Documentation Home Maltego Academy Maltego Blog Contact Us
Welcome
Login
Open navigation

Cofense Intelligence

Modified on: Wed, 7 Sep, 2022 at 7:03 PM

Overview

With Cofense Transforms for Maltego, investigators can search and visualize relationships between observables within a specific attack and explicitly pinpoint how attackers are delivering their malicious payloads.

By combining multiple sources of data, analysts can visualize attacks and uncover other threats that may be using similar phishing infrastructure and campaigns.


Benefits

  • Correlate the attacker’s campaigns and their payloads by visually graphing and linking phishing threat
  • Visualize IOC enrichment and the relationships between observables within a specific attack and between other attacks


To read more click here.

Cofense Intelligence Machines

PhishMe Intelligence Threat Feed

Pools PhishMe threat feed for new active threat reports


Information Value
Id phishMe.PhishMeIntelligenceThreatFeed
Author PhishMe Intelligence

Cofense Intelligence Transforms

[Cofense Intel] Threat to URL

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications string To accept Type Yes false true false
PhishMe Password string DefaultValue false false false
PhishMe UserName string DefaultValue false false false

Transform Meta Info

Information Value
Display Name [Cofense Intel] Threat to URL
Owner PhishMe Intel
Author solutions.engineering.intelligence.lab@phishme.com
Data Source Cofense Intel
Transform Name awsMalwareThreatToUrl
Input Entities phishme.ThreatId
Output Entities Phrase
Short Description  

[Cofense Intel] URL to Threat

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications string To accept Type Yes false true false
PhishMe Password string DefaultValue false false false
PhishMe UserName string DefaultValue false false false

Transform Meta Info

Information Value
Display Name [Cofense Intel] URL to Threat
Owner PhishMe Intel
Author solutions.engineering.intelligence.lab@phishme.com
Data Source Cofense Intel
Transform Name awsMalwareUrlToThreat
Input Entities maltego.URL
Output Entities Phrase
Short Description  

[Cofense Intel] Threat to Domain

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications string To accept Type Yes false true false
PhishMe Password string DefaultValue false false false
PhishMe UserName string DefaultValue false false false

Transform Meta Info

Information Value
Display Name [Cofense Intel] Threat to Domain
Owner PhishMe Intel
Author solutions.engineering.intelligence.lab@phishme.com
Data Source Cofense Intel
Transform Name awsMalwareThreatToDomain
Input Entities phishme.ThreatId
Output Entities Phrase
Short Description  

[Cofense Intel] Threat to IP

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications string To accept Type Yes false true false
PhishMe Password string DefaultValue false false false
PhishMe UserName string DefaultValue false false false

Transform Meta Info

Information Value
Display Name [Cofense Intel] Threat to IP
Owner PhishMe Intel
Author solutions.engineering.intelligence.lab@phishme.com
Data Source Cofense Intel
Transform Name awsMalwareThreatToIp
Input Entities phishme.ThreatId
Output Entities Phrase
Short Description  

[Cofense Intel] Threat to Md5

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications string To accept Type Yes false true false
PhishMe Password string DefaultValue false false false
PhishMe UserName string DefaultValue false false false

Transform Meta Info

Information Value
Display Name [Cofense Intel] Threat to Md5
Owner PhishMe Intel
Author solutions.engineering.intelligence.lab@phishme.com
Data Source Cofense Intel
Transform Name awsMalwareThreatToMd5
Input Entities phishme.ThreatId
Output Entities Phrase
Short Description  

[Cofense Intel] Threat to Malware Family

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications string To accept Type Yes false true false
PhishMe Password string DefaultValue false false false
PhishMe UserName string DefaultValue false false false

Transform Meta Info

Information Value
Display Name [Cofense Intel] Threat to Malware Family
Owner PhishMe Intel
Author solutions.engineering.intelligence.lab@phishme.com
Data Source Cofense Intel
Transform Name awsMalwareThreatToMalwareFamily
Input Entities phishme.ThreatId
Output Entities Phrase
Short Description  

[Cofense Intel] IP to Threat

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications string To accept Type Yes false true false
PhishMe Password string DefaultValue false false false
PhishMe UserName string DefaultValue false false false

Transform Meta Info

Information Value
Display Name [Cofense Intel] IP to Threat
Owner PhishMe Intel
Author solutions.engineering.intelligence.lab@phishme.com
Data Source Cofense Intel
Transform Name awsMalwareIpToThreat
Input Entities maltego.IPv4Address
Output Entities Phrase
Short Description  

[Cofense Intel] Domain to Threat

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications string To accept Type Yes false true false
PhishMe Password string DefaultValue false false false
PhishMe UserName string DefaultValue false false false

Transform Meta Info

Information Value
Display Name [Cofense Intel] Domain to Threat
Owner PhishMe Intel
Author solutions.engineering.intelligence.lab@phishme.com
Data Source Cofense Intel
Transform Name awsMalwareDomainToThreat
Input Entities maltego.Domain
Output Entities Phrase
Short Description  

[Cofense Intel] Malware Family to Threat

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications string To accept Type Yes false true false
PhishMe Password string DefaultValue false false false
PhishMe UserName string DefaultValue false false false

Transform Meta Info

Information Value
Display Name [Cofense Intel] Malware Family to Threat
Owner PhishMe Intel
Author solutions.engineering.intelligence.lab@phishme.com
Data Source Cofense Intel
Transform Name awsMalwareMalwareFamilyToThreat
Input Entities phishme.MalwareFamily
Output Entities Phrase
Short Description  

[Cofense Intel] Threat to Email Subject

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications string To accept Type Yes false true false
PhishMe Password string DefaultValue false false false
PhishMe UserName string DefaultValue false false false

Transform Meta Info

Information Value
Display Name [Cofense Intel] Threat to Email Subject
Owner PhishMe Intel
Author solutions.engineering.intelligence.lab@phishme.com
Data Source Cofense Intel
Transform Name awsMalwareThreatToEmailSubject
Input Entities phishme.ThreatId
Output Entities Phrase
Short Description  

[Cofense Intel] Threat to Sender IP

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications string To accept Type Yes false true false
PhishMe Password string DefaultValue false false false
PhishMe UserName string DefaultValue false false false

Transform Meta Info

Information Value
Display Name [Cofense Intel] Threat to Sender IP
Owner PhishMe Intel
Author solutions.engineering.intelligence.lab@phishme.com
Data Source Cofense Intel
Transform Name awsMalwareThreatToSenderip
Input Entities phishme.ThreatId
Output Entities Phrase
Short Description  

[Cofense Intel] Threat to Sender Domain

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications string To accept Type Yes false true false
PhishMe Password string DefaultValue false false false
PhishMe UserName string DefaultValue false false false

Transform Meta Info

Information Value
Display Name [Cofense Intel] Threat to Sender Domain
Owner PhishMe Intel
Author solutions.engineering.intelligence.lab@phishme.com
Data Source Cofense Intel
Transform Name awsMalwareThreatToSenderDomain
Input Entities phishme.ThreatId
Output Entities Phrase
Short Description  

[Cofense Intel] Threat to Sender Email

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications string To accept Type Yes false true false
PhishMe Password string DefaultValue false false false
PhishMe UserName string DefaultValue false false false

Transform Meta Info

Information Value
Display Name [Cofense Intel] Threat to Sender Email
Owner PhishMe Intel
Author solutions.engineering.intelligence.lab@phishme.com
Data Source Cofense Intel
Transform Name awsMalwareThreatToSenderNames
Input Entities phishme.ThreatId
Output Entities Phrase
Short Description  

[Cofense Intel] Md5 to Threat

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications string To accept Type Yes false true false
PhishMe Password string DefaultValue false false false
PhishMe UserName string DefaultValue false false false

Transform Meta Info

Information Value
Display Name [Cofense Intel] Md5 to Threat
Owner PhishMe Intel
Author solutions.engineering.intelligence.lab@phishme.com
Data Source Cofense Intel
Transform Name awsMalwareMd5toThreat
Input Entities maltego.Hash
Output Entities Phrase
Short Description  

[Cofense Intel] Threat to Email

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications string To accept Type Yes false true false
PhishMe Password string DefaultValue false false false
PhishMe UserName string DefaultValue false false false

Transform Meta Info

Information Value
Display Name [Cofense Intel] Threat to Email
Owner PhishMe Intel
Author solutions.engineering.intelligence.lab@phishme.com
Data Source Cofense Intel
Transform Name awsMalwareThreatToEmail
Input Entities phishme.ThreatId
Output Entities Phrase
Short Description  

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.

Search all Maltego Guides:

Interested? Get your free demo
Questions? Contact us

© 2024 by Maltego Technologies.