Documentation Home Maltego Academy Maltego Blog Contact Us
Welcome
Login
Open navigation

Palo Alto Networks - AutoFocus

Modified on: Wed, 7 Sep, 2022 at 7:03 PM

Overview

AutoFocus is a cloud-based threat intelligence service that correlates threat data from immediate network, industry, and global intelligence feeds.


With Auto Focus Transforms, investigators can pivot on data accessed via AutoFocus to visualize links between threats in observed environment.


To read more click here.

Palo Alto Networks - AutoFocus Transforms

AutoFocus - Explode Tags (Actor)

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Explode Tags (Actor)
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFExplodeTagsActor
Input Entities maltego.Hash
Output Entities Phrase
Short Description  

AutoFocus - Explode Tags (All)

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Explode Tags (All)
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFExplodeTagsAll
Input Entities maltego.Hash
Output Entities Phrase
Short Description  

AutoFocus - Explode Tags (Campaign)

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Explode Tags (Campaign)
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFExplodeTagsCampaign
Input Entities maltego.Hash
Output Entities Phrase
Short Description  

AutoFocus - Explode Tags (Malware)

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Explode Tags (Malware)
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFExplodeTagsMalware
Input Entities maltego.Hash
Output Entities Phrase
Short Description  

AutoFocus - Explode Tags (U42)

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Explode Tags (U42)
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFExplodeTagsU42
Input Entities maltego.Hash
Output Entities Phrase
Short Description  

AutoFocus - Fetch File Metadata

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Fetch File Metadata
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFFetchFileMetadata
Input Entities maltego.Hash
Output Entities Phrase
Short Description  

AutoFocus - Get C2 By Sample

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get C2 By Sample
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetC2BySample
Input Entities maltego.Hash
Output Entities Phrase
Short Description  

AutoFocus - Get C2 URLS by sample

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get C2 URLS by sample
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetC2URLBySample
Input Entities maltego.Hash
Output Entities Phrase
Short Description  

AutoFocus - Get Digtial Signer By Sample

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get Digtial Signer By Sample
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetDigSigBySample
Input Entities maltego.Hash
Output Entities Phrase
Short Description  

AutoFocus - Get Imphash by Sample

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get Imphash by Sample
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetImphashBySample
Input Entities maltego.Hash
Output Entities Phrase
Short Description  

AutoFocus - Get ITW data as metadata

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get ITW data as metadata
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetITWDataAsMeta
Input Entities maltego.Hash
Output Entities Phrase
Short Description  

AutoFocus - Get ITW Filename by Sample

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get ITW Filename by Sample
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetITWFileBySample2
Input Entities maltego.Hash
Output Entities Phrase
Short Description  

AutoFocus - Get ITW Filename by Session

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get ITW Filename by Session
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetITWFilenameBySession
Input Entities PaloAltoNetworks.WildfireSession
Output Entities Phrase
Short Description  

AutoFocus - Get ITW Host by Session

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get ITW Host by Session
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetITWHostBySession
Input Entities PaloAltoNetworks.WildfireSession
Output Entities Phrase
Short Description  

AutoFocus - Get ITW Hosts

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get ITW Hosts
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetITWHosts
Input Entities maltego.Hash
Output Entities Phrase
Short Description  

AutoFocus - Get ITW URLs as entities

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get ITW URLs as entities
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetITWURLBySample
Input Entities maltego.Hash
Output Entities Phrase
Short Description  

AutoFocus - Get ITW URL by Session

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get ITW URL by Session
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetITWURLBySession
Input Entities PaloAltoNetworks.WildfireSession
Output Entities Phrase
Short Description  

AutoFocus - Get Mutex By Sample

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get Mutex By Sample
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetMutexBySample
Input Entities maltego.Hash
Output Entities Phrase
Short Description  

AutoFocus - Get Sample By Digital Signer

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get Sample By Digital Signer
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetSampleByDigSig
Input Entities PaloAltoNetworks.DigitalCertificateCN
Output Entities Phrase
Short Description  

