search

cmlh / Maltego-haveibeenpwned

Maltego integration of https://haveibeenpwned.com
GNU General Public License v2.0
57 stars 15 forks source link

Support "Pwned Passwords" API v2 Endpoint #15

Closed cmlh closed 6 years ago

cmlh commented 7 years ago

Support Pwned Passwords API v2 endpoint.

References

Implementation

cmlh commented 6 years ago

Integration Pattern

Custom Entities

Entity Input Value(s)

Transforms

Machine

Serial Path

  1. From haveibeenpwned.Password to haveibeenpwned.linkAnalysis
  2. From haveibeenpwned.Password to maltego.Hash SHA-1

Serial Path

  1. From maltego.Hash SHA-1 to haveibeenpwned.linkAnalysis.
SudhanshuC commented 6 years ago

For the machine, it can take 'haveibeenpwned.Password' as input and give out 'haveibeenpwned.linkAnalysis' and 'maltego.Hash' as first level of output. Then 'maltego.Hash' can be further used as input to get 'haveibeenpwned.linkAnalysis'. In most of the cases it will generate same result but there might be instances where only either one of them will.

cmlh commented 6 years ago

@SudhanshuC

Yes, the input value ce0b2b771f7d468c0141918daea704e0e5ad45db of haveibeenpwned.Password would also return a maltego-Hash SHA-1 entity of ce0b2b771f7d468c0141918daea704e0e5ad45db too with the ?originalPasswordIsAHash=true parameter which would link to the initial 'haveibeenpwned.Password` entity.

I have amended the [Maltego] Machine specified above.

cmlh commented 6 years ago

Fix https://github.com/cmlh/Maltego-haveibeenpwned/commit/54951e5fa655e484b7673c5bead997f0bff95cdb