Defcon started on 1993 and it is one of the oldest and largest hacker conventions around the world. It is held annually in Las Vegas, between end of July and first days of August. This year around 27000 people attended at DefCon. This time the main conference had four main tracks and there were more than 20 villages. Villages are dedicated spaces arranged around a specific topic. Each village have their own challenges, workshops and talks.

The Packet Hacking Village (PHV), is focused on network (in)security. This village have important sponsors some of them are Aries Security, Splunk, Tinder, Cisco, HackerOne and Fidelis.

Ou talk was about our experience in executing malware and capturing the traffic for more than 4 years. We showed how we designed and deployed an IoT malware execution laboratory to run malware for months and how we analyzed it to find novel attacks. In this talk, we explained how to monitor in real time, store data, the legal implications, the network protections. We also showed some analysis from the malware we executed in our laboratory, including Windows and IoT based malware. Some of the analysis include an IRC based botnet, hide and seek, WannaCy, Sality, Htbot and others.

The slides can be found <here>.