BruCon 2015

Thursday, October 8, 2015 12 months ago ,

MWR will be sponsoring and attending BruCon, an annual security and hacker conference held in Ghent, Belgium.

Calendar

MWR is delighted to be sponsoring BruCon for the first time, so if you are attending, please come and talk to the MWR team and keep an eye on our Twitter feed for updates!

Throughout the conference we’re running three challenges that will involve digital certificates, password cracking and a VM challenge – there are some awesome prizes up for grabs including Star Wars BB-8 Droids, YubiKeys and a LAN Turtle, so make sure you get involved and you’re in the running to win!

Smash The Hash

A competitive password cracking challenge that’ll see which BruCon attendee can rack up the most points during BruCon. Hashes will be released during the morning of the conference, with users having to crack a variety of hash types worth different points. Access the site from the BruCon WiFi to compete!

Want to increase your chances of winning a Star Wars BB-8 Droid? Check out this blog post – A practical guide to cracking password hashes for inspiration.

Golpher

Golpher is a mini golf challenge with a twist. You’ll have to hack the Golpher website and escalate your privileges to get the flag in order to win this round. Both a good amount of AppSec and NetSec experience will be necessary to conquer this challenge.

Come and see the MWR team for a USB containing the challenge VM. With full posession of the VirtualBox VM image, there are shortcuts that could be made – but cheats will not prosper, you know who you are you Balldroppers, Bumpers, Foot-Wedgers, Hand-Wedgers and Sandbaggers!

To win you’ll need to submit the exploit chain and attack path to golpher-brucon15@mwrinfosecurity.com and the first complete chain with PoC wins a Star Wars BB-8 Droid.

The Analyst’s Notepad

A chance to prove yourself in the field of forensics; can you figure out the secret and get yourself signed off before anyone else?

Test your skills as you analyse the memory image of a malware analyst who examined a new strain of malware! Run through the registry and frolic through files in this challenge to access the malware’s C2C server first!

To start your challenge head to mwr.to/brucon2015

Event Description

Weblogo

BruCon is an annual security and hacker conference providing two days of open discussions of critical infosec issues, privacy, information technology and its cultural/technical implications on society. Organised in Belgium, BruCon offers a high quality line up of speakers, security challenges and interesting workshops. BruCon is a conference by and for the security and hacker community.

The conference tries to create bridges between the various actors active in the computer security world, including but not limited to hackers, security professionals, security communities, non-profit organisations, CERTs, students, law enforcement agencies, etc.

You can register for tickets to BruCon here

 

 

Accreditations

As members of CHECK we are measured against high standards set by CESG for the services we provide to Her Majesty's Government.
We are certified in the ISO 9001 quality management system (QMS) in the UK, ensuring reliable delivery of our products and services.
We are certified to comply with ISO 14001 in the UK, an internationally accepted standard that outlines how to put an effective environmental management system in place.
MWR is certified to comply with ISO 27001 to help ensure our client information is managed securely.
As an Approved Scanning Vendor MWR are approved by PCI SSC to conduct external vulnerability scanning services to PCI DSS Requirement 11.2.2.
We are members of the Council of Registered Ethical Security Testers (CREST), an organisation serving the needs of the information security sector.
MWR is a supplier to the Crown Commercial Service (CCS), which provides commercial and procurement services to the UK public sector.
MWR is a Qualified Security Assessor, meaning we have been qualified by PCI to validate other organisation's adherence to PCI DSS.