Maltego integration with https://haveibeenpwned.com
Please refer to the https://github.com/cmlh/Maltego-haveibeenpwned/wiki for further information.
Maltego integration of https://haveibeenpwned.com
License: GNU General Public License v2.0
Maltego integration with https://haveibeenpwned.com
Please refer to the https://github.com/cmlh/Maltego-haveibeenpwned/wiki for further information.
Entities
Transform Sets
Maltego Machines
hibp-api-key
Request Headerhibp-api-key
Transform Settingdomain
parameter.Support Pwned Passwords
API v2 endpoint.
References
Implementation
domain
parameter.Support NTLM Hash as an Output Entity.
https://haveibeenpwned.com/API/v3#PwnedPasswordsNTLM
https://twitter.com/troyhunt/status/1623594549733097472
https://www.troyhunt.com/pwned-passwords-adds-ntlm-support-to-the-firehose/
Available to Maltego Classic and [Maltego] XL are:
domain
parameter)Therefore, Maltego CE will be limited to
domain
parameter).Refer to @troyhunt Blog Post for further information
Support NTLM Hash as an Input Entity.
Support Phone Number as an Input Entity when implemented in the upstream API.
Screenshot reproduced below from https://www.troyhunt.com/the-facebook-phone-numbers-are-now-searchable-in-have-i-been-pwned/
Hi, thanks for your awesome Maltego transform! Unfortunately, I have an issue with it. I have an email adress (available non-publicly on demand) that resolves in Maltego as not breached. If I input the address manually at haveibeenpwned.com, it is found in three breaches: exploit.in, Collection #1 and AntiPuiblic. I copied the address from maltogo to haveibeenpwned.com to avoid typos. I did it several times, first time togerther with other addresses that returned breach results. Secondly on its own, but the breaches are never found. Another email address returns the trillian breach but also ommits Collection #1.
When i launch the HIBP transform i get the error "responded with an HTTP 503, we wanted a 200!" is there a way to remove the popup form showing up and blocking my research?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.