AutoFocus - Get Sample by FileActivity

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get Sample by FileActivity
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetSampleByFileActivity
Input Entities maltego.Filename
Output Entities Phrase
Short Description  

AutoFocus - Get Sample by Hostname

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get Sample by Hostname
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetSampleByHostname
Input Entities maltego.Domain
Output Entities Phrase
Short Description  

AutoFocus - Get Sample by Imphash

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get Sample by Imphash
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetSampleByImphash
Input Entities maltego.Imphash
Output Entities Phrase
Short Description  

AutoFocus - Get Sample by C2 IP

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get Sample by C2 IP
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetSampleByIP
Input Entities maltego.IPv4Address
Output Entities Phrase
Short Description  

AutoFocus - Get Sample by ITW Filename

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get Sample by ITW Filename
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetSampleByITWFilename
Input Entities maltego.Filename
Output Entities Phrase
Short Description  

AutoFocus - Get Samples by ITW Hostname

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get Samples by ITW Hostname
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetSampleByITWHostname
Input Entities maltego.Domain
Output Entities Phrase
Short Description  

AutoFocus - Get Samples by ITW IP address

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get Samples by ITW IP address
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetSampleByITWIP
Input Entities maltego.IPv4Address
Output Entities Phrase
Short Description  

AutoFocus - Get Sample by Mutex

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get Sample by Mutex
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetSampleByMutex
Input Entities maltego.Mutex
Output Entities Phrase
Short Description  

AutoFocus - Get Sample by Query

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get Sample by Query
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetSampleByQuery
Input Entities PaloAltoNetworks.AutoFocusQuery
Output Entities Phrase
Short Description  

AutoFocus - Get Sample by Service

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get Sample by Service
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetSampleByService
Input Entities maltego.ServiceName
Output Entities Phrase
Short Description  

AutoFocus - Get Sample by Session

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get Sample by Session
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetSampleBySession
Input Entities PaloAltoNetworks.WildfireSession
Output Entities Phrase
Short Description  

AutoFocus - Get Sample by Full URL

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get Sample by Full URL
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetSampleByURL
Input Entities maltego.URL
Output Entities Phrase
Short Description  

AutoFocus - Get Sample by URL Path

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get Sample by URL Path
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetSampleByURLPath
Input Entities maltego.URL
Output Entities Phrase
Short Description  

AutoFocus - Get Samples by ITW URL

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get Samples by ITW URL
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetSamplesByITWURL
Input Entities maltego.URL
Output Entities Phrase
Short Description  

AutoFocus - Get Sample by Tag

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get Sample by Tag
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetSamplesByTag
Input Entities PaloAltoNetworks.Tag
Output Entities Phrase
Short Description  

AutoFocus - Get Service created by Sample

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get Service created by Sample
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetServiceBySample
Input Entities maltego.Hash
Output Entities Phrase
Short Description  

AutoFocus - Get Sessions by Query

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get Sessions by Query
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetSessionByQuery
Input Entities PaloAltoNetworks.AutoFocusQuery
Output Entities Phrase
Short Description  

AutoFocus - Get Sessions by Sample

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get Sessions by Sample
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetSessionBySample
Input Entities maltego.Hash
Output Entities Phrase
Short Description  

AutoFocus - Get Sessions by Tag

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get Sessions by Tag
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetSessionsByTag
Input Entities PaloAltoNetworks.Tag
Output Entities Phrase
Short Description  

AutoFocus - Get Sessions by URL Path

Transform Settings

Display Name Setting Type Default Value Optional Popup Authentication
AutoFocusAPIKey string
false false false

Transform Meta Info

Information Value
Display Name AutoFocus - Get Sessions by URL Path
Owner Tom Lancaster
Author tlancaster@paloaltonetworks.com
Data Source AutoFocus
Transform Name AFGetSessionsByURLPath
Input Entities maltego.URL
Output Entities Phrase
Short Description  

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.

Search all Maltego Guides:

Interested? Get your free demo
Questions? Contact us

© 2024 by Maltego Technologies.