├── .github
    └── workflows
    │   ├── duolabs-dlint.yml
    │   ├── pycharm-security.yml
    │   ├── pycqa-pytest.yml
    │   ├── pyup-safety.yml
    │   └── sonatype-jack.yml
├── Go
    ├── ix
    │   ├── .gitignore
    │   └── Main.go
    └── ixapi
    │   ├── API.go
    │   ├── HTTP Functions.go
    │   ├── README.md
    │   └── Search.go
├── HTML
    └── search.html
├── Intelligence X API.pdf
├── Maltego Transform
    ├── README.md
    ├── config
    │   ├── Entities
    │   │   ├── intelx.btcaddress.entity
    │   │   ├── intelx.creditcard.entity
    │   │   ├── intelx.historicalsearchresult.entity
    │   │   ├── intelx.iban.entity
    │   │   ├── intelx.leak.entity
    │   │   ├── intelx.macaddress.entity
    │   │   ├── intelx.searchresult.entity
    │   │   ├── intelx.selector.entity
    │   │   ├── intelx.simhash.entity
    │   │   ├── intelx.storageid.entity
    │   │   ├── intelx.systemid.entity
    │   │   └── intelx.uuid.entity
    │   ├── EntityCategories
    │   │   └── intelligence x entities.category
    │   ├── Servers
    │   │   └── Local.tas
    │   ├── TransformRepositories
    │   │   └── Local
    │   │   │   ├── intelx.fetchhistoricalsearchresult.transform
    │   │   │   ├── intelx.fetchhistoricalsearchresult.transformsettings
    │   │   │   ├── intelx.fetchsearchresult.transform
    │   │   │   ├── intelx.fetchsearchresult.transformsettings
    │   │   │   ├── intelx.history.transform
    │   │   │   ├── intelx.history.transformsettings
    │   │   │   ├── intelx.ixemails.transform
    │   │   │   ├── intelx.ixemails.transformsettings
    │   │   │   ├── intelx.ixselectors.transform
    │   │   │   ├── intelx.ixselectors.transformsettings
    │   │   │   ├── intelx.ixsubdomains.transform
    │   │   │   ├── intelx.ixsubdomains.transformsettings
    │   │   │   ├── intelx.ixurls.transform
    │   │   │   ├── intelx.ixurls.transformsettings
    │   │   │   ├── intelx.leaktreeview.transform
    │   │   │   ├── intelx.leaktreeview.transformsettings
    │   │   │   ├── intelx.searchbtc.transform
    │   │   │   ├── intelx.searchbtc.transformsettings
    │   │   │   ├── intelx.searchcreditcard.transform
    │   │   │   ├── intelx.searchcreditcard.transformsettings
    │   │   │   ├── intelx.searchdomain.transform
    │   │   │   ├── intelx.searchdomain.transformsettings
    │   │   │   ├── intelx.searchemail.transform
    │   │   │   ├── intelx.searchemail.transformsettings
    │   │   │   ├── intelx.searchiban.transform
    │   │   │   ├── intelx.searchiban.transformsettings
    │   │   │   ├── intelx.searchip.transform
    │   │   │   ├── intelx.searchip.transformsettings
    │   │   │   ├── intelx.searchleak.transform
    │   │   │   ├── intelx.searchleak.transformsettings
    │   │   │   ├── intelx.searchmac.transform
    │   │   │   ├── intelx.searchmac.transformsettings
    │   │   │   ├── intelx.searchselector.transform
    │   │   │   ├── intelx.searchselector.transformsettings
    │   │   │   ├── intelx.searchsimhash.transform
    │   │   │   ├── intelx.searchsimhash.transformsettings
    │   │   │   ├── intelx.searchstorageid.transform
    │   │   │   ├── intelx.searchstorageid.transformsettings
    │   │   │   ├── intelx.searchsystemid.transform
    │   │   │   ├── intelx.searchsystemid.transformsettings
    │   │   │   ├── intelx.searchurl.transform
    │   │   │   ├── intelx.searchurl.transformsettings
    │   │   │   ├── intelx.searchuuid.transform
    │   │   │   ├── intelx.searchuuid.transformsettings
    │   │   │   ├── intelx.treeview.transform
    │   │   │   └── intelx.treeview.transformsettings
    │   └── version.properties
    ├── install.py
    ├── project.py
    ├── requirements.txt
    ├── settings.json
    └── transforms
    │   ├── ixemails.py
    │   ├── ixhistory.py
    │   ├── ixsearch.py
    │   ├── ixsearchresult.py
    │   ├── ixselectors.py
    │   ├── ixsubdomains.py
    │   ├── ixtreeview.py
    │   └── ixurls.py
├── PHP
    ├── index.php
    └── lib
    │   ├── IntelligentSearchRequest.php
    │   ├── IntelligentSearchResult.php
    │   └── searchAPI.php
├── Python
    ├── .github
    │   └── workflows
    │   │   ├── duolabs-dlint.yml
    │   │   ├── pycharm-security.yml
    │   │   ├── pycqa-pytest.yml
    │   │   ├── pyup-safety.yml
    │   │   └── sonatype-jack.yml
    ├── .pre-commit-config.yaml
    ├── README.md
    ├── changelog
    │   └── 0.6.3-CHANGELOG.md
    ├── examples
    │   ├── advanced_search.py
    │   ├── download.py
    │   ├── fileview.py
    │   ├── search.py
    │   └── stats.py
    ├── intelx
    │   ├── intelx_identity.py
    │   └── intelxapi.py
    ├── jake-whitelist.json
    ├── pyproject.toml
    ├── requirements-dev.txt
    ├── requirements.txt
    └── scripts
    │   ├── __init__.py
    │   ├── intelx.py
    │   ├── screenshot1.png
    │   └── tests
    │       └── test_main.py
├── README.md
└── httpie.md


/.github/workflows/duolabs-dlint.yml:
--------------------------------------------------------------------------------
 1 | name: 'Duo Dlint'
 2 | 
 3 | on:
 4 |   push:
 5 |   pull_request:
 6 | 
 7 | jobs:
 8 |   security_checks:
 9 |     # runs-on: ubuntu-latest
10 |     runs-on: ubuntu-22.04
11 |     name: Execute the Duo Dlint action
12 |     steps:
13 |     - uses: actions/checkout@v4
14 |     - name: Set up Python 3.12
15 |       uses: actions/setup-python@v5
16 |       with:
17 |         python-version: 3.12
18 |     - name: Run Dlint from Duo
19 |       run: |
20 |         cd ./Python
21 |         pip3 install -e .
22 |         pip3 freeze > requirements.txt
23 |         pip3 install dlint
24 |         python3 -m flake8 --select=DUO ./Python
25 | 


--------------------------------------------------------------------------------
/.github/workflows/pycharm-security.yml:
--------------------------------------------------------------------------------
 1 | name: 'PyCharm Security'
 2 | 
 3 | on:
 4 |   push:
 5 |   pull_request:
 6 |   schedule:
 7 |     - cron: '* * 3 * *'
 8 | 
 9 | jobs:
10 |   security_checks:
11 |     # runs-on: ubuntu-latest
12 |     runs-on: ubuntu-22.04
13 |     name: Execute the pycharm-security action
14 |     steps:
15 |       - uses: actions/checkout@v4    
16 |       - name: Set up Python 3.12
17 |         uses: actions/setup-python@v5
18 |         with:
19 |           python-version: 3.12
20 |       - name: Run PyCharm Security
21 |         uses: tonybaloney/pycharm-security@master
22 |         with:
23 |           path: Python/
24 | 


--------------------------------------------------------------------------------
/.github/workflows/pycqa-pytest.yml:
--------------------------------------------------------------------------------
 1 | # This workflow will install Python dependencies, run tests and lint with a single version of Python
 2 | # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-python
 3 | 
 4 | name: 'PyCQA pytest'
 5 | 
 6 | on:
 7 |   push:
 8 |   pull_request:
 9 | 
10 | permissions:
11 |   contents: read
12 | 
13 | jobs:
14 |   build:
15 | 
16 |     # runs-on: ubuntu-latest
17 |     runs-on: ubuntu-22.04
18 |     strategy:
19 |       matrix:
20 |         python-version: ["3.9", "3.10", "3.11", "3.12"]
21 | 
22 |     steps:
23 |     - uses: actions/checkout@v4
24 |     - name: Set up Python 3 minor releases
25 |       uses: actions/setup-python@v5
26 |       with:
27 |         python-version: ${{ matrix.python-version }}
28 |     # You can test your matrix by printing the current Python version
29 |     - name: Display Python version
30 |       run: python -c "import sys; print(sys.version)"
31 |     - name: Install dependencies
32 |       run: |
33 |         cd ./Python
34 |         python -m pip install --upgrade pip
35 |         pip install pytest
36 |         if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
37 |     - name: Test with pytest
38 |       run: |
39 |         pytest
40 | 


--------------------------------------------------------------------------------
/.github/workflows/pyup-safety.yml:
--------------------------------------------------------------------------------
 1 | name: 'PyUp Safety'
 2 | 
 3 | on:
 4 |   push:
 5 |   pull_request:
 6 |   schedule:
 7 |     - cron: '* * 3 * *'
 8 | 
 9 | jobs:
10 |   security:
11 | 
12 |     # runs-on: ubuntu-latest
13 |     runs-on: ubuntu-22.04
14 | 
15 |     steps:
16 |     - uses: actions/checkout@v4
17 |     - name: Set up Python 3.12
18 |       uses: actions/setup-python@v5
19 |       with:
20 |         python-version: 3.12
21 |     - name: Run safety from PyUp
22 |       run: |
23 |         cd ./Python
24 |         pip3 install -e .
25 |         pip3 freeze > requirements.txt
26 |         pip3 install safety
27 |         safety check -r requirements.txt
28 | 


--------------------------------------------------------------------------------
/.github/workflows/sonatype-jack.yml:
--------------------------------------------------------------------------------
 1 | name: 'Sonatype Jake'
 2 | 
 3 | on:
 4 |   push:
 5 |   pull_request:
 6 |   schedule:
 7 |     - cron: '* * 3 * *'
 8 | 
 9 | jobs:
10 |   security:
11 |     # runs-on: ubuntu-latest
12 |     runs-on: ubuntu-22.04
13 | 
14 |     steps:
15 |       - uses: actions/checkout@v4
16 |       - name: Set up Python 3.12
17 |         uses: actions/setup-python@v5
18 |         with:
19 |           python-version: 3.12
20 | 
21 |       - name: Run jake from Sonatype
22 |         run: |
23 |           
24 |           cd ./Python
25 |           pip3 install pipenv
26 |           pipenv install --dev build
27 |           pipenv install -e .
28 |           pipenv run pip freeze > requirements.txt
29 |           pipenv install --dev jake
30 |           pipenv run jake ddt --whitelist jake-whitelist.json
31 | 


--------------------------------------------------------------------------------
/Go/ix/.gitignore:
--------------------------------------------------------------------------------
1 | *.tmp
2 | debug
3 | .vscode
4 | .sync
5 | *.log
6 | *.exe
7 | debug.test
8 | 


--------------------------------------------------------------------------------
/Go/ix/Main.go:
--------------------------------------------------------------------------------
  1 | /*
  2 | File Name:  Main.go
  3 | Copyright:  2018 Kleissner Investments s.r.o.
  4 | Author:     Peter Kleissner
  5 | 
  6 | This is a command-line tool to use the public Intelligence X API. Usage:
  7 | 
  8 | ix [options] [selector]
  9 | 
 10 | Optional parameters:
 11 |     -k=[key]        Key must be a UUID
 12 |     -s=[sort]       The sort options are: 0 = No sorting, 2 = Most relevant first, 3 = Oldest first, 4 = Newest first
 13 | 
 14 | Examples:
 15 | ix test.com
 16 | ix -s=4 cia.gov
 17 | 
 18 | Selector types supported:
 19 | * Email address
 20 | * Domain, including wildcards like *.example.com
 21 | * URL
 22 | * IPv4 and IPv6
 23 | * CIDRv4 and CIDRv6
 24 | * Phone Number
 25 | * Bitcoin address
 26 | * MAC address
 27 | * IPFS Hash
 28 | * UUID
 29 | * Simhash
 30 | * Credit card number
 31 | * IBAN
 32 | 
 33 | */
 34 | 
 35 | package main
 36 | 
 37 | import (
 38 | 	"context"
 39 | 	"flag"
 40 | 	"fmt"
 41 | 	"html"
 42 | 	"strings"
 43 | 
 44 | 	"github.com/IntelligenceX/SDK/Go/ixapi"
 45 | )
 46 | 
 47 | const defaultMaxResults = 10 // max results to query and show
 48 | 
 49 | const frontendBaseURL = "https://intelx.io/"
 50 | const templateRecordPlain = "==============================\n#%d Date: %s  Title: %s\n------------------------------\n%s\n-> See full result at %s\n"
 51 | const templateFooterPlain = "\n\nDisclaimer: Intelligence X finds information in public electronic records. It does not validate or vet any of the above information."
 52 | 
 53 | const commandLineHelp = "ix [options] [selector]\n\nOptional parameters:\n    -k=[key]        Key must be a UUID\n    -s=[sort]       The sort options are: 0 = No sorting, 2 = Most relevant first, 3 = Oldest first, 4 = Newest first\n\nExamples:\nix test.com\nix -s=4 cia.gov"
 54 | const textSupportedSelectors = "Selector types supported:\n* Email address\n* Domain, including wildcards like *.example.com\n* URL\n* IPv4 and IPv6\n* CIDRv4 and CIDRv6\n* Phone Number\n* Bitcoin address\n* MAC address\n* IPFS Hash\n* UUID\n* Simhash\n* Credit card number\n* IBAN"
 55 | 
 56 | func main() {
 57 | 
 58 | 	keyArgument := flag.String("k", "", "API Key")
 59 | 	sortArgument := flag.Int("s", ixapi.SortXScoreDesc, "Sort")
 60 | 	flag.Parse()
 61 | 
 62 | 	if len(flag.Args()) == 0 {
 63 | 		fmt.Println(commandLineHelp + "\n\n" + textSupportedSelectors)
 64 | 		return
 65 | 	}
 66 | 
 67 | 	selectorArgument := flag.Args()[0]
 68 | 
 69 | 	search(context.Background(), *keyArgument, selectorArgument, *sortArgument)
 70 | }
 71 | 
 72 | func search(ctx context.Context, Key, Selector string, Sort int) {
 73 | 
 74 | 	// If no API URL or key is specified, the default one from the package is used.
 75 | 	search := ixapi.IntelligenceXAPI{}
 76 | 	search.Init("", Key)
 77 | 	results, selectorInvalid, err := search.Search(ctx, Selector, Sort, defaultMaxResults, ixapi.DefaultWaitSortTime, ixapi.DefaultTimeoutGetResults)
 78 | 
 79 | 	if err != nil {
 80 | 		fmt.Printf("Error querying results: %s\n", err)
 81 | 		return
 82 | 	} else if len(results) == 0 && selectorInvalid {
 83 | 		fmt.Println("Invalid input selector. Please specify a strong selector. " + textSupportedSelectors)
 84 | 		return
 85 | 	}
 86 | 
 87 | 	text := generateResultText(ctx, &search, results)
 88 | 	fmt.Println(text)
 89 | }
 90 | 
 91 | func generateResultText(ctx context.Context, api *ixapi.IntelligenceXAPI, Records []ixapi.SearchResult) (text string) {
 92 | 
 93 | 	for n, record := range Records {
 94 | 		previewText, _ := api.FilePreview(ctx, &record.Item)
 95 | 		resultLink := frontendBaseURL + "?did=" + record.SystemID.String()
 96 | 
 97 | 		title := record.Name
 98 | 		if title == "" {
 99 | 			title = "Untitled Document"
100 | 		}
101 | 
102 | 		text += fmt.Sprintf(templateRecordPlain, n, record.Date.UTC().Format("2006-01-02 15:04"), title, previewHTMLToText(previewText), resultLink)
103 | 
104 | 		if n >= defaultMaxResults-1 {
105 | 			break
106 | 		}
107 | 	}
108 | 
109 | 	if len(Records) == 0 {
110 | 		text += "No results.\n"
111 | 	}
112 | 
113 | 	// footer
114 | 	text += templateFooterPlain
115 | 
116 | 	return
117 | }
118 | 
119 | // previewHTMLToText translates an HTML preview to plaintext
120 | func previewHTMLToText(input string) (output string) {
121 | 	input = html.UnescapeString(input)
122 | 
123 | 	lines := strings.Split(input, "\n")
124 | 	for _, line := range lines {
125 | 		output += "| " + line + "\n"
126 | 	}
127 | 
128 | 	return output
129 | }
130 | 


--------------------------------------------------------------------------------
/Go/ixapi/API.go:
--------------------------------------------------------------------------------
  1 | /*
  2 | File Name:  API.go
  3 | Copyright:  2018 Kleissner Investments s.r.o.
  4 | Author:     Peter Kleissner
  5 | Version:    1 from 11/19/2018
  6 | 
  7 | API client code for using the Intelligence X API. Create an IntelligenceXAPI object and call Init first.
  8 | You must set your API key.
  9 | */
 10 | 
 11 | package ixapi
 12 | 
 13 | import (
 14 | 	"context"
 15 | 	"crypto/tls"
 16 | 	"errors"
 17 | 	"io"
 18 | 	"io/ioutil"
 19 | 	"net"
 20 | 	"net/http"
 21 | 	"net/url"
 22 | 	"strconv"
 23 | 	"strings"
 24 | 	"time"
 25 | 
 26 | 	"github.com/gofrs/uuid"
 27 | )
 28 | 
 29 | const defaultAPIURL = "https://2.intelx.io/"
 30 | const publicAPIKey = "00000000-0000-0000-0000-000000000000"
 31 | 
 32 | // IntelligenceXAPI holds all information for communicating with the Intelligence X API.
 33 | // Call Init() first.
 34 | type IntelligenceXAPI struct {
 35 | 	URL string    // The API URL. Always ending with slash.
 36 | 	Key uuid.UUID // The API key assigned by Intelligence X. Contact the company to receive one.
 37 | 
 38 | 	// additional input. Set before calling Init
 39 | 	ProxyURL string // Proxy to use
 40 | 	BindToIP string // Bind to a specific IPv4 or IPv6
 41 | 
 42 | 	// below are the HTTP client settings
 43 | 
 44 | 	// one client for the session
 45 | 	Client              http.Client
 46 | 	RetryAttempts       int // in case of underlying transport failure
 47 | 	UserAgent           string
 48 | 	HTTPMaxResponseSize int64
 49 | }
 50 | 
 51 | // IntelligentSearchRequest is the information from the human for the search.
 52 | type IntelligentSearchRequest struct {
 53 | 	Term        string        `json:"term"`       // Search term submitted by the user, e.g. "Document 1.docx" or "email@example.com"
 54 | 	Buckets     []string      `json:"buckets"`    // Bucket identifiers
 55 | 	Timeout     time.Duration `json:"timeout"`    // Timeout in seconds. May be limited by API config. 0 means default.
 56 | 	MaxResults  int           `json:"maxresults"` // Total number of max results per bucket. May be limited by API config. 0 means default.
 57 | 	DateFrom    string        `json:"datefrom"`   // Date from, both from/to are required if set, format "2006-01-02 15:04"
 58 | 	DateTo      string        `json:"dateto"`     // Date to, both from/to are required if set, format "2006-01-02 15:04"
 59 | 	Sort        int           `json:"sort"`       // Sort order: 0 = no sorting, 1 = X-Score ASC, 2 = X-Score DESC, 3 = Date ASC, 4 = Date DESC
 60 | 	Media       int           `json:"media"`      // Media: 0 = not defined, otherwise MediaX as defined in ixservice
 61 | 	TerminateID []uuid.UUID   `json:"terminate"`  // Optional: Previous search IDs to terminate (normal search or Phonebook). This is if the user makes a new search from the same tab. Same as first calling /intelligent/search/terminate.
 62 | }
 63 | 
 64 | // IntelligentSearchResponse is the result to the initial search request
 65 | type IntelligentSearchResponse struct {
 66 | 	ID                  uuid.UUID `json:"id"`                  // id of the search job. This is used to get the results.
 67 | 	SoftSelectorWarning bool      `json:"softselectorwarning"` // Warning of soft selectors, typically garbage in which results into garbage out
 68 | 	Status              int       `json:"status"`              // Status of the search: 0 = Success (ID valid), 1 = Invalid Term, 2 = Error Max Concurrent Searches
 69 | }
 70 | 
 71 | // Tag classifies the items data
 72 | type Tag struct {
 73 | 	Class int16  `json:"class"` // Class of tag
 74 | 	Value string `json:"value"` // The value
 75 | }
 76 | 
 77 | // Relationship defines a relation between 2 items.
 78 | type Relationship struct {
 79 | 	Target   uuid.UUID `json:"target"`   // Target item systemid
 80 | 	Relation int       `json:"relation"` // The relationship, see RelationX
 81 | }
 82 | 
 83 | // Item represents any items meta-data. It origins from Indexed and is sent as search results.
 84 | // All fields except the identifier are optional and may be zero. It is perfectly valid that a service only knows partial information (like a name or storage id) of a given item.
 85 | type Item struct {
 86 | 	SystemID    uuid.UUID `json:"systemid"`    // System identifier uniquely identifying the item
 87 | 	StorageID   string    `json:"storageid"`   // Storage identifier, empty if not stored/available, otherwise a 64-byte blake2b hash hex-encoded
 88 | 	InStore     bool      `json:"instore"`     // Whether the data of the item is in store and the storage id is valid. Also used to indicate update when false but storage id is set.
 89 | 	Size        int64     `json:"size"`        // Size in bytes of the item data
 90 | 	AccessLevel int       `json:"accesslevel"` // Native access level of the item (0 = Public..)
 91 | 	Type        int       `json:"type"`        // Low-level content type (0 = Binary..)
 92 | 	Media       int       `json:"media"`       // High-level media type (User, Paste, Tweet, Forum Post..)
 93 | 	Added       time.Time `json:"added"`       // When the item was added to the system
 94 | 	Date        time.Time `json:"date"`        // Full time stamp item when it was discovered or created
 95 | 	Name        string    `json:"name"`        // Name or title
 96 | 	Description string    `json:"description"` // Full description, text only
 97 | 	XScore      int       `json:"xscore"`      // X-Score, ranking its relevancy. 0-100, default 50
 98 | 	Simhash     uint64    `json:"simhash"`     // Simhash, depending on content type. Use hamming distance to compare equality of items data.
 99 | 	Bucket      string    `json:"bucket"`      // Bucket
100 | 
101 | 	// Tags are meta-data tags helping in classification of the items data. They reveal for example the language or a topic. Different to key-values they have hard-coded classes that
102 | 	// allow anyone to take action on them.
103 | 	Tags []Tag `json:"tags"`
104 | 
105 | 	// Relations lists all related items.
106 | 	Relations []Relationship `json:"relations"`
107 | }
108 | 
109 | // PanelSearchResultTag represents a tag in human form.
110 | type PanelSearchResultTag struct {
111 | 	Class  int16  `json:"class"`  // Class of tag
112 | 	ClassH string `json:"classh"` // Class of tag, human friendly
113 | 	Value  string `json:"value"`  // The value
114 | 	ValueH string `json:"valueh"` // Value, human friendly
115 | }
116 | 
117 | // SearchResult represents a single result record. The entire record IS the de-facto result. Every field is optional and may be empty.
118 | type SearchResult struct {
119 | 	Item
120 | 	AccessLevelH string                 `json:"accesslevelh"` // Human friendly access level info
121 | 	MediaH       string                 `json:"mediah"`       // Human friendly media type info
122 | 	SimhashH     string                 `json:"simhashh"`     // Human friendly simhash
123 | 	TypeH        string                 `json:"typeh"`        // Human friendly content type info
124 | 	TagsH        []PanelSearchResultTag `json:"tagsh"`        // Human friendly tags
125 | 	RandomID     uuid.UUID              `json:"randomid"`     // Random ID
126 | 	BucketH      string                 `json:"bucketh"`      // Human friendly bucket name
127 | 	Group        string                 `json:"group"`        // File Group
128 | 	IndexFile    string                 `json:"indexfile"`    // Index file ID
129 | }
130 | 
131 | // IntelligentSearchResult contains the result items
132 | type IntelligentSearchResult struct {
133 | 	Records []SearchResult `json:"records"` // The result records
134 | 	Status  int            `json:"status"`  // Status: 0 = Success with results, 1 = No more results available, 2 = Search ID not found, 3 = No results yet available keep trying
135 | }
136 | 
137 | // Sort orders
138 | const (
139 | 	SortNone       = 0 // No sorting
140 | 	SortXScoreAsc  = 1 // X-Score ascending = Least relevant first
141 | 	SortXScoreDesc = 2 // X-Score descending = Most relevant first
142 | 	SortDateAsc    = 3 // Date ascending = Oldest first
143 | 	SortDateDesc   = 4 // Date descending = Newest first
144 | )
145 | 
146 | // Init initializes the IX API. URL and Key may be empty to use defaults.
147 | func (api *IntelligenceXAPI) Init(URL string, Key string) {
148 | 	api.SetAPIKey(URL, Key)
149 | 
150 | 	api.RetryAttempts = 1
151 | 	api.HTTPMaxResponseSize = 100 * 1024 * 1024 // 100 MB
152 | 
153 | 	// Timeouts
154 | 	NetworkDialerTimeout := 10 * time.Second
155 | 	NetworkTLSTimeout := 10 * time.Second
156 | 	HTTPTimeout := 60 * time.Second
157 | 	IdleConnTimeout := 90 * time.Second
158 | 	KeepAlive := 30 * time.Second
159 | 
160 | 	// Check if to bind on a specific IP. Warning, IPv4 is not available when binding on IPv6! The reverse is true as well.
161 | 	var localAddr *net.TCPAddr
162 | 	if api.BindToIP != "" {
163 | 		localAddr = &net.TCPAddr{
164 | 			IP: net.ParseIP(api.BindToIP),
165 | 		}
166 | 	}
167 | 
168 | 	// create the HTTP client
169 | 	var ProxyURLParsed *url.URL
170 | 	if api.ProxyURL != "" {
171 | 		ProxyURLParsed, _ = url.Parse(api.ProxyURL)
172 | 	}
173 | 
174 | 	transport := &http.Transport{
175 | 		Proxy: http.ProxyURL(ProxyURLParsed),
176 | 		Dial: (&net.Dialer{
177 | 			LocalAddr: localAddr,
178 | 			Timeout:   NetworkDialerTimeout,
179 | 			KeepAlive: KeepAlive,
180 | 		}).Dial,
181 | 		TLSClientConfig:     &tls.Config{InsecureSkipVerify: true},
182 | 		TLSHandshakeTimeout: NetworkTLSTimeout,
183 | 		MaxIdleConns:        0,
184 | 		MaxIdleConnsPerHost: 100,
185 | 		IdleConnTimeout:     IdleConnTimeout,
186 | 		DisableKeepAlives:   false,
187 | 	}
188 | 
189 | 	api.Client = http.Client{
190 | 		Transport: transport,
191 | 		CheckRedirect: func(req *http.Request, via []*http.Request) error {
192 | 			// Prevent implicit redirection on client.Do calls so that no requests without appropriate headers are sent
193 | 			return http.ErrUseLastResponse
194 | 		},
195 | 		Timeout: HTTPTimeout,
196 | 	}
197 | }
198 | 
199 | // SetAPIKey sets the API URL and Key. URL and Key may be empty to use defaults.
200 | func (api *IntelligenceXAPI) SetAPIKey(URL string, Key string) {
201 | 	if URL == "" {
202 | 		URL = defaultAPIURL
203 | 	}
204 | 	if Key == "" {
205 | 		Key = publicAPIKey
206 | 	}
207 | 
208 | 	if !strings.HasSuffix(URL, "/") {
209 | 		URL += "/"
210 | 	}
211 | 
212 | 	api.URL = URL
213 | 	api.Key, _ = uuid.FromString(Key)
214 | }
215 | 
216 | // SearchStart starts a search
217 | func (api *IntelligenceXAPI) SearchStart(ctx context.Context, Term string) (searchID uuid.UUID, selectorInvalid bool, err error) {
218 | 	request := IntelligentSearchRequest{Term: Term, Sort: SortXScoreDesc}
219 | 	response := IntelligentSearchResponse{}
220 | 
221 | 	if err = api.httpRequestPost(ctx, "intelligent/search", request, &response); err != nil {
222 | 		return
223 | 	}
224 | 
225 | 	switch response.Status {
226 | 	case 1:
227 | 		return searchID, false, errors.New("Invalid Term")
228 | 	case 2:
229 | 		return searchID, false, errors.New("Error Max Concurrent Searches")
230 | 	}
231 | 
232 | 	return response.ID, response.SoftSelectorWarning, nil
233 | }
234 | 
235 | // SearchStartAdvanced starts a search and allows the caller to set any advanced filter
236 | func (api *IntelligenceXAPI) SearchStartAdvanced(ctx context.Context, Input IntelligentSearchRequest) (searchID uuid.UUID, selectorInvalid bool, err error) {
237 | 	response := IntelligentSearchResponse{}
238 | 
239 | 	if err = api.httpRequestPost(ctx, "intelligent/search", Input, &response); err != nil {
240 | 		return
241 | 	}
242 | 
243 | 	switch response.Status {
244 | 	case 1:
245 | 		return searchID, false, errors.New("Invalid Term")
246 | 	case 2:
247 | 		return searchID, false, errors.New("Error Max Concurrent Searches")
248 | 	}
249 | 
250 | 	return response.ID, response.SoftSelectorWarning, nil
251 | }
252 | 
253 | // SearchGetResults returns results
254 | // Status: 0 = Success with results (continue), 1 = No more results available (this response might still have results), 2 = Search ID not found, 3 = No results yet available keep trying, 4 = Error
255 | func (api *IntelligenceXAPI) SearchGetResults(ctx context.Context, searchID uuid.UUID, Limit int) (records []SearchResult, status int, err error) {
256 | 	request := "?id=" + searchID.String() + "&limit=" + strconv.Itoa(Limit) + "&previewlines=20"
257 | 	response := IntelligentSearchResult{}
258 | 
259 | 	if err = api.httpRequestGet(ctx, "intelligent/search/result"+request, &response); err != nil {
260 | 		return nil, 4, err
261 | 	}
262 | 
263 | 	return response.Records, response.Status, nil
264 | }
265 | 
266 | // SearchTerminate terminates a search
267 | func (api *IntelligenceXAPI) SearchTerminate(ctx context.Context, searchID uuid.UUID) (err error) {
268 | 	request := "?id=" + searchID.String()
269 | 
270 | 	return api.httpRequestGet2(ctx, "intelligent/search/terminate"+request)
271 | }
272 | 
273 | // FilePreview loads the preview of an item. Previews are always capped at 1000 characters.
274 | func (api *IntelligenceXAPI) FilePreview(ctx context.Context, item *Item) (text string, err error) {
275 | 	// Request: GET /file/preview?c=[Content Type]&m=[Media Type]&f=[Target Format]&sid=[Storage Identifier]&b=[Bucket]&e=[0|1]
276 | 	request := "?sid=" + item.StorageID + "&f=0&l=20&c=" + strconv.Itoa(item.Type) + "&m=" + strconv.Itoa(item.Media) + "&b=" + item.Bucket + "&k=" + api.Key.String()
277 | 
278 | 	response, err := api.httpRequest(ctx, "file/preview"+request, "GET", nil, "")
279 | 	if err != nil {
280 | 		return "", err
281 | 	}
282 | 
283 | 	defer response.Body.Close()
284 | 
285 | 	if response.StatusCode != http.StatusOK {
286 | 		return "", api.apiStatusToError(response.StatusCode)
287 | 	}
288 | 
289 | 	responseBytes, err := ioutil.ReadAll(io.LimitReader(response.Body, 1000))
290 | 
291 | 	return string(responseBytes), err
292 | }
293 | 
294 | // FileRead reads the data of an item.
295 | func (api *IntelligenceXAPI) FileRead(ctx context.Context, item *Item, Limit int64) (data []byte, err error) {
296 | 	// Request: GET /file/read?type=0&storageid=[storage identifier]&bucket=[optional bucket]
297 | 	request := "?type=0&storageid=" + item.StorageID + "&bucket=" + item.Bucket
298 | 
299 | 	response, err := api.httpRequest(ctx, "file/read"+request, "GET", nil, "")
300 | 	if err != nil {
301 | 		return nil, err
302 | 	}
303 | 
304 | 	defer response.Body.Close()
305 | 
306 | 	if response.StatusCode != http.StatusOK {
307 | 		return nil, api.apiStatusToError(response.StatusCode)
308 | 	}
309 | 
310 | 	responseBytes, err := ioutil.ReadAll(io.LimitReader(response.Body, Limit))
311 | 
312 | 	return responseBytes, err
313 | }
314 | 
315 | // SearchGetResultsAll returns all results up to Limit and up to the given Timeout. It will automatically terminate the search before returning.
316 | // Unless the underlying API requests report and error, no error will be returned. Deadline exceeded is treated as no error.
317 | func (api *IntelligenceXAPI) SearchGetResultsAll(ctx context.Context, searchID uuid.UUID, Limit int, Timeout time.Duration) (records []SearchResult, err error) {
318 | 	var lastStatus int
319 | 
320 | 	newContext, cancel := context.WithDeadline(ctx, time.Now().Add(Timeout))
321 | 	defer cancel()
322 | 
323 | 	for {
324 | 		var recordsNew []SearchResult
325 | 		currentLimit := Limit - len(records)
326 | 		recordsNew, lastStatus, err = api.SearchGetResults(newContext, searchID, currentLimit)
327 | 
328 | 		if err != nil && (strings.Contains(err.Error(), context.Canceled.Error()) || strings.Contains(err.Error(), context.DeadlineExceeded.Error())) {
329 | 			lastStatus = 5
330 | 			break
331 | 		} else if err != nil {
332 | 			return records, err
333 | 		}
334 | 
335 | 		if len(recordsNew) > 0 {
336 | 			records = append(records, recordsNew...)
337 | 		}
338 | 
339 | 		if len(records) >= Limit {
340 | 			break
341 | 		}
342 | 
343 | 		// Status: 0 = Success with results (continue), 1 = No more results available (this response might still have results), 2 = Search ID not found, 3 = No results yet available keep trying, 4 = Error
344 | 		if lastStatus != 0 && lastStatus != 3 {
345 | 			break
346 | 		}
347 | 
348 | 		// wait 250 ms before querying the results again
349 | 		time.Sleep(time.Millisecond * 250)
350 | 	}
351 | 
352 | 	// Terminate the search if required. When Status: 0 = Success with results (continue), 3 = No results yet available keep trying, 4 = Error, 5 = Deadline exceeded
353 | 	if lastStatus == 0 || lastStatus == 3 || lastStatus == 4 || lastStatus == 5 {
354 | 		api.SearchTerminate(context.Background(), searchID)
355 | 	}
356 | 
357 | 	if lastStatus != 4 {
358 | 		err = nil
359 | 	}
360 | 
361 | 	return records, err
362 | }
363 | 


