Chris Hammond-Thrasher, profile picture
Uploaded byChris Hammond-Thrasher
15,360 views

Hacker tool talk: maltego

This document discusses Maltego, a tool for open source intelligence (OSINT) that maps relationships between various objects and gathers information from public sources. It covers features, installation procedures, limitations, legitimate uses, and comparisons with other data-gathering methods. The presentation also includes a demo and resources for further learning about the tool.

Technology
In this document
Powered by AI

Overview of the presentation and agenda for discussing Maltego's functionalities.

Discussion on ethical hacking principles and the definition of Open Source Intelligence (OSINT).

Description of Maltego's features, limitations, and comparisons with other tools in the market.

Introduction to passive reconnaissance methods prior to a potential system or social engineering attack.

Steps for installing Maltego and configuring it with add-ons like Shodan.

A live demonstration of Maltego's functionalities, including menu navigation and target investigation.

Future actions to take, resources for further learning, and practical applications of Maltego at home and work.

Closing remarks and invitation for further engagement from the audience.

Embed presentation

Hacker tool talk: Maltego“Security through knowledge”Chris Hammond-Thrasherchris.hammond-thrasher <at> ca.fujitsu.comFujitsu Edmonton Security LabFebruary 20111Fujitsu Edmonton Security Lab
AgendaWhy are we here?About MaltegoInstalling MaltegoMaltego demoWhat’s next?2Fujitsu Edmonton Security Lab
Why are we here?3Fujitsu Edmonton Security Lab
Ethics and motives“Every single scam in human history has worked for one key reason; the victim did not recognize it as a scam.”- R. Paul Wilson4Fujitsu Edmonton Security Lab
OSINT“Open source intelligence (OSINT) is a form of intelligence collection management that involves finding, selecting, and acquiring information from publicly available sources and analyzing it to produce actionable intelligence.”- Wikipedia5Fujitsu Edmonton Security Lab
About Maltego6Fujitsu Edmonton Security Lab
FeaturesMaps relationships between numerous physical or digital objectsDiscovers information from numerous online sourcesExtensible: Maltego can model relationships between almost anything – add your own “entities”, write your own “transforms” and integrate to other systems with the APIFree Community Version (as in beer and speech) and a powerful commercial version for ~US$700 for the first year7Fujitsu Edmonton Security Lab
LimitationsDoes not search social media sites due to policy restrictions on those sitesDoes not search commercial data sourcesFujitsu Edmonton Security Lab8
Maltego vs. othersYou can manually gather similar data with search engines, DNS, whois, and social media searchesi123people iPhone app (free)Commercial alternatives to MaltegoCEMaltego (commercial)Visual Analytics VisualLinksI2 Group Analyst’s NotebookOthers9Fujitsu Edmonton Security Lab
Legit uses of MaltegoTracking SPAM posts on websites and mailing listsVerifying IT assetsCompetitive intelligence from public sourcesGathering supporting information for individual background checksOther creative uses are possible – it is a flexible tool10Fujitsu Edmonton Security Lab
h4X0r$Passive reconnaissance in advance of a system attackPassive reconnaissance in advance of a social engineering attack11Fujitsu Edmonton Security Lab
Installing Maltego12Fujitsu Edmonton Security Lab
ChoicesCurrent release of Maltego Community Edition is 3.0Easiest: Get latest Backtrack (BT4R2) live CD or VMhttp://www.backtrack-linux.org/downloads/Windows installer with or without Javahttp://www.paterva.com/Linux rpm and deb binary packages availablehttp://www.paterva.com/MacOS coming soon13Fujitsu Edmonton Security Lab
Getting startedInstall via the usual means for your platformStart MaltegoCEdouble-click the icon in Windows maltego-ce from the Linux command lineFujitsu Edmonton Security Lab14
Register and loginFujitsu Edmonton Security Lab15
Update your transformsFujitsu Edmonton Security Lab16
Install the cool Shodan add-onsStep 1: API keyGet a free Shodan API key (free registration required)http://www.shodanhq.com/api_docFujitsu Edmonton Security Lab17
Install the cool Shodan add-onsStep 2: entitiesDownload the entities at: http://maltego.shodanhq.com/downloads/shodan_entities.mtzIn Maltego, select "Manage Entities" in the "Manage" tab.Select "Import..."Locate the "shodan_entities.mtz" file you just downloaded and click "Next".Make sure all entities are checked, and click "Next".Enter "Shodan" as a category for the new entities. Click "Finish".Fujitsu Edmonton Security Lab18
Install the cool Shodan add-onsStep 3: transformsSelect "Discover Transforms" in the "Manage" tab.In the "Name" field, enter "Shodan"As a URL, use: https://cetas.paterva.com/TDS/runner/showseed/shodanClick "Add"Make sure the "Shodan" seed is selected, then click "Next"Again make sure you see "Shodan" selected, then click "Next"You now see a list of transforms that the "Shodan" seed has. Just click "Next"Click "Finish"Fujitsu Edmonton Security Lab19
Maltego demo20Fujitsu Edmonton Security Lab
Maltego demoStarting it upTour through menus and windowsInvestigating a system targetInvestigating a human target21Fujitsu Edmonton Security Lab
What’s next22Fujitsu Edmonton Security Lab
Learn moreRead the Maltego wikihttp://ctas.paterva.com/view/What_is_MaltegoRead the Social-Engineer.org websitehttp://social-engineer.org/Read my old “How do hackers do it?” presentationhttp://www.picisoc.org/tiki-download_file.php?fileId=51&ei=TMI4TcOHBI2WsgOzrZHfAw&usg=AFQjCNH8Y_JPsbADDoOPvlNvPO7udJlmpQ23Fujitsu Edmonton Security Lab
Act locallyAt homeUse MaltegoCE to manage what information you are exposing about yourself onlineYou can request that Google remove content about youhttp://www.google.com/support/bin/answer.py?answer=164734&hl=enMonitor your children’s adherence to the family acceptable usage policy24Fujitsu Edmonton Security Lab
Act locallyAt workUse Maltego to audit public information about corporate systemsTrack down troublesome website or mailing list users (or bots) using publically available information25Fujitsu Edmonton Security Lab
Thank you!Want more presentations like this?Is there a particular tool or hack that you would like to see demoed?Chris Hammond-ThrasherFujitsu Edmonton Security LabEmail: chris.hammond-thrasher <at> ca.fujitsu.comTwitter: thrashor26Fujitsu Edmonton Security Lab
Fujitsu Edmonton Security Lab27

