Visualizing DomainTools Data with Maltego

| July 1, 2014

Today, we’re announcing the availability of a Maltego transform server that makes it incredibly easy to visualize the relationships among domains, registrants, IP addresses and all DomainTools data. This service, provided by a partnership with Malformity Labs, already incorporates DomainTools’ extensive database into the Maltego transform server, and can immediately accelerate your investigations.

Using the transform server will accelerate your investigations by allowing you to visually explore and uncover connections in DomainTools data.

The technology behind that capability was custom-built for DomainTools by Malformity Labs, a US-based company that specializes in building Maltego transforms for cybersecurity analysts and cybercrime investigators. We extended that project into a long-term partnership with Malformity that lets us support our enterprise customers with Maltego’s rich visualizations.

Available Now

Our enterprise customers can now access these capabilities without the cost or complexity of building their own transforms. The DomainTools Maltego transform server is available today for our Enterprise API customers. New customers can accelerate their investigations by taking advantage of this packaged offering. Contact us to setup a trial and see what it can do for your team.

See it in action:

Recent reports from Mandiant/FireEye and Crowdstrike on an Iranian hacker group gave us a great opportunity to explore the connections DomainTools’ data can uncover among aspects of an attacker’s infrastructure. To help illustrate those connections, and show how we uncovered a domain absent from either report, have a look at our video case study:




Category: cyber attack, Cybercrime Investigation, Cybersecurity, Data, Domain Tools Updates

About the Author ()

DomainTools offers the most comprehensive searchable database of domain name registration (Whois), IP address and hosting data geared to investigate security attacks, cyber espionage, online fraud and all forms of cybercrime. DomainTools' web-based application enables users to pivot through 12 years historical records of Whois, hosting, DNS information and screenshots, the industry's broadest source of domain profiles including all ccTLDs, and IP address, hosting data, mail server records and more in order to find connections from unknown sources to known sources of badness. Customers and industry partners can integrate rich dataset into their IT Security solutions through DomainTools' APIs, including Parsed Whois API for structured data of current domain registration. DomainTools' customers include many companies within the Fortune 500, numerous global government agencies with cybercrime investigation units and many vendors in the security and online fraud investigation industries.

Comments (1)

Trackback URL | Comments RSS Feed

  1. Very cool software — both in its intent and execution!

    Building such a tool was on my to-do list, and I’m happy to cross it off.