BrrCon 2018 – Honestly, not Really that Cold

I went to Minnesota for BrrCon a few weekends ago, and I loved it.

BrrCon 2018 - Introduction

This was my first time in Minnesota, and it was fun. Everyone was super friendly, and the food was excellent.

It was also great to know someone in the area. He was able to show me around, take us to some places, and just generally hang out.

And, of course, I repped SwAG again during my presentation day.

BrrCon 2018 - SwAG

BrrCon 2018 - Presentation Promo Shot

Venue, Area, Food and Drinks

While sponsored by a few local companies, BrrCon was free of sponsor booths and pitches.

The venue was in the Minneapolis Convention Center, and had a number of rooms setup.

There were two rooms for presentations (aptly named Frostbyte and Snowmageddon), a large hang out area with a few villages, and a room for the free workshops.

After the conference, Hacker's Girlfriend and I spent a few days near downtown Minneapolis. We hung out, drank, ate, drank, ate, and hung out some more. This was fun, and I really enjoyed the city.

We got to spend some time with Sean, his girlfriend, Brady (who I met at BSides Denver), and Carl!

Then, we drove on up to Duluth, which was a fun and gorgeous drive.

BrrCon 2018 - Duluth bridge

BrrCon 2018 - Scenic Overlook

Duluth was a fun little city, and we spent plenty of time exploring it.

There was a really cool aerial lift bridge next to the inn that we stayed at.

BrrCon 2018 - Duluth Aerial Lift Bridge

Pictured: me watching the bridge go up.

BrrCon 2018 - Watching bridge

I also got to try one of the best tripels that I've had in the states from a brewery there. I of course had to immediately make room in our suitcases for 2 growlers.

BrrCon 2018 - Dawntreader

BrrCon 2018 - Growlers

We had a great time in the area, and I'm glad that I made a trip out of this con.

Talks

I went to 5 talks at BrrCon, and they were pretty enjoyable.

  • Murky Waters: Analyzing Phish Kits - this was a really neat talk about obtaining, analyzing, and comparing phishing kits. This isn't really a topic that I have much familiarity with, so I definitely learned a bit.
  • DNS – The Security Platform No One Cares About - a talk about DNS vulnerabilities, attacks, and remediations. This talk actually gave me a few ideas for offensive DNS uses, as well as a possible presentation topic.
  • Legit Comms: Evolving Both Red and Blue - an awesome talk from (twitter) Dave Kennedy about evolving the way red teams attack, and blue teams defend. Plus, some demos of the new TrevorC2 and Unicorn.
  • Incident Response, More Than a Plan - this was an interesting talk about IR, but mostly in relation to teaching it at various levels.
  • WiFiPi: Rasberries and Radios and Antennas, oh my! - my talk again! Went great, though I still really need to slow down.

Unfortunately, this was another conference without recording. That said, you might be able to find a few of these talks online eventually.

Legit Comms: Evolving Both Red and Blue - Given at HACK NYC, but not sure if there will be any recordings.
WiFiPi - blame Curbob STILL.

BrrCon 2018 - Speaking

One more con, and one more presentation! That brings it up to 6 total, and 3rd for this topic.

I'm still really enjoying speaking, and I think that my delivery and style is quite good. Still cutting down on the filler words, but my words per minute are still far too high.

I had a few more questions this go round, but I like the idea of including the answers in future presentations.

The talk was the last before the "closing ceremony", so I had plenty of time for discussions and questions.

BrrCon 2018 - Presenting

This is the last time that I'll give this talk (for now), so I will post the slides soon.

Finally, if you have any feedback (positive, negative, or neutral) about the content or presentation, then please let me know!

Villages/Events

While there were only a few villages at BrrCon, there were still some pretty neat ones.

There was a small lock picking village, but I didn't do anything there this time.

There was also 12 Battletech pods, which was amazing! This was an older game similar to Mechwarrior, only with you controlling the mech from the pods.

BrrCon 2018 - Battletech pods

I played one game (with girlfriend), and ended up in 3rd place!

BrrCon 2018 - Scoreboard

Other than that, there was a setup for a forensics based challenge/CTF. That said, I think it required pre-registration, and I was never able to see any of the competition.

BrrCon 2018 – Conclusion

I had an awesome week, and I'm glad that I decided to go up to Minnesota.

I was able to do a little (ok more than a little) eating, a little drinking, some networking, and some exploring.

While I did get delayed on the way there (of course), it wasn't any worse than normal.

I'm looking forward to traveling around for more cons, and always looking for new talk ideas!

doyler on Githubdoyler on Twitter
doyler
Ray Doyle is an avid pentester/security enthusiast/beer connoisseur who has worked in IT for almost 16 years now. From building machines and the software on them, to breaking into them and tearing it all down; he's done it all. To show for it, he has obtained an OSCP, eCPPT, eWPT, eWPTX, eMAPT, Security+, ICAgile CP, ITIL v3 Foundation, and even a sabermetrics certification!

He currently serves as a Senior Penetration Testing Consultant for Secureworks. His previous position was a Senior Penetration Tester for a major financial institution.

When he's not figuring out what cert to get next (currently GXPN) or side project to work on, he enjoys playing video games, traveling, and watching sports.

Leave a Comment

Filed under Security Not Included

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.