Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Maltego - "Have I been pwned?"

Avatar for Christian Heinrich Christian Heinrich
July 29, 2017
Technology
0
470

Maltego - "Have I been pwned?"

Integration of "Have I been pwned?" with Maltego

Avatar for Christian Heinrich

Christian Heinrich

July 29, 2017
Tweet

More Decks by Christian Heinrich

See All by Christian Heinrich
ssh
Avatar for Christian Heinrich cmlh
2
380

Other Decks in Technology

See All in Technology
月間数億レコードのアクセスログ基盤を無停止・低コストでAWS移行せよ!アプリケーションエンジニアのSREチャレンジ💪
Avatar for miyamu miyamu
0
600
オープンウェイトのLLMリランカーを契約書で評価する / searchtechjp
Avatar for Sansan R&D sansan_randd
3
530
AWS Devops Agent ~ 自動調査とSlack統合をやってみた! ~
Avatar for Kubo kubomasataka
3
300
Embedded SREの終わりを設計する 「なんとなく」から計画的な自立支援へ
Avatar for SansanTech sansantech
PRO
2
1.1k
Werner Vogelsが14年間 問い続けてきたこと
Avatar for Yusuke Shimizu yusukeshimizu
2
280
toCプロダクトにおけるAI機能開発のしくじりと学び / ai-product-failures-and-learnings
Avatar for rince rince
6
5k
Amazon Bedrock AgentCore 認証・認可入門
Avatar for iganin hironobuiga
2
470
Kubecon NA 2025: DRA 関連の Recap と社内 GPU 基盤での課題
Avatar for Yohei Kevin Namba kevin_namba
0
110
入社1ヶ月でデータパイプライン講座を作った話
Avatar for Yuta Ozaki waiwai2111
1
210
新規事業における「一部だけどコア」な
AI精度改善の優先順位づけ
Avatar for Higuchi kokoro zerebom
0
450
M&A 後の統合をどう進めるか ─ ナレッジワーク × Poetics が実践した組織とシステムの融合
Avatar for KNOWLEDGE WORK / 株式会社ナレッジワーク kworkdev
PRO
1
190
CDKで始めるTypeScript開発のススメ
Avatar for つくぼし tsukuboshi
1
210

Featured

See All Featured
The Language of Interfaces
Avatar for Des Traynor destraynor
162
26k
WENDY [Excerpt]
Avatar for Tessa Abrams tessaabrams
9
36k
Easily Structure & Communicate Ideas using Wireframe
Avatar for Afnizar Nur Ghifari afnizarnur
194
17k
GraphQLとの向き合い方2022年版
Avatar for Yosuke Kurami quramy
50
14k
YesSQL, Process and Tooling at Scale
Avatar for Rocio Delgado rocio
174
15k
Embracing the Ebb and Flow
Avatar for Simon Collison colly
88
5k
VelocityConf: Rendering Performance Case Studies
Avatar for Addy Osmani addyosmani
333
24k
How to Think Like a Performance Engineer
Avatar for Harry Roberts csswizardry
28
2.4k
Producing Creativity
Avatar for Steve Smith orderedlist
PRO
348
40k
Sam Torres - BigQuery for SEOs
Avatar for Tech SEO Connect techseoconnect
PRO
0
170
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
Avatar for Vitaly Friedman smashingmag
254
22k
Primal Persuasion: How to Engage the Brain for Learning That Lasts
Avatar for Mike Taylor tmiket
0
230

Transcript

  1. Maltego “Have I Been Pwned?” Christian Heinrich DEFCON China [Beta]

    (2018) “Demo Labs” and “Recon Village”

  2. https://www.slideshare.net/cmlh/maltego-have-i-been-pwned https://speakerdeck.com/cmlh/maltego-have-i-been-pwned https://github.com/cmlh/Maltego-haveibeenpwned/tree/master/Presentation Don’t forget to look at each Slide

    Note. Latest Slides

  3. https://www.linkedin.com/in/ChristianHeinrich Developer of Local and Remote Maltego Transforms for: @Facebook

    @Instagram @Gravatar @RecordedFuture @TAIA Global REDACT™ @VirusTotal @FullContact Python Modules from @CanariProject and @Paterva https://github.com/search?q=user%3Acmlh+Maltego $ whoami

  4. Agenda 1. Integration of the API [v1 and v2], including

    “Pwned Passwords” 2. Configuration of Maltego: • Import configuration file • “Transform Hub” 3. Case Studies • Penetration Tester • Incident Responder

  5. “Have I Been Pwned?”

  6. Integrated Single API v1 Endpoint. Supports all API v1 HTTP

    Status Codes i.e. 200, 400 and 404. @haveibeenpwned – API v1

  7. @haveibeenpwned – API v1

  8. Integrated API v2 Endpoints: 1. Getting all breaches for an

    account 2. Getting all pastes for an account 3. Getting all breached sites in the system 4. Getting a single breached site @haveibeenpwned – API v2

  9. Supports all APIv2 HTTP Status Codes i.e. 200, 400, 403,

    404 and 429. Rate Limit • All breaches for an account i.e. e-mail address and alias. • All pastes for an e-mail address @haveibeenpwned – API v2 – Rate Limit

  10. Integrated Single API v1 Endpoint. Supports all API v1 HTTP

    Status Codes i.e. 200 and 404. “Pwned Passwords” – API v1

  11. Integrated API v2 Endpoints: • Searching by Password • Searching

    by Range Supports all API v1 HTTP Status Codes i.e. 200 and 404. “Pwned Passwords” – API v2

  12. Installation

  13. 1. “Account” 1. maltego.EmailAddress 2. maltego.Alias 2. “Site” 1. maltego.Domain

    2. Maltego.Phrase @haveibeenpwned – Maltego Input Entities

  14. @haveibeenpwned – maltego.Alias Entity

  15. @haveibeenpwned - Paste

  16. @haveibeenpwned - Paste

  17. @haveibeenpwned – Maltego Machines

  18. @haveibeenpwned – Maltego Machines

  19. @haveibeenpwned – Maltego Machines

  20. @haveibeenpwned – Maltego Machines

  21. @haveibeenpwned – <DisplayInformation>

  22. @haveibeenpwned – <DisplayInformation>

  23. 1. haveibeenpwned.Password • Inherits from maltego.Phrase 2. maltego.Hash “Pwned Passwords”

    API v2 – Input Entities

  24. “Pwned Passwords” API v2 – Range

  25. @troyhunt of @haveibeenpwned @SudhanshuC of the forked Maltego local transforms

    @RoelofTemmingh, @AndrewMohawk and @paulRchds of @Paterva @NoobieDog, @glennzw and @charlvdwalt of @SensePost @dcuthbert Thanks

  26. Maltego “Have I been pwned?” Christian Heinrich Follow me on

    Twitter at @cmlh [email protected] Latest Slides https://www.slideshare.net/cmlh/maltego-have-i-been-pwned https://speakerdeck.com/cmlh/maltego-have-i-been-pwned https://github.com/cmlh/Maltego-haveibeenpwned/tree/master/Presentation