RC17 Theme
Posted on: 02.14.23

This year's theme revolves around surveillance, privacy and technology.

Surveillance, privacy, and technology are all closely interconnected topics that have become increasingly important in the modern world.

The intersection of surveillance, privacy, and technology has become increasingly complex in recent years. On the one hand, technology has made surveillance easier and more widespread, allowing for the collection and sharing of vast amounts of data. On the other hand, technology can also be used to protect privacy, through the use of encryption, privacy-focused tools, and other means of securing personal data.

As society continues to grapple with these complex issues, it is important to consider the balance between surveillance and privacy, and to ensure that technology is used in a responsible and ethical manner.

For our con-goers to have full ROOTCON experience ROOTCON 17 will be executed fully as physical conference. We are no longer offering hybrid this year. Exciting times ahead, we hope to see everyone this year! Hack-on....

Look n Feel
Color Scheme:

RC17: Call For Villages
Posted on: 02.14.23

The machines for organizing ROOTCON 17 are upon us, we will start off with expanding ROOTCON villages. We are now opening Call For Villages to the public and to all our con-goers who desire to organize a village within ROOTCON.

What are a villages?
Villages are mini events with specific topics and goals held and exhibited with the conference.

Who are the village organizers
Village organizers are same-minded individuals who are enthusiastic in sharing their research.

If you have any sort of village that you want to bring to ROOTCON now is the time! You may visit the Call For Villages page to submit your application.

RC16 Archives Partially Available
Posted on: 10.06.22

We have recuperated from sleep deprivation for the last 8 months, ROOTCON 16 Archives is now partially available and is already good for human consumption.

We are working on getting the remaining slides and videos into the archives in no time.

Check out the RC16 Archives for your reading and watching pleasures.

CTF Pre-Quals Registration is now live!
Posted on: 09.20.22

The moment you've all been waiting for! Capture The Flag Pre-Quals registration is now live!

But first you need to register, after your registration you will be receiving an email for the initial target!

Same rules applies
1. NO DIRECT DDoS or any form of ATTACKS on the game servers, anyone caught attacking the server will be disqualified. (let others enjoy the game)
2. Minimum team members is 2, maximum is 3.
3. Only teams made it to the cut on the CTF Pre-Quals can play during the CTF Finals.
4. Sharing of flags is strictly prohibited, anyone caught will be disqualified.
5. Only top 10 teams will qualify for the CTF Finals.

Register now!

Parties Are Up!
Posted on: 09.12.22

Zer0-Hour has been hosting the infamous Hacker Jeopardy, and finally it is back to good ol' LIVE, in-your-face mental and alcoholic brawls with the contestants! Same classic game mechanics, same pogi host, but new HJ Babes ;-) We also have a special bartender and poison maker this year, Mr. Tipsy Hacker!

To recoup our lost yearly hacking community get-together we added another party to the list! This year we added the After-Dark Party. Beer and chips are on us with tracks from DJ Icetre Normal made exclusively for ROOTCON 16.

Come with your best Cyberpunk Attire!

Visit the Party Page for details!

RC16 Schedule Now Live!
Posted on: 09.08.22

ROOTCON has been expanding year by year, Call For Papers submission has been overwhelmingly awesome!, so this year ROOTCON will be from Tuesday until Friday! Here's a quick rundown on the ROOTCON Week so you can plan your itinerary.

September 27 (Pre-con Tracks) - all tracks on this day will be purely virtual via Zoom Webinar, registration to the webinar will be announced soon.

September 28 (Trainings) - If you signed-up for trainings then you are a Human+, you will be at Taal Vista a day early than the Human con-goers. (Note: This is for HUMAN+ Only)

September 29 (Day 1 Con Proper) - This is it we are BACK! Live tracks, live speakers, live con-goers

September 30 (Day 2 Con Proper) - You will most likely still have hang-overs from Day 1.

Check out the RC16 Schedule Page

Official Contests Page Now Live!
Posted on: 09.01.22

What's up brain-picking, challenge driven humans, do you have what it takes to earn the conveted challenge pins and Ub3r badges? Or are you returning to try again this year? The ROOTCON Challenges are back! LIVE and BOLD.

