Palo Alto Networks - AutoFocus
Modified on: Wed, 7 Sep, 2022 at 7:03 PM
Overview
AutoFocus is a cloud-based threat intelligence service that
correlates threat data from immediate network, industry, and global
intelligence feeds.
With Auto Focus Transforms, investigators can pivot on data accessed
via AutoFocus to visualize links between threats in observed
environment.
To read more click here.
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Explode Tags (Actor) |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFExplodeTagsActor |
| Input Entities |
maltego.Hash |
| Output Entities |
Phrase |
| Short Description |
|
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Explode Tags (All) |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFExplodeTagsAll |
| Input Entities |
maltego.Hash |
| Output Entities |
Phrase |
| Short Description |
|
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Explode Tags (Campaign) |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFExplodeTagsCampaign |
| Input Entities |
maltego.Hash |
| Output Entities |
Phrase |
| Short Description |
|
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Explode Tags (Malware) |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFExplodeTagsMalware |
| Input Entities |
maltego.Hash |
| Output Entities |
Phrase |
| Short Description |
|
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Explode Tags (U42) |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFExplodeTagsU42 |
| Input Entities |
maltego.Hash |
| Output Entities |
Phrase |
| Short Description |
|
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Fetch File Metadata |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFFetchFileMetadata |
| Input Entities |
maltego.Hash |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get C2 By Sample
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get C2 By Sample |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetC2BySample |
| Input Entities |
maltego.Hash |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get C2 URLS by
sample
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get C2 URLS by sample |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetC2URLBySample |
| Input Entities |
maltego.Hash |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get
Digtial Signer By Sample
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get Digtial Signer By Sample |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetDigSigBySample |
| Input Entities |
maltego.Hash |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get Imphash by
Sample
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get Imphash by Sample |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetImphashBySample |
| Input Entities |
maltego.Hash |
| Output Entities |
Phrase |
| Short Description |
|
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get ITW data as metadata |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetITWDataAsMeta |
| Input Entities |
maltego.Hash |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get ITW
Filename by Sample
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get ITW Filename by Sample |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetITWFileBySample2 |
| Input Entities |
maltego.Hash |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get ITW
Filename by Session
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get ITW Filename by Session |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetITWFilenameBySession |
| Input Entities |
PaloAltoNetworks.WildfireSession |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get ITW Host by
Session
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get ITW Host by Session |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetITWHostBySession |
| Input Entities |
PaloAltoNetworks.WildfireSession |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get ITW Hosts
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get ITW Hosts |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetITWHosts |
| Input Entities |
maltego.Hash |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get ITW URLs
as entities
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get ITW URLs as entities |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetITWURLBySample |
| Input Entities |
maltego.Hash |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get ITW URL by
Session
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get ITW URL by Session |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetITWURLBySession |
| Input Entities |
PaloAltoNetworks.WildfireSession |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get Mutex By
Sample
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get Mutex By Sample |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetMutexBySample |
| Input Entities |
maltego.Hash |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get Sample
By Digital Signer
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get Sample By Digital Signer |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetSampleByDigSig |
| Input Entities |
PaloAltoNetworks.DigitalCertificateCN |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get Sample
by FileActivity
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get Sample by FileActivity |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetSampleByFileActivity |
| Input Entities |
maltego.Filename |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get Sample by
Hostname
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get Sample by Hostname |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetSampleByHostname |
| Input Entities |
maltego.Domain |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get Sample by
Imphash
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get Sample by Imphash |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetSampleByImphash |
| Input Entities |
maltego.Imphash |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get Sample by C2
IP
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get Sample by C2 IP |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetSampleByIP |
| Input Entities |
maltego.IPv4Address |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get Sample
by ITW Filename
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get Sample by ITW Filename |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetSampleByITWFilename |
| Input Entities |
maltego.Filename |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get Samples
by ITW Hostname
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get Samples by ITW Hostname |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetSampleByITWHostname |
| Input Entities |
maltego.Domain |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get
Samples by ITW IP address
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get Samples by ITW IP address |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetSampleByITWIP |
| Input Entities |
maltego.IPv4Address |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get Sample by
Mutex
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get Sample by Mutex |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetSampleByMutex |
| Input Entities |
maltego.Mutex |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get Sample by
Query
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get Sample by Query |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetSampleByQuery |
| Input Entities |
PaloAltoNetworks.AutoFocusQuery |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get Sample by
Service
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get Sample by Service |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetSampleByService |
| Input Entities |
maltego.ServiceName |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get Sample by
Session
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get Sample by Session |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetSampleBySession |
| Input Entities |
PaloAltoNetworks.WildfireSession |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get Sample by
Full URL
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get Sample by Full URL |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetSampleByURL |
| Input Entities |
maltego.URL |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get Sample by
URL Path
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get Sample by URL Path |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetSampleByURLPath |
| Input Entities |
maltego.URL |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get Samples by
ITW URL
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get Samples by ITW URL |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetSamplesByITWURL |
| Input Entities |
maltego.URL |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get Sample by
Tag
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get Sample by Tag |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetSamplesByTag |
| Input Entities |
PaloAltoNetworks.Tag |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get
Service created by Sample
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get Service created by Sample |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetServiceBySample |
| Input Entities |
maltego.Hash |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get Sessions by
Query
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get Sessions by Query |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetSessionByQuery |
| Input Entities |
PaloAltoNetworks.AutoFocusQuery |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get Sessions by
Sample
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get Sessions by Sample |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetSessionBySample |
| Input Entities |
maltego.Hash |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get Sessions by
Tag
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get Sessions by Tag |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetSessionsByTag |
| Input Entities |
PaloAltoNetworks.Tag |
| Output Entities |
Phrase |
| Short Description |
|
AutoFocus - Get Sessions
by URL Path
| AutoFocusAPIKey |
string |
|
false |
false |
false |
| Display Name |
AutoFocus - Get Sessions by URL Path |
| Owner |
Tom Lancaster |
| Author |
tlancaster@paloaltonetworks.com |
| Data Source |
AutoFocus |
| Transform Name |
AFGetSessionsByURLPath |
| Input Entities |
maltego.URL |
| Output Entities |
Phrase |
| Short Description |
|