Maltego
Snoopy with Mana
In 2011 Glenn and Daniel released Snoopy, a set of tools for tracking and visualising wireless client activity. However, the Snoopy project is no longer maintained. This blog entry is about how I got Snoopy-like functionality built into Mana.
Snoopy’s core functionality was to observe probe requests for remembered networks from wireless clients, although it ended up doing much more.
The problem tools like Snoopy face, is that they can’t monitor the whole 2.4Ghz wireless spectrum for probe requests, without the use of multiple wireless cards. So they channel hop to make sure they see probes on multiple channels. In the 2.4Ghz range this wasn’t terrible, because the channels overlap, which means you didn’t have to tune in to all 11 or 14 (depending on location) channels individually to see probes across the spectrum. So while you may have missed a few probe requests, you didn’ t miss many.
Sensepost Maltego Toolkit: Skyper
Collecting and performing Open Source Intelligence (OSINT) campaigns from a wide array of public sources means ensuring your sources contain the most up to date information relating to your target. Skype, with over 300 million users, can be a vital source if used correctly.
The above graphic shows over 70 million active members and over 500 million users that have registered!.
As with all things online, many users leak sensitive information about themselves that those with the right skills, could harvest.
Maltego Webinar Series: Episode 01, Introduction
Hello Internet,
We’re going to be hosting monthly Maltego webinar sessions, and our first one is this Friday (24th April)! Being our first episode we’re going to start with the basics of the basics. Our agenda is as follows:
What is Maltego? Why Maltego? Where can I get it? How does this user interface work? What are these Maltego terms and buzzwords? What’s a transform and how I can run one? Bonus round! Sign up here if you’d like to join us:
Lovely Pwnies – Twitter Monitor
Recently there were revelations about a GHCQ initiative called ‘Lovely Horses’ to monitor certain hackers’ Twitter handles. The guys over at Paterva quickly whipped up a Maltego Machine to replicate this:
Building your own LovelyHorse monitoring system with Maltego (even the free version) – it’s easy!
We’ve wrapped some supporting transforms around that Machine to allow you to create and manage your own set of lovely horses (Twitter accounts), and dubbed it ‘Lovely Pwnies’. You can obtain the transforms and original Machine via the new Maltego Transform Hub.
Commercial Snoopy Launch! [ ShadowLightly ]
Hello world!
We’ve been busy squireling away on a much requested project – a commercial Snoopy offering. We’ve called it ShadowLightly, and we’d like to invite you to join the beta explorer program. We’re going to offer ten 3-month trials to the site (you’d need to buy sensors / build your own), and in return we’d ask that you help us debug any issues. To apply, please email explorer@shadowlightly.com – introduce yourself, and tell us a little about why you’d like to join the program.
SensePost partners with Paterva to offer improved security intelligence
We’ve been big fans of Maltego and the team at Paterva for a very long time now, and we frequently use this powerful tool for all kinds of fun and interesting stuff, like
Using Maltego to explore threat & vulnerability data; Snoopy: A distributed tracking and profiling framework, ‘Scraping’ time servers; Using Maltego to Data Mine Twitter; and even an analyse on the Use of Social Media by ISIS. We go way back with Andrew and Roelof, who was in fact a founder of SensePost, so today we’re super excited to be able to announce a new, strengthened partnership with them under which we have been accredited as an Approved Maltego Solutions Provider. Basically this means the that with Paterva’s help we plan to use the powerful Maltego toolset to become better at our job – that is to provide information and information systems to our customer with which they can make sound security decisions. Here’s the official news:
Page 1 of 1