I went to Minnesota for BrrCon a few weekends ago, and I loved it.
BrrCon 2018 – Introduction
This was my first time in Minnesota, and it was fun. Everyone was super friendly, and the food was excellent.
It was also great to know someone in the area. He was able to show me around, take us to some places, and just generally hang out.
And, of course, I repped SwAG again during my presentation day.
Venue, Area, Food and Drinks
While sponsored by a few local companies, BrrCon was free of sponsor booths and pitches.
The venue was in the Minneapolis Convention Center, and had a number of rooms setup.
There were two rooms for presentations (aptly named Frostbyte and Snowmageddon), a large hang out area with a few villages, and a room for the free workshops.
After the conference, the girlfriend and I spent a few days near downtown Minneapolis. We hung out, drank, ate, drank, ate, and hung out some more. This was fun, and I really enjoyed the city.
Then, we drove on up to Duluth, which was a fun and gorgeous drive.
Duluth was a fun little city, and we spent plenty of time exploring it.
There was a really cool aerial lift bridge next to the inn that we stayed at.
Pictured: me watching the bridge go up.
I also got to try one of the best tripels that I’ve had in the states from a brewery there. I of course had to immediately make room in our suitcases for 2 growlers.
We had a great time in the area, and I’m glad that I made a trip out of this con.
I went to 5 talks at BrrCon, and they were pretty enjoyable.
- Murky Waters: Analyzing Phish Kits – this was a really neat talk about obtaining, analyzing, and comparing phishing kits. This isn’t really a topic that I have much familiarity with, so I definitely learned a bit.
- DNS - The Security Platform No One Cares About – a talk about DNS vulnerabilities, attacks, and remediations. This talk actually gave me a few ideas for offensive DNS uses, as well as a possible presentation topic.
- Legit Comms: Evolving Both Red and Blue – an awesome talk from Dave Kennedy about evolving the way red teams attack, and blue teams defend. Plus, some demos of the new TrevorC2 and Unicorn.
- Incident Response, More Than a Plan – this was an interesting talk about IR, but mostly in relation to teaching it at various levels.
- WiFiPi: Rasberries and Radios and Antennas, oh my! – my talk again! Went great, though I still really need to slow down.
Unfortunately, this was another conference without recording. That said, you might be able to find a few of these talks online eventually.
BrrCon 2018 – Speaking
One more con, and one more presentation! That brings it up to 6 total, and 3rd for this topic.
I’m still really enjoying speaking, and I think that my delivery and style is quite good. Still cutting down on the filler words, but my words per minute are still far too high.
I had a few more questions this go round, but I like the idea of including the answers in future presentations.
The talk was the last before the “closing ceremony”, so I had plenty of time for discussions and questions.
This is the last time that I’ll give this talk (for now), so I will post the slides soon.
Finally, if you have any feedback (positive, negative, or neutral) about the content or presentation, then please let me know!
While there were only a few villages at BrrCon, there were still some pretty neat ones.
There was a small lock picking village, but I didn’t do anything there this time.
There was also 12 Battletech pods, which was amazing! This was an older game similar to Mechwarrior, only with you controlling the mech from the pods.
I played one game (with girlfriend), and ended up in 3rd place!
Other than that, there was a setup for a forensics based challenge/CTF. That said, I think it required pre-registration, and I was never able to see any of the competition.
BrrCon 2018 - Conclusion
I had an awesome week, and I’m glad that I decided to go up to Minnesota.
I was able to do a little (ok more than a little) eating, a little drinking, some networking, and some exploring.
While I did get delayed on the way there (of course), it wasn’t any worse than normal.
I’m looking forward to traveling around for more cons, and always looking for new talk ideas!
Ray Doyle is an avid pentester/security enthusiast/beer connoisseur who has worked in IT for almost 16 years now. From building machines and the software on them, to breaking into them and tearing it all down; he’s done it all. To show for it, he has obtained an OSCE, OSCP, eCPPT, GXPN, eWPT, eWPTX, SLAE, eMAPT, Security+, ICAgile CP, ITIL v3 Foundation, and even a sabermetrics certification!
He currently serves as a Senior Staff Adversarial Engineer for Avalara, and his previous position was a Principal Penetration Testing Consultant for Secureworks.
This page contains links to products that I may receive compensation from at no additional cost to you. View my Affiliate Disclosure page here. As an Amazon Associate, I earn from qualifying purchases.