Skip to content




8:30 AMWelcome to GrrCON
– hosted by EggDropX
9:00 AMKeynote
– Chris Roberts
10:00 AMExploding Whales: Actual Examples of Engineers / Developers Not Understanding Results
– Kevin Johnson
Bring Out the Skeletons in Your Closet
– Ryan Mostiller
Spoof! It’s Gone! Exploiting Kerberos and LDAP to Bypass Security Products
– Dr. Xor and Yoav Iellin
10:30 AMAgent of Influence: A Spy’s Guide to the Digital Disinformation Battlefield
– Charity Wright
11:00 AMGetting to GrrCON 0xA’s Badge
– Dave “Heal” Schwartzberg and Chris “EggDropX” Payne
Finding a Hidden Website Compromise
– Kevin Bong
Hunt the Stank – Finding Attacker Behavior Before You Pay for It
– Melissa Bischoping
11:30 AMThe Legend of Six Tickets: An introspective in modern SOC management, the dangers of KPIs, and how to turn lead into gold
– G33kspeed
Passwords revealed – Xray Vision using Network Goggles
– Jason Bevis
Sensory Magnets: The Biohacker Journey
– Brock
NoonWhy Asset Management Fails for Cybersecurity (and How to Fix it)
– John Seaman
Cyber Threat Intelligence for the Rest of Us
– Tom Somerville
Have another drink, corporate security head scratchers
– Jim Hunter
12:30 PMHackers are Neither Created nor Destroyed
– Mr. Jeff Man
Digital Detection & Investigation with Osquery and YARA
– Julian Wayte
Structured Security Analytics for the Modern Attack Surface
– Eric Kaiser
1:30 PMSkim Job – Skimming Your Way In
– Brett DeWall
Symgrate: A Symbol Recovery Service for ARM Firmware
– Travis Goodspeed and EVM
What Elon Musk and SpaceX Can Teach Us About Ransomware and Cybersecurity
– Morgan Wright
2:30 PMPeapBomb – Attacking Modern Wireless Networks
– Anthony Ralston

Reduce Ransomware’s Blast Radius
– Stephen Frethem


You’re Doing It Wrong
– Luke McOmie (Pyr0)
3:30 PMRansomware, a Real Problem
– Aaron Heikkila
APT’s Trasition to the Cloud
– Ell Marquez & Nicole Fishbein
Thinking Beyond the Incident Response Plan You Likely Won’t Use Anyway
– Ted Joffs and Shae Bailey
4:30 PMWhat Do You Mean They Touch, SolarWinds and Exchange Connections
– Wally Prather
The power of emulation to know all the stuff
– atlas 0f d00m
Machine Learning Driven Social Engineering
– Charles Herring



9:00 AMWelcome to the Butter Zone: Turning the Hackers 3D interface into a reality
– Mark Kikta
10:00 AMBuilding the Next Generation of Hackers
– Dave Kennedy
Dumpster Fires: 6 Things about IR I Leared as a Firefighter
– Catherine J. Ullman
Why I Go to the Dark Net Every Day
– Alex Holden
11:00 AMMistaken Identity
– Wolfgang Goerlich
p3wning Trustzone in Cisco Phones Yet Again
– Ang Cui and Hans Wu
Replication Devices (You Might Call Them Printers)
– AJ Lopez
NoonPwning Managed Service Providers for Fun and Profit
– Jason Slagle
SOC – Rise of the Humans
– Chris Pittman
Ez-Mode mTLS with Linkerd for a legacy revenue generating application
– Sol Roberts
12:30Ransomware & Sanctions Risk: An Introduction to Anti-Money Laundering for InfoSec
– Quinton Babcock
Biohacking: The Invisible Threat
– Len Noe
Modern Day Multi-Cloud Security Strategy
– Michael Khalil
1:00 PMThreat Model Your SIEM Alerts
Why is everyone talking about Zero Trust?
– Eric Wing
ISE-Skating – Bypassing NAC in Under a Minute
– Anthony Ralston and Ryan Fisher
2:00 PMShould I Stay or Should I Go Now?
– Scott Thomas
Guerilla Warfare for the Blue Team
– Rob Carson
‘Flipping the Script’ – Building a Threat Informed Defense with Purple Teaming
– Eric Mannon
2:30 PMContinuous Security by Design
– Rob Richardson
The Simple Way to Prevent Data Exfiltration
– Jeff Miller
3:00 PMCommercial Transportation: Trucking Hacking
– Ben Gardiner
20 Free Ways to Imporve Your Defenses Today
– Robert Wagner
OSINT and the Hermit Kingdom
– Nick Roy
4:00 PMMasters of Emotion: Modern Scams and Social Engineering
– Erich Kron
Phishing with Payloads: A Crash Course in Bypassing EDR/EPP
– Aaron Herndon
Purpling the waters – Using MITRE ATT&CK® for Red, Blue, and the Intelligence conversations in-between
– Cat Self
5:00 PMRanty Time with Jayson or Old Man Shouts at crowd!
– Jayson Street
6:00 PMWrap Up
– hosted by EggDropX