Day 1

10:30 | I Hate Magic: How AI works
11:00 | The Ghost in the Keyboard
13:00 | Why I Go to the Dark Web Every Day
14:00 | Pentest Quality Assurance
15:00 | Cyber on a Shoestring: Building Wagyu Career Skills and Experience on a Ramen Budget
16:00 | Mind Hacks Exposed: 11 Ways to Engineer a Human Firewall

Day 2

10:00 | Keynote: The Long and Winding Alley: Social Engineering Parables
11:00 | Fast Hash Cracking Methodologies with Hashcat
13:00 | Talk Roulette
14:00 | The Whole is more Dangerous than the Sum of its Parts
15:00 | Panel
16:00 | Navigating Challenges in Physical Penetration Testing: The Rise of New Tools Beyond the USB Rubber Ducky

Day 3

10:00 | Hacking the First Amendment: A press photographer's perspective on Red Teaming scenarios
10:30 | Futile Efforts: A Decade in InfoSec
11:00 | Reducing Friction in Political Action
11:30 | Struggles of a New Orleans Newbie: Breaking into CyberSecurity

Day 1

11:00 | Offensive Security Awareness
13:00 | Red Team Tales: 7 Years of Physical Penetration Testing
14:00 | I Hunt AI Engineers
15:00 | Modern Hackery: A Look At Current Breaches Through An Attacker's Eyes
16:00 | Here's My Password - Building Effective Phishing Pretexts

Day 2

11:00 | Your attorney is a vendor too‚ who do you really, zero trust
13:00 | Get Your C-Suite Onboard: Leveraging Compliance & Incidents to Enhance Your Cybersecurity Program
14:00 | Red team war stories
15:00 | Every Contact Leaves a Trace
16:00 | The Hacking Business

Day 3

10:00 | Herding Cats: Keeping the Cyber Culture while Remote
10:30 | Cultural Change: How to Work Together for Better Security
11:00 | Modern Vuln Management for Dummies or Professionals
11:30 | Why John Wayne Works: Social Engineering in the Wild Wild West

Day 1

10:30 | NolaCon 2023 Intro and Opening Remarks
11:00 | Going Undercover in the Underground - A Practical Guide on How to Safely Infiltrate and Engage
13:00 | Developing Penetration Tools with AI: Leveraging Language Models like ChatGPT
14:00 | AWS IAM Privilege Escalation Redux
15:00 | Adapting to the Future: The Role of Humans in the Age of AI
16:00 | Serverless Security Engineering: Uplifting your Cloud Security Program Without a 5 Figure Vendor
17:00 | Happy Hour, with Open Bar provided by GuidePoint Security

Day 2

10:00 | 2023 NolaCon KeyNote
11:00 | Zero Trust, Beyond the Buzzwords
14:00 | Cyber Harassment: Things I wish I knew before sh1t went sideways
15:00 | "A programmatic approach to enterprise security" OR "How to not waste your security budget on sh!7 that doesn't matter"
16:00 | Diffie-Hellman, RSA, AES, and Other Fun Cryptography Math

Day 3

10:00 | Social Engineering your entire company, bootstrapping an AppSec program
11:00 | Eye of the Paper Tigers, Filling the Cyber Workforce Void
12:00 | NolaCon 2023 Closing remarks and awards

Day 1

11:00 | It's Maps or Gaps All the Way Down
12:00 | The Unexplored Territory of Digital Forensics & Modern Application Security
13:00 | Best Practices for Detection as Code
14:00 | New Shell in Town: Adventures in using PowerShell on Linux
15:00 | Infosec and Officiating: Making the Right Call
16:00 | Pwned in Space

Day 2

10:00 | Keynote
11:00 | Copywrong: Are You a "Cyber Pirate"?
12:00 | 11 Strategies of a World-Class Cybersecurity Operations Center
14:00 | Build your first SOC
15:00 | VAX’d: Data recovery from a legacy VAX VMS system
16:00 | Guerilla Warfare Tactics

Day 3

10:00 | Connections: Eisenhower and the Internet
10:30 | Confessions of an InfoSec Newbie
11:00 | Use and abuse of SSH AuthorizedKeysCommand and SSH Certificates
11:30 | Why are all the CISOs leaving?

Day 1

10:00 | Continuous Monitoring on macOS
10:00 | Must C.I.A. D.I.E.?
11:00 | Confessions of A SysAd (Linux Edition)
11:00 | Cyber Harassment: Things I wish I knew when sh1t went sideways
12:00 | I Want My EIP: Buffer Overflow 101
13:00 | Considering Ethics for Security Teams
13:00 | Dr. Cyberlove or: How I Learned to Stop Worrying and Love the Spreadsheet
14:00 | 3 Secrets to Overcoming the Communication Barrier between You and Your C-Suite
14:00 | Exorcising the Ghost in the Machine: Debunking Myths around Supply Chain Attacks
15:00 | Deception for Defense
15:00 | the User is Not the Enemy (how to convert your users to allies)
16:00 | My Favorite Three Headed Dog - An Overview of AD Compromise Paths via Kerberos Attacks
16:00 | The Hacker Hippocampus: Meet your brain on games
17:00 | Credentials and Hackers - How to Keep Both Out of Your Code
17:00 | Learning to Walk Before You Run - Pitfalls of Enterprise Security, From 12 Months of Assessments

Day 2

11:00 | API Security Challenges
11:00 | Hiding In The Clouds: How Attackers Can Use Applications Consent for Sustained Persistence and How To Find It
13:00 | Adversary Detection Pipelines: Finally Making Your Threat Intel Useful
14:00 | Build vs Buy: Everything Software Vendors Don't Want You To Know
14:00 | You don’t need passwords anymore – Here’s why
15:00 | Incident Response Tactics for the Under-equipped and Overworked
15:00 | Y'all Tryna Bypass Python 3.8 Audit Hooks or Nah?
16:00 | Building An Effective Security Program with Limited Resources Guided by the NIST CSF
16:00 | Metasploit Townhall 0x6
17:00 | Exploits, Research, Tools, and the Impact to Security
17:00 | Let The Right One In

Day 3

| Connections: Eisenhower and the Internet
10:00 | Getting the Most Out Of Your Physical Security Assessment - A Client’s Guide
10:00 | Guerrilla Warfare for the Blue Team
11:00 | Event Tracing for Windows (ETW): With Great Data Comes Great Responsibility
| Silver Tickets through the Printer Bug, how NTLMv1 brings down the kingdom
11:00 | The Eye of Sauron: How (not) to build an LKM keylogger

Day 1

10:10 | Threat Hunting Like a Gutter Punk
11:00 | Hashes to Ashes: Life & Times of Clandestine Infrastructure
11:00 | One Random Insecure Wep Application Please (ORIWAP)
13:00 | Threat Decluttering: Baselining to Spark Joy in your Threat Hunting
13:00 | Understanding XSS
14:00 | BountyCraft - The Panel
14:00 | Social Engineering At Work – How to use positive influence to gain management buy-in for anything
15:00 | Automating Hashtopolis
15:00 | DNS – Strategies for Reducing Data Leakage & Protecting Online Privacy
16:00 | "It's Malware Time" - A Bar Crawl from Skunked Homebrew to Rotten Apples
16:00 | Breaking into Cyber: How the hell are you supposed to get started?
17:00 | After Mirai: Cyber Security Implications of IoT Botnet Proliferation Against Critical Infrastructure
17:00 | Making an internal Let’s Encrypt relay server

Day 2

10:00 | Keynote - I PWN thee, I PWN thee not!
11:00 | Breaking Into Your Building: A Hacker's Guide to Unauthorized Physical Access
11:00 | Formula for a Bug Bounty Program
14:00 | Baking Your Anomalous Cookies
14:00 | Forensics Phish Tank: Breaking Down Analysis of Advanced Phishing Emails
15:00 | Empathy for the (Devel)oper: Lessons Learned Building An Application Security Module
15:00 | Waiter, there's a compiler in my shellcode!
16:00 | IR with Volatility Framework
16:00 | MORE Tales From the Crypt...Analyst
17:00 | Behavioral Security and Offensive Psychology at Scale
17:00 | Let's Talk About WAF (Bypass) Baby

