Maltego transforms for Tacyt
15/07/16. Version 0.1
If you are a Maltego user, you already know how intuitive and useful it is for researching and analyzing information. You may know as well that Maltego allows to create transforms, that are no more than scripts to call some service API or whatever other resource. Since Tacyt counts with a comprehensive API and a SDK for an easier use, transform are a natural step ahead to take advantage of everything Maltego offers. And here they are.
Imagine you are performing a research that involves applications and its relations. You may ask Tacyt to give you results about permissions, links, names, emails, certificates, etc… And you end up with an interesting data, let’s say, an interesting domain. Who does that domain belong to? Well, instead of using external resources, you may use Maltego, run Tacyt transforms, extract the interesting information and once you get to an url, email, profile or whatever other entity, take advantage of the other millions of transforms available for Maltego. So the research gets easier, visual and complete in a single screenshot.
We have created several transforms, but more are sure to come (the code is all in GitHub so you could create your own). We have created as well entities for Tacyt in Maltego, and a package to install them all. The steps to install are easy:
- Import the MTZ file from “Manage, Import, Config” menu.
- Once imported, check the Python path and transforms paths themselves match the ones in your system. Click on “Manage Transforms” and search for tct (with wildcards) to show all Tacyt transforms. Select them all using shift button.
- In “Transform Inputs”, modify “Command line”, and “Working directory” (the path where the .py transforms are stored) accordingly.
Of course you would need to specify your API ID and Secret in APIManagement.py.