Trustwave Unveils New Offerings to Maximize Value of Microsoft Security Investments. Learn More

Trustwave Unveils New Offerings to Maximize Value of Microsoft Security Investments. Learn More

Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Offensive Security
Solutions to maximize your security ROI
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
SpiderLabs Blog

THOTCON 0x3 - Hacker Brew Contest

This year's instantiation of the THOTCON hacking conference issued a unique challenge:

"Brew a special beer for THOTCON and bring a bomber (22oz) with you to enter in the Hacker Brew contest - a special session at the end of Track 1. There will be a panel of judges including a BJCP National Judge, a judge from Half Acre and some prizes for the best hacker brews."

Being an avid home brewer for the past 3+ years, I jumped at the opportunity to combine two things that I love - Hacking and Brewing. Sour beers have been my favorite style of beer to drink for a while now, but I had only attempted to actually brew a sour beer once before. I decided to try again and brew up a sour for the THOTCON challenge, specifically I chose to brew a Berliner Weisse. Sour beers tend to bend and break some of the basic brewing rules, so they can be a bit tricky and unpredictable. Additionally, most sour beers take a while to age and develop their sourness and complexity, typically ranging from 3 months up to 3 years for some of the more extreme styles. Once I had decided on the style, I only had 7 weeks before the judging. Not enough time to let the beer age on it's own. Since this was a hacking conference after all, I decided to attempt to "hack" the brewing process.

I drank the few underrepresented examples that were commercially available, but I had never actually brewed anything like this style before. After some initial research, I decided to brew four different batches using a different technique for each. My hope was that at least one of them would turn out in time. I also picked up some additional hardware to help speed things up. Since many of the souring bacterias and yeasts work faster at warmer temperatures, I bough two electric heating sheets and an electronic temperature controller.

12751_f7055b34-385e-430b-8f0c-364ccc2ac1d7Fig1. - Lactobacillus bacterial starter temperature controlled on a stirplate.

Batch Summary:

Batch #1 - Temperature controlled fermentation with a 1L Lactobacillus starter added.
Batch #2 - Normal fermentation with Lacto, then added 1gal of fresh wort and a Brettanomyces starter.
Batch #3 - Clean wheat beer with European brewing yeast (no souring bugs added).
Batch #4 - Sour Mash for four days at 108F (final pH 3.2).

Fig2. - Four unique batches of Berliner Weisse.

Two days before the competition I invited some friends over who knew their sour beers and had excellent palates to form a sort of "Super Tasting Panel". We sampled the four fermented worts and looked for features we'd expect to find in a good Berliner Weisse. Batch #1, due to my inexperience with the new temperature controller, had caramelized and developed an "off" flavor, so we dumped it. Batch #2 had some real complexity to it, especially from the Brett culture. Batch #3 was a simple wheat beer, and we didn't feel it would add anything significant to the final product. Batch #4 was the result of the sour mashing technique and had the sharpest bite of sourness of all the batches. After it was all said and done, the Super Tasting Panel decided to blend Batches #2 and #4 to a certain ratio and add in a few drops of lactic acid to lower the pH level. If time wasn't a limiting factor, the sour mash would have been allowed to sour a bit longer, and there would have been no need for the pure lactic acid drops. Adding lactic acid to a beer without doing any of the other souring techniques has been described by the accomplished brewer Jamil Zanisheff as being similar to "...microwaving a steak. It's faster and easier, but the taste and texture are just not the same as grilling". Once the blend was agreed upon, I kegged, chilled, and force carbonated the beer using a tank of CO2 to get it ready for the following day's competition at the very last possible moment.

On the day of THOTCON a total of seventeen beers were submitted to the Hacker Brew Contest. The beers were checked in and labeled with only a number to keep the judging blind. The judges tasted and ranked all of the beers, picking the top five beers based on the standards of the Beer Judge Certification Program. Things such as Aroma, Appearance, Flavor, Mouthfeel, and Overall Impression were ranked and totalled for a maximum score of 50 points.

12641_f20ce504-bb1e-449c-bf10-f104867715e1 Fig3. - Beer Judging Panel from left to right:
Rog McGuin of Half Acre Beer Co., Dave Hopper (@brew_ninja), Nick Percoco (@c7five),
Georgia Weidman (@georgiaweidman), and BJCP National Judge Andy Patrick (@andinator)

After the top five beers were chosen, the judges then had the tough job of arguing amongst themselves and choosing a best of show - a beer that they thought was the best example of it's style out of the final five chosen. Once the beers were chosen, the judging was completed and the awards were given out. This year's results had the top beers all judged within just a couple of points of each other.

The Final Tally:

Twitter Handle Beer Name BJCP Style
1) @Rnast Ctrl-Alt-31337 17A Berliner Weisse
2) @CoffeeToCode Saison Sans Raison 16C Saison
3) @devriems N3ct0rm@NcEr 21A Spice/Herb/Vegetable
4) @brew_ninja APT Barleywine 19C American Barleywine
5) @mastahyeti Kernel Panic PA 10A Amer. Pale Ale

The top 4 prizes were:
#1 - Gold Badge for THOTCON that gets you in for LIFE!
#2 - A tour for 10 of the Half Acre Beer Co.
#3 & #4 - A growler from Half Acre or Tighthead Brewery with a coupon for a free fill.

There were also 6 glasses from Tighthead and 2 glasses from Half Acre that were given out to 8 people based on top scores. Every entry also received a BJCP score sheet with detailed comments from the judge.

It's always great to get objective feedback, since friends drinking your free beer aren't usually inclined to be very critical. I really had a lot of fun and I'm already looking forward to next years challenge and hope that there will be an even bigger turnout! A special "thanks" to the organizers for making the Hacker Brew Contest such a success.


Latest SpiderLabs Blogs

Search & Spoof: Abuse of Windows Search to Redirect to Malware

Trustwave SpiderLabs has detected a sophisticated malware campaign that leverages the Windows search functionality embedded in HTML code to deploy malware. We found the threat actors utilizing a...

Read More

The Sentinel’s Watch: Building a Security Reporting Framework

Imagine being on shift as the guard of a fortress. Your job is to identify threats as they approach the perimeter. The more methods you have for detecting those threats, the better your chances of...

Read More

Fake Advanced IP Scanner Installer Delivers Dangerous CobaltStrike Backdoor

During a recent client investigation, Trustwave SpiderLabs found a malicious version of the Advanced IP Scanner installer, which contained a backdoored DLL module. Our client had been searching for...

Read More