Developer

Welcome to the developer section of the website. This page will explain and/or link you to the relevent sections for extending Maltego.

Maltego Scripting Language (Machines)


Before diving into the extending section, another way to develop within the tool is to use the Maltego Scripting Language. This is the language used to string together transforms and work with the entities on the graph. The following document describes in detail how to contruct your own Machines as well as the syntax used and how to interact with the transforms.

Maltego Scripting Language Documentation

Types of Extending

The image below describes the different ways and means that you can integrate with Maltego:



For this section however we will merely be looking at the Local Transforms and the TDS Transforms. Both of these types can be run on both the Community and Commercial versions of Maltego without any extra buy-in from the end user.


Local Transforms vs TDS

Local Transforms

Local transforms are pieces of code that run on the same machine which the client application is. These are very useful for integrating in machine specific tasks (such as running an application thats locally on the machine- like nmap OR a task that is dependent on a setup on the machine such as accessing data over a VPN). These transforms can be written in any language (yes, *any* language) and merely rely on output to be sent via STDOUT (think a command line application).

PROS:
  • Machine Specific
  • Nothing ever goes 'over the wire' - unless you want it to
  • Simple to write in any language
CONS:
  • Requires setup on each machine you wish to install them, eg. Python + Mechanize + BeautifulSoup
  • Does not go as deep into the Transform Specification - no slider or settings
  • Updating a transform means it needs to be updated on every machine
  • Sensitive data such as usernames and passwords could reside on the computer of the analysts


TDS Transforms


 The TDS is the Transform Distribution Server and is a web application that allows for the distribution and management of transforms, seeds and settings. Essentially the TDS means that your transforms are written as a web services (or application/pages), and the TDS will call these scripts.

The easiest way to think of it is as a proxy for transforms. The clients sends a request to the TDS that then calls the script remotely and returns the response, this can be seen in the picture on the left.

PROS:
  • Easy to setup (you just need a webserver on the Internet)
  • No configuration needed client side, scripts all live in one place
  • Updating instantly impacts all clients
  • Deeper into the protocol (Slider value + Transform settings/Popups)
CONS:
  • Data travels over the wire on the Internet
  • Cannot integrate with local applications
  • All requests come from a single point (may impact things like rate limiting APIs etc)
  • Entire infrastructure is not controlled by end user


Links

Please select which type of transform you are more interested in building. The next pages will explain in detail the required steps to do so: