Conference for
Exploit Developers &
Bug Hunters

March 29 ~ 30, 2018


About Zer0Con

Zer0Con is POC’s NEW ‘CLOSED’ international security conference. It focuses on finding, analyzing, and exploiting vulnerabilities. Zer0Con aims to have high-level technical presentations.

∙ It is a high-level and closed conference.
∙ It only focuses on finding, analyzing, exploiting vulnerabilities.
∙ Only speakers, attendees, and sponsors will share vulnerabilities information.
∙ Zer0Con attendees can share various information and establish unique community.
∙ Training courses also focus on finding, analyzing, exploiting vulnerabilities.
∙ If you have certain level of ability to find bugs and make exploit code, you will improve yourself through Zer0Con.


Speakers of Zer0Con

Team Member
James Forshaw Google Project Zero
A Bridge too Far

In Windows 10 Anniversary Edition Microsoft introduced Desktop Bridge, originally known as Project Centennial. This technology allows normal Win32 applications to be converted to run as self contained Windows Store applications, redirecting file and registry access to allow the application to easily be uninstalled leaving no remaining footprint. To support Desktop Bridge Microsoft had to change a number of different parts of the OS including the Kernel and system services. This presentation will be an in-depth look at how Desktop Bridge works as well as a look at some of the bugs I’ve discovered in the various components which make up the technology.

Team Member
Jonathan Levin                                  
Friends, Romans, Countrymen - Lend me your kernel_task port

This talk starts by reviewing all the countermeasures utilized by Apple to discourage exploitation. It then explains why all of them are essentially futile for a determined attacker with sufficient knowledge of system internals. It explores a freely available post-exploitation library provided by the author, which enables researchers or jailbreaking hobbyists to code a functional jailbreak in about 20 lines of code.

Team Member
James Lee Kryptos Logic
Unusual Windows Insider Preview Exploitation

An unusual way to exploit Windows Insider Preview via an interesting binary in windows folder called HTML Help Executable; hh.exe.
- Windows Media Player Information Disclosure vulnerability that I triggered via hh.exe and its idea behind bypassing prompt to avoid user interaction.
- The interesting trick that allows you to escape from Microsoft Edge's AppContainer Sandbox.
- Multiple vulnerability cases that he found in hh.exe
As well as a look at Firefox browser Remote Code Execution + Windows Elevation of Privilege exploit to achieve SYSTEM-level Code Execution on latest Windows 10 Operating System.

Team Member
Brian Pak(Cai) Theori


Team Member
Singi               Theori              
How to make macOS exploit(from Browser to Kernel)

In this talk, I will be explaining about macOS exploitation by using browser/kernel 1-day vulnerability
Defining the exploit process from 1-day vulnerability analysis to macOS / safari exploitation including bypassing mitigation

Team Member
The HIDeous parts of IOKit

This talk takes a deep dive into XNU's IOKit, discussing its architecture, security features and significance in Apple's operating systems. It shows how to interface with, probe, reverse, and finally exploit IOKit components, touching down on common patterns and convenient exploit strategies. Lastly it takes a look at previous IOKit vulnerabilities and does a detailed case study on the "IOHIDeous" exploit.

Team Member


Team Member


Team Member


Team Member



Schedule of Zer0Con2018

March 29 ~ 30, 2018, Seoul, Korea


Register Zer0Con

Zer0Con registration is a four-step process:

∙ first, you register  here ,
∙ then we check if you are eligible or not,
∙ and finally you will receive a link to pay.
∙ It may take 2 or 3 days.
∙ if you pay, we will send you your ticket.

You should bring your ticket to get your badge.

Early Bird(1.15 ~ 2.14)Late(2.15 ~ 3.15)On site
KoreanKRW 1,408,330KRW 1,624,995X

(Exchange Rate: $1 = KRW 1,083.33)

86 seats are available now.


Zer0Con Training Course

The training courses of Zer0Con focus on bug hunting and exploitation.


Archives of Zer0Con


The-K Hotel, Seoul

Crystal Ballroom A, B Hall

- ADDRESS: 70, Baumoe-ro 12-gil, Seocho-gu, Seoul, Korea
- TEL: +82-2-571-8100
- WEB: http://thek-hotel.co.kr/e_seoul/main.asp
- If you want more information, click the map below.

“There seems no empty room now in the venue hotel.
So, we recommend attendees to book other hotels in Gangnam area. Check this file for your hotel rooms.”


Contact Us

If you have any questions, contact us.

(zer0con @ pocsec.com)

* We recommend you to use the pgp key (PGP KEY)

Also, we are looking for sponsors.
There are several benefits for sponsors, so please feel free to contact us.

(zer0con @ pocsec.com)

Organizer & Sponsor

Copyright(c) Zer0Con All rights reserved.