HOW DOES THIS WORK? Give Us your Best (Or Worst) Zero-day VulnS.

The Junkyard is a platform to showcase novel security research and support hobby and career development for security researchers.

We want you to bring your most impactful, creative, or most meme-worthy bugs in end-of-life (EOL) products, and demonstrate them live on stage. 

PRIZES

Prizes will depend on final sponsorship support, but are expected to range from $100 to $5,000 USD. These may change in cases of exceptional brilliance or lack thereof. All prizes and acceptance of results to the event are at DistrictCon’s sole discretion.

Prizes will be awarded in the following categories to the top 2 scorers (winner and runner up), so plan accordingly:

❗ Most Impactful System ❗

🤡 Best Meme Target 🤡

😈 Most Innovative Exploitation Technique 😈

How does the contest work?

1️⃣ Submit Your Target to DistrictCon

- Fill out the form on this page, tell us what target you're exploiting, and how much help you'll need with disclosure. Get proof that the target is EOL.

2️⃣ Disclose the Bug to the Vendor 

- We can help if needed!
 
3️⃣ Create a Cover Name, 5-10 Min Talk + Demo

- Attendees won’t know what your target will be until you reveal it on stage! The cover name is for the agenda.

4️⃣ Give us your Target Ahead of Time to Prep for Demo

- We'll restore the target to a default configuration (in consultation with you) and prepare to have it on-stage for you to demonstrate against. If this doesn’t work for you, the item is big, etc - we’ll work with you for a video option, or try and source the device locally. 

5️⃣ Compete and Win! 💰

When you come up on stage, you’ll share:

- Who you are, as much as you want

- The target, and why it matters

- Demonstrate the bug, explain how it works and the impact.

- Nothing will be live-streamed or recorded without your permission.