Wednesday, September 30, 2015

New Community TDS (NCETDS... just kidding we have enough acronyms!)

Video Tutorial - [ Here ]
Developer Documentation - [ Here ]
Community TDS inferface - [ Here ]

This blog post (one of the few by Andrew) is here to tell you about the new public TDS (technically an update for the community TDS so that it is inline with the private TDS source base). For those who aren't interested in reading all the words we have a great video to talk about this below:

Let's start off with an introduction to the TDS. It provides an easy to use, distributable means of writing and sharing transforms (and essentially the data so that users can turn that into intelligence) . All the transforms in the transform hub are built on either the the free public TDS or a private one.

When a "normal" transform (one on the public/private CTAS) runs what happens in the back is that a message is sent to the server containing the entity details (like its value and other properties) as well as the transform that needs to run. For example it could be the domain and the transform "to MX record". This would then be run on the server (the code would execute - performing an MX lookup on and the result would be returned to the client.

Previously people used local transforms which had a number of painful setup and distribution points:
  1. Local transforms require people to setup code and environments on the end user system.
  2. Code updating was painful as you would need to send all your users new code to run.
  3. Code containing all the API calls, passwords and other sensitive information needed to be obfuscated.
Our solution to this was the original TDS. Essentially what it does is provide a way that users can write and create transforms that they host on a web server. This is all done through a simple and intuitive web interface (the TDS).

What happens with the TDS is that when it recieves the call that includes the entity and transform to run, (as described previously) instead of executing code on the machine it will simply make a call over HTTP or HTTPs to a web server. This web server then receives the call and can then do whatever it needs to - be that talking to a database or API or something else... literally anything that you can write a program for.

You can read more about this over at our developer portal. It's got explanations, code samples and more. It will quickly get you up to date with the aspects of coding transforms.

This update of the community TDS keeps it in line with the private version with a range of new features include the following:

OAuth Integration

OAuth Integration allows transform writers to utilise open OAuth integration connectors (such as Twitter) or write their own to control who uses their transforms or just to do statistics.

Paired Configuration

Developers can now pair  exported Maltego configurations with their transforms which means they no longer need to ship MTZ files containing entities, machines, sets and seeds. These configuration files can be simply uploaded to the web interface and when the end user discovers the transforms they will automatically get these items added to their client!

Bug fixes, interface tweaks

A number of bug fixes and interface updates have been done to the interface and the whole experience should hopefully be more usable and intuitive for everyone :)

What are you waiting for? Head on over to the new community TDS  now!

Pink fluffy unicorns, dancing on rainbows

No comments:

Post a Comment