Capture The Flag
All our ovens are fired up for this year's LIVE ROOTCON CTF! This year we are bringing you the most grueling ROOTCON CTF to date, LIVE! Even as we usher in the age of the new normal, the pandemic will not stop us from highlighting the best and the brightest talents that our local hacking community has to offer. On this year's 16th iteration of the ROOTCON CTF, Pwn De Manila stands by its commitment of making intellectually-rewarding and painfully-meaningful CTF challenges that aim to meet ROOTCON's reputation and tradition of bringing organized chaos to con-goers every year.

Everything you need to know about the Capture The Flag

Hacker Jeopardy
Finally! RootCon's signature post-Con party game is back to good ol' LIVE, in-your-face mental and alcoholic brawls with the contestants! Same classic game mechanics, same pogi host, but new HJ Babes ;-) We also have a special bartender and poison maker this year, Mr. Tipsy Hacker!

Are you sober enough? more details here

Final Round of Talks
Posted on: 08.16.22

CFP Review Board's brain-picking task is finally done! The CFP submissions were overwhelmingly great! Here's what's added on our line-up.

Alternative ways to detect mimikatz

AWSGoat : A Damn Vulnerable AWS Infrastructure

Building defensive playbooks from others misfortune


Gazing into the Crystal Ball - The Fog of Cyberwarfare Escalations

Pwnppeteer - Phishing Post {Exploi/Automa}tion at Scale

The Simple, Yet Lethal, Anatomy of a Software Supply Chain Attack

Wild IoT Tales: from power grids to oil pipelines

Check-out the full tracks line-up.

Music Playlist for RC16
Posted on: 08.16.22

ROOTCON 16 is just around the corner, we are now feeling the vibes! What about some good music as we wait for ROOTCON 16!

We curated good musics from the hacker community. Get your music in the playlist collaborate at ROOTCON 16 Music Playlist

ROOTCON 16 Village Tracks
Posted on: 08.03.22

Contents are slowly building up, it's time to make your personal itinerary for RC16 and we have great contents!

Village tracks now available!

101 Village
Every year new blood comes out of their comfort shells, it's where Hacking 101 started, just as a small training at ROOTCON, but we've seen a significant improvement in our attendees so why not make this a village and let it grow not only to cater Hacking 101, but everything 101's, this is your beginners guide to the world of hackers and hacking.

Click here for 101 Village Tracks

Car Hacking Village
The Car Hacking Village PH is a branch in Asia of the official Car Hacking Village ( Its primary goal is to build a community around discovering weaknesses and exposing vulnerabilities that could significantly impact the safety and security of all drivers and passengers on the road today. Educating security researchers on the functionality of vehicle systems coupled with providing them with the opportunity to gain hands-on experience working side by side with experts in this field is a plus for the attendees. Leveraging the vast amount of experience the security research community brings to the Village may increase the safety and security of vehicles on the road today and for generations to come.

Click here for Car Hacking Village Tracks

ROOTCON 16 First Batch of Talks Now Online!
Posted on: 07.30.22

Humans! the long wait is over first batch of talks for ROOTCON 16 is now available for your reading pleasure.

A new secret stash for fileless malware

China’s Cyber Capabilities: Espionage, Warfare, and Implications

Hardware Hacking for Bug Bounty Hunters

How Did I Get Here? I still don’t know what I’m doing: Getting into The Lifelong Adventure of Learning Cybersecurity & Incident Response

Human-Controlled Fuzzing With AFL

Microsoft Defender Will Be Defended: MemoryRanger Prevents Blinding Windows AV

Security Like the 80's : How I stole your RF

Signs, Signs, Everywhere There are Signs of a Ransomware Intrusion

Streamline security with shift left: A cloud approach

Uncovering 0-days in Healthcare Management Applications

Understanding and Re-creating Process Injection Techniques through Nimjector

Village tracks and more main tracks are underway! Stay tuned.

ROOTCON 16 Keynote: China’s Cyber Capabilities: Espionage, Warfare, and Implications
Posted on: 07.29.22

The ROOTCON CFP Review Board has picked our Keynote for this year!

Talk Title: China’s Cyber Capabilities: Espionage, Warfare, and Implications by: Aaron Ng

Over the past decade, there has been an alarming rise in the frequency and sophistication of China’s state-sponsored and state-affiliated cyberespionage activity, as well as its scope of targeting. China-Nexus Adversaries have deliberately and aggressively pursued targets across a spectrum of industries, including technology, defense, energy, healthcare, education, and other key sectors in pursuit of trade secrets and of sensitive information.

