We’re excited to announce that Censys users can now take advantage of the incredible power of Maltego’s visualization tools to help enrich and understand their assets. Using Censys with Maltego makes it easier for you to visualize vulnerabilities and complex relationships between digital assets.
Maltego is a tool used in threat hunting, which allows users to quickly pivot off of data to locate and analyze adversary infrastructure. Security practitioners can begin the process by using “seeds” like an email address, domain name, or IP address and, from there, investigate further by using transforms to search external databases. Maltego presents the data in a graphical interface that shows the connections between data, hosts, and certificates. Many practitioners and Censys users will find value in Maltego’s intuitive navigation of the graph created during their investigation.
Threat hunters can now easily pivot off of key pieces of information, backed by Censys’s trusted data, to discover hidden infrastructure services. Here are a few of the main benefits you’ll see with this Maltego integration for Censys:
- Discover projects that live in different cloud environments that may not have been vetted or approved by IT (sometimes called “Shadow IT”)
- Quickly find server misconfigurations
- Investigate odd services running on hosts and locate other anomalies and outliers in certificate data
- Map IP addresses to domains and domains back to IP addresses
View the Maltego Integration on Github
In that Github repo, you’ll find all the information you need to get the Maltego integration working with Censys. If you’re new to Maltego, there’s a community edition where you can try out our integration (and a lot of others from third parties) should work with it. A few helpful tutorial videos on how to use Maltego are also available.
We want to thank Mark Parsons, Threat Intelligence Analyst at Microsoft, who created his own integration that inspired and informed our version. We love hearing how our power users are getting value out of Censys data — ping us on Twitter @censysio to show off your research projects, corporate security, and threat hunting strategies.