💬 コミュニケーション コミュニティ
maltego-transforms
Build custom Maltego transforms for visual OSINT graph analysis and relationship mapping. Use when: mapping connections between domains, IPs, emails, persons, and organizations; visual threat intelligence; complex OSINT correlation across multiple data sources.
⚡ おすすめ: コマンド1行でインストール(60秒)
下記のコマンドをコピーしてターミナル(Mac/Linux)または PowerShell(Windows)に貼り付けてください。 ダウンロード → 解凍 → 配置まで全自動。
🍎 Mac / 🐧 Linux
mkdir -p ~/.claude/skills && cd ~/.claude/skills && curl -L -o maltego-transforms.zip https://jpskill.com/download/15099.zip && unzip -o maltego-transforms.zip && rm maltego-transforms.zip
🪟 Windows (PowerShell)
$d = "$env:USERPROFILE\.claude\skills"; ni -Force -ItemType Directory $d | Out-Null; iwr https://jpskill.com/download/15099.zip -OutFile "$d\maltego-transforms.zip"; Expand-Archive "$d\maltego-transforms.zip" -DestinationPath $d -Force; ri "$d\maltego-transforms.zip"完了後、Claude Code を再起動 → 普通に「動画プロンプト作って」のように話しかけるだけで自動発動します。
💾 手動でダウンロードしたい(コマンドが難しい人向け)
- 1. 下の青いボタンを押して
maltego-transforms.zipをダウンロード - 2. ZIPファイルをダブルクリックで解凍 →
maltego-transformsフォルダができる - 3. そのフォルダを
C:\Users\あなたの名前\.claude\skills\(Win)または~/.claude/skills/(Mac)へ移動 - 4. Claude Code を再起動
⚠️ ダウンロード・利用は自己責任でお願いします。当サイトは内容・動作・安全性について責任を負いません。
🎯 このSkillでできること
下記の説明文を読むと、このSkillがあなたに何をしてくれるかが分かります。Claudeにこの分野の依頼をすると、自動で発動します。
📦 インストール方法 (3ステップ)
- 1. 上の「ダウンロード」ボタンを押して .skill ファイルを取得
- 2. ファイル名の拡張子を .skill から .zip に変えて展開(macは自動展開可)
- 3. 展開してできたフォルダを、ホームフォルダの
.claude/skills/に置く- · macOS / Linux:
~/.claude/skills/ - · Windows:
%USERPROFILE%\.claude\skills\
- · macOS / Linux:
Claude Code を再起動すれば完了。「このSkillを使って…」と話しかけなくても、関連する依頼で自動的に呼び出されます。
詳しい使い方ガイドを見る →- 最終更新
- 2026-05-18
- 取得日時
- 2026-05-18
- 同梱ファイル
- 1
📖 Claude が読む原文 SKILL.md(中身を展開)
この本文は AI(Claude)が読むための原文(英語または中国語)です。日本語訳は順次追加中。
Maltego Transforms
Overview
Maltego is a visual link analysis tool used for OSINT and threat intelligence. Custom transforms let you query any API or data source and display results as connected graph nodes. Build transforms using Python with the Canari framework or the official TRX (Transform eXchange) library.
Setup
Install dependencies
pip install canari maltego-trx requestsProject structure
my-transforms/
├── project.conf
├── src/
│ └── mytransforms/
│ ├── __init__.py
│ ├── transforms/
│ │ ├── __init__.py
│ │ ├── domain_to_emails.py
│ │ └── ip_to_asn.py
│ └── entities.pyCore Concepts
Entity types (built-in)
| Entity | Maltego class | Description |
|---|---|---|
| Domain | Domain |
Domain name (example.com) |
| IP Address | IPAddress |
IPv4/IPv6 address |
EmailAddress |
Email address | |
| Person | Person |
Individual name |
| Organization | Organization |
Company or org name |
| URL | URL |
Web URL |
| Phone | PhoneNumber |
Phone number |
Transform Examples
1. Domain to Emails (using Hunter.io)
# transforms/domain_to_emails.py
from maltego_trx.maltego import MaltegoMsg, MaltegoTransform
from maltego_trx.transform import DiscoverableTransform
import requests
class DomainToEmails(DiscoverableTransform):
"""Find email addresses associated with a domain using Hunter.io."""
