You have been redirected from paterva.com. Maltego.com is the new home for all information regarding Maltego products. Read more about this in a message from the Paterva team and in this blog post and FAQ. close
home Transform Hub data categories - Cybersecurity

WhoisXML API

By Maltego Technologies
WhoisXML API integration in Maltego
Cybersecurity Infrastructure Anti-terrorism CERT

WhoisXML Transforms for Maltego

For over a decade, WhoisXML has been gathering, analyzing, and correlating domain, IP, and DNS data to make the Internet more transparent and secure. They collect and parse the necessary domain data and turn them into understandable and readily consumable intelligence sources. Their unique collection of cyber threat intelligence feeds have proven invaluable in augmenting the capabilities of commercial security platforms (SIEM, SOAR, and TIP) and helping Security Operations Centers (SOCs) & Managed Security Service Providers (MSSPs) achieve superior network visibility.

WhoisXML coverage includes 7+ billion historical WHOIS records across 2864+ TLDs and ccTLDs, 2.3+ billion domains and subdomains, 9.5+ million IP netblocks, 99.5% of IPs in use, and 500 billion historic DNS lookups gathered from over a decade of data aggregation.

Users also benefit from their diverse sets of APIs designed to facilitate cybercrime detection, response, and prevention.

With Maltego Transforms for Whois, investigators gain access to WhoisXML API and leverage advanced IP and Domain Data intelligence in their investigative workflows within Maltego.

Maltego Transforms are available for the following WhoisXML API’s:

  • WHOIS API: Provides the registration details, also known as the WHOIS record data, of a domain name, an IP address, or an email address.
  • Historical Whois API: Track all changes in domain ownership and registration for the past 10 years from a daily-updated database that contains billions of current and historical WHOIS records.
  • Reverse Whois API: Get a list of all the linked domains that contain the identifier such as a domain owner’s name, email address, phone number, postal address, etc.

Benefits

  • Look up the hidden identity of past domain owners and identify the attacker’s historical footprints — before privacy records.
  • Map out attackers’ infrastructure -find all domains, websites, IP addresses, and more details connected to a crime or criminal.
  • Infosec professionals can enhance their solutions and services and protect users against spam, dangerous websites, network infiltrations, and other online misdeeds as well as to investigate third-party risks.
  • Mitigate phishing and other malware-enabled attacks by enabling Digital forensics and incident response (DFIR) and other cybersecurity consultants o provide clients with easy-to-read lists of domains that may have ties to cybercrime, thus allowing them to enhance their cyber defense.
  • Pivot across other disparate data sources available on the Transform Hub and gain a more comprehensive perspective in investigations.
  • Cybersecurity investigators, forensics companies, and Law Enforcement agencies are not the only ones that benefit from the data that WhoisXML API provides. Investors and market researchers can also use WHOIS data to make informed business decisions such as enrich their marketing campaigns, conduct research, uncover market trends, and establish new business opportunities.

Typical Users of This Data

  • Security Operations Centers (SOCs)
  • Managed Security Service Providers (MSSPs)
  • Law enforcement agencies (LEAs)
  • Threat hunters
  • Cyber Forensics Analysts
  • Security Engineers

alt WhoisXML Transforms for Maltego

Pricing & Access

Pricing Tier: Free Trial

Hub Type: Commercial Hub and Community Hub

Requirements: For full solution access, Maltego One, Classic or XL license, and WhoisAPI subscription

Access:
1. Free Trial: Register for a free API key here: https://main.whoisxmlapi.com/signup ,then simply download the Whois API hub item on Maltego Client and enter your trial key to start using Whois data on Maltego.

2. Bring your own key: If you are already an exisitng customer of WhoisXML, then simply download the Whois API hub item on Maltego Client and enter the paid API key to start using Whois data on Maltego.

Contact


By clicking on "Send Message", you agree to the processing of the data you entered and you allow us to contact you for the purpose selected in the form. For further information, see our Data Privacy Policy.

About WhoisXML API

WhoisXML is a cyber threat intelligence provider trusted by over 50,000 clients and have been ranked one of Inc. 5000 fastest growing IT companies since 2016. Our customer base includes commercial security platforms (SIEM, SOAR, and TIP), Security Operations Centers (SOCs), Managed Security Service Providers (MSSPs), Fortune 1000 companies, top cybercrime & law enforcement units, government agencies, banks, payment processors, telcos, and brand protection agencies. We also work closely with domain registries/registrars, domain investors/brokers, marketing researchers, big-data warehouses, web analytics firms, investment funds, VC firms, SMBs with a digital footprint, and more.

For more information, visit: https://www.whoisxmlapi.com/

Pick the right product and get started.