iTDS Release Notes

Modified on: Thu, 20 Apr, 2023 at 1:58 PM

iTDS Version 4.2.5

Release date: 18 April 2023

  • FIXED: Migration path from 4.1.1 to 4.2.x 
  • IMPROVED: Faster start-up
  • IMPROVED: Various UI elements 

iTDS 4.2.5 OVA File Checksums











iTDS Version 4.2.4

  • FIXED: Migration from 3.1.x

iTDS 4.2.4 OVA File Checksums

maltego-itds-4.2.4-2023-03-13.ova MD53e6c42fafab0607544e0ab71a3c827a8

iTDS Version 4.2.3

  • FIXED: A number of vulnerabilities reported in containers have been resolved through rebuilding the containers based on updated base images.
  • IMPROVED: Updated to MySQL-8.
  • FIXED: JavaScript CVEs.
  • CHANGED: PHP container logging redirected to STDERR.

iTDS Version 4.2.0

  • ADDED: A full backup of the server configuration can be made to a single ZIP file at the click of a button. This backup ZIP file can be used to restore the server to a previous state.
  • ADDED: Output Entities can now be specified when adding a Transform.
  • CHANGED: The iTDS Admin interface now runs on port 8000 while the Transform Runner continues to run on 443. This has been done so that customers can add a firewall to the Admin User Interface.
  • CHANGED: We have further restricted the SSL cipher suites that can be used in Apache config.
  • CHANGED: Content-Security-Policy header has been updated to include the frame-ancestors option.
  • CHANGED: The Set-Cookie header has been changed to always include the secure attribute.

iTDS 4.2.0 OVA File Checksums


iTDS Version 4.1.1

  • ADDED: TRANSFORM_TIMEOUT environmental variable which can be used to set the Transform timeout.

iTDS 4.1.1 OVA File Checksums


iTDS Version 4.1.0

  • ADDED: Moved all secrets to environmental variables that can be set from the docker-compose file.
  • ADDED: Decoupled PHP and Apache into separate containers to comply with best practices of having one process per container.
  • ADDED: Made PHP container stateless by removing volume mounts.
  • ADDED: Created least-privileged user for each container to run with.
  • ADDED: Updated networking configuration to support K8s networking.

iTDS Version 4.0.0

  • ADDED: New CSV export/import.
  • From the list view of each iTDS section, a CSV backup can be exported and imported.
  • REMOVED: Legacy backup system.
    • The old backup and restore functionality has been removed in favor of the new CSV import and export.
  • ADDED: Verify SSL Optional on Transform URL.
  • ADDED: Download link for paired configuration.
  • ADDED: Navbar links for easier navigation.
  • FIXED: URL path starts at web root instead of /iTDS/.
  • IMPROVED: Home page layout and descriptions are improved.
  • ADDED: Created and updated timestamps have been added to each saved object. This is shown in the list view.
  • FIXED: Database schema is improved by adding correct foreign key constraints and column indexes.
  • ADDED: Integer, Double, Boolean, Date, DateTime, DateRange data types have been added to Transform Settings.
  • ADDED: New Maltego default Entities have been added.
  • FIXED: Updated container OS dependencies.
  • FIXED: Increased Transform timeout to 2 minutes and upload timeout to 5 minutes.
  • FIXED: Allow punctuation in Transform name.
  • ADDED: Selection on rows in list view.
  • ADDED: Automatically close to alerts after 4 seconds.
  • FIXED: Removed PHP version of http headers.
  • FIXED: Issue when Transform URL error not showing up.
  • FIXED: Removed Seed requirement for creating a Transform.
  • FIXED: XML parsing issue with OAuth settings.
  • ADDED: Image validation for the OAuth Icon.
  • FIXED: Debug Status on Transform Metadata is Not Saved when Adding or Editing.


iTDS 4.0.0 and 4.0.1 OVA File Checksums


iTDS Version 3.1.1

  • ADDED: Improved performance of server

    • Moved from mod_php to php_fpm which handles concurrency better.

    • Moved TKS (Transform key server) from a http call to function call.

    • Stopped session cookies from being created on Transform endpoints

  • FIXED: Backup Restore Fails due to size of backup file greater than 20 mb. (Same issue with Transform configurations.)

  • FIXED: URLs entered in the OAuth form were being html encoded resulting in & becoming & which broke the OAuth flow.
  • FIXED: Added CSRF token to license activation page.

    • This required that the activation page be moved into the CodeIgniter application. Before it was a separate vHost.

  • FIXED: Merged two implementations of the TKS into a single model in the CodeIgniter application.

  • REMOVED: Removed sample Transforms that were included with the server by default.

    • This is to prevent customer from building their Transforms on the iTDS server.

  • FIXED: added a timeout to the HTTP call that tests a Transform when the Transform is being saved. 

    • This is to prevent the page from hanging when an broken transform URL is entered.

  • ADDED Detailed error messages when Transform tests fails.

  • CHANGED: Apache configuration files were modified are part of some of the above fixes.

iTDS 3.1.1 OVA File Checksums

maltego-itds-3.1.1-2020-05-22.ovaMD5 fd6713403dd89ca3ebb92cd9603a4d49

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.