Maltego Server Modules
The Maltego server is currently split into 2 configurations:
-
Professional server - This server includes the Commercial TAS (CTAS), SQLTAS and the PTTAS
-
Basic Server - This server only includes the Commercial TAS (CTAS)
To find out more about these server modules, please select one below:
CTAS
SQLTAS
PTTAS
PTTAS
While Maltego was never a pen testing / assessment tool there has been more than enough people asking for transforms that will do things like portscans, banner grabs and vulnerability checking. With the guys from Offensive Security doing a training course at Black Hat Las Vegas and having a nice Maltego section in the training we figured it would make sense to give them something more to show. Thus was born the PTTAS – a PenTesting Transform Application Server.
The PTTAS hosts the following transforms:
_To Website Title: Useful when you have 400 web servers and you need to know what’s running on them. We’ve done this with Python and Mechanize – so it follows redirects, meta redirect and with some encouragement – Javascript redirects. On the final page it shows the title of the web page. Input is WebsiteEntity, output is WebtitleEntity
_To Website – SSL info (where open): Again – with a densely populated network is good to know what names the servers has. Used in conjunction with portscan. Input is IPAddressEntity, output is WebsiteEntity.
_To Webdir (Directories found using SE): This transform lists all the directories found on a web site – and does so by looking at data that’s available on the Internet. In time a brute force directory checking transform will follow this up – meaning you can look for directories that should not have been there. Output is WebdirEntity.
_To Vuln (Nessus): Using Nessus 3.2 we allow for the running for a list of NASLs against the target. You populate the NASL IDs and the server will handle the depedancies. Output is a VulnEntity.
_Do Portscan: Performs a portscan with a list of ports configured in the transform. You can scan for 80 only, or for a entire list of ports. Transform uses Nmap to perform the actual scan. Can be used on a Netblock Entity or a single IPAddress Entity.
_To Service (from portscan): Once you have the ports you can figure out what’s running there. Output is ServiceEntity which contains the banner and the port – input is IPAddressEntity.
_To Ports (dump),_To Banner (dump): Dumps ServiceEntity to port and banner. Useful to see different ports and banners on a graph. By selecting parents and grandparents you get to see what IPs are open on what ports, or which IPs are running what service.
SQLTAS
This module allows for the interaction with one or more SQL databases. Users of the SQLTAS can run different SQL based transforms (which are really SQL queries) to many various databases using a single SQLTAS.
Currently supported SQL databases are: MySQL, MSSQL, DB2, Postgres and Oracle. Should you however wish to integrate with another type, simply contact us.
The SQLTAS is currently in use at various Fortune 500 companies and has allowed them to visualise relationships in a way previously not thought possible.
CTAS
This is the Commercial TAS module and includes the same transforms as those found on the publicly available server. The transforms in use on the CTAS are the same that users of the commercial or community server have access to.
By purchasing this module you will have your own private server identical to the public server, but with the benefits of using your own infrastructure to host it. This is specifically applicable to clients with highly sensitive data.
|
|