Day 3

10:00 | My making of a Metasploit Module
10:30 | Don't Panic! A Beginner's Guide To Hardware Hacking
11:00 | The Jazz Improv of Infosec
11:30 | Elliptic Curve Cryptography: What it is and who needs it

Day 1

10:00 | Chasing the Adder... A Tale from the APT world
11:00 | Aww Ship! Navigating the vulnerabilities and attack surface of the maritime industry
11:00 | Hacking Dumberly, Just Like the Bad Guys
13:00 | Automahack - Python tool for automated Active Directory attack
13:00 | Dear Blue Team: Proactive Steps to Supercharge your IR
13:30 | You'll Understand When You're Older
14:00 | Hacking Smart Contracts--A Methodology
14:00 | Skills For A Red-Teamer
15:00 | Fighting Child Exploitation with Oculum
15:00 | How to tell cajun doctors they have bad cyber-hygiene and live
16:00 | On the Hunt: Hacking the Hunt Group
16:00 | What Infosec in Oil & Gas can Teach us About Infosec in Healthcare
17:00 | Your Mac Defenestrated. Post OSXploitation Elevated.

Day 2

10:00 | 2018 Keynote
11:00 | Effective Monitoring for Operational Security
14:00 | Taking out the Power Grid's Middleman
14:00 | We are the Enemy of the Good
15:00 | Cash in the aisles: How gift cards are easily exploited
15:00 | Privacy for Safety- How can we help targeted groups with privacy?
16:00 | Jump into IOT Hacking with Damn Vulnerable Habit Helper IOT Device
16:00 | Mind Games: Exploring Mental Health through Games
17:00 | The Evolution of Trollette
17:00 | The Future of Digital Forensics
17:30 | Changing the Game: The Impact of TRISIS (TRITON) on Defending ICS/SCADA/IIoT
17:30 | Ducky-in-the-middle: Injecting keystrokes into plaintext protocols

Day 3

10:00 | Gamifying Developer Education with CTFs
11:00 | Active Directory Security: The Journey
12:00 | HTTP2 and You

Day 1

12:00 | Does DoD Level Security Work in the Real World?
12:00 | Hacking the IoT: A Case Study
13:00 | Going past the wire: Leveraging Social Engineering in physical security assessments
13:00 | Hurt Me Plenty: The Design and Development of Arganium
14:00 | Arming Small Security Programs: Network Baseline Generation and Alerts with Bropy
14:00 | Easy Indicators of Compromise: Creating a Deception Infrastructure
15:00 | Lean Threat Intelligence: Detecting Intrusions and Combating Infiltrators with Open Source Software
15:00 | Make STEHM Great Again
16:00 | Designing and Implementing a Universal Meterpreter Payload
16:00 | EDNS Client Subnet (ECS) - DNS CDN Magic or Security Black Hole?
17:00 | Attacking Modern SaaS Companies
17:00 | Rooting out evil: defend your data center like the Secret Service protects the President

Day 2

10:00 | Keynote
11:00 | Iron Sights for Your Data
11:00 | Phishing for Shellz: Setting up a Phishing Campaign
13:00 | Talk Roulette
14:00 | Embrace the Bogeyman: Tactical Fear Mongering for Those Who Penetrate
14:00 | Security Guards -- LOL!
15:00 | Red Teaming Newbies - A look into CCDC
15:00 | Skynet Will Use PsExec: When SysInternals Go Bad
16:00 | Layer 8 and Why People are the Most Important Security Tool
16:00 | Tor-Pi-Do NOW with Bloomin' Onion
17:00 | 22 Short Films About Security
17:00 | The Devil's Bargain: Emerging Trends in the Ransomware Ecosystem
17:30 | Security is dead. Long live Infosec!

