Cover by: Andreas Rocha
Local Port Scanner
def extract_open_ports(nmap_output):
open_ports = []
for line in nmap_output.splitlines():
if "open" in line:
port = line.split("/")[0]
open_ports.append(port)
return open_ports
class PortNumber(DiscoverableTransform):
@classmethod
def create_entities(cls, request: MaltegoMsg, response: MaltegoTransform):
# Obtain Target Information from Entity
#request_firstname = request.getProperty("IPAddress")
request_ip = request.Value
#print(request.Value)
#red_notice_entity = response.addEntity("yourorganization.InterpolRedNotice")
#red_notice_entity = response.addEntity("yourorganization.InterpolRedNotice")
#red_notice_entity.addProperty("IP Address", value = request_ip)
cmd = ['/usr/local/bin/nmap', '-p-', '--open', request_ip]
output = subprocess.check_output(cmd, stderr=subprocess.STDOUT, universal_newlines=True)
ip_entity = response.addEntity("maltego.IPv4Address")
ip_entity.addProperty('output', 'Nmap Output', 'loose', request_ip)
open_ports = extract_open_ports(output)
for port in open_ports:
port_entity = response.addEntity("maltego.Port")
port_entity.addProperty('port.number', 'Port Number', 'strict', port)
#print(output)
#output = subprocess.check_output(cmd, stderr=subprocess.STDOUT, universal_newlines=True)
#print(output)
Remote Port Scanner(shodan+censys)
import requests
import json
# Shodan API key
SHODAN_API_KEY = "YOUR_SHODAN_API_KEY"
# Censys API credentials
CENSYS_API_ID = "YOUR_CENSYS_API_ID"
CENSYS_API_SECRET = "YOUR_CENSYS_API_SECRET"
# Shodan transform - Scan IP Address
def shodan_scan(ip):
url = f"https://api.shodan.io/shodan/host/{ip}?key={SHODAN_API_KEY}"
response = requests.get(url)
data = response.json()
return data
# Censys transform - Scan IP Address
def censys_scan(ip):
url = "https://www.censys.io/api/v1/search/ipv4"
headers = {
"Content-Type": "application/json",
}
data = {
"query": ip,
}
response = requests.post(url, headers=headers, auth=(CENSYS_API_ID, CENSYS_API_SECRET), json=data)
result = response.json()
return result
# Shodan transform - Find Similar IPs
def shodan_find_similar_ips(ip):
url = f"https://api.shodan.io/shodan/host/{ip}/similar?key={SHODAN_API_KEY}"
response = requests.get(url)
data = response.json()
return data
# Censys transform - Find Similar IPs
def censys_find_similar_ips(ip):
url = "https://www.censys.io/api/v1/search/ipv4"
headers = {
"Content-Type": "application/json",
}
data = {
"query": f"ip:{ip}",
}
response = requests.post(url, headers=headers, auth=(CENSYS_API_ID, CENSYS_API_SECRET), json=data)
result = response.json()
return result
# Shodan transform - Search Ports by Service
def shodan_search_ports(service):
url = f"https://api.shodan.io/shodan/service/{service}?key={SHODAN_API_KEY}"
response = requests.get(url)
data = response.json()
return data
# Censys transform - Search Ports by Service
def censys_search_ports(service):
url = "https://www.censys.io/api/v1/search/ipv4"
headers = {
"Content-Type": "application/json",
}
data = {
"query": f"ports.services.name:{service}",
}
response = requests.post(url, headers=headers, auth=(CENSYS_API_ID, CENSYS_API_SECRET), json=data)
result = response.json()
return result
Whois company
opencorporates.com github.com/chrieke/awesome-geospatial-compa.. opengovus.com
import requests
# OpenCorporates transform - WHOIS Company Lookup
def opencorporates_whois_company(company_name):
url = f"https://api.opencorporates.com/companies/search?q={company_name}"
response = requests.get(url)
data = response.json()
return data
# OpenGovUS transform - WHOIS Company Lookup
def opengovus_whois_company(company_name):
url = f"https://api.opengovus.com/api/companies?name={company_name}"
response = requests.get(url)
data = response.json()
return data
# Awesome Geospatial Companies transform - WHOIS Company Lookup
def awesome_geospatial_whois_company(company_name):
url = "https://raw.githubusercontent.com/chrieke/awesome-geospatial-companies/master/companies.json"
response = requests.get(url)
data = response.json()
matching_companies = [company for company in data if company_name.lower() in company["name"].lower()]
return matching_companies
Leakage Search
import requests
# Search Illicit Services transform - Search Data Leakage
def search_illicit_services(query):
url = f"https://search.illicit.services/search?query={query}"
headers = {
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36",
}
response = requests.get(url, headers=headers)
data = response.json()
return data
Whois Company
viewdns.info/reverseip/?host=threatradar.ne.. digital.com/best-web-hosting/who-is/#search.. dnslytics.com/reverse-analytics
import requests
from bs4 import BeautifulSoup
# ViewDNS transform - WHOIS Hosting Lookup
def viewdns_whois_hosting(domain):
url = f"https://viewdns.info/reverseip/?host={domain}&t=1"
response = requests.get(url)
soup = BeautifulSoup(response.content, "html.parser")
table = soup.find("table", {"border": "1"})
rows = table.find_all("tr")
hosting_domains = []
for row in rows[1:]:
cols = row.find_all("td")
hosting_domains.append(cols[0].text.strip())
return hosting_domains
# Digital.com transform - WHOIS Hosting Lookup
def digital_whois_hosting(domain):
url = f"https://digital.com/best-web-hosting/who-is/#search={domain}"
response = requests.get(url)
soup = BeautifulSoup(response.content, "html.parser")
hosting_info = soup.find("div", {"id": "whois-result"})
hosting_domains = hosting_info.text.strip().split("\n")
return hosting_domains
# DNSlytics transform - Reverse Analytics Lookup
def dnslytics_reverse_analytics(domain):
url = f"https://dnslytics.com/reverse-analytics/{domain}"
response = requests.get(url)
soup = BeautifulSoup(response.content, "html.parser")
hosting_info = soup.find("table", {"class": "pd"})
hosting_domains = hosting_info.find_all("td", {"class": "text-monospace"})
hosting_domains = [domain.text.strip() for domain in hosting_domains]
return hosting_domains
