June 18, 2024

Maltego Have I Been Pwned Transform

2 min read


  1. Maltego CE (Community Edition) or Maltego XL installed.
  2. Access to the “Have I Been Pwned” (HIBP) transform from the Maltego Transform Hub.

Step 1: Download the “Have I Been Pwned” (HIBP) Transform from the Transform Hub

To begin, you need to download the HIBP Maltego transform from the Transform Hub:

  1. Open Maltego.
  2. Go to the “Apps” tab on the left sidebar.
  3. In the “Transform Hub” section, search for “Have I Been Pwned” or the specific transform package provided by HIBP.
  4. Click on it, then click “Download” or “Install.”

Step 2: Set Up the “Have I Been Pwned” (HIBP) Transform

After downloading the transform, you can set it up:

  1. Open Maltego.
  2. In the “Manage” tab, click on “Transforms Manager.”
  3. Find the HIBP transform you downloaded and click on “Settings” or “Configure.”

Step 3: Access “Have I Been Pwned” Resources

Here are the URLs to access “Have I Been Pwned” resources:

  • HIBP Website: Visit the official HIBP website to check if your email address or accounts have been compromised in data breaches.
  • HIBP API Registration: If you plan to use the HIBP API, you may need to register for an API key. Follow the registration process on this page to obtain your API key.

Step 4: Use the “Have I Been Pwned” (HIBP) Transform

Now that you’ve configured the transform, you can use it to check if email addresses or usernames have been compromised in data breaches:

  1. Open Maltego.
  2. Create a new graph or open an existing one.
  3. Right-click on an entity (e.g., an email address or a username) in your Maltego graph.
  4. In the context menu, select “Run Transform.”
  5. Choose the “Have I Been Pwned” (HIBP) transform from the list.
  6. Click “Run.”

The transform will query HIBP for information about the provided entity, and if it has been compromised in any data breaches, it will provide relevant details in your Maltego graph.

Step 5: Save and Export

After performing your analysis and checking for compromised accounts using the HIBP transform, you can save your graph and export it in various formats for reporting and sharing.

Leave a Reply

Your email address will not be published. Required fields are marked *

Discover more from

Subscribe now to keep reading and get access to the full archive.

Continue reading