{"product_id":"vs-s-rad-satellite-radio-analysis-disruption-milenko-starcik-andrzej-olchawa-ricardo-fradique-dctlv2026","title":"VS: S-RAD (Satellite-Radio Analysis \u0026 Disruption) - Andrzej Olchawa, Ricardo Fradique \u0026 André Cirne- DCTLV2026","description":"\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eName of Training\u003c\/strong\u003e\u003cspan\u003e\u003cstrong\u003e:\u003c\/strong\u003e VS: S-RAD (Satellite-Radio Analysis \u0026amp; Disruption)\u003cbr\u003e\u003c\/span\u003e\u003cstrong\u003eTrainer(s)\u003c\/strong\u003e\u003cspan\u003e\u003cstrong\u003e:\u003c\/strong\u003e Andrzej Olchawa, Ricardo Fradique \u0026amp; André Cirne\u003cbr\u003e\u003c\/span\u003e\u003cstrong\u003eDates\u003c\/strong\u003e\u003cspan\u003e\u003cstrong\u003e:\u003c\/strong\u003e \u003cmeta charset=\"utf-8\"\u003eAugust 10-11, 2026\u003cbr\u003e\u003c\/span\u003e\u003cspan\u003e\u003cstrong\u003eTime:\u003c\/strong\u003e 8\u003c\/span\u003e\u003cspan\u003e:00 am to 5:00 pm \u003cbr\u003e\u003c\/span\u003e\u003cstrong\u003eVenue\u003c\/strong\u003e\u003cspan\u003e\u003cstrong\u003e:\u003c\/strong\u003e \u003cmeta charset=\"utf-8\"\u003eLas Vegas Convention Center\u003cbr\u003e\u003c\/span\u003e\u003cstrong\u003eCost\u003c\/strong\u003e\u003cspan\u003e\u003cstrong\u003e: \u003c\/strong\u003e$2,500 (USD)\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eShort Summary:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003eIf you always wondered how it would be to talk with the stars, this is the right place for you. This hands-on course will teach you how to understand some of the satellite communications that surround us every day, as well as how to use that knowledge to target space missions.\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eCourse Description: \u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eAs space systems become increasingly critical to communications, navigation, and national infrastructure, understanding their unique protocols, RF characteristics, and operational dependencies is vital for identifying risks before adversaries do.\u003c\/p\u003e\n\u003cp\u003eThis 2-day course will teach you how to analyse and exploit satellite and groundstation systems using software only in a safe lab environment. We will go over satellite architecture and common link protocols, as well as SDR fundamentals. The hands-on labs cover protocol analysis and exploitation, simulated attacks, and how they can be combined with more traditional vulnerabilities to compromise space missions.\u003c\/p\u003e\n\u003cp\u003eBy the end of the course participants will be able to demonstrate a full, nondestructive red team chain of compromise in a controlled environment and produce actionable remediation and detection recommendations.\u003c\/p\u003e\n\u003cp\u003e\u003cspan\u003e\u003cstrong\u003eCourse Outline: \u003c\/strong\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eDay 1 - Foundations, Recon, SDR \u0026amp; RF \u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eMorning\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntro, rules of engagement, legal \u0026amp; lab safety\u003c\/li\u003e\n\u003cli\u003eSatellite systems architecture\u003c\/li\u003e\n\u003cli\u003eThreat model \u0026amp; attack surface mapping\u003c\/li\u003e\n\u003cli\u003eProtocols and data links: lecture + guided packet lab\u003cbr\u003e\n\u003cul\u003e\n\u003cli\u003eDecode CCSDS captures\u003c\/li\u003e\n\u003cli\u003eIdentify TM\/TC fields and payloads\u003c\/li\u003e\n\u003cli\u003eUse Wireshark for analysis and Scapy to parse, craft, and modify frames.\u003c\/li\u003e\n\u003cli\u003eProduce a brief report describing a found issue (e.g., replayable TC, plaintext\u003cbr\u003epayload).\u003cbr\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eAfternoon\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSDR fundamentals (software-only): lecture + guided labs with prerecorded IQs\u003cbr\u003e\n\u003cul\u003e\n\u003cli\u003eLearn IQ basics, sampling, waterfalls, and constellation plots using prerecorded IQ files.\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli\u003eBuild and run GNU Radio flowgraphs\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli\u003eDemodulate a simulated BPSK\/CCSDS capture, extract packets, and visualize signal manipulations (frequency shift, filtering, SNR changes).\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli\u003eProduce short notes with screenshots and a short checklist of what parameter changes did.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003eRF attacks (simulated): replay\/spoofing\/manipulation labs\u003cbr\u003e\n\u003cul\u003e\n\u003cli\u003eDemonstrate practical replay and basic spoofing attacks using prerecorded IQ files and purely software tools.