Last month, I visited TROOPERS17, a conference in Heidelberg, Germany. It was the first infosec conference I’ve attended, so I didn’t really know what to expect. The website showed photos of geeky people in hoodies, a soldering table, lots of club mate and weird LED badges. I figured I could fit right in, and when I saw the training program I was even more motivated to register.
In the two days before the conference, I followed a training about network forensics. Earlier this week I wrote about the Rinse and Repeat technique I learned there, which can help you find the interesting network activity in a large PCAP-file.
With only 400 visitors, TROOPERS is a friendly and casual conference. What really surprised me: I met many different people and everybody was SO approachable and NICE! As one of the attendees put it: “TROOPERS is the only family where your parents don’t ask you to fix the WiFi”. Networking, which (in my head) evokes images of smooth talking and sprinkling business cards, was never so easy. I ended up sharing stories with incident responders, CEO’s, security officers, programmers, policy makers, students, consultants and pentesters.
The open and welcoming atmosphere reminded me of the Chaos Computer Congress in Hamburg, although TROOPERS focuses specifically on information security.
The tracks consisted of a nice mixture of the different aspects of computer security. There was a track on attack and research, a track on defense and management, a sponsored track that focused on the security of SAP products (day 1) and a wildcard track for talks that don’t fit a specific category (day 2).
I didn’t attend a talk at every possible time slot. I tried to find the right balance between talks, hanging out at “lobby-con”, talking to people, exploring the various extra activities at the conference and enjoying a nice cappuccino every now and then.
I can definitely recommend the following talks:
On Wednesday night there was a social dinner, with Packet Wars (CTF) immediately afterwards. I ended up joining the WizardsOfDos, CTF team of Hackerspace Darmstadt, who were one person short for their team. It certainly was a lot of fun and we ended up winning the Packet Wars!
The CTF challenges revolved around a fake Donald Trump twitter account, which we had to compromise in order to obtain different kinds of evidence. The first challenge was OSINT-based. A writeup is available here. The second challenge consisted of sending a spearphishing email to the fake account to compromise the underlying workstation. If you want to see some of the hilarious phishing emails that were sent during this challenge, be sure to check the closing talk of TROOPERS17 on Youtube.
Other activities and stuff worth mentioning:
Refridgerators with club mate and club mate cola everywhere.
A vintage pinball machine and donkey kong arcade machine (AWESOME)!
My very first weird geeky conference badge gadget! The TROOPERS17 badge was made by @BadgeWizard and consisted of a custom Arduino-board paired with an (ancient & refurbished) Nokia 3310. Sadly, my battery was as good as dead, so I didn’t use it much during the conference. However, the badge was a great conversation starter and also doubled as an attribute for one of the conference challenges. Nicely done, TROOPERS!
Long story short: I would definitely recommend visiting TROOPERS. I hope to visit again next year and meet even more interesting people.