Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Maltego - "Have I been pwned?"
Search
Christian Heinrich
July 29, 2017
Technology
0
460
Maltego - "Have I been pwned?"
Integration of "Have I been pwned?" with Maltego
Christian Heinrich
July 29, 2017
Tweet
Share
More Decks by Christian Heinrich
See All by Christian Heinrich
ssh
cmlh
2
380
Other Decks in Technology
See All in Technology
Oracle Cloud Infrastructure:2025年9月度サービス・アップデート
oracle4engineer
PRO
0
440
【Oracle Cloud ウェビナー】クラウド導入に「専用クラウド」という選択肢、Oracle AlloyとOCI Dedicated Region とは
oracle4engineer
PRO
3
110
許しとアジャイル
jnuank
1
130
Exadata Database Service on Dedicated Infrastructure(ExaDB-D) UI スクリーン・キャプチャ集
oracle4engineer
PRO
2
5.4k
生成AI_その前_に_マルチクラウド時代の信頼できるデータを支えるSnowflakeメタデータ活用術.pdf
cm_mikami
0
120
スタートアップにおけるこれからの「データ整備」
shomaekawa
0
110
組織観点からIAM Identity CenterとIAMの設計を考える
nrinetcom
PRO
1
180
GopherCon Tour 概略
logica0419
2
190
Access-what? why and how, A11Y for All - Nordic.js 2025
gdomiciano
1
110
ACA でMAGI システムを社内で展開しようとした話
mappie_kochi
1
270
フルカイテン株式会社 エンジニア向け採用資料
fullkaiten
0
9k
後進育成のしくじり〜任せるスキルとリーダーシップの両立〜
matsu0228
7
2.5k
Featured
See All Featured
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
12
1.2k
Making the Leap to Tech Lead
cromwellryan
135
9.5k
Agile that works and the tools we love
rasmusluckow
331
21k
Optimising Largest Contentful Paint
csswizardry
37
3.4k
The Pragmatic Product Professional
lauravandoore
36
6.9k
Bash Introduction
62gerente
615
210k
Product Roadmaps are Hard
iamctodd
PRO
54
11k
For a Future-Friendly Web
brad_frost
180
9.9k
Designing for humans not robots
tammielis
254
25k
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
9
850
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
507
140k
GraphQLとの向き合い方2022年版
quramy
49
14k
Transcript
Maltego “Have I Been Pwned?” Christian Heinrich DEFCON China [Beta]
(2018) “Demo Labs” and “Recon Village”
https://www.slideshare.net/cmlh/maltego-have-i-been-pwned https://speakerdeck.com/cmlh/maltego-have-i-been-pwned https://github.com/cmlh/Maltego-haveibeenpwned/tree/master/Presentation Don’t forget to look at each Slide
Note. Latest Slides
https://www.linkedin.com/in/ChristianHeinrich Developer of Local and Remote Maltego Transforms for: @Facebook
@Instagram @Gravatar @RecordedFuture @TAIA Global REDACT™ @VirusTotal @FullContact Python Modules from @CanariProject and @Paterva https://github.com/search?q=user%3Acmlh+Maltego $ whoami
Agenda 1. Integration of the API [v1 and v2], including
“Pwned Passwords” 2. Configuration of Maltego: • Import configuration file • “Transform Hub” 3. Case Studies • Penetration Tester • Incident Responder
“Have I Been Pwned?”
Integrated Single API v1 Endpoint. Supports all API v1 HTTP
Status Codes i.e. 200, 400 and 404. @haveibeenpwned – API v1
@haveibeenpwned – API v1
Integrated API v2 Endpoints: 1. Getting all breaches for an
account 2. Getting all pastes for an account 3. Getting all breached sites in the system 4. Getting a single breached site @haveibeenpwned – API v2
Supports all APIv2 HTTP Status Codes i.e. 200, 400, 403,
404 and 429. Rate Limit • All breaches for an account i.e. e-mail address and alias. • All pastes for an e-mail address @haveibeenpwned – API v2 – Rate Limit
Integrated Single API v1 Endpoint. Supports all API v1 HTTP
Status Codes i.e. 200 and 404. “Pwned Passwords” – API v1
Integrated API v2 Endpoints: • Searching by Password • Searching
by Range Supports all API v1 HTTP Status Codes i.e. 200 and 404. “Pwned Passwords” – API v2
Installation
1. “Account” 1. maltego.EmailAddress 2. maltego.Alias 2. “Site” 1. maltego.Domain
2. Maltego.Phrase @haveibeenpwned – Maltego Input Entities
@haveibeenpwned – maltego.Alias Entity
@haveibeenpwned - Paste
@haveibeenpwned - Paste
@haveibeenpwned – Maltego Machines
@haveibeenpwned – Maltego Machines
@haveibeenpwned – Maltego Machines
@haveibeenpwned – Maltego Machines
@haveibeenpwned – <DisplayInformation>
@haveibeenpwned – <DisplayInformation>
1. haveibeenpwned.Password • Inherits from maltego.Phrase 2. maltego.Hash “Pwned Passwords”
API v2 – Input Entities
“Pwned Passwords” API v2 – Range
@troyhunt of @haveibeenpwned @SudhanshuC of the forked Maltego local transforms
@RoelofTemmingh, @AndrewMohawk and @paulRchds of @Paterva @NoobieDog, @glennzw and @charlvdwalt of @SensePost @dcuthbert Thanks
Maltego “Have I been pwned?” Christian Heinrich Follow me on
Twitter at @cmlh
[email protected]
Latest Slides https://www.slideshare.net/cmlh/maltego-have-i-been-pwned https://speakerdeck.com/cmlh/maltego-have-i-been-pwned https://github.com/cmlh/Maltego-haveibeenpwned/tree/master/Presentation