LinkedIn profiles
theorg.com/organizations linkedin.com/sales/gmail/profile/viewByEmai.. importyeti.com/company/apple github.com/chm0dx/peepedIn `site:(linkedin.com/in | zoominfo.com/p | rocketreach.co | xing.com/people | contactout.com) "company" bing.com/webmaster/tools/mobile-friendliness
import requests
from bs4 import BeautifulSoup
# TheOrg transform - LinkedIn Profile Search
def theorg_linkedin_search(company_name):
url = f"https://theorg.com/organizations?q={company_name}"
response = requests.get(url)
soup = BeautifulSoup(response.content, "html.parser")
profiles = soup.find_all("a", {"class": "link primary"})
linkedin_urls = [profile["href"] for profile in profiles if "linkedin.com" in profile["href"]]
return linkedin_urls
# LinkedIn Sales Navigator transform - LinkedIn Profile Search
def linkedin_sales_search(email):
url = f"https://www.linkedin.com/sales/gmail/profile/viewByEmail/{email}?_l=en_US"
response = requests.get(url)
# Process the response as needed
return response.text
# ImportYeti transform - LinkedIn Profile Search
def importyeti_linkedin_search(company_name):
url = f"https://www.importyeti.com/company/{company_name}"
response = requests.get(url)
soup = BeautifulSoup(response.content, "html.parser")
profile = soup.find("a", {"class": "importyeti-linkedin"})
linkedin_url = profile["href"] if profile else None
return linkedin_url
# PeepedIn transform - LinkedIn Profile Search
def peepedin_linkedin_search(company_name):
url = f"https://github.com/chm0dx/peepedIn/search?q=company%3A{company_name}&type=Code"
response = requests.get(url)
soup = BeautifulSoup(response.content, "html.parser")
profile = soup.find("a", {"class": "link-gray"})
linkedin_url = profile["href"] if profile else None
return linkedin_url
# Bing Webmaster transform - Mobile Friendliness Check
def bing_mobile_friendliness_check(url):
url = f"https://www.bing.com/webmaster/tools/mobile-friendliness?url={url}"
response = requests.get(url)
# Process the response as needed
return response.text
Facebook Username
from MaltegoTransform import *
import random
def generate_random_facebook_data(username):
# Generate random Facebook data
profile_url = f"https://www.facebook.com/{username}"
profile_name = "John Doe"
profile_location = "Unknown"
profile_friends = random.randint(0, 1000)
posts = []
# Generate random posts
for _ in range(random.randint(1, 5)):
post = {
"id": random.randint(1000000000, 9999999999),
"content": "This is a random Facebook post.",
"timestamp": "2023-06-23"
}
posts.append(post)
return profile_url, profile_name, profile_location, profile_friends, posts
# Create Maltego entity objects
me = MaltegoTransform()
ma = MaltegoTransform()
# Get input entity
username = sys.argv[1]
# Call the transform function
profile_url, profile_name, profile_location, profile_friends, posts = generate_random_facebook_data(username)
if profile_url:
# Create Maltego entities with random Facebook data
me.addEntity("maltego.URL", profile_url).setLinkLabel("Profile URL")
me.addEntity("maltego.Person").setName(profile_name)
me.addEntity("maltego.Location").setName(profile_location)
me.addEntity("maltego.Facebook.Friends").setValue(str(profile_friends))
for post in posts:
post_entity = me.addEntity("maltego.Facebook.Post", str(post["id"]))
post_entity.setLinkLabel("Post ID")
post_entity.addAdditionalFields("content", "Post Content", False, post["content"])
post_entity.addAdditionalFields("timestamp", "Timestamp", False, post["timestamp"])
me.addUIMessage("Random Facebook data generated!")
else:
ma.addUIMessage("No Facebook profile found.")
# Return the results
me.returnOutput()
ma.returnOutput()
Whois Email
rocketreach.co/browser_extension contactout.com app.getprospect.com/303197/contacts/filter/.. epieos.com ceoemail.com cyberforensics.in/OnlineEmailTracer/index.a..
from MaltegoTransform import *
import requests
def osint_email(email):
# Perform OSINT on the email address using various websites
results = []
# Perform OSINT on rocketreach.co
rocketreach_data = {
"email": email
}
rocketreach_response = requests.post("https://rocketreach.co/browser_extension", data=rocketreach_data)
if rocketreach_response.status_code == 200:
# Extract relevant information from the response
# Add entities to the results list
# Perform OSINT on contactout.com
# Make requests and extract information
# Perform OSINT on app.getprospect.com
# Make requests and extract information
# Perform OSINT on epieos.com
# Make requests and extract information
# Perform OSINT on ceoemail.com
# Make requests and extract information
# Perform OSINT on cyberforensics.in
# Make requests and extract information
return results
# Create Maltego entity objects
me = MaltegoTransform()
ma = MaltegoTransform()
# Get input entity
email = sys.argv[1]
# Call the transform function
results = osint_email(email)
if results:
# Create Maltego entities based on the OSINT results
# Add entities to me
me.addUIMessage("Email OSINT completed!")
else:
ma.addUIMessage("No results found.")
# Return the results
me.returnOutput()
ma.returnOutput()
IFSC
ifsccodebank.com/search-by-IFSC-code.aspx
from MaltegoTransform import *
import requests
def osint_ifsc(ifsc_code):
# Perform OSINT on the IFSC code using the website
results = []
# Prepare the request
url = "http://www.ifsccodebank.com/search-by-IFSC-code.aspx"
params = {
"ifsccode": ifsc_code
}
# Send the request
response = requests.get(url, params=params)
if response.status_code == 200:
# Extract relevant information from the response
# Add entities to the results list
return results
# Create Maltego entity objects
me = MaltegoTransform()
ma = MaltegoTransform()
# Get input entity
ifsc_code = sys.argv[1]
# Call the transform function
results = osint_ifsc(ifsc_code)
if results:
# Create Maltego entities based on the OSINT results
# Add entities to me
me.addUIMessage("IFSC code OSINT completed!")
else:
ma.addUIMessage("No results found.")
