Version 3.2.0 - Standard Transforms Add-on (CTAS) Server
Release date: 27 March 2023
Welcome to the 3.2.0 Release of our Maltego Standard Transforms Add-on (CTAS) Server. Some of the key highlights include:
Added
Transforms
- IPQS Transforms.
- MST Security Trails Transforms.
- WHOISXML IP Netblock Transforms.
- Shodan Internet DB Transforms
Note: IPQS, Security Trails, WhoisXML, and IP Netblocks all require API Keys. Please refer to the API Keys section here.
Entities
- Standard Entities
Removed
Transforms
- FlickrAccountGetFriends
- toAliasFromTwitterAccount
- AffTwitterToLocation
- AffTwitterToPerson
- toSitesIdentifier
- WebsiteToWebsite_Thumb
- Robtex Transforms
- ASNumberToCompany
- ASNumberToNetblocks
- DomainToDomain_TLD
- IPAddressToDNSName_SharedIP
- IPAddressToDomain_SharedMX
- IPAddressToDomain_SharedNS
- IPAddressToNetblock_NS4block
- IPAddressToNetblock_SS
- MXRecordToDomain_SharedMX
- NetblockToAS_SS
- NetblockToDNSName_SS
- NSrecordToDomain_SharedNS
- NSrecordToNetblock_NS4block
Updates to Machines
- Company Stalker
- Removed Email To Flickr Account Transform
- Removed Email To My Space Account Transform
- Person - Email Address
- Removed Person to Email Address Common Transform
- URL To Network and Domain Information
- Removed Netblock to AS Transform
Removed Machines
- Footprint L1
- Footprint L2
- Footprint L3
- Footprint XXL
Updated
Transforms
- All related application dependencies.
- Updated Paterva references to Maltego Technologies
- All Transforms updated with an onprem namespace and [On Premise] display prefix. Refer to the Screenshots section.
- DNS To IP Address [DNS] Transform return IPv6 addresses.
Machines
- All Machines have been updated with an "onprem" namespace and [On Premise] display prefix. Refer to Screenshots section.
Server Components
- Django updated from 4.0.1 to 4.1.7
- Postgres updated from 10 to 13
Shared API Key Configuration
- Shared API Keys to be set in API Keys JSON file. The method of setting API keys as environment variables is no longer supported.
Fixes
- 100% CPU Usage for PGP, Wikimedia, Builtwith, MST-HTTP, MST-PROPS Transform Servers
Known Issues
- Robtex Transforms are not functional as the API is not responsive.
- IMPORTANT: As all Transform names have been updated, custom Machines will need to be updated with the new prefix .onprem. Custom Machines with the old names will not work any longer.
Screenshots
Figure 1 Transform Run Context
Figure 2 Machine Manager
Figure 3 All Transforms Listing
Version 3.1.4 - Standard Transforms Add-on (CTAS) Server
Release date: 12 October 2022
- FIXED: Increased password length requirement to 9 characters.
- FIXED: Set cookies header includes secure attribute.
- FIXED: Frame-ancestors policy added to the CSP headers.
Version 3.1.3 - Standard Transforms Add-on (CTAS) Server
- FIXED: Issue with 100% CPU usage - replace async with on-demand logic.
Standard Transforms Add-on (CTAS) Server 3.1.3 OVA File Checksums
| Filename | Hash | Checksum |
| maltego-ctas-3.1.3_2022-03-30.ova | MD5 | 67cfc55c7d4e27ac677b106cc144003a |
| SHA256 | 013fe5a5700cd4e25e8d3fe3ab68ce6166d0b6672f843688c4e3a6b28a52d242 |
Version 3.1.2 - Standard Transforms Add-on (CTAS) Server
- UPDATED: Updated to Django 4.
- UPDATED: All related application dependencies.
- FIXED: Issue with runner not honoring custom port.
- UPDATED: NGINX configuration hardened (CSP, HSTS headers added and stricter TLS requirement).
Standard Transforms Add-on (CTAS) Server 3.1.2 OVA File Checksums
| Filename | Hash | Checksum |
| maltego-ctas-3.1.2-2022-01-28.ova | MD5 | 3f9f1fa20cc31afac4f80d5268fff446 |
| SHA256 | 729c34cb1402f933e41065487e18ad74127dcf8948adca244fdd110b8b96605b | |
| maltego-ctas-3.1.2-2022-02-24.ova | MD5 | 33a80fe3a31bd67eb1628bd8e07a49f5 |
| SHA256 | 29e266176e8af5154d71eb417e123758fc8a6466e075c89725864eaf19ceb6db |
Version 3.1.0 - Standard Transforms Add-on (CTAS) Server
- ADDED: Moved all secrets to environmental variables that can be set from the docker-compose file.
- ADDED: Decoupled Python and Nginx into separate containers to comply with best-practice of having one process per container.
- ADDED: Created least-privileged user for each container to run with.
- ADDED: Updated networking configuration to support K8s networking.
- ADDED: Updated API key sharing mechanism so that API keys can be set from environmental variables.
- REMOVED: Admin UI for configuring API keys.
- ADDED: Changed the build process for registering Transforms with the dispatcher to ensure no runtime dependency issues.
- REMOVED: CTAS PGP Transforms.
- REMOVED: CTAS BuiltWith Transforms.
- REMOVED: CTAS Wikipedia Transforms.
- ADDED: JINX PGP Transforms.
- ADDED: JINX BuiltWith Transforms.
- ADDED: JINX Wikipedia Transforms.
Standard Transforms Add-on (CTAS) Server 3.0.X to 3.1.X OVA File Checksums
| Filename | Hash | Checksum |
| maltego-ctas-3.0.11-2020-02-03.ova | MD5 | defaa37c1179b297479d81f9b652d308 |
| SHA256 | 23c83ee3f9c67cf1e5347c13bd98cdc7a048c42bba3c9e1d538cce84e88c3316 | |
| maltego-ctas-3.0.12-2020-12-02.ova | MD5 | d5fa7423156a8c2df5b7fda5e56e70eb |
| SHA256 | 20240b51e35af57bd22863c5437c625c3b7f181cef3ab63fafd361b50683f1f6 | |
| maltego-ctas-3.0.12-2021-03-03.ova | MD5 | ae389385e46a9ec5c08d8c0b9b877372 |
| SHA256 | 0b7dd67bf6cb5c481d6fb23ac4858696a195089b838ce848a896c9c46b8d0066 | |
| maltego-ctas-3.1.1-2021-12-15.ova | MD5 | d2b2cbdcbeb0c8fa05b74447b5333f70 |
| SHA256 | b0ff8a113269f1916af48a54e456275fcc209681e4e814d184d70b1eafbbf860 | |
| maltego-ctas-3.1.1-2021-12-20.ova | MD5 | 1fd4f1158d0fcb852b2c0be5ddf016ae |
| SHA256 | c6f3b86cf1b8da7a6971f6acec29d17915a9e70e20d9e7b931b20dcfa68aeecb |