--------------------------------------------------------------------------------
/Go/ixapi/HTTP Functions.go:
--------------------------------------------------------------------------------
  1 | /*
  2 | File Name:  HTTP Functions.go
  3 | Copyright:  2018 Kleissner Investments s.r.o.
  4 | Author:     Peter Kleissner
  5 | 
  6 | HTTP functions to connect to the API.
  7 | */
  8 | 
  9 | package ixapi
 10 | 
 11 | import (
 12 | 	"bytes"
 13 | 	"context"
 14 | 	"encoding/json"
 15 | 	"errors"
 16 | 	"io"
 17 | 	"io/ioutil"
 18 | 	"net/http"
 19 | 	"strconv"
 20 | 	"strings"
 21 | 	"time"
 22 | )
 23 | 
 24 | // httpRequestPost makes a HTTP POST request and returns JSON data.
 25 | func (api *IntelligenceXAPI) httpRequestPost(ctx context.Context, Function string, DataIn interface{}, DataOut interface{}) (err error) {
 26 | 
 27 | 	// marshal the JSON data
 28 | 	data, err := json.Marshal(DataIn)
 29 | 	if err != nil {
 30 | 		return err
 31 | 	}
 32 | 
 33 | 	// make the POST request
 34 | 	response, err := api.httpRequest(ctx, Function, "POST", data, "application/json")
 35 | 	if err != nil {
 36 | 		return err
 37 | 	}
 38 | 
 39 | 	defer response.Body.Close()
 40 | 
 41 | 	if response.StatusCode != http.StatusOK {
 42 | 		return api.apiStatusToError(response.StatusCode)
 43 | 	}
 44 | 
 45 | 	// if limit reader stops the read, keep-alive won't work because there is still data unread. It is intentional that in that case the connection won't be reused.
 46 | 	return json.NewDecoder(io.LimitReader(response.Body, api.HTTPMaxResponseSize)).Decode(DataOut)
 47 | }
 48 | 
 49 | // httpRequestPost2 makes a HTTP POST request and returns nothing.
 50 | func (api *IntelligenceXAPI) httpRequestPost2(ctx context.Context, Function string, DataIn interface{}) (err error) {
 51 | 
 52 | 	// marshal the JSON data
 53 | 	data, err := json.Marshal(DataIn)
 54 | 	if err != nil {
 55 | 		return err
 56 | 	}
 57 | 
 58 | 	// make the POST request
 59 | 	response, err := api.httpRequest(ctx, Function, "POST", data, "application/json")
 60 | 	if err != nil {
 61 | 		return err
 62 | 	}
 63 | 
 64 | 	// the response shall be max 1024 bytes [not needed, only status code will be interpreted]
 65 | 	//	status, err := ioutil.ReadAll(io.LimitReader(response.Body, 1024))
 66 | 	io.Copy(ioutil.Discard, response.Body) // required for using keep-alive
 67 | 	response.Body.Close()
 68 | 
 69 | 	err = api.apiStatusToError(response.StatusCode)
 70 | 
 71 | 	return err
 72 | }
 73 | 
 74 | // httpRequestGet makes a HTTP GET request and returns JSON data.
 75 | func (api *IntelligenceXAPI) httpRequestGet(ctx context.Context, Function string, DataOut interface{}) (err error) {
 76 | 
 77 | 	response, err := api.httpRequest(ctx, Function, "GET", nil, "")
 78 | 	if err != nil {
 79 | 		return err
 80 | 	}
 81 | 
 82 | 	defer response.Body.Close()
 83 | 
 84 | 	if response.StatusCode != http.StatusOK {
 85 | 		return api.apiStatusToError(response.StatusCode)
 86 | 	}
 87 | 
 88 | 	// if limit reader stops the read, keep-alive won't work because there is still data unread. It is intentional that in that case the connection won't be reused.
 89 | 	return json.NewDecoder(io.LimitReader(response.Body, api.HTTPMaxResponseSize)).Decode(DataOut)
 90 | }
 91 | 
 92 | // httpRequestGet2 makes a HTTP GET request and returns nothing.
 93 | func (api *IntelligenceXAPI) httpRequestGet2(ctx context.Context, Function string) (err error) {
 94 | 
 95 | 	response, err := api.httpRequest(ctx, Function, "GET", nil, "")
 96 | 	if err != nil {
 97 | 		return err
 98 | 	}
 99 | 
100 | 	response.Body.Close()
101 | 
102 | 	return api.apiStatusToError(response.StatusCode)
103 | }
104 | 
105 | // httpRequest makes a HTTP request to the API. If err is nil, response must be closed by the caller.
106 | func (api *IntelligenceXAPI) httpRequest(ctx context.Context, Function, Method string, Data []byte, ContentType string) (response *http.Response, err error) {
107 | 
108 | 	for n := 0; ; n++ {
109 | 
110 | 		var req *http.Request
111 | 		var body io.Reader
112 | 
113 | 		if Method == "POST" {
114 | 			body = bytes.NewReader(Data)
115 | 		}
116 | 
117 | 		req, err = http.NewRequest(Method, api.URL+Function, body)
118 | 		if err != nil {
119 | 			return nil, err
120 | 		}
121 | 
122 | 		req.Header.Set("x-key", api.Key.String())
123 | 		req.Header.Set("Connection", "keep-alive")
124 | 		req.Header.Set("User-Agent", api.UserAgent)
125 | 
126 | 		if Method == "POST" {
127 | 			req.Header.Set("Content-Type", ContentType)
128 | 		}
129 | 
130 | 		// make the request
131 | 		response, err = api.Client.Do(req.WithContext(ctx))
132 | 
133 | 		// special case: sockets exhausted. Wait for 200ms to give the system time to free up resources. Full error message: "bind: An operation on a socket could not be performed because the system lacked sufficient buffer space or because a queue was full."
134 | 		// or error "connectex: Only one usage of each socket address (protocol/network address/port) is normally permitted."
135 | 		if err != nil && (strings.Contains(err.Error(), "system lacked sufficient buffer space") || strings.Contains(err.Error(), "Only one usage of each socket address")) {
136 | 			time.Sleep(time.Millisecond * 200)
137 | 		}
138 | 
139 | 		// normal access mode: return if success, max retry attempts
140 | 		if err == nil || n >= api.RetryAttempts {
141 | 			return response, err
142 | 		}
143 | 	}
144 | }
145 | 
146 | // apiStatusToError translates the HTTP status code returned by services into a Go error
147 | func (api *IntelligenceXAPI) apiStatusToError(StatusCode int) (err error) {
148 | 
149 | 	switch StatusCode {
150 | 	case http.StatusOK:
151 | 		return nil
152 | 	case http.StatusBadRequest:
153 | 		return errors.New("Invalid input data")
154 | 	case http.StatusUnauthorized:
155 | 		return errors.New("Not authorized. Verify the API key")
156 | 	case http.StatusNotFound:
157 | 		return errors.New("Identifier not found")
158 | 	case http.StatusInternalServerError:
159 | 		return errors.New("Internal API error")
160 | 	case http.StatusNotImplemented:
161 | 		return errors.New("Not implemented by API")
162 | 	}
163 | 
164 | 	return errors.New("Unknown API error, returned HTTP status " + strconv.Itoa(StatusCode))
165 | }
166 | 


--------------------------------------------------------------------------------
/Go/ixapi/README.md:
--------------------------------------------------------------------------------
 1 | # Intelligence X API Go client
 2 | 
 3 | The Go package `ixapi` uses the Intelligence X API to perform searches and return results.
 4 | 
 5 | There is a full working command line program `ix` that uses this package.
 6 | 
 7 | ## Using the package
 8 | 
 9 | To download the package:
10 | 
11 | ```
12 | go get -u github.com/IntelligenceX/SDK/Go/ixapi
13 | ```
14 | 
15 | Then import it in your code:
16 | 
17 | ```go
18 | import "github.com/IntelligenceX/SDK/Go/ixapi"
19 | ```
20 | 
21 | The code has a default public API key and URL embedded. If you received your own API key, make sure to specify it in the `Init` function.
22 | 
23 | Following code performs a search and queries the results. Selector is the search term.
24 | 
25 | ```go
26 | search := ixapi.IntelligenceXAPI{}
27 | search.Init("", "")
28 | results, selectorInvalid, err := search.Search(ctx, Selector, ixapi.SortXScoreDesc, 100, ixapi.DefaultWaitSortTime, ixapi.DefaultTimeoutGetResults)
29 | ```
30 | 
31 | These are all functions available of the `IntelligenceXAPI` struct:
32 | 
33 | ```
34 | Init                    Initializes the API with optional API URL and Key
35 | SearchStart             Starts a search and returns the search ID
36 | SearchStartAdvanced     Starts a search with optional parameters and returns the search ID
37 | SearchGetResults        Returns available results
38 | SearchTerminate         Terminates a search
39 | FilePreview             Returns the preview (max first 1000 characters) of an item
40 | FileRead                Returns the full item data
41 | SearchGetResultsAll     Returns all results within a timeout
42 | SetAPIKey               Sets API URL and Key to use
43 | ```
44 | 
45 | These are high-level functions that search and return the results immediately:
46 | 
47 | ```
48 | Search                  Starts a search and queries all results
49 | SearchWithDates         Starts a search with dates and queries all results
50 | ```
51 | 
52 | 


--------------------------------------------------------------------------------
/Go/ixapi/Search.go:
--------------------------------------------------------------------------------
  1 | /*
  2 | File Name:  Search.go
  3 | Copyright:  2018 Kleissner Investments s.r.o.
  4 | Author:     Peter Kleissner
  5 | 
  6 | Simple high-level search code.
  7 | */
  8 | 
  9 | package ixapi
 10 | 
 11 | import (
 12 | 	"context"
 13 | 	"time"
 14 | 
 15 | 	"github.com/go-dedup/simhash"
 16 | )
 17 | 
 18 | // DefaultWaitSortTime is the suggested time to give the API to process and sort all the results, before the client queries them.
 19 | const DefaultWaitSortTime = 400 * time.Millisecond
 20 | 
 21 | // DefaultTimeoutGetResults is the suggested timeout after which the search will be terminated.
 22 | const DefaultTimeoutGetResults = 20 * time.Second
 23 | 
 24 | // Search starts a search and queries all results. It takes a selector as input.
 25 | // WaitSort should be a few hundred ms, giving the API time to sort the results before querying them.
 26 | // Limit is the max count of results to query per bucket. The total number of results returned might be higher.
 27 | // TimeoutGetResults is the max amount of time for querying all results. This should be at least a few seconds but a timeout of 10-30 seconds makes sense.
 28 | // If the input selector is invalid (not a strong selector), the function returns selectorInvalid set to true with no error reported.
 29 | func (api *IntelligenceXAPI) Search(ctx context.Context, Selector string, Sort, Limit int, WaitSort, TimeoutGetResults time.Duration) (records []SearchResult, selectorInvalid bool, err error) {
 30 | 
 31 | 	// make the search
 32 | 	searchID, selectorInvalid, err := api.SearchStartAdvanced(ctx, IntelligentSearchRequest{Term: Selector, Sort: Sort, MaxResults: Limit})
 33 | 	if err != nil {
 34 | 		return nil, false, err
 35 | 	}
 36 | 
 37 | 	// give some time for sorting
 38 | 	time.Sleep(WaitSort)
 39 | 
 40 | 	records, err = api.SearchGetResultsAll(ctx, searchID, Limit, TimeoutGetResults)
 41 | 	if err != nil {
 42 | 		return nil, false, err
 43 | 	}
 44 | 
 45 | 	return records, selectorInvalid, nil
 46 | }
 47 | 
 48 | // SearchWithDates starts a search and queries all results. It takes a selector and dates as input. Sorting is newest first.
 49 | // WaitSort should be a few hundred ms, giving the API time to sort the results before querying them.
 50 | // Limit is the max count of results to query per bucket. The total number of results returned might be higher.
 51 | // TimeoutGetResults is the max amount of time for querying all results. This should be at least a few seconds but a timeout of 10-30 seconds makes sense.
 52 | func (api *IntelligenceXAPI) SearchWithDates(ctx context.Context, Selector string, DateFrom, DateTo time.Time, Limit int, WaitSort, TimeoutGetResults time.Duration) (records []SearchResult, selectorInvalid bool, err error) {
 53 | 
 54 | 	// make the search
 55 | 	searchID, selectorInvalid, err := api.SearchStartAdvanced(ctx, IntelligentSearchRequest{Term: Selector, Sort: SortDateDesc, MaxResults: Limit, DateFrom: DateFrom.Format("2006-01-02 15:04:05"), DateTo: DateTo.Format("2006-01-02 15:04:05")})
 56 | 	if err != nil {
 57 | 		return nil, false, err
 58 | 	}
 59 | 
 60 | 	// give some time for sorting
 61 | 	time.Sleep(WaitSort)
 62 | 
 63 | 	records, err = api.SearchGetResultsAll(ctx, searchID, Limit, TimeoutGetResults)
 64 | 	if err != nil {
 65 | 		return nil, false, err
 66 | 	}
 67 | 
 68 | 	return records, selectorInvalid, nil
 69 | }
 70 | 
 71 | // GetTag gets a tags value for the first occurrence. Empty if not found.
 72 | func (item *Item) GetTag(Class int16) (Value string) {
 73 | 	if item.Tags == nil {
 74 | 		return ""
 75 | 	}
 76 | 
 77 | 	for _, tag := range item.Tags {
 78 | 		if tag.Class == Class {
 79 | 			return tag.Value
 80 | 		}
 81 | 	}
 82 | 
 83 | 	return ""
 84 | }
 85 | 
 86 | // TagLanguage is ISO 639-1 defined
 87 | const TagLanguage = 0
 88 | 
 89 | // SimhashCompareItems compares 2 items for data equalness and returns the hamming distance. The closer to 0 the more equal they are.
 90 | // Never compare Simhashes directly because with different content types and even on the same type with different encoding they use different algorithms.
 91 | func SimhashCompareItems(Item1, Item2 *Item) uint8 {
 92 | 	// Check if simhashes are both valid, otherwise no comparison possible. Also content types must match.
 93 | 	if Item1.Simhash == 0 || Item2.Simhash == 0 || Item1.Type != Item2.Type {
 94 | 		return 64
 95 | 	}
 96 | 
 97 | 	// only can make simhashes from text for now. In the future maybe others.
 98 | 	switch Item1.Type {
 99 | 	case 1: // Text
100 | 		// Text: Languages must match. Otherwise the simhash comparison is meaningless and leads to false positives.
101 | 		// Especially for CJK (Chinese/Japanese/Korean), as it uses a different simhash algorithm.
102 | 		if Item1.GetTag(TagLanguage) != Item2.GetTag(TagLanguage) {
103 | 			return 64
104 | 		}
105 | 
106 | 		// Enforce a minimum length, otherwise the simhash is pretty much meaningless.
107 | 		if Item1.Size < 20 || Item2.Size < 20 {
108 | 			return 64
109 | 		}
110 | 
111 | 		// return the hamming distance
112 | 		return simhash.Compare(Item1.Simhash, Item2.Simhash)
113 | 	}
114 | 
115 | 	return 64
116 | }
117 | 


--------------------------------------------------------------------------------
/HTML/search.html:
--------------------------------------------------------------------------------
 1 | <!DOCTYPE html>
 2 | <html lang="en">
 3 | 
 4 | <head>
 5 |     <meta charset="UTF-8">
 6 |     <title>Intelx.io - search results</title>
 7 |     <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
 8 |     <style> pre { margin:0 0 0 2em; } </style>
 9 |     <script>
10 | 
11 |         var API_KEY = '00000000-0000-0000-0000-000000000000';
12 |         var API_URL = 'https://2.intelx.io/';
13 | 
14 |         $(document).on('click', '#btnSearch', function (event) {
15 |             event.preventDefault();
16 | 
17 |             if ($('#searchField').val() == '') {
18 |                 return;
19 |             }
20 |             $('#searchResults').html('<p>Searching for results...</p>');
21 | 
22 |             $.ajax({
23 |                 url: API_URL + "intelligent/search",
24 |                 headers: { 'x-key': API_KEY },
25 |                 type: 'POST',
26 |                 cache: true,
27 |                 data: JSON.stringify({
28 |                     term: $('#searchField').val(),
29 |                     maxresults: 10,
30 |                     media: 0,
31 |                     sort: 2,
32 |                     terminate: []
33 |                 }),
34 |                 success: function (p, statusText, xhr) {
35 |                     $.ajax({
36 |                         url: API_URL + "intelligent/search/result",
37 |                         headers: { 'x-key': API_KEY },
38 |                         type: 'GET',
39 |                         cache: true,
40 |                         data: "id=" + p.id + "&limit=10&statistics=1&previewlines=8",
41 |                         success: function (data, textStatus, xhr) {
42 |                             $('#searchResults').html("");
43 |                             if (!!data && data.records.length > 0) {
44 |                                 $.each(data.records, function (i, record) {
45 |                                     $.ajax({
46 |                                         url: API_URL + "file/preview",
47 |                                         headers: { 'x-key': API_KEY },
48 |                                         type: 'GET',
49 |                                         cache: true,
50 |                                         data: "sid=" + record['storageid'] +
51 |                                             "&f=" + 0 +
52 |                                             "&l=" + 8 +
53 |                                             "&c=" + 1 +
54 |                                             "&m=" + 1 +
55 |                                             "&b=" + 'pastes' +
56 |                                             "&k=" + API_KEY,
57 |                                         success: function (preview, textStatus, xhr) {
58 |                                             if (record['name'] != '') {
59 |                                                 $('#searchResults').append('<h3>' + record['name'] + '</h3>');
60 |                                             }
61 |                                             $('#searchResults').append(record['date'] + '<br><pre>' + preview + '</pre><br><a href="https://intelx.io/?did=' + record['systemid'] + '" target="_blank">Full Data</a><hr>	');
62 |                                         }
63 |                                     });
64 |                                 });
65 |                             } else {
66 |                                 $('#searchResults').html('<p>Nothing found :(</p>');
67 |                             }
68 |                         }
69 |                     });
70 |                 }
71 |             });
72 |         });
73 |     </script>
74 | </head>
75 | 
76 | <body>
77 | 
78 | 
79 |     <form>
80 |         <fieldset>
81 |             <legend>Enter your search phrase</legend>
82 |             <input type="search" id="searchField" placeholder="Search topics or keywords" size="50">
83 |             <button class="btn btn-lg btn-success" type="submit" id="btnSearch">Search</button>
84 |         </fieldset>
85 |     </form>
86 | 
87 |     <div id="searchResults">
88 | 
89 |     </div>
90 | 
91 | </body>
92 | 
93 | </html>


--------------------------------------------------------------------------------
/Intelligence X API.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/IntelligenceX/SDK/28b9794f232f276b0e0754f34cb04638fe0da5ee/Intelligence X API.pdf


--------------------------------------------------------------------------------
/Maltego Transform/README.md:
--------------------------------------------------------------------------------
  1 | # intelx-maltego v4
  2 | 
  3 | Maltego Transforms for Intelligence X (intelx.io). The following transforms and entities will be installed.
  4 | 
  5 | #### Transforms
  6 | 
  7 | * Intelligence X Emails Transform
  8 | * Intelligence X Search Transform
  9 | * Intelligence X URLs Transform
 10 | * Intelligence X Subdomains Transform
 11 | * Intelligence X Search Result Transform
 12 | * Intelligence X Selectors Transform
 13 | * Intelligence X History Transform
 14 | * Intelligence X Treeview Transform
 15 | 
 16 | #### Entities
 17 | 
 18 | * Intelligence X BTC Entity
 19 | * Intelligence X Credit Card Entity
 20 | * Intelligence X IBAN Entity
 21 | * Intelligence X MAC Address Entity
 22 | * Intelligence X Simhash Entity
 23 | * Intelligence X Storage ID Entity
 24 | * Intelligence X System ID Entity
 25 | * Intelligence X UUID Entity
 26 | * Intelligence X Selector Entity
 27 | * Intelligence X Leak Entity
 28 | * Intelligence X Search Result Entity
 29 | * Intelligence X Historical Search Result Entity
 30 | 
 31 | ## Manual Installation
 32 | 
 33 | This transform is currently not in the Transform Hub marketplace. Follow the instructions below to install it manually.
 34 | 
 35 | **NOTES**: 
 36 | 
 37 | * The config is required for the transform after installation. Do not delete it at any point except during uninstallation.
 38 | * You *cannot* include any whitespaces in any of the filepaths unless it's for the Python executable.
 39 | 
 40 | ### Requirements
 41 | 
 42 | * [intelx-0.5](https://github.com/IntelligenceX/SDK/tree/master/Python) (included in the instructions below)
 43 | * [maltego-trx](https://github.com/paterva/maltego-trx) (it will be automatically installed)
 44 | * [python \>= 3](https://www.python.org/)
 45 | * [An Intelligence X API Key](https://intelx.io/account?tab=developer)
 46 | 
 47 | While the installation procedure is relatively straightforward, there are a few fundamental differences between Linux / Windows. Mainly, the location of the Python executable. The first step, is to ensure intelx-0.4 and maltego-trx are a part of your Python environment.
 48 | 
 49 | ```
 50 | git clone https://github.com/IntelligenceX/SDK
 51 | pip install ./SDK/Python
 52 | ```
 53 | 
 54 | Next, the folder will be copied and the requirements will be installed:
 55 | 
 56 | ```
 57 | mkdir C:\intelx-maltego
 58 | xcopy /E "./SDK/Maltego Transform" C:\intelx-maltego\
 59 | cd C:\intelx-maltego
 60 | pip install -r requirements.txt
 61 | ```
 62 | 
 63 | Next, the actual installation script can be started. In order to do that, simply run the install.py script, and follow the instructions.
 64 | 
 65 | ```
 66 | C:\intelx-maltego>python install.py
 67 | Python executable: C:\Program Files (x86)\Python38-32\Python.exe
 68 | Intelligence X API Key: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
 69 | 
 70 | Configuration file saved to: C:\intelx-maltego/intelx.mtz
 71 | Head to Maltego > Import/Export > Import Config and select the generated file.
 72 | ```
 73 | 
 74 | The Maltego MTZ configuration file will be automatically generated, which is required to import all of the transforms hosted in this repository. It will be located within the intelx-maltego folder. 
 75 | 
 76 | The final step is to import that file in Maltego by going to Maltego > Import / Export > Import Configuration > Import intelx.mtz file
 77 | 
 78 | You should be met with a screen similar to this:
 79 | 
 80 | ![](https://camo.githubusercontent.com/5e51005ed2eaf24bfa35068557a7f7a8fac833ee/68747470733a2f2f692e696d6775722e636f6d2f3658474b4b72752e706e67)
 81 | 
 82 | 
 83 | ## Uninstallation
 84 | 
 85 | If you would like to remove the entities and transforms from your Maltego installation, you must do so manually.
 86 | 
 87 | ### Entity Removal
 88 | 
 89 | To remove the Intelligence X entities, simply navigate to Entities > Manage Entities > Search for "intelx", and click the "X" on the entities to remove.
 90 | 
 91 | ![](https://i.imgur.com/5xpoXbr.png)
 92 | 
 93 | ### Transform Removal
 94 | 
 95 | To remove the Intelligence X transforms, simply navigate to Transforms > Transform Manager, then search for "Intelligence" and select all transforms, then right click > Delete.
 96 | 
 97 | ![](https://i.imgur.com/dkWbq1Q.png)
 98 | 
 99 | From there, all you have to do is remove the intelx-maltego directory, and you should be good. Alternatively, you can do a factory reset, and remove all entities + transforms automatically.
100 | 
101 | ![](https://i.imgur.com/ze6nDkm.png)
102 | 
103 | 
104 | ## Updating the transforms
105 | 
106 | At the time of writing, there is not an automatic update feature. If you need to update the code, simply remove the existing transforms, entities and transform bindings, and start the installation again.
107 | 
108 | ## Legal
109 | 
110 | Maltego is a trademark owned by Maltego Technologies GmbH.
111 | 
112 | The Terms of Service https://intelx.io/terms-of-service apply.
113 | 
114 | &copy; 2020 - 2025 Intelligence X
115 | 


