Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Maltego - "Have I been pwned?"
Search
Christian Heinrich
July 29, 2017
Technology
0
450
Maltego - "Have I been pwned?"
Integration of "Have I been pwned?" with Maltego
Christian Heinrich
July 29, 2017
Tweet
Share
More Decks by Christian Heinrich
See All by Christian Heinrich
ssh
cmlh
2
380
Other Decks in Technology
See All in Technology
自律的なスケーリング手法FASTにおけるVPoEとしてのアカウンタビリティ / dev-productivity-con-2025
yoshikiiida
2
17k
2025-07-06 QGIS初級ハンズオン「はじめてのQGIS」
kou_kita
0
170
Delegating the chores of authenticating users to Keycloak
ahus1
0
140
第4回Snowflake 金融ユーザー会 Snowflake summit recap
tamaoki
1
290
ビギナーであり続ける/beginning
ikuodanaka
3
760
Model Mondays S2E04: AI Developer Experiences
nitya
0
150
関数型プログラミングで 「脳がバグる」を乗り越える
manabeai
2
200
Geminiとv0による高速プロトタイピング
shinya337
1
270
OPENLOGI Company Profile
hr01
0
67k
赤煉瓦倉庫勉強会「Databricksを選んだ理由と、絶賛真っ只中のデータ基盤移行体験記」
ivry_presentationmaterials
2
370
使いたいMCPサーバーはWeb APIをラップして自分で作る #QiitaBash
bengo4com
0
2k
成長し続けるアプリのためのテストと設計の関係、そして意思決定の記録。
sansantech
PRO
0
120
Featured
See All Featured
Code Review Best Practice
trishagee
69
19k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
tammyeverts
6
310
The MySQL Ecosystem @ GitHub 2015
samlambert
251
13k
Build The Right Thing And Hit Your Dates
maggiecrowley
36
2.8k
Side Projects
sachag
455
42k
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
3.9k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
35
2.4k
Measuring & Analyzing Core Web Vitals
bluesmoon
7
510
The Cost Of JavaScript in 2023
addyosmani
51
8.5k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
357
30k
Being A Developer After 40
akosma
90
590k
StorybookのUI Testing Handbookを読んだ
zakiyama
30
5.9k
Transcript
Maltego “Have I Been Pwned?” Christian Heinrich DEFCON China [Beta]
(2018) “Demo Labs” and “Recon Village”
https://www.slideshare.net/cmlh/maltego-have-i-been-pwned https://speakerdeck.com/cmlh/maltego-have-i-been-pwned https://github.com/cmlh/Maltego-haveibeenpwned/tree/master/Presentation Don’t forget to look at each Slide
Note. Latest Slides
https://www.linkedin.com/in/ChristianHeinrich Developer of Local and Remote Maltego Transforms for: @Facebook
@Instagram @Gravatar @RecordedFuture @TAIA Global REDACT™ @VirusTotal @FullContact Python Modules from @CanariProject and @Paterva https://github.com/search?q=user%3Acmlh+Maltego $ whoami
Agenda 1. Integration of the API [v1 and v2], including
“Pwned Passwords” 2. Configuration of Maltego: • Import configuration file • “Transform Hub” 3. Case Studies • Penetration Tester • Incident Responder
“Have I Been Pwned?”
Integrated Single API v1 Endpoint. Supports all API v1 HTTP
Status Codes i.e. 200, 400 and 404. @haveibeenpwned – API v1
@haveibeenpwned – API v1
Integrated API v2 Endpoints: 1. Getting all breaches for an
account 2. Getting all pastes for an account 3. Getting all breached sites in the system 4. Getting a single breached site @haveibeenpwned – API v2
Supports all APIv2 HTTP Status Codes i.e. 200, 400, 403,
404 and 429. Rate Limit • All breaches for an account i.e. e-mail address and alias. • All pastes for an e-mail address @haveibeenpwned – API v2 – Rate Limit
Integrated Single API v1 Endpoint. Supports all API v1 HTTP
Status Codes i.e. 200 and 404. “Pwned Passwords” – API v1
Integrated API v2 Endpoints: • Searching by Password • Searching
by Range Supports all API v1 HTTP Status Codes i.e. 200 and 404. “Pwned Passwords” – API v2
Installation
1. “Account” 1. maltego.EmailAddress 2. maltego.Alias 2. “Site” 1. maltego.Domain
2. Maltego.Phrase @haveibeenpwned – Maltego Input Entities
@haveibeenpwned – maltego.Alias Entity
@haveibeenpwned - Paste
@haveibeenpwned - Paste
@haveibeenpwned – Maltego Machines
@haveibeenpwned – Maltego Machines
@haveibeenpwned – Maltego Machines
@haveibeenpwned – Maltego Machines
@haveibeenpwned – <DisplayInformation>
@haveibeenpwned – <DisplayInformation>
1. haveibeenpwned.Password • Inherits from maltego.Phrase 2. maltego.Hash “Pwned Passwords”
API v2 – Input Entities
“Pwned Passwords” API v2 – Range
@troyhunt of @haveibeenpwned @SudhanshuC of the forked Maltego local transforms
@RoelofTemmingh, @AndrewMohawk and @paulRchds of @Paterva @NoobieDog, @glennzw and @charlvdwalt of @SensePost @dcuthbert Thanks
Maltego “Have I been pwned?” Christian Heinrich Follow me on
Twitter at @cmlh
[email protected]
Latest Slides https://www.slideshare.net/cmlh/maltego-have-i-been-pwned https://speakerdeck.com/cmlh/maltego-have-i-been-pwned https://github.com/cmlh/Maltego-haveibeenpwned/tree/master/Presentation