Skip to main content

Posts

Showing posts from February, 2015

Building your own LovelyHorse monitoring system with Maltego (even the free version) - it's easy!

Someone linked me to the [LovelyHorse] thingy. If you missed it - it's basically a GCHQ NSA document that was leaked containing a list of a few security related Twitter accounts that the GCHQ NSA was supposedly monitoring. Seeing that, since the last release, we have some interesting Twitter functionality in Maltego, I figured it be interesting to see how we can replicate their work.

First - manually

Before even starting with Maltego I first spent some time thinking about what I really wanted from this and did it all by hand (still in Maltego, but before we start to automate the process). As a start I'd need to get the people's Twitter handles. Well that's easy - the document lists them all. In Maltego I can start with an alias and run the transform 'AliasToTwitterUser' to get the actual Twitter handle:


I want to get the Tweets that the people wrote. There's a transform for that too - 'To Tweets [that this person wrote]'.


OK great - now I have the la…

Calling all transform writers! and Maltego Chlorine details! and MORE!

All,

In a few weeks we'll be releasing a new version of Maltego. We're calling it Maltego CHLORINE! (we're sure the malware analyst will love the name as ...you know...chlorine..germs...bugs....that.)



There are SO many new things. Where to start...??..But - let's start at 1).

1. New context menu
We've totally redesigned the context menu. The main reason for this is that it was getting a bit cumbersome / fat / lazy / had too many Doritos. If you had a lot of transforms you had to really know your way around the GUI to find them all. We took some time, looked at what users mainly use and designed this:

After some weeks of tweaking the design it ended up looking like this in the GUI:

We think it rocks and you will too. YOU WILL LIKE IT! and if you don't YOU WILL LEARN TO LIKE IT! Like cauliflower and Brussels sprouts. No actually, if we're serious, it's a vast improvement from the previous context menu.
2. Java 8 support. Yeah - eventually. The reason this t…