The document is a presentation by Nadeem Douba that introduces 'Sploitego', a tool associated with Maltego for open source intelligence gathering and penetration testing. It discusses the advantages and disadvantages of using local transforms for data collection, and showcases various demos including DNS and vulnerability discovery. The presentation also provides links to related tools, websites, and frameworks within the security community.

1. Presented by Nadeem Douba
1Monday, July 29, 2013@ndouba | ndouba@gmail.com

2.  Situated in Ottawa, ON, Canada
 Work at Cygnos Information Security as Pen-
Tester
◦ Subsidiary of Raymond Chabot Grant Thornton
 Open Source Intelligence (OSInt)/Data Science
Fanatic!
 Open Source Software Fanatic:
https://github.com/allfro
 Credentials?
◦ Yes I sold my soul to the devil…
2Monday, July 29, 2013@ndouba | ndouba@gmail.com

3.  A Brief Intro to Maltego
 What is Sploitego?
 Why Sploitego?
 Cool Demos
 Installing Sploitego on Backtrack
 Creating Your Own Transforms
 Wrap Up
 Questions
Monday, July 29, 2013 3@ndouba | ndouba@gmail.com

4. For those who are not familiar…
Monday, July 29, 2013 4@ndouba | ndouba@gmail.com

5. Sounds interesting…
Monday, July 29, 2013 5@ndouba | ndouba@gmail.com

6. Monday, July 29, 2013 6@ndouba | ndouba@gmail.com

7.  Pen-test transforms for Maltego!
◦ Transforms for all stages
 Built with Python and Canari Framework
◦ Rapid Development Local Transform Framework
Monday, July 29, 2013 7@ndouba | ndouba@gmail.com

8. Hasn’t this been done before?
Monday, July 29, 2013 8@ndouba | ndouba@gmail.com

9.  Open Source Intelligence (OSInt) gathering is
a big part of our assessments.
 Information we collect about our targets can
break them.
 Most OSINT tools work with Public
information repositories.
 What if you are working with something
Private?
Monday, July 29, 2013@ndouba | ndouba@gmail.com 9

10. Monday, July 29, 2013 10@ndouba | ndouba@gmail.com

11. Monday, July 29, 2013@ndouba | ndouba@gmail.com 11

12. Pros Cons
 Full Client-side Control
 Maintain Privacy
 Great Data Visibility
✗ Processing Overhead
✗ Development
✗ IP Disclosure
Monday, July 29, 2013 12@ndouba | ndouba@gmail.com

13. That can’t already be done with a remote transform?
Monday, July 29, 2013@ndouba | ndouba@gmail.com 13

14. On Backtrack…
Monday, July 29, 2013@ndouba | ndouba@gmail.com 14

15. Sploitego DNS Transforms
Monday, July 29, 2013 15@ndouba | ndouba@gmail.com

16. Service Discovery Demo
Monday, July 29, 2013 16@ndouba | ndouba@gmail.com

17. Vulnerability Discovery Demo
Monday, July 29, 2013 17@ndouba | ndouba@gmail.com

18. With the Canari Framework!
Monday, July 29, 2013 18@ndouba | ndouba@gmail.com

19.  Malformity by Keith Gilbert and team:
◦ https://github.com/digital4rensics/Malformity
 NWMaltego, PaMalt, and CuckooForCanari by J.
David Bressler and Rich Popson:
◦ https://github.com/bostonlink/nwmaltego_canari
◦ https://github.com/bostonlink/pamalt_canari
◦ https://github.com/bostonlink/cuckooforcanari
 CookieGrabber by Adam Maxwell:
◦ https://github.com/catalyst256/canariCookieGrabber
Monday, July 29, 2013@ndouba | ndouba@gmail.com 19

20.  Canari Websites:
◦ http://www.canariproject.com
◦ https://forums.canariproject.com
 Limited Documentation:
◦ https://github.com/allfro/canari
◦ https://github.com/allfro/sploitego
 Youtube Channel:
◦ http://youtube.com/allfro
 Source Code/Bugging me
Monday, July 29, 2013 20@ndouba | ndouba@gmail.com

21.  Email: ndouba@gmail.com
 Twitter: @ndouba
 Skype: nadeem.douba
21Monday, July 29, 2013@ndouba | ndouba@gmail.com

22.  Paterva:
◦ Andrew MacPherson (Mohawk)
◦ Roelof Temmingh (RT)
 Cygnos/RCGTCI
 The Security Community
22Monday, July 29, 2013@ndouba | ndouba@gmail.com

23. Questions in Q&A
23Monday, July 29, 2013@ndouba | ndouba@gmail.com