Set of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Christophe Vandeplas f7cb8740ce chg: [doc] logo and minor docu updates 1 month ago
ansible new: [install] docker and ansible scripts for remote transform server 1 month ago
doc chg: [doc] logo and minor docu updates 1 month ago
src/MISP_maltego fix: [galaxies] lock when generating galaxies cache, fixes #23 1 month ago
.canari redevelopment from scratch using canari3 1 year ago
.gitignore new: [doc] Installation using pip 9 months ago
.mrbob.ini redevelopment from scratch using canari3 1 year ago
Dockerfile fix: [docker] default to pip and not local code 1 month ago
LICENSE redevelopment from scratch using canari3 1 year ago
MANIFEST.in redevelopment from scratch using canari3 1 year ago
README.md chg: [doc] logo and minor docu updates 1 month ago
TRANSFORM_HUB_DISCLAIMER.md new: [install] docker and ansible scripts for remote transform server 1 month ago
publish_to_pip.sh minor cleanups 8 months ago
setup.py fix: [local] fixes all event to local transforms 1 month ago

README.md

logo

Quick start guide

This is a Maltego MISP integration tool allowing you to view (read-only) data from a MISP instance.

It also allows browsing through the MITRE ATT&CK entities.

Currently supported MISP elements are : Event, Attribute, Object (incl relations), Tag, Taxonomy, Galaxy (incl relations).

Once installed you can start by creating a MISPEvent entity, then load the Machine EventToAll or the transform EventToAttributes.

Alternatively initiate a transform on an existing Maltego entity. The currently supported entities are: AS, DNSName, Domain, EmailAddress, File, Hash, IPv4Address, NSRecord, Person, PhoneNumber, URL, Website

Installation and User Guide:

Installation is fairly easy by using pip, just read the steps in the documentation.

The User Guide gives some example use-cases.

Screenshot

Screenshot

License

This software is licensed under GNU Affero General Public License version 3

  • Copyright © 2018 Christophe Vandeplas

Note: Before being rewritten from scratch this project was maintained by Emmanuel Bouillon. The code is available in the v1 branch.

The logo is CC-BY-SA and was designed by Françoise Penninckx

The icons in the intelligence-icons folder are from intelligence-icons licensed CC-BY-SA - Françoise Penninckx, Brett Jordan