DEF CON and Black Hat bring together hackers and security professionals from all over the world. Every August, they gather in Las Vegas for a slew of events, referred to as Hacker Summer Camp.
We weren’t at this year’s Hacker Summer Camp, but we followed the proceedings closely, and here are the projects that stood out the most for us:
Cars are computers on wheels, and they have a larger attack surface. In 2015, two security researchers remotely hacked and controlled a Jeep Cherokee with a Wired reporter in it, showing the world that cars could be hacked like other devices, and contributing to the push for automotive security as a critical part of cybersecurity.
Doggie is an open source and modular CAN bus-to-USB adapter, ideal for automotive security hobbyists and professionals. It is a Swiss Army knife tool that offers CAN bus analysis, sniffing, and injection for diagnostics and penetration testing. The modular design supports six different microcontroller and CAN transceiver configurations.
(Evil)Doggie (📷: Faraday Security)
Octavio Gianatiempo and Gaston Aznarez of Faraday Security presented an offensive security version at Black Hat Arsenal Lab, affectionately nicknamed (Evil)Doggie. It employs active manipulation techniques like spoofing and frame injection to exploit vulnerabilities in the CAN bus. It is cheaper than a Flipper Zero and has a “good-evil” switch. What more could you ask for?
nyanBOX is an open source gadget for testing and interacting with 2.4GHz and BLE networks. It is built on an ESP32 WROOM32U microcontroller paired with three nRF24 modules and an OLED display.
nyanBOX (📷: Joseph Buhagiar)
Features include scanning, deauthentication, beacon spamming, and device detection (Pwnagotchi, Flipper Zero, and other nyanBOX devices). The RPG-inspired leveling system gives users experience points for using the device’s tools and features. The rank is broadcast to other users when they scan for nearby devices.
It is a fork of the nRFBOX project by CiferTech and is completely compatible with the original hardware. PCB files, schematics, and bill of materials are in the GitHub repository.
“Invitation is all you need” offers a preview of what could go wrong when an LLM-powered application is infiltrated.
Ben Nassi, Stav Cohen, and Or Yair, the authors of the research project, use a prompt injection exploit within a Google Calendar invitation to poison Gemini’s context. They escalate this attack to control smart home devices, open applications, and download files.
While the impact of this project is relatively minimal, it highlights the potential risks of giving control to agentic AI. Since prompt injection is bound to be a recurring vulnerability of these systems, one can imagine the potential risks if LLM-enabled applications are granted OS and hardware-level control.
This specific vulnerability has been fixed, and you can read more about it in the “Invitation Is All You Need” paper.
Promptfoo is an open source platform for evaluating and red teaming LLM applications. It is an emerging tool for the next frontier of cybersecurity, and it claims to help developers identify vulnerabilities such as data leaks, jailbreaks, and prompt injections, before production. It supports automated red teaming and performance evaluation, and can be run locally.
Prompt injection could remain a “whack-a-mole” situation due to the very design of LLMs and LLM-enabled applications. If you are building an LLM application, Prompfoo might be useful for safety and reliability testing.
2025 is the International Year of Quantum Science and Technology (IYQ), marking 100 years since Werner Heisenberg developed the theory of quantum mechanics. Although the quantum era seems a far-shot goal, quantum technology is finding application today.
DEFCON’s Quantum Village cofounders have created the first fully open source, hackable quantum sensor. The Uncut Gem project, which they dub quantum computing’s Apple II moment, uses off-the-shelf components and a nitrogen-vacancy (NV) Centre diamond with defects within the lattice that enable special quantum effects.
The Uncut Gem Quantum Sensor (📷: Quantum VIllage)
Similar sensors have been built by elite, well-funded labs, but this is the first attempt at making a quantum sensor that anyone can hack and build upon. It can be assembled for about $120 to $160, but the price is expected to drop in future iterations.
The Uncut Gem sensor isn’t perfect, but it can be used to explore medical applications, GPS-jamming countermeasures, as well as chip debugging with magnetometry. It was showcased as part of the Quantum Village badge.
Fault injection attacks alter a device’s voltage pulse to bypass protections and expose hardware secrets, with tools like the ChipWhisperer.
Glitch.IO is a cheap, powerful glitcher that “aims to be a standard in the hardware hacker’s toolbox”. It includes dedicated glitching hardware, a software framework for creating fault injection applications, and a “recipe” library for publicly-known attacks.
Security Consultant Ramiro Pareja-Veredas presented Glitch.IO at the Black Hat conference, using a recipe to bypass the Raspberry Pi Pico 2’s fault injection countermeasure.
AI might be a new Wild West of digital security and offense, but old security threats remain just as relevant. What stood out to you at Hacker Summer Village?