August 3 – 9 | Las Vegas
Meet Us at Black Hat & DEFCON.
Get dedicated time with our consultants. Unwind with our Team. Meet our Friends and Partners.
MEET US @ THE DEF CON 34 VILLAGES
Aug. 6-9, 2026 | Las Vegas Convention Center West Hall in Las Vegas, NV
Our Consultants are workshopping, presenting and demoing at various villages and community stages. We'd love to meet you there.
Brandon Kovacs, Sr. Security Consultant, will be on hand with a live demo showcase built around one of the fastest moving threats in social engineering: real-time deepfake video and voice cloning. Generative AI has handed attackers a new toolkit for impersonation, and the results are already landing in the headlines, including a case where a finance employee at a multinational company wired $25 million after what looked and sounded like a live video call with their CFO, but turned out to be a synthetic performance.
Brandon will use a mix of open-source tooling, consumer-grade recording gear, and basic film production technique to get to a believable, broadcast-quality result. Attendees will see real-time face and voice swapping in action and get a practical read on where the technology's limits still are.
The goal is to leave attendees with a clearer sense of how this class of attack actually gets built and what that means for how social engineering engagements and awareness programs need to evolve.
Aug 7 at 11 a.m. workshop: Weaponizing CloudFormation Lab
Samanta Aranda, Managing Senior Consultant, will run a hands-on workshop on weaponizing CloudFormation. Attendees will start with limited IAM permissions and learn to identify and exploit misconfigured CloudFormation execution roles using iam:PassRole, service roles, and Lambda-backed Custom Resources.
Participants will weaponize CloudFormation templates to build persistence inside service-scoped IAM paths without needing direct administrative access.
The workshop digs into realistic cloud attack paths, delegated execution abuse, and the risks introduced by over-permissioned automation, along with rollback abuse scenarios and how these attacks surface in CloudTrail and IAM logs.
Aug 7 at 4 p.m. Cirro workshop: Extending Your Azure Graph Beyond Identities Lab
Leron Gray, Senior Security Consultant, will lead a lab on extending Azure attack graphing beyond identity with Cirro, the spiritual successor to Stormspotter. Most Azure graph analysis tooling focuses on identity relationships: users, groups, service principals, role assignments. Modern Azure environments hold far more exploitable context in infrastructure, platform services, application configs, network relationships, managed identities, and data-plane resources.
Cirro is an attack graphing tool that models Azure environments by combining Microsoft Graph identity data with Azure Resource Manager infrastructure data, mapping resources into Neo4j for deeper attack path and misconfiguration analysis.
This lab walks through Cirro's collection, ingestion, and analysis workflow. Attendees will enumerate and assess an Azure tenant, run Cypher queries, and use custom dashboards to interpret graph data. Prerequisites: Docker/Podman Compose, Azure CLI, a web browser, and a SQLite3 browser. Fundamental knowledge of Cypher is recommended but not required.
Dan Petro, Principal Security Engineer, joins the Village to talk about a community he's deeply embedded in: competitive Super Smash Bros. Melee. Super Smash Bros. Melee for the Nintendo GameCube is one of the oldest active fighting game communities, with a storied 25-year history. Would you believe that people try to cheat at it? Dan is the maintainer of the SLP Enforcer tool and helps with cheating investigations for the Melee community.
In this talk, Dan'll share stories of people trying to cheat and getting caught, and along the way, break down the different ways someone could try to cheat at Melee and how detection tools actually work.
Aug ? at ? p.m.
Billy Giles, Managing Senior Consultant, will present an honest look at what red teaming actually involves, and how to start building a real path into the field. If you spend enough time online, you might think red teaming is all zero-days, custom malware, and elite operators silently dismantling networks while dramatic music plays in the background. The reality is very different: modern red team operations are less about "cool hacks" and more about planning, communication, and helping organizations improve their defenses. In many cases, the most important skills have nothing to do with hacking at all.
This talk is designed for newcomers interested in offensive security who want an honest look at what red teamers do, how engagements are planned, what skills matter most, and how to build a realistic path into the field. Billy will break down the differences between penetration testing and red and purple teaming, discuss common misconceptions about offensive security careers, and walk through a real-world red team engagement from planning through debrief.
Sarah Muriel, Attack Surface Analyst, Cosmos, will take the stage to challenge a persistent myth: that VIPs and executives have better digital hygiene than the rest of us, and that their sensitive information isn't sitting in plain sight online. It is, and Sarah will show exactly how she finds it. How long does it actually take to find sensitive information on the executives of a major company? Not as long as you'd think. Despite the assumption that VIPs are scrubbed from people search sites and have left no dubious digital trail, that's rarely the case in practice.
In this talk, Sarah will walk through her approach to running a vulnerability assessment on the C-suite of a multinational corporation, from the unglamorous fundamentals of note-taking and report writing to the genuinely fun part: the strange sources and unexpected findings along the way.
Panel: Is Red Teaming Dead?
Billy Giles, Managing Senior Consultant, joins moderator Ben Sadeghipour (@NahamSec) along with Ads Dawson (@0xmoose) and Ryan Montgomery (@0day) for a candid panel debate. AI is reshaping how offensive security work gets done, and red teaming is no exception. This panel brings together practitioners for a candid debate on whether AI-driven tooling and models are poised to take over red teaming, or whether the discipline's value is fundamentally human. Expect a range of perspectives on where automation helps, where it falls short, and what the future of the craft looks like.
Workshop: Design Red Team Exercises That Matter
Billy Giles, Managing Senior Consultant, will lead a drop-in workshop on designing more meaningful red team exercises. You got domain admin. No alerts fired. The red team "won." But did the exercise actually test anything that matters? Red team engagements are often judged on familiar markers like full compromise, stealth, or novel technique, outcomes that showcase operator skill but frequently fail to answer the question the engagement was meant to address.
This session challenges that pattern, pushing back on the tendency to optimize for technical achievement instead of meaningful outcomes. Through a short presentation and an interactive, drop-in workshop, participants will learn how to design red team exercises around clear defensive questions, building out real-world engagement components like objectives, starting conditions, technique selection, and success metrics. The workshop is modular, so attendees can join at any point and engage at their own pace. Whether you spend five minutes or the full session, you'll leave with a practical framework for planning red team operations that deliver actionable insight, and a clearer sense of what red teaming is supposed to accomplish in the first place.
AI VILLAGE
AI/Deepfake Live Demos Showcase
CLOUD VILLAGE
Weaponize CloudFormation & Extend Azure Graph Beyond Identities
GAME HACKING VILLAGE
Catching Cheaters in Super Smash Bros Melee
NOOB VILLAGE
The Reality Behind the Role of a Red Teamer
OSINT for Good Community Stage
How to Profile an Entire C-Suite in 10 Days
RED TEAM VILLAGE
Is Red Teaming Dead? Design Red Team Exercises That Matter
Catch up with the team
Invite only event hosted by Binarly & Bishop Fox
Bishop Fox Community Event @ RedTail
Bishop Fox is back at RedTail for our annual community meetup, our third year hosting inside Red Tail!
Come hang out, geek out, and catch up with your industry friends while enjoying arcade games, a live DJ, great food, drinks, and karaoke.
Meet with us at Black Hat - Booth 5200
Stop by booth 5200. We'll show you what AI-powered security actually looks like under real attack conditions — live demos, no slideware — and our team will be there to talk shop.
Book Time with Bishop Fox
Sit down with our team to talk through:
Grab Time with Bishop Fox Experts
By submitting this form, you indicate that you have read and agree to the terms of our Privacy Policy.
Thank you for your submission. We will be in touch shortly to finalize our meeting location and time.