This year, we’ve combined both our community and the enterprise event at a brand new venue, in the name of HITCON PEACE, which is the acronym of “Protect Enterprise And Citizens Ever-after.” We hope that the energy and the spirit of the hacker community could keep protecting society and enterprises. To simultaneously satisfy the needs of the hacker community and enterprises, HITCON PEACE would not only introduce cutting-edge technologies but also covers practical information security content demanded by corporations.

Survival Guide for the Cyber War
If we were to pick a word representing 2022, “PEACE” would certainly not be one of the candidates. Not only has the COVID-19 pandemic not died down, but the military clash between Russia and Ukraine has also shaken the whole world. This is the first time a conflict has risen between two countries with full Internet capabilities, and cyberwar has become one of the most important battlegrounds both sides aim to capture.

From the occurrence of nation-scale Internet episonage last year to the more destructive cyberattacks recently, this war has demonstrated what cyberwar is like when it happens around us. Not to mention ProxyLogon, Log4shell, Spring4Shell and other nuclear-level vulnerabilities that were revealed these days, as they’ve all become the ammunition of this war.

Moreover, attacks targeting Viasat KA-SAT caused many systems based on high-speed satellite communication networks to malfunction; deepfakes are also utilized for information manipulation in a more realistic way. They’ve demonstrated the widespread deployment of newest technologies among a broad cyberwar. As the Internet infrastructure and economic structure of the two countries are much more sound and well-connected to the globe by comparison, individuals around the globe all felt the impact. Observing the incidents, we could see the repercussions affecting Global Cyber Alliance, supply chains, social media platforms, enterprises, citizens, underground economies, and even hacker culture itself—no one could stay away from the effect. Taiwan, similarly a frontier of cyber warfare, should also pay attention to the situation and learn the necessary survival skills from hackers themselves.


  【 HITCON 2021 】

Work from home, hack into home
Due to the pandemic of COVID-19, the lifestyle of humans had been changed fundamentally. Work From Home has become the required option. Our daily life has been furthered to the virtual world. Accompanied by humans taking more time to stay at home, the IoT home devices and services have become more important. Those devices and services will also bring more vulnerability and risk to cybersecurity.
We are also starting to prepare various activities and make sure HITCON 2021 can get close to the human lifestyle and deepen the link with the world. We believe only the HITCON can exceed HITCON. The HITCON 2021 will not only be a cybersecurity conference but also be a conference which can bridge the people and the world.


  • Event: HITCON 2021 Hacks in Taiwan Conference

  • Adviser: Department of Cyber Security 
  • Organizer: Association of Hackers in Taiwan, CHROOT
  • Co-organiser: TWCERT/CC, 104 Corporation
  • Special Thanks: Great Skyview
  • Venue: Humanities and Social Science Building (HSSB), Academia Sinica (No. 128, Sec. 2, Academia Rd., Nangang Dist., Taipei City
  • Time: Friday, November 26, 2021 - Saturday, November 27, 2021


【 HITCON 2020 】Herd Immunity for Cybersecurity
At this moment when old orders are facing comprehensive challenges, we seek ways to survive on the darkest road; while physical links are collapsing due to the epidemic, we aim to build a brand-new elastic defense and mindset by uniting the wisdom from communities and corporations. This is HITCON 2020, "We are the one."

HITCON 2020 Hack in Taiwan Conference: 
・Venue: Humanities and Social Science Building (HSSB), Academia Sinica (No. 128, Sec. 2, Academia Rd., Nangang Dist., Taipei City
・Time: Friday, September 11, 2020 - Saturday, September 12, 2020

Registration stage: 
・The 1st stage ticket sale: 2020 / 07 / 13 20 : 00 ~ 2020 / 07 / 26 12 : 00 GMT+8
・The 2nd stage ticket sale: 2020 / 07 / 27 20 : 00 ~ 2020 / 08 / 17 12 : 00 GMT+8
・No ticket purchase can be made at the venue on that day.

Purchase link: 

Register Now!

