A recipe for both
- Scott J Roberts
- Instructor: SANS FOR578 Cyber Threat Intelligence
- Author: Intelligence Driven Incident Response
- Metaphor Warning!!!
for ($fqdn, $ipv4) in $rows { | |
[ inet:dns:a = ( $fqdn, $ipv4 ) +#ioc +#adversary.nsogroup +#infrastructure ] | |
} |
I hereby claim:
To claim this, I am signing this object:
Here is an overview of my past (and sometimes upcoming) speaking opportunities.
I hereby claim:
To claim this, I am signing this object:
# Set up your Transform object. This is the basis for returning results. | |
trx = MaltegoTransform() |
# This returns the transform as an XML representation that Maltego | |
# uses to update the graph. | |
trx.returnOutput() |
# Import MaltegoTransform-Python library | |
# from MaltegoTransform import MaltegoEntity | |
from MaltegoTransform import MaltegoTransform |
# Create a Maltego Transform Exception | |
trx.addException("We're out of gummy bears!!! Abort.") | |
# ThrowExceptions returns the errored transform. | |
trx.throwExceptions() |
# For a 1-1 transform, so we create one location entity based | |
# on the geolocation data. | |
trx.addEntity("maltego.Location", "New York, NY") | |
# This can also be placed in a loop and will result in multiple entities. | |
locations = ["New York", "Washington DC", "San Francisco"] | |
for location in locations: | |
trx.addEntity("maltego.Location", location) |