MaltegoHackathon

From RevSpace
Revision as of 11:07, 6 November 2011 by Maxell (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

What is Maltego?

Maltego is an intelligence and forensics application. It allows for the mining and gathering of information as well as the representation of this information in a meaningful way.

Coupled with its graphing libraries Maltego allows us to identify previously unknown relationships between information, persons and information about persons. As such, it is a useful tool in the IT security field to map an organization's people and relationships. A valuable aid in exploring the social-engineering attack vector in pen-testing investigations.

Hackathon

The purpose of this hackathon is to create local transforms. Maltego defines various entity types (such as persons, domain names, phone numbers, etc..). Transforms are applications that when called will produce output which results in new entities that are somehow linked to the originating entity within your graph. They can be coded in practically anything as long as they stick to the specification (ie. they output the right kind of XML). These transforms will be open source and released to the community, and can be run locally without the need to contact a server.

Date and place

Friday April 15th, starting from 1700 CEST. We can order some wok or pizza and hack all night long \o/

The location is the hackerspace Revelation Space in The Hague.

References:

ContactAndRoute Address and directions to RevSpace.
http://paterva.com/web5/TDS/
http://paterva.com/web5/
http://www.darknet.org.uk/2008/11/maltego-forensics-and-intelligence-application-information-gathering-tool/ / http://maltego.shodanhq.com/

Licenses

Maltego comes in a community edition and a commercial edition. Paterva, the company behind Maltego, has offered a 2-week commercial license to every person attending the hackathon. In addition, the best transform written will be awarded with a one-year commercial license.

Hardware requirements

       Minimum  2GB RAM, 2GHz, 64Kb Internet access, 1024x768 display. 
Recommended: 4GB RAM, 3.0GHz dual core, 1Mb+ Internet access, 1600x1200 display.


Ideas

A list of raw ideas for transforms that would be cool to have (which everyone is very welcome to extend :):

  • Meetup.com - event to participants (Persons)
  • mediawiki / generic wiki - Person to authored pages
  • project sites (sourceforge, github, ...) - find projects, persons
  • irc channels (person to channel, channel to persons)
  • twitter/identi.ca
  • named entity detection, combine person & site to find eg fellow event visitors
  • scrape podcast feeds / itunes for Person appearances in radio shows
  • usernamecheck.com
  • email to person through mailing list archive search on google/yahoo/...

Participating

On-site:

  • !DrWhax
  • gmc
  • mrngm (probably)
  • ikke (probably)
  • Thursley
  • zkyp (or remote)
  • Retrace
  • Zeno4ever
  • OneDutch
  • AustinPwners

Remote:

  • Andrew !MacPherson
  • DipSwitch (prly)

Remote participation w/ Skype and/or IRC on the projector.