Uncovering useful and embarrassing info with Maltego

DEF CON 25

Presented by: Andrew MacPherson
Date: Thursday July 27, 2017
Time: 00:00 - 00:45
Location: 101 Track

The talk has two sections - useful and embarrassing.

In the 'useful' section of this fun filled talk we show how we combine the power of Maltego and Shodan to hunt for ICS devices on the Internet. We tackle the difficult problem of finding the function, owners and locations of these devices using OSINT and Maltego. The result is a one click sequence of transforms that makes finding interesting ICS devices child's play. In the 'embarrassing' section we look at how network footprinting (which we've refined to an art in Maltego) becomes useful for identifying and profiling people who's job description involves lots of lies and who probably does not want to be associated with the data that's out there on them.

Andrew MacPherson

Andrew Macpherson is the operations manager at Paterva. With a degree in Information Science and an uncanny knowledge of cat memes he successfully 0day'd at Paterva in 2007. With a decade of graphing, arguing and tea making he has proved to be a valuable asset at the company. Aside from Maltego'ing everything that looks like a nail he also has a keen interest in hardware and security. @paterva @andrewmohawk


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats