Skip to main content

Calling all transform writers! and Maltego Chlorine details! and MORE!

All,

In a few weeks we'll be releasing a new version of Maltego. We're calling it Maltego CHLORINE! (we're sure the malware analyst will love the name as ...you know...chlorine..germs...bugs....that.)



There are SO many new things. Where to start...??..But - let's start at 1).

1. New context menu
We've totally redesigned the context menu. The main reason for this is that it was getting a bit cumbersome / fat / lazy / had too many Doritos. If you had a lot of transforms you had to really know your way around the GUI to find them all. We took some time, looked at what users mainly use and designed this:

After some weeks of tweaking the design it ended up looking like this in the GUI:

We think it rocks and you will too. YOU WILL LIKE IT! and if you don't YOU WILL LEARN TO LIKE IT! Like cauliflower and Brussels sprouts. No actually, if we're serious, it's a vast improvement from the previous context menu.

2. Java 8 support.
Yeah - eventually. The reason this took a while is because we had to do an end-to-end test of Maltego on the new platform before we're confident that we can release it. Like a new girlfriend every Java version has it's own unique quirks. Things that worked perfectly well in Java 7 needs a lot more TLC in Java 8. 

3. Better OSX support
Everybody knows how much we love Macs (cough). We've decided to make the Mac install and startup a lot more robust - and easier for end users. Keep in mind that with 3 versions of Java floating around (6,7 and 8) and Windows / Linux / Mac support it's not always so easy to make sure Maltego installs and run perfectly in all 9 environments. Not to talk about the small differences between Mavericks and Yosemite, Windows 7 vs Windows 8 and easing the install on Flubber Linux 8.15.221. 

...but the most exciting feature...

4. Transform Hub
When we started Maltego almost 8 years ago our vision was always that other people can build their own transforms. As Maltego became more mature this dream was becoming a reality and today many interesting project are using Maltego as it's front end. The problem was that sharing these transforms with the rest of the world was a bit... tedious. This is why we decided to build functionality that allows you to see which other cool transforms other people made available. We call it the Transform Hub.

Note that we don't call this the Transform Store - but I guess we could have. It's basically the same thing with the exception that we hope most of the transforms will be free. It's up to all the 3rd party transform writers to decide if / how they want to price transforms. 

It basically means that when you start Maltego you'll get a list of 3rd party transforms and you get to choose which ones you want to use. Here's what it's going to look like (note that items in the Transform Hub hasn't been finalized!):

At startup you'll see the Transform Hub.


 If you want to quickly see what the transforms are all about you can just mouse-over on them.


If you want to see more details - click on 'details' (so original). Here you can see things like the transform writer's web page, if it's commercial or not, where to register (if you need to) and where you can contact the transform writers. 

Once you're ready to install the transforms simply click on 'Install'.  


And that's pretty much it. No more seed URLs to enter. With the new TDS we push entity definitions to the client during install as well! One click install. <in a very soft/low voice/and spoken very quickly: "This applies for TDS transforms only">. Yeah of course.

With this fantastic development in place we call all transforms writers! Let us know what you've been brewing up and we'll add you to ..<cave reverb, lots of echo> THE TRANSFORM HUB..Hub...hub...ub...b.

One more thing - you can always add your private server to the list too. And - if the transforms you are using are hosted on a 3rd party's own TDS server your traffic will only go this 3rd party - we don't see it! 

If you are interested in getting your own TDS - please let us know. We're keen to sell you one. And you can sell transforms. And you can sell your transforms on a TDS server to other people. Together we can make lots of money! (sorry, marketing INSISTED on this paragraph, they're not the most creative bunch. In the long run we actually see a lot of free stuff on there. We hope. Actually - it's in your hands really.)

PS - so... the public TDS is not 100% there in terms of all the bells of whistles of the shiny new commercial TDS - but Andrew promised us that he will be making tea for everyone every 3rd day until he's done porting the commercial TDS to the public TDS.

5. Development portal & forum
Because of 4) we decided it would be a great idea if people actually knew how to build their own transforms! In the past we've been...well...not so great at that - we confess. But this has all changed! 

We spent days and weeks building a really snazzy looking development website. It's at [http://dev.paterva.com/developer/] and it's packed with all sorts of nice goodies. We're still working on it so not *all* the sections are 100% completed but it should be a great resource for people wanting to write transforms. 

And also - the forum is back. Well - the development forum. Until the spammers list their shit on there again. Then we'll put our famous Maltego Community Edition CAPTCHAS on there!

The Chlorine release should be ready to go by the middle of February 2015 - we're really looking forward to seeing the feedback from our users. We'll start off (as always) with the commercial release and the community release (and the Kali Linux release) will follow soon afterwards.

Thanks for reading all of this - wow - it's a lot - we've been damn busy!

Baby seals,
RT

Comments

Popular posts from this blog

Maltego 4 CE / Kali Linux release is ready for download!

Hi there,

We're happy to announce that Maltego 4 is now (finally) ready for the masses! We're releasing the community (free) edition today and the Kali distros have been updated by the kind people from Offensive Security (thanks Dookie/Muts!).  In other words - we're ready to roll on a major upgrade of your favorite information visualization tool.


(click on the image above to see our very grown-up/proper promotional video of Sandra the 15 year old Dachshund and Maltego/Kali Linux. !(We plan to screen this at our booth at a major conference.))

Our decision to make CaseFile free with the release of Maltego 4 had some interesting side-effects. In CaseFile importing data from CSV/XLS was enabled. So too printing. And reporting. So when we made CaseFile free it did not make sense to limit the Kali/CE releases - you'd simply open CaseFile, import the data and save the graph - then open in CE.

So - bottom line - reporting/printing/CSV import is now enabled in the free release…

Abracadabra! It's Sho(dan) time!

Shodan -- used by pentesters, stalkeˆWˆWˆWresearchers and data scientists everywhere to analyze information about computers on the Internet. From webcams to SCADA to looking at where various SSL information in certificates can tie organisations together. It is a common tool used by many different people. We really wanted to get some Maltego goodness on that!

TL;DR -- You can get the Shodan transforms in the transform hub right now. To use all of the different transform options (or you can stick with the free options) you can simply click on settings in the transform hub after installing to add your API key.

There have been transforms written for Shodan before, but we really felt like they needed refreshing. So we took it upon ourselves to look at the information provided by Shodan and decide how we could integrate it into the needs of Maltego users. We first started by looking at what information was readily and easily available and then if it was useful in an n-th order graph. This is…

Visualising the Bitcoin Blockchain in Maltego

This post will provide a quick overview of our new Maltego transforms for visualizing the Bitcoin blockchain. There are 11 new transforms in the seed which use Blockchain.info’s API to query data from the blockchain.

(Screenshot's in this post are taken with the Maltego 4 beta release.)
Before we begin, it is important to have an understanding of how Bitcoin and their transactions work so I will start with an overview of some of the main concepts:
Bitcoin Overview
Bitcoin address: Bitcoin addresses are transaction endpoints that are used to send Bitcoin to another person. A person can generate as many addresses as they want and people should (which they often don’t) use a new address for every transaction that is made. An address is represented with a 26-35 sequence of alphanumeric characters and looks like this: 1BvBMSEYstWetqTFn5Au4m4GFg7xJaNVN2. For a more in-depth explanation of Bitcoin addresses you can have a look at the Bitcoin Wiki here.
Bitcoin wallet: A Bitcoin wallet is …