Subliminal Hacking
The Art and Science of Social Engineering



Categories

February 19, 2014

Maltego Transforms … Recommended List

Regular visitors to the site will be familiar with the post on recommended OSINT tools, and one of those tools mentioned is Maltego. Maltego is an awesome tools that uses the power of machines to gather information and display it in a format conducive to the human eyes pattern spotting. Maltego is based around entities (email address, domain name, person, phone number, etc) and transforms (queries) to pull information and match up the connections. In addition to the awesome entities and transforms included as standard from the Paterva team, there are also various free and paid for transforms available to enrich your Maltego Intel gathering experience.

The aim of this post is to provide a list of recommended transforms for you to consider adding to your Maltego arsenal. If you know of a transforms not mentioned here and you rate them, please get in touch via email, twitter or leave a comment.

  • Canari Framework – An easy to use Framework for building your own Maltego transforms.
  • Shodan Transforms – Access the wealth of knowledge about endpoints and exploits in Shodan through Maltego. Search by domain, netblock, host or specific exploit types.
  • PacketNinjas SocialNet Transforms – A great set of commercially support transforms. Search for associations with Facebook, Twitter, Pintrest and many more.
  • Recorded Future Transforms – Utilises the information available within Recorded Future to bring in event and relationship data.
  • Sploitego Transforms – Provides the ability to run nmap scans, nessus scans and more from within Maltego.
  • SniffMyPackets Transforms – Analyse your PCAPs through Maltego.
  • Watcher Transforms – Perform your wireless recon through Maltego.
  • Malformity Transforms – Nice set of transforms to aid in the research of malware and other malicious infrastructure.
  • ThreatMiner – Aggregation point to aid in intelligence and intrusion analysis.

Be Sociable, Share!



    About the Author

    Dale Pearson
    has worked in IT since 1998, Infosec since 2004, and studied and performed hypnosis, mentalism etc since 2009. Dale is a full time Red Teamer with a love of social engineering and qualified hypnotherapist. He spends a great deal of time researching the various skills and techniques that make up the art and science of Social Engineering.




    6 Comments


    1. Hello, I wrote the sniffMyPackets transform set, I’ve just released a Wireless transform set for Maltego. It’s just a minimum usable product at the moment but I’ve got a lot more to add over the next few months. The link is here: https://github.com/catalyst256/Watcher

      Thanks.


    2. David André

      Don’t forget the Malformity malware research transforms set:
      https://github.com/digital4rensics/Malformity


    3. Dale

      David, thanks for the recommendation. Someone also mentioned this and I have now added it to the list.


    4. Dale,

      The complete list of Transforms in addition to Machines, etc is hosted at http://cmlh.pbworks.com/w/browse/#view=ViewFolder&param=Maltego

      Also I have developed a number of Maltego Transforms for Facebook, Twitter, etc that are hosted at https://github.com/search?q=%40cmlh+maltego


    5. Dale

      Cheers for sharing Christian.



    Leave a Reply

    Your email address will not be published. Required fields are marked *

    Time limit is exhausted. Please reload CAPTCHA.

    This site uses Akismet to reduce spam. Learn how your comment data is processed.