PT TAS
While Maltego was never a pen testing / assessment tool there has been more than enough people asking for transforms that will do things like portscans, banner grabs and vulnerability checking. With the guys from Offensive Security doing a training course at Black Hat Las Vegas and having a nice Maltego section in the training we figured it would make sense to give them something more to show. Thus was born the PTTAS - a PenTesting Transform Application Server.
The PTTAS hosts the following transforms:
_To Website Title: Useful when you have 400 web servers and you need to know what’s running on them. We’ve done this with Python and Mechanize - so it follows redirects, meta redirect and with some encouragement - Javascript redirects. On the final page it shows the title of the web page. Input is WebsiteEntity, output is WebtitleEntity
_To Website – SSL info (where open): Again - with a densely populated network is good to know what names the servers has. Used in conjunction with portscan. Input is IPAddressEntity, output is WebsiteEntity.
_To Webdir (Directories found using SE): This transform lists all the directories found on a web site - and does so by looking at data that’s available on the Internet. In time a brute force directory checking transform will follow this up - meaning you can look for directories that should not have been there. Output is WebdirEntity.
_To Vuln (Nessus): Using Nessus 3.2 we allow for the running for a list of NASLs against the target. You populate the NASL IDs and the server will handle the depedancies. Output is a VulnEntity.
_Do Portscan: Performs a portscan with a list of ports configured in the transform. You can scan for 80 only, or for a entire list of ports. Transform uses Nmap to perform the actual scan. Can be used on a Netblock Entity or a single IPAddress Entity.
_To Service (from portscan): Once you have the ports you can figure out what’s running there. Output is ServiceEntity which contains the banner and the port - input is IPAddressEntity.
_To Ports (dump),_To Banner (dump): Dumps ServiceEntity to port and banner. Useful to see different ports and banners on a graph. By selecting parents and grandparents you get to see what IPs are open on what ports, or which IPs are running what service.
As there are a couple of new transforms we needed to also have a couple of new entities: PortEntity, BannerEntity, VulnEntity, ServiceEntity, Webdir Entity, Webtitle Entity. Screenshots (and perhaps even some video) will follow.
Due to the nature of this TAS we cannot host it on the public server. However - it this interest you feel free to contact us - we would be glad to supply you with a solution.
Regards,
RT
Tags: Maltego, PTTAS