More Related Content

PPT
Information Gathering With Maltego
byTom Eston
 
PDF
Threat-Based Adversary Emulation with MITRE ATT&CK
byKatie Nickels
 
PPTX
osint - open source Intelligence
byOsama Ellahi
 
PDF
OSINT - Open Source Intelligence "Leading Intelligence and Investigation Tech...
byFalgun Rathod
 
PPTX
Basics of Maltego
byYash Diwakar
 
PDF
Maltego
byBhushan Gurav
 
PPTX
Threat hunting - Every day is hunting season
byBen Boyd
 
PPTX
Maltego Information Gathering
bySreekanth Narendran
 
Information Gathering With Maltego
byTom Eston
 
Threat-Based Adversary Emulation with MITRE ATT&CK
byKatie Nickels
 
osint - open source Intelligence
byOsama Ellahi
 
OSINT - Open Source Intelligence "Leading Intelligence and Investigation Tech...
byFalgun Rathod
 
Basics of Maltego
byYash Diwakar
 
Maltego
byBhushan Gurav
 
Threat hunting - Every day is hunting season
byBen Boyd
 
Maltego Information Gathering
bySreekanth Narendran
 

What's hot

PDF
Open Source Intelligence (OSINT)
byfestival ICT 2016
 
PDF
Breach and attack simulation tools
byBangladesh Network Operators Group
 
PPTX
Cyber Threat Hunting Workshop
byDigit Oktavianto
 
PDF
Threat Hunting
bySplunk
 
PPTX
MITRE ATT&CK framework
byBhushan Gurav
 
PDF
OSINT- Leveraging data into intelligence
byDeep Shankar Yadav
 
PPT
Open source intelligence
bybalakumaran779
 
PDF
Cyber Threat Intelligence
byseadeloitte
 
PPTX
Blue Team
byNull Bhubaneswar
 
PPTX
Beginner's Guide to SIEM
byAlienVault
 
PPTX
Let’s hunt the target using OSINT
byChandrapal Badshah
 
PDF
Building Security Operation Center
byS.E. CTS CERT-GOV-MD
 
PDF
SIEM and Threat Hunting
byn|u - The Open Security Community
 
PPTX
Offensive Security basics part 1
bywharpreet
 
PPTX
Cyber Threat Hunting: Identify and Hunt Down Intruders
byInfosec
 
PPTX
Bsides Knoxville - OSINT
byAdam Compton
 
PPTX
Malware analysis
byPrakashchand Suthar
 
PPTX
Threat Hunting with Splunk Hands-on
bySplunk
 
PPTX
Effective Threat Hunting with Tactical Threat Intelligence
byDhruv Majumdar
 
PPT
Digital forensics
byNicholas Davis
 
Open Source Intelligence (OSINT)
byfestival ICT 2016
 
Breach and attack simulation tools
byBangladesh Network Operators Group
 
Cyber Threat Hunting Workshop
byDigit Oktavianto
 
Threat Hunting
bySplunk
 
MITRE ATT&CK framework
byBhushan Gurav
 
OSINT- Leveraging data into intelligence
byDeep Shankar Yadav
 
Open source intelligence
bybalakumaran779
 
Cyber Threat Intelligence
byseadeloitte
 
Blue Team
byNull Bhubaneswar
 
Beginner's Guide to SIEM
byAlienVault
 
Let’s hunt the target using OSINT
byChandrapal Badshah
 
Building Security Operation Center
byS.E. CTS CERT-GOV-MD
 
SIEM and Threat Hunting
byn|u - The Open Security Community
 
Offensive Security basics part 1
bywharpreet
 
Cyber Threat Hunting: Identify and Hunt Down Intruders
byInfosec
 
Bsides Knoxville - OSINT
byAdam Compton
 
Malware analysis
byPrakashchand Suthar
 
Threat Hunting with Splunk Hands-on
bySplunk
 
Effective Threat Hunting with Tactical Threat Intelligence
byDhruv Majumdar
 
Digital forensics
byNicholas Davis
 

Viewers also liked

PDF
Ağ Protokollerine Yönelik Adli Bilişim Analizi
byBGA Cyber Security
 
PPTX
Maltego Webinar Slides
byThreatConnect
 
PDF
Penetrasyon Testlerinde Açık Kod Yazılımların Kullanımı
byBGA Cyber Security
 
PDF
Sızma Testlerinde Armitage Kullanımı
byBGA Cyber Security
 
PDF
Facebook & Twitter API
byFabrice Delhoste
 
DOCX
SIZMA TESTLERİNDE BİLGİ TOPLAMA
byBGA Cyber Security
 
PPTX
Demo of security tool nessus - Network vulnerablity scanner
byAjit Dadresa
 
PPTX
Network sniffers & injection tools
byvishalgohel12195
 
PDF
Introduction to Sentiment Analysis
byJaganadh Gopinadhan
 
PDF
Sentiment Analysis of Twitter Data
bySumit Raj
 
PDF
Nessus Basics
byamiable_indian
 
DOCX
Twitter analysis by Kaify Rais
byAjay Ohri
 
PDF
Real-time Tweet Analysis w/ Maltego Carbon 3.5.3
byShalin Hai-Jew
 
PDF
BlackHat Arsenal 2014 - C-SCAD : Assessing Security Flaws in C-SCAD WebX Clie...
byAditya K Sood
 
PPTX
Sentiment Analysis in Twitter
byAyushi Dalmia
 
PPTX
Twitter api
bykaleem malick
 
PPTX
Extracting and analyzing discussion data with google sheets and google analytics
byMartin Hawksey
 
