Maltego Entities
The integration uses default Maltego Entities and Malformity Labs Entities to represent observables, for compatibility with other transform sets. Recorded Future also defines several entity types that are not common Maltego or Malformity Labs entities.
These Entities are supported:
Maltego Entities
- Alias
- AS Number
- Company
- Domain
- Email Address
- Hash
- IPv4 Address
- NSRecord
- MXRecord
- Organization
- Phrase
- URL
Malformity Labs Entities
- Filename
- Mutex
- Registry Entry – returned values are registry keys
Recorded Future Entities
- Analyst Note – Research notes written by Recorded Future’s Insikt Group
- Attack Vector – Cyber attack vector (e.g., cross site scripting, DDOS, Phishing)
- Malware – Common malware street names (e.g., Locky, Wcry, Mirai)
- Malware Category – Common categories of malware (e.g., Ransomware, Adware, Trojan)
- Malware Signature – detection signature names, usually anti-virus
- Operation – hacktivist operations and APT campaigns
- Recorded Future Doc – a web document analyzed by Recorded Future
- Vulnerability – NIST CVE numbers and vendor-specific advisory numbers
More information about Recorded Future Transforms for Maltego are available on this support page.