Day 1
| H2HC | H2HC University | |
|---|---|---|
| 08:20 | Registration | |
| 09:00 | Opening Ceremony | |
| 09:30 | Keynote: From student of compilation to mother of decompilation | LLVM CFI and Cross-Language LLVM CFI Support for the Rust Compiler |
| 10:30 | Cryptographic Acceleration | Never let good research go to waste: frustrating bounty experiences might make good conference talks |
| 11:30 | Blue2thprinting (blue-[tooth)-printing]: answering the question of 'WTF am I even looking at?!' | How to get Started with Bluetooth Hacking in Cars |
| 12:30 | Lunch Break | |
| 14:30 | A Closer Look At Freelist Hardening | Browser Exploitation the end of an Era |
| 15:30 | Old But Gold: The Underestimated Potency of Decades-Old Attacks on BMC Security | Local Privilege Escalation With I/O Rings |
| 16:30 | Break | |
| 17:00 | I'm High | Boiling The Ocean: Kernel Data Bus Analysis |
Day 2
| H2HC | H2HC University | |
|---|---|---|
| 10:00 | Keynote: The story of UEFI (and its security mitigations) | SQLi to Root Access: Exploiting a ISP infrastructure |
| 11:00 | The insides of an automatic defibrillator | CPU Vulns Are Easy |
| 12:00 | Lunch Break | |
| 14:00 | The Plague of Predictable Transient Numeric Identifiers | Two transient execution vulnerabilities you have probably not heard about: Snoopy and CRAP |
| 15:00 | LogoFAIL: Security Implications of Image Parsing During System Boot | Ghostbusting with CodeQL: finding gadgets for transient execution bugs |
| 16:00 | Break | |
| 16:31 | Hacking blockchains | Phantom: Exploiting Decoder-detectable Mispredictions |
| 17:30 | GatoROM: A New Attempt at Solving ROM Bit Ordering | INCEPTION: Exposing New Attack Surfaces with Training in Transient Execution |