zeropwn/intelx-maltego

intelx-maltego

Maltego Transforms for Intelligence X (intelx.io)

Installation

NOTES:

• The "config" directory is required, do not delete it at any point except during uninstallation.
• You cannot include any whitespaces in any of the filepaths unless it's for the Python executable.

What will be installed:

Transforms

• Intelligence X Emails Transform
• Intelligence X Search Transform
• Intelligence X URLs Transform
• Intelligence X Subdomains Transform
• Intelligence X Search Result Transform
• Intelligence X Selectors Transform
• Intelligence X History Transform
• Intelligence X Treeview Transform

Entities

• Intelligence X BTC Entity
• Intelligence X Credit Card Entity
• Intelligence X IBAN Entity
• Intelligence X MAC Address Entity
• Intelligence X Simhash Entity
• Intelligence X Storage ID Entity
• Intelligence X System ID Entity
• Intelligence X UUID Entity
• Intelligence X Selector Entity
• Intelligence X Leak Entity
• Intelligence X Search Result Entity
• Intelligence X Historical Search Result Entity

Requirements

• intelx-0.5
• maltego-trx
• python >= 3
• An Intelligence X API Key

While the installation procedure is relatively straightforward, there are a few fundamental differences between Linux / Windows. Mainly, the location of the Python executable. The first step, is to ensure intelx-0.4 and maltego-trx are a part of your Python environment.

git clone https://github.com/IntelligenceX/SDK
pip install ./SDK/Python

Now we can go ahead with the download.

git clone https://github.com/zeropwn/intelx-maltego
cd intelx-maltego
pip install -r requirements.txt

Once we've ensured all the requirements are present, we can continue with the actual installation. In order to do that, simply run the install.py script, and follow the instructions.

Now that we've generated the Maltego MTZ configuration file, we can use that to import all of the transforms hosted in this repository. It will be located within the intelx-maltego folder.

Since that's done, all we have to do now is import that file in Maltego by going to Maltego > Import / Export > Import Configuration > Import intelx.mtz file

You should be met with a screen similar to this:

Uninstallation

If you'd like to remove the entities and transforms from your Maltego installation, you must do so manually.

Entity Removal

To remove the Intelligence X entities, simply navigate to Entities > Manage Entities > Search for "intelx", and click the "X" on the entities you'd like to remove.

Transform Removal

To remove the Intelligence X transforms, simply navigate to Transforms > Transform Manager, then search for "Intelligence" and select all transforms, then right click > Delete.

From there, all you have to do is remove the intelx-maltego directory, and you should be good. Alternatively, you can do a factory reset, and remove all entities + transforms automatically.

Updating the transforms

At the time of writing, there is not an automatic update feature. If you need to update the code, simply remove the existing transforms, entities and transform bindings, and start the installation again.