PPTX
Maltego Magic Workshop - BSides London 2015
byAdam Maxwell
 
ZIP
The Twitter API: A Presentation to Adobe
byAlex Payne
 
PPTX
Sentiment analysis of tweets
byVasu Jain
 
Ağ Protokollerine Yönelik Adli Bilişim Analizi
byBGA Cyber Security
 
Maltego Webinar Slides
byThreatConnect
 
Penetrasyon Testlerinde Açık Kod Yazılımların Kullanımı
byBGA Cyber Security
 
Sızma Testlerinde Armitage Kullanımı
byBGA Cyber Security
 
Facebook & Twitter API
byFabrice Delhoste
 
SIZMA TESTLERİNDE BİLGİ TOPLAMA
byBGA Cyber Security
 
Demo of security tool nessus - Network vulnerablity scanner
byAjit Dadresa
 
Network sniffers & injection tools
byvishalgohel12195
 
Introduction to Sentiment Analysis
byJaganadh Gopinadhan
 
Sentiment Analysis of Twitter Data
bySumit Raj
 
Nessus Basics
byamiable_indian
 
Twitter analysis by Kaify Rais
byAjay Ohri
 
Real-time Tweet Analysis w/ Maltego Carbon 3.5.3
byShalin Hai-Jew
 
BlackHat Arsenal 2014 - C-SCAD : Assessing Security Flaws in C-SCAD WebX Clie...
byAditya K Sood
 
Sentiment Analysis in Twitter
byAyushi Dalmia
 
Twitter api
bykaleem malick
 
Extracting and analyzing discussion data with google sheets and google analytics
byMartin Hawksey
 
Maltego Magic Workshop - BSides London 2015
byAdam Maxwell
 
The Twitter API: A Presentation to Adobe
byAlex Payne
 
Sentiment analysis of tweets
byVasu Jain
 

Similar to Hacker tool talk: maltego

PDF
OSINT for Attack and Defense
byAndrew McNicol
 
PPTX
OSINT Tool - Reconnaissance with Maltego
byRaghav Bisht
 
PPTX
Maltego
bypenetration Tester
 
PPT
Pen-Testing.ppt about cyber security pnetesting
bypatelvedant1080
 
PDF
[CB19] Deep Exploit: Fully Automatic Penetration Test Tool Using Reinforcemen...
byCODE BLUE
 
PDF
Intro2 malwareanalysisshort
byVincent Ohprecio
 
PPTX
Cyber Threat Intelligence
byJames581435
 
PPTX
maltego ppt.pptx maltego ppt is based on cyber security
byshrutishreemahato
 
PDF
(Ebook) Learning Kali Linux by Ric Messier
byfiukerlet
 
PDF
Hacker tool talk: kismet
byChris Hammond-Thrasher
 
PDF
Advanced Analytics and Machine Learning with Data Virtualization
byDenodo
 
PPTX
information Gathering using Maltego.pptx
byDrEGayathri
 
PPTX
What do Wardley Maps mean to me? (Map Camp 2020)
bySteve Purkis
 
PPTX
Sploitego
byLondon School of Cyber Security
 
PDF
Finding the needle in the haystack: how Nestle is leveraging big data to defe...
byBig Data Spain
 
PDF
Kali Linux, Introduction to Ethical Hacking and Penetration Tools
byRassoul Ghaznavi Zadeh
 
PPTX
Hands-On Security Breakout Session- ES Guided Tour
bySplunk
 
PPTX
Hands-On Security Breakout Session- ES Guided Tour
bySplunk
 
PPTX
SANSFIRE18: War Stories on Using Automated Threat Intelligence for Defense
byJohn Bambenek
 
PPTX
Malformity BsidesBoston2013
bydigital4rensics
 
OSINT for Attack and Defense
byAndrew McNicol
 
OSINT Tool - Reconnaissance with Maltego
byRaghav Bisht
 
Maltego
bypenetration Tester
 
Pen-Testing.ppt about cyber security pnetesting
bypatelvedant1080
 
[CB19] Deep Exploit: Fully Automatic Penetration Test Tool Using Reinforcemen...
byCODE BLUE
 
Intro2 malwareanalysisshort
byVincent Ohprecio
 
Cyber Threat Intelligence
byJames581435
 
maltego ppt.pptx maltego ppt is based on cyber security
byshrutishreemahato
 
(Ebook) Learning Kali Linux by Ric Messier
byfiukerlet
 
Hacker tool talk: kismet
byChris Hammond-Thrasher
 
Advanced Analytics and Machine Learning with Data Virtualization
byDenodo
 
information Gathering using Maltego.pptx
byDrEGayathri
 
What do Wardley Maps mean to me? (Map Camp 2020)
bySteve Purkis
 
Sploitego
byLondon School of Cyber Security
 
Finding the needle in the haystack: how Nestle is leveraging big data to defe...
byBig Data Spain
 
Kali Linux, Introduction to Ethical Hacking and Penetration Tools
byRassoul Ghaznavi Zadeh
 
Hands-On Security Breakout Session- ES Guided Tour
bySplunk
 
Hands-On Security Breakout Session- ES Guided Tour
bySplunk
 
SANSFIRE18: War Stories on Using Automated Threat Intelligence for Defense
byJohn Bambenek
 
Malformity BsidesBoston2013
bydigital4rensics
 

More from Chris Hammond-Thrasher

PPTX
Hacker tooltalk: Social Engineering Toolkit (SET)
byChris Hammond-Thrasher
 
ODP
Infosec Workshop - PacINET 2007
byChris Hammond-Thrasher
 
PPTX
Alice and bob: Love & the most important crypto on the net
byChris Hammond-Thrasher
 
PPT
Introduction to Green IT
byChris Hammond-Thrasher
 
PDF
Hacker tool talk: kismet
byChris Hammond-Thrasher
 
PPT
How hackers do it
byChris Hammond-Thrasher
 
PPTX
Six health privacy experiments that should *NEVER* be caried out
byChris Hammond-Thrasher
 
PPTX
hackers vs suits
byChris Hammond-Thrasher
 
PPTX
Spiritualists, magicians and security vendors
byChris Hammond-Thrasher
 
ODP
Open Source Library Software
byChris Hammond-Thrasher
 
ODP
Popular GIS
byChris Hammond-Thrasher
 
PDF
Popular GIS: a webliography
byChris Hammond-Thrasher
 
Hacker tooltalk: Social Engineering Toolkit (SET)
byChris Hammond-Thrasher
 
Infosec Workshop - PacINET 2007
byChris Hammond-Thrasher
 
Alice and bob: Love & the most important crypto on the net
byChris Hammond-Thrasher
 
Introduction to Green IT
byChris Hammond-Thrasher
 
Hacker tool talk: kismet
byChris Hammond-Thrasher
 
How hackers do it
byChris Hammond-Thrasher
 
Six health privacy experiments that should *NEVER* be caried out
byChris Hammond-Thrasher
 
hackers vs suits
byChris Hammond-Thrasher
 
Spiritualists, magicians and security vendors
byChris Hammond-Thrasher
 
Open Source Library Software
byChris Hammond-Thrasher
 
Popular GIS
byChris Hammond-Thrasher
 
Popular GIS: a webliography
byChris Hammond-Thrasher
 

Recently uploaded

PDF
Automating ArcGIS Enterprise Compliance for Operational Excellence
bySafe Software
 
PPTX
Expanding Your Toolbox: Beginners Guide to Controlling Kubernetes Logs
byEric D. Schabell
 
PDF
Transparency Exchange API: How Do You Find the SBOM for a Smart Light Bulb?
byPavel Shukhman
 
PDF
Revolutionizing SQL Database Design for the Modern Era.pdf
bySQL DBM
 
PDF
Q3'25 Financial Results and Earnings Presentation
byDropbox
 
PDF
WebXR in Android and Linux with OpenXR
byIgalia
 
PDF
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 
PDF
Database Performance at Scale: The TL;DR
byScyllaDB
 
PDF
Dr. Robert Krug - Specializes In Predictive Modeling
byDr. Robert Krug
 
PDF
Career Blueprint: Mentor Tracks & Career Clinic - Part 2
byDianaGray10
 
PDF
Manage Local Users and Groups - RHCSA (RH124)
byLinuxCert Guru
 
PDF
Manage Files Using CLI - RHCSA (RH124).pdf
byLinuxCert Guru
 
PDF
ENTSO-E's Response to the European Commission Call for Evidence on the Strate...
byReynir Orn Bachmann Gudmundsson
 
PDF
Wrapping up unowned UTF8 C strings: CStringView
byIgalia
 
PDF
Install and Update Software - RHCSA (RH124).pdf
byLinuxCert Guru
 
PDF
Access Linux File System in RHEL - RHCSA (RH124).pdf
byLinuxCert Guru
 
PDF
Analyze and Store Logs - RHCSA (RH124).pdf
byLinuxCert Guru
 
PDF
Configure and Secure SSH - RHCSA (RH124).pdf
byLinuxCert Guru
 
PDF
Catalog Data - Keys to the Kingdom.pdf‎ ‎
byPrecisely
 
PDF
"Visual Guide to DSA: Big O Notation, Data Structures, and Algorithms Fundame...
byNusrat Gulbarga
 
Automating ArcGIS Enterprise Compliance for Operational Excellence
bySafe Software
 
Expanding Your Toolbox: Beginners Guide to Controlling Kubernetes Logs
byEric D. Schabell
 
Transparency Exchange API: How Do You Find the SBOM for a Smart Light Bulb?
byPavel Shukhman
 
Revolutionizing SQL Database Design for the Modern Era.pdf
bySQL DBM
 
Q3'25 Financial Results and Earnings Presentation
byDropbox
 
WebXR in Android and Linux with OpenXR
byIgalia
 
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 
Database Performance at Scale: The TL;DR
byScyllaDB
 
Dr. Robert Krug - Specializes In Predictive Modeling
byDr. Robert Krug
 
Career Blueprint: Mentor Tracks & Career Clinic - Part 2
byDianaGray10
 
Manage Local Users and Groups - RHCSA (RH124)
byLinuxCert Guru
 
Manage Files Using CLI - RHCSA (RH124).pdf
byLinuxCert Guru
 
ENTSO-E's Response to the European Commission Call for Evidence on the Strate...
byReynir Orn Bachmann Gudmundsson
 
Wrapping up unowned UTF8 C strings: CStringView
byIgalia
 
Install and Update Software - RHCSA (RH124).pdf
byLinuxCert Guru
 
Access Linux File System in RHEL - RHCSA (RH124).pdf
byLinuxCert Guru
 
Analyze and Store Logs - RHCSA (RH124).pdf
byLinuxCert Guru
 
Configure and Secure SSH - RHCSA (RH124).pdf
byLinuxCert Guru
 
Catalog Data - Keys to the Kingdom.pdf‎ ‎
byPrecisely
 
"Visual Guide to DSA: Big O Notation, Data Structures, and Algorithms Fundame...
byNusrat Gulbarga
 

