Thanks for joining VXCON 2019!
Thanks for joining VXCON 2019, we could not make it without your support.
It will be VXCON 10th Anniversary next year, please stay tuned and get prepared for it! :)

VXCON 2019
Main Conference: 27-April-2019 (Saturday)

Participants of the VXCON main conference are eligible to earn 6 hours of CPE

Workshop and Village (Tentative)
25-26 April: Workshop
28 April: Village

Get Your Tickets!
Get your tix!


PHP: Horrific Puzzle is a series of CTF challenges that no one plays for some unknown reasons.
This time, the challenges feature the seven sins of CTF

Try it

Golden Code of Conduct and Engagement Protocol:

  1. Networking/promotion in networking break is welcome, be gentle and polite, consider other’s privacy;
  2. Don’t enter into staff only / registration / supporting area without authorisation and proper reason(s), it is not your home;
  3. We welcome setting up a booth by any supporting organisation or/and sponsor for promotion;
  4. Respect speakers / trainers / organiser / participants / your affiliation members / yourself;
  5. Welcome and please feel free to tag us #VXCON, however, please do not confuse public and attendees linked with your belonging affiliation and wordings in all media including Twitter, LinkedIn and Facebook, unless you are authorised, if there is, please correct them immediately.
  6. When you post photos/slides with speakers and any guests/joiners , please pay extreme care whether you have tagged or linked your affiliation properly, especially you are NOT the host/organiser,think twice before you act and review with your committees whether there is any potential identity/affiliation hijack, getting the slides/demos for any interest (commercial/research/whatever) without speaker or author approval cannot be accepted;
  7. To whom cannot comply with it, we will only reject your entrance without refund and further reminder and supporting affiliation/organisation identity is removed immediately.

Effective from now (29 April 2019) and apply to all previous posts/offences by any entities have made in VXCON 2019. Please fix/clarify them all.
#VXCON #VXRL #面斥不雅 #以儆效尤


VXCON, we are glad to invite a few prominent speakers and researchers all over the world. They are frequent speakers of Blackhat, DEF CON, HITCON and in various global hacker and security conference. Meanwhile, some are very good at Malware Analysis, CTF and Exploitation and Hardware. We focus on offensive security, threat and exploitation. Please enjoy and join us.

Past events

VXCON 2018
VXCON 2017



Satoshi Tanda

AMD-V for Hackers
KJ and Dlive

KJ and Dlive

JiuWei - Cross Platform/Architecture Shellcode Executor
Clarence Chio

Clarence Chio

Grey-box fuzzing with multi-armed bandit machine learning

Moonbeom Park

Let's steal and dive into the secret computer they stole.


Advanced Binary Exploitation (Workshop)
keng wong and anthony

Ken Wong and Anthony Lai

Malware Analysis and Machine Learning

So-yeon Lee

Leaking accurate kernel pointer using kprt tool with 1 day analysis

Dennis Kim

Blockchain Mythbusters

Kelvin Liu

Drone Security

Panel Discussion - Hack For Future

Toshihiko Taniguchi

Toshihiko Taniguchi

Japan - HPCon
Takayuki Terashima

Takayuki Terashima

Japan - AV Tokyo
Ryan Lee

Ryan Lee

Korea - HARU
Nikolay Akatyev

Nikolay Akatyev

Korea - BoB
Dr. CK Chen

Dr. CK Chen

Taiwan - Bamboo Fox


Taiwan - TDOH
Albert Hui

Albert Hui

DEF CON Group Hong Kong


Malaysia - JD
Emil Tan

Emil Tan

Singapore - Singapore Infosec In The City
Anthony Lai

Anthony Lai

Moderator - VXRL


Main Conference: 27-Apr 2019 09:00-18:00 (Venue: The Wave)
09:30 - 09:35Opening
09:40 - 09:55Keynote by Edvance - How to use green radar to protect you from being the next victim on email phishing
10:00 - 10:45KJ and Dlive - JiuWei - Cross Platform/Architecture Shellcode Executor
10:45 - 11:00Break
11:00 - 11:45Clarence Chio - Grey-box fuzzing with multi-armed bandit machine learning
11:45 - 12:30Moonbeom Park - Let's steal and dive into the secret computer they stole.
12:30 - 14:00Lunch Break
14:00 - 14:45So-Yeon Lee - Leaking accurate kernel pointer with 1 day analysis / CTF and Pwnable with codegate challenges
14:45 - 15:30Satoshi Tanda - AMD-V for Hackers
15:30 - 15:40Break
15:40 - 16:00Anthony LAI/Ken Wong: Malware Analysis and Machine Learning
16:00 - 16:30Dennis Kim: Blockchain Mythbusters
16:30 - 16:45Drone Security - Kelvin Liu (TDOH)
16:45 - 17:15VX Research :)
17:15 - 17:45 Panel Discussion - Hack for Future
Japan: Toshihiko Taniguchi, Takayuki Terashima
Korea: Ryan Lee, Nikolay Akatyev
Taiwan: Dr. CK Chen, TDOH - HrJ
Malaysia: KJ
Singapore: Emil Tan
Hong Kong: Albert Hui
Moderator: Anthony Lai

Schedule for Village

Village: 28-Apr 2019 10:30-17:00 (Venue: WeWork CityPlaza 20/F)
10:00 - 10:30Entry - Crew members will help to register in Lobby
10:30 - 11:15Zetta-CTF / Student session - CTF Fundamental
11:15 - 12:00Student session - CTF Fundamental
12:00 - 13:30Lunch
13:30 - 14:15Smart Home Hacking
14:15 - 15:30Smart Home / Morse Code / Zetta-CTF / Other Research
15:30 - 17:30Lockpicking Via 3D printing
Get your tickets - Purchase here

Workshop Schedule

Angelboy (World Top Binary pwner from HITCON)

Topic : Binary Exploitation - 2 days (25-26 April)
Linux Heap exploitation
Glibc memory allocator
Use after free
Unsafe unlink
House of force
Advanced Linux heap exploitation
Fastbin attack
Unsorted bin attack
Unsorted bin corruption
Large bin attack
File structure exploitation
File Structure internel
Make file structure great again
Windows exploitation
From Linux to Windows
Bypass some Protection

Satoshi (World Top Windows Kernel and Reverse Engineer)

Date: 28 April (1030-1530) Topic: Hypervisor Development Hands On for Security Researchers on Windows
Why Learning VT-x
Sharing Goals of the Workshop
Exercise 0: Run Our Hypervisor and Observe Behavior
Basics of Intel VT-x
Processor Modes: VMX root operation and VMX non-root operation
Mode Transition: VMX instructions, VM-exit and VM-entry
VMCS: A Context Structure for a Guest
Source Code Work-through
Exercise 1: Implement the CPUID Handler
Customizing Hypervisor
More on VMCS
Opting-in More VM-exit
Exercise 2: Implement a Context Switch Tracer (CR3 monitor)
Wrapping Up
Typical Vulnerabilities You Would Make
Further Features and Learning Resources
For workshop, please contact darkfloyd[at] for details
Workshop Venue: WeWork CityPlaza 20/F


Please contact info[at] for arrangement

Official Media Partner

Supporting Organisations, CON and Friends


Conference Venue - The Wave

8/F, The Wave, 4 Hing Yip Street, Kwun Tong, Hong Kong

Village Venue - WeWork

Cityplaza Phase 3, 20/F, 14 Tai Koo Shing Rd

By MTR: Taikoo Station, Exit E.