GrrCON 2018 Videos

GrrCON 2018 Videos
These are the videos of the presentations from GrrCON 2018. Big thanks to EggDropX and Jaime for having me out, and my video crew  (paint27, Erick, Jason, brettahansen, Angela, Luke & others) for recording.

Keynote
Dave Kennedy

An Inconvenient Truth: Evading the Ransomware Protection in Windows 10
Soya Aoyama

The Abyss is Waving Back – The four paths that human evolution is charging down, and how we choose which one’s right
Chris Roberts

Crypto Gone Rogue: A Tale of Ransomware, Key Management and the CryptoAPI
Pranshu Bajpai & Dr. Richard Enbody

You’re right, this talk isn’t really about you!
Jayson E Street

Analyzing Pwned Passwords with Apache Spark
Kelley Robinson

How to rob a bank over the phone
Joshua “Naga” Crumbaugh
(Posting Later Maybe)

Vibing Your Way Through an Enterprise: How Attackers are Becoming More Sneaky
Matthew Eidelberg

PwnBook: Penetrating with Google’s Chromebook
Corey Batiuk

Life, Death + the Nematodes: Long live Cyber Resilience!
Chad Calease

Data Data Everywhere but No One Stops to Think
Scott Thomas, Carl Hertz & Robert Wagner

Automation and Open Source: Turning the Tide on Attackers
John Grigg

w.e w.e Internet Explorer Does What It Wants
Aaron Heikkila

Pacu: Attack and Post-Exploitation in AWS
Spencer Gietzen

Hacker Tools, Compliments of Microsoft
David Fletcher & Sally Vandeven

How to Conduct a Product Security Test: And How it Fits Into the Larger Security Strategy
Dr. Jared DeMott

Over the Phone Authentication
Spencer Brown

Designing a Cloud Security Blueprint
Sarah Elie

To Fail is Divine
Danny Akacki

Zero to Owned in 1 Hour: Securing Privilege in Cloud, DevOps, On-Prem Workflows
Brandon Traffanstedt

Malware Mitigation Sample Detonation Intelligence Automation: Make Your Binaries Work for You
Adam Hogan

emulacra and emulation: an intro to emulating binary code with Vivisect
Atlas of D00m
SniffAir – An Open-Source Framework for Wireless Security Assessments
Matthew Eidelberg & Steven Daracott

Threat Hunting: the macOS edition
Megan Carney

The Hybrid Analyst: How Phishing Created A New Type of Intel Analyst
Rachel Giacobozzi

Dragnet: Your Social Engineering Sidekick
Truman Kain

Intelligence Creating Intelligence: Leveraging what you know to improve finding what you don,t
Tomasz Bania

Guaranteed Failure: Awareness The Greatest Cyber Insanity
Joshua “Naga” Crumbaugh

Threat Modeling: How to actually do it and make it useful
Derek Milroy

Structuring your incident response could be one of the most important things you do to bolster Security
Matt Reid

How this 20 Year Old Changed the Security Industry
James O’Neill

Stop Boiling The Ocean! How To Succeed With Small Gains
Joel Cardella

Do I have a signature to detect that malware?
Ken Donze

2018 SIEM Trends: What is my Mean Time to Value?
Bill Lampe

Advanced Attackers Hiding Inside Encrypted Traffic at the Endpoint
Jared Phipps

More Tales from the Crypt-Analyst
Jeff Man

My First year in Application Security
Whitney Phillips

Career Risk Management: 10 tips to keep you employed
Chris Burrows

Red vs Blue: The Untold Chapter
Aaron Herndon & Thomas Somerville

Saving All the Money to Buy All the Booze: Learning to Hack All the Things on a Budget
Michael Morgese

Analyzing Multi-Dimensional Malware Dataset
Ankur Tyagi

Physicals, Badges, and why it matters
Alex Fernandez-Gatti

InSpec: Compliance as Code
Kent picat, Gruber

Bounty Hunters
J Wolfgang Goerlich

Print Share Comment Cite Upload Translate

APA

() » GrrCON 2018 Videos. Retrieved from https://www.truth.cx/2018/09/08/grrcon-2018-videos-4/.

MLA

" » GrrCON 2018 Videos." - , https://www.truth.cx/2018/09/08/grrcon-2018-videos-4/

HARVARD

» GrrCON 2018 Videos., viewed ,

VANCOUVER

- » GrrCON 2018 Videos. [Internet]. [Accessed ]. Available from: https://www.truth.cx/2018/09/08/grrcon-2018-videos-4/

CHICAGO

" » GrrCON 2018 Videos." - Accessed . https://www.truth.cx/2018/09/08/grrcon-2018-videos-4/

IEEE

" » GrrCON 2018 Videos." [Online]. Available: https://www.truth.cx/2018/09/08/grrcon-2018-videos-4/. [Accessed: ]

Select a language: Afrikaans Albanian Arabic Armenian Basque Bengali Bulgarian Catalan Cambodian Chinese (Mandarin) Croatian Czech Danish Dutch English Estonian Fiji Finnish French Georgian German Greek Gujarati Hebrew Hindi Hungarian Icelandic Indonesian Irish Italian Japanese Javanese Korean Latin Latvian Lithuanian Macedonian Malay Malayalam Maltese Maori Marathi Mongolian Nepali Norwegian Persian Polish Portuguese Punjabi Quechua Romanian Russian Samoan Serbian Slovak Slovenian Spanish Swahili Swedish Tamil Tatar Telugu Thai Tibetan Tonga Turkish Ukrainian Urdu Uzbek Vietnamese Welsh Xhosa <a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/mainlist">GrrCON 2018 Videos</a><br/>These are the videos of the presentations from <a href="http://www.grrcon.com/">GrrCON 2018</a>. Big thanks to EggDropX and Jaime for having me out, and my video crew  (<a href="https://twitter.com/paint27">paint27</a>, Erick, Jason, <a href="https://twitter.com/brettahansen">brettahansen</a>, Angela, Luke & others) for recording. <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-augusta00-keynote-dave-kennedy">Keynote<br/>Dave Kennedy</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-augusta01-an-inconvenient-truth-evading-the-ransomware-protection-in-windows-10-soya-aoyama">An Inconvenient Truth: Evading the Ransomware Protection in Windows 10<br/>Soya Aoyama</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-augusta03-the-abyss-is-waving-backthe-four-paths-that-human-evolution-is-charging-down-and-how-we-choose-which-ones-right-chris-roberts">The Abyss is Waving Back - The four paths that human evolution is charging down, and how we choose which one's right<br/>Chris Roberts</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-augusta04-crypto-gone-rogue-a-tale-of-ransomware-key-management-and-the-cryptoapi-pranshu-bajpai-dr-richard-enbody">Crypto Gone Rogue: A Tale of Ransomware, Key Management and the CryptoAPI<br/>Pranshu Bajpai & Dr. Richard Enbody</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-augusta06-youre-right-this-talk-isnt-really-about-you-jayson-e-street">You're right, this talk isn't really about you!<br/>Jayson E Street</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-augusta07-analyzing-pwned-passwords-with-apache-spark-kelley-robinson">Analyzing Pwned Passwords with Apache Spark<br/>Kelley Robinson</a></p> <p>How to rob a bank over the phone<br/>Joshua "Naga" Crumbaugh<br/>(Posting Later Maybe)</p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-augusta09-vibing-your-way-through-an-enterprise-how-attackers-are-becoming-more-sneaky-matthew-eidelberg">Vibing Your Way Through an Enterprise: How Attackers are Becoming More Sneaky<br/>Matthew Eidelberg</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-augusta12-pwnbook-penetrating-with-googles-chromebook-corey-batiuk">PwnBook: Penetrating with Google's Chromebook<br/>Corey Batiuk</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-augusta13-life-death-the-nematodes-long-live-cyber-resilience-chad-calease">Life, Death + the Nematodes: Long live Cyber Resilience!<br/>Chad Calease</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-augusta14-data-data-everywhere-but-no-one-stops-to-think-scott-thomas-carl-hertz-robert">Data Data Everywhere but No One Stops to Think<br/>Scott Thomas, Carl Hertz & Robert Wagner</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-augusta15-automation-and-open-source-turning-the-tide-on-attackers-john-grigg">Automation and Open Source: Turning the Tide on Attackers<br/>John Grigg</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-augusta16-we-we-internet-explorer-does-what-it-wants-aaron-heikkila">w.e w.e Internet Explorer Does What It Wants<br/>Aaron Heikkila</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-augusta17-pacu-attack-and-post-exploitation-in-aws-spencer-gietzen">Pacu: Attack and Post-Exploitation in AWS<br/>Spencer Gietzen</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-augusta19-hacker-tools-compliments-of-microsoft-david-fletcher-sally-vandeven">Hacker Tools, Compliments of Microsoft<br/>David Fletcher & Sally Vandeven</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-ada00-how-to-conduct-a-product-security-test-and-how-it-fits-into-the-larger-security-strategy-dr-jared-demott">How to Conduct a Product Security Test: And How it Fits Into the Larger Security Strategy<br/>Dr. Jared DeMott</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-ada01-over-the-phone-authentication-spencer-brown">Over the Phone Authentication<br/>Spencer Brown</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-ada02-designing-a-cloud-security-blueprint-sarah-elie">Designing a Cloud Security Blueprint<br/>Sarah Elie</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-ada03-to-fail-is-divine-danny-akacki">To Fail is Divine<br/>Danny Akacki</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-ada05-zero-to-owned-in-1-hour-securing-privilege-in-cloud-devops-on-prem-workflows-brandon-traffanstedt">Zero to Owned in 1 Hour: Securing Privilege in Cloud, DevOps, On-Prem Workflows<br/>Brandon