Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Maltego - "Have I been pwned?"

Avatar for Christian Heinrich Christian Heinrich
July 29, 2017
Technology
0
460

Maltego - "Have I been pwned?"

Integration of "Have I been pwned?" with Maltego

Avatar for Christian Heinrich

Christian Heinrich

July 29, 2017
Tweet

More Decks by Christian Heinrich

See All by Christian Heinrich
ssh
Avatar for Christian Heinrich cmlh
2
380

Other Decks in Technology

See All in Technology
セキュアな認可付きリモートMCPサーバーをAWSマネージドサービスでつくろう! / Let's build an OAuth protected remote MCP server based on AWS managed services
Avatar for 株式会社カミナシ kaminashi
3
230
成長自己責任時代のあるきかた/How to navigate the era of personal responsibility for growth
Avatar for Hiromu Shioya kwappa
4
300
フルカイテン株式会社 エンジニア向け採用資料
Avatar for FULL KAITEN fullkaiten
0
9.1k
AI駆動開発を推進するためにサービス開発チームで 取り組んでいること
Avatar for おーしろ noayaoshiro
0
230
Simplifying Cloud Native app testing across environments with Dapr and Microcks
Avatar for Salaboy salaboy
0
110
「Verify with Wallet API」を アプリに導入するために
Avatar for hinakko hinakko
1
260
AWS Top Engineer、浮いてませんか? / As an AWS Top Engineer, Are You Out of Place?
Avatar for Yuji Oshima yuj1osm
2
170
20201008_ファインディ_品質意識を育てる役目は人かAIか___2_.pdf
Avatar for ファインディ株式会社(イベント資料アップ用) findy_eventslides
2
560
Escaping_the_Kraken_-_October_2025.pdf
Avatar for Maarten Dalmijn mdalmijn
0
150
ガバメントクラウド(AWS)へのデータ移行戦略の立て方【虎の巻】 / 20251011 Mitsutosi Matsuo
Avatar for SHIFT EVOLVE shift_evolve
PRO
2
170
社内お問い合わせBotの仕組みと学び
Avatar for Tomoyuki Nishimura nish01
1
510
SoccerNet GSRの紹介と技術応用:選手視点映像を提供するサッカー作戦盤ツール
Avatar for MIXI ENGINEERS mixi_engineers
PRO
1
190

Featured

See All Featured
The Cost Of JavaScript in 2023
Avatar for Addy Osmani addyosmani
53
9k
Reflections from 52 weeks, 52 projects
Avatar for Jefferson Lam jeffersonlam
352
21k
Why Our Code Smells
Avatar for Brandon Keepers bkeepers
PRO
339
57k
Testing 201, or: Great Expectations
Avatar for Joseph Mastey jmmastey
45
7.7k
Code Review Best Practice
Avatar for Trisha Gee trishagee
72
19k
Six Lessons from altMBA
Avatar for Skipper Chong Warson skipperchong
28
4k
Art, The Web, and Tiny UX
Avatar for Lynn Fisher lynnandtonic
303
21k
The Straight Up "How To Draw Better" Workshop
Avatar for Dennis Kardys denniskardys
237
140k
Bootstrapping a Software Product
Avatar for Garrett Dimon garrettdimon
PRO
307
110k
Embracing the Ebb and Flow
Avatar for Simon Collison colly
88
4.8k
GraphQLの誤解/rethinking-graphql
Avatar for sonatard sonatard
73
11k
The Art of Delivering Value - GDevCon NA Keynote
Avatar for David Neal reverentgeek
15
1.7k

Transcript

  1. Maltego “Have I Been Pwned?” Christian Heinrich DEFCON China [Beta]

    (2018) “Demo Labs” and “Recon Village”

  2. https://www.slideshare.net/cmlh/maltego-have-i-been-pwned https://speakerdeck.com/cmlh/maltego-have-i-been-pwned https://github.com/cmlh/Maltego-haveibeenpwned/tree/master/Presentation Don’t forget to look at each Slide

    Note. Latest Slides

  3. https://www.linkedin.com/in/ChristianHeinrich Developer of Local and Remote Maltego Transforms for: @Facebook

    @Instagram @Gravatar @RecordedFuture @TAIA Global REDACT™ @VirusTotal @FullContact Python Modules from @CanariProject and @Paterva https://github.com/search?q=user%3Acmlh+Maltego $ whoami

  4. Agenda 1. Integration of the API [v1 and v2], including

    “Pwned Passwords” 2. Configuration of Maltego: • Import configuration file • “Transform Hub” 3. Case Studies • Penetration Tester • Incident Responder

  5. “Have I Been Pwned?”

  6. Integrated Single API v1 Endpoint. Supports all API v1 HTTP

    Status Codes i.e. 200, 400 and 404. @haveibeenpwned – API v1

  7. @haveibeenpwned – API v1

  8. Integrated API v2 Endpoints: 1. Getting all breaches for an

    account 2. Getting all pastes for an account 3. Getting all breached sites in the system 4. Getting a single breached site @haveibeenpwned – API v2

  9. Supports all APIv2 HTTP Status Codes i.e. 200, 400, 403,

    404 and 429. Rate Limit • All breaches for an account i.e. e-mail address and alias. • All pastes for an e-mail address @haveibeenpwned – API v2 – Rate Limit

  10. Integrated Single API v1 Endpoint. Supports all API v1 HTTP

    Status Codes i.e. 200 and 404. “Pwned Passwords” – API v1

  11. Integrated API v2 Endpoints: • Searching by Password • Searching

    by Range Supports all API v1 HTTP Status Codes i.e. 200 and 404. “Pwned Passwords” – API v2

  12. Installation

  13. 1. “Account” 1. maltego.EmailAddress 2. maltego.Alias 2. “Site” 1. maltego.Domain

    2. Maltego.Phrase @haveibeenpwned – Maltego Input Entities

  14. @haveibeenpwned – maltego.Alias Entity

  15. @haveibeenpwned - Paste

  16. @haveibeenpwned - Paste

  17. @haveibeenpwned – Maltego Machines

  18. @haveibeenpwned – Maltego Machines

  19. @haveibeenpwned – Maltego Machines

  20. @haveibeenpwned – Maltego Machines

  21. @haveibeenpwned – <DisplayInformation>

  22. @haveibeenpwned – <DisplayInformation>

  23. 1. haveibeenpwned.Password • Inherits from maltego.Phrase 2. maltego.Hash “Pwned Passwords”

    API v2 – Input Entities

  24. “Pwned Passwords” API v2 – Range

  25. @troyhunt of @haveibeenpwned @SudhanshuC of the forked Maltego local transforms

    @RoelofTemmingh, @AndrewMohawk and @paulRchds of @Paterva @NoobieDog, @glennzw and @charlvdwalt of @SensePost @dcuthbert Thanks

  26. Maltego “Have I been pwned?” Christian Heinrich Follow me on

    Twitter at @cmlh [email protected] Latest Slides https://www.slideshare.net/cmlh/maltego-have-i-been-pwned https://speakerdeck.com/cmlh/maltego-have-i-been-pwned https://github.com/cmlh/Maltego-haveibeenpwned/tree/master/Presentation