# Return the results
me.returnOutput()
ma.returnOutput()
Code Search
from MaltegoTransform import *
import requests
def code_search(query):
# Perform code search using the website's API
results = []
# Prepare the request
url = "https://searchcode.com/api/codesearch_I/"
params = {
"q": query
}
# Send the request
response = requests.get(url, params=params)
if response.status_code == 200:
# Extract relevant information from the response
# Add entities to the results list
return results
# Create Maltego entity objects
me = MaltegoTransform()
ma = MaltegoTransform()
# Get input entity
query = sys.argv[1]
# Call the transform function
results = code_search(query)
if results:
# Create Maltego entities based on the code search results
# Add entities to me
me.addUIMessage("Code search completed!")
else:
ma.addUIMessage("No results found.")
# Return the results
me.returnOutput()
ma.returnOutput()
Search Wireless Device Applications
fccid.io/?utm_content=cmp-true
from MaltegoTransform import *
import requests
def wireless_device_application_search(query):
# Perform wireless device application search using the website
results = []
# Prepare the request
url = "https://fccid.io/api/fccid?q={}".format(query)
# Send the request
response = requests.get(url)
if response.status_code == 200:
# Extract relevant information from the response
# Add entities to the results list
return results
# Create Maltego entity objects
me = MaltegoTransform()
ma = MaltegoTransform()
# Get input entity
query = sys.argv[1]
# Call the transform function
results = wireless_device_application_search(query)
if results:
# Create Maltego entities based on the wireless device application search results
# Add entities to me
me.addUIMessage("Wireless device application search completed!")
else:
ma.addUIMessage("No results found.")
# Return the results
me.returnOutput()
ma.returnOutput()
Car
carnet.ai vehiclehistoryreport.com autocheck.com/vehiclehistory/?siteID=0
from MaltegoTransform import *
import requests
def vehicle_search(query):
# Perform vehicle search using the website
results = []
# Prepare the request
url = "https://www.vehiclehistoryreport.com/"
params = {
"query": query
}
# Send the request
response = requests.get(url, params=params)
if response.status_code == 200:
# Extract relevant information from the response
# Add entities to the results list
return results
# Create Maltego entity objects
me = MaltegoTransform()
ma = MaltegoTransform()
# Get input entity
query = sys.argv[1]
# Call the transform function
results = vehicle_search(query)
if results:
# Create Maltego entities based on the vehicle search results
# Add entities to me
me.addUIMessage("Vehicle search completed!")
else:
ma.addUIMessage("No results found.")
# Return the results
me.returnOutput()
ma.returnOutput()
Map & Weather
freemaptools.com mapsm.com/?t=satellite-streets-v11 gpsjam.org/?lat=33.76715&lon=50.47420&a.. overpass-turbo.eu apps.sentinel-hub.com/eo-browser zoom.earth/maps/satellite/#view=37.6,-93,3... app.shadowmap.org osm-search.bellingcat.com shademap.app/@35.72145,51.33473,17.74332z,1.. demo.f4map.com/#lat=35.7072293&lon=51.3.. wikimapia.org livingatlas.arcgis.com/wayback/#active=4639.. satellites.pro/Iran_map#35.649856,51.397747.. qgis: docs.qgis.org/3.28/en/docs/user_manual/prea.. what distance is suitable best earth for attack satelight: geoxc-apps.bd.esri.com/space/satellite-expl.. mapchannels.com/DualMaps.aspx
import requests
from maltego_trx.transform import DiscoverableTransform
from maltego_trx.entities import URL, Location
class MapSearchTransform(DiscoverableTransform):
@classmethod
def create_entities(cls, request, response):
search_query = request.Value
# Constructing the search URL
search_url = "https://www.freemaptools.com/find-place.htm?q={}".format(search_query)
response.url = search_url
response += URL(search_url)
class WeatherTransform(DiscoverableTransform):
@classmethod
def create_entities(cls, request, response):
search_query = request.Value
# Constructing the search URL
search_url = "https://mapsm.com/?t=satellite-streets-v11&q={}".format(search_query)
response.url = search_url
response += URL(search_url)
# Extracting weather information from the website
weather_data = get_weather_data(search_query)
# Creating Maltego entities for weather information
location = Location(weather_data['location'])
location += Location("Latitude: {}".format(weather_data['latitude']))
location += Location("Longitude: {}".format(weather_data['longitude']))
location += Location("Temperature: {}°C".format(weather_data['temperature']))
location += Location("Humidity: {}%".format(weather_data['humidity']))
location += Location("Wind Speed: {} km/h".format(weather_data['wind_speed']))
response += location
def get_weather_data(search_query):
# Code to retrieve weather data from the website based on the search query
# Replace this with your own implementation or use an appropriate library
# Example weather data (replace with actual data retrieval)
weather_data = {
'location': search_query,
'latitude': 41.8781,
'longitude': -87.6298,
'temperature': 25,
'humidity': 60,
'wind_speed': 10
}
return weather_data
Search Incident
alerts.skytruth.org/report/2614736e-1c07-3b..
import requests
from maltego_trx.transform import DiscoverableTransform
from maltego_trx.entities import URL, Phrase
class IncidentSearchTransform(DiscoverableTransform):
@classmethod
def create_entities(cls, request, response):
search_query = request.Value
# Constructing the search URL
search_url = "https://alerts.skytruth.org/?q={}".format(search_query)
response.url = search_url
response += URL(search_url)
# Extracting incident information from the website
incident_data = get_incident_data(search_query)
# Creating Maltego entities for incident information
incident = Phrase(incident_data['title'])
incident += Phrase(incident_data['description'])
response += incident
def get_incident_data(search_query):
# Code to retrieve incident data from the website based on the search query
# Replace this with your own implementation or use an appropriate library
# Example incident data (replace with actual data retrieval)
incident_data = {
'title': 'Example Incident',
'description': 'This is an example incident description.'
}
return incident_data
Google Analytics
osintcombine.com/google-analytics-id-explorer
import requests
from maltego_trx.transform import DiscoverableTransform
from maltego_trx.entities import URL, Phrase
class GoogleAnalyticsSearchTransform(DiscoverableTransform):
@classmethod
def create_entities(cls, request, response):
search_query = request.Value
# Constructing the search URL
search_url = "https://www.osintcombine.com/google-analytics-id-explorer?q={}".format(search_query)
response.url = search_url
response += URL(search_url)
# Extracting Google Analytics information from the website
analytics_data = get_analytics_data(search_query)
# Creating Maltego entities for Google Analytics information
analytics_id = Phrase(analytics_data['id'])
analytics_id += Phrase(analytics_data['description'])
response += analytics_id
def get_analytics_data(search_query):
# Code to retrieve Google Analytics data from the website based on the search query
# Replace this with your own implementation or use an appropriate library
# Example Google Analytics data (replace with actual data retrieval)
analytics_data = {
'id': 'UA-12345678',
'description': 'This is a Google Analytics tracking ID.'
}
return analytics_data
Building Databases
Building Databases
import requests
from maltego_trx.transform import DiscoverableTransform
from maltego_trx.entities import URL, Phrase
class BuildingDatabaseSearchTransform(DiscoverableTransform):
@classmethod
def create_entities(cls, request, response):
search_query = request.Value
# Constructing the search URLs
search_urls = [
"https://www.skydb.net/search?q={}".format(search_query),
"https://osmbuildings.org/search?q={}".format(search_query),
"https://skyscraperpage.com/cities/?searchID={}".format(search_query),
"https://www.ctbuh.org/search?term={}".format(search_query),
"https://osm-search.bellingcat.com/?q={}".format(search_query)
]
for url in search_urls:
response.url = url
response += URL(url)
# Extracting building database information from the websites
building_data = get_building_data(search_query)
# Creating Maltego entities for building information
for data in building_data:
building = Phrase(data['title'])
building += Phrase(data['description'])
response += building
def get_building_data(search_query):
# Code to retrieve building data from the websites based on the search query
# Replace this with your own implementation or use an appropriate library
# Example building data (replace with actual data retrieval)
building_data = [
{
'title': 'Building 1',
'description': 'This is building 1 description.'
},
{
'title': 'Building 2',
'description': 'This is building 2 description.'
},
{
'title': 'Building 3',
'description': 'This is building 3 description.'
}
]
return building_data
Train
river-runner-global.samlearner.com
import requests
from maltego_trx.transform import DiscoverableTransform
from maltego_trx.entities import URL, Phrase
class TrainSearchTransform(DiscoverableTransform):
@classmethod
def create_entities(cls, request, response):
search_query = request.Value
# Constructing the search URL
search_url = "https://river-runner-global.samlearner.com/trains?q={}".format(search_query)
response.url = search_url
response += URL(search_url)
# Extracting train information from the website
train_data = get_train_data(search_query)
# Creating Maltego entities for train information
train = Phrase(train_data['name'])
train += Phrase(train_data['description'])
response += train
def get_train_data(search_query):
# Code to retrieve train data from the website based on the search query
# Replace this with your own implementation or use an appropriate library
# Example train data (replace with actual data retrieval)
train_data = {
'name': 'Example Train',
'description': 'This is an example train description.'
}
return train_data
Drug
import requests
from maltego_trx.transform import DiscoverableTransform
from maltego_trx.entities import URL, Phrase
class DrugSearchTransform(DiscoverableTransform):
@classmethod
def create_entities(cls, request, response):
search_query = request.Value
# Constructing the search URL
search_url = "https://iris.wcoomd.org/?locale=en&search={}".format(search_query)
response.url = search_url
response += URL(search_url)
# Extracting drug information from the website
drug_data = get_drug_data(search_query)
# Creating Maltego entities for drug information
drug = Phrase(drug_data['name'])
drug += Phrase(drug_data['description'])
response += drug
def get_drug_data(search_query):
# Code to retrieve drug data from the website based on the search query
# Replace this with your own implementation or use an appropriate library
# Example drug data (replace with actual data retrieval)
drug_data = {
'name': 'Example Drug',
'description': 'This is an example drug description.'
}
return drug_data
Marine
import requests
from maltego_trx.transform import DiscoverableTransform
from maltego_trx.entities import URL, Phrase
class MarineSearchTransform(DiscoverableTransform):
@classmethod
def create_entities(cls, request, response):
search_query = request.Value
# Constructing the search URL
search_url = "https://www.marinetraffic.com/en/ais/index/search/all?q={}".format(search_query)
response.url = search_url
response += URL(search_url)
# Extracting marine information from the website
marine_data = get_marine_data(search_query)
# Creating Maltego entities for marine information
marine = Phrase(marine_data['name'])
marine += Phrase(marine_data['description'])
response += marine
def get_marine_data(search_query):
# Code to retrieve marine data from the website based on the search query
# Replace this with your own implementation or use an appropriate library
# Example marine data (replace with actual data retrieval)
marine_data = {
'name': 'Example Marine',
'description': 'This is an example marine description.'
}
return marine_data
Ships
import requests
from maltego_trx.transform import DiscoverableTransform
from maltego_trx.entities import URL, Phrase
class ShipSearchTransform(DiscoverableTransform):
@classmethod
def create_entities(cls, request, response):
search_query = request.Value
# Constructing the search URLs
search_urls = [
"https://www.marinetraffic.com/en/ais/index/search/all?q={}".format(search_query),
"https://www.fleetmon.com/s?q={}".format(search_query),
"https://www.fleetmon.com/"
]
for url in search_urls:
response.url = url
response += URL(url)
# Extracting ship information from the websites
ship_data = get_ship_data(search_query)
# Creating Maltego entities for ship information
ship = Phrase(ship_data['name'])
ship += Phrase(ship_data['description'])
response += ship
def get_ship_data(search_query):
# Code to retrieve ship data from the websites based on the search query
# Replace this with your own implementation or use an appropriate library
# Example ship data (replace with actual data retrieval)
ship_data = {
'name': 'Example Ship',
'description': 'This is an example ship description.'
}
return ship_data
import requests
from maltego_trx.transform import DiscoverableTransform
from maltego_trx.entities import URL, Phrase
class TwitterSearchTransform(DiscoverableTransform):
@classmethod
def create_entities(cls, request, response):
search_query = request.Value
# Constructing the search URLs
search_urls = [
"http://geosocialfootprint.com/?q={}".format(search_query),
"https://github.com/achyuthjoism/tweeds/search?q={}".format(search_query),
"https://socialbearing.com/search/general/{}".format(search_query),
"https://spoonbill.io/search?q={}".format(search_query),
"https://github.com/humandecoded/twayback/search?q={}".format(search_query),
"https://api.memory.lol/v1/tw/{}".format(search_query),
"https://archive.org/details/twitterstream?query={}".format(search_query),
"https://threadreaderapp.com/search?q={}".format(search_query),
"http://spoonbill.io/?q={}".format(search_query)
]
for url in search_urls:
response.url = url
response += URL(url)
# Extracting Twitter information from the websites
twitter_data = get_twitter_data(search_query)
# Creating Maltego entities for Twitter information
twitter = Phrase(twitter_data['username'])
twitter += Phrase(twitter_data['description'])
response += twitter
def get_twitter_data(search_query):
# Code to retrieve Twitter data from the websites based on the search query
# Replace this with your own implementation or use an appropriate library
# Example Twitter data (replace with actual data retrieval)
twitter_data = {
'username': 'ExampleUser',
'description': 'This is an example Twitter user description.'
}
return twitter_data
Website
import requests
from maltego_trx.transform import DiscoverableTransform
from maltego_trx.entities import URL, Phrase
class WebsiteSearchTransform(DiscoverableTransform):
@classmethod
def create_entities(cls, request, response):
search_query = request.Value
# Constructing the search URLs
search_urls = [
"https://urlscan.io/result/247d32c5-8822-4da5-b3ae-1c627d642539/#summary",
"https://zulu.zscaler.com/search/domain/{}".format(search_query),
"https://builtwith.com/relationships/{}".format(search_query),
"https://rextracter.streamlit.app/?q={}".format(search_query)
]
for url in search_urls:
response.url = url
response += URL(url)
# Extracting website information from the websites
website_data = get_website_data(search_query)
# Creating Maltego entities for website information
website = Phrase(website_data['name'])
website += Phrase(website_data['description'])
response += website
def get_website_data(search_query):
# Code to retrieve website data from the websites based on the search query
# Replace this with your own implementation or use an appropriate library
# Example website data (replace with actual data retrieval)
website_data = {
'name': 'Example Website',
'description': 'This is an example website description.'
}
return website_data
Phone
import requests
from maltego_trx.transform import DiscoverableTransform
from maltego_trx.entities import URL, Phrase
class PhoneSearchTransform(DiscoverableTransform):
@classmethod
def create_entities(cls, request, response):
search_query = request.Value
# Constructing the search URLs
search_urls = [
"https://wigle.net/search?ssid=",
"https://demo.phoneinfoga.crvx.fr/#/",
"https://cipher387.github.io/phonenumberqueryconstructor/?q={}".format(search_query)
]
for url in search_urls:
response.url = url
response += URL(url)
# Extracting phone information from the websites
phone_data = get_phone_data(search_query)
# Creating Maltego entities for phone information
phone = Phrase(phone_data['number'])
phone += Phrase(phone_data['description'])
response += phone
def get_phone_data(search_query):
# Code to retrieve phone data from the websites based on the search query
# Replace this with your own implementation or use an appropriate library
# Example phone data (replace with actual data retrieval)
phone_data = {
'number': '1234567890',
'description': 'This is an example phone number description.'
}
return phone_data
Supplier
import requests
from maltego_trx.transform import DiscoverableTransform
from maltego_trx.entities import URL, Phrase
class SupplierSearchTransform(DiscoverableTransform):
@classmethod
def create_entities(cls, request, response):
search_query = request.Value
# Constructing the search URL
search_url = "https://www.importyeti.com/?q={}".format(search_query)
response.url = search_url
response += URL(search_url)
# Extracting supplier information from the website
supplier_data = get_supplier_data(search_query)
# Creating Maltego entities for supplier information
supplier = Phrase(supplier_data['name'])
supplier += Phrase(supplier_data['description'])
response += supplier
def get_supplier_data(search_query):
# Code to retrieve supplier data from the website based on the search query
# Replace this with your own implementation or use an appropriate library
# Example supplier data (replace with actual data retrieval)
supplier_data = {
'name': 'Example Supplier',
'description': 'This is an example supplier description.'
}
return supplier_data
Fraud
import requests
from maltego_trx.transform import DiscoverableTransform
from maltego_trx.entities import URL, Phrase
class FraudSearchTransform(DiscoverableTransform):
@classmethod
def create_entities(cls, request, response):
search_query = request.Value
# Constructing the search URL
search_url = "https://defastra.com/?q={}".format(search_query)
response.url = search_url
response += URL(search_url)
# Extracting fraud information from the website
fraud_data = get_fraud_data(search_query)
# Creating Maltego entities for fraud information
fraud = Phrase(fraud_data['name'])
fraud += Phrase(fraud_data['description'])
response += fraud
def get_fraud_data(search_query):
# Code to retrieve fraud data from the website based on the search query
# Replace this with your own implementation or use an appropriate library
# Example fraud data (replace with actual data retrieval)
fraud_data = {
'name': 'Example Fraud',
'description': 'This is an example fraud description.'
}
return fraud_data
Red Notices
import requests
from maltego_trx.transform import DiscoverableTransform
from maltego_trx.entities import URL, Phrase
class RedNoticeSearchTransform(DiscoverableTransform):
@classmethod
def create_entities(cls, request, response):
search_query = request.Value
# Constructing the search URL
search_url = "https://www.interpol.int/How-we-work/Notices/View-Red-Notices?q={}".format(search_query)
response.url = search_url
response += URL(search_url)
# Extracting Red Notice information from the website
red_notice_data = get_red_notice_data(search_query)
# Creating Maltego entities for Red Notice information
red_notice = Phrase(red_notice_data['name'])
red_notice += Phrase(red_notice_data['description'])
response += red_notice
def get_red_notice_data(search_query):
# Code to retrieve Red Notice data from the website based on the search query
# Replace this with your own implementation or use an appropriate library
# Example Red Notice data (replace with actual data retrieval)
red_notice_data = {
'name': 'Example Red Notice',
'description': 'This is an example Red Notice description.'
}
return red_notice_data
Skype
import requests
from maltego_trx.transform import DiscoverableTransform
from maltego_trx.entities import URL, Phrase
class SkypeSearchTransform(DiscoverableTransform):
@classmethod
def create_entities(cls, request, response):
search_query = request.Value
# Constructing the search URLs
search_urls = [
"https://www.vedbex.com/phone2skype?q={}".format(search_query),
"https://www.vedbex.com/tools/email2skype?q={}".format(search_query),
"https://www.vedbex.com/skyperesolver?q={}".format(search_query),
"http://mostwantedhf.info/?q={}".format(search_query),
"http://webresolver.nl/?q={}".format(search_query)
]
for url in search_urls:
response.url = url
response += URL(url)
# Extracting Skype information from the websites
skype_data = get_skype_data(search_query)
# Creating Maltego entities for Skype information
skype = Phrase(skype_data['username'])
skype += Phrase(skype_data['description'])
response += skype
def get_skype_data(search_query):
# Code to retrieve Skype data from the websites based on the search query
# Replace this with your own implementation or use an appropriate library
# Example Skype data (replace with actual data retrieval)
skype_data = {
'username': 'example_skype_username',
'description': 'This is an example Skype description.'
}
return skype_data
Youtube
import requests
from maltego_trx.transform import DiscoverableTransform
from maltego_trx.entities import URL, Phrase
class YouTubeSearchTransform(DiscoverableTransform):
@classmethod
def create_entities(cls, request, response):
search_query = request.Value
# Constructing the search URLs
search_urls = [
"https://mattw.io/youtube-geofind/location?q={}".format(search_query),
"https://hadzy.com/comments?q={}".format(search_query),
"https://t.co/dbioIcIEem?q={}".format(search_query),
"https://ytlarge.com/youtube/video-data-viewer?q={}".format(search_query)
]
for url in search_urls:
response.url = url
response += URL(url)
# Extracting YouTube information from the websites
youtube_data = get_youtube_data(search_query)
# Creating Maltego entities for YouTube information
youtube = Phrase(youtube_data['video_title'])
youtube += Phrase(youtube_data['description'])
response += youtube
def get_youtube_data(search_query):
# Code to retrieve YouTube data from the websites based on the search query
# Replace this with your own implementation or use an appropriate library
# Example YouTube data (replace with actual data retrieval)
youtube_data = {
'video_title': 'Example Video',
'description': 'This is an example YouTube video description.'
}
return youtube_data
MAC
import requests
from maltego_trx.transform import DiscoverableTransform
from maltego_trx.entities import URL, Phrase
class MacSearchTransform(DiscoverableTransform):
@classmethod
def create_entities(cls, request, response):
search_query = request.Value
# Constructing the search URL
search_url = "http://www.macvendorlookup.com/search?q={}".format(search_query)
response.url = search_url
response += URL(search_url)
# Extracting MAC address information from the website
mac_data = get_mac_data(search_query)
# Creating Maltego entities for MAC address information
mac = Phrase(mac_data['vendor'])
mac += Phrase(mac_data['description'])
response += mac
def get_mac_data(search_query):
# Code to retrieve MAC address data from the website based on the search query
# Replace this with your own implementation or use an appropriate library
# Example MAC address data (replace with actual data retrieval)
mac_data = {
'vendor': 'Example Vendor',
'description': 'This is an example MAC address description.'
}
return mac_data
IME
import requests
from maltego_trx.transform import DiscoverableTransform
from maltego_trx.entities import URL, Phrase
class ImeSearchTransform(DiscoverableTransform):
@classmethod
def create_entities(cls, request, response):
search_query = request.Value
# Constructing the search URL
search_url = "http://imei-number.com/imei-validation-check/?imei={}".format(search_query)
response.url = search_url
response += URL(search_url)
# Extracting IMEI information from the website
imei_data = get_imei_data(search_query)
# Creating Maltego entities for IMEI information
imei = Phrase(imei_data['result'])
imei += Phrase(imei_data['description'])
response += imei
def get_imei_data(search_query):
# Code to retrieve IMEI data from the website based on the search query
# Replace this with your own implementation or use an appropriate library
# Example IMEI data (replace with actual data retrieval)
imei_data = {
'result': 'Valid',
'description': 'This is an example IMEI description.'
}
return imei_data
BND Spies & Gmail
import requests
from maltego_trx.transform import DiscoverableTransform
from maltego_trx.entities import URL, Phrase
class BndSpiesAndGmailSearchTransform(DiscoverableTransform):
@classmethod
def create_entities(cls, request, response):
search_query = request.Value
# Constructing the search URLs
search_urls = [
"https://gmail-osint.activetk.jp/?query={}".format(search_query),
"https://emailrep.io/{}".format(search_query),
"https://lampyre.io/search/{}".format(search_query),
"https://epieos.com/?q={}".format(search_query)
]
for url in search_urls:
response.url = url
response += URL(url)
# Extracting BND Spies and Gmail information from the websites
bnd_spies_data = get_bnd_spies_data(search_query)
gmail_data = get_gmail_data(search_query)
# Creating Maltego entities for BND Spies and Gmail information
bnd_spies = Phrase(bnd_spies_data['result'])
bnd_spies += Phrase(bnd_spies_data['description'])
gmail = Phrase(gmail_data['result'])
gmail += Phrase(gmail_data['description'])
response += bnd_spies
response += gmail
def get_bnd_spies_data(search_query):
# Code to retrieve BND Spies data from the websites based on the search query
# Replace this with your own implementation or use an appropriate library
# Example BND Spies data (replace with actual data retrieval)
bnd_spies_data = {
'result': 'Found',
'description': 'This is an example BND Spies description.'
