MalNet Maltego Transforms with ProofPoint Data - ShadowDragon

MalNet Maltego Transforms with ProofPoint Data

Featured MalNet Maltego Transforms with Proofpoint Data

MalNet accesses the Proofpoint ET Intelligence™ comprehensive database that contains current and historical malicious IP addresses and domains. In this blog post we share screenshots of Maltego 4 and a quick youtube video.

In this example, we cover 15 domains related to GozNym campaigns that operated in the month of April, 2016.

MalNet with GozNym

In the examples below, within the screenshots provided we cover malware associated with the domains manualtatex.com and houndsofcullen.com, identifying related malware, IP addresses, associated domains and IDS signatures related to traffic generated by malware.

Starting with a Hash

MalNet_Maltego_Transforms_with_Proofpoint-Starting_with_a_Hash

Get DNS Lookups

MalNet_Maltego_Transforms_with_Proofpoint-Get_DNS_Lookups

Acquire Related IP Addresses

MalNet_Maltego_Transforms_with_Proofpoint-Acquire_Related_IP_Addresses

Identify IDS Signatures Related to Malware Traffic

MalNet_Maltego_Transforms_with_Proofpoint-Identify_IDS_Signatures

With the capability to track both physical and digital threats, ShadowDragon’s are valuable to most any security, cybersecurity, intelligence or law enforcement professional in support of:

  • Visualize malware connections and campaigns into the 1000s of records
  • Analyze data using 100+ commercially supported transforms
  • Access industry leading current and historical Proofpoint ET Intelligence
  • Connect specific attack campaigns to billions of available individual indicators
  • Search and view attacks and actors in motion all over the world.
  • Easily pivot and drill down with a forensic data trail for incident investigation.
  • Correlate IDS Signatures to Malware for network based IOCs.

SaveSave

SaveSave

SaveSave

SaveSave

SaveSave

DanielImage

Daniel Clemens

Daniel Clemens is the founder and CEO of both ShadowDragon and Packet Ninjas, a niche cyber security consulting and services company.

With extensive experience in defensive and offensive security, Daniel has been a quiet trailblazer in digital intel gathering long before cyber intelligence became a discipline. More than a decade ago he was inventing and applying his own intelligence tools in support of companies and governments around the world facing urgent threats. Using this deep understanding of web technologies and the behaviors of cybercriminals, he has enhanced, updated and packaged these tools under ShadowDragon.

Daniel is a member of the Odonata Holdings, Inc.
Scroll to Top