Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Maltego - "Have I been pwned?"

Avatar for Christian Heinrich Christian Heinrich
July 29, 2017
Technology
0
470

Maltego - "Have I been pwned?"

Integration of "Have I been pwned?" with Maltego

Avatar for Christian Heinrich

Christian Heinrich

July 29, 2017
Tweet

More Decks by Christian Heinrich

See All by Christian Heinrich
ssh
Avatar for Christian Heinrich cmlh
2
380

Other Decks in Technology

See All in Technology
GitHub Actions侵害 — 相次ぐ事例を振り返り、次なる脅威に備える
Avatar for GMO Flatt Security flatt_security
8
4.8k
「通るまでRe-run」から卒業!落ちないテストを書く勘所
Avatar for asumikam asumikam
2
770
FastMCP OAuth Proxy with Cognito
Avatar for iganin hironobuiga
3
210
Phase05_ClaudeCode入門
Avatar for overflow ,Inc overflowinc
0
2.4k
韓非子に学ぶAI活用術
Avatar for tomfook tomfook
3
1k
私がよく使うMCPサーバー3選と社内で安全に活用する方法
Avatar for KintoTech_Dev kintotechdev
0
130
AIエージェント×GitHubで実現するQAナレッジの資産化と業務活用 / QA Knowledge as Assets with AI Agents & GitHub
Avatar for Hitsuji tknw_hitsuji
0
260
Phase07_実務適用
Avatar for overflow ,Inc overflowinc
0
2.1k
大規模ECサイトのあるバッチのパフォーマンスを改善するために僕たちのチームがしてきたこと
Avatar for panda_program panda_program
1
400
SSoT(Single Source of Truth)で「壊して再生」する設計
Avatar for かわうそ kawauso
2
380
ブラックボックス化したMLシステムのVertex AI移行 / mlops_community_62
Avatar for Visional Engineering & Design visional_engineering_and_design
0
130
ThetaOS - A Mythical Machine comes Alive
Avatar for Martijn aslander
0
200

Featured

See All Featured
Java REST API Framework Comparison - PWX 2021
Avatar for Matt Raible mraible
34
9.2k
Fight the Zombie Pattern Library - RWD Summit 2016
Avatar for Marcelo Somers marcelosomers
234
17k
brightonSEO & MeasureFest 2025 - Christian Goodrich - Winning strategies for Black Friday CRO & PPC
Avatar for Christian Goodrich cargoodrich
3
130
Getting science done with accelerated Python computing platforms
Avatar for Jacob Tomlinson jacobtomlinson
2
150
Marketing Yourself as an Engineer | Alaka | Gurzu
Avatar for Gurzu gurzu
0
160
Navigating the moral maze — ethical principles for Al-driven product design
Avatar for Skipper Chong Warson skipperchong
2
310
StorybookのUI Testing Handbookを読んだ
Avatar for Shingo Yamazaki zakiyama
31
6.6k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
Avatar for Morgane Peng morganepeng
133
19k
svc-hook: hooking system calls on ARM64 by binary rewriting
Avatar for Akira Moroo retrage
2
180
Why You Should Never Use an ORM
Avatar for John Nunemaker jnunemaker
PRO
61
9.8k
Sharpening the Axe: The Primacy of Toolmaking
Avatar for Bryan Cantrill bcantrill
46
2.7k
Performance Is Good for Brains [We Love Speed 2024]
Avatar for Tammy Everts tammyeverts
12
1.5k

Transcript

  1. Maltego “Have I Been Pwned?” Christian Heinrich DEFCON China [Beta]

    (2018) “Demo Labs” and “Recon Village”

  2. https://www.slideshare.net/cmlh/maltego-have-i-been-pwned https://speakerdeck.com/cmlh/maltego-have-i-been-pwned https://github.com/cmlh/Maltego-haveibeenpwned/tree/master/Presentation Don’t forget to look at each Slide

    Note. Latest Slides

  3. https://www.linkedin.com/in/ChristianHeinrich Developer of Local and Remote Maltego Transforms for: @Facebook

    @Instagram @Gravatar @RecordedFuture @TAIA Global REDACT™ @VirusTotal @FullContact Python Modules from @CanariProject and @Paterva https://github.com/search?q=user%3Acmlh+Maltego $ whoami

  4. Agenda 1. Integration of the API [v1 and v2], including

    “Pwned Passwords” 2. Configuration of Maltego: • Import configuration file • “Transform Hub” 3. Case Studies • Penetration Tester • Incident Responder

  5. “Have I Been Pwned?”

  6. Integrated Single API v1 Endpoint. Supports all API v1 HTTP

    Status Codes i.e. 200, 400 and 404. @haveibeenpwned – API v1

  7. @haveibeenpwned – API v1

  8. Integrated API v2 Endpoints: 1. Getting all breaches for an

    account 2. Getting all pastes for an account 3. Getting all breached sites in the system 4. Getting a single breached site @haveibeenpwned – API v2

  9. Supports all APIv2 HTTP Status Codes i.e. 200, 400, 403,

    404 and 429. Rate Limit • All breaches for an account i.e. e-mail address and alias. • All pastes for an e-mail address @haveibeenpwned – API v2 – Rate Limit

  10. Integrated Single API v1 Endpoint. Supports all API v1 HTTP

    Status Codes i.e. 200 and 404. “Pwned Passwords” – API v1

  11. Integrated API v2 Endpoints: • Searching by Password • Searching

    by Range Supports all API v1 HTTP Status Codes i.e. 200 and 404. “Pwned Passwords” – API v2

  12. Installation

  13. 1. “Account” 1. maltego.EmailAddress 2. maltego.Alias 2. “Site” 1. maltego.Domain

    2. Maltego.Phrase @haveibeenpwned – Maltego Input Entities

  14. @haveibeenpwned – maltego.Alias Entity

  15. @haveibeenpwned - Paste

  16. @haveibeenpwned - Paste

  17. @haveibeenpwned – Maltego Machines

  18. @haveibeenpwned – Maltego Machines

  19. @haveibeenpwned – Maltego Machines

  20. @haveibeenpwned – Maltego Machines

  21. @haveibeenpwned – <DisplayInformation>

  22. @haveibeenpwned – <DisplayInformation>

  23. 1. haveibeenpwned.Password • Inherits from maltego.Phrase 2. maltego.Hash “Pwned Passwords”

    API v2 – Input Entities

  24. “Pwned Passwords” API v2 – Range

  25. @troyhunt of @haveibeenpwned @SudhanshuC of the forked Maltego local transforms

    @RoelofTemmingh, @AndrewMohawk and @paulRchds of @Paterva @NoobieDog, @glennzw and @charlvdwalt of @SensePost @dcuthbert Thanks

  26. Maltego “Have I been pwned?” Christian Heinrich Follow me on

    Twitter at @cmlh [email protected] Latest Slides https://www.slideshare.net/cmlh/maltego-have-i-been-pwned https://speakerdeck.com/cmlh/maltego-have-i-been-pwned https://github.com/cmlh/Maltego-haveibeenpwned/tree/master/Presentation