Announcing #GRIMMCon 0x4, our fourth in a series of FREE VIRTUAL Conferences for the community! We’ll have two tracks, one especially for First Time Speakers who we’ll pair with an expert. Talks will be a mix of tech and personal fun.
It’s Broke, Let’s Fix It
For her day job, Stephanie serves as a level 2 cloud security operations analyst for Duo. Outside of her 9-5, however, Stephanie has filled her life with all kinds of cool activities. She has worked with WISP, SANS, Tech Field Day and LinkedIn Learning on great efforts to support the underrepresented, provide perspectives that are missing from the conversation, and educate people on security topics that are otherwise inaccessible. She speaks at conferences and virtual events on both soft skills and hard skill related subjects. She co-hosts a ""happy hour"" inspired podcast called Coolest Nerds in the Room, where conversations surrounding the lives of tech people are nurtured. Stephanie recognizes those that inspired her or helped her get to where she is today and hopes that everything she does moving forward does the same for others. Follow Steph on Twitter and LinkedIn, or visit her online at StephAndSec.com. Her podcast is also available everywhere.
It’s Broke, Let’s Fix It
Casey has been a Cybersecurity Engineer since graduating with her Bachelor's degree in Computer Science. During that time, she has received her Master's in Cybersecurity, become an avid member of infosec Twitter, and started her blog Caseyis, where she enjoys writing about an array of different tech-related topics.
It’s Broke, Let’s Fix It
Tricia Howard is an artist gone rogue who ended up in the wonderful world of security. With a B.A. in Theatre Arts and interests ranging from Star Wars to Opera, she brings a unique and artistic perspective to infosec. When she’s not trying to get you to click on marketing emails, you can find her playing with her pomsky Darth, singing, painting, dramatically reading cold sales emails, and doing copious amounts of jigsaw puzzles.
Blood In The Wires: How The Tech Industry Fails Humanity
Emily Crose has been an information security professional for over a decade. She has been an officer for multiple government organizations including the NSA, CIA and US Army INSCOM. She currently works to secure critical industrial infrastructure worldwide. She is also an advocate for counter white nationalism, and government transparency.
GRIMMCon 0x4 Discord Channels
Main Channel
Please read/follow Code of Conduct
Check out our Virtual Swag!
Workshops & Villages
Windows Internals CTF
Level: Beginner
To participate in Windows Internals CTF, to go to: samsclass.info
and follow the instructions there when the workshop
begins. If you have a slow Internet connection, please go to that
site a day early to download the virtual machines we will use.
Radio Frequency CTF
Level: Beginner to Advanced
Do you have what it takes to hack WiFi, Bluetooth, and Software Defined Radio (SDR)?
RF Hackers Sanctuary (the group formerly known as Wireless Village) is once again holding the Radio Frequency Capture the Flag (RFCTF) at GRIMMCon 0x4.
Our new virtual RFCTF can be played completely remotely without needing any specialized equipment at all! The key is to read the clues, determine the goal of each challenge, and have fun learning.
Twitter: @rf_ctf and @rfhackers
Discord: https://discordapp.com/invite/JjPQhKy
Websites: http://rfhackers.com and http://sdr.ninja - play with us
Getting Started: https://github.com/rfhs/rfhs-wiki/wiki/RF-CTF-Virtual-HowToGetStarted
#Beginner-Village
Level: Beginner
Beginner focused village with intro-level content on Hacking and Cyber, including tips on how to be safe and a little study guidance on how to get started on the field.
We'll also have a presentation track, including time for Q&A.
The DCG staff will be available during the whole GRIMMCon 0x4 to help with doubts or simply to chat on the official Discord event server.
We're reachable on Twitter, Telegram and Discord
See Linktr.ee for more links.
Attacking/Defending Android Apps Training Workshop
Level: Intermediate
This workshop mainly focuses on the security aspects of world’s most leading mobile operating systems - android. In this training attendees will learn about their architecture, file system , security model , application components, OWASP mobile attacks Defense, reverse engineering techniques to uncover the security flaws within the application, method swizzling and runtime manipulation for the apps and hooking of the applications to exploit the security flaws.
The workshop will also provide a thorough guide on how the mobile applications can be attacked and provide an overview of how some of the most important security checks for the applications are applied and get an in-depth understanding of these security checks.
This workshop will mainly focus on the following:
Android native code with owasp mobile attacks and mitigation
Reverse engineer Dex code for security analysis
Runtime analysis of the apps by active debugging
Defending of the mobile app from the attack.
Links: https://null.community/profile/10861-romansh-yadav
https://www.conf42.com/ce2021
https://twitter.com/Romanshyadav
https://www.linkedin.com/in/romansh-yadav/
Virtual Lobby Con
GRIMMCon Support
Need a little help...
reach out to the GRIMMCon-Support channel in Discord for support
or email GRIMMCon@grimm-co.com
Since we are an all volunteer community CON our volunteers
will do their best to support you, we appreciate your patience.
GRIMMCON 0x4 SPEAKER SCHEDULE:
11:00 EDT
GRIMMCON Opening Keynotes - Casey, Steph, Tricia Howard: It’s Broke, Let’s Fix It
See Track 1
11:45 EDT
Magno Logan: Kubernetes Security 101: Best Practices to Secure your Cluster
Kevin Ott: Simulating Supply Chain Attacks with Assume Breach
12:30 EDT
Will Dormann: Exploiting COM with Microsoft Word
Eli Salem: Funtastic Packers And Where To Find Them
13:15 EDT
Antonio Piazza: Electronify Your Objective C
Immanuel Chavoya: APT ATT&CK EMULATION
14:00 EDT
Wolfgang Goerlich: Design Thinking for Blue Teams
Siobhan Kelleher: Seek, and ye shall find: OSINT for Beginners
14:45 EDT
Cedric Owens: Building An Effective Red Team Function (2021 Edition)
Alex Norman: What to expect when you’re expecting a pentest
15:30 EDT
James McCarter: Know Thy Enemy/Know Thyself
Indiana Moreau: Repo Jacking: How Github usernames expose 70,000 open-source projects to remote code injection
16:15 EDT
Jaime Lightfoot: Intro to Hardware Hacking with a DRM'd LED Therapy Mask
Dan Tyrrell: The Future is Humans, not Machines
17:00 EDT
John Stoner: Bringing critical D&D Skills to the workplace
Alexandria Esposito: Speak Impact
17:45 EDT
GRIMMCon Closing Keynote - Emily Crose: Blood In The Wires: How The Tech Industry Fails Humanity
See Track 1
18:30 EDT
Virtual Happy Hour:
- Dave Mayer hosting "Red Team and Pen Testing Discussion"
- Bryson Bort hosting "Choose your own adventure"
- Mark Griffin hosting "Fuzzing"
(See Discord for details)