HITCON 2020 will open free sessions for the first time! For details, please refer to the official website (Comming Soon) of the event.


The theme for this year’s HITCON Community is “Trust in the Untrusted World”. Trust has always been a central theme in information security. Throughout the years, there are countless incidents that shows the critical role that trust plays, from the certificates that were stolen to sign APT malwares, to the widespread fake news problem. New developments in our industry also warrant our revisit to the trust theme. With so many things that we have to trust in the highly untrusted world of Internet, we welcome you to explore these topics with us at this year’s HITCON Community


A brand new year with new space, new activities, and new resolution! The HITCON CMT 2018 is hosted by HITCON GIRLS, The main topic will be “Blockchain”. Not only the physical Coolwallet of Electronic Board but also have a new cryptocurrency “HITCON Token”. During the conference time, the attendees will have their own digital wallet and use it to participate in the activity. Ex. the sponsor's booth or the conference will randomly launch the “Free Token” event. Another fun activity we would like to share with you is the HITCON Hackdoor; by a new type of escape game, combining puzzle solving, tutorials, and competitions, we will help everyone to learn and challenge any IoT devices in our daily life, such as IP Cam, WIFI, printers, access control system or any security system and there security issues they might have. We hope it will be a fun and alive event for every one coming to feel the hacker spirit!


The spread of large-scale attacks in recent years has made the atmosphere of information security even more intense. The resources invested by the national government, the change of mindset of the enterprise, the careful planning of education, and the vigorous development of the community all represent the process of Taiwan's capital security towards progress.

HITCON CMT 2017 features HITCON XIII Mission Code: IVZNDAMOVDADMDNMDQV and expects to contribute at this important time!


This year at HITCON Community (CMT), we don't set out theme limits. It is our hope that we can do without unnecessary restrictions and burdens, so that we can follow our aspirations and let HITCON return to its most primitive and pure form. With "freedom" and "hacker spirit" as the core concepts and hacking techniques, thinking, creativity as foundations, this year at HITCON we will present you an information security annual conference which is even more informative and exciting than ever!


The theme of this year's conference is "Security of Things". HITCON launched special equipment Wargame, Hack2Own competition, and Incredible Hacking Awards, etc., and set up exclusive community activities to encourage all communities to stand on the stage to show the research results and promote their own spirit, hoping to maintain the HITCON tradition and grow together with the domestic and foreign information Security community, nurture more information security personnel.


In this new era of rapid technological development, we are confronted with ubiquitous information security threats and vulnerabilities.

Since its establishment ten years ago, HITCON has been working hard to improve the public's attention to information security. This year, the seminar will be extended to four days. We will explore possible information security issues in our lives, and we hope that through this conference, more people will learn how to adapt to and live with information security threats.


In today's world, wars are no longer just about airplanes and guns. We are facing an era of information warfare without the smell of gunpowder. This year, HITCON is ushering in a brand new future with the theme "Cyberwar: In hack we trust."

In this day and age, we can only rely on ourselves, we can only trust hackers, and in the end, we choose to trust technology to find ways to protect ourselves.


HITCON 2012, we cracked iCloud, AppStore, unlisted second-generation EasyCard and Citizen Digital Certificate, and invited foreign experts to share their experience.

In addition, the billboard character "hacker mother Rootan" is materialized and dances with hackers on the spot. We are committed to creating a quality seminar for all Taiwan information security professionals to gather together and share the most cutting-edge technology and the most innovative hacker culture!


In order to give participants a new experience this year, we have organized a hacker creative cross dressing competition, which is a chance for participants to show their imagination of hackers.In addition, during the conference, there will be "My ShowTime! Show yourself" exhibition space, which will be provided for participants to hold their own activities!

We expect HITCON to be an annual party, bringing hackers together.In addition to sharing experiences, you can also experience a true hacker culture, where the latest, most interesting and sensitive issues are discussed in the context of the interaction between hackers and the hacker community.


Due to legal restrictions and different national conditions, Taiwan's hackers cannot communicate as openly as foreign hackers.By hosting HITCON, we hope to bring information security experts, researchers and hackers together to discuss threats and trends of information security, thus bringing new opportunities to Taiwan's information security industry.


Due to legal restrictions and different national conditions, Taiwan's hackers cannot communicate as openly as foreign hackers. By hosting HITCON, we hope to bring information security experts, researchers and hackers together to discuss threats and trends of information security, thus bringing new opportunities to Taiwan's information security industry.


Due to legal restrictions and different national conditions, Taiwan's hackers cannot communicate as openly as foreign hackers. By hosting HITCON, we hope to bring information security experts, researchers and hackers together to discuss threats and trends of information security, thus bringing new opportunities to Taiwan's information security industry.


Due to legal restrictions and different national conditions, Taiwan's hackers cannot communicate as openly as foreign hackers. By hosting HITCON, we hope to bring information security experts, researchers and hackers together to discuss threats and trends of information security, thus bringing new opportunities to Taiwan's information security industry.


In the first speech of the second hacker conference in Taiwan, we discussed the Security Ecosystem from an innovative perspective and analyzed the current situation and future development of the information security circle. We discussed the results of research on information security and the latest technology trends at this conference. We look forward to taking this opportunity to raise the awareness of information security in Taiwan.


In Taiwan, due to the Internet intrusion and the lack of public understanding of hackers, the term "hacker" has been misled for a long time, making people think that hackers are intruders. As a result, hackers with real technology and sense of justice have participated in underground organizations or foreign activities, and even dared not discuss and publish the technology on the Internet.

This time, through this conference, we hope that, without breaking the law, Taiwan's sophisticated hackers will come forward, publish papers on information security technologies, and exchange experience and chat with others face to face.

We also run wargames to provide a real online environment where participants can leverage their talents, learn from the event and prove their abilities.


HITCON FreeTalk 2022 - 烏俄網路戰 & CTF 經驗分享
本次 FreeTalk 藉由近來發生的資安事件,進行深入的研究分析,以促進大眾對近期國內外資安事件嚴重性的了解,並增加企業對資安正確的知識。

近期發生的烏俄戰爭,廣泛影響了全世界。而在網路的世界中,網路戰爭也相繼發生。與實體戰爭相配合,DDOS、假新聞、APT、破壞性惡意程式都被大量應用。本次議程中將為我們深入分析,在看不見的網路戰場中發生了什麼事。而在 CTF 常常會與真實世界的漏洞相呼應,也邀請到 CTF 戰隊成員將為我們分享如何利用 path traversal、deserialization、密碼學漏洞,構造一個完整的攻擊。

此次會議同時為了促進社群與技術交流,後半場為 HITCON 投稿生存指南,作為資安人才職涯及研究指導。

HITCON FreeTalk 2022 邀請到幾位資安專家發表以下研究:

1. Cyber Angle of Russian Ukrainian Conflict - Senior Threat Researcher, Trend Micro Research Fyodor Yarochkin
2. 我把在網頁框架發現的密碼學漏洞變成 CTF 題了 - TSJ CTF 戰隊 黃志仁 (splitline)

More info:


HITCON FreeTalk 2021- Analysis of recent supply chain and ransomware incidents
本次 FreeTalk 將藉由近來發生的資安事件,進行深入的研究分析,以促進大眾對近期國內外資安事件嚴重性的了解,並增加企業對資安正確的知識。

從去年下半年,便有許多台灣本土的廠商遭到勒索軟體威脅,攻擊手法、威脅方式也逐漸演進。而從全球的角度來看,Solargate 供應鏈攻擊事件是近期最嚴重的資安攻擊,引發了相當大的衝擊,值得我們深入研究並反思供應鏈安全。而在智慧型裝置上,也有供應鏈上的風險,我們也會邀請研究員分析手機上的供應鏈安全。而下段議程透過台積電經驗分享,從企業的角度了解面臨的資安問題,並如何解決這些資安威脅。最後,會以企業藍隊 Best Practice 來跟各位分享企業建置資安防禦的概念及方法。盼透過國內外攻擊案例及經驗分享,讓大家更了解企業資安議題。

