Skip to main content

Free Transforms! is a fantastic site for enumerating technologies used on a website, things such as JQuery, Google analytics and additional server information such as the type (Apache/IIS).

For example, if you had to perform a lookup for you will receive a results page (as seen on the left). This page includes that our website uses/is run on:
  • Apache
  • Ubuntu
  • Mod_SSL
  • JQuery
  • Google Analytics

But why Andrew, WHY?
So out the bag this may not seem that exciting, anyone could simply go and have a look at the source of a website and look for keywords relating to the technology, or even look for key directories (Wordpress' /wp-admin/ directory for example).

However imagine you were looking at a large number of websites, in this example space ( I placed a domain '' onto my graph and then ran the "To Website DNS [using Search Engine]" Transform with my slider set to 255):

How would you correlate which technologies were being used with which websites? Well simple, with Maltego of course (and a bit of code to integrate with the API)!

The next step would be simply to select all of the websites found and run the "ToServerTechnologiesWebsite" transform. This will then return the technologies used for each site as seen in this example with just 1 website:

You would then run this across all of your websites to view what kind of technologies were being returned!

Initially we noticed that there was a lot of excess data coming through, technologies such as Javascript, CSS and SEO_H1 which we have since discarded and are only looking at results in the following categories:
"cms","framework","server","Apache Module","Database","Hosting","Interent Communication Server","J2EE Server","Security","Server","Web Accelerator","Web Host","Web Master","Web Server","Web Server Plugin","Web Technology","analytics","javascript"

If there are others you would like to see from the API ( ) feel free to let us know.

So where to from here?
Well now that you have a list of all the technologies used you can see interesting correlation between the data, such as:
  • Are all the websites running the same technology or are there odd cases, and if so why? (Does some dev have a machine running thats accessible from the internet running a vulnerable server)
  • Is the infrastructure mostly Windows or *nix based? (Apache vs IIS)
  • Which CMS' are used, and where? Are they all the same or are there variants?
  • Which websites need their technologies upgraded!
  • What is the most common technology used between all the websites?
Show me the money!

In edge weighted view we can quickly identify the most common technologies used:

And by using the Entity List view I can easily identify the top used technologies by searching for 'BuiltWith' (its the type) and then sorting by incoming links:

Give me the Entity and the Seed!


You can follow our previous post on importing these here:

Last but not least
I'd just like to send out a thank you to Gary Brewer from for some changes we requested to do HTTPS as well as HTTP and for helping us out generally with our queries!

I'd also like to point out that these transforms run on not only a website but also an IP address as well as URL. Please also note that does not currently follow redirects so it will simply try connect to the website, IP address or URL and return the information based on that single page (no spidering).

We look forward to seeing the community respond with more transforms like this!


Popular posts from this blog

Maltego 4 CE / Kali Linux release is ready for download!

Hi there,

We're happy to announce that Maltego 4 is now (finally) ready for the masses! We're releasing the community (free) edition today and the Kali distros have been updated by the kind people from Offensive Security (thanks Dookie/Muts!).  In other words - we're ready to roll on a major upgrade of your favorite information visualization tool.

(click on the image above to see our very grown-up/proper promotional video of Sandra the 15 year old Dachshund and Maltego/Kali Linux. !(We plan to screen this at our booth at a major conference.))

Our decision to make CaseFile free with the release of Maltego 4 had some interesting side-effects. In CaseFile importing data from CSV/XLS was enabled. So too printing. And reporting. So when we made CaseFile free it did not make sense to limit the Kali/CE releases - you'd simply open CaseFile, import the data and save the graph - then open in CE.

So - bottom line - reporting/printing/CSV import is now enabled in the free release…

Abracadabra! It's Sho(dan) time!

Shodan -- used by pentesters, stalkeˆWˆWˆWresearchers and data scientists everywhere to analyze information about computers on the Internet. From webcams to SCADA to looking at where various SSL information in certificates can tie organisations together. It is a common tool used by many different people. We really wanted to get some Maltego goodness on that!

TL;DR -- You can get the Shodan transforms in the transform hub right now. To use all of the different transform options (or you can stick with the free options) you can simply click on settings in the transform hub after installing to add your API key.

There have been transforms written for Shodan before, but we really felt like they needed refreshing. So we took it upon ourselves to look at the information provided by Shodan and decide how we could integrate it into the needs of Maltego users. We first started by looking at what information was readily and easily available and then if it was useful in an n-th order graph. This is…

Visualising the Bitcoin Blockchain in Maltego

This post will provide a quick overview of our new Maltego transforms for visualizing the Bitcoin blockchain. There are 11 new transforms in the seed which use’s API to query data from the blockchain.

(Screenshot's in this post are taken with the Maltego 4 beta release.)
Before we begin, it is important to have an understanding of how Bitcoin and their transactions work so I will start with an overview of some of the main concepts:
Bitcoin Overview
Bitcoin address: Bitcoin addresses are transaction endpoints that are used to send Bitcoin to another person. A person can generate as many addresses as they want and people should (which they often don’t) use a new address for every transaction that is made. An address is represented with a 26-35 sequence of alphanumeric characters and looks like this: 1BvBMSEYstWetqTFn5Au4m4GFg7xJaNVN2. For a more in-depth explanation of Bitcoin addresses you can have a look at the Bitcoin Wiki here.
Bitcoin wallet: A Bitcoin wallet is …