Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Maltego - "Have I been pwned?"

Avatar for Christian Heinrich Christian Heinrich
July 29, 2017
Technology
470
0

Maltego - "Have I been pwned?"

Integration of "Have I been pwned?" with Maltego

Avatar for Christian Heinrich

Christian Heinrich

July 29, 2017

More Decks by Christian Heinrich

See All by Christian Heinrich
ssh
Avatar for Christian Heinrich cmlh
2
390

Other Decks in Technology

See All in Technology
遊びで始めたNew Relic MCP、​気づいたらChatOpsな​オブザーバビリティボットができてました/From New Relic MCP to a ChatOps Observability Bot
Avatar for AEON aeonpeople
1
170
OpenClawでPM業務を自動化
Avatar for 西岡 賢一郎 (Kenichiro Nishioka) knishioka
2
390
Cursor Subagentsはいいぞ
Avatar for Yuji Yamaguchi yug1224
2
140
最大のアウトプット術は問題を作ること
Avatar for ryoAccount ryoaccount
0
300
AIにより大幅に強化された AWS Transform Customを触ってみる
Avatar for arap / 0air 0air
0
310
バックオフィスPJのPjMをコーポレートITが担うとうまくいく3つの理由
Avatar for chama yueda256
1
270
制約を設計する - 非決定性との境界線 / Designing constraints
Avatar for soudai sone soudai
PRO
6
1.7k
「できない」のアウトプット 同人誌『精神を壊してからの』シリーズ出版を 通して得られたこと
Avatar for comi comi190327
3
570
GitHub Advanced Security × Defender for Cloudで開発とSecOpsのサイロを超える: コードとクラウドをつなぐ、開発プラットフォームのセキュリティ
Avatar for yuriemori yuriemori
1
130
Microsoft Fabricで考える非構造データのAI活用
Avatar for Ryoma Nagata ryomaru0825
0
650
AgentCore RuntimeからS3 Filesをマウントしてみる
Avatar for Har1101 har1101
2
190
ハーネスエンジニアリング×AI適応開発
Avatar for Ryohei Kamiya aictokamiya
3
1.5k

Featured

See All Featured
How to build a perfect <img>
Avatar for Jono Alderson jonoalderson
1
5.3k
コードの90%をAIが書く世界で何が待っているのか / What awaits us in a world where 90% of the code is written by AI
Avatar for r-kagaya rkaga
61
43k
Designing for Timeless Needs
Avatar for Cassini Nazir cassininazir
0
180
Navigating Weather and Climate Data
Avatar for Ryan Abernathey rabernat
0
160
Large-scale JavaScript Application Architecture
Avatar for Addy Osmani addyosmani
515
110k
Typedesign – Prime Four
Avatar for Hannes Fritz hannesfritz
42
3k
A Guide to Academic Writing Using Generative AI - A Workshop
Avatar for Kenji Saito ks91
PRO
1
260
Understanding Cognitive Biases in Performance Measurement
Avatar for Philip Tellis bluesmoon
32
2.8k
Put a Button on it: Removing Barriers to Going Fast.
Avatar for kastner kastner
60
4.2k
Collaborative Software Design: How to facilitate domain modelling decisions
Avatar for Kenny Baas-Schwegler baasie
0
190
Building a Modern Day 
E-commerce SEO Strategy
Avatar for Aleyda Solis aleyda
45
9k
Bootstrapping a Software Product
Avatar for Garrett Dimon garrettdimon
PRO
307
120k

Transcript

  1. Maltego “Have I Been Pwned?” Christian Heinrich DEFCON China [Beta]

    (2018) “Demo Labs” and “Recon Village”

  2. https://www.slideshare.net/cmlh/maltego-have-i-been-pwned https://speakerdeck.com/cmlh/maltego-have-i-been-pwned https://github.com/cmlh/Maltego-haveibeenpwned/tree/master/Presentation Don’t forget to look at each Slide

    Note. Latest Slides

  3. https://www.linkedin.com/in/ChristianHeinrich Developer of Local and Remote Maltego Transforms for: @Facebook

    @Instagram @Gravatar @RecordedFuture @TAIA Global REDACT™ @VirusTotal @FullContact Python Modules from @CanariProject and @Paterva https://github.com/search?q=user%3Acmlh+Maltego $ whoami

  4. Agenda 1. Integration of the API [v1 and v2], including

    “Pwned Passwords” 2. Configuration of Maltego: • Import configuration file • “Transform Hub” 3. Case Studies • Penetration Tester • Incident Responder

  5. “Have I Been Pwned?”

  6. Integrated Single API v1 Endpoint. Supports all API v1 HTTP

    Status Codes i.e. 200, 400 and 404. @haveibeenpwned – API v1

  7. @haveibeenpwned – API v1

  8. Integrated API v2 Endpoints: 1. Getting all breaches for an

    account 2. Getting all pastes for an account 3. Getting all breached sites in the system 4. Getting a single breached site @haveibeenpwned – API v2

  9. Supports all APIv2 HTTP Status Codes i.e. 200, 400, 403,

    404 and 429. Rate Limit • All breaches for an account i.e. e-mail address and alias. • All pastes for an e-mail address @haveibeenpwned – API v2 – Rate Limit

  10. Integrated Single API v1 Endpoint. Supports all API v1 HTTP

    Status Codes i.e. 200 and 404. “Pwned Passwords” – API v1

  11. Integrated API v2 Endpoints: • Searching by Password • Searching

    by Range Supports all API v1 HTTP Status Codes i.e. 200 and 404. “Pwned Passwords” – API v2

  12. Installation

  13. 1. “Account” 1. maltego.EmailAddress 2. maltego.Alias 2. “Site” 1. maltego.Domain

    2. Maltego.Phrase @haveibeenpwned – Maltego Input Entities

  14. @haveibeenpwned – maltego.Alias Entity

  15. @haveibeenpwned - Paste

  16. @haveibeenpwned - Paste

  17. @haveibeenpwned – Maltego Machines

  18. @haveibeenpwned – Maltego Machines

  19. @haveibeenpwned – Maltego Machines

  20. @haveibeenpwned – Maltego Machines

  21. @haveibeenpwned – <DisplayInformation>

  22. @haveibeenpwned – <DisplayInformation>

  23. 1. haveibeenpwned.Password • Inherits from maltego.Phrase 2. maltego.Hash “Pwned Passwords”

    API v2 – Input Entities

  24. “Pwned Passwords” API v2 – Range

  25. @troyhunt of @haveibeenpwned @SudhanshuC of the forked Maltego local transforms

    @RoelofTemmingh, @AndrewMohawk and @paulRchds of @Paterva @NoobieDog, @glennzw and @charlvdwalt of @SensePost @dcuthbert Thanks

  26. Maltego “Have I been pwned?” Christian Heinrich Follow me on

    Twitter at @cmlh [email protected] Latest Slides https://www.slideshare.net/cmlh/maltego-have-i-been-pwned https://speakerdeck.com/cmlh/maltego-have-i-been-pwned https://github.com/cmlh/Maltego-haveibeenpwned/tree/master/Presentation