BSidesRDU 2018 – Only the Names Have Changed

I know it's a little late, but I finally finished up my BSidesRDU 2018 post!

BSidesRDU 2018 - Introduction

For those of you who don't get a title, it is a Bon Jovi reference, this is the same conference that was BSides Raleigh. The organizers changed the name for inclusion, plus because the venue was in Durham this year.

This was another great conference, complain as I might about having to go all the way to Durham. That said, this was the first one that I attended and didn't speak at.

It was another good year, and I recommend checking it out if you are in or near the Triangle.

The new Twitter account is here, if you'd like to follow them for pictures and updates! Also, here is the new website for the conference.

Talks

Unfortunately, I was only able to catch part of the, "Movement After Initial Compromise - SleepZ3R0 and HA12TL3Y" talk, and that was it this year.

That said, Adrian already has the videos up on YouTube, so you can catch up along with me!

Booth Babe

This was the second con in a row that I helped with booth duties, which was great.

SwAG was a Gold level sponsor, and managed to have the booth right by the entrance.

BSidesRDU 2018 - Sponsor Booth

I didn't spend a ton of time at the booth, but it was very similar to Derby. We had a few more people solve our Crypto challenge, which was great.

Other than that, it was another opportunity for potential sales or recruiting, which helps.

CTF

The CTF is where I spent almost all of my time this year, and it went great. We (EverSec) had the privilege of hosting again this year, and it was fun.

While I don't have too many pictures of the room, here is one of Steve holding down the fort.

BSidesRDU 2018 - CTF room

There were no server fires at this con, which was great.

I made a nice mess of things when they gave me all the venue's gaffer tape during our setup. That said, I'm hoping that I can convince the con or Gabe to get me a GaffGun for next year!

I wasn't actually competing again this year, but I was around for write-ups and general help/support. I already finished my write-up using zsteg, but I've got about 4 more on the way.

In the end, it was a great competition, and Welcome Thrillhouse Group took first place!

BSidesRDU 2018 - CTF Scoreboard

You can find some of their write-ups here, so be sure to take a look.

If you have any suggestions for the CTF, or want to submit some challenges, then definitely reach out to me!

Hacker Jeopardy

I took part in Hacker Jeopardy again this year. That said, I might get banned again/on hiatus next year after my performance.

I absolutely killed it again this year at Hacker Jeopardy, but big thanks to Patrick for running it. The final score was 180-0-0, and I ended up winning $60 in Amazon gift cards and a 3rd @BSidesRDU flask book for my collection!

BSidesRDU 2018 - Loot

Other than that, I was also able to buy a Crazyradio in the silent auction with my winnings. I've actually had one of these in my Amazon wish list for a little while, so be on the lookout for a post/talk about my new toy.

BSidesRDU 2018 - Crazyradio

The flask was awesome again, although this one doesn't actually have my name on it this year.

BSidesRDU 2018 - Etched flask

Hacker Jeopardy was tons of fun, and a solid reminder that I'm pretty decent at trivia and the like.

BSidesRDU 2018 - Conclusion

Another awesome local con, and I cannot wait until next year. That said, I'll probably keep complaining about having to drive to Durham.

I'm hoping to speak again next year, but I'll have to actually figure out what to speak about. Other than that, hopefully I can actually finish some CTF challenges in time as well.

At this rate, I'm going to need a new bookshelf just for my BSidesRDU collection though.

BSidesRDU 2018 - Secret bookshelf

doyler on Githubdoyler on Twitter
doyler
Ray Doyle is an avid pentester/security enthusiast/beer connoisseur who has worked in IT for almost 16 years now. From building machines and the software on them, to breaking into them and tearing it all down; he's done it all. To show for it, he has obtained an OSCP, eCPPT, eWPT, eWPTX, eMAPT, Security+, ICAgile CP, ITIL v3 Foundation, and even a sabermetrics certification!

He currently serves as a Senior Penetration Testing Consultant for Secureworks. His previous position was a Senior Penetration Tester for a major financial institution.

When he's not figuring out what cert to get next (currently GXPN) or side project to work on, he enjoys playing video games, traveling, and watching sports.

Leave a Comment

Filed under Security Not Included

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.