BruCon 2015

Thursday, October 8, 2015 4 years ago ,

MWR will be sponsoring and attending BruCon, an annual security and hacker conference held in Ghent, Belgium.

MWR is delighted to be sponsoring BruCon for the first time, so if you are attending, please come and talk to the MWR team and keep an eye on our Twitter feed for updates!

Throughout the conference we’re running three challenges that will involve digital certificates, password cracking and a VM challenge – there are some awesome prizes up for grabs including Star Wars BB-8 Droids, YubiKeys and a LAN Turtle, so make sure you get involved and you’re in the running to win!

Smash The Hash

A competitive password cracking challenge that’ll see which BruCon attendee can rack up the most points during BruCon. Hashes will be released during the morning of the conference, with users having to crack a variety of hash types worth different points. Access the site from the BruCon WiFi to compete!

Want to increase your chances of winning a Star Wars BB-8 Droid? Check out this blog post – A practical guide to cracking password hashes for inspiration.


Golpher is a mini golf challenge with a twist. You’ll have to hack the Golpher website and escalate your privileges to get the flag in order to win this round. Both a good amount of AppSec and NetSec experience will be necessary to conquer this challenge.

Come and see the MWR team for a USB containing the challenge VM. With full posession of the VirtualBox VM image, there are shortcuts that could be made – but cheats will not prosper, you know who you are you Balldroppers, Bumpers, Foot-Wedgers, Hand-Wedgers and Sandbaggers!

To win you’ll need to submit the exploit chain and attack path to and the first complete chain with PoC wins a Star Wars BB-8 Droid.

The Analyst’s Notepad

A chance to prove yourself in the field of forensics; can you figure out the secret and get yourself signed off before anyone else?

Test your skills as you analyse the memory image of a malware analyst who examined a new strain of malware! Run through the registry and frolic through files in this challenge to access the malware’s C2C server first!

To start your challenge head to

Event Description


BruCon is an annual security and hacker conference providing two days of open discussions of critical infosec issues, privacy, information technology and its cultural/technical implications on society. Organised in Belgium, BruCon offers a high quality line up of speakers, security challenges and interesting workshops. BruCon is a conference by and for the security and hacker community.

The conference tries to create bridges between the various actors active in the computer security world, including but not limited to hackers, security professionals, security communities, non-profit organisations, CERTs, students, law enforcement agencies, etc.

You can register for tickets to BruCon here



Accreditations & Certificates

MWR is an accredited member of The Cyber Security Incident Response Scheme (CSIR) approved by CREST (Council of Registered Ethical Security Testers).
MWR is certified under the Cyber Incident Response (CIR) scheme to deal with sophisticated targeted attacks against networks of national significance.
We are certified to comply with ISO 9001 and 14001 in the UK, internationally accepted standards that outline how to put an effective quality and environmental management systems in place.
MWR is certified to comply with ISO 27001 to help ensure our client information is managed securely.
As an Approved Scanning Vendor MWR is approved by PCI SSC to conduct external vulnerability scanning services to PCI DSS Requirement 11.2.2.
We are members of the Council of Registered Ethical Security Testers (CREST), an organisation serving the needs of the information security sector.
MWR is a supplier to the Crown Commercial Service (CCS), which provides commercial and procurement services to the UK public sector.
MWR is a Qualified Security Assessor, meaning we have been qualified by PCI to validate other organisation's adherence to PCI DSS.
As members of CHECK we are measured against high standards set by NCSC for the services we provide to Her Majesty's Government.
MWR’s consultants hold Certified Simulated Attack Manager (CCSAM) and Certified Simulated Attack Specialist (CCSAS) qualifications and are authorized by CREST to perform STAR penetration testing services.