Mastodawn

Pass the SALT Conference Aug 31, 2023

ANNUAL REPORT
Each year, at the end of summer, we publish our annual activity report in order to share #figures, #feedback and #analysis about the current edition.

Please find the #pts23 report here: https://2023.pass-the-salt.org/annual-report/

Happy reading!
#transparency #opendata #opensource

2023 Conference report

Website of the 2023 edition of the Pass the SALT conference

Pass the SALT Conference Aug 5, 2023

After her talk at #pts23 @mayacostantini has been invited to speak about #sigstore and supply chain security by the French reference infosec podcast #NoLimitSecu 👏👏👏 Maya !

https://www.nolimitsecu.fr/sigstore/

sigstore - NoLimitSecu

Episode #422 consacré à sigstore avec Maya Costantini Références : Vidéo : https://passthesalt.ubicast.tv/videos/2023-introduction-to-sigstore-cryptographic-signatures-made-easier/ Slides : https://archives.pass-the-salt.org/Pass%20the%20SALT/2023/slides/PTS2023-Talk-12-Introduction-to-Sigstore_Cryptographic-signatures-made-easier.pdf

NoLimitSecu

ph0wn Aug 2, 2023

Ph0wn's badge contest is open to 3D printed or laser cut badges. Have you seen @doegox badges for @passthesaltcon #pts23? Hope they inspire you!
https://infosec.exchange/@passthesaltcon/110667685905355982

Pass the SALT Conference (@[email protected])

Attached: 1 image MEMORIES #pts23 is now over and it has been a blast for us and we hope also for you 😊 We share some 🤩 atmosphere pics shooted mainly by @doegox https://flickr.com/photos/yobibe/albums/72177720309580829 FTR people with azur lanyards have been excluded from this dataset according to their privacy choice 🫸

Infosec Exchange

doegox Jul 8, 2023

#pts23 @passthesaltcon Badges and tokens designs and processes are now online: https://thingiverse.com/thing:6113649 and https://thingiverse.com/thing:6113668

Laser cut conference badges V4 by doegox

Based on the Pass the SALT 2023 conference logo. I'm sharing it mostly for its design process in case other people want to create their own conference badges. The badges were made at Openfab. Compared to previous edition badge (2022), the following changes were made: Tokens not integrated within the badge anymore, but were a tribute to the aperiodic monotile discovered a few month earlier, see https://www.thingiverse.com/thing:6113668 Press-fit finger joints, for fun. All sides feature the same finger joints so badges can be assembled in any orientation. A new design, allowing to reuse the badge as a coaster :)

Pass the SALT Conference Jul 8, 2023

FINAL WORDS
#pts23 is over 🤩 :
-22 talks, 15 rumps, 3 workshops have been done during 2.5 days🚀
- the #noshow % drops from >30% in #pts22 to 20% this year 😊🙏
- Tons of exchanges between old friends and new ones ❤️

All the team wish you a great summer & see you in #pts24 !

chiknliverpizza Jul 7, 2023

thank you @passthesaltcon for another yet amazing event, great talks, seeing old friends and meeting new ones. until next year! #pts23

Pass the SALT Conference Jul 6, 2023

MEMORIES
#pts23 is now over and it has been a blast for us and we hope also for you 😊

We share some 🤩 atmosphere pics shooted mainly by @doegox

https://flickr.com/photos/yobibe/albums/72177720309580829

FTR people with azur lanyards have been excluded from this dataset according to their privacy choice 🫸

Pass the SALT 2023

Explore this photo album by Philippe Teuwen on Flickr!

Flickr

Clément Notin

Jul 6, 2023

Recap of my talks at the great @passthesaltcon #pts23

- "Decrypt Kerberos/NTLM “encrypted stub data” in Wireshark"
🔦 Slides & sample PCAPs: https://cfp.pass-the-salt.org/pts2023/talk/HMTA3X/
📽️ Video: https://passthesalt.ubicast.tv/videos/2023-decrypt-kerberosntlm-encrypted-stub-data-in-wireshark/

- Rump "Fixing NTLM decryption in Wireshark"
📽️ Video: https://passthesalt.ubicast.tv/videos/2023-rump-fixing-ntlm-decryption-in-wireshark/

Decrypt Kerberos/NTLM “encrypted stub data” in Wireshark PTS2023

We often use Wireshark to analyze Windows and Active Directory network protocols, especially those juicy RPC! But we are often interrupted in our enthusiasm by the payload dissected as “encrypted stub data”. Until we discover that Wireshark has a helpful feature to decrypt this traffic, which is protected by secrets derived from the prior Kerberos or NTLM authentication. We will briefly describe the theory and show in practice how to configure Wireshark, and fill the required keytab file, so this “encrypted stub data” gets decrypted. This feature will offer you more visibility into those protocols in your future network analysis sessions (security research, network forensics, etc.)

Ivan Kwiatkowski Jul 6, 2023

I went to @passthesaltcon this year again, and had the pleasure to give two talks.

The first one was on my IDA Pro plugin, Gepetto (guaranteed with less than 15% trolling): https://passthesalt.ubicast.tv/videos/2023-gepetto-ai-powered-reverse-engineering/

The other was the closing talk of #PTS23 and is titled: "Why cyberoffense will never be regulated". Based on the feedback I got, the most thought-provoking aspect was the software I used to present this talk, see if you can guess which one it is! https://passthesalt.ubicast.tv/videos/2023-why-cyberoffense-will-never-be-regulated/

Thanks a lot to the organizers for this great conference, hope to see everyone again next year!

Gepetto: AI-powered reverse-engineering

Pass the SALT Archives

chiknliverpizza Jul 5, 2023

had a really groovy evening of fun, hanging-out with @luminouw and the rest of the guys at #pts23 . we miss the old gang from 2019, though. hope to see everyone next year.