Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Maltego - "Have I been pwned?"
Search
Christian Heinrich
July 29, 2017
Technology
0
460
Maltego - "Have I been pwned?"
Integration of "Have I been pwned?" with Maltego
Christian Heinrich
July 29, 2017
Tweet
Share
More Decks by Christian Heinrich
See All by Christian Heinrich
ssh
cmlh
2
380
Other Decks in Technology
See All in Technology
セキュアな認可付きリモートMCPサーバーをAWSマネージドサービスでつくろう! / Let's build an OAuth protected remote MCP server based on AWS managed services
kaminashi
3
230
成長自己責任時代のあるきかた/How to navigate the era of personal responsibility for growth
kwappa
4
300
フルカイテン株式会社 エンジニア向け採用資料
fullkaiten
0
9.1k
AI駆動開発を推進するためにサービス開発チームで 取り組んでいること
noayaoshiro
0
230
Simplifying Cloud Native app testing across environments with Dapr and Microcks
salaboy
0
110
「Verify with Wallet API」を アプリに導入するために
hinakko
1
260
AWS Top Engineer、浮いてませんか? / As an AWS Top Engineer, Are You Out of Place?
yuj1osm
2
170
20201008_ファインディ_品質意識を育てる役目は人かAIか___2_.pdf
findy_eventslides
2
560
Escaping_the_Kraken_-_October_2025.pdf
mdalmijn
0
150
ガバメントクラウド(AWS)へのデータ移行戦略の立て方【虎の巻】 / 20251011 Mitsutosi Matsuo
shift_evolve
PRO
2
170
社内お問い合わせBotの仕組みと学び
nish01
1
510
SoccerNet GSRの紹介と技術応用:選手視点映像を提供するサッカー作戦盤ツール
mixi_engineers
PRO
1
190
Featured
See All Featured
The Cost Of JavaScript in 2023
addyosmani
53
9k
Reflections from 52 weeks, 52 projects
jeffersonlam
352
21k
Why Our Code Smells
bkeepers
PRO
339
57k
Testing 201, or: Great Expectations
jmmastey
45
7.7k
Code Review Best Practice
trishagee
72
19k
Six Lessons from altMBA
skipperchong
28
4k
Art, The Web, and Tiny UX
lynnandtonic
303
21k
The Straight Up "How To Draw Better" Workshop
denniskardys
237
140k
Bootstrapping a Software Product
garrettdimon
PRO
307
110k
Embracing the Ebb and Flow
colly
88
4.8k
GraphQLの誤解/rethinking-graphql
sonatard
73
11k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
15
1.7k
Transcript
Maltego “Have I Been Pwned?” Christian Heinrich DEFCON China [Beta]
(2018) “Demo Labs” and “Recon Village”
https://www.slideshare.net/cmlh/maltego-have-i-been-pwned https://speakerdeck.com/cmlh/maltego-have-i-been-pwned https://github.com/cmlh/Maltego-haveibeenpwned/tree/master/Presentation Don’t forget to look at each Slide
Note. Latest Slides
https://www.linkedin.com/in/ChristianHeinrich Developer of Local and Remote Maltego Transforms for: @Facebook
@Instagram @Gravatar @RecordedFuture @TAIA Global REDACT™ @VirusTotal @FullContact Python Modules from @CanariProject and @Paterva https://github.com/search?q=user%3Acmlh+Maltego $ whoami
Agenda 1. Integration of the API [v1 and v2], including
“Pwned Passwords” 2. Configuration of Maltego: • Import configuration file • “Transform Hub” 3. Case Studies • Penetration Tester • Incident Responder
“Have I Been Pwned?”
Integrated Single API v1 Endpoint. Supports all API v1 HTTP
Status Codes i.e. 200, 400 and 404. @haveibeenpwned – API v1
@haveibeenpwned – API v1
Integrated API v2 Endpoints: 1. Getting all breaches for an
account 2. Getting all pastes for an account 3. Getting all breached sites in the system 4. Getting a single breached site @haveibeenpwned – API v2
Supports all APIv2 HTTP Status Codes i.e. 200, 400, 403,
404 and 429. Rate Limit • All breaches for an account i.e. e-mail address and alias. • All pastes for an e-mail address @haveibeenpwned – API v2 – Rate Limit
Integrated Single API v1 Endpoint. Supports all API v1 HTTP
Status Codes i.e. 200 and 404. “Pwned Passwords” – API v1
Integrated API v2 Endpoints: • Searching by Password • Searching
by Range Supports all API v1 HTTP Status Codes i.e. 200 and 404. “Pwned Passwords” – API v2
Installation
1. “Account” 1. maltego.EmailAddress 2. maltego.Alias 2. “Site” 1. maltego.Domain
2. Maltego.Phrase @haveibeenpwned – Maltego Input Entities
@haveibeenpwned – maltego.Alias Entity
@haveibeenpwned - Paste
@haveibeenpwned - Paste
@haveibeenpwned – Maltego Machines
@haveibeenpwned – Maltego Machines
@haveibeenpwned – Maltego Machines
@haveibeenpwned – Maltego Machines
@haveibeenpwned – <DisplayInformation>
@haveibeenpwned – <DisplayInformation>
1. haveibeenpwned.Password • Inherits from maltego.Phrase 2. maltego.Hash “Pwned Passwords”
API v2 – Input Entities
“Pwned Passwords” API v2 – Range
@troyhunt of @haveibeenpwned @SudhanshuC of the forked Maltego local transforms
@RoelofTemmingh, @AndrewMohawk and @paulRchds of @Paterva @NoobieDog, @glennzw and @charlvdwalt of @SensePost @dcuthbert Thanks
Maltego “Have I been pwned?” Christian Heinrich Follow me on
Twitter at @cmlh
[email protected]
Latest Slides https://www.slideshare.net/cmlh/maltego-have-i-been-pwned https://speakerdeck.com/cmlh/maltego-have-i-been-pwned https://github.com/cmlh/Maltego-haveibeenpwned/tree/master/Presentation