--------------------------------------------------------------------------------
/Maltego Transform/config/Entities/intelx.btcaddress.entity:
--------------------------------------------------------------------------------
 1 | <MaltegoEntity id="intelx.btcaddress" displayName="Bitcoin Address" displayNamePlural="Bitcoin Addresses" description="Bitcoin address" category="My Entities" smallIconResource="General/Savings" largeIconResource="General/Savings" allowedRoot="true" conversionOrder="2147483647" visible="true">
 2 |    <Properties value="Address" displayValue="Address">
 3 |       <Groups/>
 4 |       <Fields>
 5 |          <Field name="Address" type="string" nullable="true" hidden="false" readonly="false" description="Bitcoin address" displayName="Bitcoin Address">
 6 |             <SampleValue>1BvBMSEYstWetqTFn5Au4m4GFg7xJaNVN2</SampleValue>
 7 |          </Field>
 8 |       </Fields>
 9 |    </Properties>
10 | </MaltegoEntity>


--------------------------------------------------------------------------------
/Maltego Transform/config/Entities/intelx.creditcard.entity:
--------------------------------------------------------------------------------
 1 | <MaltegoEntity id="intelx.creditcard" displayName="Credit Card" displayNamePlural="Credit Cards" description="Credit Card" category="My Entities" smallIconResource="General/Savings" largeIconResource="General/Savings" allowedRoot="true" conversionOrder="2147483647" visible="true">
 2 |    <Properties value="properties.creditcard" displayValue="properties.creditcard">
 3 |       <Groups/>
 4 |       <Fields>
 5 |          <Field name="properties.creditcard" type="string" nullable="true" hidden="false" readonly="false" description="" displayName="Credit Card">
 6 |             <SampleValue>4111 1111 1111 1111</SampleValue>
 7 |          </Field>
 8 |       </Fields>
 9 |    </Properties>
10 | </MaltegoEntity>


--------------------------------------------------------------------------------
/Maltego Transform/config/Entities/intelx.historicalsearchresult.entity:
--------------------------------------------------------------------------------
 1 | <MaltegoEntity id="intelx.historicalsearchresult" displayName="Intelligence X Historical Result" displayNamePlural="Intelligence X Historical Results" description="Historical search result returned from Intelligence X" category="My Entities" smallIconResource="Technology/Link" largeIconResource="Technology/Link" allowedRoot="true" conversionOrder="2147483647" visible="true">
 2 |    <Properties value="properties.intelligencexhistoricalresult" displayValue="properties.intelligencexhistoricalresult">
 3 |       <Groups/>
 4 |       <Fields>
 5 |          <Field name="properties.intelligencexhistoricalresult" type="string" nullable="true" hidden="false" readonly="false" description="" displayName="Intelligence X Historical Result">
 6 |             <SampleValue>-</SampleValue>
 7 |          </Field>
 8 |       </Fields>
 9 |    </Properties>
10 | </MaltegoEntity>


--------------------------------------------------------------------------------
/Maltego Transform/config/Entities/intelx.iban.entity:
--------------------------------------------------------------------------------
 1 | <MaltegoEntity id="intelx.iban" displayName="IBAN" displayNamePlural="IBANs" description="IBAN" category="My Entities" smallIconResource="General/Savings" largeIconResource="General/Savings" allowedRoot="true" conversionOrder="2147483647" visible="true">
 2 |    <Properties value="iban" displayValue="iban">
 3 |       <Groups/>
 4 |       <Fields>
 5 |          <Field name="iban" type="string" nullable="true" hidden="false" readonly="false" description="" displayName="IBAN">
 6 |             <SampleValue>DE89 3704 0044 0532 0130 00</SampleValue>
 7 |          </Field>
 8 |       </Fields>
 9 |    </Properties>
10 | </MaltegoEntity>


--------------------------------------------------------------------------------
/Maltego Transform/config/Entities/intelx.leak.entity:
--------------------------------------------------------------------------------
 1 | <MaltegoEntity id="intelx.leak" displayName="Intelligence X Leak" displayNamePlural="Intelligence X Leaks" description="Leak document from Intelligence X" category="My Entities" smallIconResource="General/OilSpill" largeIconResource="General/OilSpill" allowedRoot="true" conversionOrder="2147483647" visible="true">
 2 |    <Properties value="properties.intelligencexleak" displayValue="properties.intelligencexleak">
 3 |       <Groups/>
 4 |       <Fields>
 5 |          <Field name="properties.intelligencexleak" type="string" nullable="true" hidden="false" readonly="false" description="" displayName="Intelligence X Leak">
 6 |             <SampleValue>-</SampleValue>
 7 |          </Field>
 8 |       </Fields>
 9 |    </Properties>
10 | </MaltegoEntity>


--------------------------------------------------------------------------------
/Maltego Transform/config/Entities/intelx.macaddress.entity:
--------------------------------------------------------------------------------
 1 | <MaltegoEntity id="intelx.macaddress" displayName="MAC Address" displayNamePlural="MAC Addresses" description="MAC Address" category="My Entities" smallIconResource="Technology/Server" largeIconResource="Technology/Server" allowedRoot="true" conversionOrder="2147483647" visible="true">
 2 |    <Properties value="Address" displayValue="Address">
 3 |       <Groups/>
 4 |       <Fields>
 5 |          <Field name="Address" type="string" nullable="true" hidden="false" readonly="false" description="" displayName="MAC Address">
 6 |             <SampleValue>00:0a:95:9d:68:16</SampleValue>
 7 |          </Field>
 8 |       </Fields>
 9 |    </Properties>
10 | </MaltegoEntity>


--------------------------------------------------------------------------------
/Maltego Transform/config/Entities/intelx.searchresult.entity:
--------------------------------------------------------------------------------
 1 | <MaltegoEntity id="intelx.searchresult" displayName="Intelligence X Search Result" displayNamePlural="Intelligence X Search Results" description="Intelligence X Search Result" category="My Entities" smallIconResource="General/InfoMessage" largeIconResource="General/InfoMessage" allowedRoot="true" conversionOrder="2147483647" visible="true">
 2 |    <Properties value="properties.intelligencexsearchresult" displayValue="properties.intelligencexsearchresult">
 3 |       <Groups/>
 4 |       <Fields>
 5 |          <Field name="properties.intelligencexsearchresult" type="string" nullable="true" hidden="false" readonly="false" description="" displayName="Intelligence X Search Result">
 6 |             <SampleValue>-</SampleValue>
 7 |          </Field>
 8 |          <Field name="SID" type="string" nullable="true" hidden="false" readonly="false" description="">
 9 |             <SampleValue></SampleValue>
10 |          </Field>
11 |          <Field name="Type" type="string" nullable="true" hidden="false" readonly="false" description="">
12 |             <SampleValue></SampleValue>
13 |          </Field>
14 |          <Field name="Media" type="string" nullable="true" hidden="false" readonly="false" description="">
15 |             <SampleValue></SampleValue>
16 |          </Field>
17 |          <Field name="Bucket" type="string" nullable="true" hidden="false" readonly="false" description="">
18 |             <SampleValue></SampleValue>
19 |          </Field>
20 |       </Fields>
21 |    </Properties>
22 | </MaltegoEntity>


--------------------------------------------------------------------------------
/Maltego Transform/config/Entities/intelx.selector.entity:
--------------------------------------------------------------------------------
 1 | <MaltegoEntity id="intelx.selector" displayName="Selector" displayNamePlural="Selectors" description="Intelligence X Selector" category="My Entities" smallIconResource="General/QuestionDialog" largeIconResource="General/QuestionDialog" allowedRoot="true" conversionOrder="2147483647" visible="true">
 2 |    <Properties value="properties.selector" displayValue="properties.selector">
 3 |       <Groups/>
 4 |       <Fields>
 5 |          <Field name="properties.selector" type="string" nullable="true" hidden="false" readonly="false" description="" displayName="Selector">
 6 |             <SampleValue>-</SampleValue>
 7 |          </Field>
 8 |       </Fields>
 9 |    </Properties>
10 | </MaltegoEntity>


--------------------------------------------------------------------------------
/Maltego Transform/config/Entities/intelx.simhash.entity:
--------------------------------------------------------------------------------
 1 | <MaltegoEntity id="intelx.simhash" displayName="Similarity Hash" displayNamePlural="Similarity Hashes" description="Similarity Hash" category="My Entities" smallIconResource="Technology/ClusterOrange" largeIconResource="Technology/ClusterOrange" allowedRoot="true" conversionOrder="2147483647" visible="true">
 2 |    <Properties value="simhash" displayValue="simhash">
 3 |       <Groups/>
 4 |       <Fields>
 5 |          <Field name="simhash" type="string" nullable="true" hidden="false" readonly="false" description="" displayName="Similarity Hash">
 6 |             <SampleValue>8862bd5ea6ebb7b4</SampleValue>
 7 |          </Field>
 8 |       </Fields>
 9 |    </Properties>
10 | </MaltegoEntity>
11 | 


--------------------------------------------------------------------------------
/Maltego Transform/config/Entities/intelx.storageid.entity:
--------------------------------------------------------------------------------
 1 | <MaltegoEntity id="intelx.storageid" displayName="Storage ID" displayNamePlural="Storage IDs" description="Storage ID" category="My Entities" smallIconResource="Technology/Assemble" largeIconResource="Technology/Assemble" allowedRoot="true" conversionOrder="2147483647" visible="true">
 2 |    <Properties value="storageid" displayValue="storageid">
 3 |       <Groups/>
 4 |       <Fields>
 5 |          <Field name="storageid" type="string" nullable="true" hidden="false" readonly="false" description="" displayName="Storage ID">
 6 |             <SampleValue>95f1919e23e01ac445c3b2da94f449377f2cbdc57789ad004adab8c6d8f3c786b7951a372ec47d3bc79e718c6dbe4f366dd2d9e9cc1b6756c00b697456ac7e35</SampleValue>
 7 |          </Field>
 8 |       </Fields>
 9 |    </Properties>
10 | </MaltegoEntity>


--------------------------------------------------------------------------------
/Maltego Transform/config/Entities/intelx.systemid.entity:
--------------------------------------------------------------------------------
 1 | <MaltegoEntity id="intelx.systemid" displayName="System ID" displayNamePlural="System IDs" description="System ID" category="My Entities" smallIconResource="Technology/Assemble" largeIconResource="Technology/Assemble" allowedRoot="true" conversionOrder="2147483647" visible="true">
 2 |    <Properties value="systemid" displayValue="systemid">
 3 |       <Groups/>
 4 |       <Fields>
 5 |          <Field name="systemid" type="string" nullable="true" hidden="false" readonly="false" description="" displayName="System ID">
 6 |             <SampleValue>5e38b6aa-97e6-41e0-8121-38d65cbff7fe</SampleValue>
 7 |          </Field>
 8 |       </Fields>
 9 |    </Properties>
10 | </MaltegoEntity>


--------------------------------------------------------------------------------
/Maltego Transform/config/Entities/intelx.uuid.entity:
--------------------------------------------------------------------------------
 1 | <MaltegoEntity id="intelx.uuid" displayName="UUID" displayNamePlural="UUIDs" description="UUID" category="My Entities" smallIconResource="Technology/Assemble" largeIconResource="Technology/Assemble" allowedRoot="true" conversionOrder="2147483647" visible="true">
 2 |    <Properties value="uuid" displayValue="uuid">
 3 |       <Groups/>
 4 |       <Fields>
 5 |          <Field name="uuid" type="string" nullable="true" hidden="false" readonly="false" description="" displayName="UUID">
 6 |             <SampleValue>4aa13aa1e2b8488f6f747e2591c3e89964dce960eecb4dec60b9c282cca74eb99e8230a0ecebc8e9bc2eadc0aebb8ff2f22c20240a8a0797301935b60d5dd3cf</SampleValue>
 7 |          </Field>
 8 |       </Fields>
 9 |    </Properties>
10 | </MaltegoEntity>


--------------------------------------------------------------------------------
/Maltego Transform/config/EntityCategories/intelligence x entities.category:
--------------------------------------------------------------------------------
1 | <EntityCategory name="Intelligence X Entities"/>