Of note, in early 2021, the China-Nexus Adversaries rapidly and effectively exploited a series of vulnerabilities in Microsoft Exchange — now collectively known as ProxyLogon and ProxyShell — to compromise email servers and consequently the sensitive information of tens of thousands of organizations around the world. Over the duration of the pandemic, Chinese cyberespionage campaigns continue to target hospitals and research institutions for data that could confer competitive advantages in science and technology, and at the same time, demonstrating emphasis on COVID-19 related research.

Coupling these recent prolific intrusions with the longstanding campaign of targeting a wide swarth of industries, including insurance, travel & hospitality, government, for the purpose of acquiring sensitive personnel data, the threat that China-Nexus Adversaries pose to organizations today cannot be understated.

This session will provide insight into China’s intent and capabilities for cyberespionage and importantly what organizations can do to address this challenge effectively.

About the speaker
Aaron Aubrey Ng serves as Strategic Threat Advisor at Crowdstrike. He is responsible for CrowdStrike’s Threat Intelligence business across Asia-Pacific and the Middle East & North Africa regions. Aaron focuses on helping customers operationalise and integrate threat intelligence within their organisation's cybersecurity strategy. Additionally, he represents the Crowdstrike Intelligence ecosystem and frequently speaks at Security Conferences, sharing insights into the latest threat trends and developments.

Aaron got his start in Security and Threat Intelligence in the Singapore Armed Forces as a Military Intelligence Officer. He concluded 12 years of Active Duty in 2019 and has served in multiple Command Appointments in classified Intelligence Units, and garnered staff experience in the areas of Strategic Planning and Policy Development. In his penultimate tour of duty, Aaron was instrumental in establishing the Defence Cyber Organisation (DCO), which is akin to Singapore’s Cyber Command.

ROOTCON 16 Latest Updates
Posted on: 06.04.22

We are very excited that ROOTCON 16 is starting to shape up now.

Updates on where are we with the planning.

Call For Papers
The clock is ticking for the Call For Papers, we have a month left before closing and slots are getting filled up already we are at 80% submission if you wish to share those awesome research submit now or get left behind.

Call For Sponsors
Elite sponsorship slots have been filled up like hot pancakes, but worry not Platinum, Gold, and Supporter package is still open. Sign up now and be part of the hacking community come-back after the two-year break due to the Covid-19 pandemic.

This year we bundled up our Human+ registration with two trainings to choose from, Web Pentesting & Network Pentesting, these two trainings will be conducted on Day Zer0 (Sept 28, Wed) by Pentester Academy which is now part of INE one the of leading Expert IT Training for Networking, Cyber Security and Cloud.

Car Hacking, 101 Village and Lockpick village will be back this year with more activities and other surprises.

And lastly Earlybird registration is now open! You may choose two Human+ registration with options for training bundle Web Pentesting and Network Pentesting! Human+ with training bundle has very limited slots, hurry and reserve those seats and register.

You may now register here.

ROOTCON 16 In A Nutshell
Posted on: 04.14.22

We are excited to announce that ROOTCON 16 will be hybrid this year.

For the past two years, the situation of the Covid-19 pandemic didn't stop us from being a community, it only thwart us from being together physically. With the high vaccination rate and low critical case count, we will try again this year. ROOTCON 16 will be both available in physical and virtual, and for us to maintain the safety of our con-goers we will be limiting the physical presence to 200 pax only, but no limit for the virtual attendees

The Venue
Taal Vista Hotel has been our comfort zone holding the conference, and since we just rebooted there is a high risk involved in exploring another venue, so for us to deliver the conference you've always enjoyed and loved we will be back at Taal Vista Hotel for ROOTCON16.

Human+ and Human
You know the drill hybrid conference means two badges. Human+ are the physical con-goers their badges come with a top-notch training we will be flying our top picks from around the globe to do the training physically, this will be held on Day Zer0 and Day 1. We will be missing our Human attendees as this will only be virtual with limited access to our tracks.

Our Sponsors
Same as our con-goers, our sponsors can now showcase their cutting-edge products at the conference, plus network and give away those fist-bumps with the hacking community.

This it fam what we all been waiting for. Time to get hyped-up

More news...