Hello, everyone. This is Dean Pompilio, your subject matter expert for social engineering
And this demo we're going to take a look at multi. Go.
This is the Verena Multi go. That's for Callie Lennox.
Or you can also install multi go on Windows
Anyway, since we've been focusing mostly on using
Thea Callie Environment, I figured I would show everyone
this version of the tool called Carbon.
You do have to register for the community edition
so that you can log in and used their servers to do your your searches will be aware of those those install steps you confined. That obviously on the website
petrova dot com is where you want to go.
what this tool allows you to do
the relationships between different bits of information
and these could be lots of different things.
Multi go calls them entities community email address or an I p. Address,
Any of those things could be
could be discovered about your target
for a social engineering audit.
And then once you've identified thes entities, you can run what are called transforms
and the transforms can take many different dumb
shapes. It depends on what kind of entity it is.
You get the transforms that are relevant for that type of object.
let's let's start out by creating a new graph.
And it's called a graft because you're once you see the way the objects are connected, you get different lines. And,
it's an edge graft. Basically,
the shortcut for doing that is
or you can go to this icon here
and click this particular another new graph.
Either way, I like using shortcuts. Keyboard shortcuts save a lot of time.
Okay, so let's let's assume at this point in your social engineering audit that you at least have the name
of of the of a particular target.
is someone that works at an organization or
or they know someone who works there.
And you're trying to learn more about this, this individual to see you,
perhaps if they have, ah, several different email addresses,
what kinds of social networking sites they might be using.
These are all details that are that are definitely useful.
All right, so we're gonna start with a domain
and entity will drag that out
by default. It goes to the pater va dot com website.
We can simply double click this and put in something else like Facebook.
So if you were trying to research
a, uh, an individual, maybe for a spear fishing campaign, that could be another good reason.
You definitely could do worse than just start with something like Facebook.
You can also use Twitter if you see down here, there's, ah social network section
and there are some specific Facebook
entities we're just going to use the domain for right now, though.
Okay, So what we want to do now is try our first set of transforms.
We can right click on the object
and there's a run transforms menu
and what we want to do is D. N s from domain, and you can see there's quite a few
transforms within this group.
You could go to the bottom and run all the transforms, which is what we're gonna do for a lot of these examples. But you might want to go back later and run individual ones as
I'm getting a list of
domains that are related to facebook dot com
Sub domains. Basically,
You can use your mouse well to scroll in and out,
So I'm gonna scroll out a little bit. So this fits better.
You can see we've got a pretty nice selection.
Different Facebook domain. Some of these might not be relevant
for the person we're searching for.
So if that's the case, if you don't, for instance, think that the
targets involved in development
if you can delete a couple of these
we see we've got some name servers that show up Looks like an S one. Might be a name, sir.
Okay, so we got a collection of domains now,
this particular target,
probably has some email addresses associated with facebook dot com. So that's what we want to figure out next.
So I'm going to zoom out again,
and I'm gonna select all these domains.
Now, what I want to do is revolve all these two i p addresses,
All right. So resolved to I p, the menu could be a little bit confusing to navigate. As you can see, it's easy to uh, accidentally pop
one of the sub menus out,
So just click off to the side and try again. If that happens,
so resolved. I p is what we want.
and you could see the updates in the window below here,
as these transforms are running on those
also, some other things about the interface.
As you can see, we've got a detailed view on the side here,
show whatever is currently selected or whatever you're pointing to.
And different entities have different types of details.
Okay, so now we've got a bunch of I p addresses
associated with these particular
And what we can do know is look to see possibly what other D N s names are associated with these particular i p's
someone a zoom out so I can see them all.
So Deena's for my p.
I'm gonna go ahead and run all the transforms there
and the reason that I might be digging in this deeply
just looking for an individual is to correlate
different types of domains. Different types of I P addresses different email accounts.
All these things might be related to the results from thes transforms.
All right, so if you look at a particular I P address,
we can see that there are quite a few Facebook domains here. But there's also some domains that don't appear to be related
we can see the I P is their associate ID.
So let's look at some different layouts. Give you a little bit more of an idea of how the information can be visualized. If you zoom out far enough, you can see we go to a what's called a bubble view,
and it's color coded so you can select large bonds, objects easily with the mouse
or, you know, my holding down shift. You could multi select,
but if you're zoomed in
to what's called the main view,
you can click the bubble of you manually and you get some different options.
the view we're looking at originally was the block view.
So this layout mode,
but everything in blocks and it might be useful for certain kinds of sorting of information.
Or you could go to hierarchical mode,
which tries to organize
slightly different method.
No one is a hierarchy.
It's trying to get zoomed in here
and again, this might be useful
for sorting information.
There's also a circular view
showing, AH, kind of a hub and spoke idea for
relationships between objects.
And there's the organic mode,
which could be really useful when you're trying to compare two different sets of objects to see which
items they might have in common.
And then you can also change the ball size.
So the default is diverse descent,
which is kind of a ranking.
Or we can do something like the number of links, and it will create a larger ball.
Incoming links, larger balls that have more incoming links
or balder larger that have outgoing links.
All right, so that's a little introduction to the interface.
So now that we've seen how we can look at the,
information and different different formats of zoom Out
and I want to select facebook dot com
and we're gonna transform
email addresses from domain is what I'm looking for,
and I'm gonna go ahead and
run all the transforms on this.
We're getting some updates down here, and some items are popping up.
Oh, they're over. Here we go.
So we've got a few that popped up. Um,
she gets more here in a moment.
Okay, so we returned a bunch of e mail addresses. Keep in mind these air just e mail addresses that
were found on this particular domain. It's not going to search all Facebook users for their e mail addresses,
but for the purposes of our demonstration, this this at least returned some usable usable names.
is that we know our target's name.
Well, we can search for all or weaken
scroll down in search for different categories
So this is a nice waited to do your filtering.
that that the target of the
audit is does have a Facebook address.
So what we can do? No,
it's run from transforms against the email address.
There's quite a few choices here.
And this might show whether the target has
profiles and other social engineering or social networking sites,
or whether they've got other email addresses associate ID
So I'm gonna go ahead and run all the transforms.
Get a warning that this might take a little while.
Some of the transformers may air out so you can just
All right, so a bunch of things were turned up here. We can see that there are several more email addresses,
each of these might have some more connections.
So this one looks promising.
We could run a transform against email address again.
You can see there's lots of different things here. Contrite in court, correlate lots of other details about the individual.
Okay, we got a whole bunch of information here,
so you get the basic idea. The, um
this email address has been linked to several others. And now,
if that's if this was part of a social engineering,
attempt like spearfishing, for instance,
you would have a lot of different angles to approach the target from.
There are lots of other
plug ins that you can you could install into a tool like multi go. Some of them you have to pay for. I believe
there are a lot of free ones as well. So
the tool has quite a few different dot capabilities.
You really could spend many hours learning its various functions, but hopefully this light overview gives you an idea at least how to get to a point where you can
expand your search for gathering information on your social engineering target.
All right. I hope you enjoy the video. See you next time. Thank you.