Post Def Con Plans

2023-08-18
4 min read

Just over one year into my journey in infosec, I was able to go to Def Con 31. This was quite an adventure, but really this did more to clarify what I want to do moving forward than it did provide value in and of itself.

To start with my experience at Def Con, I just want to get the first thing out of the way: why, why do people enjoy “linecon” so much? Three hours to maybe get a t-shirt isn’t worth it in my opinion, and time could be better spent meeting people while already wearing the merch instead of in line. (Insert “Stop it, get help” meme.)

I was told going into Def Con that I shouldn’t try and hit the main stage talks because they’re all going to be put online later for free. While I do think that’s solid advice, that’s also where the really cool talks are and being able to see that before anyone else is pretty nice. I only attended two main stage talks, “Boston Infinite Money Glitch” and “Runtime Riddles: Abusing Manipulation Points in the Android Source”, both of which were fantastic and I’m 100% glad I saw those. I spent almost all of the other time at Blue Team Village.

BTV had a pretty good lineup. I was pleasantly surprised that the Project Obsidian talks would all be put online for free which meant I could watch the BTV main talks instead, however the room was so loud from other people talking it made it pretty hard to hear and get the most out of it. I did, however, walk away from one talk with a pack of Zombie Butt candy…

If I do go back to Def Con, there will absolutely be things I do differently, namely not caring as much about seeing any talks and instead participating in various CTFs and just posting up in the Chill Out Lounge to meet people. That being said, I think my focus will be on attending Wild West Hacking Fest in 2024 instead; I did hang out with the BHIS people some and they’re just Good People.

But like I said before, I left Def Con with a better idea of what I want to do moving forward. First up is to take the PJMR, which I should be starting end of next week (at the time of writing). This will pair nicely with the eCMAP that I recently took, and I’ll be writing about my experience with both exams after I finish. The other big project I want to tackle is to do a “malware of the day” similar to how Antisyphon Training did it, but to focus on malware that I’ve written myself. I started learning C, and when I get a good foundation there I will “learn by doing” using the Maldev Academy course. That malware that I write I’ll end up doing analysis on the assembly code and publish here on my blog. As should be obvious by taking the eCMAP and (eventually) the PJMR, malware analysis and reverse engineering has very much piqued my interest and this will give me a good safe outlet to publish reports on things I’m doing.

With publishing reports on reverse engineering and malware analysis, I really want to take that and start helping out with educational areas. While the TCM PMAT course already meets all the criteria for a great inexpensive malware analysis course (no comment about their switch to a subscription-only model), there’s still more that can be talked about in that field as well as just other fields in general, such as helping out with BTV’s Project Obsidian or similar projects. While the saying may go, “If you can’t do, teach; and if you can’t teach, teach gym,” being able to convey and explain topics is the quickest way to make sure you actually know your shit.

Next Am I Spying on Myself?