HITCON FreeTalk 2021 邀請到幾位資安專家發表以下研究:

1. 近期台灣勒索病毒攻擊案例分析 台灣駭客協會理事 PK
2. SolarWinds 供應鏈攻擊事件分析 - Fox-IT 研究員 Zywu, 台灣駭客協會理事 CK
3. 台積電資安經驗分享 - TSMC 資訊安全處 許映威處長
4. From fakespy to Guerilla: Understanding Android malware crime gangs - Trend Micro Research Senior, Threat Researcher, Fyodor Yarochkin

More Info:


The recent outbreak of the Meltdown & Spectre flaw has affected a wide range of platforms of almost all CPU manufacturers. The processors produced since 2005 May be at risk. Although the severity of this flaw is relatively low for general computers, this flaw has a great impact on cloud operators.


The number of hacker attacks is increasing. Recently, the well-known system cleaner "CCleaner" was implanted with a backdoor program.

In the history of information security, component replacement attacks are nothing new. Through this sharing, information security experts will discuss with you the origins and technical analysis of this intrusion, and how enterprises and government departments should deal with the security of this "legitimate" software with a formal digital signature.


Attacks on Banks have intensified in recent years, from the ATM heist in Taiwan in 2016 to the SWIFT cyber heist by Lazarus, a financial crime group, which has made many friends concerned about Fintech security take the issue more seriously. The purpose of this event is to share financial security technologies and lead financial and government departments to explore how to respond to the latest threats in real time.


HITCON studied the recent severe financial information security incidents in various countries, from the various information security threats to the banking industry by new criminal groups in Europe and the three cases of SWIFT attack in the financial industry this year. From the actual cases, we discussed the information security crisis in various industries and analyzed how to deal with these situations.


In the first information session of 2015, we will discuss the internal secrets of the serious APT attacks on Sony and South Korea's nuclear power plants, as well as the complete analysis of well-known games that have been embedded in the back door program of Chinese Internet army. In addition, we invite police, information security industry experts and players to discuss computer crimes to information security incident handling. Would you like to know the general situation of the year's sorting out vulnerability statistics and corporate information security? Then you must not miss HITCON FreeTalk!


HITCON team studied major recent information security events, discussed GNU Bash vulnerability in depth, including analysis of vulnerability principles, affected host statistics, prevention and actual case presentation. Recently, apps provided by Banks or public departments have aroused a lot of discussion on mobile phone security. We will also discuss the security issues and vulnerabilities of Android system, as well as the security detection methods and key points of APP software.


This event invited Taiwan's leading information security experts to demonstrate the power of OpenSSL HeartBleed and provide the right way to fix the major brands. In addition to the OpenSSL vulnerability, RTF 0day which can bypass Office 2010 and the sandbox protection mode in 2013 also began to cause harm at the same time. At that time, APT attackers began to send a large number of malicious files containing RTF 0day. At that time, the information security environment was very dangerous, from the server to the endpoint was full of crisis, which highlighted the importance of HITCON FreeTalk.



Over the past years, we've witnessed more and more information security incidents that brought an entire enterprise to a halt. As such, the often overlooked aspect of information security triad -- Availability, is put back into focus again.

This year's HITCON Pacific "Transforming: Cybersecurity and Resilience", aims to help both government and enterprise in ensuring that no more costly downtimes are caused by information security problems.


HITCON Pacific 2017's theme is Cyber Force Awakens. We will call on governments, businesses, and citizens to take the initiative in digital assets and to build a cyber power and an information security industry ecosystem. In addition, domestic and foreign experts are invited to discuss the threats and defenses of "digital homeland" from the aspects of capital security technology, policies and regulations, so as to bring the latest international views on capital security and countermeasures to the audience.

We are honored to win the approval of DEFCON again this year to hold the HITCON CTF international level information security competition, and the world's top players will fight for the qualification of DEFCON CTF seeded team.