Day 3

10:00 | An Employee, their Laptop and a Hacker walk into a Bar
11:00 | Beyond OWASP Top 10
12:00 | Scamming the Scammers: Hacking scammers with pwns and knowledge with good intentions

Day 1

13:00 | Analyzing DNS Traffic for Malicious Activity Using Open Source Logging Tools
13:00 | Snake Charming: Fun With Compiled Python
14:00 | Art of Espionage
14:00 | Monitoring & Analysis 101: N00b to Ninja in 60 Minutes
15:00 | Check Yo Self Before You Wreck Yo Self: The New Wave Of Account Checkers And Underground Rewards Fraud
15:00 | Introducing the OWASP API Security Project
16:00 | Breaking Barriers: Adversarial Thinking for Defenders
16:00 | It's Just a Flesh Wound!
17:00 | Owning MS Outlook with PowerShell
17:00 | Why can't Police catch Cyber Criminals?

Day 2

10:00 | Keynote
11:00 | Calling Captain Ahab: Using Open Tools to Profile Whaling Campaigns
11:00 | Haking the Next Generation
13:00 | Hacking Web Apps (v2)
14:00 | Nose Breathing 101: A Guide to Infosec Interviewing
14:00 | Untrusted Onions: Is Tor Broken?
15:00 | Evolving Your Office's Security Culture by Selective Breeding of Ideas and Practices
15:00 | I Promise I'm Legit: Winning with Words
16:00 | Going from Capture the Flag to Hacking the Enterprise. Making the switch from "a hobby and a passion" to a lifelong career.
16:00 | You Pass Butter: Next Level Security Monitoring Through Proactivity
17:00 | Hackers are from Mars, CxO's are from Jupiter
17:00 | Now You See Me, Now You Don't - Hiding from the Internet

Day 3

10:00 | Don’t be stupid with GitHub
11:00 | Create Scalable and Secure Mobile Apps that Work Offline
12:00 | DDoS: Barbarians at the Gate(way)
12:00 | Hunting high-value targets in corporate networks

Day 1

13:00 | Practical Electronics: Fixing the fan in a post-poop scenario
14:00 | Attacking Web Proxies in the Modern Era
14:00 | Managing Elevated Privileges in the Enterprise Environment
15:00 | Cloud Device Insecurity
15:00 | Hacking NGFW and NGIPS For Fun and Profits
16:00 | Cyber Medical Terrorism: Hacking DNA for a Brave New World
16:00 | How to Grow a Hacker

Day 2

11:00 | The Great Trojan Demo
14:00 | On Defending Against Doxxing
14:00 | Social Engineering 101
15:00 | Breaking Scada
16:00 | Anti-Forensics: Memory or something, I forget
16:00 | Moving Meterpreter in Complex Networks

Day 3

00:00 | Emergence of the Hardware Botnet
10:00 | Breaking and Fixing Android In App Purchases
10:00 | Malware is Hard, Let’s Go Shopping!
11:00 | Now It’s Personal: Red Team Anecdote
12:00 | Multipath tcp - Breaking Today’s networks with tomorrow’s protocols

Day 1

09:15 | Keynote
11:00 | Why you are pwned and don't know it
13:30 | Anti-Forensics: Memory or something, I forget
14:30 | Malway Analysis 101 - N00b to Ninja in 60 Minutes
14:30 | The InternetOf Evil Things: The 10 Most Wanted List
15:30 | Do You Have Enough Executioners?
15:30 | Red Teaming: Back and forth 5ever
16:30 | Probabilistic detection of malware infected hosts via DNS query analysis
16:30 | Responding to APT: Unpwning the Pwned

Day 2

09:00 | Advanced RedTeaming: Ghosts in your Building
10:00 | Placing the Suspect Behind the Keyboard
11:00 | Androids vs. Android: Synthetic Mobile Malware Analysis
11:00 | Operational Security and Your Mental Health
13:30 | Interpersonal Manipulation
13:30 | It Just Keeps Going and Going
14:30 | Cognitive Bias and Critical Thinking in Open Source Intelligence (OSINT)
15:30 | iOS Analysis and Reverse Engineering using iRETStandard