Black Asylum

According to the website:

SSLScan queries SSL services, such as HTTPS, in order to determine the ciphers that are supported.  SSLScan is designed to be easy, lean and fast.  The output includes prefered ciphers of the SSL service, the certificate and is in Text and XML formats.

SSLScan is a very useful tool to quickly determine the cipher suites support by one or more websites.  Below is a screenshot of the output of the command:

# sslscan –no-failed <target>.net:443

Download it from here, or if you are running from Debian or Ubuntu, you can simply issue the command:

# apt-get install sslscan

What is Maltego?  Well according to their website, it is:

Maltego is an open source intelligence and forensics application. It will offer you timous mining and gathering of information as well as the representation of this information in a easy to understand format.

What does that mean?

It means that Maltego is a commercial($) tool, that when provided a person’s name, email address, website, etc…, can quickly search for and identify related information from numerous sources on the Internet.

Maltego is particularly useful in scoping for a penetration test or social engineering engagement.  Using Maltego one can enumerate employee names, email addresses, phone numbers, postions, as well as alternate websites, dns entries, and so on.

Maltego comes with a number of built-in transforms.  A transform is a module which Maltego uses to perform a particular information search.  A varied collection of user created transforms can also be found and integrated with Maltego.