--------------------------------------------------------------------------------
/Maltego Transform/config/Servers/Local.tas:
--------------------------------------------------------------------------------
 1 | <MaltegoServer name="Local" enabled="true" description="Local transforms hosted on this machine" url="http://localhost">
 2 |    <LastSync>2020-06-18 12:17:16.110 CDT</LastSync>
 3 |    <Protocol version="0.0"/>
 4 |    <Authentication type="none"/>
 5 |    <Transforms>
 6 |       <Transform name="intelx.searchiban"/>
 7 |       <Transform name="intelx.searchcreditcard"/>
 8 |       <Transform name="intelx.searchstorageid"/>
 9 |       <Transform name="intelx.searchsystemid"/>
10 |       <Transform name="intelx.ixurls"/>
11 |       <Transform name="intelx.searchsimhash"/>
12 |       <Transform name="intelx.searchuuid"/>
13 |       <Transform name="intelx.ixemails"/>
14 |       <Transform name="intelx.ixsubdomains"/>
15 |       <Transform name="intelx.fetchsearchresult"/>
16 |       <Transform name="intelx.fetchhistoricalsearchresult"/>
17 |       <Transform name="intelx.searchdomain"/>
18 |       <Transform name="intelx.searchip"/>
19 |       <Transform name="intelx.searchemail"/>
20 |       <Transform name="intelx.searchurl"/>
21 |       <Transform name="intelx.searchmac"/>
22 |       <Transform name="intelx.searchbtc"/>
23 |       <Transform name="intelx.ixselectors"/>
24 |       <Transform name="intelx.searchselector"/>
25 |       <Transform name="intelx.history"/>
26 |       <Transform name="intelx.treeview"/>
27 |       <Transform name="intelx.leaktreeview"/>
28 |       <Transform name="intelx.searchleak"/>
29 |    </Transforms>
30 |    <Seeds/>
31 | </MaltegoServer>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.fetchhistoricalsearchresult.transform:
--------------------------------------------------------------------------------
 1 | <MaltegoTransform name="intelx.fetchhistoricalsearchresult" displayName="Intelligence X Fetch Search Result" abstract="false" template="false" visibility="public" description="Fetch search result from Intelligence X" author="Intelligence X / Dominik Penner" requireDisplayInfo="false">
 2 |    <TransformAdapter>com.paterva.maltego.transform.protocol.v2api.LocalTransformAdapterV2</TransformAdapter>
 3 |    <Properties>
 4 |       <Fields>
 5 |          <Property name="transform.local.command" type="string" nullable="false" hidden="false" readonly="false" description="The command to execute for this transform" popup="false" abstract="false" visibility="public" auth="false" displayName="Command line">
 6 |             <SampleValue></SampleValue>
 7 |          </Property>
 8 |          <Property name="transform.local.parameters" type="string" nullable="true" hidden="false" readonly="false" description="The parameters to pass to the transform command" popup="false" abstract="false" visibility="public" auth="false" displayName="Command parameters">
 9 |             <SampleValue></SampleValue>
10 |          </Property>
11 |          <Property name="transform.local.working-directory" type="string" nullable="true" hidden="false" readonly="false" description="The working directory used when invoking the executable" popup="false" abstract="false" visibility="public" auth="false" displayName="Working directory">
12 |             <DefaultValue>/usr/share/maltego/bin</DefaultValue>
13 |             <SampleValue></SampleValue>
14 |          </Property>
15 |          <Property name="transform.local.debug" type="boolean" nullable="true" hidden="false" readonly="false" description="When this is set, the transform&apos;s text output will be printed to the output window" popup="false" abstract="false" visibility="public" auth="false" displayName="Show debug info">
16 |             <SampleValue>false</SampleValue>
17 |          </Property>
18 |       </Fields>
19 |    </Properties>
20 |    <InputConstraints>
21 |       <Entity type="intelx.historicalsearchresult" min="1" max="1"/>
22 |    </InputConstraints>
23 |    <OutputEntities/>
24 |    <StealthLevel>0</StealthLevel>
25 | </MaltegoTransform>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.fetchhistoricalsearchresult.transformsettings:
--------------------------------------------------------------------------------
1 | <TransformSettings enabled="true" disclaimerAccepted="false" showHelp="true" runWithAll="true" favorite="false">
2 |    <Properties>
3 |       <Property name="transform.local.command" type="string" popup="false">PYTHONEXEC</Property>
4 |       <Property name="transform.local.parameters" type="string" popup="false">COMMANDLINE</Property>
5 |       <Property name="transform.local.working-directory" type="string" popup="false">WORKINGDIR</Property>
6 |       <Property name="transform.local.debug" type="boolean" popup="false">true</Property>
7 |    </Properties>
8 | </TransformSettings>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.fetchsearchresult.transform:
--------------------------------------------------------------------------------
 1 | <MaltegoTransform name="intelx.fetchsearchresult" displayName="Intelligence X Fetch Search Result" abstract="false" template="false" visibility="public" description="Fetch search result from Intelligence X API" author="Intelligence X / Dominik Penner" requireDisplayInfo="false">
 2 |    <TransformAdapter>com.paterva.maltego.transform.protocol.v2api.LocalTransformAdapterV2</TransformAdapter>
 3 |    <Properties>
 4 |       <Fields>
 5 |          <Property name="transform.local.command" type="string" nullable="false" hidden="false" readonly="false" description="The command to execute for this transform" popup="false" abstract="false" visibility="public" auth="false" displayName="Command line">
 6 |             <SampleValue></SampleValue>
 7 |          </Property>
 8 |          <Property name="transform.local.parameters" type="string" nullable="true" hidden="false" readonly="false" description="The parameters to pass to the transform command" popup="false" abstract="false" visibility="public" auth="false" displayName="Command parameters">
 9 |             <SampleValue></SampleValue>
10 |          </Property>
11 |          <Property name="transform.local.working-directory" type="string" nullable="true" hidden="false" readonly="false" description="The working directory used when invoking the executable" popup="false" abstract="false" visibility="public" auth="false" displayName="Working directory">
12 |             <DefaultValue>/usr/share/maltego/bin</DefaultValue>
13 |             <SampleValue></SampleValue>
14 |          </Property>
15 |          <Property name="transform.local.debug" type="boolean" nullable="true" hidden="false" readonly="false" description="When this is set, the transform&apos;s text output will be printed to the output window" popup="false" abstract="false" visibility="public" auth="false" displayName="Show debug info">
16 |             <SampleValue>false</SampleValue>
17 |          </Property>
18 |       </Fields>
19 |    </Properties>
20 |    <InputConstraints>
21 |       <Entity type="intelx.searchresult" min="1" max="1"/>
22 |    </InputConstraints>
23 |    <OutputEntities/>
24 |    <defaultSets/>
25 |    <StealthLevel>0</StealthLevel>
26 | </MaltegoTransform>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.fetchsearchresult.transformsettings:
--------------------------------------------------------------------------------
1 | <TransformSettings enabled="true" disclaimerAccepted="false" showHelp="true" runWithAll="true" favorite="false">
2 |    <Properties>
3 |       <Property name="transform.local.command" type="string" popup="false">PYTHONEXEC</Property>
4 |       <Property name="transform.local.parameters" type="string" popup="false">COMMANDLINE</Property>
5 |       <Property name="transform.local.working-directory" type="string" popup="false">WORKINGDIR</Property>
6 |       <Property name="transform.local.debug" type="boolean" popup="false">true</Property>
7 |    </Properties>
8 | </TransformSettings>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.history.transform:
--------------------------------------------------------------------------------
 1 | <MaltegoTransform name="intelx.history" displayName="Intelligence X History" abstract="false" template="false" visibility="public" description="Retrieve historical details from a historical search result." author="Intelligence X / Dominik Penner" requireDisplayInfo="false">
 2 |    <TransformAdapter>com.paterva.maltego.transform.protocol.v2api.LocalTransformAdapterV2</TransformAdapter>
 3 |    <Properties>
 4 |       <Fields>
 5 |          <Property name="transform.local.command" type="string" nullable="false" hidden="false" readonly="false" description="The command to execute for this transform" popup="false" abstract="false" visibility="public" auth="false" displayName="Command line">
 6 |             <SampleValue></SampleValue>
 7 |          </Property>
 8 |          <Property name="transform.local.parameters" type="string" nullable="true" hidden="false" readonly="false" description="The parameters to pass to the transform command" popup="false" abstract="false" visibility="public" auth="false" displayName="Command parameters">
 9 |             <SampleValue></SampleValue>
10 |          </Property>
11 |          <Property name="transform.local.working-directory" type="string" nullable="true" hidden="false" readonly="false" description="The working directory used when invoking the executable" popup="false" abstract="false" visibility="public" auth="false" displayName="Working directory">
12 |             <DefaultValue>/usr/share/maltego/bin</DefaultValue>
13 |             <SampleValue></SampleValue>
14 |          </Property>
15 |          <Property name="transform.local.debug" type="boolean" nullable="true" hidden="false" readonly="false" description="When this is set, the transform&apos;s text output will be printed to the output window" popup="false" abstract="false" visibility="public" auth="false" displayName="Show debug info">
16 |             <SampleValue>false</SampleValue>
17 |          </Property>
18 |       </Fields>
19 |    </Properties>
20 |    <InputConstraints>
21 |       <Entity type="intelx.historicalsearchresult" min="1" max="1"/>
22 |    </InputConstraints>
23 |    <OutputEntities/>
24 |    <defaultSets/>
25 |    <StealthLevel>0</StealthLevel>
26 | </MaltegoTransform>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.history.transformsettings:
--------------------------------------------------------------------------------
1 | <TransformSettings enabled="true" disclaimerAccepted="false" showHelp="true" runWithAll="true" favorite="false">
2 |    <Properties>
3 |       <Property name="transform.local.command" type="string" popup="false">PYTHONEXEC</Property>
4 |       <Property name="transform.local.parameters" type="string" popup="false">COMMANDLINE</Property>
5 |       <Property name="transform.local.working-directory" type="string" popup="false">WORKINGDIR</Property>
6 |       <Property name="transform.local.debug" type="boolean" popup="false">true</Property>
7 |    </Properties>
8 | </TransformSettings>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.ixemails.transform:
--------------------------------------------------------------------------------
 1 | <MaltegoTransform name="intelx.ixemails" displayName="Intelligence X Emails" abstract="false" template="false" visibility="public" description="Fetch emails from the Intelligence X API." author="Intelligence X / Dominik Penner" requireDisplayInfo="false">
 2 |    <TransformAdapter>com.paterva.maltego.transform.protocol.v2api.LocalTransformAdapterV2</TransformAdapter>
 3 |    <Properties>
 4 |       <Fields>
 5 |          <Property name="transform.local.command" type="string" nullable="false" hidden="false" readonly="false" description="The command to execute for this transform" popup="false" abstract="false" visibility="public" auth="false" displayName="Command line">
 6 |             <SampleValue></SampleValue>
 7 |          </Property>
 8 |          <Property name="transform.local.parameters" type="string" nullable="true" hidden="false" readonly="false" description="The parameters to pass to the transform command" popup="false" abstract="false" visibility="public" auth="false" displayName="Command parameters">
 9 |             <SampleValue></SampleValue>
10 |          </Property>
11 |          <Property name="transform.local.working-directory" type="string" nullable="true" hidden="false" readonly="false" description="The working directory used when invoking the executable" popup="false" abstract="false" visibility="public" auth="false" displayName="Working directory">
12 |             <DefaultValue>/usr/share/maltego/bin</DefaultValue>
13 |             <SampleValue></SampleValue>
14 |          </Property>
15 |          <Property name="transform.local.debug" type="boolean" nullable="true" hidden="false" readonly="false" description="When this is set, the transform&apos;s text output will be printed to the output window" popup="false" abstract="false" visibility="public" auth="false" displayName="Show debug info">
16 |             <SampleValue>false</SampleValue>
17 |          </Property>
18 |       </Fields>
19 |    </Properties>
20 |    <InputConstraints>
21 |       <Entity type="maltego.Domain" min="1" max="1"/>
22 |    </InputConstraints>
23 |    <OutputEntities/>
24 |    <defaultSets/>
25 |    <StealthLevel>0</StealthLevel>
26 | </MaltegoTransform>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.ixemails.transformsettings:
--------------------------------------------------------------------------------
1 | <TransformSettings enabled="true" disclaimerAccepted="false" showHelp="true" runWithAll="true" favorite="false">
2 |    <Properties>
3 |       <Property name="transform.local.command" type="string" popup="false">PYTHONEXEC</Property>
4 |       <Property name="transform.local.parameters" type="string" popup="false">COMMANDLINE</Property>
5 |       <Property name="transform.local.working-directory" type="string" popup="false">WORKINGDIR</Property>
6 |       <Property name="transform.local.debug" type="boolean" popup="false">true</Property>
7 |    </Properties>
8 | </TransformSettings>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.ixselectors.transform:
--------------------------------------------------------------------------------
 1 | <MaltegoTransform name="intelx.ixselectors" displayName="Intelligence X Selectors" abstract="false" template="false" visibility="public" description="Get selectors from an Intelligence X search result" author="Intelligence X / Dominik Penner" requireDisplayInfo="false">
 2 |    <TransformAdapter>com.paterva.maltego.transform.protocol.v2api.LocalTransformAdapterV2</TransformAdapter>
 3 |    <Properties>
 4 |       <Fields>
 5 |          <Property name="transform.local.command" type="string" nullable="false" hidden="false" readonly="false" description="The command to execute for this transform" popup="false" abstract="false" visibility="public" auth="false" displayName="Command line">
 6 |             <SampleValue></SampleValue>
 7 |          </Property>
 8 |          <Property name="transform.local.parameters" type="string" nullable="true" hidden="false" readonly="false" description="The parameters to pass to the transform command" popup="false" abstract="false" visibility="public" auth="false" displayName="Command parameters">
 9 |             <SampleValue></SampleValue>
10 |          </Property>
11 |          <Property name="transform.local.working-directory" type="string" nullable="true" hidden="false" readonly="false" description="The working directory used when invoking the executable" popup="false" abstract="false" visibility="public" auth="false" displayName="Working directory">
12 |             <DefaultValue>/usr/share/maltego/bin</DefaultValue>
13 |             <SampleValue></SampleValue>
14 |          </Property>
15 |          <Property name="transform.local.debug" type="boolean" nullable="true" hidden="false" readonly="false" description="When this is set, the transform&apos;s text output will be printed to the output window" popup="false" abstract="false" visibility="public" auth="false" displayName="Show debug info">
16 |             <SampleValue>false</SampleValue>
17 |          </Property>
18 |       </Fields>
19 |    </Properties>
20 |    <InputConstraints>
21 |       <Entity type="intelx.searchresult" min="1" max="1"/>
22 |    </InputConstraints>
23 |    <OutputEntities/>
24 |    <StealthLevel>0</StealthLevel>
25 | </MaltegoTransform>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.ixselectors.transformsettings:
--------------------------------------------------------------------------------
1 | <TransformSettings enabled="true" disclaimerAccepted="false" showHelp="true" runWithAll="true" favorite="false">
2 |    <Properties>
3 |       <Property name="transform.local.command" type="string" popup="false">PYTHONEXEC</Property>
4 |       <Property name="transform.local.parameters" type="string" popup="false">COMMANDLINE</Property>
5 |       <Property name="transform.local.working-directory" type="string" popup="false">WORKINGDIR</Property>
6 |       <Property name="transform.local.debug" type="boolean" popup="false">true</Property>
7 |    </Properties>
8 | </TransformSettings>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.ixsubdomains.transform:
--------------------------------------------------------------------------------
 1 | <MaltegoTransform name="intelx.ixsubdomains" displayName="Intelligence X Subdomains" abstract="false" template="false" visibility="public" description="Enumerate subdomains using the Intelligence X API." author="Intelligence X + Dominik Penner" requireDisplayInfo="false">
 2 |    <TransformAdapter>com.paterva.maltego.transform.protocol.v2api.LocalTransformAdapterV2</TransformAdapter>
 3 |    <Properties>
 4 |       <Fields>
 5 |          <Property name="transform.local.command" type="string" nullable="false" hidden="false" readonly="false" description="The command to execute for this transform" popup="false" abstract="false" visibility="public" auth="false" displayName="Command line">
 6 |             <SampleValue></SampleValue>
 7 |          </Property>
 8 |          <Property name="transform.local.parameters" type="string" nullable="true" hidden="false" readonly="false" description="The parameters to pass to the transform command" popup="false" abstract="false" visibility="public" auth="false" displayName="Command parameters">
 9 |             <SampleValue></SampleValue>
10 |          </Property>
11 |          <Property name="transform.local.working-directory" type="string" nullable="true" hidden="false" readonly="false" description="The working directory used when invoking the executable" popup="false" abstract="false" visibility="public" auth="false" displayName="Working directory">
12 |             <DefaultValue>/usr/share/maltego/bin</DefaultValue>
13 |             <SampleValue></SampleValue>
14 |          </Property>
15 |          <Property name="transform.local.debug" type="boolean" nullable="true" hidden="false" readonly="false" description="When this is set, the transform&apos;s text output will be printed to the output window" popup="false" abstract="false" visibility="public" auth="false" displayName="Show debug info">
16 |             <SampleValue>false</SampleValue>
17 |          </Property>
18 |       </Fields>
19 |    </Properties>
20 |    <InputConstraints>
21 |       <Entity type="maltego.Domain" min="1" max="1"/>
22 |    </InputConstraints>
23 |    <OutputEntities/>
24 |    <defaultSets/>
25 |    <StealthLevel>0</StealthLevel>
26 | </MaltegoTransform>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.ixsubdomains.transformsettings:
--------------------------------------------------------------------------------
1 | <TransformSettings enabled="true" disclaimerAccepted="false" showHelp="true" runWithAll="true" favorite="false">
2 |    <Properties>
3 |       <Property name="transform.local.command" type="string" popup="false">PYTHONEXEC</Property>
4 |       <Property name="transform.local.parameters" type="string" popup="false">COMMANDLINE</Property>
5 |       <Property name="transform.local.working-directory" type="string" popup="false">WORKINGDIR</Property>
6 |       <Property name="transform.local.debug" type="boolean" popup="false">true</Property>
7 |    </Properties>
8 | </TransformSettings>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.ixurls.transform:
--------------------------------------------------------------------------------
 1 | <MaltegoTransform name="intelx.ixurls" displayName="Intelligence X URLs" abstract="false" template="false" visibility="public" description="Fetch URLs from the Intelligence X API." author="Intelligence X / Dominik Penner" requireDisplayInfo="false">
 2 |    <TransformAdapter>com.paterva.maltego.transform.protocol.v2api.LocalTransformAdapterV2</TransformAdapter>
 3 |    <Properties>
 4 |       <Fields>
 5 |          <Property name="transform.local.command" type="string" nullable="false" hidden="false" readonly="false" description="The command to execute for this transform" popup="false" abstract="false" visibility="public" auth="false" displayName="Command line">
 6 |             <SampleValue></SampleValue>
 7 |          </Property>
 8 |          <Property name="transform.local.parameters" type="string" nullable="true" hidden="false" readonly="false" description="The parameters to pass to the transform command" popup="false" abstract="false" visibility="public" auth="false" displayName="Command parameters">
 9 |             <SampleValue></SampleValue>
10 |          </Property>
11 |          <Property name="transform.local.working-directory" type="string" nullable="true" hidden="false" readonly="false" description="The working directory used when invoking the executable" popup="false" abstract="false" visibility="public" auth="false" displayName="Working directory">
12 |             <DefaultValue>/usr/share/maltego/bin</DefaultValue>
13 |             <SampleValue></SampleValue>
14 |          </Property>
15 |          <Property name="transform.local.debug" type="boolean" nullable="true" hidden="false" readonly="false" description="When this is set, the transform&apos;s text output will be printed to the output window" popup="false" abstract="false" visibility="public" auth="false" displayName="Show debug info">
16 |             <SampleValue>false</SampleValue>
17 |          </Property>
18 |       </Fields>
19 |    </Properties>
20 |    <InputConstraints>
21 |       <Entity type="maltego.Domain" min="1" max="1"/>
22 |    </InputConstraints>
23 |    <OutputEntities/>
24 |    <defaultSets/>
25 |    <StealthLevel>0</StealthLevel>
26 | </MaltegoTransform>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.ixurls.transformsettings:
--------------------------------------------------------------------------------
1 | <TransformSettings enabled="true" disclaimerAccepted="false" showHelp="true" runWithAll="true" favorite="false">
2 |    <Properties>
3 |       <Property name="transform.local.command" type="string" popup="false">PYTHONEXEC</Property>
4 |       <Property name="transform.local.parameters" type="string" popup="false">COMMANDLINE</Property>
5 |       <Property name="transform.local.working-directory" type="string" popup="false">WORKINGDIR</Property>
6 |       <Property name="transform.local.debug" type="boolean" popup="false">true</Property>
7 |    </Properties>
8 | </TransformSettings>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.leaktreeview.transform:
--------------------------------------------------------------------------------
 1 | <MaltegoTransform name="intelx.leaktreeview" displayName="Intelligence X Tree View" abstract="false" template="false" visibility="public" description="" author="Intelligence X / Dominik Penner" requireDisplayInfo="false">
 2 |    <TransformAdapter>com.paterva.maltego.transform.protocol.v2api.LocalTransformAdapterV2</TransformAdapter>
 3 |    <Properties>
 4 |       <Fields>
 5 |          <Property name="transform.local.command" type="string" nullable="false" hidden="false" readonly="false" description="The command to execute for this transform" popup="false" abstract="false" visibility="public" auth="false" displayName="Command line">
 6 |             <SampleValue></SampleValue>
 7 |          </Property>
 8 |          <Property name="transform.local.parameters" type="string" nullable="true" hidden="false" readonly="false" description="The parameters to pass to the transform command" popup="false" abstract="false" visibility="public" auth="false" displayName="Command parameters">
 9 |             <SampleValue></SampleValue>
10 |          </Property>
11 |          <Property name="transform.local.working-directory" type="string" nullable="true" hidden="false" readonly="false" description="The working directory used when invoking the executable" popup="false" abstract="false" visibility="public" auth="false" displayName="Working directory">
12 |             <DefaultValue>/usr/share/maltego/bin</DefaultValue>
13 |             <SampleValue></SampleValue>
14 |          </Property>
15 |          <Property name="transform.local.debug" type="boolean" nullable="true" hidden="false" readonly="false" description="When this is set, the transform&apos;s text output will be printed to the output window" popup="false" abstract="false" visibility="public" auth="false" displayName="Show debug info">
16 |             <SampleValue>false</SampleValue>
17 |          </Property>
18 |       </Fields>
19 |    </Properties>
20 |    <InputConstraints>
21 |       <Entity type="intelx.leak" min="1" max="1"/>
22 |    </InputConstraints>
23 |    <OutputEntities/>
24 |    <defaultSets/>
25 |    <StealthLevel>0</StealthLevel>
26 | </MaltegoTransform>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.leaktreeview.transformsettings:
--------------------------------------------------------------------------------
1 | <TransformSettings enabled="true" disclaimerAccepted="false" showHelp="true" runWithAll="true" favorite="false">
2 |    <Properties>
3 |       <Property name="transform.local.command" type="string" popup="false">PYTHONEXEC</Property>
4 |       <Property name="transform.local.parameters" type="string" popup="false">COMMANDLINE</Property>
5 |       <Property name="transform.local.working-directory" type="string" popup="false">WORKINGDIR</Property>
6 |       <Property name="transform.local.debug" type="boolean" popup="false">true</Property>
7 |    </Properties>
8 | </TransformSettings>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchbtc.transform:
--------------------------------------------------------------------------------
 1 | <MaltegoTransform name="intelx.searchbtc" displayName="Intelligence X Search" abstract="false" template="false" visibility="public" description="Search the Intelligence X API" author="Intelligence X + Dominik Penner" requireDisplayInfo="false">
 2 |    <TransformAdapter>com.paterva.maltego.transform.protocol.v2api.LocalTransformAdapterV2</TransformAdapter>
 3 |    <Properties>
 4 |       <Fields>
 5 |          <Property name="transform.local.command" type="string" nullable="false" hidden="false" readonly="false" description="The command to execute for this transform" popup="false" abstract="false" visibility="public" auth="false" displayName="Command line">
 6 |             <SampleValue></SampleValue>
 7 |          </Property>
 8 |          <Property name="transform.local.parameters" type="string" nullable="true" hidden="false" readonly="false" description="The parameters to pass to the transform command" popup="false" abstract="false" visibility="public" auth="false" displayName="Command parameters">
 9 |             <SampleValue></SampleValue>
10 |          </Property>
11 |          <Property name="transform.local.working-directory" type="string" nullable="true" hidden="false" readonly="false" description="The working directory used when invoking the executable" popup="false" abstract="false" visibility="public" auth="false" displayName="Working directory">
12 |             <DefaultValue>/usr/share/maltego/bin</DefaultValue>
13 |             <SampleValue></SampleValue>
14 |          </Property>
15 |          <Property name="transform.local.debug" type="boolean" nullable="true" hidden="false" readonly="false" description="When this is set, the transform&apos;s text output will be printed to the output window" popup="false" abstract="false" visibility="public" auth="false" displayName="Show debug info">
16 |             <SampleValue>false</SampleValue>
17 |          </Property>
18 |       </Fields>
19 |    </Properties>
20 |    <InputConstraints>
21 |       <Entity type="intelx.btcaddress" min="1" max="1"/>
22 |    </InputConstraints>
23 |    <OutputEntities/>
24 |    <StealthLevel>0</StealthLevel>
25 | </MaltegoTransform>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchbtc.transformsettings:
--------------------------------------------------------------------------------
1 | <TransformSettings enabled="true" disclaimerAccepted="false" showHelp="true" runWithAll="true" favorite="false">
2 |    <Properties>
3 |       <Property name="transform.local.command" type="string" popup="false">PYTHONEXEC</Property>
4 |       <Property name="transform.local.parameters" type="string" popup="false">COMMANDLINE</Property>
5 |       <Property name="transform.local.working-directory" type="string" popup="false">WORKINGDIR</Property>
6 |       <Property name="transform.local.debug" type="boolean" popup="false">true</Property>
7 |    </Properties>
8 | </TransformSettings>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchcreditcard.transform:
--------------------------------------------------------------------------------
 1 | <MaltegoTransform name="intelx.searchcreditcard" displayName="Intelligence X Search" abstract="false" template="false" visibility="public" description="Search the Intelligence X API" author="Intelligence X  / Dominik Penner" requireDisplayInfo="false">
 2 |    <TransformAdapter>com.paterva.maltego.transform.protocol.v2api.LocalTransformAdapterV2</TransformAdapter>
 3 |    <Properties>
 4 |       <Fields>
 5 |          <Property name="transform.local.command" type="string" nullable="false" hidden="false" readonly="false" description="The command to execute for this transform" popup="false" abstract="false" visibility="public" auth="false" displayName="Command line">
 6 |             <SampleValue></SampleValue>
 7 |          </Property>
 8 |          <Property name="transform.local.parameters" type="string" nullable="true" hidden="false" readonly="false" description="The parameters to pass to the transform command" popup="false" abstract="false" visibility="public" auth="false" displayName="Command parameters">
 9 |             <SampleValue></SampleValue>
10 |          </Property>
11 |          <Property name="transform.local.working-directory" type="string" nullable="true" hidden="false" readonly="false" description="The working directory used when invoking the executable" popup="false" abstract="false" visibility="public" auth="false" displayName="Working directory">
12 |             <DefaultValue>/usr/share/maltego/bin</DefaultValue>
13 |             <SampleValue></SampleValue>
14 |          </Property>
15 |          <Property name="transform.local.debug" type="boolean" nullable="true" hidden="false" readonly="false" description="When this is set, the transform&apos;s text output will be printed to the output window" popup="false" abstract="false" visibility="public" auth="false" displayName="Show debug info">
16 |             <SampleValue>false</SampleValue>
17 |          </Property>
18 |       </Fields>
19 |    </Properties>
20 |    <InputConstraints>
21 |       <Entity type="intelx.creditcard" min="1" max="1"/>
22 |    </InputConstraints>
23 |    <OutputEntities/>
24 |    <StealthLevel>0</StealthLevel>
25 | </MaltegoTransform>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchcreditcard.transformsettings:
--------------------------------------------------------------------------------
1 | <TransformSettings enabled="true" disclaimerAccepted="false" showHelp="true" runWithAll="true" favorite="false">
2 |    <Properties>
3 |       <Property name="transform.local.command" type="string" popup="false">PYTHONEXEC</Property>
4 |       <Property name="transform.local.parameters" type="string" popup="false">COMMANDLINE</Property>
5 |       <Property name="transform.local.working-directory" type="string" popup="false">WORKINGDIR</Property>
6 |       <Property name="transform.local.debug" type="boolean" popup="false">true</Property>
7 |    </Properties>
8 | </TransformSettings>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchdomain.transform:
--------------------------------------------------------------------------------
 1 | <MaltegoTransform name="intelx.searchdomain" displayName="Intelligence X Search" abstract="false" template="false" visibility="public" description="Search the Intelligence X API" author="Intelligence X / Dominik Penner" requireDisplayInfo="false">
 2 |    <TransformAdapter>com.paterva.maltego.transform.protocol.v2api.LocalTransformAdapterV2</TransformAdapter>
 3 |    <Properties>
 4 |       <Fields>
 5 |          <Property name="transform.local.command" type="string" nullable="false" hidden="false" readonly="false" description="The command to execute for this transform" popup="false" abstract="false" visibility="public" auth="false" displayName="Command line">
 6 |             <SampleValue></SampleValue>
 7 |          </Property>
 8 |          <Property name="transform.local.parameters" type="string" nullable="true" hidden="false" readonly="false" description="The parameters to pass to the transform command" popup="false" abstract="false" visibility="public" auth="false" displayName="Command parameters">
 9 |             <SampleValue></SampleValue>
10 |          </Property>
11 |          <Property name="transform.local.working-directory" type="string" nullable="true" hidden="false" readonly="false" description="The working directory used when invoking the executable" popup="false" abstract="false" visibility="public" auth="false" displayName="Working directory">
12 |             <DefaultValue>/usr/share/maltego/bin</DefaultValue>
13 |             <SampleValue></SampleValue>
14 |          </Property>
15 |          <Property name="transform.local.debug" type="boolean" nullable="true" hidden="false" readonly="false" description="When this is set, the transform&apos;s text output will be printed to the output window" popup="false" abstract="false" visibility="public" auth="false" displayName="Show debug info">
16 |             <SampleValue>false</SampleValue>
17 |          </Property>
18 |       </Fields>
19 |    </Properties>
20 |    <InputConstraints>
21 |       <Entity type="maltego.Domain" min="1" max="1"/>
22 |    </InputConstraints>
23 |    <OutputEntities/>
24 |    <defaultSets/>
25 |    <StealthLevel>0</StealthLevel>
26 | </MaltegoTransform>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchdomain.transformsettings:
--------------------------------------------------------------------------------
1 | <TransformSettings enabled="true" disclaimerAccepted="false" showHelp="true" runWithAll="true" favorite="false">
2 |    <Properties>
3 |       <Property name="transform.local.command" type="string" popup="false">PYTHONEXEC</Property>
4 |       <Property name="transform.local.parameters" type="string" popup="false">COMMANDLINE</Property>
5 |       <Property name="transform.local.working-directory" type="string" popup="false">WORKINGDIR</Property>
6 |       <Property name="transform.local.debug" type="boolean" popup="false">true</Property>
7 |    </Properties>
8 | </TransformSettings>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchemail.transform:
--------------------------------------------------------------------------------
 1 | <MaltegoTransform name="intelx.searchemail" displayName="Intelligence X Search" abstract="false" template="false" visibility="public" description="Search the Intelligence X API" author="Intelligence X / Dominik Penner" requireDisplayInfo="false">
 2 |    <TransformAdapter>com.paterva.maltego.transform.protocol.v2api.LocalTransformAdapterV2</TransformAdapter>
 3 |    <Properties>
 4 |       <Fields>
 5 |          <Property name="transform.local.command" type="string" nullable="false" hidden="false" readonly="false" description="The command to execute for this transform" popup="false" abstract="false" visibility="public" auth="false" displayName="Command line">
 6 |             <SampleValue></SampleValue>
 7 |          </Property>
 8 |          <Property name="transform.local.parameters" type="string" nullable="true" hidden="false" readonly="false" description="The parameters to pass to the transform command" popup="false" abstract="false" visibility="public" auth="false" displayName="Command parameters">
 9 |             <SampleValue></SampleValue>
10 |          </Property>
11 |          <Property name="transform.local.working-directory" type="string" nullable="true" hidden="false" readonly="false" description="The working directory used when invoking the executable" popup="false" abstract="false" visibility="public" auth="false" displayName="Working directory">
12 |             <DefaultValue>/usr/share/maltego/bin</DefaultValue>
13 |             <SampleValue></SampleValue>
14 |          </Property>
15 |          <Property name="transform.local.debug" type="boolean" nullable="true" hidden="false" readonly="false" description="When this is set, the transform&apos;s text output will be printed to the output window" popup="false" abstract="false" visibility="public" auth="false" displayName="Show debug info">
16 |             <SampleValue>false</SampleValue>
17 |          </Property>
18 |       </Fields>
19 |    </Properties>
20 |    <InputConstraints>
21 |       <Entity type="maltego.EmailAddress" min="1" max="1"/>
22 |    </InputConstraints>
23 |    <OutputEntities/>
24 |    <defaultSets/>
25 |    <StealthLevel>0</StealthLevel>
26 | </MaltegoTransform>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchemail.transformsettings:
--------------------------------------------------------------------------------
1 | <TransformSettings enabled="true" disclaimerAccepted="false" showHelp="true" runWithAll="true" favorite="false">
2 |    <Properties>
3 |       <Property name="transform.local.command" type="string" popup="false">PYTHONEXEC</Property>
4 |       <Property name="transform.local.parameters" type="string" popup="false">COMMANDLINE</Property>
5 |       <Property name="transform.local.working-directory" type="string" popup="false">WORKINGDIR</Property>
6 |       <Property name="transform.local.debug" type="boolean" popup="false">true</Property>
7 |    </Properties>
8 | </TransformSettings>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchiban.transform:
--------------------------------------------------------------------------------
 1 | <MaltegoTransform name="intelx.searchiban" displayName="Intelligence X Search" abstract="false" template="false" visibility="public" description="Search the Intelligence X API" author="Intelligence X / Dominik Penner" requireDisplayInfo="false">
 2 |    <TransformAdapter>com.paterva.maltego.transform.protocol.v2api.LocalTransformAdapterV2</TransformAdapter>
 3 |    <Properties>
 4 |       <Fields>
 5 |          <Property name="transform.local.command" type="string" nullable="false" hidden="false" readonly="false" description="The command to execute for this transform" popup="false" abstract="false" visibility="public" auth="false" displayName="Command line">
 6 |             <SampleValue></SampleValue>
 7 |          </Property>
 8 |          <Property name="transform.local.parameters" type="string" nullable="true" hidden="false" readonly="false" description="The parameters to pass to the transform command" popup="false" abstract="false" visibility="public" auth="false" displayName="Command parameters">
 9 |             <SampleValue></SampleValue>
10 |          </Property>
11 |          <Property name="transform.local.working-directory" type="string" nullable="true" hidden="false" readonly="false" description="The working directory used when invoking the executable" popup="false" abstract="false" visibility="public" auth="false" displayName="Working directory">
12 |             <DefaultValue>/usr/share/maltego/bin</DefaultValue>
13 |             <SampleValue></SampleValue>
14 |          </Property>
15 |          <Property name="transform.local.debug" type="boolean" nullable="true" hidden="false" readonly="false" description="When this is set, the transform&apos;s text output will be printed to the output window" popup="false" abstract="false" visibility="public" auth="false" displayName="Show debug info">
16 |             <SampleValue>false</SampleValue>
17 |          </Property>
18 |       </Fields>
19 |    </Properties>
20 |    <InputConstraints>
21 |       <Entity type="intelx.iban" min="1" max="1"/>
22 |    </InputConstraints>
23 |    <OutputEntities/>
24 |    <StealthLevel>0</StealthLevel>
25 | </MaltegoTransform>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchiban.transformsettings:
--------------------------------------------------------------------------------
1 | <TransformSettings enabled="true" disclaimerAccepted="false" showHelp="true" runWithAll="true" favorite="false">
2 |    <Properties>
3 |       <Property name="transform.local.command" type="string" popup="false">PYTHONEXEC</Property>
4 |       <Property name="transform.local.parameters" type="string" popup="false">COMMANDLINE</Property>
5 |       <Property name="transform.local.working-directory" type="string" popup="false">WORKINGDIR</Property>
6 |       <Property name="transform.local.debug" type="boolean" popup="false">true</Property>
7 |    </Properties>
8 | </TransformSettings>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchip.transform:
--------------------------------------------------------------------------------
 1 | <MaltegoTransform name="intelx.searchip" displayName="Intelligence X Search" abstract="false" template="false" visibility="public" description="Search the Intelligence X API" author="Intelligence X / Dominik Penner" requireDisplayInfo="false">
 2 |    <TransformAdapter>com.paterva.maltego.transform.protocol.v2api.LocalTransformAdapterV2</TransformAdapter>
 3 |    <Properties>
 4 |       <Fields>
 5 |          <Property name="transform.local.command" type="string" nullable="false" hidden="false" readonly="false" description="The command to execute for this transform" popup="false" abstract="false" visibility="public" auth="false" displayName="Command line">
 6 |             <SampleValue></SampleValue>
 7 |          </Property>
 8 |          <Property name="transform.local.parameters" type="string" nullable="true" hidden="false" readonly="false" description="The parameters to pass to the transform command" popup="false" abstract="false" visibility="public" auth="false" displayName="Command parameters">
 9 |             <SampleValue></SampleValue>
10 |          </Property>
11 |          <Property name="transform.local.working-directory" type="string" nullable="true" hidden="false" readonly="false" description="The working directory used when invoking the executable" popup="false" abstract="false" visibility="public" auth="false" displayName="Working directory">
12 |             <DefaultValue>/usr/share/maltego/bin</DefaultValue>
13 |             <SampleValue></SampleValue>
14 |          </Property>
15 |          <Property name="transform.local.debug" type="boolean" nullable="true" hidden="false" readonly="false" description="When this is set, the transform&apos;s text output will be printed to the output window" popup="false" abstract="false" visibility="public" auth="false" displayName="Show debug info">
16 |             <SampleValue>false</SampleValue>
17 |          </Property>
18 |       </Fields>
19 |    </Properties>
20 |    <InputConstraints>
21 |       <Entity type="maltego.IPv4Address" min="1" max="1"/>
22 |    </InputConstraints>
23 |    <OutputEntities/>
24 |    <defaultSets/>
25 |    <StealthLevel>0</StealthLevel>
26 | </MaltegoTransform>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchip.transformsettings:
--------------------------------------------------------------------------------
1 | <TransformSettings enabled="true" disclaimerAccepted="false" showHelp="true" runWithAll="true" favorite="false">
2 |    <Properties>
3 |       <Property name="transform.local.command" type="string" popup="false">PYTHONEXEC</Property>
4 |       <Property name="transform.local.parameters" type="string" popup="false">COMMANDLINE</Property>
5 |       <Property name="transform.local.working-directory" type="string" popup="false">WORKINGDIR</Property>
6 |       <Property name="transform.local.debug" type="boolean" popup="false">true</Property>
7 |    </Properties>
8 | </TransformSettings>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchleak.transform:
--------------------------------------------------------------------------------
 1 | <MaltegoTransform name="intelx.searchleak" displayName="Intelligence X Fetch Search Result" abstract="false" template="false" visibility="public" description="Fetch Intelligence X search result" author="Intelligence X / Dominik Penner" requireDisplayInfo="false">
 2 |    <TransformAdapter>com.paterva.maltego.transform.protocol.v2api.LocalTransformAdapterV2</TransformAdapter>
 3 |    <Properties>
 4 |       <Fields>
 5 |          <Property name="transform.local.command" type="string" nullable="false" hidden="false" readonly="false" description="The command to execute for this transform" popup="false" abstract="false" visibility="public" auth="false" displayName="Command line">
 6 |             <SampleValue></SampleValue>
 7 |          </Property>
 8 |          <Property name="transform.local.parameters" type="string" nullable="true" hidden="false" readonly="false" description="The parameters to pass to the transform command" popup="false" abstract="false" visibility="public" auth="false" displayName="Command parameters">
 9 |             <SampleValue></SampleValue>
10 |          </Property>
11 |          <Property name="transform.local.working-directory" type="string" nullable="true" hidden="false" readonly="false" description="The working directory used when invoking the executable" popup="false" abstract="false" visibility="public" auth="false" displayName="Working directory">
12 |             <DefaultValue>/usr/share/maltego/bin</DefaultValue>
13 |             <SampleValue></SampleValue>
14 |          </Property>
15 |          <Property name="transform.local.debug" type="boolean" nullable="true" hidden="false" readonly="false" description="When this is set, the transform&apos;s text output will be printed to the output window" popup="false" abstract="false" visibility="public" auth="false" displayName="Show debug info">
16 |             <SampleValue>false</SampleValue>
17 |          </Property>
18 |       </Fields>
19 |    </Properties>
20 |    <InputConstraints>
21 |       <Entity type="intelx.leak" min="1" max="1"/>
22 |    </InputConstraints>
23 |    <OutputEntities/>
24 |    <StealthLevel>0</StealthLevel>
25 | </MaltegoTransform>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchleak.transformsettings:
--------------------------------------------------------------------------------
1 | <TransformSettings enabled="true" disclaimerAccepted="false" showHelp="true" runWithAll="true" favorite="false">
2 |    <Properties>
3 |       <Property name="transform.local.command" type="string" popup="false">PYTHONEXEC</Property>
4 |       <Property name="transform.local.parameters" type="string" popup="false">COMMANDLINE</Property>
5 |       <Property name="transform.local.working-directory" type="string" popup="false">WORKINGDIR</Property>
6 |       <Property name="transform.local.debug" type="boolean" popup="false">true</Property>
7 |    </Properties>
8 | </TransformSettings>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchmac.transform:
--------------------------------------------------------------------------------
 1 | <MaltegoTransform name="intelx.searchmac" displayName="Intelligence X Search" abstract="false" template="false" visibility="public" description="Search the Intelligence X API" author="Intelligence X / Dominik Penner" requireDisplayInfo="false">
 2 |    <TransformAdapter>com.paterva.maltego.transform.protocol.v2api.LocalTransformAdapterV2</TransformAdapter>
 3 |    <Properties>
 4 |       <Fields>
 5 |          <Property name="transform.local.command" type="string" nullable="false" hidden="false" readonly="false" description="The command to execute for this transform" popup="false" abstract="false" visibility="public" auth="false" displayName="Command line">
 6 |             <SampleValue></SampleValue>
 7 |          </Property>
 8 |          <Property name="transform.local.parameters" type="string" nullable="true" hidden="false" readonly="false" description="The parameters to pass to the transform command" popup="false" abstract="false" visibility="public" auth="false" displayName="Command parameters">
 9 |             <SampleValue></SampleValue>
10 |          </Property>
11 |          <Property name="transform.local.working-directory" type="string" nullable="true" hidden="false" readonly="false" description="The working directory used when invoking the executable" popup="false" abstract="false" visibility="public" auth="false" displayName="Working directory">
12 |             <DefaultValue>/usr/share/maltego/bin</DefaultValue>
13 |             <SampleValue></SampleValue>
14 |          </Property>
15 |          <Property name="transform.local.debug" type="boolean" nullable="true" hidden="false" readonly="false" description="When this is set, the transform&apos;s text output will be printed to the output window" popup="false" abstract="false" visibility="public" auth="false" displayName="Show debug info">
16 |             <SampleValue>false</SampleValue>
17 |          </Property>
18 |       </Fields>
19 |    </Properties>
20 |    <InputConstraints>
21 |       <Entity type="intelx.macaddress" min="1" max="1"/>
22 |    </InputConstraints>
23 |    <OutputEntities/>
24 |    <defaultSets/>
25 |    <StealthLevel>0</StealthLevel>
26 | </MaltegoTransform>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchmac.transformsettings:
--------------------------------------------------------------------------------
1 | <TransformSettings enabled="true" disclaimerAccepted="false" showHelp="true" runWithAll="true" favorite="false">
2 |    <Properties>
3 |       <Property name="transform.local.command" type="string" popup="false">PYTHONEXEC</Property>
4 |       <Property name="transform.local.parameters" type="string" popup="false">COMMANDLINE</Property>
5 |       <Property name="transform.local.working-directory" type="string" popup="false">WORKINGDIR</Property>
6 |       <Property name="transform.local.debug" type="boolean" popup="false">true</Property>
7 |    </Properties>
8 | </TransformSettings>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchselector.transform:
--------------------------------------------------------------------------------
 1 | <MaltegoTransform name="intelx.searchselector" displayName="Intelligence X Search" abstract="false" template="false" visibility="public" description="Search Intelligence X selector" author="Intelligence X / Dominik Penner" requireDisplayInfo="false">
 2 |    <TransformAdapter>com.paterva.maltego.transform.protocol.v2api.LocalTransformAdapterV2</TransformAdapter>
 3 |    <Properties>
 4 |       <Fields>
 5 |          <Property name="transform.local.command" type="string" nullable="false" hidden="false" readonly="false" description="The command to execute for this transform" popup="false" abstract="false" visibility="public" auth="false" displayName="Command line">
 6 |             <SampleValue></SampleValue>
 7 |          </Property>
 8 |          <Property name="transform.local.parameters" type="string" nullable="true" hidden="false" readonly="false" description="The parameters to pass to the transform command" popup="false" abstract="false" visibility="public" auth="false" displayName="Command parameters">
 9 |             <SampleValue></SampleValue>
10 |          </Property>
11 |          <Property name="transform.local.working-directory" type="string" nullable="true" hidden="false" readonly="false" description="The working directory used when invoking the executable" popup="false" abstract="false" visibility="public" auth="false" displayName="Working directory">
12 |             <DefaultValue>/usr/share/maltego/bin</DefaultValue>
13 |             <SampleValue></SampleValue>
14 |          </Property>
15 |          <Property name="transform.local.debug" type="boolean" nullable="true" hidden="false" readonly="false" description="When this is set, the transform&apos;s text output will be printed to the output window" popup="false" abstract="false" visibility="public" auth="false" displayName="Show debug info">
16 |             <SampleValue>false</SampleValue>
17 |          </Property>
18 |       </Fields>
19 |    </Properties>
20 |    <InputConstraints>
21 |       <Entity type="intelx.selector" min="1" max="1"/>
22 |    </InputConstraints>
23 |    <OutputEntities/>
24 |    <StealthLevel>0</StealthLevel>
25 | </MaltegoTransform>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchselector.transformsettings:
--------------------------------------------------------------------------------
1 | <TransformSettings enabled="true" disclaimerAccepted="false" showHelp="true" runWithAll="true" favorite="false">
2 |    <Properties>
3 |       <Property name="transform.local.command" type="string" popup="false">PYTHONEXEC</Property>
4 |       <Property name="transform.local.parameters" type="string" popup="false">COMMANDLINE</Property>
5 |       <Property name="transform.local.working-directory" type="string" popup="false">WORKINGDIR</Property>
6 |       <Property name="transform.local.debug" type="boolean" popup="false">true</Property>
7 |    </Properties>
8 | </TransformSettings>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchsimhash.transform:
--------------------------------------------------------------------------------
 1 | <MaltegoTransform name="intelx.searchsimhash" displayName="Intelligence X Search" abstract="false" template="false" visibility="public" description="Search the Intelligence X API" author="Intelligence X / Dominik Penner" requireDisplayInfo="false">
 2 |    <TransformAdapter>com.paterva.maltego.transform.protocol.v2api.LocalTransformAdapterV2</TransformAdapter>
 3 |    <Properties>
 4 |       <Fields>
 5 |          <Property name="transform.local.command" type="string" nullable="false" hidden="false" readonly="false" description="The command to execute for this transform" popup="false" abstract="false" visibility="public" auth="false" displayName="Command line">
 6 |             <SampleValue></SampleValue>
 7 |          </Property>
 8 |          <Property name="transform.local.parameters" type="string" nullable="true" hidden="false" readonly="false" description="The parameters to pass to the transform command" popup="false" abstract="false" visibility="public" auth="false" displayName="Command parameters">
 9 |             <SampleValue></SampleValue>
10 |          </Property>
11 |          <Property name="transform.local.working-directory" type="string" nullable="true" hidden="false" readonly="false" description="The working directory used when invoking the executable" popup="false" abstract="false" visibility="public" auth="false" displayName="Working directory">
12 |             <DefaultValue>/usr/share/maltego/bin</DefaultValue>
13 |             <SampleValue></SampleValue>
14 |          </Property>
15 |          <Property name="transform.local.debug" type="boolean" nullable="true" hidden="false" readonly="false" description="When this is set, the transform&apos;s text output will be printed to the output window" popup="false" abstract="false" visibility="public" auth="false" displayName="Show debug info">
16 |             <SampleValue>false</SampleValue>
17 |          </Property>
18 |       </Fields>
19 |    </Properties>
20 |    <InputConstraints>
21 |       <Entity type="intelx.simhash" min="1" max="1"/>
22 |    </InputConstraints>
23 |    <OutputEntities/>
24 |    <StealthLevel>0</StealthLevel>
25 | </MaltegoTransform>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchsimhash.transformsettings:
--------------------------------------------------------------------------------
1 | <TransformSettings enabled="true" disclaimerAccepted="false" showHelp="true" runWithAll="true" favorite="false">
2 |    <Properties>
3 |       <Property name="transform.local.command" type="string" popup="false">PYTHONEXEC</Property>
4 |       <Property name="transform.local.parameters" type="string" popup="false">COMMANDLINE</Property>
5 |       <Property name="transform.local.working-directory" type="string" popup="false">WORKINGDIR</Property>
6 |       <Property name="transform.local.debug" type="boolean" popup="false">true</Property>
7 |    </Properties>
8 | </TransformSettings>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchstorageid.transform:
--------------------------------------------------------------------------------
 1 | <MaltegoTransform name="intelx.searchstorageid" displayName="Intelligence X Search" abstract="false" template="false" visibility="public" description="Search the Intelligence X API" author="Intelligence X / Dominik Penner" requireDisplayInfo="false">
 2 |    <TransformAdapter>com.paterva.maltego.transform.protocol.v2api.LocalTransformAdapterV2</TransformAdapter>
 3 |    <Properties>
 4 |       <Fields>
 5 |          <Property name="transform.local.command" type="string" nullable="false" hidden="false" readonly="false" description="The command to execute for this transform" popup="false" abstract="false" visibility="public" auth="false" displayName="Command line">
 6 |             <SampleValue></SampleValue>
 7 |          </Property>
 8 |          <Property name="transform.local.parameters" type="string" nullable="true" hidden="false" readonly="false" description="The parameters to pass to the transform command" popup="false" abstract="false" visibility="public" auth="false" displayName="Command parameters">
 9 |             <SampleValue></SampleValue>
10 |          </Property>
11 |          <Property name="transform.local.working-directory" type="string" nullable="true" hidden="false" readonly="false" description="The working directory used when invoking the executable" popup="false" abstract="false" visibility="public" auth="false" displayName="Working directory">
12 |             <DefaultValue>/usr/share/maltego/bin</DefaultValue>
13 |             <SampleValue></SampleValue>
14 |          </Property>
15 |          <Property name="transform.local.debug" type="boolean" nullable="true" hidden="false" readonly="false" description="When this is set, the transform&apos;s text output will be printed to the output window" popup="false" abstract="false" visibility="public" auth="false" displayName="Show debug info">
16 |             <SampleValue>false</SampleValue>
17 |          </Property>
18 |       </Fields>
19 |    </Properties>
20 |    <InputConstraints>
21 |       <Entity type="intelx.storageid" min="1" max="1"/>
22 |    </InputConstraints>
23 |    <OutputEntities/>
24 |    <defaultSets/>
25 |    <StealthLevel>0</StealthLevel>
26 | </MaltegoTransform>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchstorageid.transformsettings:
--------------------------------------------------------------------------------
1 | <TransformSettings enabled="true" disclaimerAccepted="false" showHelp="true" runWithAll="true" favorite="false">
2 |    <Properties>
3 |       <Property name="transform.local.command" type="string" popup="false">PYTHONEXEC</Property>
4 |       <Property name="transform.local.parameters" type="string" popup="false">COMMANDLINE</Property>
5 |       <Property name="transform.local.working-directory" type="string" popup="false">WORKINGDIR</Property>
6 |       <Property name="transform.local.debug" type="boolean" popup="false">true</Property>
7 |    </Properties>
8 | </TransformSettings>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchsystemid.transform:
--------------------------------------------------------------------------------
 1 | <MaltegoTransform name="intelx.searchsystemid" displayName="Intelligence X Search" abstract="false" template="false" visibility="public" description="Search the Intelligence X API" author="Intelligence X / Dominik Penner" requireDisplayInfo="false">
 2 |    <TransformAdapter>com.paterva.maltego.transform.protocol.v2api.LocalTransformAdapterV2</TransformAdapter>
 3 |    <Properties>
 4 |       <Fields>
 5 |          <Property name="transform.local.command" type="string" nullable="false" hidden="false" readonly="false" description="The command to execute for this transform" popup="false" abstract="false" visibility="public" auth="false" displayName="Command line">
 6 |             <SampleValue></SampleValue>
 7 |          </Property>
 8 |          <Property name="transform.local.parameters" type="string" nullable="true" hidden="false" readonly="false" description="The parameters to pass to the transform command" popup="false" abstract="false" visibility="public" auth="false" displayName="Command parameters">
 9 |             <SampleValue></SampleValue>
10 |          </Property>
11 |          <Property name="transform.local.working-directory" type="string" nullable="true" hidden="false" readonly="false" description="The working directory used when invoking the executable" popup="false" abstract="false" visibility="public" auth="false" displayName="Working directory">
12 |             <DefaultValue>/usr/share/maltego/bin</DefaultValue>
13 |             <SampleValue></SampleValue>
14 |          </Property>
15 |          <Property name="transform.local.debug" type="boolean" nullable="true" hidden="false" readonly="false" description="When this is set, the transform&apos;s text output will be printed to the output window" popup="false" abstract="false" visibility="public" auth="false" displayName="Show debug info">
16 |             <SampleValue>false</SampleValue>
17 |          </Property>
18 |       </Fields>
19 |    </Properties>
20 |    <InputConstraints>
21 |       <Entity type="intelx.systemid" min="1" max="1"/>
22 |    </InputConstraints>
23 |    <OutputEntities/>
24 |    <defaultSets/>
25 |    <StealthLevel>0</StealthLevel>
26 | </MaltegoTransform>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchsystemid.transformsettings:
--------------------------------------------------------------------------------
1 | <TransformSettings enabled="true" disclaimerAccepted="false" showHelp="true" runWithAll="true" favorite="false">
2 |    <Properties>
3 |       <Property name="transform.local.command" type="string" popup="false">PYTHONEXEC</Property>
4 |       <Property name="transform.local.parameters" type="string" popup="false">COMMANDLINE</Property>
5 |       <Property name="transform.local.working-directory" type="string" popup="false">WORKINGDIR</Property>
6 |       <Property name="transform.local.debug" type="boolean" popup="false">true</Property>
7 |    </Properties>
8 | </TransformSettings>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchurl.transform:
--------------------------------------------------------------------------------
 1 | <MaltegoTransform name="intelx.searchurl" displayName="Intelligence X Search" abstract="false" template="false" visibility="public" description="Search the Intelligence X API" author="Intelligence X / Dominik Penner" requireDisplayInfo="false">
 2 |    <TransformAdapter>com.paterva.maltego.transform.protocol.v2api.LocalTransformAdapterV2</TransformAdapter>
 3 |    <Properties>
 4 |       <Fields>
 5 |          <Property name="transform.local.command" type="string" nullable="false" hidden="false" readonly="false" description="The command to execute for this transform" popup="false" abstract="false" visibility="public" auth="false" displayName="Command line">
 6 |             <SampleValue></SampleValue>
 7 |          </Property>
 8 |          <Property name="transform.local.parameters" type="string" nullable="true" hidden="false" readonly="false" description="The parameters to pass to the transform command" popup="false" abstract="false" visibility="public" auth="false" displayName="Command parameters">
 9 |             <SampleValue></SampleValue>
10 |          </Property>
11 |          <Property name="transform.local.working-directory" type="string" nullable="true" hidden="false" readonly="false" description="The working directory used when invoking the executable" popup="false" abstract="false" visibility="public" auth="false" displayName="Working directory">
12 |             <DefaultValue>/usr/share/maltego/bin</DefaultValue>
13 |             <SampleValue></SampleValue>
14 |          </Property>
15 |          <Property name="transform.local.debug" type="boolean" nullable="true" hidden="false" readonly="false" description="When this is set, the transform&apos;s text output will be printed to the output window" popup="false" abstract="false" visibility="public" auth="false" displayName="Show debug info">
16 |             <SampleValue>false</SampleValue>
17 |          </Property>
18 |       </Fields>
19 |    </Properties>
20 |    <InputConstraints>
21 |       <Entity type="maltego.URL" min="1" max="1"/>
22 |    </InputConstraints>
23 |    <OutputEntities/>
24 |    <defaultSets/>
25 |    <StealthLevel>0</StealthLevel>
26 | </MaltegoTransform>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchurl.transformsettings:
--------------------------------------------------------------------------------
1 | <TransformSettings enabled="true" disclaimerAccepted="false" showHelp="true" runWithAll="true" favorite="false">
2 |    <Properties>
3 |       <Property name="transform.local.command" type="string" popup="false">PYTHONEXEC</Property>
4 |       <Property name="transform.local.parameters" type="string" popup="false">COMMANDLINE</Property>
5 |       <Property name="transform.local.working-directory" type="string" popup="false">WORKINGDIR</Property>
6 |       <Property name="transform.local.debug" type="boolean" popup="false">true</Property>
7 |    </Properties>
8 | </TransformSettings>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchuuid.transform:
--------------------------------------------------------------------------------
 1 | <MaltegoTransform name="intelx.searchuuid" displayName="Intelligence X Search" abstract="false" template="false" visibility="public" description="Search the Intelligence X API" author="Intelligence X / Dominik Penner" requireDisplayInfo="false">
 2 |    <TransformAdapter>com.paterva.maltego.transform.protocol.v2api.LocalTransformAdapterV2</TransformAdapter>
 3 |    <Properties>
 4 |       <Fields>
 5 |          <Property name="transform.local.command" type="string" nullable="false" hidden="false" readonly="false" description="The command to execute for this transform" popup="false" abstract="false" visibility="public" auth="false" displayName="Command line">
 6 |             <SampleValue></SampleValue>
 7 |          </Property>
 8 |          <Property name="transform.local.parameters" type="string" nullable="true" hidden="false" readonly="false" description="The parameters to pass to the transform command" popup="false" abstract="false" visibility="public" auth="false" displayName="Command parameters">
 9 |             <SampleValue></SampleValue>
10 |          </Property>
11 |          <Property name="transform.local.working-directory" type="string" nullable="true" hidden="false" readonly="false" description="The working directory used when invoking the executable" popup="false" abstract="false" visibility="public" auth="false" displayName="Working directory">
12 |             <DefaultValue>/usr/share/maltego/bin</DefaultValue>
13 |             <SampleValue></SampleValue>
14 |          </Property>
15 |          <Property name="transform.local.debug" type="boolean" nullable="true" hidden="false" readonly="false" description="When this is set, the transform&apos;s text output will be printed to the output window" popup="false" abstract="false" visibility="public" auth="false" displayName="Show debug info">
16 |             <SampleValue>false</SampleValue>
17 |          </Property>
18 |       </Fields>
19 |    </Properties>
20 |    <InputConstraints>
21 |       <Entity type="intelx.uuid" min="1" max="1"/>
22 |    </InputConstraints>
23 |    <OutputEntities/>
24 |    <defaultSets/>
25 |    <StealthLevel>0</StealthLevel>
26 | </MaltegoTransform>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.searchuuid.transformsettings:
--------------------------------------------------------------------------------
1 | <TransformSettings enabled="true" disclaimerAccepted="false" showHelp="true" runWithAll="true" favorite="false">
2 |    <Properties>
3 |       <Property name="transform.local.command" type="string" popup="false">PYTHONEXEC</Property>
4 |       <Property name="transform.local.parameters" type="string" popup="false">COMMANDLINE</Property>
5 |       <Property name="transform.local.working-directory" type="string" popup="false">WORKINGDIR</Property>
6 |       <Property name="transform.local.debug" type="boolean" popup="false">true</Property>
7 |    </Properties>
8 | </TransformSettings>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.treeview.transform:
--------------------------------------------------------------------------------
 1 | <MaltegoTransform name="intelx.treeview" displayName="Intelligence X Tree View" abstract="false" template="false" visibility="public" description="" author="Intelligence X / Dominik Penner" requireDisplayInfo="false">
 2 |    <TransformAdapter>com.paterva.maltego.transform.protocol.v2api.LocalTransformAdapterV2</TransformAdapter>
 3 |    <Properties>
 4 |       <Fields>
 5 |          <Property name="transform.local.command" type="string" nullable="false" hidden="false" readonly="false" description="The command to execute for this transform" popup="false" abstract="false" visibility="public" auth="false" displayName="Command line">
 6 |             <SampleValue></SampleValue>
 7 |          </Property>
 8 |          <Property name="transform.local.parameters" type="string" nullable="true" hidden="false" readonly="false" description="The parameters to pass to the transform command" popup="false" abstract="false" visibility="public" auth="false" displayName="Command parameters">
 9 |             <SampleValue></SampleValue>
10 |          </Property>
11 |          <Property name="transform.local.working-directory" type="string" nullable="true" hidden="false" readonly="false" description="The working directory used when invoking the executable" popup="false" abstract="false" visibility="public" auth="false" displayName="Working directory">
12 |             <DefaultValue>/usr/share/maltego/bin</DefaultValue>
13 |             <SampleValue></SampleValue>
14 |          </Property>
15 |          <Property name="transform.local.debug" type="boolean" nullable="true" hidden="false" readonly="false" description="When this is set, the transform&apos;s text output will be printed to the output window" popup="false" abstract="false" visibility="public" auth="false" displayName="Show debug info">
16 |             <SampleValue>false</SampleValue>
17 |          </Property>
18 |       </Fields>
19 |    </Properties>
20 |    <InputConstraints>
21 |       <Entity type="intelx.historicalsearchresult" min="1" max="1"/>
22 |    </InputConstraints>
23 |    <OutputEntities/>
24 |    <defaultSets/>
25 |    <StealthLevel>0</StealthLevel>
26 | </MaltegoTransform>


--------------------------------------------------------------------------------
/Maltego Transform/config/TransformRepositories/Local/intelx.treeview.transformsettings:
--------------------------------------------------------------------------------
1 | <TransformSettings enabled="true" disclaimerAccepted="false" showHelp="true" runWithAll="true" favorite="false">
2 |    <Properties>
3 |       <Property name="transform.local.command" type="string" popup="false">PYTHONEXEC</Property>
4 |       <Property name="transform.local.parameters" type="string" popup="false">COMMANDLINE</Property>
5 |       <Property name="transform.local.working-directory" type="string" popup="false">WORKINGDIR</Property>
6 |       <Property name="transform.local.debug" type="boolean" popup="false">true</Property>
7 |    </Properties>
8 | </TransformSettings>


--------------------------------------------------------------------------------
/Maltego Transform/config/version.properties:
--------------------------------------------------------------------------------
1 | #
2 | #Thu Jun 18 12:17:16 CDT 2020
3 | maltego.client.version=4.2.11.13104
4 | maltego.client.subtitle=
5 | maltego.pandora.version=1.4.2
6 | maltego.client.name=Maltego Community Edition
7 | maltego.mtz.version=1.0
8 | maltego.graph.version=1.2
9 | 


--------------------------------------------------------------------------------
/Maltego Transform/install.py:
--------------------------------------------------------------------------------
  1 | #!/usr/bin/env python3
  2 | # -*- coding: utf-8 -*-
  3 | 
  4 | import zipfile, json, os
  5 | 
  6 | tform_path = os.getcwd() + '/config/TransformRepositories/Local'
  7 | cwd = os.getcwd()
  8 | 
  9 | config = {
 10 | 
 11 |     'ixemails': {
 12 |         'filename': 'intelx.ixemails.transformsettings',
 13 |         'propval': f'{cwd}/project.py local ixemails'
 14 |     },
 15 | 
 16 |     'ixsubdomains': {
 17 |         'filename': 'intelx.ixsubdomains.transformsettings',
 18 |         'propval': f'{cwd}/project.py local ixsubdomains'
 19 |     },
 20 | 
 21 |     'ixurls': {
 22 |         'filename': 'intelx.ixurls.transformsettings',
 23 |         'propval': f'{cwd}/project.py local ixurls'
 24 |     },
 25 | 
 26 |     'searchdomain': {
 27 |         'filename': 'intelx.searchdomain.transformsettings',
 28 |         'propval': f'{cwd}/project.py local ixsearch'
 29 |     },
 30 | 
 31 |     'searchemail': {
 32 |         'filename': 'intelx.searchemail.transformsettings',
 33 |         'propval': f'{cwd}/project.py local ixsearch'
 34 |     },
 35 | 
 36 |     'searchurl': {
 37 |         'filename': 'intelx.searchurl.transformsettings',
 38 |         'propval': f'{cwd}/project.py local ixsearch'
 39 |     },
 40 | 
 41 |     'history': {
 42 |         'filename': 'intelx.history.transformsettings',
 43 |         'propval': f'{cwd}/project.py local ixhistory'
 44 |     },
 45 | 
 46 |     'fetchsearchresult': {
 47 |         'filename': 'intelx.fetchsearchresult.transformsettings',
 48 |         'propval': f'{cwd}/project.py local ixsearchresult'
 49 |     },
 50 | 
 51 |     'fetchhistoricalsearchresult': {
 52 |         'filename': 'intelx.fetchhistoricalsearchresult.transformsettings',
 53 |         'propval': f'{cwd}/project.py local ixsearchresult'
 54 |     },
 55 | 
 56 |     'treeview': {
 57 |         'filename': 'intelx.treeview.transformsettings',
 58 |         'propval': f'{cwd}/project.py local ixtreeview'
 59 |     },
 60 | 
 61 |     'leaktreeview': {
 62 |         'filename': 'intelx.leaktreeview.transformsettings',
 63 |         'propval': f'{cwd}/project.py local ixtreeview'
 64 |     },
 65 | 
 66 |     'searchip': {
 67 |         'filename': 'intelx.searchip.transformsettings',
 68 |         'propval': f'{cwd}/project.py local ixsearch'
 69 |     },
 70 | 
 71 |     'searchbtc': {
 72 |         'filename': 'intelx.searchbtc.transformsettings',
 73 |         'propval': f'{cwd}/project.py local ixsearch'
 74 |     },
 75 | 
 76 |     'searchmac': {
 77 |         'filename': 'intelx.searchmac.transformsettings',
 78 |         'propval': f'{cwd}/project.py local ixsearch'
 79 |     },
 80 | 
 81 |     'searchuuid': {
 82 |         'filename': 'intelx.searchuuid.transformsettings',
 83 |         'propval': f'{cwd}/project.py local ixsearch'
 84 |     },
 85 | 
 86 |     'searchstorageid': {
 87 |         'filename': 'intelx.searchstorageid.transformsettings',
 88 |         'propval': f'{cwd}/project.py local ixsearch'
 89 |     },
 90 | 
 91 |     'searchsystemid': {
 92 |         'filename': 'intelx.searchsystemid.transformsettings',
 93 |         'propval': f'{cwd}/project.py local ixsearch'
 94 |     },
 95 | 
 96 |     'searchsimhash': {
 97 |         'filename': 'intelx.searchsimhash.transformsettings',
 98 |         'propval': f'{cwd}/project.py local ixsearch' 
 99 |     },
100 | 
101 |     'searchcreditcard': {
102 |         'filename': 'intelx.searchcreditcard.transformsettings',
103 |         'propval': f'{cwd}/project.py local ixsearch' 
104 |     },
105 | 
106 |     'searchiban': {
107 |         'filename': 'intelx.searchiban.transformsettings',
108 |         'propval': f'{cwd}/project.py local ixsearch' 
109 |     },
110 | 
111 |     'searchleak': {
112 |         'filename': 'intelx.searchleak.transformsettings',
113 |         'propval': f'{cwd}/project.py local ixsearch' 
114 |     },
115 | 
116 |     'ixselectors': {
117 |         'filename': 'intelx.ixselectors.transformsettings',
118 |         'propval': f'{cwd}/project.py local ixselectors'
119 |     },
120 | 
121 |     'searchselector': {
122 |         'filename': 'intelx.searchselector.transformsettings',
123 |         'propval': f'{cwd}/project.py local ixsearch'
124 |     }
125 | 
126 | }
127 | 
128 | def zip_dir(directory, zipname):
129 |     if os.path.exists(directory):
130 |         zf = zipfile.ZipFile(zipname, 'w', zipfile.ZIP_DEFLATED)
131 |         root = os.path.basename(directory)
132 |         for dirpath, dirnames, filenames in os.walk(directory):
133 |             for filename in filenames:
134 |                 filepath   = os.path.join(dirpath, filename)
135 |                 parentpath = os.path.relpath(filepath, directory)
136 |                 arcname    = os.path.join(root, parentpath).strip("config/")
137 |                 zf.write(filepath, arcname)
138 |     zf.close()
139 | 
140 | try:
141 | 
142 |     python_location = input("Python executable: ")
143 |     apikey = input('Intelligence X API Key: ')
144 | 
145 |     for entry in config:
146 |         with open(f"{tform_path}/{config[entry]['filename']}", "r+") as handle:
147 |             contents = handle.read()
148 |             new_contents = contents.replace("PYTHONEXEC", python_location)
149 |             new_contents = new_contents.replace("COMMANDLINE", config[entry]['propval'])
150 |             new_contents = new_contents.replace("WORKINGDIR", cwd)
151 |             handle.seek(0)
152 |             handle.write(new_contents)
153 |             handle.truncate()
154 | 
155 |     with open(f'{cwd}/settings.json', 'w') as handle:
156 |         settings = {
157 |             "APIKEY": apikey,
158 |             "PYTHONEXEC": python_location,
159 |             "WORKINGDIR": cwd,
160 |         }
161 |         handle.write(json.dumps(settings))
162 |         handle.close()
163 | 
164 |     zip_dir(f"{cwd}/config", "intelx.mtz")
165 |     
166 |     print(f"\nConfiguration file saved to: {cwd}/intelx.mtz")
167 |     print("Head to Maltego > Import/Export > Import Config and select the generated file.")
168 | 
169 | except Exception as e:
170 |     print(e)


--------------------------------------------------------------------------------
/Maltego Transform/project.py:
--------------------------------------------------------------------------------
 1 | import sys
 2 | import transforms
 3 | 
 4 | from maltego_trx.registry import register_transform_function, register_transform_classes
 5 | from maltego_trx.server import app, application
 6 | from maltego_trx.handler import handle_run
 7 | 
 8 | # register_transform_function(transform_func)
 9 | register_transform_classes(transforms)
10 | 
11 | handle_run(__name__, sys.argv, app)
12 | 


--------------------------------------------------------------------------------
/Maltego Transform/requirements.txt:
--------------------------------------------------------------------------------
1 | maltego-trx
2 | intelx


--------------------------------------------------------------------------------
/Maltego Transform/settings.json:
--------------------------------------------------------------------------------
1 | {
2 |     "APIKEY": "",
3 |     "PYTHONEXEC": "",
4 |     "WORKINGDIR": "",
5 | }


--------------------------------------------------------------------------------
/Maltego Transform/transforms/ixemails.py:
--------------------------------------------------------------------------------
 1 | import intelxapi, pathlib, json
 2 | from maltego_trx.maltego import UIM_TYPES
 3 | from maltego_trx.entities import Email
 4 | 
 5 | from maltego_trx.transform import DiscoverableTransform
 6 | 
 7 | 
 8 | class ixemails(DiscoverableTransform):
 9 |     @classmethod
10 |     def create_entities(cls, request, response):
11 |         domain_name = request.Value
12 |         try:
13 |             path = pathlib.Path(__file__).parent.absolute()
14 |             with open(f"{path}/../settings.json", 'r') as h:
15 |                 contents = h.read().strip('\n')
16 |                 settings = json.loads(contents)
17 |                 key = settings['APIKEY']
18 |                 h.close()
19 |             intelx = intelxapi.intelx(key, ua='IX Maltego Transform/3')
20 |             results = intelx.phonebooksearch(domain_name, target=2)
21 |             for selector in results:
22 |                 for result in selector['selectors']:
23 |                     response.addEntity(Email, result['selectorvalue'])
24 |         except Exception as e:
25 |             response.addUIMessage("Error: " + str(e), UIM_TYPES["partial"])
26 | 


--------------------------------------------------------------------------------
/Maltego Transform/transforms/ixhistory.py:
--------------------------------------------------------------------------------
 1 | import intelxapi, pathlib, json
 2 | from maltego_trx.maltego import UIM_TYPES
 3 | from maltego_trx.entities import Domain
 4 | 
 5 | from maltego_trx.transform import DiscoverableTransform
 6 | 
 7 | 
 8 | class ixhistory(DiscoverableTransform):
 9 |     @classmethod
10 |     def create_entities(cls, request, response):
11 |         domain_name = request.Value
12 |         try:
13 |             path = pathlib.Path(__file__).parent.absolute()
14 |             with open(f"{path}/../settings.json", 'r') as h:
15 |                 contents = h.read().strip('\n')
16 |                 settings = json.loads(contents)
17 |                 key = settings['APIKEY']
18 |                 h.close()
19 |             intelx = intelxapi.intelx(key, ua='IX Maltego Transform/3')
20 |             history = intelx.treeview(str(request.getProperty("Historyfile")))
21 |             for entry in history:
22 |                 entity = response.addEntity('intelx.searchresult', entry['date'])
23 |                 entity.addProperty('SID', 'SID', 'loose', entry['systemid'])
24 |                 entity.addProperty("Type", "Type", "loose", entry['type'])
25 |                 entity.addProperty("Media", "Media", "loose", entry['media'])
26 |                 entity.addProperty("Bucket", "Bucket", "loose", entry['bucket'])
27 | 
28 |         except Exception as e:
29 |             response.addUIMessage("Error: " + str(e), UIM_TYPES["partial"])
30 | 


--------------------------------------------------------------------------------
/Maltego Transform/transforms/ixsearch.py:
--------------------------------------------------------------------------------
 1 | import intelxapi, pathlib, json, html
 2 | from maltego_trx.maltego import UIM_TYPES
 3 | from maltego_trx.entities import Domain, URL, Email, IPAddress, PhoneNumber
 4 | 
 5 | from maltego_trx.transform import DiscoverableTransform
 6 | 
 7 | class ixsearch(DiscoverableTransform):
 8 |     @classmethod
 9 |     def create_entities(cls, request, response):
10 |         domain_name = request.Value
11 |         try:
12 |             path = pathlib.Path(__file__).parent.absolute()
13 |             with open(f"{path}/../settings.json", 'r') as h:
14 |                 contents = h.read().strip('\n')
15 |                 settings = json.loads(contents)
16 |                 key = settings['APIKEY']
17 |                 h.close()
18 |             intelx = intelxapi.intelx(key, ua='IX Maltego Transform/3')
19 |             results = intelx.search(domain_name, maxresults=12) # request.Slider() returns 100 in Maltego CE, temp hardcode to 12 for testing
20 |             for record in results['records']:
21 |                 if record['name'] == "":
22 |                     name = record['systemid']
23 |                 else:
24 |                     # we have to strip all unicode characters, cuz maltego-trx can not handle them properly
25 |                     name = record['name']
26 |                     stripped_name = (c for c in name if 0 < ord(c) < 127)
27 |                     name = ''.join(stripped_name)
28 | 
29 |                 if record['mediah'] == "Domain": # Domain
30 |                     entity = response.addEntity(Domain, record['name'])
31 | 
32 |                 elif len(record['historyfile']) > 0:
33 |                     entity = response.addEntity('intelx.historicalsearchresult', name)
34 |                     entity.addProperty('properties.intelligencexhistoricalsearchresult', 'properties.intelligencexhistoricalsearchresult', 'loose', name)
35 |                     entity.addProperty("Historyfile", "Historyfile", "loose", record['historyfile'])
36 |                     entity.addProperty("Indexfile", "Indexfile", "loose", record['indexfile'])
37 |                     preview = intelx.FILE_PREVIEW(record['type'], record['media'], 0, record['storageid'], record['bucket'])
38 |                     preview = preview.replace('\n', '<br>')
39 |                     preview = html.escape(preview)
40 |                     stripped_preview = (c for c in preview if 0 < ord(c) < 127)
41 |                     preview = ''.join(stripped_preview)
42 |                     entity.addDisplayInformation(preview, 'Preview')
43 | 
44 |                 elif 'leak' in record['bucket']:
45 |                     entity = response.addEntity('intelx.leak', name)
46 |                     entity.addProperty('properties.intelligencexleak', 'properties.intelligencexleak', 'loose', name)
47 |                     entity.addProperty("Indexfile", "Indexfile", "loose", record['indexfile'])
48 |                     preview = intelx.FILE_PREVIEW(record['type'], record['media'], 0, record['storageid'], record['bucket'])
49 |                     preview = preview.replace('\n', '<br>')
50 |                     preview = html.escape(preview)
51 |                     stripped_preview = (c for c in preview if 0 < ord(c) < 127)
52 |                     preview = ''.join(stripped_preview)
53 |                     entity.addDisplayInformation(preview, 'Preview')
54 | 
55 |                 else:
56 |                     entity = response.addEntity('intelx.searchresult', name)
57 |                     entity.addProperty('properties.intelligencexsearchresult', 'properties.intelligencexsearchresult', 'loose', name)
58 |                     preview = intelx.FILE_PREVIEW(record['type'], record['media'], 0, record['storageid'], record['bucket'])
59 |                     preview = preview.replace('\n', '<br>')
60 |                     preview = html.escape(preview)
61 |                     stripped_preview = (c for c in preview if 0 < ord(c) < 127)
62 |                     preview = ''.join(stripped_preview)
63 |                     entity.addDisplayInformation(preview, 'Preview')
64 | 
65 |                 entity.addProperty('SID', 'SID', 'loose', record['systemid'])
66 |                 entity.addProperty('STORAGEID', 'STORAGEID', 'loose', record['storageid'])
67 |                 entity.addProperty("Type", "Type", "loose", record['type'])
68 |                 entity.addProperty("Media", "Media", "loose", record['media'])
69 |                 entity.addProperty("Bucket", "Bucket", "loose", record['bucket'])
70 | 
71 |         except Exception as e:
72 |             response.addUIMessage("Error: " + str(e), UIM_TYPES["partial"])
73 | 


--------------------------------------------------------------------------------
/Maltego Transform/transforms/ixsearchresult.py:
--------------------------------------------------------------------------------
 1 | import intelxapi, webbrowser, pathlib
 2 | from maltego_trx.maltego import UIM_TYPES
 3 | 
 4 | from maltego_trx.transform import DiscoverableTransform
 5 | 
 6 | class ixsearchresult(DiscoverableTransform):
 7 |     @classmethod
 8 |     def create_entities(cls, request, response):
 9 |         domain_name = request.Value
10 |         try:
11 |             path = pathlib.Path(__file__).parent.absolute()
12 |             sid = request.getProperty("SID")
13 |             target = f'https://intelx.io/?did={sid}'
14 |             webbrowser.open_new(target)
15 |             
16 |         except Exception as e:
17 |             response.addUIMessage("Error: " + str(e), UIM_TYPES["partial"])


--------------------------------------------------------------------------------
/Maltego Transform/transforms/ixselectors.py:
--------------------------------------------------------------------------------
 1 | import intelxapi, webbrowser, pathlib, json
 2 | from maltego_trx.maltego import UIM_TYPES
 3 | from maltego_trx.entities import Domain, URL, Email, IPAddress, PhoneNumber
 4 | from maltego_trx.transform import DiscoverableTransform
 5 | 
 6 | class ixselectors(DiscoverableTransform):
 7 |     @classmethod
 8 |     def create_entities(cls, request, response):
 9 | 
10 |         try:
11 | 
12 |             path = pathlib.Path(__file__).parent.absolute()
13 |             sid = request.getProperty("SID")
14 | 
15 |             with open(f"{path}/../settings.json", 'r') as h:
16 |                 contents = h.read().strip('\n')
17 |                 settings = json.loads(contents)
18 |                 key = settings['APIKEY']
19 |                 h.close()
20 | 
21 |             intelx = intelxapi.intelx(key, ua='IX Maltego Transform/3')
22 |             selectors = intelx.selectors(sid)
23 | 
24 |             for selector in selectors:
25 |                 
26 |                 if selector['type'] == 1: # Email
27 |                     entity = response.addEntity(Email, selector['selector'])
28 |                     entity.addProperty('SID', 'SID', 'loose', selector['systemid'])
29 | 
30 |                 elif selector['type'] == 2: # Domain
31 |                     entity = response.addEntity(Domain, selector['selector'])
32 |                     entity.addProperty('SID', 'SID', 'loose', selector['systemid'])
33 | 
34 |                 elif selector['type'] == 3: # URL
35 |                     entity = response.addEntity(URL, selector['selector'])
36 |                     entity.addProperty('url', 'url', 'loose', selector['selector'])
37 |                     entity.addProperty('SID', 'SID', 'loose', selector['systemid'])
38 | 
39 |                 elif selector['type'] == 4: # Phone
40 |                     entity = response.addEntity(PhoneNumber, selector['selector'])
41 |                     entity.addProperty('SID', 'SID', 'loose', selector['systemid'])
42 | 
43 |                 elif selector['type'] == 6: # IP
44 |                     entity = response.addEntity(IPAddress, selector['selector'])
45 |                     entity.addProperty('SID', 'SID', 'loose', selector['systemid'])
46 | 
47 |                 elif selector['type'] == 17: # Credit card
48 |                     entity = response.addEntity('intelx.creditcard', selector['selector'])
49 |                     entity.addProperty('SID', 'SID', 'loose', selector['systemid'])
50 | 
51 |                 elif selector['type'] == 22: # MAC address
52 |                     entity = response.addEntity('intelx.macaddress', selector['selector'])
53 |                     entity.addProperty('MAC Address', 'MAC Address', 'loose', selector['selector'])
54 |                     entity.addProperty('SID', 'SID', 'loose', selector['systemid'])
55 | 
56 |                 else:
57 |                     entity = response.addEntity('intelx.selector', selector['selector'])
58 |                     entity.addProperty('SID', 'SID', 'loose', selector['systemid'])
59 |                     
60 |         except Exception as e:
61 |             response.addUIMessage("Error: " + str(e), UIM_TYPES["partial"])
62 | 


--------------------------------------------------------------------------------
/Maltego Transform/transforms/ixsubdomains.py:
--------------------------------------------------------------------------------
 1 | import intelxapi, pathlib, json
 2 | from maltego_trx.maltego import UIM_TYPES
 3 | from maltego_trx.entities import Domain
 4 | 
 5 | from maltego_trx.transform import DiscoverableTransform
 6 | 
 7 | 
 8 | class ixsubdomains(DiscoverableTransform):
 9 |     @classmethod
10 |     def create_entities(cls, request, response):
11 |         domain_name = request.Value
12 |         try:
13 |             path = pathlib.Path(__file__).parent.absolute()
14 |             with open(f"{path}/../settings.json", 'r') as h:
15 |                 contents = h.read().strip('\n')
16 |                 settings = json.loads(contents)
17 |                 key = settings['APIKEY']
18 |                 h.close()
19 |             intelx = intelxapi.intelx(key, ua='IX Maltego Transform/3')
20 |             results = intelx.phonebooksearch(domain_name, target=1)
21 |             for selector in results:
22 |                 for result in selector['selectors']:
23 |                     response.addEntity(Domain, result['selectorvalue'])
24 | 
25 |         except Exception as e:
26 |             response.addUIMessage("Error: " + str(e), UIM_TYPES["partial"])


--------------------------------------------------------------------------------
/Maltego Transform/transforms/ixtreeview.py:
--------------------------------------------------------------------------------
 1 | import intelxapi, pathlib, json
 2 | from maltego_trx.maltego import UIM_TYPES
 3 | from maltego_trx.entities import URL
 4 | 
 5 | from maltego_trx.transform import DiscoverableTransform
 6 | 
 7 | import traceback
 8 | 
 9 | 
10 | class ixtreeview(DiscoverableTransform):
11 |     @classmethod
12 |     def create_entities(cls, request, response):
13 |         domain_name = request.Value
14 |         try:
15 |             path = pathlib.Path(__file__).parent.absolute()
16 |             with open(f"{path}/../settings.json", 'r') as h:
17 |                 contents = h.read().strip('\n')
18 |                 settings = json.loads(contents)
19 |                 key = settings['APIKEY']
20 |                 h.close()
21 |             intelx = intelxapi.intelx(key, ua='IX Maltego Transform/3')
22 |             history = intelx.treeview(str(request.getProperty("Indexfile")), str(request.getProperty("Bucket")))
23 |             for entry in history:
24 |                 entity = response.addEntity('intelx.searchresult', entry['name'])
25 |                 entity.addProperty('SID', 'SID', 'loose', entry['systemid'])
26 |                 entity.addProperty("Type", "Type", "loose", entry['type'])
27 |                 entity.addProperty("Media", "Media", "loose", entry['media'])
28 |                 entity.addProperty("Bucket", "Bucket", "loose", entry['bucket'])
29 | 
30 |         except Exception as e:
31 |             response.addUIMessage("Error: " + str(e), UIM_TYPES["partial"])
32 | 


--------------------------------------------------------------------------------
/Maltego Transform/transforms/ixurls.py:
--------------------------------------------------------------------------------
 1 | import intelxapi, pathlib, json
 2 | from maltego_trx.maltego import UIM_TYPES
 3 | from maltego_trx.entities import URL
 4 | 
 5 | from maltego_trx.transform import DiscoverableTransform
 6 | 
 7 | 
 8 | class ixurls(DiscoverableTransform):
 9 |     @classmethod
10 |     def create_entities(cls, request, response):
11 |         domain_name = request.Value
12 |         try:
13 |             path = pathlib.Path(__file__).parent.absolute()
14 |             with open(f"{path}/../settings.json", 'r') as h:
15 |                 contents = h.read().strip('\n')
16 |                 settings = json.loads(contents)
17 |                 key = settings['APIKEY']
18 |                 h.close()
19 |             intelx = intelxapi.intelx(key, ua='IX Maltego Transform/3')
20 |             results = intelx.phonebooksearch(domain_name, target=3)
21 |             for selector in results:
22 |                 for result in selector['selectors']:
23 |                     entity = response.addEntity(URL)
24 |                     entity.addProperty('short-title', 'Title', 'loose', result['selectorvalue'])
25 |                     entity.addProperty('url', 'URL', 'loose', result['selectorvalue'])
26 | 
27 |         except Exception as e:
28 |             response.addUIMessage("Error: " + str(e), UIM_TYPES["partial"])


--------------------------------------------------------------------------------
/PHP/index.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | error_reporting(E_ALL);
 3 | ini_set('display_errors', true);
 4 | 
 5 | require_once realpath(dirname(__FILE__) . '/lib') . '/IntelligentSearchRequest.php';
 6 | require_once realpath(dirname(__FILE__) . '/lib') . '/IntelligentSearchResult.php';
 7 | require_once realpath(dirname(__FILE__) . '/lib') . '/searchAPI.php';
 8 | 
 9 | define('LOG_API', false);
10 | define('LOG_DIR', realpath(dirname(__FILE__) . '/log'));
11 | $term = filter_input(INPUT_GET, 'searchField');
12 | ?>
13 | <!DOCTYPE html>
14 | <html lang="en">
15 | 
16 | <head>
17 | 	<meta charset="UTF-8">
18 | 	<title>Intelx.io - search results</title>
19 | </head>
20 | 
21 | <body>
22 | 
23 | 
24 | <form>
25 | 	<fieldset>
26 | 		<legend>Enter your search phrase</legend>
27 | 		<input type="search" name="searchField" placeholder="Search topics or keywords" size="50" value="<?php echo htmlspecialchars($term) ?>">
28 | 		<button type="submit" id="btnSearch">Search</button>
29 | 	</fieldset>
30 | </form>
31 | 
32 | <div id="searchResults">
33 | <?php
34 | if ('' != $term):
35 | 	$api = new searchAPI();
36 | 	$api->setApiKey('00000000-0000-0000-0000-000000000000'); // change the API key here
37 | 	$api->setApiUrl('https://2.intelx.io/');
38 | 	$request = new IntelligentSearchRequest($api);
39 | 	$request->search($term);
40 | 	foreach ($request->getResults($term) as $record): ?>
41 | 		<h3><?php echo $record->name ?> </h3>
42 | 		<?php echo $record->date ?><br><pre><?php echo $record->filePreview() ?></pre><br><a href="https://intelx.io/?did=<?php echo $record->systemid ?>" target="_blank">Full Data</a><hr>
43 | 	
44 | 	<?php endforeach; ?>
45 | <?php endif; ?>
46 | </div>
47 | 
48 | </body>
49 | 
50 | </html>


--------------------------------------------------------------------------------
/PHP/lib/IntelligentSearchRequest.php:
--------------------------------------------------------------------------------
  1 | <?php
  2 | 
  3 | class IntelligentSearchRequest
  4 | {
  5 | 	//Status
  6 | 	const STATUS_SUCCESS = 0; // Success with results,
  7 | 	const STATUS_NO_MORE_RESULTS = 1; // No more results available,
  8 | 	const STATUS_ID_NOT_FOUND = 2; // Search ID not found,
  9 | 	const STATUS_NO_RESULTS_YET = 3; // No results yet available keep trying
 10 | 
 11 | 	//Sort
 12 | 	const SORT_NO_SORTING = 0; // no sorting
 13 | 	const SORT_XSCORE_ASC = 1; // X-Score ASC
 14 | 	const SORT_XSCORE_DESC = 2; // X-Score DESC,
 15 | 	const SORT_DATE_ASC = 3; // Date ASC,
 16 | 	const SORT_DATE_DESC = 4; // Date DESC
 17 | 	
 18 | 	//Media
 19 | 	const MEDIA_NOT_SET = 0; // Not set
 20 | 	const MEDIA_PASTE = 1; // Paste
 21 | 	const MEDIA_PASTE_USER = 2; // Paste User
 22 | 	const MEDIA_FORUM = 3; // Forum
 23 | 	const MEDIA_FORUM_BOARD = 4; // Forum Board
 24 | 	const MEDIA_FORUM_THREAD = 5; // Forum Thread
 25 | 	const MEDIA_FORUM_POST = 6; // Forum Post
 26 | 	const MEDIA_FORUM_USER = 7; // Forum User
 27 | 	const MEDIA_SCREENSHOT = 8; // Screenshot of a Website
 28 | 	const MEDIA_HTML_COPY = 9; // HTML copy of a Website
 29 | 	const MEDIA_TEXT_COPY = 10; // Text copy of a Website
 30 | 	
 31 | 	private $api = null;
 32 | 	protected $term;
 33 | 	protected $buckets = [];
 34 | 	protected $maxresults = 1000;
 35 | 	protected $timeout = 0;
 36 | 	protected $datefrom = "";
 37 | 	protected $dateto = "";
 38 | 	protected $sort = self::SORT_XSCORE_DESC;
 39 | 	protected $media = self::MEDIA_NOT_SET;
 40 | 	protected $terminate = [];
 41 | 	protected $lastResult = null;
 42 | 	
 43 | 	public function __construct(searchAPI $api, $term = null)
 44 | 	{
 45 | 		$this->api = $api;
 46 | 		
 47 | 		if (null !== $term) {
 48 | 			$this->setTerm($term);
 49 | 		}
 50 | 	}
 51 | 	
 52 | 	public function getSearchData()
 53 | 	{
 54 | 		return [
 55 | 			"term" => $this->term,
 56 | 			"buckets" => $this->buckets,
 57 | 			"maxresults" => $this->maxresults,
 58 | 			"timeout" => $this->timeout,
 59 | 			"datefrom" => $this->datefrom,
 60 | 			"dateto" => $this->dateto,
 61 | 			"sort" => $this->sort,
 62 | 			"media" => $this->media,
 63 | 			"terminate" => $this->terminate,
 64 | 		];
 65 | 	}
 66 | 	
 67 | 	public function search($term = null)
 68 | 	{
 69 | 		if (null !== $term) {
 70 | 			$this->setTerm($term);
 71 | 		}
 72 | 		
 73 | 		$this->lastResult = $this->api->search($this->getSearchData());
 74 | 	}
 75 | 	
 76 | 	public function hasResult()
 77 | 	{
 78 | 		return is_array($this->lastResult) && isset($this->lastResult['id']) && $this->lastResult['status'] == self::STATUS_SUCCESS;
 79 | 	}
 80 | 	
 81 | 	public function getResults($limit = 100, $offset = 0, $previewlines = 8)
 82 | 	{
 83 | 		if ($this->hasResult()) {
 84 | 			$query = [
 85 | 				"id" => $this->lastResult['id'],
 86 | 				"limit" => $limit,
 87 | 				"offset" => $offset,
 88 | 				"previewlines" => $previewlines,
 89 | 			];
 90 | 			
 91 | 			$searchResult = $this->api->searchResult($query);
 92 | 			$result = [];
 93 | 			foreach ($searchResult["records"] as $line) {
 94 | 				$result[] = new IntelligentSearchResult($this->api, $line);
 95 | 			}
 96 | 			
 97 | 			return $result;
 98 | 		}
 99 | 	}
100 | 	
101 | 	public function terminate()
102 | 	{
103 | 		if ($this->hasResult()) {
104 | 			$this->api->searchTerminate($this->lastResult['id']);
105 | 		}
106 | 	}
107 | 	
108 | 		/**
109 | 	 * @param mixed $term
110 | 	 */
111 | 	public function setTerm($term)
112 | 	{
113 | 		$this->term = $term;
114 | 	}
115 | 	
116 | 	/**
117 | 	 * @param array $buckets
118 | 	 */
119 | 	public function setBuckets($buckets)
120 | 	{
121 | 		$this->buckets = $buckets;
122 | 	}
123 | 	
124 | 	/**
125 | 	 * @param int $maxresults
126 | 	 */
127 | 	public function setMaxresults($maxresults)
128 | 	{
129 | 		$this->maxresults = $maxresults;
130 | 	}
131 | 	
132 | 	/**
133 | 	 * @param int $timeout
134 | 	 */
135 | 	public function setTimeout($timeout)
136 | 	{
137 | 		$this->timeout = $timeout;
138 | 	}
139 | 	
140 | 	/**
141 | 	 * @param string $datefrom
142 | 	 */
143 | 	public function setDatefrom($datefrom)
144 | 	{
145 | 		$this->datefrom = $datefrom;
146 | 	}
147 | 	
148 | 	/**
149 | 	 * @param string $dateto
150 | 	 */
151 | 	public function setDateto($dateto)
152 | 	{
153 | 		$this->dateto = $dateto;
154 | 	}
155 | 	
156 | 	/**
157 | 	 * @param int $sort
158 | 	 */
159 | 	public function setSort($sort)
160 | 	{
161 | 		$this->sort = $sort;
162 | 	}
163 | 	
164 | 	/**
165 | 	 * @param int $media
166 | 	 */
167 | 	public function setMedia($media)
168 | 	{
169 | 		$this->media = $media;
170 | 	}
171 | 	
172 | 	/**
173 | 	 * @param array $terminate
174 | 	 */
175 | 	public function setTerminate($terminate)
176 | 	{
177 | 		$this->terminate = $terminate;
178 | 	}
179 | }


--------------------------------------------------------------------------------
/PHP/lib/IntelligentSearchResult.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | class IntelligentSearchResult
 4 | {
 5 | 	private $api = null;
 6 | 	protected $data;
 7 | 	
 8 | 	public function __construct(searchAPI $api, $data)
 9 | 	{
10 | 		$this->api = $api;
11 | 		$this->data = $data;
12 | 	}
13 | 	
14 | 	public function __get($name)
15 | 	{
16 | 		return isset($this->data[$name]) ? $this->data[$name] : null;
17 | 	}
18 | 	
19 | 	public function fileRead()
20 | 	{
21 | 		return $this->api->fileRead($this->storageid, $this->systemid);
22 | 	}
23 | 	
24 | 	public function fileView()
25 | 	{
26 | 		return $this->api->fileView($this->storageid);
27 | 	}
28 | 
29 | 	public function filePreview()
30 | 	{
31 | 		return $this->api->filePreview($this->storageid);
32 | 	}
33 | }


