7th December 2019
Hong Kong SAR China

Click here for ticket sales

Call for Paper and Workshop

Following our first successful event in 2016, Hong Kong’s premier security research and threat intelligence group Dragon Threat Labs is hosting DragonCon, possibly the most technically-intensive security conference borne out of Hong Kong.

Come join us, make friends and see the cyber city!

DragonCon invites proposals for half-day or full-day workshops to be held in December 2019. Workshops are expected to focus on Threat Intelligence, Hardware Hacking, Hardware Forensics, Hardware Attacks, Reverse Engineering, Exploitation, Vulnerabilty Research and any other subject that will make our nerd-o-meter hit the red line!

Speaker perks:
1. Complimentary ticket to the conference
2. Invitation to the VIP party
3. Remuneration for international speakers

Program Schedule

Main Conference December 2019

Venue: Function Room 2, Level 3, Core E, Cyberport 3, Cyberport Road, Hong Kong

Workshops to be held one day before the main conference

10:00am - 10:20am


10:20am - 10:30am

Welcome & opening speech
Dan Kelly

10:30am - 11:15am

Building your Car Hacking Labs and a Car Hacking Village Community from Scratch
Jay Turla

How do you get started with car hacking with good resources already? Yes you got the online resources now but how do you get the hardware without buying an actual car? Join Jay as he recall his experience in building the 1st car hacking village in the Philippines together with his friends. In this talk, he will demonstrate how to procure cheap hardware but not from the black market and how to start car hacking on a cheap. He will demonstrate car hacking for beginners from reverse engineering the Controller Area Network (CAN), building your own 5$ car hacking tool to fuzzing simulators and real hardware. This talk is also inspired from the Car Hacking Village in DEFCON.

11:15am - 12:00am


12:00am - 12:45pm

Cisco to Disco!

Our talk introduces the internal structure and functionality of the Cisco IOS Exploit Framework (a.k.a. DISCO Framework) presented through a demonstration of the Cisco IOS 1-Day analysis. And we will also introduce some 1-day exploit codes analyzed by our framework!
# Cisco IOS Exploit Framework (a.k.a DISCO Framework = Destroy cISCO)
[*] Debugger
CISCO IOS Mips Debugger with new features such as Backtrace and ASLR-based Dynamic Address Calculation
[*] Instrumentation Send Test Packet for the major basic block of code-patched IOS firmware, extract coverage, and send it to the Fuzzer connected by Serial Port.
[*] Fuzzer Create an Smart Packet based on the coverage received through Instrumentation and send it to the Router for efficient fuzzing.

12:45pm - 13:30pm

Cybersecurity: Just Another Terrain
Gene Yu, Mika Devonshire

A presentation on root cause analysis from the perspective of a U.S. Army Green Beret—integrating physical and social risk analysis with cyber incident response.

The presentation will cover the principles of incident response / root cause analysis, with discussion and real-world case studies on the value of incorporating people, processes and physical security risk with digital vulnerability analysis.

13:30pm - 14:45pm


14:45pm - 15:30pm

(Discussion Panel) Red teaming: how we hack you, the impact on industry standards and the evolution of security testing
Dan Kelly, Simon Blanchet, Jenius Shieh

This discussion will cover aspects of red teaming, industry standards and practitioner level application. We will explore areas such as:

- How has red teaming evolved
- How has the industry evolved
- Does it really help to make us more secure
- As a practitioner, how much effort is red teaming
- Do industry standards actually meet real-world requirements
- How does threat intelligence feed in to red teaming?

This panel will be interactive and members of the audience will be able to ask questions.

15:30pm - 16:15pm

Hacking and Trolling: The Changing Face of Hacktivism in the Disinformation Age
Mei Nelson

Hacktivism, commonly known as actions by individuals or groups that using hacking skills to spread a specific message and bring attention to a political or social cause, has risen and then fallen globally in the past five years. In the meantime, hacktivist activities have evolved, with an increase in state-sponsored hacktivism using false hacktivist personas, and the appearance of hacktivists who could also be described as “entrepreneurial geeks.” Not all hacktivists break into network systems; some perform troll activities to create online disruptions on social media to accomplish their goals. The recent phenomenon of fandom nationalists turned trolls adds another layer to the many roles of hacktivism.

This talk will discuss the role of hacktivism in information operations through case studies of hacktivist activities from various regions and countries, and provide insight into the structure, organization, motivations, goals, tactics, techniques, and procedures (TTPs) of these hacktivist groups. The talk will also analyze how other threat actors utilize hacktivists to conduct information operations. Lastly, the talk will reflect on the future direction of global hacktivism in information operations as geopolitical tensions among major powers increase and nation-states reposition their cyber defense posture.

16:15pm - 16:30pm


16:30pm - 17:15pm

A conceptual framework to construct a I2P network through hacked IoT devices
Ir Dr Daniel NG

Many Hong Kong public utilities are deploying smart meters using NB-IOT. Most of them are using GPRS and 32-bit micro controller. Radio interface is based on WiFi. It is easy to construct an offensive system to convert a cluster of IOT devices into a I2P network for recons and surveillance.


Closing speech
Frankie Li

Workshop Schedule

December 2019

Venue: Conference Room, 21/F, 1063 King’s Road, Quarry Bay

6th Dec 2019
09:00am - 13:00pm

A hands-on perspective of modern attacker techniques
Kenneth Teo, Technical Director APJ, Alsid

Course Length: Half-day training

Fees: HKD 200
(DTL Members HKD 50 - Please enter the promotion code before checkout)

What You Will Learn

Active Directory: The untold story of 10 years of failure, and how to emerge greater. Sad to say, Active Directory is not only the cornerstone of our infrastructures' security, it's also one of its weakest points. Since the early 2000's, it has been the common point between desktop and industrial information systems. The recent release of Singhealth's compromise report is a striking example. The root cause of these attacks is not always to be found from software vulnerabilities, but from abnormal and sometimes funny misuse of security features. During this session, we will shed a light on the most epic failures we encountered during real-world incident response. Taking into consideration what we know from modern threats, we will describe a pragmatic way to get the control back on Active Directory infrastructure.

Submit Call for Workshop




         Dragon Advance Tech Consulting Co. Ltd.
         Cyber Security Lab
Department of Computer Science
Hong Kong University

We are seeking sponsors. If you are interested in sponsoring, please contact the following at Dragon Threat Labs.

For the donation, please contact the following at Dragon Threat Labs.

Media and Public Inquiries

Please contact Roland Cheung and/or Dan Kelly.


if you wish to sponsor DragonCon please contact Frankie Li.

Copyright © 2019 Dragon Threat Labs