Transform Guides
- Maltego Standard Transforms
- Transform Hub Items

Cofense Intelligence

Modified on: Wed, 7 Sep, 2022 at 7:03 PM

Overview

With Cofense Transforms for Maltego, investigators can search and visualize relationships between observables within a specific attack and explicitly pinpoint how attackers are delivering their malicious payloads.

By combining multiple sources of data, analysts can visualize attacks and uncover other threats that may be using similar phishing infrastructure and campaigns.

Benefits

Correlate the attacker’s campaigns and their payloads by visually graphing and linking phishing threat
Visualize IOC enrichment and the relationships between observables within a specific attack and between other attacks

To read more click here.

Cofense Intelligence Machines

PhishMe Intelligence Threat Feed

Pools PhishMe threat feed for new active threat reports

Information	Value
Id	phishMe.PhishMeIntelligenceThreatFeed
Author	PhishMe Intelligence

Cofense Intelligence Transforms

[Cofense Intel] Threat to URL

Transform Settings

Display Name	Setting Type	Default Value	Optional	Popup	Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications	string	To accept Type Yes	false	true	false
PhishMe Password	string	DefaultValue	false	false	false
PhishMe UserName	string	DefaultValue	false	false	false

Transform Meta Info

Information	Value
Display Name	[Cofense Intel] Threat to URL
Owner	PhishMe Intel
Author	solutions.engineering.intelligence.lab@phishme.com
Data Source	Cofense Intel
Transform Name	awsMalwareThreatToUrl
Input Entities	phishme.ThreatId
Output Entities	Phrase
Short Description

[Cofense Intel] URL to Threat

Transform Settings

Display Name	Setting Type	Default Value	Optional	Popup	Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications	string	To accept Type Yes	false	true	false
PhishMe Password	string	DefaultValue	false	false	false
PhishMe UserName	string	DefaultValue	false	false	false

Transform Meta Info

Information	Value
Display Name	[Cofense Intel] URL to Threat
Owner	PhishMe Intel
Author	solutions.engineering.intelligence.lab@phishme.com
Data Source	Cofense Intel
Transform Name	awsMalwareUrlToThreat
Input Entities	maltego.URL
Output Entities	Phrase
Short Description

[Cofense Intel] Threat to Domain

Transform Settings

Display Name	Setting Type	Default Value	Optional	Popup	Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications	string	To accept Type Yes	false	true	false
PhishMe Password	string	DefaultValue	false	false	false
PhishMe UserName	string	DefaultValue	false	false	false

Transform Meta Info

Information	Value
Display Name	[Cofense Intel] Threat to Domain
Owner	PhishMe Intel
Author	solutions.engineering.intelligence.lab@phishme.com
Data Source	Cofense Intel
Transform Name	awsMalwareThreatToDomain
Input Entities	phishme.ThreatId
Output Entities	Phrase
Short Description

[Cofense Intel] Threat to IP

Transform Settings

Display Name	Setting Type	Default Value	Optional	Popup	Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications	string	To accept Type Yes	false	true	false
PhishMe Password	string	DefaultValue	false	false	false
PhishMe UserName	string	DefaultValue	false	false	false

Transform Meta Info

Information	Value
Display Name	[Cofense Intel] Threat to IP
Owner	PhishMe Intel
Author	solutions.engineering.intelligence.lab@phishme.com
Data Source	Cofense Intel
Transform Name	awsMalwareThreatToIp
Input Entities	phishme.ThreatId
Output Entities	Phrase
Short Description

[Cofense Intel] Threat to Md5

Transform Settings

Display Name	Setting Type	Default Value	Optional	Popup	Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications	string	To accept Type Yes	false	true	false
PhishMe Password	string	DefaultValue	false	false	false
PhishMe UserName	string	DefaultValue	false	false	false

Transform Meta Info

Information	Value
Display Name	[Cofense Intel] Threat to Md5
Owner	PhishMe Intel
Author	solutions.engineering.intelligence.lab@phishme.com
Data Source	Cofense Intel
Transform Name	awsMalwareThreatToMd5
Input Entities	phishme.ThreatId
Output Entities	Phrase
Short Description

