SPEAKERS & CONTESTANTS

2025 SHANGHAI

One Computer — Within Seconds, Half of Global Services Become Unreachable？

A Challenge that Exploits Unknown Vulnerabilities in Fundamental Protocols to Cause Network Pollution and Denial-of-Service

No Installation, No Escape from Scams

The Gray Empire of the 'Quick App' Ecosystem

Mechanical Awakening or Out of Control? Just One Line of Code

A Challenge that Exploits Multiple Unknown Vulnerabilities to Remotely Hijack and Compromise Embodied Robotic Systems

Google Android Red Team (US)

Fighting Cavities:
Securing Android Bluetooth by Red Teaming

How I Exploited a Bluetooth Protocol-Parsing Vulnerability to Achieve Remote Code Execution on Android Devices

Protector vs. Predator:
Have Crypto Wallets Become Gateways for Looting?

A Challenge that Exploits Unknown Vulnerabilities to Compromise Multiple Cryptocurrency Hardware Wallets and Execute 'Malicious' Transfers

Smart — But Not Much

A Challenge that Exploits Unknown Vulnerabilities to Remotely Track, Locate, and "Steal" a Specific Smart Motorcycle

PTSEC Team (RU)

Buried in the Log:
Exploiting a 20-Year-Old NTFS Vulnerability

How I Discovered and Exploited a 20-Year-Old Vulnerability to Compromise the Windows Kernel

Your Glasses, My Eyes

A Challenge that Exploits Unknown Vulnerabilities to Silently Conduct 'Covert Photography' Using Cameras on Popular Smart Glasses

LFY - Fudan University

Make Agent Defeat Agent:
Automatic Detection of Taint-Style Vulnerabilities in LLM-Based Agents

How I Used Directed Fuzzing to Generate Malicious Prompts and Compromise LLM-Based Agents

sakura, R1nd0

Null to RCE:
Breaking V8 Through WebAssembly GC Type Exploits

How I Exploited a Vulnerability in the WebAssembly GC Feature to Achieve Arbitrary Code Execution in the V8 Engine

Is Your Drone Still Listening to You?

A Challenge that Exploits Unknown Vulnerabilities to Remotely Hijack Drones or Cause Them to Crash

X1r0z

Hacking GraalVM Espresso
Abusing the Continuation API to Mount a ROP-Like Attack

How I Analyzed and Exploited New JDK Features to Achieve Arbitrary Command Execution

Hidden Corners

Traps on the Home Screens of Tens of Millions of Mobile Users

DARKNAVY

The Biometric AuthToken Heist:
Cracking PINs and Bypassing CE via a Long-Ignored Attack Surface

How I Discovered and Exploited a Low-Level System Vulnerability to Recover Mobile Device Lock-Screen Passwords

NEW FOCUS

Value through Confrontation

DAF Contest

KEEP ON PWNING EVERYTHING!

Limited time, unlimited targets and methods.

30+5 In-depth Sharing

VISUALIZED INSIGHTS.

Talk is Cheap, Show Me Your Demo.

Web3 and Hackers

(2025 Dubai Exclusive)

LIVE WEB3 THREAT DEMONSTRATION

Where Billion-Dollar Heists Get Replicated.

Drones & Robotics Security Contest

(2025 Shanghai Exclusive)

REWRITE THE RULES BEFORE SYSTEMS COLLAPSE

Unleash the Cyber-beast Within.

Special Disclosure

(2025 Shanghai Exclusive)

WHITE-HAT HACKERS CODE JUSTICE INTO REALITY

What tech giant are turning exploits into weapons?

COMMITTEE

Either the No. 1, or the Only 1.

RESTRICTIONS & NOTIFICATIONS

Professionalism is to try our best.

1 GEEKCON organizing committee (hereinafter referred to as "the committee") recognizes the technical capability of the winner individually, but doesn't acknowledge that it represents the capability of the winner's working organization.

2 The committee recognize and promote the comprehensive assessment of vulnerability exploitation capabilities and mitigation mechanisms from a confrontational perspective, and do not endorse the judgement of security levels of the target products involved in the event based on a single dimension or non-quantitative dimension.

3 The committee firmly follows the Responsible Disclosure principle. The committee and contestant commit not to disclose any details to third-party before manufactures fix the issues.

4 The committee advocates and encourages in-depth knowledge sharing and communication, but firmly opposes any speech and behavior that violates laws and regulations or infringes on the rights of others.

5 The committee guarantees that the participants' personal information will not be disclosed to third-party or used for commercial activities without their agreement and authentication.

6 The committee will provide awards and honors based on the research efforts, technical breakthrough, and technical innovation of the projects. As the top 1 security geek IP operator in China, the committee always advocate a reward mechanism that emphasizes both honor and moderate bounty, encouraging more geeks to participate in technical innovation and knowledge sharing.

SPONSORSHIP PARTNERS

TECHNOLOGY PARTNERS

COMMUNITY & MEDIA PARTNERS

ORGANIZER

CREATOR

PAST PARTNERS

About DARKNAVY

DARKNAVY, an independent and free-spirited security research organization and service provider. We have invented and established AVSS (Adversarial Vulnerability Scoring System) to evaluate and quantify vulnerabilities and the effectiveness of system mitigation mechanisms in real adversarial environments. We have also initiated and organized GEEKCON, a unique and top-class security geek event, to empower the development of the global security community.

Our goal is to create a more secure digital world by eliminating vulnerabilities in IT products/services. By sharing our knowledge through consulting and R&D experiences, we aim to enable organizations to better prepare and protect themselves against the ever-evolving threat of cyber attacks.

About GEEKCON

GEEKCON is the new version of the top security competition, GeekPwn. Initiated by DARKNAVY, GEEKCON aims to become a globally unparalleled technical event for security geeks, pioneering and promoting the visualization and measurable values of security ecosystem capabilities.

Contact

Registration Desk:

cfp@geekcon.top

Business&Media Cooperations:

biz@geekcon.top

Official Partnership