Hacker tool talk: maltego

  • 1.
    Hacker tool talk:Maltego“Security through knowledge”Chris Hammond-Thrasherchris.hammond-thrasher <at> ca.fujitsu.comFujitsu Edmonton Security LabFebruary 20111Fujitsu Edmonton Security Lab
  • 2.
    AgendaWhy are wehere?About MaltegoInstalling MaltegoMaltego demoWhat’s next?2Fujitsu Edmonton Security Lab
  • 3.
    Why are wehere?3Fujitsu Edmonton Security Lab
  • 4.
    Ethics and motives“Everysingle scam in human history has worked for one key reason; the victim did not recognize it as a scam.”- R. Paul Wilson4Fujitsu Edmonton Security Lab
  • 5.
    OSINT“Open source intelligence(OSINT) is a form of intelligence collection management that involves finding, selecting, and acquiring information from publicly available sources and analyzing it to produce actionable intelligence.”- Wikipedia5Fujitsu Edmonton Security Lab
  • 6.
  • 7.
    FeaturesMaps relationships betweennumerous physical or digital objectsDiscovers information from numerous online sourcesExtensible: Maltego can model relationships between almost anything – add your own “entities”, write your own “transforms” and integrate to other systems with the APIFree Community Version (as in beer and speech) and a powerful commercial version for ~US$700 for the first year7Fujitsu Edmonton Security Lab
  • 8.
    LimitationsDoes not searchsocial media sites due to policy restrictions on those sitesDoes not search commercial data sourcesFujitsu Edmonton Security Lab8
  • 9.
    Maltego vs. othersYoucan manually gather similar data with search engines, DNS, whois, and social media searchesi123people iPhone app (free)Commercial alternatives to MaltegoCEMaltego (commercial)Visual Analytics VisualLinksI2 Group Analyst’s NotebookOthers9Fujitsu Edmonton Security Lab
  • 10.
    Legit uses ofMaltegoTracking SPAM posts on websites and mailing listsVerifying IT assetsCompetitive intelligence from public sourcesGathering supporting information for individual background checksOther creative uses are possible – it is a flexible tool10Fujitsu Edmonton Security Lab
  • 11.
    h4X0r$Passive reconnaissance inadvance of a system attackPassive reconnaissance in advance of a social engineering attack11Fujitsu Edmonton Security Lab
  • 12.
  • 13.
    ChoicesCurrent release ofMaltego Community Edition is 3.0Easiest: Get latest Backtrack (BT4R2) live CD or VMhttp://www.backtrack-linux.org/downloads/Windows installer with or without Javahttp://www.paterva.com/Linux rpm and deb binary packages availablehttp://www.paterva.com/MacOS coming soon13Fujitsu Edmonton Security Lab
  • 14.
    Getting startedInstall viathe usual means for your platformStart MaltegoCEdouble-click the icon in Windows maltego-ce from the Linux command lineFujitsu Edmonton Security Lab14
  • 15.
    Register and loginFujitsuEdmonton Security Lab15
  • 16.
    Update your transformsFujitsuEdmonton Security Lab16
  • 17.
    Install the coolShodan add-onsStep 1: API keyGet a free Shodan API key (free registration required)http://www.shodanhq.com/api_docFujitsu Edmonton Security Lab17
  • 18.
    Install the coolShodan add-onsStep 2: entitiesDownload the entities at: http://maltego.shodanhq.com/downloads/shodan_entities.mtzIn Maltego, select "Manage Entities" in the "Manage" tab.Select "Import..."Locate the "shodan_entities.mtz" file you just downloaded and click "Next".Make sure all entities are checked, and click "Next".Enter "Shodan" as a category for the new entities. Click "Finish".Fujitsu Edmonton Security Lab18
  • 19.
    Install the coolShodan add-onsStep 3: transformsSelect "Discover Transforms" in the "Manage" tab.In the "Name" field, enter "Shodan"As a URL, use: https://cetas.paterva.com/TDS/runner/showseed/shodanClick "Add"Make sure the "Shodan" seed is selected, then click "Next"Again make sure you see "Shodan" selected, then click "Next"You now see a list of transforms that the "Shodan" seed has. Just click "Next"Click "Finish"Fujitsu Edmonton Security Lab19
  • 20.
  • 21.
    Maltego demoStarting itupTour through menus and windowsInvestigating a system targetInvestigating a human target21Fujitsu Edmonton Security Lab
  • 22.
  • 23.
    Learn moreRead theMaltego wikihttp://ctas.paterva.com/view/What_is_MaltegoRead the Social-Engineer.org websitehttp://social-engineer.org/Read my old “How do hackers do it?” presentationhttp://www.picisoc.org/tiki-download_file.php?fileId=51&ei=TMI4TcOHBI2WsgOzrZHfAw&usg=AFQjCNH8Y_JPsbADDoOPvlNvPO7udJlmpQ23Fujitsu Edmonton Security Lab
  • 24.
    Act locallyAt homeUseMaltegoCE to manage what information you are exposing about yourself onlineYou can request that Google remove content about youhttp://www.google.com/support/bin/answer.py?answer=164734&hl=enMonitor your children’s adherence to the family acceptable usage policy24Fujitsu Edmonton Security Lab
  • 25.
    Act locallyAt workUseMaltego to audit public information about corporate systemsTrack down troublesome website or mailing list users (or bots) using publically available information25Fujitsu Edmonton Security Lab
  • 26.
    Thank you!Want morepresentations like this?Is there a particular tool or hack that you would like to see demoed?Chris Hammond-ThrasherFujitsu Edmonton Security LabEmail: chris.hammond-thrasher <at> ca.fujitsu.comTwitter: thrashor26Fujitsu Edmonton Security Lab
  • 27.

Editor's Notes

  • #6 In the intelligence community (IC), the term &quot;open&quot; refers to overt, publicly available sources (as opposed to covert or classified sources); it is not related to open-source software or public intelligence.