Documentation Home Maltego Training Maltego Blog Contact Us
Welcome
Login
Open navigation

Anomali ThreatStream

Modified on: Fri, 2 Feb, 2024 at 11:24 AM

Overview

Maltego with Anomali ThreatStream offers a synergistic approach to threat intelligence and analysis, empowering organizations to strengthen their cybersecurity posture.

Anomali (PreProd): Anomali Transforms

To Cryptocurrency Addresses

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.to_cryptocurrency_addresses_from_threat_model_entities.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameTo Cryptocurrency Addresses
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Output Entitiesmaltego.CryptocurrencyAddress

Variants

Transform NameShort DescriptionInput Entities
maltego.anomali.to_cryptocurrency_addresses_from_threat_model_entities_0Returns the associated cryptocurrency address for the input entity.maltego.anomali.STIX2ThreatActor
maltego.anomali.to_cryptocurrency_addresses_from_threat_model_entities_1Returns the associated cryptocurrency address for the input entity.maltego.anomali.STIX2Campaign
maltego.anomali.to_cryptocurrency_addresses_from_threat_model_entities_2Returns the associated cryptocurrency address for the input entity.maltego.anomali.Signature
maltego.anomali.to_cryptocurrency_addresses_from_threat_model_entities_3Returns the associated cryptocurrency address for the input entity.maltego.anomali.TTP
maltego.anomali.to_cryptocurrency_addresses_from_threat_model_entities_4Returns the associated cryptocurrency address for the input entity.maltego.anomali.STIX2Malware
maltego.anomali.to_cryptocurrency_addresses_from_threat_model_entities_5Returns the associated cryptocurrency address for the input entity.maltego.anomali.STIX2Report
maltego.anomali.to_cryptocurrency_addresses_from_threat_model_entities_6Returns the associated cryptocurrency address for the input entity.maltego.anomali.STIX2Tool
maltego.anomali.to_cryptocurrency_addresses_from_threat_model_entities_7Returns the associated cryptocurrency address for the input entity.maltego.anomali.STIX2AttackPattern
maltego.anomali.to_cryptocurrency_addresses_from_threat_model_entities_8Returns the associated cryptocurrency address for the input entity.maltego.anomali.STIX2Incident
maltego.anomali.to_cryptocurrency_addressesReturns cryptocurrency addresses with applied tag.maltego.Tag

To Domains

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.to_domains_from_threat_model_entities.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameTo Domains
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Output Entitiesmaltego.Domain

Variants

Transform NameShort DescriptionInput Entities
maltego.anomali.to_domains_from_threat_model_entities_0Returns the associated domains for the input entity.maltego.anomali.STIX2ThreatActor
maltego.anomali.to_domains_from_threat_model_entities_1Returns the associated domains for the input entity.maltego.anomali.STIX2Campaign
maltego.anomali.to_domains_from_threat_model_entities_2Returns the associated domains for the input entity.maltego.anomali.Signature
maltego.anomali.to_domains_from_threat_model_entities_3Returns the associated domains for the input entity.maltego.anomali.TTP
maltego.anomali.to_domains_from_threat_model_entities_4Returns the associated domains for the input entity.maltego.anomali.STIX2Malware
maltego.anomali.to_domains_from_threat_model_entities_5Returns the associated domains for the input entity.maltego.anomali.STIX2Report
maltego.anomali.to_domains_from_threat_model_entities_6Returns the associated domains for the input entity.maltego.anomali.STIX2Tool
maltego.anomali.to_domains_from_threat_model_entities_7Returns the associated domains for the input entity.maltego.anomali.STIX2AttackPattern
maltego.anomali.to_domains_from_threat_model_entities_8Returns the associated domains for the input entity.maltego.anomali.STIX2Incident
maltego.anomali.to_domains_from_tagReturns domains with applied tag.maltego.Tag

To Emails

Description

Returns the associated email addresses for the input entity.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.to_emails.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameTo Emails
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the associated email addresses for the input entity.
Output Entitiesmaltego.EmailAddress

Variants

Transform NameInput Entities
maltego.anomali.to_emails_0maltego.anomali.STIX2ThreatActor
maltego.anomali.to_emails_1maltego.anomali.STIX2Campaign
maltego.anomali.to_emails_2maltego.anomali.Signature
maltego.anomali.to_emails_3maltego.anomali.TTP
maltego.anomali.to_emails_4maltego.anomali.STIX2Malware
maltego.anomali.to_emails_5maltego.anomali.STIX2Report
maltego.anomali.to_emails_6maltego.anomali.STIX2Tool
maltego.anomali.to_emails_7maltego.anomali.STIX2AttackPattern
maltego.anomali.to_emails_8maltego.anomali.STIX2Incident

To Hashes

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.to_hashes.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameTo Hashes
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Output Entitiesmaltego.Hash

Variants

Transform NameShort DescriptionInput Entities
maltego.anomali.to_hashes_0Returns the associated hashes for the input entity.maltego.anomali.STIX2ThreatActor
maltego.anomali.to_hashes_1Returns the associated hashes for the input entity.maltego.anomali.STIX2Campaign
maltego.anomali.to_hashes_2Returns the associated hashes for the input entity.maltego.anomali.Signature
maltego.anomali.to_hashes_3Returns the associated hashes for the input entity.maltego.anomali.TTP
maltego.anomali.to_hashes_4Returns the associated hashes for the input entity.maltego.anomali.STIX2Malware
maltego.anomali.to_hashes_5Returns the associated hashes for the input entity.maltego.anomali.STIX2Report
maltego.anomali.to_hashes_6Returns the associated hashes for the input entity.maltego.anomali.STIX2Tool
maltego.anomali.to_hashes_7Returns the associated hashes for the input entity.maltego.anomali.STIX2AttackPattern
maltego.anomali.to_hashes_8Returns the associated hashes for the input entity.maltego.anomali.STIX2Incident
maltego.anomali.to_hashes_from_tagReturns hashes with applied tag.maltego.Tag

To IP Addresses

Description

Returns the associated IP addresses for the input entity.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.to_ip_addresses.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameTo IP Addresses
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the associated IP addresses for the input entity.
Output Entitiesmaltego.IPv4Address, maltego.IPv6Address

Variants

Transform NameInput Entities
maltego.anomali.to_ip_addresses_0maltego.anomali.STIX2ThreatActor
maltego.anomali.to_ip_addresses_1maltego.anomali.STIX2Campaign
maltego.anomali.to_ip_addresses_2maltego.anomali.Signature
maltego.anomali.to_ip_addresses_3maltego.anomali.TTP
maltego.anomali.to_ip_addresses_4maltego.anomali.STIX2Malware
maltego.anomali.to_ip_addresses_5maltego.anomali.STIX2Report
maltego.anomali.to_ip_addresses_6maltego.anomali.STIX2Tool
maltego.anomali.to_ip_addresses_7maltego.anomali.STIX2AttackPattern
maltego.anomali.to_ip_addresses_8maltego.anomali.STIX2Incident

To URLs

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.to_urls.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameTo URLs
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Output Entitiesmaltego.URL

Variants

Transform NameShort DescriptionInput Entities
maltego.anomali.to_urls_0Returns the associated URLs for the input entity.maltego.anomali.STIX2ThreatActor
maltego.anomali.to_urls_1Returns the associated URLs for the input entity.maltego.anomali.STIX2Campaign
maltego.anomali.to_urls_2Returns the associated URLs for the input entity.maltego.anomali.Signature
maltego.anomali.to_urls_3Returns the associated URLs for the input entity.maltego.anomali.TTP
maltego.anomali.to_urls_4Returns the associated URLs for the input entity.maltego.anomali.STIX2Malware
maltego.anomali.to_urls_5Returns the associated URLs for the input entity.maltego.anomali.STIX2Report
maltego.anomali.to_urls_6Returns the associated URLs for the input entity.maltego.anomali.STIX2Tool
maltego.anomali.to_urls_7Returns the associated URLs for the input entity.maltego.anomali.STIX2AttackPattern
maltego.anomali.to_urls_8Returns the associated URLs for the input entity.maltego.anomali.STIX2Incident
maltego.anomali.to_urls_from_tagReturns URLs with applied tag.maltego.Tag

To Other IOCs

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.to_other_iocs.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameTo Other IOCs
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Output Entitiesmaltego.anomali.IOC

Variants

Transform NameShort DescriptionInput Entities
maltego.anomali.to_other_iocs_0Returns the associated anomali IOCs for the input entity.maltego.anomali.STIX2ThreatActor
maltego.anomali.to_other_iocs_1Returns the associated anomali IOCs for the input entity.maltego.anomali.STIX2Campaign
maltego.anomali.to_other_iocs_2Returns the associated anomali IOCs for the input entity.maltego.anomali.Signature
maltego.anomali.to_other_iocs_3Returns the associated anomali IOCs for the input entity.maltego.anomali.TTP
maltego.anomali.to_other_iocs_4Returns the associated anomali IOCs for the input entity.maltego.anomali.STIX2Malware
maltego.anomali.to_other_iocs_5Returns the associated anomali IOCs for the input entity.maltego.anomali.STIX2Report
maltego.anomali.to_other_iocs_6Returns the associated anomali IOCs for the input entity.maltego.anomali.STIX2Tool
maltego.anomali.to_other_iocs_7Returns the associated anomali IOCs for the input entity.maltego.anomali.STIX2AttackPattern
maltego.anomali.to_other_iocs_8Returns the associated anomali IOCs for the input entity.maltego.anomali.STIX2Incident
maltego.anomali.to_other_iocs_from_tagReturns Anomali IOCs with applied tag.maltego.Tag

To IOCs (using search filter)

Description

Returns the observed IOCs that fit the search filter.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.to_iocs_using_search_filter.modifiedModifieddaterangeNoneTrueTrueFalse
maltego.anomali.to_iocs_using_search_filter.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse
maltego.anomali.to_iocs_using_search_filter.search_filterAnomali Search Filter IDstringNoneTrueTrueFalse
maltego.anomali.to_iocs_using_search_filter.statusStatusstringNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameTo IOCs (using search filter)
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the observed IOCs that fit the search filter.
Output Entitiesmaltego.anomali.IOC, maltego.Hash, maltego.EmailAddress, maltego.CryptocurrencyAddress, maltego.IPv4Address, maltego.IPv6Address, maltego.Domain, maltego.URL

Variants

Transform NameInput Entities
maltego.anomali.to_iocs_using_search_filter_0maltego.anomali.STIX2ThreatActor
maltego.anomali.to_iocs_using_search_filter_1maltego.anomali.STIX2Campaign
maltego.anomali.to_iocs_using_search_filter_2maltego.anomali.Signature
maltego.anomali.to_iocs_using_search_filter_3maltego.anomali.TTP
maltego.anomali.to_iocs_using_search_filter_4maltego.anomali.STIX2Malware
maltego.anomali.to_iocs_using_search_filter_5maltego.anomali.STIX2Report
maltego.anomali.to_iocs_using_search_filter_6maltego.anomali.STIX2Tool
maltego.anomali.to_iocs_using_search_filter_7maltego.anomali.STIX2AttackPattern
maltego.anomali.to_iocs_using_search_filter_8maltego.anomali.STIX2Incident

To ASN

Description

Returns AS number of the input observable.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.to_asn.modifiedModifieddaterangeNoneTrueTrueFalse
maltego.anomali.to_asn.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse
maltego.anomali.to_asn.statusStatusstringNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameTo ASN
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns AS number of the input observable.
Output Entitiesmaltego.AS

Variants

Transform NameInput Entities
maltego.anomali.to_asn_0maltego.URL
maltego.anomali.to_asn_1maltego.IPv4Address
maltego.anomali.to_asn_2maltego.IPv6Address
maltego.anomali.to_asn_3maltego.Domain

To IP Address

Description

Returns IP address of the input observables.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.to_ip_address.modifiedModifieddaterangeNoneTrueTrueFalse
maltego.anomali.to_ip_address.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse
maltego.anomali.to_ip_address.statusStatusstringNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameTo IP Address
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns IP address of the input observables.
Output Entitiesmaltego.IPv4Address, maltego.IPv6Address

Variants

Transform NameInput Entities
maltego.anomali.to_ip_address_0maltego.URL
maltego.anomali.to_ip_address_1maltego.IPv4Address
maltego.anomali.to_ip_address_2maltego.IPv6Address
maltego.anomali.to_ip_address_3maltego.Domain

To Location

Description

Returns location of the input observables.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.to_location.modifiedModifieddaterangeNoneTrueTrueFalse
maltego.anomali.to_location.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse
maltego.anomali.to_location.statusStatusstringNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameTo Location
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns location of the input observables.
Output Entitiesmaltego.Location

Variants

Transform NameInput Entities
maltego.anomali.to_location_0maltego.URL
maltego.anomali.to_location_1maltego.IPv4Address
maltego.anomali.to_location_2maltego.IPv6Address
maltego.anomali.to_location_3maltego.Domain

To Organization

Description

Returns organization of the input observables.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.to_organization.modifiedModifieddaterangeNoneTrueTrueFalse
maltego.anomali.to_organization.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse
maltego.anomali.to_organization.statusStatusstringNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameTo Organization
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns organization of the input observables.
Output Entitiesmaltego.Company

Variants

Transform NameInput Entities
maltego.anomali.to_organization_0maltego.URL
maltego.anomali.to_organization_1maltego.IPv4Address
maltego.anomali.to_organization_2maltego.IPv6Address
maltego.anomali.to_organization_3maltego.Domain

To Metadata Information (STIX2 Indicator)

Description

Returns indicator of input entity.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.to_metadata_information.modifiedModifieddaterangeNoneTrueTrueFalse
maltego.anomali.to_metadata_information.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse
maltego.anomali.to_metadata_information.statusStatusstringNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameTo Metadata Information (STIX2 Indicator)
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns indicator of input entity.
Output Entitiesmaltego.anomali.STIX2Indicator

Variants

Transform NameInput Entities
maltego.anomali.to_metadata_information_0maltego.Domain
maltego.anomali.to_metadata_information_1maltego.EmailAddress
maltego.anomali.to_metadata_information_2maltego.IPv4Address
maltego.anomali.to_metadata_information_3maltego.IPv6Address
maltego.anomali.to_metadata_information_4maltego.URL
maltego.anomali.to_metadata_information_5maltego.Hash
maltego.anomali.to_metadata_information_6maltego.CryptocurrencyAddress
maltego.anomali.to_metadata_information_7maltego.anomali.IOC

To IOCs

Description

Returns IOCs for given search filter.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.to_iocs.modifiedModifieddaterangeNoneTrueTrueFalse
maltego.anomali.to_iocs.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse
maltego.anomali.to_iocs.statusStatusstringNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameTo IOCs
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Transform Namemaltego.anomali.to_iocs
Short DescriptionReturns IOCs for given search filter.
Input Entitiesmaltego.anomali.SearchFilter
Output Entitiesmaltego.anomali.IOC, maltego.Hash, maltego.EmailAddress, maltego.CryptocurrencyAddress, maltego.IPv4Address, maltego.IPv6Address, maltego.Domain, maltego.URL

To Email Addresses

Description

Returns email addresses with applied tag.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.to_email_addresses.modifiedModifieddaterangeNoneTrueTrueFalse
maltego.anomali.to_email_addresses.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse
maltego.anomali.to_email_addresses.statusStatusstringNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameTo Email Addresses
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Transform Namemaltego.anomali.to_email_addresses
Short DescriptionReturns email addresses with applied tag.
Input Entitiesmaltego.Tag
Output Entitiesmaltego.EmailAddress

To IPv6 Addresses

Description

Returns IPv6 addresses with applied tag.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.to_ipv6_addresses_from_tag.modifiedModifieddaterangeNoneTrueTrueFalse
maltego.anomali.to_ipv6_addresses_from_tag.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse
maltego.anomali.to_ipv6_addresses_from_tag.statusStatusstringNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameTo IPv6 Addresses
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Transform Namemaltego.anomali.to_ipv6_addresses_from_tag
Short DescriptionReturns IPv6 addresses with applied tag.
Input Entitiesmaltego.Tag
Output Entitiesmaltego.IPv6Address

To IPv4 Addresses

Description

Returns IPv4 addresses with applied tag.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.to_ipv4_addresses_from_tag.modifiedModifieddaterangeNoneTrueTrueFalse
maltego.anomali.to_ipv4_addresses_from_tag.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse
maltego.anomali.to_ipv4_addresses_from_tag.statusStatusstringNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameTo IPv4 Addresses
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Transform Namemaltego.anomali.to_ipv4_addresses_from_tag
Short DescriptionReturns IPv4 addresses with applied tag.
Input Entitiesmaltego.Tag
Output Entitiesmaltego.IPv4Address

To Usernames

Description

Returns the usernames of the threat actor.

Transform Meta Info

InformationValue
Display NameTo Usernames
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Transform Namemaltego.anomali.to_usernames
Short DescriptionReturns the usernames of the threat actor.
Input Entitiesmaltego.anomali.STIX2ThreatActor
Output Entitiesmaltego.Alias

To Tags

Description

Returns the applied tags for the input entity.

Transform Meta Info

InformationValue
Display NameTo Tags
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the applied tags for the input entity.
Output Entitiesmaltego.Tag

Variants

Transform NameInput Entities
maltego.anomali.to_tags_from_threat_model_entities_0maltego.anomali.STIX2ThreatActor
maltego.anomali.to_tags_from_threat_model_entities_1maltego.anomali.STIX2Campaign
maltego.anomali.to_tags_from_threat_model_entities_2maltego.anomali.Signature
maltego.anomali.to_tags_from_threat_model_entities_3maltego.anomali.TTP
maltego.anomali.to_tags_from_threat_model_entities_4maltego.anomali.STIX2Malware
maltego.anomali.to_tags_from_threat_model_entities_5maltego.anomali.STIX2Report
maltego.anomali.to_tags_from_threat_model_entities_6maltego.anomali.STIX2Tool
maltego.anomali.to_tags_from_threat_model_entities_7maltego.anomali.STIX2AttackPattern

Search Threat Actor by IOC

Description

Returns the associated STIX2 threat actors for the input IOC entity.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.search_threat_actor_by_ioc.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameSearch Threat Actor by IOC
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the associated STIX2 threat actors for the input IOC entity.
Output Entitiesmaltego.anomali.STIX2ThreatActor

Variants

Transform NameInput Entities
maltego.anomali.search_threat_actor_by_ioc_0maltego.Domain
maltego.anomali.search_threat_actor_by_ioc_1maltego.EmailAddress
maltego.anomali.search_threat_actor_by_ioc_2maltego.IPv4Address
maltego.anomali.search_threat_actor_by_ioc_3maltego.IPv6Address
maltego.anomali.search_threat_actor_by_ioc_4maltego.URL
maltego.anomali.search_threat_actor_by_ioc_5maltego.Hash
maltego.anomali.search_threat_actor_by_ioc_6maltego.CryptocurrencyAddress
maltego.anomali.search_threat_actor_by_ioc_7maltego.anomali.IOC
maltego.anomali.search_threat_actor_by_ioc_8maltego.anomali.STIX2Indicator

Search Threat Campaign by IOC

Description

Returns the associated STIX2 campaigns for the input IOC entity.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.search_threat_campaign_by_ioc.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameSearch Threat Campaign by IOC
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the associated STIX2 campaigns for the input IOC entity.
Output Entitiesmaltego.anomali.STIX2Campaign

Variants

Transform NameInput Entities
maltego.anomali.search_threat_campaign_by_ioc_0maltego.Domain
maltego.anomali.search_threat_campaign_by_ioc_1maltego.EmailAddress
maltego.anomali.search_threat_campaign_by_ioc_2maltego.IPv4Address
maltego.anomali.search_threat_campaign_by_ioc_3maltego.IPv6Address
maltego.anomali.search_threat_campaign_by_ioc_4maltego.URL
maltego.anomali.search_threat_campaign_by_ioc_5maltego.Hash
maltego.anomali.search_threat_campaign_by_ioc_6maltego.CryptocurrencyAddress
maltego.anomali.search_threat_campaign_by_ioc_7maltego.anomali.IOC
maltego.anomali.search_threat_campaign_by_ioc_8maltego.anomali.STIX2Indicator

Search Threat Malware by IOC

Description

Returns the associated STIX2 malware for the input IOC entity.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.search_threat_malware_by_ioc.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameSearch Threat Malware by IOC
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the associated STIX2 malware for the input IOC entity.
Output Entitiesmaltego.anomali.STIX2Malware

Variants

Transform NameInput Entities
maltego.anomali.search_threat_malware_by_ioc_0maltego.Domain
maltego.anomali.search_threat_malware_by_ioc_1maltego.EmailAddress
maltego.anomali.search_threat_malware_by_ioc_2maltego.IPv4Address
maltego.anomali.search_threat_malware_by_ioc_3maltego.IPv6Address
maltego.anomali.search_threat_malware_by_ioc_4maltego.URL
maltego.anomali.search_threat_malware_by_ioc_5maltego.Hash
maltego.anomali.search_threat_malware_by_ioc_6maltego.CryptocurrencyAddress
maltego.anomali.search_threat_malware_by_ioc_7maltego.anomali.IOC
maltego.anomali.search_threat_malware_by_ioc_8maltego.anomali.STIX2Indicator

Search Threat Report by IOC

Description

Returns the associated STIX2 threat reports for the input IOC entity.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.search_threat_report_by_ioc.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameSearch Threat Report by IOC
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the associated STIX2 threat reports for the input IOC entity.
Output Entitiesmaltego.anomali.STIX2Report

Variants

Transform NameInput Entities
maltego.anomali.search_threat_report_by_ioc_0maltego.Domain
maltego.anomali.search_threat_report_by_ioc_1maltego.EmailAddress
maltego.anomali.search_threat_report_by_ioc_2maltego.IPv4Address
maltego.anomali.search_threat_report_by_ioc_3maltego.IPv6Address
maltego.anomali.search_threat_report_by_ioc_4maltego.URL
maltego.anomali.search_threat_report_by_ioc_5maltego.Hash
maltego.anomali.search_threat_report_by_ioc_6maltego.CryptocurrencyAddress
maltego.anomali.search_threat_report_by_ioc_7maltego.anomali.IOC
maltego.anomali.search_threat_report_by_ioc_8maltego.anomali.STIX2Indicator

Search Threat Signature by IOC

Description

Returns the associated STIX2 signatures for the input IOC entity.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.search_threat_signature_by_ioc.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameSearch Threat Signature by IOC
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the associated STIX2 signatures for the input IOC entity.
Output Entitiesmaltego.anomali.Signature

Variants

Transform NameInput Entities
maltego.anomali.search_threat_signature_by_ioc_0maltego.Domain
maltego.anomali.search_threat_signature_by_ioc_1maltego.EmailAddress
maltego.anomali.search_threat_signature_by_ioc_2maltego.IPv4Address
maltego.anomali.search_threat_signature_by_ioc_3maltego.IPv6Address
maltego.anomali.search_threat_signature_by_ioc_4maltego.URL
maltego.anomali.search_threat_signature_by_ioc_5maltego.Hash
maltego.anomali.search_threat_signature_by_ioc_6maltego.CryptocurrencyAddress
maltego.anomali.search_threat_signature_by_ioc_7maltego.anomali.IOC
maltego.anomali.search_threat_signature_by_ioc_8maltego.anomali.STIX2Indicator

Search Threat TTP by IOC

Description

Returns the observed TTPs for the input IOC entity.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.search_threat_ttp_by_ioc.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameSearch Threat TTP by IOC
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the observed TTPs for the input IOC entity.
Output Entitiesmaltego.anomali.TTP

Variants

Transform NameInput Entities
maltego.anomali.search_threat_ttp_by_ioc_0maltego.Domain
maltego.anomali.search_threat_ttp_by_ioc_1maltego.EmailAddress
maltego.anomali.search_threat_ttp_by_ioc_2maltego.IPv4Address
maltego.anomali.search_threat_ttp_by_ioc_3maltego.IPv6Address
maltego.anomali.search_threat_ttp_by_ioc_4maltego.URL
maltego.anomali.search_threat_ttp_by_ioc_5maltego.Hash
maltego.anomali.search_threat_ttp_by_ioc_6maltego.CryptocurrencyAddress
maltego.anomali.search_threat_ttp_by_ioc_7maltego.anomali.IOC
maltego.anomali.search_threat_ttp_by_ioc_8maltego.anomali.STIX2Indicator

Search Incidents

Description

Returns the associated STIX2 incidents for the input entity.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.search_incidents.modifiedModifieddaterangeNoneTrueTrueFalse
maltego.anomali.search_incidents.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse
maltego.anomali.search_incidents.statusStatusstringNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameSearch Incidents
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the associated STIX2 incidents for the input entity.
Output Entitiesmaltego.anomali.STIX2Incident

Variants

Transform NameInput Entities
maltego.anomali.search_incidents_0maltego.Phrase
maltego.anomali.search_incidents_1maltego.Incident

Search Campaigns

Description

Returns the associated STIX2 campaigns for the input entity.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.search_campaigns.modifiedModifieddaterangeNoneTrueTrueFalse
maltego.anomali.search_campaigns.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse
maltego.anomali.search_campaigns.statusStatusstringNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameSearch Campaigns
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the associated STIX2 campaigns for the input entity.
Output Entitiesmaltego.anomali.STIX2Campaign

Variants

Transform NameInput Entities
maltego.anomali.search_campaigns_0maltego.Phrase
maltego.anomali.search_campaigns_1maltego.STIX2.campaign

Search Threat Actors

Description

Returns the associated STIX2 threat actors for the input entity.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.search_threat_actors.modifiedModifieddaterangeNoneTrueTrueFalse
maltego.anomali.search_threat_actors.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse
maltego.anomali.search_threat_actors.statusStatusstringNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameSearch Threat Actors
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the associated STIX2 threat actors for the input entity.
Output Entitiesmaltego.anomali.STIX2ThreatActor

Variants

Transform NameInput Entities
maltego.anomali.search_threat_actors_0maltego.Phrase
maltego.anomali.search_threat_actors_1maltego.Organization
maltego.anomali.search_threat_actors_2maltego.Person
maltego.anomali.search_threat_actors_3maltego.Alias
maltego.anomali.search_threat_actors_4maltego.STIX2.threat-actor
maltego.anomali.search_threat_actors_5misp.ThreatActor

Search Threat Reports

Description

Returns the associated STIX2 threat reports for the input entity.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.search_threat_reports.modifiedModifieddaterangeNoneTrueTrueFalse
maltego.anomali.search_threat_reports.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse
maltego.anomali.search_threat_reports.statusStatusstringNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameSearch Threat Reports
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the associated STIX2 threat reports for the input entity.
Output Entitiesmaltego.anomali.STIX2Report

Variants

Transform NameInput Entities
maltego.anomali.search_threat_reports_0maltego.Phrase
maltego.anomali.search_threat_reports_1maltego.STIX2.report

Search TTPs

Description

Returns the anomali TTPs for the input entity.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.search_ttps.modifiedModifieddaterangeNoneTrueTrueFalse
maltego.anomali.search_ttps.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse
maltego.anomali.search_ttps.statusStatusstringNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameSearch TTPs
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the anomali TTPs for the input entity.
Output Entitiesmaltego.anomali.TTP

Variants

Transform NameInput Entities
maltego.anomali.search_ttps_0maltego.Phrase
maltego.anomali.search_ttps_1maltego.TTP

Search Attack Patterns

Description

Returns the associated STIX2 attack patterns for the input entity.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.search_attack_patterns.modifiedModifieddaterangeNoneTrueTrueFalse
maltego.anomali.search_attack_patterns.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse
maltego.anomali.search_attack_patterns.statusStatusstringNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameSearch Attack Patterns
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the associated STIX2 attack patterns for the input entity.
Output Entitiesmaltego.anomali.STIX2AttackPattern

Variants

Transform NameInput Entities
maltego.anomali.search_attack_patterns_0maltego.Phrase
maltego.anomali.search_attack_patterns_1maltego.AttackPattern
maltego.anomali.search_attack_patterns_2maltego.STIX2.attack-pattern
maltego.anomali.search_attack_patterns_3misp.AttackTechnique

Search Signatures

Description

Returns the associated STIX2 signatures for the input entity.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.search_signatures.modifiedModifieddaterangeNoneTrueTrueFalse
maltego.anomali.search_signatures.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse
maltego.anomali.search_signatures.statusStatusstringNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameSearch Signatures
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the associated STIX2 signatures for the input entity.
Output Entitiesmaltego.anomali.Signature

Variants

Transform NameInput Entities
maltego.anomali.search_signatures_0maltego.Phrase
maltego.anomali.search_signatures_1maltego.MalwareSignature

Search Malware

Description

Returns the associated STIX2 malware for the input entity.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.search_malware.modifiedModifieddaterangeNoneTrueTrueFalse
maltego.anomali.search_malware.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse
maltego.anomali.search_malware.statusStatusstringNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameSearch Malware
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the associated STIX2 malware for the input entity.
Output Entitiesmaltego.anomali.STIX2Malware

Variants

Transform NameInput Entities
maltego.anomali.search_malware_0maltego.Phrase
maltego.anomali.search_malware_1maltego.Malware
maltego.anomali.search_malware_2maltego.STIX2.malware
maltego.anomali.search_malware_3misp.Software

Search Tools

Description

Returns the associated STIX2 tools for the input entity.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.search_tools.modifiedModifieddaterangeNoneTrueTrueFalse
maltego.anomali.search_tools.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse
maltego.anomali.search_tools.statusStatusstringNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameSearch Tools
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the associated STIX2 tools for the input entity.
Output Entitiesmaltego.anomali.STIX2Tool

Variants

Transform NameInput Entities
maltego.anomali.search_tools_0maltego.Phrase
maltego.anomali.search_tools_1maltego.STIX2.tool
maltego.anomali.search_tools_2misp.Software

To Attack Patterns

Description

Returns the associated STIX2 attack patterns for the input entity.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.to_attack_patterns.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameTo Attack Patterns
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the associated STIX2 attack patterns for the input entity.
Output Entitiesmaltego.anomali.STIX2AttackPattern

Variants

Transform NameInput Entities
maltego.anomali.to_attack_patterns_0maltego.anomali.STIX2ThreatActor
maltego.anomali.to_attack_patterns_1maltego.anomali.STIX2Campaign
maltego.anomali.to_attack_patterns_2maltego.anomali.Signature
maltego.anomali.to_attack_patterns_3maltego.anomali.TTP
maltego.anomali.to_attack_patterns_4maltego.anomali.STIX2Malware
maltego.anomali.to_attack_patterns_5maltego.anomali.STIX2Report
maltego.anomali.to_attack_patterns_6maltego.anomali.STIX2Tool
maltego.anomali.to_attack_patterns_7maltego.anomali.STIX2AttackPattern
maltego.anomali.to_attack_patterns_8maltego.anomali.STIX2Incident

To Campaigns

Description

Returns the associated STIX2 campaigns for the input entity.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.to_campaigns.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameTo Campaigns
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the associated STIX2 campaigns for the input entity.
Output Entitiesmaltego.anomali.STIX2Campaign

Variants

Transform NameInput Entities
maltego.anomali.to_campaigns_0maltego.anomali.STIX2ThreatActor
maltego.anomali.to_campaigns_1maltego.anomali.STIX2Campaign
maltego.anomali.to_campaigns_2maltego.anomali.Signature
maltego.anomali.to_campaigns_3maltego.anomali.TTP
maltego.anomali.to_campaigns_4maltego.anomali.STIX2Malware
maltego.anomali.to_campaigns_5maltego.anomali.STIX2Report
maltego.anomali.to_campaigns_6maltego.anomali.STIX2Tool
maltego.anomali.to_campaigns_7maltego.anomali.STIX2AttackPattern
maltego.anomali.to_campaigns_8maltego.anomali.STIX2Incident

To Incidents

Description

Returns the associated STIX2 incidents for the input entity.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.to_incidents.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameTo Incidents
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the associated STIX2 incidents for the input entity.
Output Entitiesmaltego.anomali.STIX2Incident

Variants

Transform NameInput Entities
maltego.anomali.to_incidents_0maltego.anomali.STIX2ThreatActor
maltego.anomali.to_incidents_1maltego.anomali.STIX2Campaign
maltego.anomali.to_incidents_2maltego.anomali.Signature
maltego.anomali.to_incidents_3maltego.anomali.TTP
maltego.anomali.to_incidents_4maltego.anomali.STIX2Malware
maltego.anomali.to_incidents_5maltego.anomali.STIX2Report
maltego.anomali.to_incidents_6maltego.anomali.STIX2Tool
maltego.anomali.to_incidents_7maltego.anomali.STIX2AttackPattern
maltego.anomali.to_incidents_8maltego.anomali.STIX2Incident

To Malware

Description

Returns the associated STIX2 malware for the input entity.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.to_malware.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameTo Malware
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the associated STIX2 malware for the input entity.
Output Entitiesmaltego.anomali.STIX2Malware

Variants

Transform NameInput Entities
maltego.anomali.to_malware_0maltego.anomali.STIX2ThreatActor
maltego.anomali.to_malware_1maltego.anomali.STIX2Campaign
maltego.anomali.to_malware_2maltego.anomali.Signature
maltego.anomali.to_malware_3maltego.anomali.TTP
maltego.anomali.to_malware_4maltego.anomali.STIX2Malware
maltego.anomali.to_malware_5maltego.anomali.STIX2Report
maltego.anomali.to_malware_6maltego.anomali.STIX2Tool
maltego.anomali.to_malware_7maltego.anomali.STIX2AttackPattern
maltego.anomali.to_malware_8maltego.anomali.STIX2Incident

To Signatures

Description

Returns the associated STIX2 signatures for the input entity.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.to_signatures.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameTo Signatures
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the associated STIX2 signatures for the input entity.
Output Entitiesmaltego.anomali.Signature

Variants

Transform NameInput Entities
maltego.anomali.to_signatures_0maltego.anomali.STIX2ThreatActor
maltego.anomali.to_signatures_1maltego.anomali.STIX2Campaign
maltego.anomali.to_signatures_2maltego.anomali.Signature
maltego.anomali.to_signatures_3maltego.anomali.TTP
maltego.anomali.to_signatures_4maltego.anomali.STIX2Malware
maltego.anomali.to_signatures_5maltego.anomali.STIX2Report
maltego.anomali.to_signatures_6maltego.anomali.STIX2Tool
maltego.anomali.to_signatures_7maltego.anomali.STIX2AttackPattern
maltego.anomali.to_signatures_8maltego.anomali.STIX2Incident

To Threat Reports

Description

Returns the associated STIX2 threat reports for the input entity.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.to_threat_reports.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameTo Threat Reports
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the associated STIX2 threat reports for the input entity.
Output Entitiesmaltego.anomali.STIX2Report

Variants

Transform NameInput Entities
maltego.anomali.to_threat_reports_0maltego.anomali.STIX2ThreatActor
maltego.anomali.to_threat_reports_1maltego.anomali.STIX2Campaign
maltego.anomali.to_threat_reports_2maltego.anomali.Signature
maltego.anomali.to_threat_reports_3maltego.anomali.TTP
maltego.anomali.to_threat_reports_4maltego.anomali.STIX2Malware
maltego.anomali.to_threat_reports_5maltego.anomali.STIX2Report
maltego.anomali.to_threat_reports_6maltego.anomali.STIX2Tool
maltego.anomali.to_threat_reports_7maltego.anomali.STIX2AttackPattern

To Tools

Description

Returns the associated STIX2 tools for the input entity.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.to_tools.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameTo Tools
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the associated STIX2 tools for the input entity.
Output Entitiesmaltego.anomali.STIX2Tool

Variants

Transform NameInput Entities
maltego.anomali.to_tools_0maltego.anomali.STIX2ThreatActor
maltego.anomali.to_tools_1maltego.anomali.STIX2Campaign
maltego.anomali.to_tools_2maltego.anomali.Signature
maltego.anomali.to_tools_3maltego.anomali.TTP
maltego.anomali.to_tools_4maltego.anomali.STIX2Malware
maltego.anomali.to_tools_5maltego.anomali.STIX2Report
maltego.anomali.to_tools_6maltego.anomali.STIX2Tool
maltego.anomali.to_tools_7maltego.anomali.STIX2AttackPattern

To TTPs

Description

Returns the associated observed TTPs for the input entity.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.to_ttps.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameTo TTPs
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the associated observed TTPs for the input entity.
Output Entitiesmaltego.anomali.TTP

Variants

Transform NameInput Entities
maltego.anomali.to_ttps_0maltego.anomali.STIX2ThreatActor
maltego.anomali.to_ttps_1maltego.anomali.STIX2Campaign
maltego.anomali.to_ttps_2maltego.anomali.Signature
maltego.anomali.to_ttps_3maltego.anomali.TTP
maltego.anomali.to_ttps_4maltego.anomali.STIX2Malware
maltego.anomali.to_ttps_5maltego.anomali.STIX2Report
maltego.anomali.to_ttps_6maltego.anomali.STIX2Tool
maltego.anomali.to_ttps_7maltego.anomali.STIX2AttackPattern

To CVEs

Description

Returns the associated CVEs for the input entity.

Transform Settings

Setting NameDisplay NameSetting TypeDefault ValueOptionalPopupAuthentication
maltego.anomali.global.global#anomali_api_keyAPI Keystring TrueTrueFalse
maltego.anomali.global.global#anomali_usernameUsernamestring TrueTrueFalse
maltego.anomali.to_cves.only_internalSearch within my organization onlybooleanNoneTrueTrueFalse

Transform Meta Info

InformationValue
Display NameTo CVEs
OwnerMaltego Technologies GmbH
AuthorMaltego Technologies GmbH
Data Source 
Short DescriptionReturns the associated CVEs for the input entity.
Output Entitiesmaltego.CVE

Variants

Transform NameInput Entities
maltego.anomali.to_cves_0maltego.anomali.STIX2ThreatActor
maltego.anomali.to_cves_1maltego.anomali.STIX2Campaign
maltego.anomali.to_cves_2maltego.anomali.Signature
maltego.anomali.to_cves_3maltego.anomali.TTP
maltego.anomali.to_cves_4maltego.anomali.STIX2Malware
maltego.anomali.to_cves_5maltego.anomali.STIX2Report
maltego.anomali.to_cves_6maltego.anomali.STIX2Tool
maltego.anomali.to_cves_7maltego.anomali.STIX2AttackPattern

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.

Search all Maltego Guides:

Interested? Get your free demo
Questions? Contact us

© 2021 by Maltego Technologies.