Maltego Transforms | OSINT | crt.sh Local Transforms

12 September 2017

I just released some local Maltego transforms for the site, https://crt.sh, which is a tool released by Comodo to identify SSL certificates. This site has so much potential for both sides of security, wether it be mapping an internal network, or making sure nothing wonky is going on with your certs internally.

In any case, I figured some Maltego transforms would go a long way. Before digging into the instructions below, check out the project here - https://github.com/brianwarehime/crt.sh-Maltego-Transforms

Requirements

  • You need to have requests and BeautifulSoup installed. Which can be done through pip install requests and pip install beautifulsoup

Installation

  • Grab the .mtz file I have hosted on my github, here.
  • Import this .mtz file into Maltego, by going to the top-left icon, then Import, then Import Configuration.
  • Grab the Python code from my Github for the transforms. You'll grab crtsh.py and MaltegoTransform.py from this repo.
  • Put crtsh.py and MaltegoTransform.py into a folder called crtsh
  • Move the crtsh folder to /opt/Maltego You'll most likely need to create this folder first

Using this Transform

Once you import the transform, you'll add a new Website entity to the graph, and enter the domain as the entity name (i.e. nullsecure.org). The transform will search for any other hosts that have certificates under your domain name (i.e. test.nullsecure.org, stuff.nullsecure.org, etc.)

Sample Results

https://i.imgur.com/0Ga8gsS.png

That should be all you need to get going, if you run into any issues or have bug reports/issues, please shoot them to me at brian@nullsecure.org, or on twitter @brian_warehime, or file an issue in Github.

Thanks!