This new plugin from Paterva allows you to easily pull data from visited web pages, and integrates seamlessly with Maltego. A video demo is here: http://www.paterva.com/mesh.mp4 but the plugin is only available to Informer subscribers during this pre-release period! Thanks Paterva for your great support!
Here’s the link:
http://www.paterva.com/maltego/about/maltego-mesh
The password is “yoshimi”, without the quotes.
Greetings, Informees!
Since I have a working prototype of a new tool available, I thought you all might like to play with it! (Warning: This is a prototype, it is still buggy, does not have a GUI, and may or may not explode your computrons.)
For my senior project, I’m writing a tool to extend the functionality of the RATS (Rough Auditing Tool for Security) vulnerability scanner. What GRaTS (Graphical RATS and Taint Scanner) does is to attempt to combine several approaches to finding vulnerabilities to help both experienced auditors and greenhorns to get quicker, more accurate results. By identifying points in code where users can affect the data flow (namely through input or things like signals, filesystem tomfoolery, etc) we can distill the code into a condensed version which shows only code dealing with tainted data. Once the code has been condensed, we scan it using RATS and format the output nicely into a GUI, including relevant line numbers, variable names, and any vulnerability information that RATS may have returned. This allows for novices to immediately identify dangerous code operating on tainted data, and allows more weathered folk to perform manual code analysis on tainted data timelines, making manual code analysis faster and more cost-efficient.
Hope you all get a kick out of it! Any new prototypes released will be on the same page, so check back periodically if you’re interested in seeing GRaTS progress.
Cheers!
–
Dan Crowley
Nestled in the hills of Njeru near Jinja in Uganda in East Africa, the AOET Rehaboth Secondary School is a sight to behold. Overlooking beautiful Lake Victoria, it’s easy to be swept away by the beauty and the majesty of the area. But there’s something even more majestic about what AOET has accomplished through the years, and the Rehaboth High School was a good example of AOET’s forward-thinking plans for the marginalized people of East Africa.
That’s why, when AOET approached us with their plans for the school in 2006, we jumped at the opportunity to assist them with the computer lab in Njeru. After four years and tens of thousands of dollars invested by HFC, we made good on our promise to provide a state-of-the-art computer lab to match AOET’s vision. Sadly, it was more than AOET could handle. More after the break.
I want to thank everyone in the community that RT’d, emailed, called offered (prayer, financial, moral, humorous, haranguing) support and generally stood in the gap for us. You guys made this happen.
Some highlights of the day:
Now as to PayPal’s role in all this…They have every reason to suspect that something’s amiss with just about every business account that’s requested. They are not (as many people have mentioned) a bank. I understand their screening, and honestly I wouldn’t want the job of tightening / lubricating their screening process. It’s ugly in the world of e-commerce. So I get it.
I will remain a PayPal client, and HFC will as well. No hard feelings.
Besides, I made mistakes in this whole thing. Yes, I should have waited for the IRS paperwork to come back before clicking that 501c3 button, or revealing that donations are tax-deductible (which they are, retroactively before the paperwork comes back). I should have checked the right button on the PayPal form. These things are all true, and there are other things I’ve done wrong and I’ll continue to screw some things up. But I’m not sorry I charged ahead, following my passion, fueled by the prayers, support and money of the community. Why? Because we’ve done a LOT while waiting on papers and processes. (More on that during my BH/DEFCON talk.) Yes, it’s reckless and unplanned and seat-of-the pants sometimes, but it’s coming together. The gaps are filled in by faith.
This whole thing had gotten me pretty down, and I found myself wondering what, exactly I had gotten myself (and my family) into. At conferences and such it’s easy to see that people dig what we’re doing but as the days tick by here in Africa, it’s not as easy to gauge.
But today bolstered me for the year to come. I’m not a lone-ranger crackpot…well, I am, but I’m certainly not alone in this.
Let me quote my friend Simple Nomad (by permission) from a personal email:
Fortunately our industry seems to value skills over everything else, and so for the most part people of different races, religions, sexual orientations, and hat color can talk shop and improve the world a little bit at a time.
Time and again, our community has proven that we can do things that the society at large can not. We can unite across barriers that restrict the rest of the world. In this age of intolerance and hatred, we move ahead, pushing the envelope and making the impossible possible.
Edison, Murgas, Babbage, Atanasoff, Meucci and Bell existed before the term “hacker” existed, but if they could see it, they would be proud of our community.
I know I am.
Thank you everyone for the support.
Johnny