@classmethod
def create_entities(cls, request: MaltegoMsg, response: MaltegoTransform):
domain = request.Value
api_key = request.getTransformSetting("hunter_api_key")
url = f"https://api.hunter.io/v2/domain-search"
params = {
"domain": domain,
"api_key": api_key,
"limit": 100
}
try:
r = requests.get(url, params=params, timeout=10)
data = r.json()
for email_data in data.get("data", {}).get("emails", []):
email = response.addEntity("maltego.EmailAddress", email_data["value"])
email.addProperty("confidence", "Confidence", "loose",
str(email_data.get("confidence", 0)))
if email_data.get("first_name"):
email.addProperty("firstname", "First Name", "loose",
email_data["first_name"])
if email_data.get("last_name"):
email.addProperty("lastname", "Last Name", "loose",
email_data["last_name"])
if email_data.get("position"):
email.addProperty("title", "Title", "loose",
email_data["position"])
except Exception as e:
response.addUIMessage(f"Error: {str(e)}", messageType="PartialError")2. IP to ASN Transform
# transforms/ip_to_asn.py
from maltego_trx.maltego import MaltegoMsg, MaltegoTransform
from maltego_trx.transform import DiscoverableTransform
import requests
class IPToASN(DiscoverableTransform):
"""Lookup ASN and network owner for an IP address."""
@classmethod
def create_entities(cls, request: MaltegoMsg, response: MaltegoTransform):
ip = request.Value
# Use ip-api.com (free, no key required)
url = f"http://ip-api.com/json/{ip}?fields=status,org,as,asname,isp,country,city"
try:
r = requests.get(url, timeout=10)
data = r.json()
if data.get("status") == "success":
# Add ASN as organization entity
org_name = data.get("org", data.get("isp", "Unknown"))
org = response.addEntity("maltego.Organization", org_name)
org.addProperty("as", "AS Number", "loose", data.get("as", ""))
org.addProperty("country", "Country", "loose", data.get("country", ""))
org.addProperty("city", "City", "loose", data.get("city", ""))
# Add location note
response.addUIMessage(
f"ASN: {data.get('as')} | ISP: {data.get('isp')} | {data.get('country')}"
)
except Exception as e:
response.addUIMessage(f"Error: {str(e)}", messageType="PartialError")3. Domain to Subdomains (via crt.sh)
# transforms/domain_to_subdomains.py
from maltego_trx.maltego import MaltegoMsg, MaltegoTransform
from maltego_trx.transform import DiscoverableTransform
import requests
class DomainToSubdomains(DiscoverableTransform):
"""Find subdomains via certificate transparency logs (crt.sh)."""
@classmethod
def create_entities(cls, request: MaltegoMsg, response: MaltegoTransform):
domain = request.Value
url = f"https://crt.sh/?q=%.{domain}&output=json"
try:
r = requests.get(url, timeout=15)
entries = r.json()
seen = set()
for entry in entries:
name = entry.get("name_value", "").strip()
for subdomain in name.split("\n"):
subdomain = subdomain.strip().lstrip("*.")
if subdomain and subdomain not in seen and domain in subdomain:
seen.add(subdomain)
entity = response.addEntity("maltego.Domain", subdomain)
entity.addProperty("issuer", "Issuer", "loose",
entry.get("issuer_name", ""))
response.addUIMessage(f"Found {len(seen)} unique subdomains")
except Exception as e:
response.addUIMessage(f"Error: {str(e)}", messageType="PartialError")Running Transforms Locally
Start local transform server
# runner.py
from maltego_trx.registry import register_transform_function
from maltego_trx.server import application
from transforms.domain_to_emails import DomainToEmails
from transforms.ip_to_asn import IPToASN
from transforms.domain_to_subdomains import DomainToSubdomains
register_transform_function(DomainToEmails)
register_transform_function(IPToASN)
register_transform_function(DomainToSubdomains)
if __name__ == "__main__":
application.run(host="0.0.0.0", port=8080, debug=True)python runner.py
# Transforms available at http://localhost:8080Configure in Maltego
- Open Maltego → Transform Manager
- Add new transform server:
http://localhost:8080 - Import transforms via
Discover Transforms - Run transforms on graph entities
Batch Transform Runner (without Maltego UI)
import requests
import json
def run_transform_batch(targets: list, transform_url: str) -> dict:
"""Run a transform against multiple targets without Maltego UI."""
results = {}
for target in targets:
payload = {
"Value": target,
"Type": "maltego.Domain",
"Properties": {}
}
r = requests.post(transform_url, json=payload, timeout=30)
results[target] = r.json()
return results
# Example usage
domains = ["example.com", "target.org", "company.io"]
emails_found = run_transform_batch(
domains,
"http://localhost:8080/DomainToEmails"
)
for domain, result in emails_found.items():
entities = result.get("MaltegoMessage", {}).get("MaltegoTransformResponseMessage", {}).get("UIMessages", [])
print(f"{domain}: {len(entities)} results")Tips
- Rate limiting: Add delays between API calls in transforms to avoid bans
- Caching: Cache results locally (SQLite) to avoid repeat API calls
- Error handling: Always use
try/exceptandaddUIMessagefor errors — don't let transforms crash silently - Transform settings: Use
getTransformSetting()to pass API keys per-user without hardcoding - Entity weight: Use
entity.setWeight()to visually emphasize important nodes in the graph