--------------------------------------------------------------------------------
/PHP/lib/searchAPI.php:
--------------------------------------------------------------------------------
  1 | <?php
  2 | 
  3 | class searchAPI
  4 | {
  5 | 	const DOWNLOAD_TYPE_BINARY = 0; // Raw binary
  6 | 	const DOWNLOAD_TYPE_BINARY_DISPOSITION = 1; // Raw binary with content disposition and optional file &name=[name] as parameter; Filename: "[System ID].bin" or "[Storage ID].bin" unless specified in the name parameter
  7 | 
  8 | 	//Format:
  9 | 	const FORMAT_TEXT = 0; // Text view, any non-printable characters shall be removed, UTF-8 encoding.
 10 | 	const FORMAT_HEX = 1; // Hex view of data.
 11 | 	const FORMAT_AUTODETECT = 2; // Auto-detect hex view or text view.
 12 | 	const FORMAT_PICTURE = 3; // Picture view.
 13 | 	const FORMAT_NOT_SUPPORTED = 4; // Not supported.
 14 | 	const FORMAT_HTML = 5; // HTML inline view. Content will be sanitized and modified!
 15 | 	const FORMAT_PDF_TEXT = 6; // Text view of PDF. Content will be automatically converted.
 16 | 	const FORMAT_PDF_HTML = 7; // Text view of HTML.
 17 | 	const FORMAT_WORD_TEXT = 8; // Text view of Word files (DOC/DOCX/RTF).
 18 | 	
 19 | 	protected $API_KEY;
 20 | 	protected $API_URL;
 21 | 	
 22 | 	public function __construct()
 23 | 	{
 24 | 	}
 25 | 	
 26 | 	/**
 27 | 	 * @param string $API_KEY
 28 | 	 */
 29 | 	public function setApiKey($API_KEY)
 30 | 	{
 31 | 		$this->API_KEY = $API_KEY;
 32 | 	}
 33 | 	
 34 | 	/**
 35 | 	 * @param string $API_URL
 36 | 	 */
 37 | 	public function setApiUrl($API_URL)
 38 | 	{
 39 | 		$this->API_URL = $API_URL;
 40 | 	}
 41 | 	
 42 | 	/**
 43 | 	 * Submits an intelligent search request
 44 | 	 * /intelligent/search
 45 | 	 */
 46 | 	public function search($query)
 47 | 	{
 48 | 		return $this->call('POST', 'intelligent/search', [], $query);
 49 | 	}
 50 | 	
 51 | 	/**
 52 | 	 * Returns selected results
 53 | 	 * /intelligent/search/result
 54 | 	 */
 55 | 	public function searchResult($query)
 56 | 	{
 57 | 		return $this->call('GET', 'intelligent/search/result', $query);
 58 | 	}
 59 | 	
 60 | 	/**
 61 | 	 * Terminates a search
 62 | 	 * /intelligent/search/terminate
 63 | 	 */
 64 | 	public function searchTerminate($uuid)
 65 | 	{
 66 | 		return $this->call('GET', 'intelligent/search/terminate', ['id' => $uuid]);
 67 | 	}
 68 | 	
 69 | 	/**
 70 | 	 * Submits a phone book alike search
 71 | 	 * /phonebook/search
 72 | 	 */
 73 | 	public function phonebookSearch($term)
 74 | 	{
 75 | 		$post = [
 76 | 			"term" => $term,
 77 | 			"buckets" => [],
 78 | 			"maxresults" => 1000,
 79 | 			"timeout" => 0,
 80 | 			"datefrom" => "",
 81 | 			"dateto" => "",
 82 | 			"sort" => 2,
 83 | 			"media" => 0,
 84 | 			"terminate" => [],
 85 | 		];
 86 | 		
 87 | 		return $this->call('POST', 'intelligent/search', [], $post);
 88 | 	}
 89 | 
 90 | 	/**
 91 | 	 * Returns results
 92 | 	 * /phonebook/search/result
 93 | 	 */
 94 |  	public function phonebookSearchResult($query)
 95 | 	{
 96 | 		return $this->call('GET', 'phonebook/search/result', $query);
 97 | 	}
 98 | 	
 99 | 	/**
100 | 	 * Reads an items data for download
101 | 	 * /file/read
102 | 	 */
103 | 	public function fileRead($storageid, $systemid, $bucket = '', $download_type = 0)
104 | 	{
105 | 		return $this->call('GET', 'file/read', [
106 | 			'type' => $download_type, 
107 | 			'storageid' => $storageid, 
108 | 			'systemid' => $systemid, 
109 | 			'bucket' => $bucket,
110 | 		]);
111 | 	}
112 | 	
113 | 	/**
114 | 	 * Reads an items data for detailed inline view
115 | 	 * /file/view
116 | 	 */
117 | 	public function fileView($storageid, $bucket = '', $format = 0)
118 | 	{
119 | 		return $this->call('GET', 'file/view', [
120 | 			'f' => $format,
121 | 			'storageid' => $storageid,
122 | 			'bucket' => $bucket,
123 | 		]);
124 | 	}
125 | 	
126 | 	/**
127 | 	 * Reads an items data for preview
128 | 	 * /file/preview
129 | 	 */
130 | 	public function filePreview($storageid, $contentType = 1, $mediaType = 1, $targetFormat = 0, $bucket = '', $e = 0)
131 | 	{
132 | 		return $this->call('GET', 'file/preview', [
133 | 			'sid' => $storageid,
134 | 			'f' => $targetFormat,
135 | 			'c' => $contentType,
136 | 			'm' => $mediaType,
137 | 			'b' => $bucket,
138 | 			'k' => $this->API_KEY,
139 | 		]);
140 | 	}
141 | 	
142 | 	
143 | 	protected function call($type, $link, $query = [], $post = null)
144 | 	{
145 | 		$url = $this->API_URL . $link;
146 | 		
147 | 		$url .= '?' . http_build_query($query);
148 | 		
149 | 		$ch = curl_init($url);
150 | 		curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
151 | 		curl_setopt($ch, CURLINFO_HEADER_OUT, true);
152 | 		$headers = ["x-key: " . $this->API_KEY];
153 | 		if ($type == 'GET') {
154 | 		} elseif ($type == 'POST') {
155 | 			curl_setopt($ch, CURLOPT_POST, 1);
156 | 			curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($post));
157 | 			$headers[] = "Content-type: application/json";
158 | 		}
159 | 		curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
160 | 		
161 | 		$server_output = curl_exec($ch);
162 | 		$status = curl_getinfo($ch);
163 | 		curl_close($ch);
164 | 		
165 | 		self::log($url, $post, $server_output, $status);
166 | 		
167 | 		switch($status["http_code"]) {
168 | 			case 200:
169 | 				$data = json_decode($server_output, true);
170 | 				return json_last_error() == JSON_ERROR_NONE ? $data : $server_output;
171 | 				break;
172 | 			case 400:
173 | 				// invalid request
174 | 				break;
175 | 			case 404:
176 | 				// unknown service
177 | 				break;
178 | 			case 500:
179 | 				// service error
180 | 				break;
181 | 			case 0:
182 | 				// host not found
183 | 				break;
184 | 		}
185 | 		
186 | 		return false;
187 | 	}
188 | 	
189 | 	protected static function log($url, $post, $server_output, $status)
190 | 	{
191 | 		if (LOG_API) {
192 | 			$text = $url . "\n";
193 | 			if (is_array($post) && count($post)) {
194 | 				$text .= "  POST: " . json_encode($post);
195 | 			}
196 | 			$text .= "\n  RESULT: " . $server_output;
197 | 			$text .= "\n  INFO: " . json_encode($status);
198 | 			
199 | 			$log_file = LOG_DIR . '/search_api_' . date('Y-m-d') . '.log';
200 | 			file_put_contents($log_file, date('Y-m-d H:i:s ') . $text . "\n\n", FILE_APPEND);
201 | 		}
202 | 	}
203 | 	
204 | }


--------------------------------------------------------------------------------
/Python/.github/workflows/duolabs-dlint.yml:
--------------------------------------------------------------------------------
 1 | name: 'Duo Dlint'
 2 | 
 3 | on:
 4 |   push:
 5 |   pull_request:
 6 | 
 7 | jobs:
 8 |   security_checks:
 9 |     # runs-on: ubuntu-latest
10 |     runs-on: ubuntu-22.04
11 |     name: Execute the Duo Dlint action
12 |     steps:
13 |     - uses: actions/checkout@v4
14 |     - name: Set up Python 3.12
15 |       uses: actions/setup-python@v5
16 |       with:
17 |         python-version: 3.12
18 |     - name: Run Dlint from Duo
19 |       run: |
20 |         cd ./Python
21 |         pip3 install -e .
22 |         pip3 freeze > requirements.txt
23 |         pip3 install dlint
24 |         python3 -m flake8 --select=DUO ./Python
25 | 


--------------------------------------------------------------------------------
/Python/.github/workflows/pycharm-security.yml:
--------------------------------------------------------------------------------
 1 | name: 'PyCharm Security'
 2 | 
 3 | on:
 4 |   push:
 5 |   pull_request:
 6 |   schedule:
 7 |     - cron: '* * 3 * *'
 8 | 
 9 | jobs:
10 |   security_checks:
11 |     # runs-on: ubuntu-latest
12 |     runs-on: ubuntu-22.04
13 |     name: Execute the pycharm-security action
14 |     steps:
15 |       - uses: actions/checkout@v4    
16 |       - name: Set up Python 3.12
17 |         uses: actions/setup-python@v5
18 |         with:
19 |           python-version: 3.12
20 |       - name: Run PyCharm Security
21 |         uses: tonybaloney/pycharm-security@master
22 |         with:
23 |           path: Python/
24 | 


--------------------------------------------------------------------------------
/Python/.github/workflows/pycqa-pytest.yml:
--------------------------------------------------------------------------------
 1 | # This workflow will install Python dependencies, run tests and lint with a single version of Python
 2 | # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-python
 3 | 
 4 | name: 'PyCQA pytest'
 5 | 
 6 | on:
 7 |   push:
 8 |   pull_request:
 9 | 
10 | permissions:
11 |   contents: read
12 | 
13 | jobs:
14 |   build:
15 | 
16 |     # runs-on: ubuntu-latest
17 |     runs-on: ubuntu-22.04
18 |     strategy:
19 |       matrix:
20 |         python-version: ["3.9", "3.10", "3.11", "3.12"]
21 | 
22 |     steps:
23 |     - uses: actions/checkout@v4
24 |     - name: Set up Python 3 minor releases
25 |       uses: actions/setup-python@v5
26 |       with:
27 |         python-version: ${{ matrix.python-version }}
28 |     # You can test your matrix by printing the current Python version
29 |     - name: Display Python version
30 |       run: python -c "import sys; print(sys.version)"
31 |     - name: Install dependencies
32 |       run: |
33 |         cd ./Python
34 |         python -m pip install --upgrade pip
35 |         pip install pytest
36 |         if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
37 |     - name: Test with pytest
38 |       run: |
39 |         pytest
40 | 


--------------------------------------------------------------------------------
/Python/.github/workflows/pyup-safety.yml:
--------------------------------------------------------------------------------
 1 | name: 'PyUp Safety'
 2 | 
 3 | on:
 4 |   push:
 5 |   pull_request:
 6 |   schedule:
 7 |     - cron: '* * 3 * *'
 8 | 
 9 | jobs:
10 |   security:
11 | 
12 |     # runs-on: ubuntu-latest
13 |     runs-on: ubuntu-22.04
14 | 
15 |     steps:
16 |     - uses: actions/checkout@v4
17 |     - name: Set up Python 3.12
18 |       uses: actions/setup-python@v5
19 |       with:
20 |         python-version: 3.12
21 |     - name: Run safety from PyUp
22 |       run: |
23 |         cd ./Python
24 |         pip3 install -e .
25 |         pip3 freeze > requirements.txt
26 |         pip3 install safety
27 |         safety check -r requirements.txt
28 | 


--------------------------------------------------------------------------------
/Python/.github/workflows/sonatype-jack.yml:
--------------------------------------------------------------------------------
 1 | name: 'Sonatype Jake'
 2 | 
 3 | on:
 4 |   push:
 5 |   pull_request:
 6 |   schedule:
 7 |     - cron: '* * 3 * *'
 8 | 
 9 | jobs:
10 |   security:
11 |     # runs-on: ubuntu-latest
12 |     runs-on: ubuntu-22.04
13 | 
14 |     steps:
15 |       - uses: actions/checkout@v4
16 |       - name: Set up Python 3.12
17 |         uses: actions/setup-python@v5
18 |         with:
19 |           python-version: 3.12
20 | 
21 |       - name: Run jake from Sonatype
22 |         run: |
23 |           
24 |           cd ./Python
25 |           pip3 install pipenv
26 |           pipenv install --dev build
27 |           pipenv install -e .
28 |           pipenv run pip freeze > requirements.txt
29 |           pipenv install --dev jake
30 |           pipenv run jake ddt --whitelist jake-whitelist.json
31 | 


--------------------------------------------------------------------------------
/Python/.pre-commit-config.yaml:
--------------------------------------------------------------------------------
 1 | # See https://pre-commit.com for more information
 2 | # See https://pre-commit.com/hooks.html for more hooks
 3 | repos:
 4 | #https://commitizen-tools.github.io/commitizen/getting_started/#integration-with-pre-commit
 5 | -   repo: https://github.com/commitizen-tools/commitizen
 6 |     rev: v4.1.0
 7 |     hooks:
 8 |     -   id: commitizen
 9 | -   repo: https://github.com/pre-commit/pre-commit-hooks
10 |     rev: v5.0.0
11 |     hooks:
12 |     -   id: trailing-whitespace
13 |     -   id: end-of-file-fixer
14 |     -   id: check-yaml
15 |     -   id: check-added-large-files
16 | # https://github.com/codespell-project/codespell?tab=readme-ov-file#pre-commit-hook
17 | -   repo: https://github.com/codespell-project/codespell
18 |     rev: v2.3.0
19 |     hooks:
20 |     -   id: codespell
21 | # https://github.com/markdownlint/markdownlint/blob/main/.pre-commit-hooks.yaml
22 | -   repo: https://github.com/markdownlint/markdownlint
23 |     rev: v0.12.0
24 |     hooks:
25 |     -   id: markdownlint
26 |         name: Markdownlint
27 |         description: Run markdownlint on your Markdown files
28 |         entry: mdl -r ~MD024,~MD025,~MD029
29 |         language: ruby
30 |         files: \.(md|mdown|markdown)
31 | # https://github.com/abravalheri/validate-pyproject?tab=readme-ov-file#pre-commit
32 | -   repo: https://github.com/abravalheri/validate-pyproject
33 |     rev: v0.23
34 |     hooks:
35 |     -   id: validate-pyproject
36 |         # Optional extra validations from SchemaStore:
37 |         additional_dependencies: ["validate-pyproject-schema-store[all]"]
38 | # https://github.com/kieran-ryan/pyprojectsort?tab=readme-ov-file#using-pyprojectsort-with-pre-commit
39 | -   repo: https://github.com/kieran-ryan/pyprojectsort
40 |     rev: v0.4.0
41 |     hooks:
42 |     -   id: pyprojectsort
43 |         entry: pyprojectsort ./Python/pyproject.toml
44 | # https://pycqa.github.io/isort/docs/configuration/pre-commit.html
45 | -   repo: https://github.com/pycqa/isort
46 |     rev: 5.13.2
47 |     hooks:
48 |     -   id: isort
49 |         name: isort (python)
50 |     -   id: isort
51 |         name: isort (cython)
52 |         types: [cython]
53 |     -   id: isort
54 |         name: isort (pyi)
55 |         types: [pyi]
56 | 


--------------------------------------------------------------------------------
/Python/README.md:
--------------------------------------------------------------------------------
  1 | # intelx.py
  2 | 
  3 | intelx.py is a Python command-line utility and API wrapper for intelx.io, made
  4 | to perform any kind of open-source intelligence.
  5 | 
  6 | ![](scripts/screenshot1.png)
  7 | 
  8 | ## Installation
  9 | 
 10 | ### Python Packaging Index
 11 | 
 12 | ```bash
 13 | pip install intelx
 14 | ```
 15 | 
 16 | ```bash
 17 | pip install --index-url https://pypi.python.org/simple/ intelx
 18 | ```
 19 | 
 20 | ### GitHub
 21 | 
 22 | ```bash
 23 | pip install "intelx @ git+https://github.com/IntelligenceX/SDK#subdirectory=Python"
 24 | ```
 25 | 
 26 | ```bash
 27 | git clone https://github.com/IntelligenceX/SDK
 28 | cd Python
 29 | pip3 install -e .
 30 | ```
 31 | 
 32 | ## Setup
 33 | 
 34 | To specify the API key to use, you can choose one of two options:
 35 | 
 36 | * Setting the `INTELX_KEY` environment variable.
 37 | * Manually supplying the `-apikey` argument.
 38 | 
 39 | You can get your API key [here](https://intelx.io/account?tab=developer)
 40 | 
 41 | ### Environment Variable
 42 | 
 43 | ```bash
 44 | # create an INTELX_KEY env var with your API key.
 45 | export INTELX_KEY=00000000-0000-0000-0000-000000000000
 46 | ```
 47 | 
 48 | ### Via the client
 49 | 
 50 | ```bash
 51 | intelx.py -search riseup.net -apikey 00000000-0000-0000-0000-000000000000
 52 | ```
 53 | 
 54 | ## Configuration
 55 | 
 56 | On windows, we need to manually configure the command prompt/terminal in order
 57 | to enable color support. You can do that with the following instructions:
 58 | 
 59 | 1. Create following file `Enable Color.reg`
 60 | 
 61 | ```
 62 | Windows Registry Editor Version 5.00
 63 | [HKEY_CURRENT_USER\Console]
 64 | "VirtualTerminalLevel"=dword:00000001
 65 | ```
 66 | 
 67 | 2. Right Click `Enable Color.reg` -> Merge
 68 | 
 69 | ## Usage
 70 | 
 71 | ### Quick search
 72 | 
 73 | ```bash
 74 | intelx.py -search riseup.net
 75 | ```
 76 | 
 77 | #### Quick search in buckets
 78 | 
 79 | ```bash
 80 | intelx.py -search riseup.net -buckets "pastes, darknet.tor"
 81 | ```
 82 | 
 83 | #### Search with 100 results
 84 | 
 85 | ```bash
 86 | intelx.py -search riseup.net -limit 100
 87 | ```
 88 | 
 89 | #### Download Item
 90 | 
 91 | The `-download` argument will set the HTTP request type to a stream,
 92 | ultimately returning the raw bytes.
 93 | This allows us to download documents such as PDFs, ZIP, Word documents, Excel,
 94 | etc.
 95 | The `-bucket` argument is also required.
 96 | You may set the filename with the `-name` argument.
 97 | 
 98 | ```bash
 99 | # save item as test.pdf
100 | intelx.py -download 29a97791-1138-40b3-8cf1-de1764e9d09c -bucket
101 | leaks.private.general -name test.txt
102 | ```
103 | 
104 | #### View Item
105 | 
106 | To view the full data of a specific search result, specify the item's ID and
107 | use the `--view` parameter:
108 | 
109 | ```bash
110 | intelx.py -search 3a4d5699-737c-4d22-8dbd-c5391ce805df --view
111 | ```
112 | 
113 | #### Extract Email from Phonebook Search
114 | 
115 | ```bash
116 | intelx.py -search cia.gov --phonebook emails
117 | ```
118 | 
119 | ### Identity Portal
120 | 
121 | #### Export Accounts
122 | 
123 | ```bash
124 | intelx.py -identity riseup.net --exportaccounts
125 | ```
126 | 
127 | #### Data Leaks
128 | 
129 | ```bash
130 | intelx.py -identity riseup.net --dataleaks
131 | ```
132 | 
133 | # Usage as a library
134 | 
135 | To use IntelX it as a library, all you have to do is import it in your
136 | project, and initialize the class. If you supply an API key, it will use that,
137 | if not, it will automatically select the public API key (limited
138 | functionality).
139 | 
140 | ```python
141 | from intelxapi import intelx
142 | intelx = intelx()
143 | ```
144 | 
145 | Once you have done that, you can use any of the functions defined in the class.
146 | 
147 | ## Quick search
148 | 
149 | To execute a quick search, we can easily just use the `intelx.search()`
150 | function.
151 | 
152 | ```python
153 | from intelxapi import intelx
154 | 
155 | intelx = intelx('00000000-0000-0000-0000-000000000000')
156 | results = intelx.search('hackerone.com')
157 | ```
158 | 
159 | ### Advanced search
160 | 
161 | By default, the `maxresults` limit is set to 100 to avoid unnecessarily
162 | overloading the system. This value can be overridden at any time by setting
163 | the maxresults argument. Note that server side limitations might be still
164 | enforced by the API.
165 | 
166 | ```python
167 | from intelxapi import intelx
168 | 
169 | intelx = intelx('00000000-0000-0000-0000-000000000000')
170 | results = intelx.search('hackerone.com', maxresults=200)
171 | ```
172 | 
173 | The following arguments have default values, but can be overridden to your
174 | choosing:
175 | 
176 | * maxresults=100
177 | * buckets=[]
178 | * timeout=5
179 | * datefrom=""
180 | * dateto=""
181 | * sort=4
182 | * media=0
183 | * terminate=[]
184 | 
185 | Timeout is in seconds.
186 | 
187 | #### Searching in specific Buckets
188 | 
189 | To search a for a term within specific buckets (leaks & darknet), you can use
190 | the following sample code:
191 | 
192 | ```python
193 | from intelxapi import intelx
194 | 
195 | b = ['darknet', 'leaks.public', 'leaks.private']
196 | 
197 | intelx = intelx('00000000-0000-0000-0000-000000000000')
198 | results = intelx.search('hackerone.com', maxresults=200, buckets=b)
199 | ```
200 | 
201 | `results` contains the search results.
202 | 
203 | Note that your account must have access to all specified buckets, otherwise
204 | you will receive the HTTP status code `401 Unauthorized`. The "leaks.private"
205 | bucket is only available to certain licenses.
206 | 
207 | #### Filtering by Date
208 | 
209 | Results can be filterede by date. When setting the `dateto` and `datefrom`
210 | options, both must be specified. The times have to be included.
211 | 
212 | ```python
213 | from intelxapi import intelx
214 | 
215 | startdate = "2014-01-01 00:00:00"
216 | enddate = "2014-02-02 23:59:59"
217 | 
218 | intelx = intelx('00000000-0000-0000-0000-000000000000')
219 | 
220 | results = intelx.search(
221 |    'riseup.net',
222 |    maxresults=200,
223 |    datefrom=startdate,
224 |    dateto=enddate
225 | )
226 | ```
227 | 
228 | #### Filtering by Data Type
229 | 
230 | We can filter results based on their data type using the `media` argument.
231 | 
232 | Using the following script, we can filter paste documents dated between
233 | 2014-01-01 and 2014-02-02 that have been collected.
234 | 
235 | You can find a table below with all the media types and their respective IDs.
236 | 
237 | ```python
238 | from intelxapi import intelx
239 | 
240 | media_type = 1 # Paste document
241 | startdate = "2014-01-01 00:00:00"
242 | enddate = "2014-02-02 23:59:59"
243 | 
244 | intelx = intelx('00000000-0000-0000-0000-000000000000')
245 | 
246 | results = intelx.search(
247 |    'riseup.net',
248 |    maxresults=200,
249 |    media=media_type,
250 |    datefrom=startdate,
251 |    dateto=enddate
252 | )
253 | ```
254 | 
255 | #### Statistics
256 | 
257 | To collect statistics, use the following code:
258 | 
259 | ```python
260 | from intelxapi import intelx
261 | 
262 | intelx = intelx('00000000-0000-0000-0000-000000000000')
263 | 
264 | results = intelx.search(
265 |    'riseup.net',
266 |    maxresults=1000,
267 | )
268 | 
269 | stats = intelx.stats(search)
270 | print(stats)
271 | ```
272 | 
273 | ### Viewing/reading files
274 | 
275 | There is one fundamental difference between the `FILE_VIEW` function and
276 | `FILE_READ` function. Viewing is for quickly viewing contents of a file
277 | (generally assumed to be text).
278 | 
279 | `FILE_READ`, on the other hand, is for direct data download.
280 | 
281 | This means if the resource is a ZIP/Binary or any other type of file, you can
282 | reliably get the contents without any encoding issues.
283 | 
284 | #### Viewing
285 | 
286 | ```python
287 | from intelxapi import intelx
288 | 
289 | intelx = intelx()
290 | results = intelx.search('riseup.net')
291 | 
292 | # use the first result
293 | result = results['records'][0]
294 | 
295 | # grab file contents of first search result
296 | contents = intelx.FILE_VIEW(result['type'], result['media'],
297 |                             result['storageid'], result['bucket'])
298 | 
299 | print(contents)
300 | ```
301 | 
302 | #### Reading
303 | 
304 | To download/read a file's raw data, use the `FILE_READ` function. The file in
305 | the below example will be saved as `file.txt`.
306 | 
307 | ```python
308 | from intelxapi import intelx
309 | 
310 | intelx = intelx()
311 | results = intelx.search('riseup.net')
312 | 
313 | # save the first search result file as "file.txt"
314 | intelx.FILE_READ(results['records'][0]['systemid'], 0,
315 |                  results['records'][0]['bucket'], "file.txt")
316 | ```
317 | 
318 | ### Other Notes
319 | 
320 | #### Media Types
321 | 
322 | Here is a table listing the media types, along with their respective IDs.
323 | 
324 | | ID            | Media Type                         |
325 | | ------------- | -----------------------------------|
326 | | 0             | All                                |
327 | | 1             | Paste document                     |
328 | | 2             | Paste user                         |
329 | | 3             | Forum                              |
330 | | 4             | Forum board                        |
331 | | 5             | Forum thread                       |
332 | | 6             | Forum post                         |
333 | | 7             | Forum user                         |
334 | | 8             | Screenshot of website              |
335 | | 9             | HTML copy of website               |
336 | | 13            | Tweet                              |
337 | | 14            | URL                                |
338 | | 15            | PDF document                       |
339 | | 16            | Word document                      |
340 | | 17            | Excel document                     |
341 | | 18            | Powerpoint document                |
342 | | 19            | Picture                            |
343 | | 20            | Audio file                         |
344 | | 21            | Video file                         |
345 | | 22            | Container file (ZIP/RAR/TAR, etc)  |
346 | | 23            | HTML file                          |
347 | | 24            | Text file                          |
348 | 
349 | #### Format Types
350 | 
351 | | ID |      Format Type                    |
352 | |----|-------------------------------------|
353 | | 0  |   textview of content                |
354 | | 1  |   hex view of content                |
355 | | 2  |   auto detect hex view or text view  |
356 | | 3  |   picture view                       |
357 | | 4  |   not supported                      |
358 | | 5  |   html inline view (sanitized)       |
359 | | 6  |   text view of pdf                   |
360 | | 7  |   text view of html                  |
361 | | 8  |   text view of word file             |
362 | 
363 | # Contribute
364 | 
365 | Please use the [issue tracker](https://github.com/IntelligenceX/Python/issues)
366 | to report any bugs, security vulnerabilities or feature requests.
367 | 
368 | Includes contributions from [CSIRTAmericas](https://github.com/CSIRTAmericas/pyintelxio)
369 | , [zer0pwn](https://github.com/zeropwn/intelx.py) and
370 | [others](https://github.com/IntelligenceX/SDK/graphs/contributors)
371 | 


--------------------------------------------------------------------------------
/Python/changelog/0.6.3-CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 | 
3 | All notable changes to this project will be documented in this file.
4 | 
5 | ## 🚀 Features
6 | 
7 | - Identity Export Accounts TSV Output
8 | 


--------------------------------------------------------------------------------
/Python/examples/advanced_search.py:
--------------------------------------------------------------------------------
 1 | from intelxapi import intelx
 2 | 
 3 | intelx = intelx()
 4 | target = 'riseup.net'
 5 | 
 6 | 
 7 | def get_pastes(target):
 8 |     search = intelx.search(target, buckets=['pastes'], maxresults=2000)
 9 |     record_count = len(search['records'])
10 |     print(f"Found {record_count} records for {target} in bucket 'pastes'")
11 | 
12 | 
13 | def get_leaks(target):
14 |     search = intelx.search(target, buckets=['leaks.public', 'leaks.private'], maxresults=2000)
15 |     record_count = len(search['records'])
16 |     print(f"Found {record_count} records for {target} in bucket 'leaks'")
17 | 
18 | 
19 | def get_darknet(target):
20 |     search = intelx.search(target, buckets=['darknet'], maxresults=2000)
21 |     record_count = len(search['records'])
22 |     print(f"Found {record_count} records for {target} in bucket 'darknet'")
23 | 
24 | 
25 | if __name__ == '__main__':
26 |     get_leaks(target)
27 |     get_pastes(target)
28 |     get_darknet(target)
29 | 


--------------------------------------------------------------------------------
/Python/examples/download.py:
--------------------------------------------------------------------------------
1 | from intelxapi import intelx
2 | 
3 | intelx = intelx()
4 | search = intelx.search('riseup.net')
5 | 
6 | # save the first search result file as "file.contents"
7 | intelx.FILE_READ(search['records'][0]['systemid'], 0, search['records'][0]['bucket'], "file1.bin")
8 | 


--------------------------------------------------------------------------------
/Python/examples/fileview.py:
--------------------------------------------------------------------------------
 1 | from intelxapi import intelx
 2 | 
 3 | intelx = intelx()
 4 | result = intelx.search('riseup.net')
 5 | 
 6 | # grab file contents of first search result
 7 | contents = intelx.FILE_VIEW(result['records'][0]['type'], result['records'][0]['media'], result['records'][0]['storageid'], result['records'][0]['bucket'])
 8 | 
 9 | print(contents)
10 | 


--------------------------------------------------------------------------------
/Python/examples/search.py:
--------------------------------------------------------------------------------
 1 | from intelxapi import intelx
 2 | 
 3 | startdate = "2014-01-01 00:00:00"
 4 | enddate = "2015-02-02 23:00:00"
 5 | 
 6 | intelx = intelx()
 7 | search = intelx.search('riseup.net')
 8 | 
 9 | for record in search['records']:
10 |     print(f"Found media type {record['media']} in {record['bucket']}")
11 | 


--------------------------------------------------------------------------------
/Python/examples/stats.py:
--------------------------------------------------------------------------------
 1 | from intelxapi import intelx
 2 | 
 3 | intelx = intelx()
 4 | 
 5 | search = intelx.search(
 6 |   'riseup.net',
 7 |   maxresults=1000,
 8 | )
 9 | 
10 | stats = intelx.stats(search)
11 | print(stats)
12 | 


--------------------------------------------------------------------------------
/Python/intelx/intelx_identity.py:
--------------------------------------------------------------------------------
  1 | import time
  2 | from intelxapi import intelx
  3 | import requests
  4 | 
  5 | 
  6 | class IdentityService(intelx):
  7 | 
  8 |     def __init__(self, api_key, user_agent='IX-Python/0.6'):
  9 |         super().__init__(api_key, user_agent)
 10 |         self.API_ROOT = 'https://3.intelx.io'
 11 |         self.HEADERS = {'X-Key': self.API_KEY, 'User-Agent': self.USER_AGENT}
 12 |         self.PAUSE_BETWEEN_REQUESTS = 1
 13 | 
 14 |     def get_search_results(self, id, format=1, maxresults=100):
 15 |         params = {'id': id, 'format': format, 'limit': maxresults}
 16 |         r = requests.get(self.API_ROOT + '/live/search/result',
 17 |                          params, headers=self.HEADERS)
 18 |         if r.status_code == 200:
 19 |             return r.json()
 20 |         else:
 21 |             return r.status_code
 22 | 
 23 |     def idsearch(self, term, maxresults=100, buckets="", timeout=5, datefrom="", dateto="",
 24 |                terminate=[], analyze=False, skip_invalid=False):
 25 |         p = {
 26 |             "selector": term,
 27 |             "bucket": buckets,
 28 |             "skipinvalid": skip_invalid,
 29 |             "limit": maxresults,
 30 |             "analyze": analyze,
 31 |             "datefrom": datefrom,  # "YYYY-MM-DD HH:MM:SS",
 32 |             "dateto": dateto,  # "YYYY-MM-DD HH:MM:SS"
 33 |             "terminate": terminate,
 34 |         }
 35 |         done = False
 36 |         results = []
 37 |         r = requests.get(self.API_ROOT + '/live/search/internal',
 38 |                          headers=self.HEADERS, params=p)
 39 |         if r.status_code == 200:
 40 |             search_id = r.json()['id']
 41 |         else:
 42 |             return (r.status_code, r.text)
 43 |         if (len(str(search_id)) <= 3):
 44 |             print(
 45 |                 f"[!] intelx.IDENTITY_SEARCH() Received {self.get_error(search_id)}")
 46 |         while not done:
 47 |             time.sleep(self.PAUSE_BETWEEN_REQUESTS)
 48 |             r = self.get_search_results(search_id, maxresults=maxresults)
 49 |             if (r["status"] == 0 and r["records"]):
 50 |                 for a in r['records']:
 51 |                     results.append(a)
 52 |                 maxresults -= len(r['records'])
 53 |             if (r['status'] == 2 or maxresults <= 0):
 54 |                 for a in r['records']:
 55 |                     results.append(a)
 56 |                 if (maxresults <= 0):
 57 |                     self.terminate_search(search_id)
 58 |                 done = True
 59 |             if r['status'] == 3:
 60 |                 self.terminate_search(search_id)
 61 |                 done = True
 62 |         return {'records': results}
 63 | 
 64 |     def terminate_search(self, id):
 65 |         p = {
 66 |             "id": id,
 67 |         }
 68 |         r = requests.get(self.API_ROOT + '/live/search/internal',
 69 |                          headers=self.HEADERS, params=p)
 70 |         if r.status_code == 204:
 71 |             return (r.status_code, r.text)
 72 |         else:
 73 |             return (r.status_code, r.text)
 74 | 
 75 |     def export_accounts(self, term, datefrom=None, dateto=None, maxresults=10, buckets="", terminate=None):
 76 |         p = {
 77 |             "selector": term,
 78 |             "bucket": buckets,
 79 |             "limit": maxresults,
 80 |             "datefrom": datefrom,  # "YYYY-MM-DD HH:MM:SS",
 81 |             "dateto": dateto,  # "YYYY-MM-DD HH:MM:SS"
 82 |             "terminate": terminate,
 83 |         }
 84 |         done = False
 85 |         results = []
 86 |         r = requests.get(self.API_ROOT + '/accounts/csv',
 87 |                          headers=self.HEADERS, params=p)
 88 |         if r.status_code == 200:
 89 |             search_id = r.json()['id']
 90 |             if (len(str(search_id)) <= 3):
 91 |                 print(
 92 |                     f"[!] intelx.IDENTITY_EXPORT() Received {self.get_error(search_id)}")
 93 |             while not done:
 94 |                 time.sleep(self.PAUSE_BETWEEN_REQUESTS)
 95 |                 r = self.get_search_results(search_id, maxresults=maxresults)
 96 |                 if (r["status"] == 0 and r["records"]):
 97 |                     for a in r['records']:
 98 |                         results.append(a)
 99 |                     maxresults -= len(r['records'])
100 |                 if (r['status'] == 2 or maxresults <= 0):
101 |                     if (maxresults <= 0):
102 |                         self.terminate_search(search_id)
103 |                     done = True
104 |             return {'records': results}
105 |         else:
106 |             return (r.status_code, r.text)
107 | 


--------------------------------------------------------------------------------
/Python/jake-whitelist.json:
--------------------------------------------------------------------------------
1 | {"ignore": [{"id": "CVE-2018-20225", "reason": "CVE is disputed."}]}
2 | 


--------------------------------------------------------------------------------
/Python/pyproject.toml:
--------------------------------------------------------------------------------
 1 | [build-system]
 2 | build-backend = "setuptools.build_meta"
 3 | requires = [
 4 |     "pygments",
 5 |     "requests",
 6 |     "setuptools>=61.0",
 7 |     "tabulate",
 8 |     "termcolor",
 9 | ]
10 | 
11 | [project]
12 | authors = [
13 |     { email = "info@intelx.io", name = "Kleissner Investments s.r.o./ Dominik Penner" },
14 | ]
15 | classifiers = [
16 |     "Operating System :: OS Independent",
17 |     "Programming Language :: Python :: 3",
18 | ]
19 | dependencies = [
20 |     "pygments",
21 |     "requests",
22 |     "tabulate",
23 |     "termcolor",
24 | ]
25 | description = "IntelX is a Python command-line utility and API wrapper for intelx.io, made to perform any kind of open-source intelligence."
26 | keywords = [
27 |     "IntelligenceX",
28 |     "_IntelligenceX",
29 |     "_intelx",
30 |     "intelligence x",
31 |     "intelx",
32 |     "intelx.io",
33 | ]
34 | name = "intelx"
35 | readme = "README.md"
36 | requires-python = ">=3.9"
37 | version = "0.7.0dev1"
38 | 
39 | [project.urls]
40 | "Bug Tracker" = "https://github.com/IntelligenceX/SDK/issues"
41 | Homepage = "https://github.com/IntelligenceX/SDK/tree/master/Python"
42 | 
43 | [tool.setuptools]
44 | script-files = [
45 |     "scripts/intelx.py",
46 | ]
47 | 
48 | [tool.setuptools.package-dir]
49 | "" = "intelx"
50 | 


--------------------------------------------------------------------------------
/Python/requirements-dev.txt:
--------------------------------------------------------------------------------
1 | build
2 | twine
3 | pre-commit
4 | git-cliff
5 | 


--------------------------------------------------------------------------------
/Python/requirements.txt:
--------------------------------------------------------------------------------
1 | --index-url https://pypi.python.org/simple/
2 | 
3 | -e .
4 | 


--------------------------------------------------------------------------------
/Python/scripts/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/IntelligenceX/SDK/28b9794f232f276b0e0754f34cb04638fe0da5ee/Python/scripts/__init__.py


--------------------------------------------------------------------------------
/Python/scripts/intelx.py:
--------------------------------------------------------------------------------
  1 | #!/usr/bin/env python3
  2 | # pylint: disable-msg=E0611
  3 | 
  4 | import os
  5 | import sys
  6 | import html
  7 | import json
  8 | import time
  9 | import tabulate
 10 | import argparse
 11 | from importlib.metadata import version
 12 | from intelxapi import intelx
 13 | from intelx_identity import IdentityService
 14 | from termcolor import colored
 15 | from pygments import highlight
 16 | from pygments.lexers import JsonLexer
 17 | from pygments.formatters import TerminalFormatter
 18 | 
 19 | BOLD = '\033[1m'
 20 | END = '\033[0m'
 21 | 
 22 | banner = r'''
 23 | {}     _____      _       ___   __
 24 |     |_   _|    | |     | \ \ / /
 25 |       | | _ __ | |_ ___| |\ V /
 26 |       | || '_ \| __/ _ \ |/   \
 27 |      _| || | | | ||  __/ / /^\ \
 28 |      \___/_| |_|\__\___|_\/   \/
 29 | 
 30 |        a command line client
 31 |            for intelx.io         {}
 32 | 
 33 | '''.format(BOLD, END)
 34 | 
 35 | 
 36 | def rightnow():
 37 |     return time.strftime("%H:%M:%S")
 38 | 
 39 | 
 40 | def search(ix, query, maxresults=100, buckets=[], timeout=5, datefrom="", dateto="", sort=4, media=0, terminate=[]):
 41 |     if not args.raw:
 42 |         print(colored(f"[{rightnow()}] Starting search of \"{args.search}\".", 'green'))
 43 |     s = ix.search(args.search, maxresults, buckets, timeout, datefrom, dateto, sort, media, terminate)
 44 |     return s
 45 | 
 46 | 
 47 | def pbsearch(ix, query, maxresults=100, buckets=[], timeout=5, datefrom="", dateto="", sort=4, media=0, terminate=[], target=0):
 48 |     if not args.raw:
 49 |         print(colored(f"[{rightnow()}] Starting phonebook search of \"{args.search}\".", 'green'))
 50 |     s = ix.phonebooksearch(args.search, maxresults, buckets, timeout, datefrom, dateto, sort, media, terminate, target)
 51 |     return s
 52 | 
 53 | 
 54 | def get_stats(stats):
 55 |     if not args.raw:
 56 |         print(colored(f"[{rightnow()}] Gathering stats from search.\n", 'green'))
 57 |         stats = json.dumps(ix.stats(search), indent=4, sort_keys=True)
 58 |         print(stats)
 59 | 
 60 | 
 61 | def format_list(content):
 62 |     content = content.replace(" ", "")
 63 |     return content.split(",")
 64 | 
 65 | 
 66 | def quick_search_results(ix, search, limit):
 67 |     for idx, result in enumerate(search['records']):
 68 |         if(idx == limit):
 69 |             sys.exit()
 70 |         else:
 71 |             if args.view:
 72 |                 viewtext = ix.FILE_VIEW(result['type'], result['media'], result['storageid'], result['bucket'])
 73 |             elif not args.nopreview:
 74 |                 viewtext = ix.FILE_PREVIEW(result['type'], result['media'], 0, result['storageid'], result['bucket'])
 75 |             if(len(result['name']) == 0):
 76 |                 result['name'] = "Untitled Document"
 77 |             print(f"{BOLD}________________________________________________________________________________{END}")
 78 |             print(f"{BOLD}> Name:{END}", html.unescape(result['name']))
 79 |             print(f"{BOLD}> Date:{END}", result['date'])
 80 |             print(f"{BOLD}> Size:{END}", result['size'], "bytes")
 81 |             print(f"{BOLD}> Media:{END}", result['mediah'])
 82 |             print(f"{BOLD}> Bucket:{END}", result['bucketh'])
 83 |             print(f"{BOLD}> ID:{END}", result['systemid'])
 84 |             if len(viewtext) > 0:
 85 |                 print("")
 86 |                 print(viewtext)
 87 |             print(f"{BOLD}________________________________________________________________________________{END}")
 88 | 
 89 | 
 90 | def pb_search_results(ix, search):
 91 |     headers = ["Type", "Value"]
 92 |     data = []
 93 |     for block in search:
 94 |         for result in block['selectors']:
 95 |             data.append([result['selectortypeh'], result['selectorvalue']])
 96 |     print(tabulate.tabulate(sorted(data), headers=headers, tablefmt="fancy_grid"))
 97 | 
 98 | 
 99 | def pb_search_results_emails(ix, search):
100 |     for block in search:
101 |         for result in block['selectors']:
102 |             if result['selectortype'] == 1:
103 |                 print(result['selectorvalue'])
104 | 
105 | def idsearch(identity_ix, query, maxresults=100, buckets=[], timeout=5, datefrom="", dateto="", terminate=[]):
106 |     if not args.raw:
107 |         print(colored(f"[{rightnow()}] Starting search of \"{args.search}\".", 'green'))
108 |     s = identity_ix.search(term=query, maxresults=maxresults, buckets=buckets, timeout=timeout, datefrom=datefrom, dateto=dateto,  terminate=terminate)
109 |     return s
110 | 
111 | def main(argv=None):
112 | 
113 |     global search
114 |     global accounts
115 |     global args
116 | 
117 |     # get the argument parser ready
118 |     parser = argparse.ArgumentParser(
119 |         description="Command line interface for https://intelx.io",
120 |         epilog="Usage: intelx.py -search 'riseup.net' -buckets 'pastes, darknet'"
121 |     )
122 | 
123 |     parser.add_argument('-apikey', help="set the api key via command line")
124 |     parser.add_argument('-search', help="search query")
125 |     parser.add_argument('-identity', help="search only accounts on identity service")
126 |     parser.add_argument('-buckets', help="set which buckets to search")
127 |     parser.add_argument('-limit', help="set the amount of results to show")
128 |     parser.add_argument('-timeout', help="set the timeout value")
129 |     parser.add_argument('-datefrom', help="begin search starting from state")
130 |     parser.add_argument('-dateto', help="begin search ending from date")
131 |     parser.add_argument('-sort', help="set the sort value")
132 |     parser.add_argument('-media', help="set the media value")
133 |     parser.add_argument('-lines', help="set the number of lines displayed in the preview")
134 |     parser.add_argument('-download', help="download the specified item specified by its ID")
135 |     parser.add_argument('-bucket', help="download from this bucket (must be specified with -download)")
136 |     parser.add_argument('-name', help="set the filename to save the item as")
137 |     parser.add_argument('--dataleaks', help="searches for a domain or email address to find data leaks", action="store_true")
138 |     parser.add_argument('--exportaccounts', help="searches for a domain or email address to find leaked accounts.", action="store_true")
139 |     parser.add_argument('--nopreview', help="do not show text preview snippets of search results", action="store_true")
140 |     parser.add_argument('--view', help="show full contents of search results", action="store_true")
141 |     parser.add_argument('--phonebook', help="set the search type to a phonebook search")
142 |     parser.add_argument('--emails', help="show only emails from phonebook results", action="store_true")
143 |     parser.add_argument('--capabilities', help="show your account's capabilities", action="store_true")
144 |     parser.add_argument('--stats', help="show stats of search results", action="store_true")
145 |     parser.add_argument('--raw', help="show raw json", action="store_true")
146 |     args = parser.parse_args(argv)
147 | 
148 |     # configure IX & the API key
149 |     if 'INTELX_KEY' in os.environ:
150 |         if args.identity:
151 |             ix = IdentityService(os.environ['INTELX_KEY'])
152 |         else:
153 |             ix = intelx(os.environ['INTELX_KEY'])
154 | 
155 |     elif args.apikey:
156 |         if args.identity:
157 |             ix_identity = IdentityService(args.apikey)
158 |         else:
159 |             ix = intelx(args.apikey)
160 | 
161 |     else:
162 |         print(banner)
163 |         print('intelx.py v' + str(version('intelx')))
164 |         exit('No API key specified. Please use the "-apikey" parameter or set the environment variable "INTELX_KEY".')
165 | 
166 |     # main application flow
167 |     if not args.raw:
168 |         print(banner)
169 |         print('intelx.py v' + str(version('intelx')))
170 | 
171 |     if len(sys.argv) < 2:
172 |         print('Usage: intelx.py -search "riseup.net"')
173 | 
174 |     if args.identity:
175 | 
176 |         if not args.limit and not args.stats and not args.phonebook:
177 |             if not args.raw:
178 |                 print(colored(f"[{rightnow()}] Limit argument not supplied, setting default to 10 results.", 'yellow'))
179 |             args.limit = 10
180 | 
181 |         maxresults = 100
182 |         buckets = []
183 |         datefrom = ""
184 |         dateto = ""
185 |         sort = 4
186 |         media = 0
187 |         terminate = []
188 | 
189 |         if args.limit:
190 |             maxresults = int(args.limit)
191 |         if args.buckets:
192 |             buckets = format_list(args.buckets)
193 |         if args.datefrom:
194 |             datefrom = args.datefrom
195 |         if args.dateto:
196 |             dateto = args.dateto
197 |             sort = 2  # sort by date
198 |         if args.sort:
199 |             sort = int(args.sort)
200 |         if args.media:
201 |             media = int(args.media)
202 | 
203 |         if args.exportaccounts:
204 |             print(colored(f"[{rightnow()}] Starting account export of \"{args.identity}\".", 'green'))
205 |             account = IdentityService.export_accounts(
206 |                     ix,
207 |                     args.identity,
208 |                     maxresults=maxresults,
209 |                     buckets=buckets,
210 |                     datefrom=datefrom,
211 |                     dateto=dateto,
212 |                     terminate=terminate
213 |             )
214 |             headers = ["User", "Password", "Password Type", "Source Short"]
215 |             data = []
216 |             for block in account:
217 |                 for result in account[block]:
218 |                     data.append([result['user'], result['password'], result['passwordtype'], result['sourceshort']])
219 |             print(tabulate.tabulate(sorted(data), headers=headers, tablefmt="fancy_grid"))
220 |             exporttsv=tabulate.tabulate(data, tablefmt="tsv")
221 |             tsv_filename = "intelx-output-" + args.identity + "-export_accounts.tsv"
222 |             tsv_file=open(tsv_filename,"w")
223 |             tsv_file.write(exporttsv)
224 |             tsv_file.close()
225 |             print(colored(f"[{rightnow()}] Exported output to \"{tsv_filename}\".", 'green'))
226 | 
227 |         if args.dataleaks:
228 |                 print(colored(f"[{rightnow()}] Starting data leaks search of \"{args.identity}\".", 'green'))
229 |                 search = IdentityService.idsearch(
230 |                     ix,
231 |                     args.identity,
232 |                     maxresults=maxresults,
233 |                     buckets=buckets,
234 |                     datefrom=datefrom,
235 |                     dateto=dateto,
236 |                     terminate=terminate
237 |                 )
238 |                 headers = ["Name", "Date", "Bucket", "Line"]
239 |                 data = []
240 |                 for records in search:
241 |                     for result in search[records]:
242 |                         data.append([result['item']['name'], result['item']['date'], result['item']['bucket'], result['linea']])
243 |                 exporttsv=tabulate.tabulate(data, tablefmt="tsv")
244 |                 tsv_filename = "intelx-output-" + args.identity + "-data_leaks.tsv"
245 |                 tsv_file=open(tsv_filename,"w")
246 |                 tsv_file.write(exporttsv)
247 |                 tsv_file.close()
248 |                 print(colored(f"[{rightnow()}] Exported output to \"{tsv_filename}\".", 'green'))
249 | 
250 |     if args.search:
251 | 
252 |         if not args.limit and not args.stats and not args.phonebook:
253 |             if not args.raw:
254 |                 print(colored(f"[{rightnow()}] Limit argument not supplied, setting default to 10 results.", 'yellow'))
255 |             args.limit = 10
256 | 
257 |         maxresults = 100
258 |         buckets = []
259 |         timeout = 5
260 |         datefrom = ""
261 |         dateto = ""
262 |         sort = 4
263 |         media = 0
264 |         terminate = []
265 | 
266 |         if args.limit:
267 |             maxresults = int(args.limit)
268 |         if args.buckets:
269 |             buckets = format_list(args.buckets)
270 |         if args.timeout:
271 |             timeout = int(args.timeout)
272 |         if args.datefrom:
273 |             datefrom = args.datefrom
274 |         if args.dateto:
275 |             dateto = args.dateto
276 |             sort = 2  # sort by date
277 |         if args.sort:
278 |             sort = int(args.sort)
279 |         if args.media:
280 |             media = int(args.media)
281 | 
282 |         if not args.phonebook:
283 |             search = search(
284 |                 ix,
285 |                 args.search,
286 |                 maxresults=maxresults,
287 |                 buckets=buckets,
288 |                 timeout=timeout,
289 |                 datefrom=datefrom,
290 |                 dateto=dateto,
291 |                 sort=sort,
292 |                 media=media,
293 |                 terminate=terminate
294 |             )
295 | 
296 |         elif args.phonebook:
297 |             if(args.phonebook == 'domains'):
298 |                 targetval = 1
299 |             elif(args.phonebook == 'emails'):
300 |                 targetval = 2
301 |             elif(args.phonebook == 'urls'):
302 |                 targetval = 3
303 |             else:
304 |                 targetval = 0
305 | 
306 |             search = pbsearch(
307 |                 ix,
308 |                 args.search,
309 |                 maxresults=maxresults,
310 |                 buckets=buckets,
311 |                 timeout=timeout,
312 |                 datefrom=datefrom,
313 |                 dateto=dateto,
314 |                 sort=sort,
315 |                 media=media,
316 |                 terminate=terminate,
317 |                 target=targetval
318 |             )
319 | 
320 |         if args.raw:
321 |             print(json.dumps(search))
322 | 
323 |         if args.stats:
324 |             get_stats(search)
325 | 
326 |         elif not args.raw and not args.phonebook:
327 |             quick_search_results(ix, search, int(args.limit))
328 | 
329 |         elif not args.raw and args.phonebook:
330 |             if args.emails:
331 |                 print()
332 |                 pb_search_results_emails(ix, search)
333 |             else:
334 |                 print()
335 |                 pb_search_results(ix, search)
336 | 
337 |     if args.download:
338 |         if not args.bucket:
339 |             print(colored(f"[{rightnow()}] Failed to download item {args.download} missing bucket name.\n", 'red'))
340 |         else:
341 |             fname = args.download + ".bin"
342 |             if args.name:
343 |                 fname = args.name
344 |             if(ix.FILE_READ(args.download, bucket=args.bucket, filename=fname)):
345 |                 print(colored(f"[{rightnow()}] Successfully downloaded the file '{fname}'.\n", 'green'))
346 |             else:
347 |                 print(colored(f"[{rightnow()}] Failed to download item {args.download}.\n", 'red'))
348 | 
349 |     if args.capabilities:
350 |         print(colored(f"[{rightnow()}] Getting your API capabilities.\n", 'green'))
351 |         capabilities = ix.GET_CAPABILITIES()
352 |         print(highlight(json.dumps(capabilities, indent=4), JsonLexer(), TerminalFormatter()))
353 | 
354 | if __name__ == "__main__":
355 |   sys.exit(main())
356 | 


--------------------------------------------------------------------------------
/Python/scripts/screenshot1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/IntelligenceX/SDK/28b9794f232f276b0e0754f34cb04638fe0da5ee/Python/scripts/screenshot1.png


--------------------------------------------------------------------------------
/Python/scripts/tests/test_main.py:
--------------------------------------------------------------------------------
1 | import pytest
2 | from intelx import main
3 | 
4 | # @pytest.mark.skip(reason="Enahcement Entry Point")
5 | def test_main_not_apikey():
6 |     with pytest.raises(SystemExit) as pytest_wrapped_e:
7 |         main(["-search", "apple.com"])
8 |     assert pytest_wrapped_e.value.code == 'No API key specified. Please use the \"-apikey\" parameter or set the environment variable \"INTELX_KEY\".'
9 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Intelligence X Public SDK
 2 | 
 3 | The software development kit (SDK) allows anyone to use the Intelligence X search engine. It is free to use and Intelligence X welcomes any integrations into 3rd party tools and services.
 4 | 
 5 | Intelligence X is a search engine and data archive. For additional details please visit <https://intelx.io>.
 6 | 
 7 | The SDK contains these parts:
 8 | 
 9 | 1. [API documentation](Intelligence%20X%20API.pdf)
10 | 2. [HTML code example](HTML/search.html)
11 | 3. [PHP code example](PHP/index.php)
12 | 4. [Python code examples](Python/examples)
13 | 5. [Go package and code](Go/ixapi/README.md)
14 | 6. [Maltego Transform](Maltego%20Transform/README.md)
15 | 
16 | Latest updates:
17 | * 12.04.2020 - New Python API wrapper and Command Line Interface
18 | * 24.06.2020 - Additional filter for [phonebook.cz](https://phonebook.cz) like lookups in Python code
19 | * 04.07.2020 - New Maltego Transform
20 | * <s>02.02.2024 - Python Package moved to [Python Repository](https://github.com/IntelligenceX/Python)</s>
21 | * 06.06.2024 - Python supports "Export Leaked Accounts" of identity.intelx.io
22 | * 30.11.2024 - 0.6.2 installable from [Python Package Index](https://pypi.org/project/intelx/)
23 | 
24 | You will need an API key which you can obtain at https://intelx.io/account?tab=developer. Please note that integration into your commercial service/product requires a paid license. If your product is open source, do not embed your API key. The use of public API keys is discontinued.
25 | 
26 | ## Link to intelx.io
27 | 
28 | Instead of directly using the API, you can always do the ghetto version instead and just link to the website.
29 | 
30 | ```
31 | https://intelx.io/?s=[search term]
32 | ```
33 | 
34 | Examples:
35 | 
36 | ```
37 | https://intelx.io/?s=test.com
38 | https://intelx.io/?s=test@example.com
39 | ```
40 | 
41 | The search engine supports only the following strong selector types. Anything else will be rejected.
42 | 
43 | * Email address
44 | * Domain, including wildcards like *.example.com
45 | * URL
46 | * IPv4 and IPv6
47 | * CIDRv4 and CIDRv6
48 | * Phone Number
49 | * Bitcoin address
50 | * MAC address
51 | * IPFS Hash
52 | * UUID
53 | * Simhash
54 | * Credit Card Number
55 | * Social Security Number
56 | * IBAN
57 | 
58 | ## Contact
59 | 
60 | We love contributions! Feel free to use the issue tracker for any feature requests, bug reports and contributions. You can contact us via email <info@intelx.io>.
61 | 
62 | The Terms of Service https://intelx.io/terms-of-service apply.
63 | 
64 | &copy; 2018 - 2025 Intelligence X
65 | 


--------------------------------------------------------------------------------
/httpie.md:
--------------------------------------------------------------------------------
 1 | # Introduction
 2 | 
 3 | `httpie` is available from [httpie.io](https://httpie.io/docs/cli/installation).
 4 | 
 5 | # Identity Portal
 6 | 
 7 | In the following examples `11111111-1111-1111-1111-111111111111` represents the @IntelligenceX Key and `00000000-0000-0000-0000-000000000000` represents the @IntelligenceX `Search ID`.
 8 | 
 9 | ## -identityenabled
10 | ```
11 | $ http "https://3.intelx.io/live/search/internal" selector==example.com skipinvalid==False limit==10 analyze==False datefrom== dateto== "x-key:11111111-1111-1111-1111-111111111111"
12 | HTTP/1.1 200 OK
13 | Access-Control-Allow-Origin: *
14 | Cache-Control: no-cache, no-store, must-revalidate
15 | Content-Length: 57
16 | Content-Type: application/json
17 | Date: Wed, 06 Mar 2024 02:02:02 GMT
18 | Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
19 | 
20 | {
21 |     "id": "00000000-0000-0000-0000-000000000000",
22 |     "status": 0
23 | }
24 | 
25 | 
26 |                                                                                                                                                                                                                                            
27 | $ http "https://3.intelx.io/live/search/result" id==00000000-0000-0000-0000-000000000000 format==1 limit==10 "x-key:11111111-1111-1111-1111-111111111111" --download -o pyintelx-identityenabled-example.com.json 
28 | HTTP/1.1 200 OK
29 | Access-Control-Allow-Origin: *
30 | Cache-Control: no-cache, no-store, must-revalidate
31 | Content-Type: application/json
32 | Date: Wed, 06 Mar 2024 02:02:30 GMT
33 | Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
34 | Transfer-Encoding: chunked
35 | 
36 | Downloading to pyintelx-identityenabled-example.com.json
37 | Done. 1.1 MB in 00:10.10101 (101.1 kB/s)
38 |                                                                                                                                                                                                                                            
39 | $
40 | ```
41 | ## -identityenabled -accounts
42 | ```
43 | $ http "https://3.intelx.io/accounts/csv" selector==example.com limit==10 datefrom== dateto== "x-key:11111111-1111-1111-1111-111111111111"
44 | HTTP/1.1 200 OK
45 | Access-Control-Allow-Origin: *
46 | Cache-Control: no-cache, no-store, must-revalidate
47 | Content-Length: 57
48 | Content-Type: application/json
49 | Date: Wed, 06 Mar 2024 01:01:01 GMT
50 | Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
51 | 
52 | {
53 |     "id": "00000000-0000-0000-0000-000000000000",
54 |     "status": 0
55 | }
56 | 
57 | 
58 | 
59 | $ http "https://3.intelx.io/live/search/result" id==00000000-0000-0000-0000-000000000000 "x-key:11111111-1111-1111-1111-111111111111" --download -o pyintelx-identityenabled-accounts-example.com.json
60 | HTTP/1.1 200 OK
61 | Access-Control-Allow-Origin: *
62 | Cache-Control: no-cache, no-store, must-revalidate
63 | Content-Length: 49
64 | Content-Type: application/json
65 | Date: Wed, 06 Mar 2024 01:01:31 GMT
66 | Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
67 | 
68 | Downloading to pyintelx-identityenabled-accounts-example.com.json
69 | Done. 100 bytes in 00:0.10000 (100.00000000000000 bytes/s)
70 |                                                                                                                                                                                                                                            
71 | $
72 | 


--------------------------------------------------------------------------------