Level: Tehnical

Abstract:
Password cracking is a well-established technique used to recover plaintext passwords from hashed or encrypted data. While extensive tutorials, tools, and methodologies exist, most approaches are optimized for English and other morphologically simpler languages. There is surprisingly little guidance on adapting these techniques for morphologically rich languages such as Slovenian, Turkish, Slavic languages and others where inflection, declension, and word variation significantly expand the password search space (like German).

This talk explores practical methods for optimizing password-cracking workflows for such languages. I will cover best practices, linguistic considerations, and tooling strategies, introduce a recently released toolkit designed specifically for this challenge, and demonstrate how these approaches improve real-world cracking effectiveness.

The session focuses on actionable techniques that have produced measurable improvements in realistic assessment scenarios, offering attendees both conceptual understanding and immediately applicable methods.

If you already know how to crack passwords, this session will show you how to crack them better when English assumptions stop working.

Bio:
Vlatko Kosturjak serves as the VP of Research at Marlink Cyber, boasting over two decades of dedicated experience in the realms of information security and cybersecurity. He have successful M&A experience in different fields of cyber security and in different roles.

Posted on Friday, February 27th, 2026 at 12:19 pm in talks | rss feed for comments| Responses are currently closed, but you can trackback from your own site.