DefCon 30

DefCon is many things to many people. It is the olympics of hacking competitions, opportunity to push periphery for your knowledge, hangout with friends old and new, place to learn the dark arts or just a fun place for some shenanigans. After 2-3 years of relative lonliness, it was more of an intellectual shock than just stimulation. Refreshingly bereft of advertisements dressed up as sessions or workshops, every chat, every encounter had something that blew my mind. While its not really surprising among hackers, events and people were very open (as long as you can beat the linecon) and welcoming. The only thing that seemed to really matter was the thirst for knowledge.

AppSec is where I was and where I thought I wanted to be. Building secure apps, setting up proper DevSecOps, ensuring OpSec was already exciting. So I go into the Flamingo to participate in a workshop at the AppSec village and see a line of people waiting to get into the Red Team Village for free merch. Some of these random dudes were talking about hacking into Starlink cluster and I was like I need to know this. And joined them in the line. 2 shirts, few badges, many stickers and 2 days later I come out as fresh brewed red team convert.

It was incredibly satisfying and illuminating to learn and break into things (they started like “lets break into the domain controller”). It felt good. All my life I lived on the other side of the river.The blue team (from an ops standpoint) and AppSec guys I felt, did the most important and interesting work. This has changed for me. There is some unexplainable joy in hunting for a secret door, to get into the castle unseen, flirt with the princess, eat some food at the kitchen and go home. Just because you can.

Being on the red team feels like the least scriptable and most original thing that I can think of. And that is where I am going.