Traffanstedt</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-ada06-malware-mitigation-sample-detonation-intelligence-automation-make-your-binaries-work-for-you-adam-hogan">Malware Mitigation Sample Detonation Intelligence Automation: Make Your Binaries Work for You<br/>Adam Hogan</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-ada08-emulacra-and-emulation-an-intro-to-emulating-binary-code-with-vivisect-atlas-of-d00m">emulacra and emulation: an intro to emulating binary code with Vivisect<br/>Atlas of D00m</a><br/><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-ada10-sniffair-an-open-source-framework-for-wireless-security-assessments-matthew-eidelberg-steven-daracott">SniffAir - An Open-Source Framework for Wireless Security Assessments<br/>Matthew Eidelberg & Steven Daracott</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-ada11-threat-hunting-the-macos-edition-megan-carney">Threat Hunting: the macOS edition<br/>Megan Carney</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-ada12-the-hybrid-analyst-how-phishing-created-a-new-type-of-intel-analyst-rachel-giacobozzi">The Hybrid Analyst: How Phishing Created A New Type of Intel Analyst<br/>Rachel Giacobozzi</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-ada13-dragnet-your-social-engineering-sidekick-truman-kain">Dragnet: Your Social Engineering Sidekick<br/>Truman Kain</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-ada14-intelligence-creating-intelligence-leveraging-what-you-know-to-improve-finding-what-you-dont-tomasz-bania">Intelligence Creating Intelligence: Leveraging what you know to improve finding what you don,t<br/>Tomasz Bania</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-ada15-guaranteed-failure-awareness-the-greatest-cyber-insanity-joshua-naga-crumbaugh">Guaranteed Failure: Awareness The Greatest Cyber Insanity<br/>Joshua "Naga" Crumbaugh</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-ada16-threat-modeling-how-to-actually-do-it-and-make-it-useful-derek-milroy">Threat Modeling: How to actually do it and make it useful<br/>Derek Milroy</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-lovelace00-structuring-your-incident-response-could-be-one-of-the-most-important-things-you-do-to-bolster-security-matt-reid">Structuring your incident response could be one of the most important things you do to bolster Security<br/>Matt Reid</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-lovelace01-how-this-20-year-old-changed-the-security-industry-james-oneill">How this 20 Year Old Changed the Security Industry<br/>James O'Neill</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-lovelace02-stop-boiling-the-ocean-how-to-succeed-with-small-gains-joel-cardella">Stop Boiling The Ocean! How To Succeed With Small Gains<br/>Joel Cardella</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-lovelace03-do-i-have-a-signature-to-detect-that-malware-ken-donze">Do I have a signature to detect that malware?<br/>Ken Donze</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-lovelace04-2018-siem-trends-what-is-my-mean-time-to-value-bill-lampe">2018 SIEM Trends: What is my Mean Time to Value?<br/>Bill Lampe</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-lovelace05-advanced-attackers-hiding-inside-encrypted-traffic-at-the-endpoint-jared-phipps">Advanced Attackers Hiding Inside Encrypted Traffic at the Endpoint<br/>Jared Phipps</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-lovelace06-more-tales-from-the-cryptanalyst-jeff-man">More Tales from the Crypt-Analyst<br/>Jeff Man</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-lovelace07-my-first-year-in-application-security-whitney-phillips">My First year in Application Security <br/>Whitney Phillips</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-lovelace09-career-risk-management-10-tips-to-keep-you-employed-chris-burrows">Career Risk Management: 10 tips to keep you employed<br/>Chris Burrows</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-lovelace10-red-vs-blue-the-untold-chapter-aaron-herndon-thomas-somerville">Red vs Blue: The Untold Chapter<br/>Aaron Herndon & Thomas Somerville</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-lovelace11-saving-all-the-money-to-buy-all-the-booze-learning-to-hack-all-the-things-on-a-budget-michael-morgese">Saving All the Money to Buy All the Booze: Learning to Hack All the Things on a Budget<br/>Michael Morgese</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-lovelace12-analyzing-multi-dimensional-malware-dataset-ankur-tyagi">Analyzing Multi-Dimensional Malware Dataset<br/>Ankur Tyagi</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-lovelace13-physicals-badges-and-why-it-matters-alex-fernandez-gatti">Physicals, Badges, and why it matters<br/>Alex Fernandez-Gatti</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-lovelace15-inspec-compliance-as-code-kent-picat-gruber">InSpec: Compliance as Code<br/>Kent picat, Gruber</a></p> <p><a href="http://www.irongeek.com/i.php?page=videos/grrcon2018/grrcon-2018-lovelace16-bounty-hunters-j-wolfgang-goerlich">Bounty Hunters<br/>J Wolfgang Goerlich</a><br/></p> First name:

Last name: