README
¶
Maltego
This is a Go package that provides datastructures for interacting with the Maltego graphical link analysis tool.
Key Features
- type safe datastructures for code components: messages and configuration entities are both fully modeled.
- utility functions: Escaping XML, Calculating line thickness etc.
- automatically escapes input: user supplied values are guaranteed to be properly escaped so they don't break the XML.
- go modules support: reproducible builds, semantic versioning
- unit tests: functional correctness
- usage examples: well documented and containerized
- MIT licensed: can be incorporated into proprietary products
Installation
Install the library for use in your Go application:
go get github.com/dreadl0ck/maltego
Usage Examples
Check the examples folder and unit tests!
Unit Tests
Run the unit tests
go test ./...
Code Stats
$ cloc *.go
14 text files.
14 unique files.
0 files ignored.
github.com/AlDanial/cloc v 1.84 T=0.02 s (872.4 files/s, 156290.9 lines/s)
-------------------------------------------------------------------------------
Language files blank comment code
-------------------------------------------------------------------------------
Go 14 366 355 1787
-------------------------------------------------------------------------------
SUM: 14 366 355 1787
-------------------------------------------------------------------------------
License
MIT
Documentation
¶
Index ¶
- Constants
- Variables
- func CopyFile(src, dst string)
- func CreateXMLIconFile(path string)
- func Die(err string, msg string)
- func EscapeText(text string) string
- func GenEntity(path string, category, ident, prefix, propsPrefix, outDir string, ...)
- func GenEntityArchive(entityCategory string)
- func GenMachines(ident string, machinePrefix string)
- func GenMaltegoArchive(ident, category string)
- func GenServerListing(prefix, outDir string, trs []*TransformCoreInfo)
- func GenTransform(workingDir, org, author, prefix string, outDir string, name string, ...)
- func GenTransformArchive()
- func GenTransformSet(name string, description string, prefix string, outDir string, ...)
- func GetThickness(val, min, max uint64) int
- func GetThicknessInterval(val, min, max uint64) int
- func Home(w http.ResponseWriter, r *http.Request)
- func MakeHandler(handler func(w http.ResponseWriter, r *http.Request, t *Transform)) http.HandlerFunc
- func PackEntityArchive()
- func PackMaltegoArchive(name string)
- func PackTransformArchive()
- func Pluralize(name string) string
- func RegisterTransform(handlerFunc http.HandlerFunc, name string)
- func ToTransformDisplayName(in, org string) string
- type AdditionalFields
- type BaseEntities
- type BaseEntity
- type Converter
- type DisplayInformation
- type DisplayLabel
- type Entities
- type Entity
- func (tre *Entity) AddDisplayInformation(text, name string)
- func (tre *Entity) AddProp(fieldName, value string)
- func (tre *Entity) AddProperty(fieldName, displayName, matchingRule, value string)
- func (tre *Entity) GetFieldByName(name string) string
- func (tre *Entity) SetBookmark(bookmark string)
- func (tre *Entity) SetLinkColor(color string)
- func (tre *Entity) SetLinkDirection(dir LinkDirection)
- func (tre *Entity) SetLinkLabel(label string)
- func (tre *Entity) SetLinkStyle(style string)
- func (tre *Entity) SetLinkThickness(thick int)
- func (tre *Entity) SetNote(note string)
- type EntityCoreInfo
- type EntityCoreInfoExtended
- type EntityProperties
- type Exception
- type ExceptionMessage
- type Exceptions
- type Field
- type Fields
- type Genealogy
- type GenealogyType
- type ImageInfos
- type InputConstraints
- type Limits
- type LinkDirection
- type LocalTransform
- type MaltegoEntity
- type MaltegoTransform
- type Property
- type PropertyField
- type RegexConversion
- type RegexGroup
- type RegexGroups
- type RequestMessage
- type ResponseMessage
- type Server
- type Set
- type Transform
- func (tr *Transform) AddEntity(typ, value string) *Entity
- func (tr *Transform) AddException(exceptionString, code string)
- func (tr *Transform) AddUIMessage(message, messageType string)
- func (tr *Transform) PrintProgress(percentage int)
- func (tr *Transform) ReturnOutput() string
- func (tr *Transform) ThrowExceptions() string
- type TransformCoreInfo
- type TransformCoreInfoExtended
- type TransformField
- type TransformFields
- type TransformSet
- type TransformSettingProperties
- type TransformSettingProperty
- type TransformSettings
- type UIMessage
- type UIMessages
- type XMLTransformProperties
Constants ¶
View Source
const ( BookMarkColorNone = "-1" BookMarkColorBlue = "0" BookMarkColorGreen = "1" BookMarkColorYellow = "2" BookMarkColorOrange = "3" BookMarkColorRed = "4" LinkStyleNormal = "0" LinkStyleDashed = "1" LinkStyleDotted = "2" LinkStyleDashdot = "3" UIMessageFatal = "FatalError" UIMessagePartialError = "PartialError" UIMessageInform = "Inform" UIMessageDebug = "Debug" // Strict is used for enabling strict property matching Strict = "strict" // Loose enables loose property matching Loose = "loose" )
constants
View Source
const ( LinkColor = "link#maltego.link.color" LinkStyle = "link#maltego.link.style" LinkThickness = "link#maltego.link.thickness" Label = "link#maltego.link.label" PropertyLinkDirection = "link#maltego.link.direction" Bookmark = "bookmark#" Notes = "notes#" )
properties
View Source
const ( AS = "maltego.AS" Affiliation = "maltego.Affiliation" Alias = "maltego.Alias" Banner = "maltego.Banner" BuiltWithRelationship = "maltego.BuiltWithRelationship" BuiltWithTechnology = "maltego.BuiltWithTechnology" CircularArea = "maltego.CircularArea" Company = "maltego.Company" DNSName = "maltego.DNSName" DateTime = "maltego.DateTime" Device = "maltego.Device" Document = "maltego.Document" Domain = "maltego.Domain" EmailAddress = "maltego.EmailAddress" File = "maltego.File" GPS = "maltego.GPS" Hash = "maltego.Hash" IPv4Address = "maltego.IPv4Address" Image = "maltego.Image" Location = "maltego.Location" MXRecord = "maltego.MXRecord" NSRecord = "maltego.NSRecord" Netblock = "maltego.Netblock" Organization = "maltego.Organization" Person = "maltego.Person" PhoneNumber = "maltego.PhoneNumber" Phrase = "maltego.Phrase" Port = "maltego.Port" Sentiment = "maltego.Sentiment" Service = "maltego.Service" Twit = "maltego.Twit" URL = "maltego.URL" UniqueIdentifier = "maltego.UniqueIdentifier" WebTitle = "maltego.WebTitle" Website = "maltego.Website" )
Variables ¶
View Source
var NoPluralsMap = map[string]struct{}{
"Software": {},
"Ethernet": {},
}
noPluralsMap contains words for which to make an exception when pluralizing nouns.
Functions ¶
func CopyFile ¶
func CopyFile(src, dst string)
CopyFile the source file contents to destination file attributes wont be copied and an existing file will be overwritten.
func CreateXMLIconFile ¶
func CreateXMLIconFile(path string)
CreateXMLIconFile will create the XML structure at the given path.
func Die ¶
Die will create a new transform with an error message and signal an error and the output to maltego.
func EscapeText ¶
EscapeText ensures that the input text is safe to embed within XML.
func GenEntity ¶
func GenEntity(path string, category, ident, prefix, propsPrefix, outDir string, entName string, imgName string, description string, parent string, color string, regex *RegexConversion, fields ...*PropertyField)
TODO: add config struct with defaults
func GenEntityArchive ¶
func GenEntityArchive(entityCategory string)
GenEntityArchive will generate a configuration archive for maltego entities.
Directory structure: . ├── entities │ ├── ... │ └── example.entity ├── EntityCategories │ └── EntityCategory.category ├── Icons │ └── EntityCategory │ ├── sim_card_alert.png │ ├── sim_card_alert.xml │ ├── sim_card_alert24.png │ ├── sim_card_alert32.png │ ├── sim_card_alert48.png │ └── sim_card_alert96.png └── version.properties.
func GenMachines ¶
func GenMaltegoArchive ¶
func GenMaltegoArchive(ident, category string)
func GenServerListing ¶
func GenServerListing(prefix, outDir string, trs []*TransformCoreInfo)
func GenTransform ¶
func GenTransformArchive ¶
func GenTransformArchive()
Directory structure: . ├── Servers │ └── Local.tas ├── TransformRepositories │ └── Local │ ├── corp.Transform1.transform │ ├── corp.Transform1.transformsettings │ ├── ... │ └── ... └── version.properties.
func GenTransformSet ¶
func GenTransformSet(name string, description string, prefix string, outDir string, trs []*TransformCoreInfo)
func GetThickness ¶
GetThickness can be used to calculate the line thickness.
func GetThicknessInterval ¶
GetThicknessInterval returns a value for the line thickness. Calculation happens based on the values provided for min and max.
func Home ¶
func Home(w http.ResponseWriter, r *http.Request)
Home provides a simple greeting together with a listing of supported transforms.
func MakeHandler ¶
func MakeHandler(handler func(w http.ResponseWriter, r *http.Request, t *Transform)) http.HandlerFunc
MakeHandler is util to create a http.HandlerFunc, that will get the deserialized MaltegoMessage from a request, and can populate the Transform response, which will be written back into the connection as soon as the handler exits.
func PackEntityArchive ¶
func PackEntityArchive()
func PackMaltegoArchive ¶
func PackMaltegoArchive(name string)
func PackTransformArchive ¶
func PackTransformArchive()
func RegisterTransform ¶
func RegisterTransform(handlerFunc http.HandlerFunc, name string)
RegisterTransform will register the provided handler in the http.DefaultServeMux and collect the name for the route
func ToTransformDisplayName ¶
e.g. "ToAuditRecords" -> "To Audit Records [org]".
Types ¶
type AdditionalFields ¶
type AdditionalFields struct {
XMLName xml.Name `xml:"AdditionalFields"`
Items []*Field `xml:"Field"`
}
AdditionalFields is a container for fields.
type BaseEntities ¶
type BaseEntities struct {
Text string `xml:",chardata"`
Entities []BaseEntity
}
BaseEntities structure
type Converter ¶
type Converter struct {
XMLName xml.Name `xml:"Converter"`
Text string `xml:",chardata"`
Value string `xml:"Value"`
Groups RegexGroups `xml:"RegexGroups"`
}
Converter contains information how to detect entities based on a regular expression.
type DisplayInformation ¶
type DisplayInformation struct {
Labels []*DisplayLabel `xml:"Label"`
}
DisplayInformation models maltego display information.
type DisplayLabel ¶
type DisplayLabel struct {
XMLName xml.Name `xml:"Label"`
Text string `xml:",cdata"`
Name string `xml:"Name,attr"`
Type string `xml:"Type,attr"`
}
DisplayLabel models a label for display information.
func NewDisplayLabel ¶
func NewDisplayLabel(text string, name string) *DisplayLabel
type Entities ¶
type Entities struct {
Items []*Entity `xml:"Entity"`
}
Entities is a container for maltego entities.
type Entity ¶
type Entity struct {
XMLName xml.Name `xml:"Entity"`
Type string `xml:"Type,attr"`
Genealogy *Genealogy `xml:"Genealogy,omitempty"`
Value string `xml:"Value"`
Weight string `xml:"Weight"`
Info *DisplayInformation `xml:"DisplayInformation,omitempty"`
IconURL string `xml:"IconURL,omitempty"`
Fields *AdditionalFields `xml:"AdditionalFields,omitempty"`
}
Entity models a transform entity.
func (*Entity) AddDisplayInformation ¶
AddDisplayInformation adds display information.
func (*Entity) AddProp ¶
AddProp is shorthand for a strict AddProperty, that uses the title version of the fieldName as displayName.
func (*Entity) AddProperty ¶
AddProperty adds a property.
func (*Entity) GetFieldByName ¶
func (*Entity) SetBookmark ¶
SetBookmark sets a bookmark on the entity.
func (*Entity) SetLinkColor ¶
SetLinkColor sets the link color.
func (*Entity) SetLinkDirection ¶
func (tre *Entity) SetLinkDirection(dir LinkDirection)
SetLinkDirection sets the link direction
func (*Entity) SetLinkLabel ¶
SetLinkLabel sets the link label.
func (*Entity) SetLinkStyle ¶
SetLinkStyle sets the link style.
func (*Entity) SetLinkThickness ¶
SetLinkThickness sets the link thickness.
type EntityCoreInfo ¶
type EntityCoreInfo struct {
Name string `yaml:"name"`
Icon string `yaml:"icon"`
Description string `yaml:"description"`
Parent string `yaml:"parent"`
Fields []*PropertyField `yaml:"fields"`
}
EntityCoreInfo describes an entity.
type EntityCoreInfoExtended ¶ added in v0.0.2
type EntityCoreInfoExtended struct {
Name string `yaml:"name"`
Icon string `yaml:"icon"`
Description string `yaml:"description"`
Parent string `yaml:"parent"`
Fields []*PropertyField `yaml:"fields"`
Image *ImageInfos `yaml:"image"`
}
EntityCoreInfo describes an entity.
type EntityProperties ¶
type EntityProperties struct {
XMLName xml.Name `xml:"Properties"`
Value string `xml:"value,attr"`
DisplayValue string `xml:"displayValue,attr"`
Groups string `xml:"Groups"`
Fields Fields `xml:"Fields"`
}
EntityProperties contain property metadata
type ExceptionMessage ¶
type ExceptionMessage struct {
Exceptions Exceptions `xml:"Exceptions"`
}
ExceptionMessage contains one or more exceptions.
type Exceptions ¶
type Exceptions struct {
Items []*Exception `xml:"Exception"`
}
Exceptions is a container for maltego exceptions.
type Field ¶
type Field struct {
Text string `xml:",chardata"`
MatchingRule string `xml:"MatchingRule,attr"`
Name string `xml:"Name,attr"`
DisplayName string `xml:"DisplayName,attr"`
}
Field structure.
type GenealogyType ¶
GenealogyType structure.
type ImageInfos ¶ added in v0.0.2
type InputConstraints ¶
type InputConstraints struct {
XMLName xml.Name `xml:"InputConstraints"`
Text string `xml:",chardata"`
Entity struct {
Text string `xml:",chardata"`
Type string `xml:"type,attr"`
Min int `xml:"min,attr"`
Max int `xml:"max,attr"`
} `xml:"Entity"`
}
InputConstraints structure
type Limits ¶
type Limits struct {
XMLName xml.Name `xml:"Limits"`
HardLimit string `xml:"HardLimit,attr"`
SoftLimit string `xml:"SoftLimit,attr"`
}
Limits structure.
type LinkDirection ¶
type LinkDirection string
LinkDirection determines the direction of node interconnections (links).
const ( // OutputToInput direction for maltego links OutputToInput LinkDirection = "output-to-input" // InputToOutput direction for maltego links InputToOutput LinkDirection = "input-to-output" )
type LocalTransform ¶
LocalTransform is used to handle a local transform from stdin.
func ParseLocalArguments ¶
func ParseLocalArguments(args []string) LocalTransform
ParseLocalArguments parses the arguments supplied on the commandline.
type MaltegoEntity ¶
type MaltegoEntity struct {
XMLName xml.Name `xml:"MaltegoEntity"`
ID string `xml:"id,attr"`
DisplayName string `xml:"displayName,attr"`
DisplayNamePlural string `xml:"displayNamePlural,attr"`
Description string `xml:"description,attr"`
Category string `xml:"category,attr"`
SmallIconResource string `xml:"smallIconResource,attr"`
LargeIconResource string `xml:"largeIconResource,attr"`
AllowedRoot bool `xml:"allowedRoot,attr"`
ConversionOrder string `xml:"conversionOrder,attr"`
Visible bool `xml:"visible,attr"`
Entities *BaseEntities `xml:"BaseEntities,omitempty"`
Properties EntityProperties `xml:"Properties"`
Converter *Converter `xml:"Converter,omitempty"`
}
MaltegoEntity represents an exported entity model on disk
func NewMaltegoEntity ¶
func NewMaltegoEntity(category, ident, prefix, propsPrefix, entName, imgName, description, parent string, r *RegexConversion, propertyFields ...*PropertyField) MaltegoEntity
type MaltegoTransform ¶
type MaltegoTransform struct {
XMLName xml.Name `xml:"MaltegoTransform"`
Name string `xml:"name,attr"`
DisplayName string `xml:"displayName,attr"`
Abstract bool `xml:"abstract,attr"`
Template bool `xml:"template,attr"`
Visibility string `xml:"visibility,attr"`
Description string `xml:"description,attr"`
Author string `xml:"author,attr"`
RequireDisplayInfo bool `xml:"requireDisplayInfo,attr"`
TransformAdapter string `xml:"TransformAdapter"`
Properties XMLTransformProperties `xml:"Properties"`
Constraints InputConstraints `xml:"InputConstraints"`
OutputEntities string `xml:"OutputEntities"`
DefaultSets defaultSets `xml:"defaultSets"`
StealthLevel string `xml:"StealthLevel"`
}
MaltegoTransform models a maltego transformation when exported as configuration.
func NewTransform ¶
func NewTransform(org, author, prefix, id string, description string, input string) MaltegoTransform
type Property ¶
type Property struct {
Text string `xml:",chardata"`
Name string `xml:"name,attr"`
Type string `xml:"type,attr"`
Nullable bool `xml:"nullable,attr"`
Hidden bool `xml:"hidden,attr"`
Readonly bool `xml:"readonly,attr"`
Description string `xml:"description,attr"`
Popup bool `xml:"popup,attr"`
Abstract bool `xml:"abstract,attr"`
Visibility string `xml:"visibility,attr"`
Auth bool `xml:"auth,attr"`
DisplayName string `xml:"displayName,attr"`
DefaultValue string `xml:"DefaultValue,omitempty"`
SampleValue string `xml:"SampleValue"`
}
Property structure
type PropertyField ¶
type PropertyField struct {
XMLName xml.Name `xml:"Field"`
Text string `xml:",chardata"`
Name string `xml:"name,attr"`
Type string `xml:"type,attr"`
Nullable bool `xml:"nullable,attr"`
Hidden bool `xml:"hidden,attr"`
Readonly bool `xml:"readonly,attr"`
Description string `xml:"description,attr"`
DisplayName string `xml:"displayName,attr"`
SampleValue string `xml:"SampleValue"`
}
PropertyField are set on entities.
func NewRequiredStringField ¶
func NewRequiredStringField(name string, description string) *PropertyField
func NewStringField ¶
func NewStringField(name string, description string) *PropertyField
type RegexConversion ¶
RegexConversion contains conversion information.
type RegexGroup ¶
RegexGroup structure
type RegexGroups ¶
type RegexGroups struct {
Text string `xml:",chardata"`
RegexGroup []RegexGroup `xml:"RegexGroup"`
}
RegexGroups is a container for regex groups.
type RequestMessage ¶
type RequestMessage struct {
XMLName xml.Name `xml:"MaltegoTransformRequestMessage"`
Entities Entities `xml:"Entities"`
Limits Limits `xml:"Limits"`
TransformFields TransformFields `xml:"TransformFields"`
}
RequestMessage models a request.
type ResponseMessage ¶
type ResponseMessage struct {
Entities Entities `xml:"Entities"`
UIMessages UIMessages `xml:"UIMessages"`
}
ResponseMessage models a maltego response message.
type Server ¶
type Server struct {
XMLName xml.Name `xml:"MaltegoServer"`
Text string `xml:",chardata"`
Name string `xml:"name,attr"`
Enabled bool `xml:"enabled,attr"`
Description string `xml:"description,attr"`
URL string `xml:"url,attr"`
LastSync string `xml:"LastSync"`
Protocol struct {
Text string `xml:",chardata"`
Version string `xml:"version,attr"`
} `xml:"Protocol"`
Authentication struct {
Text string `xml:",chardata"`
Type string `xml:"type,attr"`
} `xml:"Authentication"`
Transforms struct {
Text string `xml:",chardata"`
Transform []struct {
Text string `xml:",chardata"`
Name string `xml:"name,attr"`
} `xml:"Transform"`
} `xml:"Transforms"`
Seeds string `xml:"Seeds"`
}
type Transform ¶
type Transform struct {
XMLName xml.Name `xml:"MaltegoMessage"`
ResponseMessage *ResponseMessage `xml:"MaltegoTransformResponseMessage,omitempty"`
ExceptionMessage *ExceptionMessage `xml:"MaltegoTransformExceptionMessage"`
RequestMessage *RequestMessage `xml:"MaltegoTransformRequestMessage,omitempty"`
}
Transform models a maltego transformation message.
func (*Transform) AddException ¶
AddException adds an exception to the transform.
func (*Transform) AddUIMessage ¶
AddUIMessage adds a UI message to the transform.
func (*Transform) PrintProgress ¶
PrintProgress sets the progressbar in Maltego this is documented in the old versions of the Maltego manual but does not seem to work with the current version
func (*Transform) ReturnOutput ¶
ReturnOutput returns the transformations XML representation.
func (*Transform) ThrowExceptions ¶
ThrowExceptions generates an exception message.
type TransformCoreInfo ¶
type TransformCoreInfo struct {
ID string `yaml:"id"` // e.g ToAuditRecords
InputEntity string `yaml:"input"`
Description string `yaml:"description"`
}
TransformCoreInfo describes basic information needed to create a transform.
type TransformCoreInfoExtended ¶
type TransformCoreInfoExtended struct {
ID string `yaml:"id"` // e.g ToAuditRecords
InputEntity string `yaml:"input"`
Description string `yaml:"description"`
Executable string `yaml:"executable"`
Args []string `yaml:"args"`
}
TransformCoreInfo describes additional information needed to create a transform.
type TransformField ¶ added in v0.0.3
TransformField structure.
type TransformFields ¶ added in v0.0.3
type TransformFields struct {
Fields []*TransformField `xml:"Field"`
}
type TransformSet ¶
type TransformSet struct {
XMLName xml.Name `xml:"TransformSet"`
Text string `xml:",chardata"`
Name string `xml:"name,attr"`
Description string `xml:"description,attr"`
Transforms struct {
Text string `xml:",chardata"`
Transform []struct {
Text string `xml:",chardata"`
Name string `xml:"name,attr"`
} `xml:"Transform"`
} `xml:"Transforms"`
}
type TransformSettingProperties ¶
type TransformSettingProperties struct {
Items []TransformSettingProperty `xml:"Properties"`
}
type TransformSettings ¶
type TransformSettings struct {
XMLName xml.Name `xml:"TransformSettings"`
Text string `xml:",chardata"`
Enabled bool `xml:"enabled,attr"`
DisclaimerAccepted bool `xml:"disclaimerAccepted,attr"`
ShowHelp bool `xml:"showHelp,attr"`
RunWithAll bool `xml:"runWithAll,attr"`
Favorite bool `xml:"favorite,attr"`
Property TransformSettingProperties `xml:"Properties"`
}
TransformSettings structure
func NewTransformSettings ¶
func NewTransformSettings(workingDir string, args []string, debug bool, executable string) TransformSettings
type UIMessages ¶
type UIMessages struct {
Items []*UIMessage `xml:"UIMessage"`
}
UIMessages is a container for maltego UIMessages.
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.