}
return bnd_spies_data
def get_gmail_data(search_query):
# Code to retrieve Gmail data from the websites based on the search query
# Replace this with your own implementation or use an appropriate library
# Example Gmail data (replace with actual data retrieval)
gmail_data = {
'result': 'Found',
'description': 'This is an example Gmail description.'
}
return gmail_data
Username
import requests
from maltego_trx.transform import DiscoverableTransform
from maltego_trx.entities import URL, Phrase
class UsernameSearchTransform(DiscoverableTransform):
@classmethod
def create_entities(cls, request, response):
search_query = request.Value
# Constructing the search URL
search_url = "https://usersearch.org/results_normal.php?keyword={}".format(search_query)
response.url = search_url
response += URL(search_url)
# Extracting username information from the website
username_data = get_username_data(search_query)
# Creating Maltego entities for username information
username = Phrase(username_data['result'])
username += Phrase(username_data['description'])
response += username
def get_username_data(search_query):
# Code to retrieve username data from the website based on the search query
# Replace this with your own implementation or use an appropriate library
# Example username data (replace with actual data retrieval)
username_data = {
'result': 'Found',
'description': 'This is an example username description.'
}
return username_data
People
import requests
from maltego_trx.transform import DiscoverableTransform
from maltego_trx.entities import URL, Phrase
class PeopleSearchTransform(DiscoverableTransform):
@classmethod
def create_entities(cls, request, response):
search_query = request.Value
# Constructing the search URLs
search_urls = [
"https://www.statista.com/search/?q={}".format(search_query),
"https://epieos.com/?q={}".format(search_query)
]
for url in search_urls:
response.url = url
response += URL(url)
# Extracting people information from the websites
statista_data = get_statista_data(search_query)
epieos_data = get_epieos_data(search_query)
# Creating Maltego entities for people information
statista_result = Phrase(statista_data['result'])
statista_description = Phrase(statista_data['description'])
epieos_result = Phrase(epieos_data['result'])
epieos_description = Phrase(epieos_data['description'])
response += statista_result
response += statista_description
response += epieos_result
response += epieos_description
def get_statista_data(search_query):
# Code to retrieve people data from the Statista website based on the search query
# Replace this with your own implementation or use an appropriate library
# Example Statista data (replace with actual data retrieval)
statista_data = {
'result': 'Found on Statista',
'description': 'This is an example Statista description.'
}
return statista_data
def get_epieos_data(search_query):
# Code to retrieve people data from the EPIEOS website based on the search query
# Replace this with your own implementation or use an appropriate library
# Example EPIEOS data (replace with actual data retrieval)
epieos_data = {
'result': 'Found on EPIEOS',
'description': 'This is an example EPIEOS description.'
}
return epieos_data
Flights
import requests
from maltego_trx.transform import DiscoverableTransform
from maltego_trx.entities import URL, Phrase
class FlightSearchTransform(DiscoverableTransform):
@classmethod
def create_entities(cls, request, response):
search_query = request.Value
# Constructing the search URLs
search_urls = [
"https://globe.adsb.fi/?icao={}".format(search_query),
"https://www.flightradar24.com/search?q={}".format(search_query),
"https://www.radarbox.com/flight/{}".format(search_query),
"https://www.ads-b.nl/index.php?pageno=3001&checkcountry=&checktype={}".format(search_query),
"https://opensky-network.org/network/explorer?search={}".format(search_query)
]
for url in search_urls:
response.url = url
response += URL(url)
# Extracting flight information from the websites
globe_adsb_data = get_globe_adsb_data(search_query)
flightradar24_data = get_flightradar24_data(search_query)
radarbox_data = get_radarbox_data(search_query)
adsb_nl_data = get_adsb_nl_data(search_query)
opensky_network_data = get_opensky_network_data(search_query)
# Creating Maltego entities for flight information
globe_adsb_result = Phrase(globe_adsb_data['result'])
globe_adsb_description = Phrase(globe_adsb_data['description'])
flightradar24_result = Phrase(flightradar24_data['result'])
flightradar24_description = Phrase(flightradar24_data['description'])
radarbox_result = Phrase(radarbox_data['result'])
radarbox_description = Phrase(radarbox_data['description'])
adsb_nl_result = Phrase(adsb_nl_data['result'])
adsb_nl_description = Phrase(adsb_nl_data['description'])
opensky_network_result = Phrase(opensky_network_data['result'])
opensky_network_description = Phrase(opensky_network_data['description'])
response += globe_adsb_result
response += globe_adsb_description
response += flightradar24_result
response += flightradar24_description
response += radarbox_result
response += radarbox_description
response += adsb_nl_result
response += adsb_nl_description
response += opensky_network_result
response += opensky_network_description
def get_globe_adsb_data(search_query):
# Code to retrieve flight data from the globe.adsb.fi website based on the search query
# Replace this with your own implementation or use an appropriate library
# Example globe.adsb.fi data (replace with actual data retrieval)
globe_adsb_data = {
'result': 'Flight found on globe.adsb.fi',
'description': 'This is an example globe.adsb.fi description.'
}
return globe_adsb_data
def get_flightradar24_data(search_query):
# Code to retrieve flight data from the flightradar24.com website based on the search query
# Replace this with your own implementation or use an appropriate library
# Example flightradar24.com data (replace with actual data retrieval)
flightradar24_data = {
'result': 'Flight found on flightradar24.com',
'description': 'This is an example flightradar24.com description.'
}
return flightradar24_data
def get_radarbox_data(search_query):
# Code to retrieve flight data from the radarbox.com website based on the search query
# Replace this with your own implementation or use an appropriate library
# Example radarbox.com data (replace with actual data retrieval)
radarbox_data = {
'result': 'Flight found on radarbox.com',
'description': 'This is an example radarbox.com description.'
}
return radarbox_data
def get_adsb_nl_data(search_query):
# Code to retrieve flight data from the ads-b.nl website based on the search query
# Replace this with your own implementation or use an appropriate library
# Example ads-b.nl data (replace with actual data retrieval)
adsb_nl_data = {
'result': 'Flight found on ads-b.nl',
'description': 'This is an example ads-b.nl description.'
}
return adsb_nl_data
def get_opensky_network_data(search_query):
# Code to retrieve flight data from the opensky-network.org website based on the search query
# Replace this with your own implementation or use an appropriate library
# Example opensky-network.org data (replace with actual data retrieval)
opensky_network_data = {
'result': 'Flight found on opensky-network.org',
'description': 'This is an example opensky-network.org description.'
}
return opensky_network_data
The Wayback Machine
import requests
from maltego_trx.transform import DiscoverableTransform
from maltego_trx.entities import URL, Phrase
class WaybackMachineSearchTransform(DiscoverableTransform):
@classmethod
def create_entities(cls, request, response):
search_query = request.Value
# Constructing the search URLs
search_urls = [
"https://timetravel.mementoweb.org/?url={}".format(search_query),
"https://archive.ph/{}".format(search_query),
"http://www.cachedpages.com/?search={}".format(search_query)
]
for url in search_urls:
response.url = url
response += URL(url)
# Extracting information from The Wayback Machine websites
timetravel_data = get_timetravel_data(search_query)
archive_ph_data = get_archive_ph_data(search_query)
cachedpages_data = get_cachedpages_data(search_query)
# Creating Maltego entities for the search results
timetravel_result = Phrase(timetravel_data['result'])
timetravel_description = Phrase(timetravel_data['description'])
archive_ph_result = Phrase(archive_ph_data['result'])
archive_ph_description = Phrase(archive_ph_data['description'])
cachedpages_result = Phrase(cachedpages_data['result'])
cachedpages_description = Phrase(cachedpages_data['description'])
response += timetravel_result
response += timetravel_description
response += archive_ph_result
response += archive_ph_description
response += cachedpages_result
response += cachedpages_description
def get_timetravel_data(search_query):
# Code to retrieve information from the timetravel.mementoweb.org website based on the search query
# Replace this with your own implementation or use an appropriate library
# Example timetravel.mementoweb.org data (replace with actual data retrieval)
timetravel_data = {
'result': 'Information found on timetravel.mementoweb.org',
'description': 'This is an example timetravel.mementoweb.org description.'
}
return timetravel_data
def get_archive_ph_data(search_query):
# Code to retrieve information from the archive.ph website based on the search query
# Replace this with your own implementation or use an appropriate library
# Example archive.ph data (replace with actual data retrieval)
archive_ph_data = {
'result': 'Information found on archive.ph',
'description': 'This is an example archive.ph description.'
}
return archive_ph_data
def get_cachedpages_data(search_query):
# Code to retrieve information from the cachedpages.com website based on the search query
# Replace this with your own implementation or use an appropriate library
# Example cachedpages.com data (replace with actual data retrieval)
cachedpages_data = {
'result': 'Information found on cachedpages.com',
'description': 'This is an example cachedpages.com description.'
}
return cachedpages_data
Tiktok
import requests
from maltego_trx.transform import DiscoverableTransform
from maltego_trx.entities import URL, Phrase
class TikTokSearchTransform(DiscoverableTransform):
@classmethod
def create_entities(cls, request, response):
search_query = request.Value
# Constructing the search URL
search_url = "https://www.osintcombine.com/tiktok-quick-search/?username={}".format(search_query)
response.url = search_url
response += URL(search_url)
# Extracting information from the TikTok search website
tiktok_data = get_tiktok_data(search_query)
# Creating Maltego entities for the search result
tiktok_result = Phrase(tiktok_data['result'])
tiktok_description = Phrase(tiktok_data['description'])
response += tiktok_result
response += tiktok_description
def get_tiktok_data(search_query):
# Code to retrieve information from the osintcombine.com TikTok search website based on the search query
# Replace this with your own implementation or use an appropriate library
# Example osintcombine.com TikTok search data (replace with actual data retrieval)
tiktok_data = {
'result': 'Information found on osintcombine.com TikTok search',
'description': 'This is an example osintcombine.com TikTok search description.'
}
return tiktok_data
Podcast
import requests
from maltego_trx.transform import DiscoverableTransform
from maltego_trx.entities import URL, Phrase
class PodcastSearchTransform(DiscoverableTransform):
@classmethod
def create_entities(cls, request, response):
search_query = request.Value
# Constructing the search URL
search_url = "https://podtext.ai/?q={}".format(search_query)
response.url = search_url
response += URL(search_url)
# Extracting information from the Podcast AI website
podcast_data = get_podcast_data(search_query)
# Creating Maltego entities for the search result
podcast_result = Phrase(podcast_data['result'])
podcast_description = Phrase(podcast_data['description'])
response += podcast_result
response += podcast_description
def get_podcast_data(search_query):
# Code to retrieve information from the podtext.ai website based on the search query
# Replace this with your own implementation or use an appropriate library
# Example podtext.ai data (replace with actual data retrieval)
podcast_data = {
'result': 'Information found on podtext.ai',
'description': 'This is an example podtext.ai description.'
}
return podcast_data
Bird
import requests
from maltego_trx.transform import DiscoverableTransform
from maltego_trx.entities import URL, Phrase
class BirdSearchTransform(DiscoverableTransform):
@classmethod
def create_entities(cls, request, response):
search_query = request.Value
# Constructing the search URL
search_url = "https://ebird.org/region/{}?yr=all".format(search_query)
response.url = search_url
response += URL(search_url)
# Extracting information from the eBird website
bird_data = get_bird_data(search_query)
# Creating Maltego entities for the search result
bird_result = Phrase(bird_data['result'])
bird_description = Phrase(bird_data['description'])
response += bird_result
response += bird_description
def get_bird_data(search_query):
# Code to retrieve information from the ebird.org website based on the search query
# Replace this with your own implementation or use an appropriate library
# Example eBird data (replace with actual data retrieval)
bird_data = {
'result': 'Information found on eBird',
'description': 'This is an example eBird description.'
}
return bird_data