For example, to investigate the Microsoft Exchange server hack, one would start from the Phrase Entity “microsoft exchange” and gather related pulses using the Search Pulses Transform. Using AlienVault OTX Pulses via Maltego Transforms □︎Īs stated before, you can search a pulse from different Entities such as a DNS name, an email address, a domain name, a hash, a CVE or even a Phrase Entity. After entering your API key, wait for the installation to finish, and you will be ready to unleash the power of OTX on your Maltego graphs. Sign up for an account here: Īfter doing so, install the AlienVault OTX item in the Maltego Transform Hub. After registering, you will be given an API key, which is required to fully exploit the OTX Transform Hub item. However, registration to the API key is free!Īll you need is a couple of minutes and an email address. Most of the AlienVault OTX Transforms are available for all Maltego users and do not require an API key, except for Transforms for pulse lookups. How to Access AlienVault OTX Transforms in Maltego □︎ To create a pulse, OTX provides its users with an extraction tool to run on documents such as a webpage or a PDF report but also from more industry specific sources like STYX or OpenIOC. A pulse links a collection of indicators to a threat. OTX users can upload indicators by creating a pulse. One of the main features of OTX is its horizontality: Everyone can participate in the discussion and submit indicators. Use Case 2: Investigating A BitCoin Miner with OTX Transforms. Use Case 1: Network Footprinting with OTX Transforms.Using the Transforms: How to Retrieve AlienVault OTX Pulses. About AlienVault OTX Integration in Maltego.
0 Comments
Leave a Reply. |