Transforms

Overview

Transforms should be thought of as tiny pieces of code that take one type of information to another. It is very important to write transforms in such a way that they are extensible (transforms can add on to others) and get the smallest pieces of information out rather than large blocks at a time. The reason we emphasize small pieces of information is that it means we can harness the power of Maltego's link analysis. Take the two images below for example (they merely show IP addresses as well as ports and banners):

   

The graph on the left has a whole layer less, whilst showing the same information. However using the graph on the right allows the analyst to quickly look at things like all services running on port 80. Doing the same on the graph on the left would however mean you would have to traverse up the tree to the IP addresses and then down again to the services giving you other services that are not running on port 80.

TDS Transforms

The TDS is the Transform Distribution Server and is a web application that allows for the distribution and management of transforms, seeds and settings. Essentially the TDS means that your transforms are written as a web services (or application/pages), and the TDS will call these scripts.

The easiest way to think of it is as a proxy for transforms. The clients sends a request to the TDS that then calls the script remotely and returns the response, this can be seen in the picture on the left.

PROS:
  • Easy to setup (you just need a webserver on the Internet)
  • No configuration needed client side, scripts all live in one place
  • Updating instantly impacts all clients
  • Deeper into the protocol (Slider value + Transform settings/Popups)
CONS:
  • Data travels over the wire on the Internet
  • Cannot integrate with local applications
  • All requests come from a single point (may impact things like rate limiting APIs etc)
  • Entire infrastructure is not controlled by end user



Building TDS Transforms

If you would like to build your own transforms you can follow the TDS section from the getting started guide below:

Building your own TDS Transform »