\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli\u003eSimple replay: repeat a segment containing a TC so it is received twice by the demodulator (demonstrates replay vulnerability).\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli\u003eTime-shift replay: extract a TC segment and insert it later to simulate delayed\/replayed command (shows timing effects).\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli\u003eSegment injection\/splice: insert a synthesized TC (crafted payload) into the IQ stream (spoof).\u003cbr\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003eDay 1 wrap \u0026amp; prep for Day 2\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDay 2 - Recon, Ground-Station Attacks, TM\/TC, Post-Compromise \u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eMorning\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eRecap \u0026amp; objectives\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli\u003eOSINT \u0026amp; reconnaissance: guided build of target profile\u003cbr\u003e\n\u003cul\u003e\n\u003cli\u003eBuild a comprehensive target profile for a smallsat operator including orbital data, infrastructure components, personnel, software stack, and likely attack surfaces.\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli\u003eProduce an asset\/attack-surface map and prioritized reconnaissance plan.\u003cbr\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003eGround-station network attack surfaces + small hands-on exploit lab\u003cbr\u003e\n\u003cul\u003e\n\u003cli\u003eSimulate exploiting a vulnerable ground-station web console, escalate to operator workstation\u003cbr\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eAfternoon\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eTM\/TC deep-dive: message structures, Scapy toolkits, and full hands-on lab\u003cbr\u003e\n\u003cul\u003e\n\u003cli\u003eReview CCSDS TM\/TC message structure, authenticated vs unauthenticated flows, and safe crafting\/injection of simulated telecommands into a controlled receiver\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli\u003eDemonstrate replay, modification, and detection techniques using Scapy-based toolkits.\u003cbr\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003eSimulated red-team exercise\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eDifficulty Level:\u003c\/strong\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003eIntermediate - \u003cspan\u003eThe student has education and some experience in the field and familiarity with the topic being presented. The student has foundational knowledge that the course will leverage to provide practical skills on the topic.\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eSuggested Prerequisites:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e• Basic Linux command-line proficiency (shell, file editing, package install).\u003cbr\u003e• Fundamental networking knowledge (TCP\/IP, DNS, HTTP, basic routing).\u003cbr\u003e• Familiarity with Python (reading\/writing simple scripts; using pip).\u003cbr\u003e• Experience with packet analysis tools (Wireshark\/tshark).\u003cbr\u003e• Introductory radio concepts (IQ samples, sampling, basic modulation) - helpful but not mandatory.\u003cbr\u003e• Ability to run a VM on a laptop (VirtualBox\/VMware; 8+ GB RAM recommended).\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eWhat Students Should Bring: \u003c\/strong\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003eTrainees only need to bring a laptop capable of running a VM (VirtualBox\/VMware; 8+ GB RAM recommended).\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eWhat the Trainer Will Provide:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003eSlides, lab workbooks, prebuilt VM with all required tools and exercise files\u003cstrong\u003e\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eTrainer(s) Bio:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eAndrzej Olchawa \u003c\/strong\u003eis an offensive security researcher with over 15 years of experience in the space industry. In recent years, Andrzej has specialized in vulnerability research, exploit development, and the exploitation of space systems and protocols. He has published numerous research papers on space systems security and has presented at prominent security conferences, including Black Hat USA, DEF CON, multiple BSides, and others. He holds several industry-standard certifications and has been credited with numerous CVEs.\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eRicardo Fradique\u003c\/strong\u003e is a cybersecurity engineer at Visionspace, where he focuses on vulnerability research and training content development targeting space systems and protocols. His research has produced several CVEs and contributed to technical briefings at leading security conferences including Black Hat and DEF CON, and he holds multiple industry certifications.\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eAndré Cirne \u003c\/strong\u003eis a Cybersecurity Engineer at VisionSpace, where he develops solutions for space, conducts vulnerability research, and develops cybersecurity training. Previously, he worked as a research assistant, co-authoring several academic publications in the field of embedded and hardware security. He holds a master's degree in information security and a Ph.D. in computer science. In his free time, he's also an amateur radio enthusiast.\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eProficiency Exam Option:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cmeta charset=\"utf-8\"\u003eThis course has the option for a proficiency certificate add-on. \u003c\/p\u003e\n\u003cp\u003eStudents have the option to obtain a proficiency certificate based on their performance in the final activity. This constitutes a CTF-based red team engagement including most of the content delivered during the training. While the activity itself will be available to all students, those opting for the certification must obtain over 80% of the flags in the environment and provide a written report detailing all findings and exploits, as well as recommended fixes for the issues found. The report is then graded by the trainers, with detailed feedback, and the final passing grade is dependent on both scores.\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003ePlease reach out to training@defcon.org for any questions related to the proficiency exam and certificate option.\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eRegistration Terms and Conditions: \u003c\/strong\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eTrainings are refundable before July 11, 2026, minus a non-refundable processing fee of $250.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eBetween July 11, 2026 and August 5, 2026 partial refunds will be granted, equal to 50% of the course fee minus a processing fee of $250.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eAll trainings are non-refundable after August 5, 2026.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eTraining tickets may be transferred to another student. Please email us at training@defcon.org for specifics.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eIf a training does not reach the minimum registration requirement, it may be cancelled. In the event the training you choose is cancelled, you will be provided the option of receiving a full refund or transferring to another training (subject to availability).\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eFailure to attend the training without prior written notification will be considered a no-show. No refund will be given.\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eDEF CON Training may share student contact information, including names and emails, with the course instructor(s) to facilitate sharing of pre-work and course instructions. Instructors are required to safeguard this information and provide appropriate protection so that it is kept private. Instructors may not use student information outside the delivery of this course without the permission of the student.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eBy purchasing this ticket you agree to abide by the \u003c\/span\u003e\u003ca href=\"https:\/\/defcon.org\/html\/links\/dc-code-of-conduct.html\"\u003e\u003cspan\u003eDEF CON Training Code of Conduct\u003c\/span\u003e\u003c\/a\u003e\u003cspan\u003e and the registration terms and conditions listed above.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eSeveral breaks will be included throughout the day. Please note that food is not included.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eAll courses come with a certificate of completion, contingent upon attendance at all course sessions. Some courses offer an option to upgrade to a certificate of proficiency, which requires an additional purchase and sufficient performance on an end-of-course evaluation.\u003c\/span\u003e\u003c\/p\u003e","brand":"Las Vegas 2026","offers":[{"title":"Course only - Aug 10-11","offer_id":47691708137690,"sku":null,"price":2500.0,"currency_code":"USD","in_stock":true},{"title":"Course + Proficiency Exam - Aug 10-11","offer_id":47691708170458,"sku":null,"price":2800.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0629\/2088\/4442\/files\/VS-S-Rad_logo.png?v=1773954884","url":"https:\/\/training.defcon.org\/products\/vs-s-rad-satellite-radio-analysis-disruption-milenko-starcik-andrzej-olchawa-ricardo-fradique-dctlv2026","provider":"defcontrainings","version":"1.0","type":"link"}