3-2-1 ShmooCon Friday Recommendations

As we’ve discussed in the past (see the 3rd Rule) we always recommend when going to cons to not spend the whole time attending talk after talk after talk and instituted what we call the “Three Presentation Rule.” This means that for each day of the con, you pick and attend only the top three presentations you want to see. What should you do the rest of the time? Well … spend the day enjoying the true benefits of security cons, e.g., meeting and networking with your infosec peers.

As a slight adjustment we’ve decided to augment the Three Presentation Rule to also include Activities and Challenges components. If you’re a longtime TWiT listener, you’ve probably heard this before associated with some backup strategy. Anyway, here you go with our 3-2-1 ShmooCon Recommendations for Friday.

3 Presentations

“WIPE THE DRIVE!!! – Techniques for Malware Persistence” with Mark Baggett and Jake Williams at 4:30: If a machine gets infected with a piece of malware most security pros would recommend wiping the drive and starting from scratch. Unfortunately, companies sometimes take shortcuts and attempt less drastic means and attempt to remove the malware manually. You can usually do a pretty good job but there are still many places for malware to lurk. Mark and Jake will dive into these less than obvious places and release a script that checks them.

“Hide and Seek, Post-Exploitation Style” with TJ O’Connor and Tim Tomes at 5:30: Honey Badger, Pushpin, Metasploit post/exploitation scripts, … Need we say more? Many of us don’t know it but any of our newfangled gadgets could unknowingly be broadcasting our locations as we travel about in our day-to-day activities. This talk looks at how to find and harness this data to “assist in getting the ‘pattern of life’ of a hooked victim.”

“Hackers get Schooled: Learning Lessons from Academia” with Bruce Potter (moderator), Matt Blaze, Chris Eagle, Invisigoth, Dave Marcus and Michael Schearer at 6:30: This panel is sure to get the crowd going. They plan on discussing the differences between infosec research in academia (more formal and less risk) and the hacker community (fast-paced and cutting-edge but more risky). We think most con goers will enjoy getting better insight into the academic research approach and come away with how to a take its best parts to create an optimal hybrid approach.

2 Activities

VetSec Meetup: This con tradition continues with with a gathering of military veterans in the bar of the @shmoocon hotel. Nothing formal … just show up. And if you aren’t a veteran, show up anyway and buy a vet a drink … and not the cheap stuff. Follow @vetsec for all the details.

FireTalks – Ladies Night Edition: Obviously I’m a bit biased here but come checkout the awesome ladies of infosec with an evening dedicated to their contributions to the security field. Ok … there are a few guys thrown in there but not bad for an infosec event. I hope we don’t get a red card for this though…

1 Challenge

Shmooganography: Friday is a great time to get started on this yearly challenge that involves unveiling secret code words associated with the con. Checkout the ShmooCon page for additional details or just head on over to the challenge site to get started now.


Are there any other things going on Friday night? Let us know in the comments below. Today’s post pic is from Can You Hear Me Now. See ya!

10 comments for “3-2-1 ShmooCon Friday Recommendations

  1. February 11, 2013 at 4:06 pm

    #NoVABloggers 3-2-1 ShmooCon Friday Recommendations http://t.co/yVeUD9KK

  2. February 11, 2013 at 5:15 pm

    “@grecs: BLOGGED: 3-2-1 ShmooCon Friday Recommendations http://t.co/hHigaitQ”. < flattered! Thanks for the recommendation!

  3. February 11, 2013 at 5:50 pm

    #NOVABLOGGER: 3-2-1 ShmooCon Friday Recommendations http://t.co/01ptSuTr http://t.co/IntXkFbO

  4. February 11, 2013 at 6:41 pm

    3-2-1 ShmooCon Friday Recommendations http://t.co/TrsSctt5

  5. February 12, 2013 at 1:08 am

    “@grecs: #NOVABLOGGER: 3-2-1 ShmooCon Friday Recommendations http://t.co/k75kslOt http://t.co/PncU7I8x” <-Thanks for the recommendation!

  6. February 12, 2013 at 3:02 pm

    Check out our recommendations for ShmooCon Friday! http://t.co/0mfFN7Nf

  7. February 14, 2013 at 3:02 pm

    Check out our recommendations for ShmooCon on Friday! http://t.co/exO5r1Lu

  8. February 15, 2013 at 3:49 pm

    Our #ShmooCon recommendations for Friday… http://t.co/01ptSuTr

  9. February 15, 2013 at 4:34 pm

    Checking out my pick “WIPE THE DRIVE!!! – Techniques for Malware Persistence” at #shmoocon. http://t.co/bWy1evfB

  10. February 15, 2013 at 5:31 pm

    Checking out Hide and Seek, Post-Exploitation Style … another talk I’ve been looking forward to. http://t.co/bWy1evfB #shmoocon

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.