HITCON Pacific 2016 takes The Fifth Domain: Cyber | Homeland Security as The topic to discuss The Fifth area of attention: threats and defensive countermeasures on The Internet. We invite top experts from South Korea, Israel and Japan to generously share their information security development history and attack response strategies to upgrade information security issues to national security level.

More than 30 top experts participated in this conference, and we also held the HITCON CTF world-class information security competition which was certified by DEFCON. All the world's top players will fight for the qualification of DEFCON CTF seeded team.


HITCON Enterprise is the biggest event for the information security community in Taiwan in 2015 and has attracted international attention. HITCON for the first time cooperated with the government and various enterprises to share information security defense countermeasures. We hope to use this seminar to remind countries and enterprises to construct an information security environment in a serious manner and cultivate information security talents to cope with the unpredictable challenges ahead.


HITCON has been growing and thriving for a decade, shining brightly in the information security community, which made the chief organizer decide to do something different on the 10th anniversary! For the first time, we invite domestic information security vendors to share information security strategies and trends with system integrators and leading information security experts from around the world. We also held an exchange party. All the guests gathered here to learn from each other and improve their possibilities.

What is HITCON Community (CMT) ?

HITCON community is not only the most technical information security conference in Taiwan, but also a carnival full of fun as well with exciting sessions and security-related activities. We hope that everyone who is interested in security, no matter novice or professional, can have fun and learn a lot here.

Taiwan has always played an important role in building up any kind of community; security communities is also one. We look forward to keep the HITCON spirit and grow with every security communities. To become a helpful hand to the communities, we have a community-only track to encourage the communities to share their work and spread their ideas. Together, let us make HITCON not only HITCON, but also a festival of security to the public.

A carnival with various information security activities

Hitcon PEACE 2022

Hitcon 2021

Hitcon 2020







Hitcon 2013

Hitcon 2012

Hitcon 2011

Hitcon 2010

Hitcon 2009

Hitcon 2008

Hitcon 2007

Hitcon 2006

Hitcon 2005

What is FreeTalk?

HITCON FreeTalk is a free forum on information security technology for public benefit. We conducted in-depth technical discussions on the most popular cyber security incident in each period, and through the reduction of the technical details of the cyber security incident, we dug out the first-hand information to let participants understand the significance of the news and the response measures. In the past, many media did not discuss information security technology in depth, and the reports were not neutral enough. Therefore, HITCON has held such free technical lectures from 2014, and hopes to take this opportunity to let people know more about information security technology and hacker attacks.

HITCON FreeTalk 2022 - Cyber Angle of Russian Ukrainian Conflict & CTF research sharing

HITCON FreeTalk 2021- Analysis of recent supply chain and ransomware incidents

HITCON FreeTalk 2018 - discuss the history of CPU processors

HITCON FreeTalk 2017 - how do companies cope with supply-chain APT attack from the CCleaner backdoor attack

HITCON FreeTalk 2017 - new threat to international financial information security: hackers rob Banks

HITCON FreeTalk 2016 - financial security seminar: ATM and SWIFT attack techniques

2015-01 The great loophole. Are you the victim?

2014-10 ShellShock Bash event, mobile Xsser mRAT

2014-04 OpenSSL HeartBleed event, cve-2014-1761 RTF

What is HITCON Pacific?

HITCON has been striving for hosting quality information security and hacker technique forums in Taiwan for 15 years.

Aside from the community cored information security promotion strategy HITCON set up the HITCON Enterprise platform in 2014, the year HITCON turned 10 years old. The goal is to build up an annual information security program with the most technique concentration to attract information security workers, executives, private and public sectors to promote information security hand-in-hand.

Amid fast growth of HITCON Enterprise in recent years, it is now renamed HITCON Pacific to get not only more involvement by domestic public and private entities but also attract more information security enterprises and audiences from abroad to globalize HITCON.

The most typical Asian security conference in Taiwan - HITCON Pacific

HITCON Pacific 2021

Pacific 2018

Pacific 2017

Pacific 2016

Enterprise 2015

Enterprise 2014