Building your own transforms

Do not panic.

The idea of writing transforms for Maltego may seem daunting but really its a simple process and once you have written your first transform it becomes an incredibly simple process.

In this section we will write a local transform, this is something that will run locally on the same machine that Maltego runs on. We recommend that you take a look at Differences between local and TDS transforms page to see what the differences are between these and TDS transforms.

Your first Local Transform

Requirements

Porgramming Environment - This can be any locally executable program or scripting language, for these examples we will be using PHP and Python
Maltego Client - You should already have downloaded this and have it installed.

Setup your environment

You will need to pick a language to develop your transform in, something that you are fairly comfortable with, we recommend PHP or Python as these already have libraries available for them. For this quick tutorial I will use a simple PHP/Python script without any use of the libraries.

The next section will assume you are already comfortable running Python and PHP code from a console.

Copy the following script to a local directory

<?php
echo '



Hello World
100






';

		

		#!/usr/bin/python
		print """
		
		
		
		Hello World
		100
		
		
		
		
		
		
		"""
		


After saving these files you should be able to execute them from a shell / console / terminal in a similar way to the following:

   

Setup Maltego

Adding a new local transform should be a relatively painless process and you shouldn't need to leave the client for the duration of the process.

To add a new local transform you will first need to launch the wizard, this you can do by selecting the Manage tab from within the ribbon and clicking on the Local Transform button as seen below:



From here you will be greeted with the first screen of the wizard, this screen describes the Meta information as well as the Input entity type and Transform Set
  • Meta Information - This is information describing the transform including the Display Name, Description and Author
  • Input Entity Type - This is the input entity that this transform will run on to return output.
  • Transform Set - You can populate this if you want to automatically add this transform to a set.

An example of this screen populated is as follows:



The setup for Maltego is slightly more involved and you will be required to know the Command to execute, the Script name / Parameters and the Working Directory:
  • Command to execute - This is the interpreter or compiled application, for example the command for Python might be c:\Python26\Python.exe or /usr/bin/python.
  • Script name / Parameters - If your executable takes parameters or if you are using an interpreted language such as Python you will set this field to one of these. For example ours would be helloWorld.py if we are executing a Python script called helloWorld.py.
  • Working Directory - This is the directory where the local scripts are stored.
An example of these fields populated are as follows:



Well done! You have successfully added your first Local transform!

From here you can simply drag in the entity you initially selected when adding the transform (in our example it is a Domain). You will then see the option when right clicking and selecting all transforms and then clicking on the name you gave to the transform (in our example it is 'Hello World Example Transform'). The two pictures below also describe this process: