Skip to main content

Posts

Showing posts from November, 2010

Massive speed and memory improvements

Today marks the last day of working on speed / load / memory improvements for Maltego 3.0.3. The rest of the time is dedicated to bug fixes. We think we're at the edge of the 80/20 boundary on this. And it holds true - in roughly 4 weeks we've made MASSIVE improvements on the speed and load performance of Maltego. 3.0.3 is FASSST. The last performance release I tested was blindly fast and yet we haven't looked at things like caching results, link compression and license key caching. So there is room to optimize even more.

I am super excited about 3.0.3. Even though there are no new features, it's something we should have done a long time ago. You'll see the difference straight away....

Transform Tuesday++ : Facebook,SOA,SPF and Shodan integration!

Hey guys,

Transform Tuesday is here again! Sure it might be a Wednesday, but unfortunately the Fremont data center that two of our Linodes are hosted on went down yesterday (http://status.linode.com/2010/11/fremont-power-issues-rfo.html) !

None the less, there is a small possibility that it's Tuesday somewhere in the world, much like the fabled "it's 5 o'clock somewhere in the world".

This installment has a bunch of new transforms and I'm going to show off some that @achillean did integrating both Shodan and Exploit-db! Our transforms show integration with the Facebook graphAPI as well as some new DNS transforms (SPF and SOA).

Lets get to the good stuff!

Facebook GraphAPI:
I'd like to preface this by saying that we are not trying to break the terms of use of Facebook and we think that we completely abide by the principles listed on http://developers.facebook.com/policy/:
Create a great user experienceBuild social and engaging applicationsGive users choice and co…

Maltego 3.0.3 is looming

3.0.3 What's in there and when it's released
Maltego 3.0.3 will be released before the end of this year (or perhaps in the first week of 2011). There is good news and bad news. The bad news is that 3.0.3 will not really have any new features. The good news is that it is a 'performance and stability' release. Which means - it will be fast. Very fast. And stable, very stable.

We've been working for the last 3 weeks with one goal in mind - making Maltego work better with large graphs. The target is to comfortably work with 10K node graphs on a 1GB JVM and Dual Core processor. And we're getting there. Of course, if you happen to own an I7 with 8GB of RAM, your experience will be much better and you'll be able to handle many more nodes. The side effect is that smaller graphs will be super fast to navigate, select and run transforms on.

We've also made a list of 'well known bugs' that have never made it to the priority list. Things that irritate us but t…

New infra enum transforms - with sweet example

We're happy to release a couple of simple transforms via the TDS that assist with the foot printing / enumeration of infrastructure. These are:

NetblockToNetblocksEssentially this transform breaks large networks into smaller chunks of networks. This is useful when you have transforms (such as reverse DNS, portscans etc) that only works on class C networks...and you are stuck with a class B.

NetblockToIPsShows every IP within the netblock as a separate IP address entity. Useful when you need to run a transform on an IP address itself, and want to repeat the process over all the IP addresses in the network. An example of this will follow.

WebsitetoDNSNameNStoDNSNameMXtoDNSNameThese transform simply converts the NS,MX or website to a DNS name so that the enumerate numerically transform can work on it. In other words - see the next transform..

enumerateHostNamesNumericallyThis transform will test for the existence of DNS names that end with the same name, but another number. As example - …

Free BuiltWith.com Transforms!

Builtwith.com is a fantastic site for enumerating technologies used on a website, things such as JQuery, Google analytics and additional server information such as the type (Apache/IIS).

For example, if you had to perform a lookup for www.paterva.com/web5/ you will receive a results page (as seen on the left). This page includes that our website uses/is run on:
ApacheUbuntuMod_SSL
JQueryGoogle Analytics

But why Andrew, WHY?
So out the bag this may not seem that exciting, anyone could simply go and have a look at the source of a website and look for keywords relating to the technology, or even look for key directories (Wordpress' /wp-admin/ directory for example).

However imagine you were looking at a large number of websites, in this example gov.za space ( I placed a domain 'gov.za' onto my graph and then ran the "To Website DNS [using Search Engine]" Transform with my slider set to 255):



How would you correlate which technologies were being used with which websites? We…

Transform Tuesdays! Free Maltego Transforms!

Yes, it's not nearly as popular (yet) as Patch Tuesday, but at least it's an alliteration.

We have been working on a bunch of new TDS based transforms that we would like to share with the community in the hope that the community responds with more transforms of their own.

Today we will be releasing two sets of transforms:

BuiltWith.com integration via their fantastic API
Enumerate server side technologies of Websites and URLs. These include things like CMS (Joomla, Wordpress), Server information (Apache, IIS) and other technologies used (Jquery, Youtube, Silverlight, etc)

Various useful infrastructure transforms
Couple of transforms to help with infrastructure enumeration including Netblock to IP addresses and Netblock to Netblocks.

How do I use these Transforms within Maltego?
You will need two things to use any of the upcoming TDS transforms (and any we post in the future).

Maltego Entity Objects file (mtz) with any custom entities that are used for these transforms. NOTE: This is on…