[Cofense Intel] Threat to Malware Family

Transform Settings

Display Name	Setting Type	Default Value	Optional	Popup	Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications	string	To accept Type Yes	false	true	false
PhishMe Password	string	DefaultValue	false	false	false
PhishMe UserName	string	DefaultValue	false	false	false

Transform Meta Info

Information	Value
Display Name	[Cofense Intel] Threat to Malware Family
Owner	PhishMe Intel
Author	solutions.engineering.intelligence.lab@phishme.com
Data Source	Cofense Intel
Transform Name	awsMalwareThreatToMalwareFamily
Input Entities	phishme.ThreatId
Output Entities	Phrase
Short Description

[Cofense Intel] IP to Threat

Transform Settings

Display Name	Setting Type	Default Value	Optional	Popup	Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications	string	To accept Type Yes	false	true	false
PhishMe Password	string	DefaultValue	false	false	false
PhishMe UserName	string	DefaultValue	false	false	false

Transform Meta Info

Information	Value
Display Name	[Cofense Intel] IP to Threat
Owner	PhishMe Intel
Author	solutions.engineering.intelligence.lab@phishme.com
Data Source	Cofense Intel
Transform Name	awsMalwareIpToThreat
Input Entities	maltego.IPv4Address
Output Entities	Phrase
Short Description

[Cofense Intel] Domain to Threat

Transform Settings

Display Name	Setting Type	Default Value	Optional	Popup	Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications	string	To accept Type Yes	false	true	false
PhishMe Password	string	DefaultValue	false	false	false
PhishMe UserName	string	DefaultValue	false	false	false

Transform Meta Info

Information	Value
Display Name	[Cofense Intel] Domain to Threat
Owner	PhishMe Intel
Author	solutions.engineering.intelligence.lab@phishme.com
Data Source	Cofense Intel
Transform Name	awsMalwareDomainToThreat
Input Entities	maltego.Domain
Output Entities	Phrase
Short Description

[Cofense Intel] Malware Family to Threat

Transform Settings

Display Name	Setting Type	Default Value	Optional	Popup	Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications	string	To accept Type Yes	false	true	false
PhishMe Password	string	DefaultValue	false	false	false
PhishMe UserName	string	DefaultValue	false	false	false

Transform Meta Info

Information	Value
Display Name	[Cofense Intel] Malware Family to Threat
Owner	PhishMe Intel
Author	solutions.engineering.intelligence.lab@phishme.com
Data Source	Cofense Intel
Transform Name	awsMalwareMalwareFamilyToThreat
Input Entities	phishme.MalwareFamily
Output Entities	Phrase
Short Description

[Cofense Intel] Threat to Email Subject

Transform Settings

Display Name	Setting Type	Default Value	Optional	Popup	Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications	string	To accept Type Yes	false	true	false
PhishMe Password	string	DefaultValue	false	false	false
PhishMe UserName	string	DefaultValue	false	false	false

Transform Meta Info

Information	Value
Display Name	[Cofense Intel] Threat to Email Subject
Owner	PhishMe Intel
Author	solutions.engineering.intelligence.lab@phishme.com
Data Source	Cofense Intel
Transform Name	awsMalwareThreatToEmailSubject
Input Entities	phishme.ThreatId
Output Entities	Phrase
Short Description

[Cofense Intel] Threat to Sender IP

Transform Settings

Display Name	Setting Type	Default Value	Optional	Popup	Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications	string	To accept Type Yes	false	true	false
PhishMe Password	string	DefaultValue	false	false	false
PhishMe UserName	string	DefaultValue	false	false	false

Transform Meta Info

Information	Value
Display Name	[Cofense Intel] Threat to Sender IP
Owner	PhishMe Intel
Author	solutions.engineering.intelligence.lab@phishme.com
Data Source	Cofense Intel
Transform Name	awsMalwareThreatToSenderip
Input Entities	phishme.ThreatId
Output Entities	Phrase
Short Description

[Cofense Intel] Threat to Sender Domain

Transform Settings

Display Name	Setting Type	Default Value	Optional	Popup	Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications	string	To accept Type Yes	false	true	false
PhishMe Password	string	DefaultValue	false	false	false
PhishMe UserName	string	DefaultValue	false	false	false

Transform Meta Info

Information	Value
Display Name	[Cofense Intel] Threat to Sender Domain
Owner	PhishMe Intel
Author	solutions.engineering.intelligence.lab@phishme.com
Data Source	Cofense Intel
Transform Name	awsMalwareThreatToSenderDomain
Input Entities	phishme.ThreatId
Output Entities	Phrase
Short Description

[Cofense Intel] Threat to Sender Email

Transform Settings

Display Name	Setting Type	Default Value	Optional	Popup	Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications	string	To accept Type Yes	false	true	false
PhishMe Password	string	DefaultValue	false	false	false
PhishMe UserName	string	DefaultValue	false	false	false

Transform Meta Info

Information	Value
Display Name	[Cofense Intel] Threat to Sender Email
Owner	PhishMe Intel
Author	solutions.engineering.intelligence.lab@phishme.com
Data Source	Cofense Intel
Transform Name	awsMalwareThreatToSenderNames
Input Entities	phishme.ThreatId
Output Entities	Phrase
Short Description

[Cofense Intel] Md5 to Threat

Transform Settings

Display Name	Setting Type	Default Value	Optional	Popup	Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications	string	To accept Type Yes	false	true	false
PhishMe Password	string	DefaultValue	false	false	false
PhishMe UserName	string	DefaultValue	false	false	false

Transform Meta Info

Information	Value
Display Name	[Cofense Intel] Md5 to Threat
Owner	PhishMe Intel
Author	solutions.engineering.intelligence.lab@phishme.com
Data Source	Cofense Intel
Transform Name	awsMalwareMd5toThreat
Input Entities	maltego.Hash
Output Entities	Phrase
Short Description

[Cofense Intel] Threat to Email

Transform Settings

Display Name	Setting Type	Default Value	Optional	Popup	Authentication
Cofense, Inc. Application License Agreement at https://cofense.com/legal/integration-applications	string	To accept Type Yes	false	true	false
PhishMe Password	string	DefaultValue	false	false	false
PhishMe UserName	string	DefaultValue	false	false	false

Transform Meta Info

Information	Value
Display Name	[Cofense Intel] Threat to Email
Owner	PhishMe Intel
Author	solutions.engineering.intelligence.lab@phishme.com
Data Source	Cofense Intel
Transform Name	awsMalwareThreatToEmail
Input Entities	phishme.ThreatId
Output Entities	Phrase
Short Description

Overview

Cofense Intelligence Machines

PhishMe Intelligence Threat Feed

Cofense Intelligence Transforms

[Cofense Intel] Threat to URL

Transform Settings

Transform Meta Info

[Cofense Intel] URL to Threat

Transform Settings

Transform Meta Info

[Cofense Intel] Threat to Domain

Transform Settings

Transform Meta Info

[Cofense Intel] Threat to IP

Transform Settings

Transform Meta Info

[Cofense Intel] Threat to Md5

Transform Settings

Transform Meta Info

[Cofense Intel] Threat to Malware Family

Transform Settings

Transform Meta Info

[Cofense Intel] IP to Threat

Transform Settings

Transform Meta Info

[Cofense Intel] Domain to Threat

Transform Settings

Transform Meta Info

[Cofense Intel] Malware Family to Threat

Transform Settings

Transform Meta Info

[Cofense Intel] Threat to Email Subject

Transform Settings

Transform Meta Info

[Cofense Intel] Threat to Sender IP

Transform Settings

Transform Meta Info

[Cofense Intel] Threat to Sender Domain

Transform Settings

Transform Meta Info

[Cofense Intel] Threat to Sender Email

Transform Settings

Transform Meta Info

[Cofense Intel] Md5 to Threat

Transform Settings

Transform Meta Info

[Cofense Intel] Threat to Email

Transform Settings

Transform Meta Info

Search all Maltego Guides: