Overview
OpenPhish is a phishing intelligence platform that helps organizations detect and prevent phishing attacks.
The database contains structured and searchable information on all phishing websites detected by OpenPhish, as well as metadata that can be used for detecting and analyzing cyber incidents, searching for patterns and trends, or act as a training or validation dataset for AI applications.
The database contains these forensics indicators for each URL:
- Hostname, page, path, and language
- Impersonated brand
- SSL certificate metadata
- IP address, ASN, and country
- Drop accounts
Using the OpenPhish integration on Maltego, investigators can search and filter for brands that are being impersonated, phishing URLs related to domains, ASNs, and more to answer the following questions:
- Is a particular URL a phish?
- How many phishing URLs were detected on a specific hostname?
- How many phishing URLs on a specific IP address?
- What percentage of URLs have a specific pattern in their path?
Read more about OpenPhish Transforms for Maltego on our website here.
OpenPhish Transforms
Find Phishing URLs [OpenPhish]
Transform Meta Info
| Information | Value |
|---|---|
| Display Name | Find Phishing URLs [OpenPhish] |
| Owner | |
| Author | Maltego Technologies |
| Data Source | OpenPhish |
| Output Entities | maltego.URL |
Variants
| Transform Name | Short Description | Input Entities |
|---|---|---|
| maltego.openphish.search_ip_url | Searches the OpenPhish database for information about the given IP. | maltego.IPv4Address |
| maltego.openphish.search_asn_for_urls | Searches the OpenPhish database for information about the given AS number. | maltego.AS |
| maltego.openphish.search_brand | Searches the OpenPhish database for information about the given brand/company name. | maltego.Company |
Find ASN related to Phishing IPs [OpenPhish]
Description
Searches the OpenPhish database for information about the given IP.
Transform Meta Info
| Information | Value |
|---|---|
| Display Name | Find ASN related to Phishing IPs [OpenPhish] |
| Owner | |
| Author | Maltego Technologies |
| Data Source | OpenPhish |
| Transform Name | maltego.openphish.search_ip_asn |
| Short Description | Searches the OpenPhish database for information about the given IP. |
| Input Entities | maltego.IPv4Address |
| Output Entities | maltego.AS |
Find Phishing IPs [OpenPhish]
Transform Meta Info
| Information | Value |
|---|---|
| Display Name | Find Phishing IPs [OpenPhish] |
| Owner | |
| Author | Maltego Technologies |
| Data Source | OpenPhish |
| Output Entities | maltego.IPv4Address |
Variants
| Transform Name | Short Description | Input Entities |
|---|---|---|
| maltego.openphish.search_asn | Searches the OpenPhish database for information about the given AS number. | maltego.AS |
| maltego.openphish.search_brand_ip | Searches the OpenPhish database for information about the given brand/company name. | maltego.Company |
Find Brands/Companies being impersonated [OpenPhish]
Transform Meta Info
| Information | Value |
|---|---|
| Display Name | Find Brands/Companies being impersonated [OpenPhish] |
| Owner | |
| Author | Maltego Technologies |
| Data Source | OpenPhish |
| Output Entities | maltego.Company |
Variants
| Transform Name | Short Description | Input Entities |
|---|---|---|
| maltego.openphish.search_asn_for_brands | Searches the OpenPhish database for information about the given AS number. | maltego.AS |
| maltego.openphish.search_url_brands | Searches the OpenPhish database for information about the given URL. | maltego.URL |
Find ASN [OpenPhish]
Description
Searches the OpenPhish database for information about the given brand/company name.
Transform Meta Info
| Information | Value |
|---|---|
| Display Name | Find ASN [OpenPhish] |
| Owner | |
| Author | Maltego Technologies |
| Data Source | OpenPhish |
| Transform Name | maltego.openphish.search_brand_asn |
| Short Description | Searches the OpenPhish database for information about the given brand/company name. |
| Input Entities | maltego.Company |
| Output Entities | maltego.AS |
Search SSL Certificates Related to Phishing [OpenPhish]
Description
Searches the OpenPhish database for information about the given URL.
Transform Meta Info
| Information | Value |
|---|---|
| Display Name | Search SSL Certificates Related to Phishing [OpenPhish] |
| Owner | |
| Author | Maltego Technologies |
| Data Source | OpenPhish |
| Transform Name | maltego.openphish.search_url_ssl_certs |
| Short Description | Searches the OpenPhish database for information about the given URL. |
| Input Entities | maltego.URL |
| Output Entities | maltego.X509Certificate |
Search Phishing IPs [OpenPhish]
Description
Searches the OpenPhish database for information about the given URL.
Transform Meta Info
| Information | Value |
|---|---|
| Display Name | Search Phishing IPs [OpenPhish] |
| Owner | |
| Author | Maltego Technologies |
| Data Source | OpenPhish |
| Transform Name | maltego.openphish.search_url_ips |
| Short Description | Searches the OpenPhish database for information about the given URL. |
| Input Entities | maltego.URL |
| Output Entities | maltego.IPv4Address |
Find ASNs [OpenPhish]
Description
Searches the OpenPhish database for information about the given URL.
Transform Meta Info
| Information | Value |
|---|---|
| Display Name | Find ASNs [OpenPhish] |
| Owner | |
| Author | Maltego Technologies |
| Data Source | OpenPhish |
| Transform Name | maltego.openphish.search_url_asn |
| Short Description | Searches the OpenPhish database for information about the given URL. |
| Input Entities | maltego.URL |
| Output Entities | maltego.AS |