Canari – Breaking free of the cage

Like the title?? I figured as I haven’t posted for a while I ought to go for something a bit more catchy. So this post has two parts, the first is a bit “fluffy” the second is a bit more interesting.

First an important piece of information (it does relate to this post). There is a saying I like to use:

“Nothing is impossible, you are only limited by your imagination”

Now remember that for later and carry on reading…

So I’ve been a bit quiet so far this year in terms of posts, there is no real reason for this (other than being busy) but I never intended to use this blog as a means for posting “junk” and I know you guys are all busy so don’t want to waste your time.

Last year as you may remember was all about the OSCP and I found myself wondering what to do next, then like a shovel in the face it hit me. I’ve struggled to work out what area of InfoSec I want to “specialise” in, there are loads of awesome coders, pen testers, exploit hunters and malware analysts already providing advice and code for people and I don’t want to replicate work for the sake of trying to make myself look good.

The other important factor for me is that I have to be “interested” in what I’m learning otherwise I get bored and side tracked by other things (look at the monkey over there…). Open Source Intelligence, is something that I enjoy and really does interest me, hunting for information that is hidden online just waiting to be found, tie that in with a “hacker” mindset from doing my OSCP and to me that’s a receipe for epic fun (and mischief).

EoF.. (End of Fluffy)

Now where do you start?? So I am going to assume you’ve all used Maltego, if you haven’t hang your head in shame and go look HERE (). Back? Good, so I’ve played around with Maltego before (just the community edition) and it’s cool.. but for me it could be cooler so I started looking at how to write your own transforms and entities and then I found Sploitego (never heard of it.. seriously..)

So if you’ve not seen Sploitego before, I suggest the following:

Sploitego is written using the Canari Framework ( which was created by Nadeem Douba (really nice bloke) and the real reason for this post. Canari is python based (which I’m trying to learn) and is essentially awesome. It lets anyone create local Maltego transforms, and takes all the hassle of learning XML (well at least understanding it) away and just lets you focus on the code.

Yesterday I finished my finished Canari framework package. It’s a re-work of the Netscaler Cookie Decrypter I wrote last year, now available in Maltego. It’s not perfect (neither is my coding ability) but it works and I will add some more functionality to it soon. I even now have a account which you can find HERE .

So what does all this mean?? Remember the saying from early??

“Nothing is impossible, you are only limited by your imagination”

Combine that with Canari, Maltego and my own personal “out of box” imagination and rest assured there will be a lot more transform packages appearing soon. My goal is to enhance Maltego with OSINT tools, Wifi tools, basically anything I can think that would help build a profile of someone or something within Maltego. There are no limits, no information is irrelevant as long as there is context to it..

Go try Canari (or Sploitego) for yourself, drop by the forums on the site and say “Hi”.

Me I’m off to buy a copy of Maltego and start my new adventure.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s