A local transform for Maltego which makes use of the HackerTarget API for DNS Recon
- This transform was developed and tested with Python 2.7 on Ubuntu Linux. You need python and the requests module.
- Download and install community or commercial version of Maltego.
- Clone this repository to a local directory (known as the 'working directory' in Maltego).
- For the configuration file to work out of the box, move maltego_transforms to /opt/Maltego_HackerTarget. If paths are different you can update from the manage transform screen.
- Obtain an HackerTarget API Key API key. Free users get 200 requests per day against the API (no key required).
- Place the API key in the APIKEY variable in each transform.
- Import HackerTarget-config-v1.mtz as a Maltego configuration file
- Confirm the working directory of each transform (which should be set to /opt/Maltego_HackerTarget by default) - this comes from mtz file.
- Ensure each transform has the proper Python path.
- The transforms work on Domain, NS Server and IP address entities only. You may need to resolve a DNSName entity to a domain before running the find hosts transform. Resolve the Domain to NS Server to run the DNSseach.
- Depending on your Maltego license you will be restricted by the number of entities returned by the transforms. The find hosts can return thousands of entries on the right query.
- HackerTarget provides hosted open source tools and network intelligence to help organizations with attack surface discovery and identification of security vulnerabilities.
- Expensive appliances with flashing blue lights are not always the best solution. Through promotion of open source security solutions we make organisations big and small better at protecting what matters to them.
