Sploitego

Saturday, April 8, 2023 1

Sploitego - Maltego’s (Local) Partner in Crime

Presented by Nadeem Douba

@ndouba | ndouba@gmail.com

2

Situated in Ottawa, ON, Canada Work at Cygnos Information Security as Pen-

Tester◦ Subsidiary of Raymond Chabot Grant Thornton

Open Source Intelligence (OSInt)/Data Science Fanatic!

Open Source Software Fanatic: https://github.com/allfro

Credentials?◦ Yes I sold my soul to the devil…

About Me

Saturday, April 8, 2023@ndouba | ndouba@gmail.com

A Brief Intro to Maltego What is Sploitego? Why Sploitego? Cool Demos Installing Sploitego on Backtrack Creating Your Own Transforms Wrap Up Questions

Saturday, April 8, 2023 3

Overview

@ndouba | ndouba@gmail.com

Brief Intro to MaltegoFor those who are not familiar…

Saturday, April 8, 2023 4@ndouba | ndouba@gmail.com

What is Sploitego?Sounds interesting…

Saturday, April 8, 2023 5@ndouba | ndouba@gmail.com

Saturday, April 8, 2023 6

Pure Awesomeness!

@ndouba | ndouba@gmail.com

Pen-test transforms for Maltego!◦ Transforms for all stages

Built with Python and Canari Framework◦ Rapid Development Local Transform Framework

Saturday, April 8, 2023 7

What is Sploitego?

@ndouba | ndouba@gmail.com

Why Sploitego?Hasn’t this been done before?

Saturday, April 8, 2023 8@ndouba | ndouba@gmail.com

Open Source Intelligence (OSInt) gathering is a big part of our assessments.

Information we collect about our targets can break them.

Most OSINT tools work with Public information repositories.

What if you are working with something Private?

Saturday, April 8, 2023@ndouba | ndouba@gmail.com 9

Why Sploitego?

Saturday, April 8, 2023 10

Remote Transforms

@ndouba | ndouba@gmail.com

Saturday, April 8, 2023@ndouba | ndouba@gmail.com 11

Local Transforms

12

Why use Local Transforms?

Pros Cons

Full Client-side Control Maintain Privacy Great Data Visibility

✗ Processing Overhead✗ Development✗ IP Disclosure

Saturday, April 8, 2023@ndouba | ndouba@gmail.com

What can be done with a Local Transform…

That can’t already be done with a remote transform?

Saturday, April 8, 2023@ndouba | ndouba@gmail.com 13

Installing SploitegoOn Backtrack…

Saturday, April 8, 2023@ndouba | ndouba@gmail.com 14

Saturday, April 8, 2023 15

Did Someone Say Demo?

Sploitego DNS Transforms

@ndouba | ndouba@gmail.com

Saturday, April 8, 2023 16

Nmap It!Service Discovery Demo

@ndouba | ndouba@gmail.com

Saturday, April 8, 2023 17

Nessus It!Vulnerability Discovery Demo

@ndouba | ndouba@gmail.com

Saturday, April 8, 2023 18

Writing your own Transforms…

With the Canari Framework!

@ndouba | ndouba@gmail.com

Malformity by Keith Gilbert and team:◦ https://github.com/digital4rensics/Malformity

NWMaltego, PaMalt, and CuckooForCanari by J. David Bressler and Rich Popson:◦ https://github.com/bostonlink/nwmaltego_canari◦ https://github.com/bostonlink/pamalt_canari◦ https://github.com/bostonlink/cuckooforcanari

CookieGrabber by Adam Maxwell:◦ https://github.com/catalyst256/canariCookieGrabber

Saturday, April 8, 2023@ndouba | ndouba@gmail.com 19

What Others Have Done with Canari

Canari Websites:◦ http://www.canariproject.com◦ https://forums.canariproject.com

Limited Documentation:◦ https://github.com/allfro/canari ◦ https://github.com/allfro/sploitego

Youtube Channel:◦ http://youtube.com/allfro

Source Code/Bugging me

Saturday, April 8, 2023 20

Where to Look for More Info!

@ndouba | ndouba@gmail.com

21

Email: ndouba@gmail.com Twitter: @ndouba Skype: nadeem.douba

Drop me a Line

Saturday, April 8, 2023@ndouba | ndouba@gmail.com

22

Paterva:◦ Andrew MacPherson (Mohawk)◦ Roelof Temmingh (RT)

Cygnos/RCGTCI The Security Community

Kudos to…

Saturday, April 8, 2023@ndouba | ndouba@gmail.com

Saturday, April 8, 2023 23

Thanks for Attending!Questions in Q&A

@ndouba | ndouba@gmail.com