• Email info@derpcon.io
  • Location Virtual

Welcome To DERPCON

COVID-19 has affected huge sectors of everyday life but many of us in the InfoSec community are fortunate enough to have employment that transitioned to remote work.

While many folks around the nation are facing medical or financial hardships, our staff wanted to find a way we could give back to those in need. Our solution was DerpCon 2020 (derpcon.io). We may not be able to be on the front lines of this crisis, but we can use our efforts to provide an interesting information security conference to share knowledge and passion with our community. Most importantly, we can help those in need through donations from kind-hearted infosec individuals from all over.

Virtual - GoToWebinar
sponsored by Black Hills Information Security
Apr 30 - May 1, 2020


Help Colorado Now

Communities across Colorado without access to critical services and opportunities due to race and socioeconomic status are now facing unparalleled barriers due to COVID-19. The Colorado COVID Relief Fund's purpose is to raise and coordinate allocation of funds for unmet needs of disproportionately affected Coloradans all over the state, including: People without health insurance Workers that do not have access to paid sick leave People with limited English proficiency Healthcare, hospitality, service industry and gig economy workers Older adults living on low income Communities of color People with disabilities

CCRF Overiew








Meet the team of Professionals

Nick Wiebelhaus

Offensive Operations Lead

Wesley Thurner

Security Researcher


Red Teamer

Barrett Darnell

Lead Operator

Bryce Zuccaro

Security Engineer

Andre Brito

Red Teamer

Kevin DeMers

Security Architect

Felix Guerrero

Red Teamer

Blake Hudson

Penetration Tester

Jon Kim

All around nice guy

Conference Schedule

Apr 30th, 2020
Team Red
May 1st, 2020
Team Blue
May 1st, 2020
Tales from the Trenches
May 1st, 2020
Workshop Speakers Time - MDT
Bypassing Application Whitelisting
Joe Leon

9:00 am - 1:00 pm MDT
Introduction to Exploit Development
Sam Bowne

9:00 am - 3:00 pm MDT
Getting Your Hands Dirty: CTF Workshop
Barrett Darnell

Wes Thurner

1:00 pm - 5:00 pm MDT
Breaching the Cloud Perimeter
Beau Bullock

1:00 pm - 5:00 pm MDT
Appsec DFIR 200
Serge Borso

3:00 pm - 5:00 pm MDT
Talk Speakers Time - MDT
9:00 MDT
.NET Roulette: Exploiting Insecure Deserialization in Telerik UI
Caleb Gross
9:10 MDT
Supply Chainsaw
Matt "scriptjunkie" Weeks
10:00 MDT
Ham Hacks: Breaking into the World of Software Defined Radio
Kelly Albrink
11:00 MDT
Building Secure Systems using Security Chaos Engineering and Immunity
Yury NiƱo Roa
12:00 MDT
Assumed Breach: The Better Pen Test
Tim Medin
1:00 MDT
Going Phishin' with GoPhish
Patrick Laverty
2:00 MDT
Adversary Emulation
Jorge Orchilles
3:00 MDT
.NET & Python: Let's get weird with it
Marcello Salvati
4:00 MDT
Talk Speakers Time - MDT
9:00 MDT
Dear Diary: Today I met my first APT
Brian Warehime
9:10 MDT
A Hacker's Viewpoint: Planning The Attack
Kristina Krasnolobova & Robert George
10:00 MDT
Resource Smart Malware Detection with YARA & osquery
Julian Wayte
11:00 MDT
Reducing The Breach Detection Gap
Markus Hubbard
12:00 MDT
Passive (Aggressive) DNS
Donald "Mac" McCarthy
1:00 MDT
Anatomy of a Gopher - Binary Analysis of Go Binaries
Alex Useche
2:00 MDT
Hypothesis driven MacOS Threat Hunting
3:00 MDT
The Offensive Defender | Cyberspace Trapping
Matthew Toussain
4:00 MDT

CTFs at Derpcon

We are excited to offer a number of different Capture The Flags (CTFs) at DerpCon.

The first CTF is geared towards beginners with a fun Tiger King theme. This is the perfect place to start if you are new to CTFs. Registration link coming soon. This CTF is brought to you by Threat Simulations in partnership with RunCode.ninja.

Tiger King

The second is a more advanced CTF at an intermediate level. This CTF is a hack back scenario responding to Covid-19 scammers. Along with the main theme there will be additional challenges. Registration link coming soon. This CTF is brought to you by Threat Simulations in partnership with RunCode.ninja.


The third event is a secure coding CTF brought to you by our awesome sponsor: Secure Code Warrior

Improve your secure coding skills by joining our live Secure Code Warrior tournament. The tournament allows you to compete against the other participants in a series of vulnerable code challenges that ask you to identify a problem, locate insecure code, and fix a vulnerability.

All challenges are based on the OWASP Top 10, and players can choose to compete in a range of software languages including Java EE, Java Spring, C# MVC, C# WebForms, Go, Ruby on Rails, Python Django & Flask, Scala Play, Node.JS, React, and both iOS and Android development languages.

The fourth event is a blast from the past! Try your hands at Cobol programming thanks to the wonderful work done by Sam Bowne and Elizabeth Biddlecome.

CTF - Getting Started Guide