/watch-now-separating-fact-from-fiction-regarding-election-security-at-def-con-2025/
  33. https://subscriber.politicopro.com/article/2025/08/at-defcon-ship-hacking-limelight-00502190
  34. https://defcon.org/html/links/dc-transparency.html
  35. https://news.ycombinator.com/item?id=41211519
  36. https://www.reddit.com/r/Defcon/comments/1krpzq3/def_con_groups_whats_changing_in_2025/
  37. https://www.deeptempo.ai/blogs/defcon-33-recap-where-defenders-found-their-edge
  38. https://defcon.org/html/defcon-33/dc-33-schedule.html
  39. https://defcon.outel.org/dcwp/dc33/
  40. https://www.lastweekasavciso.com/p/a-guide-to-defcon-hacker-conference
  41. https://defcon.org/html/defcon-32/dc-32-villages.html
  42. https://forum.defcon.org/node/239770
  43. https://defcon.org/html/defcon-26/dc-26-villages.html
  44. https://www.reddit.com/r/Defcon/comments/b0teo8/def_con_villages_ama_wireless_blue_team_iot/
  45. https://defcon.org/html/defcon-safemode/dc-safemode-villages.html
  46. https://defcon.org/html/defcon-33/dc-33-villages.html
  47. https://defcon.org/html/defcon-32/dc-32-cfv.html
  48. https://www.vice.com/en/article/a-history-of-badgelife-def-cons-unlikely-obsession-with-artistic-circuit-boards/
  49. https://grandideastudio.com/portfolio/library/five-year-history-of-defcon-badges/
  50. https://www.nutsvolts.com/uploads/magazine_downloads/DEFCON-16-Badge.pdf
  51. https://hackaday.com/2017/08/04/all-the-hardware-badges-of-def-con-25/
  52. https://hackaday.com/2015/08/10/all-the-unofficial-electronic-badges-of-def-con/
  53. https://forum.defcon.org/node/12954/page3
  54. https://www.nytimes.com/2018/09/22/technology/defcon-hackers-privacy-anonymity.html
  55. https://infosec-conferences.com/hub/def-con-hacker-badges/
  56. https://media.defcon.org/
  57. https://media.defcon.org/DEF%2520CON%252033/DEF%2520CON%252033%2520presentations/
  58. https://defcon.outel.org/dcwp/dc31/activities/workshops-list/
  59. https://adversaryvillage.org/adversary-events/DEFCON-33/
  60. https://www.paymentvillage.org/events/def-con-33/talks-and-workshops
  61. https://media.defcon.org/DEF%2520CON%252022/DEF%2520CON%252022%2520program.pdf
  62. https://www.reddit.com/r/Defcon/comments/1etqesj/new_donation_strategy_in_2025/
  63. https://nautilus.institute/files/rules-2024-110.pdf
  64. https://defcon.org/html/defcon-27/dc-27-ctf.html
  65. https://nautilus.institute
  66. https://www.vmray.com/def-con-ctf-finals-an-inside-view/
  67. https://srlabs.de/blog/competing-at-the-def-con-ctf-finals-2025
  68. https://defcon.org/html/defcon-24/dc-24-ctf.html
  69. https://dttw.tech/posts/ByGpq5bgt
  70. https://defcon.org/html/links/dc-ctf.html
  71. https://engineering.cmu.edu/news-events/news/2025/08/11-ninth-def-con-win.html
  72. https://www.sciencedirect.com/science/article/pii/S0957417424013022
  73. https://defcon.org/html/links/dc-bb-policy.html
  74. https://defcon.org/html/defcon-32/dc-32-contest-results.html
  75. https://echeloncyber.com/intelligence/entry/def-con-30-in-review-how-the-echelon-team-won-a-black-badge-and-a-black-badge-breakdown
  76. https://simspace.com/simspace-operator-awarded-coveted-black-badge-at-def-con-30/
  77. https://defcon.org/html/links/dc-black-badge.html
  78. https://www.reddit.com/r/Defcon/comments/1mphww1/some_feedback_on_the_black_badge_raffle/
  79. https://www.usf.edu/ai-cybersecurity-computing/news/2025/defcon33.aspx
  80. https://defcon.org/html/defcon-33/dc-33-contests.html
  81. https://dchhv.org/challenges
  82. https://hacktheplanet.ctfd.io
  83. https://iotvillage.org/defcon.html
  84. https://dc33.cloud-village.org
  85. https://www.carhackingvillage.com
  86. https://vendelux.com/insights/defcon-2025-attendee-list/
  87. https://www.linkedin.com/pulse/first-time-attendees-impressions-defcon-27-lee-mcwhorter
  88. https://www.unlv.edu/announcement/academics/unlv-cybersecurity-students-participate-def-con-hacker-conference
  89. https://iapp.org/news/a/for-feds-and-def-con-the-partys-overfor-now
  90. https://defcon.org/html/defcon-29/dc-29-policy.html
  91. https://brandefense.io/blog/def-con-the-heart-of-the-global-hacker-community-beats/
  92. https://www.security.com/expert-perspectives/how-make-most-hacker-summer-camp
  93. https://www.splunk.com/en_us/blog/learn/blackhat-defcon-conference.html
  94. https://forum.defcon.org/social-groups
  95. https://github.com/DefconParrot/DefconGroups
  96. https://forum.defcon.org/node/231134
  97. https://x.com/defcongroups
  98. https://defcon.org/html/defcon-32/dc-32-pmne.html
  99. https://defcon.outel.org/dcwp/dc32/peopleandorgs/communities-list/
  100. https://www.csoonline.com/article/567549/11-top-def-con-and-black-hat-talks-of-all-time.html
  101. https://www.securityweek.com/schneider-electric-patches-plc-flaws-disclosed-def-con/
  102. https://www.securityweek.com/zoom-patches-serious-macos-app-vulnerabilities-disclosed-def-con/
  103. https://georgetownlawtechreview.org/researchers-at-def-con-release-report-describing-vulnerabilities-in-election-equipment/GLTR-11-2019/
  104. https://cyberscoop.com/def-con-data-center-vulnerability/
  105. https://media.defcon.org/DEF%2520CON%252033/DEF%2520CON%252033%2520villages%2520and%2520creators/DEF%2520CON%252033%2520villages%2520and%2520creators%2520captions/DEF%2520CON%252033%2520-%2520Aerospace%2520Village%2520-%2520VDP%2520in%2520Aviation%2520-%2520How%2520it%2520shouldn%2527t%2520be%2520done%2520-%2520Matt%2520Gaffney.eng.text
  106. https://www.wired.com/story/voting-village-results-hacking-decade-old-bugs/
  107. https://harris.uchicago.edu/files/def_con_27_voting_village_report.pdf
  108. https://harris.uchicago.edu/news-events/news/def-con-franklin-project-enlists-hackers-harden-critical-infrastructure
  109. https://www.theregister.com/2025/08/10/def_con_hackers_water_security/
  110. https://industrialcyber.co/news/waterbury-joins-def-con-franklin-program-to-strengthen-cybersecurity-for-water-systems/
  111. https://www.centerforcybersecuritypolicy.org/insights-and-research/most-promising-development-of-2023-government-focus-on-cyber-policy
  112. https://www.cybersecuritydive.com/news/cve-program-future-cisa-def-con/757304/
  113. https://aicyberchallenge.com/def-con-33/
  114. https://harris.uchicago.edu/research-impact/initiatives-partnerships/cyber-policy-initiative
  115. https://harris.uchicago.edu/sites/default/files/the_def_con_32_hackers_almanack.pdf
  116. https://www.linkedin.com/posts/trustonic_hacker-says-he-discovered-a-way-to-remotely-activity-7379172398476197888-X6-V
  117. https://www.infosecurity-magazine.com/opinions/learnings-cisos-black-hat-def-con/
  118. https://www.security.com/expert-perspectives/def-con-33-responsible-disclosure
  119. https://fortune.com/2024/08/12/defcon-gen-ai-bug-bounty-cybersecurity-vulnerabilities/
  120. https://cset.georgetown.edu/article/how-i-won-def-cons-generative-ai-red-teaming-challenge/
  121. https://www.theregister.com/2024/02/07/def_con_canceled/
  122. https://www.theregister.com/2024/08/13/defcon_badge_disagreement_gets_physical/
  123. https://www.youtube.com/watch?v=vVlLnnBpcNE
  124. https://www.washingtonpost.com/news/powerpost/paloma/the-cybersecurity-202/2018/08/28/the-cybersecurity-202-lawmakers-dismiss-voting-machine-maker-s-claim-that-spies-benefit-from-election-hacking-demos/5b8430ee1b326b3f31919dcb/
  125. https://www.youtube.com/watch?v=GcgIfYLCrDQ
  126. https://www.youtube.com/watch?v=oogQ1OwC05M
  127. https://www.bbc.com/news/technology-23269125
  128. https://www.cbc.ca/news/science/hacker-convention-asks-u-s-government-to-stay-away-1.1305893
  129. https://www.nextgov.com/cybersecurity/2024/08/researchers-race-document-voting-machine-vulnerabilities-ahead-november/398768/
  130. https://www.npr.org/2023/08/26/1195662267/ai-is-biased-the-white-house-is-working-with-hackers-to-try-to-fix-that
  131. https://www.politico.com/news/2023/08/12/u-s-officials-def-con-hacking-conference-00110946
  132. https://www.reuters.com/article/markets/commodities/us-may-act-to-keep-chinese-hackers-out-of-def-con-hacker-event-idUSL1N0OA0BF/
  133. https://jackpoulson.substack.com/p/when-counterculture-and-empire-merge
  134. https://defcon.org/html/defcon-11/defcon-11-hotels.html
  135. https://defcon.org/html/defcon-15/dc-15-venue.html
  136. https://defcon.org/html/defcon-23/dc-23-schedule.html
  137. https://defcon.org/html/defcon-32/dc-32-venue.html
  138. https://time.com/3103530/defcon-hackers-dark-tangent/
  139. https://blog.appsecco.com/def-con24-the-ultimate-hacker-conference-on-the-planet-e6866012da31
  140. https://www.linkedin.com/pulse/def-con-24-when-cyber-security-became-mainstream-gwilym-lewis
  141. https://www.guinnessworldrecords.com/world-records/90677-longest-running-hacker-convention
  142. https://events.lasvegascalendars.com/lasvegascalendars/detail/974/1754550000000
  143. https://www.theregister.com/2024/08/12/def_con_franklin_project_hopes_hackers/
  144. https://null-byte.wonderhowto.com/how-to/attend-defcon-without-looking-like-noob-spending-fortune-0179805/
  145. https://lostpolicymaker.org/defcon/
  146. https://mondoo.com/blog/insights-from-def-con-33-from-llm-hacking-to-supply-chain-remediation
  147. https://blog.gitguardian.com/defcon-31-appsec-village/
  148. https://forum.defcon.org/node/246443
  149. https://cybernews.com/privacy/black-hat-usa-defcon-resorts-world-invasive-hotel-room-checks/
  150. https://forum.defcon.org/node/236655
  151. https://www.theregister.com/2019/08/05/black_hat_survival/
  152. https://ginnyfahs.medium.com/def-con-the-ultimate-guide-for-first-timers-516b6ffda705
Add your contribution
Related Hubs
Contribute something
User Avatar
No comments yet.