Black Hat USA 2013 - Maltego Tungsten as a collaborative attack platform01:09:20 1358 views 100% Published 8 years ago
By: Roelof Temmingh & Andrew MacPherson
Maltego has always been a strong favorite for pre-attack intelligence gathering - be that for social engineering, doxing or for infrastructure mapping. Indeed it's earned its rightful place in the Kali Linux top 10 tools.
For as long as we can remember we at Paterva were annoyed that Maltego lacked the ability to share intelligence effectively. Up to now the only way to share graphs was to send the actual files around. This is all about to change - with Maltego Tungsten. The Tungsten release (at BlackHat) allows multiple users to share graphs in real time. This creates interesting opportunities and new workflows - suddenly we can have a team of analysts and/or pen testers working together in real time and on the same goal. Be it profiling (or 'doxing') a human target or attacking a network - with real time graph sharing we now have a platform where information can be safely (and anonymously) shared as it happens.
The other lacking aspect of Maltego was real bite. In the past we purposely stayed away from all out attack - concentrating rather on info gathering. In this talk we'll also show how to integrate Maltego with industry standard attack tools. This will range from infrastructure attacks, web platform attack and remote Trojans to social engineering as well as denial of service.
Combine human intelligence, machines (introduced in Radium release) and real time collaboration with these powerful transforms and wait... oh noes...we've created a monster!!