Today we are happy to announce that SecurityTrails is now powering Maltego DNS investigations on their popular Standard Transforms. This means that now you can use your current SecurityTrails API key to enrich your DNS-based research.
Thanks to this integration, you’ll be able to deep dive into the most current and accurate security DNS data available, and access it instantly from the Maltego interface.
“We wanted a high-quality data source behind our popular Standard Transforms and are happy that we can now give our users and customers access to SecurityTrails”
Rebecca Köhler, Head of Data Partnerships and Integrations
Which data is integrated into Maltego Transforms?
Maltego users can now access SecurityTrails data, specifically:
- Subdomains
- Current DNS records
- “Interesting” DNS records
- DNS hosts in a given IP address or subnet
- Domains sharing the same MX and NS records
Installing and configuring the API key
- Install the Maltego Standard Transforms Hub item within the Maltego Transform Hub
- Due to the included data allowances, you can immediately begin running SecurityTrails Transforms
- If you hit any of the API limits included by default, you can always upgrade to get up to 2500 queries per month by signing up for our OSINT Toolkit
- Configure your SecurityTrails API key in Maltego
How to use SecurityTrails Transforms
Running SecurityTrails Transforms is a quick and handy process. Let’s see some practical examples:
Inspect common and “interesting” DNS records for any given domain name
- Open Maltego and add a new graph
- Click and drag “Domain Name” from the Infrastructure block on the left side to the blank graph on the right side
- Change the domain name to the one you wish to investigate
- Right-click, and select any of the SecurityTrails DNS Transforms, as shown in the following video:
In the video, you may have noticed a Transform Output showing all the important logs returned from the Transform server when a Transform is run:
Getting information from IP addresses
The next Transform example will search for DNS names for a given IP address in our SecurityTrails database:
- Open Maltego and add a new graph
- Click and drag “IPv4 Address” from the Infrastructure block on the left side to the blank graph on the right side
- Change the IP address to the one you wish to investigate
- Right-click, and select any of the SecurityTrails DNS Transforms, as shown the following video:
The same can be done for any given IP address range, by using the “Netblock” infrastructure option and the “To DNS Names in Netblock SecurityTrails” Transform.
The SecurityTrails team is excited about our new integration with Maltego, as we’re already fans of their service, just like you. One of the key roadmaps we have for our security platform is to provide a solid and flexible API that can be integrated with any programming language, application, and every top infosec product used by the community.
Start using Maltego with the SecurityTrails data:
