import sys
import io
import json
import httplib2
import apiclient.discovery
from MaltegoTransform import *
GOOGLEPLUS_API_KEY = "AIzaSyCQUjsJBAKSLNqM187Yro9z8lFO8KUXyVE"
#initialize maltego transform and retrieve input entity value
me = MaltegoTransform()
me.parseArguments(sys.argv)
Q = me.getValue()
try:
#initialize G+
service = apiclient.discovery.build('plus',
'v1',
http=httplib2.Http(),
developerKey=GOOGLEPLUS_API_KEY)
#get query result
#NOTE: this is the reduced amount of maximum results because my maltego client
#was raising error of too long XML stream,
#if you want to get more, just change it (max available: 20)
max = 10
activities = service.activities().search(query=Q, maxResults=max).execute()
import fnmatch, os
from MaltegoTransform import *
from lxml import etree
m = MaltegoTransform()
m.parseArguments(sys.argv)
filename = m.getValue()
results = []
if os.path.isdir(filename):
for root, dirnames, filenames in os.walk(filename):
for result in fnmatch.filter(filenames, 'results.xml'):
results.append(os.path.join(root, result))
else:
results.append(filename)
for result in results:
document = etree.parse(result)
for host in document.xpath("//host[ports/port[state[@state='open']]]"):
iface = None
for addr in host.xpath("address[@addrtype='ipv4']"):
iface = m.addEntity("maltego.IPv4Address", addr.attrib['addr'])
if iface != None:
ports = []
#/usr/bin/python
#######################################################
# Maltego NMAP integration script #
# #
# #
# Andrew MacPherson [ andrew <<at>> Paterva.com ] #
# #
#######################################################
import os,sys,time,random
import EasyDialogs
from MaltegoTransform import *
me = MaltegoTransform();
me.parseArguments(sys.argv);
target = me.getValue();
portsFound = "";
fn = target + "-ports-" + str(random.randint(1000,9999)) + ".dat";
defaultScanPorts = "22,21,25,80,443,3306";
scanPorts = EasyDialogs.AskString("Which TCP ports do you want to scan on " + target +"?",defaultScanPorts);
if (scanPorts is None):
me.returnOutput();
exit();
myentity = me.addEntity("IPAddress",target);
nmapCMD = "nmap -n -oG " + fn + " -p" + scanPorts + " -sS -PN " + target + ">"+fn+".stdout";
os.system(nmapCMD);
try:
if (os.path.exists(fn) == False):
me.debug("File not found, please make sure another scan is not currently running. (windows limitation)");
me.returnOutput();
exit();
import fnmatch, os
from MaltegoTransform import *
from lxml import etree
m = MaltegoTransform()
m.parseArguments(sys.argv)
filename = m.getValue()
results = []
if os.path.isdir(filename):
for root, dirnames, filenames in os.walk(filename):
for result in fnmatch.filter(filenames, 'results.xml'):
results.append(os.path.join(root, result))
else:
results.append(filename)
for result in results:
document = etree.parse(result)
for host in document.xpath("//host[ports/port[state[@state='open']]]"):
iface = None
for addr in host.xpath("address[@addrtype='ipv4']"):
iface = m.addEntity("maltego.IPv4Address", addr.attrib['addr'])
if iface != None:
ports = []
#!/usr/bin/python
#################
# NMAP SCAN TOOL#
#################
import os, sys, re
from MaltegoTransform import *
m_ent = MaltegoTransform()
m_ent.parseArguments(sys.argv)
m_ent.getValue()
ports = "20-25,80,6789"
victim = sys.argv[1] # ip address of victim
file_name = victim
nmap_cmd_line_args = "nmap -oG " + file_name + " -sV -p" + ports + " " + victim + ">" + file_name + ".txt"
os.system(nmap_cmd_line_args)
# open output file of nmap
f = open(file_name)
for line in f:
cut_host = re.sub(r'Host(.*)\t', '', line)
if cut_host[:5] == "Ports":
cut_ports = re.sub(r'Ports: ', '', cut_host)
fields = cut_ports.split(", ")
for field in fields:
kill_slash = field.replace("//", "/")
port_vals = kill_slash.split("/")
#Based upon the service Rapportive: http://www.rapportive.com/
#Credits: This code is based upon the research and code of Jordan Wright.
#Blog Link: http://jordan-wright.github.io/blog/2013/10/14/automated-social-engineering-recon-using-rapportive/
#Code Link: https://github.com/jordan-wright/rapportive
#This code requires the Requests library: https://pypi.python.org/pypi/requests/
#Rapportive Code: https://github.com/SudhanshuC/Rapportive/blob/master/rapportive.py
#For MaltegoTransform library and Installation guidelines go to http://www.paterva.com/web6/documentation/developer-local.php
from MaltegoTransform import *
import sys
import urllib2
import requests
mt = MaltegoTransform()
mt.parseArguments(sys.argv)
target_email=mt.getValue()
mt = MaltegoTransform()
random_email="*****@*****.**"
response = requests.get('https://rapportive.com/login_status?user_email=' + random_email).json()
profile = requests.get('https://profiles.rapportive.com/contacts/email/' + target_email, headers = {'X-Session-Token' : response['session_token']}).json()
if profile['contact']['name']:
mt.addEntity("maltego.Person", profile['contact']['name'])
if profile['contact']['location']:
mt.addEntity("maltego.Location", profile['contact']['location'])
if profile['contact']['occupations']:
for occupation in profile['contact']['occupations']:
mt.addEntity("maltego.Phrase", "Job Title: " + occupation['job_title'] + " at " + occupation['company'])
#This Script will retrieve the Domain(s) at which the specified account has been compromised
#It uses the API provided by https://haveibeenpwned.com/
#Special Thanks to Troy Hunt - http://www.troyhunt.com/
#For MaltegoTransform library and Installation guidelines go to http://www.paterva.com/web6/documentation/developer-local.php
import sys
import urllib2
import json
from MaltegoTransform import *
HIBP = "https://haveibeenpwned.com/api/breachedaccount/"
mt = MaltegoTransform()
mt.parseArguments(sys.argv)
email = mt.getValue()
mt = MaltegoTransform()
getrequrl = HIBP + email
try:
response = urllib2.urlopen(getrequrl)
data = json.load(response)
response = data
for rep in response:
mt.addEntity("maltego.Phrase", "Pwned at " + rep)
except urllib2.URLError, e: # "Response Codes" within https://haveibeenpwned.com/API/v1
if e.code == 400:
mt.addUIMessage(
"The e-mail account does not comply with an acceptable format",
#!/usr/bin/python
#phntocomp.py
#Author: Sudhanshu Chauhan - @Sudhanshu_C
#This Script will retrieve the Company name from the provided Phone Number
#It uses the API provided by https://www.opencnam.com
#For MaltegoTransform library and Installation guidelines go to http://www.paterva.com/web6/documentation/developer-local.php
from MaltegoTransform import *
import sys
import urllib2
mt = MaltegoTransform()
mt.parseArguments(sys.argv)
phn = mt.getValue()
phn = phn.replace(' ', '')
mt = MaltegoTransform()
opencnam = "https://api.opencnam.com/v2/phone/"
getrequrl = opencnam + phn
response = urllib2.urlopen(getrequrl)
mt.addEntity("maltego.Phrase", response.read())
mt.returnOutput()
#!/usr/bin/python
import sys
import csv
import os,sys,time,random
from MaltegoTransform import *
me = MaltegoTransform();
me.parseArguments(sys.argv);
csv_file = me.getValue();
csv_reader = csv.reader(open(csv_file), delimiter = ',');
sourceClients = []
for row in csv_reader:
sourceClients.append(row[0]);
sourceClientsUnique = dict(map(lambda i: (i,1),sourceClients)).keys()
for s in sourceClientsUnique:
myentity = me.addEntity("IPAddress",s);
myentity.addAdditionalFields("file","CSV File",None,csv_file);
me.returnOutput();
import sys
import emailprotectionslib.dmarc as dmarc
from MaltegoTransform import *
mt = MaltegoTransform()
mt.parseArguments(sys.argv)
domain = mt.getValue()
mt = MaltegoTransform()
try:
dmarc_record = dmarc.DmarcRecord.from_domain(domain)
#print spf_record
mt.addEntity("maltego.Phrase", "DMARC Record: " + str(dmarc_record))
except:
mt.addUIMessage("Exception Occured", messageType="PartialError")
mt.returnOutput()
#Based upon the service Rapportive: http://www.rapportive.com/
#Credits: This code is based upon the research and code of Jordan Wright.
#Blog Link: http://jordan-wright.github.io/blog/2013/10/14/automated-social-engineering-recon-using-rapportive/
#Code Link: https://github.com/jordan-wright/rapportive
#This code requires the Requests library: https://pypi.python.org/pypi/requests/
#Rapportive Code: https://github.com/SudhanshuC/Rapportive/blob/master/rapportive.py
#For MaltegoTransform library and Installation guidelines go to http://www.paterva.com/web6/documentation/developer-local.php
from MaltegoTransform import *
import sys
import urllib2
import requests
mt = MaltegoTransform()
mt.parseArguments(sys.argv)
target_email = mt.getValue()
mt = MaltegoTransform()
random_email = "*****@*****.**"
response = requests.get('https://rapportive.com/login_status?user_email=' +
random_email).json()
profile = requests.get('https://profiles.rapportive.com/contacts/email/' +
target_email,
headers={
'X-Session-Token': response['session_token']
}).json()
if profile['contact']['name']:
mt.addEntity("maltego.Person", profile['contact']['name'])
if profile['contact']['location']:
mt.addEntity("maltego.Location", profile['contact']['location'])
#!/usr/bin/python
from MaltegoTransform import *
import sys
import urllib2
import re
mt = MaltegoTransform()
mt.parseArguments(sys.argv)
domain=mt.getValue()
url="http://safeweb.norton.com/heartbleed?url=www."
getrequrl=url+domain
try:
response = urllib2.urlopen(getrequrl)
ser=re.search(r'is vulnerable',response.read())
if ser:
print "a"
mt.addEntity("maltego.Phrase","HeartBleed Vulnerable")
except:
print ""
mt.returnOutput()
#!/usr/bin/python
#reverseipdomain.py
#Author: Sudhanshu Chauhan - @Sudhanshu_C
#This Script will perform a reverse IP domain check using http://www.yougetsignal.com
#In case yougetsignal is down due to overload, we can also use: http://www.my-ip-neighbors.com/?domain=. Simply change the value of the parameter 'opencnam'.
from MaltegoTransform import *
import sys
import urllib2
import re
mt = MaltegoTransform()
mt.parseArguments(sys.argv)
url=mt.getValue()
mt = MaltegoTransform()
opencnam="http://domains.yougetsignal.com/domains.php?remoteAddress="
getrequrl=opencnam+url
header={'User-Agent':'Mozilla',}
req=urllib2.Request(getrequrl,None,header)
response=urllib2.urlopen(req)
domains=re.findall("((?:[0-9]*[a-z][a-z\\.\\d\\-]+)\\.(?:[0-9]*[a-z][a-z\\-]+))(?![\\w\\.])",response.read())
for domain in domains:
mt.addEntity("maltego.Domain", domain)
mt.returnOutput()
#!/usr/bin/python
# phntocomp.py
# Author: Sudhanshu Chauhan - @Sudhanshu_C
# This Script will retrieve the Company name from the provided Phone Number
# It uses the API provided by https://www.opencnam.com
# For MaltegoTransform library and Installation guidelines go to http://www.paterva.com/web6/documentation/developer-local.php
from MaltegoTransform import *
import sys
import urllib2
mt = MaltegoTransform()
mt.parseArguments(sys.argv)
phn = mt.getValue()
phn = phn.replace(" ", "")
mt = MaltegoTransform()
opencnam = "https://api.opencnam.com/v2/phone/"
getrequrl = opencnam + phn
response = urllib2.urlopen(getrequrl)
mt.addEntity("maltego.Phrase", response.read())
mt.returnOutput()
#!/usr/bin/python
#reverseipdomain.py
#Author: Sudhanshu Chauhan - @Sudhanshu_C
#This Script will perform a reverse IP domain check using http://www.yougetsignal.com
#In case yougetsignal is down due to overload, we can also use: http://www.my-ip-neighbors.com/?domain=. Simply change the value of the parameter 'opencnam'.
from MaltegoTransform import *
import sys
import urllib2
import re
mt = MaltegoTransform()
mt.parseArguments(sys.argv)
url = mt.getValue()
mt = MaltegoTransform()
opencnam = "http://domains.yougetsignal.com/domains.php?remoteAddress="
getrequrl = opencnam + url
header = {
'User-Agent': 'Mozilla',
}
req = urllib2.Request(getrequrl, None, header)
response = urllib2.urlopen(req)
domains = re.findall(
"((?:[0-9]*[a-z][a-z\\.\\d\\-]+)\\.(?:[0-9]*[a-z][a-z\\-]+))(?![\\w\\.])",
response.read())
for domain in domains:
mt.addEntity("maltego.Domain", domain)
mt.returnOutput()
#!/usr/bin/python
#################
# NMAP SCAN TOOL#
#################
import os, sys, re
from MaltegoTransform import *
m_ent = MaltegoTransform();
m_ent.parseArguments(sys.argv);
m_ent.getValue();
ports = "20-25,80,6789"
victim = sys.argv[1] # ip address of victim
file_name = victim
nmap_cmd_line_args = "nmap -oG " + file_name + " -sV -p" + ports + " " + victim + ">" + file_name + ".txt"
os.system(nmap_cmd_line_args)
# open output file of nmap
f = open(file_name)
for line in f:
cut_host = re.sub(r'Host(.*)\t', '', line)
if cut_host[:5] == "Ports":
cut_ports = re.sub(r'Ports: ', '', cut_host)
fields = cut_ports.split(", ")
for field in fields:
kill_slash = field.replace("//", "/")
#!/usr/bin/env python
import sys
import urllib2
from MaltegoTransform import *
mt = MaltegoTransform()
mt.parseArguments(sys.argv)
SearchString = mt.getValue()
mt = MaltegoTransform()
url = 'http://api.predator.wtf/resolver/?arguments='+SearchString
ipaddress = urllib2.urlopen(url).read()
mt.addEntity("maltego.IPv4Address",ipaddress)
mt.returnOutput()
#This Script will retrieve the Domain(s) at which the specified account has been compromised
#It uses the API provided by https://haveibeenpwned.com/
#Special Thanks to Troy Hunt - http://www.troyhunt.com/
#For MaltegoTransform library and Installation guidelines go to http://www.paterva.com/web6/documentation/developer-local.php
import sys
import urllib2
import json
from MaltegoTransform import *
HIBP = "https://haveibeenpwned.com/api/breachedaccount/"
mt = MaltegoTransform()
mt.parseArguments(sys.argv)
email = mt.getValue()
mt = MaltegoTransform()
getrequrl = HIBP + email
try:
response = urllib2.urlopen(getrequrl)
data = json.load(response)
response = data
for rep in response:
mt.addEntity("maltego.Phrase","Pwned at " + rep)
except urllib2.URLError, e: # "Response Codes" within https://haveibeenpwned.com/API/v1
if e.code == 400:
mt.addUIMessage("The e-mail account does not comply with an acceptable format",messageType="PartialError")