from tacyt import TacytApp from maltego.MaltegoTransform import * from APIManagement import Tacyt from maltego.Entities import TacytEntities as te api = TacytApp.TacytApp(Tacyt.APP_ID, Tacyt.SECRET_KEY) m = MaltegoTransform() app = sys.argv[1] try: result = api.get_app_details(app) data = result.get_data() if 'result' in data and data['result'] is not None: details = data['result'] if 'emails' in details: permissions = details['emails'] for i in permissions: m.addEntity(te.EMAIL,i, te.FIELD_NAME, 'emails') else: m.addUIMessage("The search returns null results") except Exception as e: m.addException(str(e)) m.throwExceptions() m.returnOutput()
from maltego.MaltegoTransform import * from APIManagement import Tacyt from maltego.Entities import TacytEntities as te api = TacytApp.TacytApp(Tacyt.APP_ID, Tacyt.SECRET_KEY) m = MaltegoTransform() key = sys.argv[1] try: result = api.get_app_details(key) data = result.get_data() if 'result' in data and data['result'] is not None: if len(data['result']['createDate']) > 0: createDate = data['result']['createDate'].encode('utf-8') datetime = datetime.strptime(createDate, '%Y-%m-%dT%H:%M:%SZ') m.addEntity(te.FIELD, datetime.strftime('%Y-%m-%d %H:%M:%S'), te.FIELD_NAME, 'createDate') else: m.addUIMessage("The search returns null results") except Exception as e: m.addException(str(e)) m.throwExceptions() m.returnOutput()
from maltego.MaltegoTransform import * from APIManagement import Tacyt from maltego.Entities import TacytEntities as te api = TacytApp.TacytApp(Tacyt.APP_ID, Tacyt.SECRET_KEY) m = MaltegoTransform() field = sys.argv[1] try: query = "deadDate:%s"%field result = api.search_apps(query=query,maxResults=100) data = result.get_data() if 'result' in data and data['result'] is not None and 'applications' in data['result'] and data['result']['applications']: for data in data['result']['applications']: if 'key' in data and data['key'] is not None: application = data['key'] m.addEntity(te.KEY, application.encode('utf-8', errors='ignore')) else: m.addUIMessage("The key is not found in the results") else: m.addUIMessage("The search returns null results") except Exception as e: m.addException(str(e)) m.throwExceptions() m.returnOutput()
api = TacytApp.TacytApp(Tacyt.APP_ID, Tacyt.SECRET_KEY) m = MaltegoTransform() app = sys.argv[1] try: result = api.get_app_details(app) data = result.get_data() if 'result' in data and data['result'] is not None: details = data['result'] if 'developerName' in details: if len(details['developerName']) > 0: m.addEntity(te.ALIAS, str(details['developerName'].encode('utf-8')), te.FIELD_NAME, 'developerName') if 'developerPrivacy' in details: if len(details['developerPrivacy']) > 0: m.addEntity(te.DOMAIN, str(details['developerPrivacy'].encode('utf-8')), te.FIELD_NAME, 'developerPrivacy') if 'developerWeb' in details: if len(details['developerWeb']) > 0: m.addEntity(te.DOMAIN, str(details['developerWeb'].encode('utf-8')), te.FIELD_NAME, 'developerWeb') if 'developerEmail' in details: if len(details['developerEmail']) > 0: m.addEntity(te.EMAIL, str(details['developerEmail'].encode('utf-8')), te.FIELD_NAME, 'developerEmail') else: m.addUIMessage("The search returns null results")
from APIManagement import Tacyt from maltego.Entities import TacytEntities as te api = TacytApp.TacytApp(Tacyt.APP_ID, Tacyt.SECRET_KEY) m = MaltegoTransform() key = sys.argv[1] try: result = api.get_app_details(key) data = result.get_data() if 'result' in data and data['result'] is not None: details = data['result'] if 'recentChanges' in details: m.addEntity(te.FIELD, str(details['recentChanges'].encode('utf-8')), te.FIELD_NAME, 'recentChanges') if 'description' in details: m.addEntity(te.FIELD, str(details['description'].encode('utf-8')), te.FIELD_NAME, 'description') else: m.addUIMessage("The search returns null results") except Exception as e: m.addException(str(e)) m.throwExceptions() m.returnOutput()
from maltego.Entities import TacytEntities as te api = TacytApp.TacytApp(Tacyt.APP_ID, Tacyt.SECRET_KEY) m = MaltegoTransform() key = sys.argv[1] try: result = api.get_app_details(key) data = result.get_data() if 'result' in data and data['result'] is not None: details = data['result'] if 'packageName' in details: m.addEntity(te.FIELD, details['packageName'].encode('utf-8'), te.FIELD_NAME, 'packageName') if 'hashPath' in details: m.addEntity(te.HASH, details['hashPath'].encode('utf-8'), te.FIELD_NAME, 'hashPath or SHA-1') if 'md5' in details: m.addEntity(te.HASH, details['md5'].encode('utf-8'), te.FIELD_NAME, 'md5') if 'sha256' in details: m.addEntity(te.HASH, details['sha256'].encode('utf-8'), te.FIELD_NAME, 'sha256') if 'size' in details: size = details['size'] m.addEntity(te.FIELD, str(size).encode('utf-8'), te.FIELD_NAME, 'size')
api = TacytApp.TacytApp(Tacyt.APP_ID, Tacyt.SECRET_KEY) m = MaltegoTransform() key = sys.argv[1] try: result = api.get_app_details(key) data = result.get_data() if 'result' in data and data['result'] is not None: details = data['result'] if 'deadDate' in details: deadDate = details['deadDate'].encode('utf-8') datetime = datetime.strptime(deadDate, '%Y-%m-%dT%H:%M:%SZ') m.addEntity(te.FIELD, datetime.strftime('%Y-%m-%d %H:%M:%S'), te.FIELD_NAME, 'deadDate') else: m.addUIMessage("The app is not dead.") else: m.addUIMessage("The search returns null results") except Exception as e: m.addException(str(e)) m.throwExceptions() m.returnOutput()
api = TacytApp.TacytApp(Tacyt.APP_ID, Tacyt.SECRET_KEY) m = MaltegoTransform() field = sys.argv[1] try: query = "deadDate:%s" % field result = api.search_apps(query=query, maxResults=100) data = result.get_data() if 'result' in data and data[ 'result'] is not None and 'applications' in data[ 'result'] and data['result']['applications']: for data in data['result']['applications']: if 'key' in data and data['key'] is not None: application = data['key'] m.addEntity(te.KEY, application.encode('utf-8', errors='ignore')) else: m.addUIMessage("The key is not found in the results") else: m.addUIMessage("The search returns null results") except Exception as e: m.addException(str(e)) m.throwExceptions() m.returnOutput()
from maltego.Entities import TacytEntities as te api = TacytApp.TacytApp(Tacyt.APP_ID, Tacyt.SECRET_KEY) m = MaltegoTransform() key = sys.argv[1] try: result = api.get_app_details(key) data = result.get_data() if 'result' in data and data['result'] is not None: details = data['result'] if 'packageName' in details: m.addEntity(te.FIELD, details['packageName'].encode('utf-8'), te.FIELD_NAME, 'packageName') if 'hashPath' in details: m.addEntity(te.HASH, details['hashPath'].encode('utf-8'), te.FIELD_NAME, 'hashPath or SHA-1') if 'md5' in details: m.addEntity(te.HASH, details['md5'].encode('utf-8'), te.FIELD_NAME, 'md5') if 'sha256' in details: m.addEntity(te.HASH, details['sha256'].encode('utf-8'), te.FIELD_NAME, 'sha256') if 'size' in details: size = details['size']
api = TacytApp.TacytApp(Tacyt.APP_ID, Tacyt.SECRET_KEY) m = MaltegoTransform() app = sys.argv[1] try: result = api.get_app_details(app) data = result.get_data() if 'result' in data and data['result'] is not None: details = data['result'] if 'nPermissions' in details: if len(details['nPermissions']) > 0: m.addEntity(te.FIELD, str(details['nPermissions']), te.FIELD_NAME, 'nPermissions') if 'permissionName' in details: if len(details['permissionName']) > 0: permissions = details['permissionName'] for i in permissions: m.addEntity(te.FIELD,i, te.FIELD_NAME, 'permissionName') else: m.addUIMessage("The search returns null results") except Exception as e: m.addException(str(e)) m.throwExceptions()
from maltego.Entities import TacytEntities as te api = TacytApp.TacytApp(Tacyt.APP_ID, Tacyt.SECRET_KEY) m = MaltegoTransform() app = sys.argv[1] try: result = api.get_app_details(app) data = result.get_data() if 'result' in data and data['result'] is not None: details = data['result'] if 'nPermissions' in details: if len(details['nPermissions']) > 0: m.addEntity(te.FIELD, str(details['nPermissions']), te.FIELD_NAME, 'nPermissions') if 'permissionName' in details: if len(details['permissionName']) > 0: permissions = details['permissionName'] for i in permissions: m.addEntity(te.FIELD, i, te.FIELD_NAME, 'permissionName') else: m.addUIMessage("The search returns null results") except Exception as e: m.addException(str(e)) m.throwExceptions() m.returnOutput()
api = TacytApp.TacytApp(Tacyt.APP_ID, Tacyt.SECRET_KEY) m = MaltegoTransform() key = sys.argv[1] try: result = api.get_app_details(key) data = result.get_data() if 'result' in data and data['result'] is not None: details = data['result'] if 'recentChanges' in details: m.addEntity(te.FIELD, str(details['recentChanges'].encode('utf-8')), te.FIELD_NAME, 'recentChanges') if 'description' in details: m.addEntity(te.FIELD, str(details['description'].encode('utf-8')), te.FIELD_NAME, 'description') else: m.addUIMessage("The search returns null results") except Exception as e: m.addException(str(e)) m.throwExceptions() m.returnOutput()
api = TacytApp.TacytApp(Tacyt.APP_ID, Tacyt.SECRET_KEY) m = MaltegoTransform() app = sys.argv[1] try: result = api.get_app_details(app) data = result.get_data() if 'result' in data and data['result'] is not None: details = data['result'] if 'nPermissions' in details: m.addEntity(te.FIELD, str(details['nPermissions']), te.FIELD_NAME, 'nPermissions') if 'createDate' in details: m.addEntity(te.FIELD, str(details['createDate']), te.FIELD_NAME, 'createDate') if 'newestDateFile' in details: m.addEntity(te.FIELD, str(details['newestDateFile']), te.FIELD_NAME, 'newestDateFile') if 'oldestDateFile' in details: m.addEntity(te.FIELD, str(details['oldestDateFile']), te.FIELD_NAME, 'oldestDateFile') if 'updateDate' in details: m.addEntity(te.FIELD, str(details['updateDate']), te.FIELD_NAME, 'updateDate') if 'uploadDate' in details: m.addEntity(te.FIELD, str(details['uploadDate']), te.FIELD_NAME, 'uploadDate')
""" from tacyt import TacytApp from maltego.MaltegoTransform import * from APIManagement import Tacyt from maltego.Entities import TacytEntities as te api = TacytApp.TacytApp(Tacyt.APP_ID, Tacyt.SECRET_KEY) m = MaltegoTransform() app = sys.argv[1] try: result = api.get_app_details(app) data = result.get_data() if 'result' in data and data['result'] is not None: details = data['result'] if 'links' in details: l_links = details['links'] for i in l_links: m.addEntity(te.DOMAIN, i, te.FIELD_NAME, 'permissionName') else: m.addUIMessage("The search returns null results") except Exception as e: m.addException(str(e)) m.throwExceptions() m.returnOutput()
api = TacytApp.TacytApp(Tacyt.APP_ID, Tacyt.SECRET_KEY) m = MaltegoTransform() key = sys.argv[1] try: result = api.get_app_details(key) data = result.get_data() if 'result' in data and data['result'] is not None: details = data['result'] if 'certificateValidFrom' in details: if len(details['certificateValidFrom']) > 0: certificateValidFrom = details['certificateValidFrom'] m.addEntity('maltego.Phrase', certificateValidFrom, te.FIELD_NAME, 'certificateValidFrom') if 'certificateValidTo' in details: if len(details['certificateValidTo']) > 0: certificateValidTo = details['certificateValidTo'] m.addEntity('maltego.Phrase', certificateValidTo, te.FIELD_NAME, 'certificateValidTo') if 'certificateFingerprint' in details: if len(details['certificateFingerprint']) > 0: certificateFingerprint = details['certificateFingerprint'] m.addEntity('maltego.Phrase', certificateFingerprint, te.FIELD_NAME, 'certificateFingerprint') if 'certificateSubjectCommonName' in details: if len(details['certificateSubjectCommonName']) > 0: m.addEntity(te.ALIAS, details['certificateSubjectCommonName'], te.FIELD_NAME, 'certificateSubjectCommonName')
from APIManagement import Tacyt from maltego.Entities import TacytEntities as te api = TacytApp.TacytApp(Tacyt.APP_ID, Tacyt.SECRET_KEY) m = MaltegoTransform() field = sys.argv[1] try: query = 'anyLinks:"%s"' % field result = api.search_apps(query=query, maxResults=100) if result is not None: data = result.get_data() if 'result' in data and data[ 'result'] is not None and 'applications' in data[ 'result'] and data['result']['applications']: for data in data['result']['applications']: if 'key' in data and data['key'] is not None: application = data['key'] m.addEntity(te.KEY, application.encode('utf-8')) else: m.addUIMessage("Key not found in results.") else: m.addUIMessage("Null results are returned in search") except Exception as e: m.addException(str(e)) m.throwExceptions() m.returnOutput()
from APIManagement import Tacyt from maltego.Entities import TacytEntities as te api = TacytApp.TacytApp(Tacyt.APP_ID, Tacyt.SECRET_KEY) m = MaltegoTransform() field = sys.argv[1] try: query = "certificateFingerprint:%s"%field result = api.search_apps(query=query,maxResults=100) data = result.get_data() if 'result' in data and data['result'] is not None and 'applications' in data['result'] and data['result']['applications']: for data in data['result']['applications']: if 'key' in data and data['key'] is not None: application = data['key'] m.addEntity(te.KEY, application.encode('utf-8')) else: m.addUIMessage("The key is not found in the results") else: m.addUIMessage("The search returns null results") except Exception as e: m.addException(str(e)) m.throwExceptions() m.returnOutput()
""" from tacyt import TacytApp from maltego.MaltegoTransform import * from APIManagement import Tacyt from maltego.Entities import TacytEntities as te api = TacytApp.TacytApp(Tacyt.APP_ID, Tacyt.SECRET_KEY) m = MaltegoTransform() app = sys.argv[1] try: result = api.get_app_details(app) data = result.get_data() if 'result' in data and data['result'] is not None: details = data['result'] if 'emails' in details: permissions = details['emails'] for i in permissions: m.addEntity(te.EMAIL, i, te.FIELD_NAME, 'emails') else: m.addUIMessage("The search returns null results") except Exception as e: m.addException(str(e)) m.throwExceptions() m.returnOutput()