Come join us for a night of exploring Sploitego including live demos and a chance to talk with the developer!
Have you ever wished for the power of Maltego when performing internal assessments? Ever hoped to map the internal network within seconds? Or that Maltego had a tad more aggression? Sploitego is the answer. In the presentation we'll show how we've carefully crafted several local transforms that gives Maltego the ooomph to operate nicely within internal networks. Can you say Metasploit integration? ARP spoofing? Passive fingerprinting? SNMP hunting? This all is Sploitego. But wait - there's more. Along the way we'll show you how to use our awesome Python framework that makes writing local transforms as easy as 'Hello World'.
Sploitego makes it easy to quickly develop, install, distribute, and maintain Maltego Local transforms. The framework comes with a rich set of auxiliary libraries to aid transform developers with integrating attack, reconnaissance, and post exploitation tools. It also provides a slew of web tools for interacting with public repositories.
Sploitego and its underlying Python framework will be released at DEF CON as open source - yup - you can extend it to your heart's content. During the presentation we'll show the awesome power of the tool with live demos and scenarios as well as fun and laughter.
Nadeem Douba - GWAPT, GPEN: Currently situated in the Ottawa (Ontario, Canada) valley, Nadeem provides technical security consulting services primarily to clients in the health, education, and public sectors. Nadeem has been involved within the security community for over 10 years and has frequently presented at ISSA and company seminars and training sessions. He is also an active member of the open source software community and has contributed to projects such as libnet, Backtrack, and Maltego.
For those of you who want to install the tool before the presentation the source is up on github (https://github.com/allfro/sploitego).
When & Where