Skip to main content

Posts

Showing posts from April, 2013

BlackHat 2013, Tungsten preview, Trees

Hi all,

We decided to do a quick recap of what's happening around the Paterva office the last couple of weeks. 'Why?' you ask. Well - we recently had some visitors to our offices - they only followed our blog and not our Twitter account (@paterva if you wondered) and they were clearly uninformed about what we're up to.


Blackhat 2013 We recently showed Maltego to a group of hard core pen testers. Initially they were quite doubtful about how useful Maltego could be for them ('yes it makes pretty pictures - so what') - but after about 45 minutes we won them over and by the end of the day they bought licenses for the entire team and were making plans to integrate Maltego with their own tools. It yet again illustrated to us that it's not the tools you have but how well you know and use them. This is why we train at BlackHat USA in Las Vegas. At the end of every class students walk out saying 'We never knew you could do this with Maltego' and 'We neve…

TRX - Framework for writing Python transforms with the TDS

Hi there people from the Interwebs,

We wrote a 'framework' for writing Python transforms with the Maltego TDS. It's called TRX and it's pretty light, easy to use and very hip. It should see you writing kick ass transforms in no time - a complete transform could look as simple as this:

def trx_DNS2IP(m):
  TRX = MaltegoTransform()
  DNSName=None
  try:
    DNSName = socket.gethostbyname(m.Value)
    TRX.addEntity("maltego.IPv4Address",DNSName)
  except socket.error as msg:
    TRX.addUIMessage("Problem:"+str(msg),UIM_PARTIAL)
  return TRX.returnOutput() 

The document nicely explains the differences between local transforms and TDS transforms and also includes a complete entity reference guide as well as addressing the confusion between V2 and V3 entities - a must read for any transform developer. The document also takes a look at the future of the TDS.

Here is the index of the document - click to read.

Finally the framework / source code can be found [here]. …