Maltego Have I Been Pwned Transform

Prerequisites:
- Maltego CE (Community Edition) or Maltego XL installed.
- Access to the “Have I Been Pwned” (HIBP) transform from the Maltego Transform Hub.
Step 1: Download the “Have I Been Pwned” (HIBP) Transform from the Transform Hub
To begin, you need to download the HIBP Maltego transform from the Transform Hub:
- Open Maltego.
- Go to the “Apps” tab on the left sidebar.
- In the “Transform Hub” section, search for “Have I Been Pwned” or the specific transform package provided by HIBP.
- Click on it, then click “Download” or “Install.”
Step 2: Set Up the “Have I Been Pwned” (HIBP) Transform
After downloading the transform, you can set it up:
- Open Maltego.
- In the “Manage” tab, click on “Transforms Manager.”
- Find the HIBP transform you downloaded and click on “Settings” or “Configure.”
Step 3: Access “Have I Been Pwned” Resources
Here are the URLs to access “Have I Been Pwned” resources:
- HIBP Website: Visit the official HIBP website to check if your email address or accounts have been compromised in data breaches.
- HIBP API Registration: If you plan to use the HIBP API, you may need to register for an API key. Follow the registration process on this page to obtain your API key.
Step 4: Use the “Have I Been Pwned” (HIBP) Transform
Now that you’ve configured the transform, you can use it to check if email addresses or usernames have been compromised in data breaches:
- Open Maltego.
- Create a new graph or open an existing one.
- Right-click on an entity (e.g., an email address or a username) in your Maltego graph.
- In the context menu, select “Run Transform.”
- Choose the “Have I Been Pwned” (HIBP) transform from the list.
- Click “Run.”
The transform will query HIBP for information about the provided entity, and if it has been compromised in any data breaches, it will provide relevant details in your Maltego graph.
Step 5: Save and Export
After performing your analysis and checking for compromised accounts using the HIBP transform, you can save your graph and export it in various formats for reporting and sharing.