Tying a neat little bow to my NTLM/HTTP research I'll be presenting "One XSS to Rule The Enterprise" at ToorCon X the end of September and "NTLM SSO Weaknesses" at DeepSec in November. Both talks will show off the Squirtle Attack Toolkit. Hopefully I'll have some of the updates I didn't get into the DefCon release ready by ToorCon!
When friends ask "should I go to Defcon?" I always respond "Hey, check out ToorCon. It's in a nicer climate!" Vegas in July? Pfft, San Diego in September! One of the best conventions out there, period. Just check out the conference lineup!