Presented at
Black Hat USA 2013,
July 31, 2013, 3:30 p.m.
(60 minutes)
Maltego has always been a strong favorite for pre-attack intelligence gathering - be that for social engineering, doxing or for infrastructure mapping. Indeed it's earned its rightful place in the Kali Linux top 10 tools.
For as long as we can remember we at Paterva were annoyed that Maltego lacked the ability to share intelligence effectively. Up to now the only way to share graphs was to send the actual files around. This is all about to change - with Maltego Tungsten. The Tungsten release (at BlackHat) allows multiple users to share graphs in real time. This creates interesting opportunities and new workflows - suddenly we can have a team of analysts and/or pen testers working together in real time and on the same goal. Be it profiling (or 'doxing') a human target or attacking a network - with real time graph sharing we now have a platform where information can be safely (and anonymously) shared as it happens. The other lacking aspect of Maltego was real bite. In the past we purposely stayed away from all out attack - concentrating rather on info gathering. In this talk we'll also show how to integrate Maltego with industry standard attack tools. This will range from infrastructure attacks, web platform attack and remote Trojans to social engineering as well as denial of service. Combine human intelligence, machines (introduced in Radium release) and real time collaboration with these powerful transforms and wait... oh noes...we've created a monster!!
Presenters:
-
Andrew MacPherson
- Paterva
Andrew Macpherson is the operations manager at Paterva. He completed a degree in Information Science (BiS) at the University of Pretoria in 2006 and set out into the world building web apps. This experience gave him an excellent understanding of how they work and opened his eyes as to how they can be leveraged for information. It was during this time that Roelof Temmingh flagged him as someone that would be a valuable asset to Paterva and picked him up in 2007/8. Since then he has been coding transforms, improving the open source intelligence and making tea. He is very passionate about the product and accepts all challenges. Andrew has an unhealthy obsession with information mapping and forensics.
-
Roelof Temmingh
- Paterva
Roelof Temmingh has been working in the security industry for the last 15 years. He started SensePost with some friends in 2000, left SensePost in 2007 and has been running Paterva ever since. He developed many successful security assessment tools, contributed to several books and spoke at numerous international security conferences (Black Hat and Bluehat, Cansecwest, Defcon, FIRST, Ekoparty, RSA, HiTB, Ruxcon amongst others). Recently Roelof is mainly thinking about intelligence and information gathering, virtual identities and social botnets. He likes to create new and innovative technology is and the driving force behind Maltego.
Links:
Similar Presentations: