DC442028 January 2020
First Talk
Practical Password Cracking; the last 50 million
Speaker
Jamie R
Synopsis
A brief overview of common approaches to password hashing, with approaches to extracting and breaking for both red and blue teams including methods for assessing the efficacy of wordlists and rulesets and the strength of user’s passwords.
We take the Have I Been Pwned list of over 500 million NTLM hashes as an example dataset.
A python3 tool, ‘hashcrack’ is presented which will attempt to run a sensible set of hashcat jobs against the hash list, Word file, ZIP archive, NTDSUTIL export, etc that is given to it.
Second Talk
Agent X
Chat about opsec for journalists
Synopsis
An impromptu chat about how to the experience of managing security for people at risk from motivated attackers.
We’re always happy for more talks, so if you’ve implemented Meltdown on your smartwatch, want to walk us through the highlights of a CTF, or have some insight into upcoming privacy regulations, we’re interested!
Drop a message to talks@dc4420.org with a title, synopsis and rough length, and don’t worry if you haven’t spoken before.