greptrick.com

I have been meaning to get a post up about my time at BlackHat 2012 and Defcon XX. So here goes, just over a month late.

I started the 10 day trip off with Offensive Security’s Penetration Testing with Backtrack. This was an absolutely excellent class. Johnny Long, rAWjAW, dijital1 and loneferret were the instructors and they did an excellent job. I learned a bunch from that course. I especially enjoyed actually writing exploits and discovering buffer overflows. I was able to complete a challenge during class scoring a BackTrack-Linux challenge coin. I had heard a little bit about Hackers for Charity but got some time do learn more about what they are doing from Johnny. It is a very cool organization I recommend everyone check it out and donate money or time. Hackers For Charity

 
BlackHat Briefings were good but I found some of the talks were a bit too much FUD and “cyber, cyber, cyber.” There were however, some good talks. Intrusion Detection along the kill chain was a good talk. I also really enjoyed some of the turbo talks including Owning The Bad Guys {And Mafia} With Javascript Botnets and Find Me in Your Database. If you can find the archives…Liquid Matrix Archive.

 
Defcon XX, this was my first venture to Defcon and it is a conference that I will make every effort to attend. While focusing on offense almost exclusively. But, I found the hardware hacking village excellent and all the non-talk  activities were amazing. I spent a majority of my time in the Sky Talks which are not recorded. I did sit in on Dave Kennedy’s talk: Owning One to Rule them All. Good talk and an amazingly simple method. Moxie Marlinspike’s talk on MS-CHAPv2 which garnered a lot of press was also very good.

 
One thing that I did accomplish while at Defcon was signing up for the National Marrow Donor Program. This was an absolute excellent program that was running at Defcon. I never heard the final number of folks who registered but I did hear the first day was over 100.