Modified on: Fri, 15 Nov, 2024 at 7:49 AM
Please visit maltego.com to download the appropriate Maltego installer from our Downloads page. Should the correct operating system (OS) for your machine not be automatically detected, please select your operating system from the top menu (Windows, Linux, or Mac).
You can also find step-by-step installation instructions, and video walk-throughs in the Maltego Academy. Check out the Maltego Setup Guide.
Windows
If you are using a Windows operating system, follow the steps below.
From the dropdown menu, choose between installing only the .exe installation or the .exe installation with Java x64. If you do not already have Java installed on your machine, it is recommended to choose the .exe + Java installation bundle. To learn more about Maltego’s Java recommendations click here.
Once the file type has been selected, click Download to begin.
After the download is complete, double-click the installer to begin the installation process. The Maltego Setup Wizard will start up and continue to guide you through installation and activation.
Silent installation
Silent installation is supported for both Windows installers, i.e. including the installer with the bundled Java JRE.
Note: Administrator permissions are required.
MaltegoSetup.JRE64.v4.2.10.XXXXX.exe /S
To Uninstall
Note: Read/write permissions will be required for the directory where you've installed the application.
C:\Program Files (x86)\Paterva\Maltego\uninstall.exe /S
Linux
As Maltego is a graphical application, you will require a Windows (X11) system.
Maltego is available as a .DEB package (ideal for Debian based operating systems) as well as an .RPM package (ideal for systems that can use the RPM Package Manager) and a .zip archive. Each of these file types can be selected from the FILE TYPE dropdown when Linux is selected:
.DEB (Debian package)
The Debian packages can be installed by either double-clicking on the file within your window manager (such as KDE) or allowing the window managers installer to install the package.
Alternatively, you can also install it from the command line as follows:
# cd ~/Downloads/Maltego/ #(assuming that you’ve downloaded it here) # dpkg –i <maltegofile>.deb
.RPM
The RPM file can be installed as above via your window manager by double clicking on the file or via command line as follows:
# cd ~/Downloads/Maltego/ #(assuming that you’ve downloaded Maltego here) # rpm –i <maltegofile>.rpm
.ZIP
The .zip archive is the entire extracted Maltego installation. You can simply extract this to the location you would prefer Maltego to be installed and then run Maltego from the bin directory.
Note: Read/write permissions will be required for the directory where you've installed the application.
Mac
For a Mac operating system, select the Mac download from the web page.
After you have downloaded the .dmg file, it can be installed by dragging it into your Applications folder as shown below:
Maltego is a visual data-mining tool designed for open-source intelligence (OSINT) and link analysis, providing detailed insights into the relationships between people, domains, infrastructure, and data. Its graph-based visualisation simplifies the investigation of complex datasets, making it invaluable for threat intelligence, fraud detection, and digital forensics. Maltego supports extensive customisation, offering pre-built and custom transforms to aggregate and analyse data from diverse sources, including social media, websites, and databases. By revealing hidden connections, Maltego empowers security teams to make informed decisions and take proactive steps in mitigating threats.
Cyberly strives to stay free, and we rely on donations to make it possible. If our content has helped you, please consider donating—your contribution helps keep the site running and allows us to keep creating valuable content.
Your support will help keep this knowledge free and accessible to everyone, now and in the future.
Donate Now
What is Maltego used for?
For Is Maltego Used What
Maltego is a powerful tool primarily used for open-source intelligence (OSINT) gathering and network analysis. Developed by Paterva, Maltego helps users uncover hidden relationships between people, organisations, websites, and domains by mapping out the data that is available on the internet. Its versatility in identifying and visualising complex relationships makes it an indispensable asset in various fields such as cybersecurity, digital forensics, and investigative research.
How do you install Maltego on Windows?
Do How Install Maltego On Windows You
Maltego is a powerful open-source intelligence (OSINT) tool widely used for gathering and analysing relationships between various entities such as people, websites, domains, and organisations. Whether you’re a cybersecurity professional, a penetration tester, or an investigator, Maltego’s ability to collect and visualise data from public sources makes it indispensable in various investigative and security tasks.
How do you install Maltego on macOS?
Do How Install macOS Maltego On You
Maltego is a robust open-source intelligence (OSINT) tool that enables users to map and visualise relationships between various digital entities such as domains, email addresses, social media profiles, and more. It’s widely used in cybersecurity, digital forensics, threat intelligence, and investigative research. Whether you’re tracking cybercriminal activity, performing penetration testing, or investigating suspicious online activity, Maltego offers an effective way to explore complex relationships across the web.
How do you install Maltego on Linux?
Do How Install Linux Maltego On You
Maltego is a powerful open-source intelligence (OSINT) tool widely used for gathering and analysing data from a variety of sources. It enables users to map out and visualise relationships between different entities such as domains, IP addresses, email addresses, social media profiles, and more. Whether you’re a cybersecurity expert, penetration tester, digital forensics investigator, or OSINT researcher, Maltego is an indispensable tool for uncovering critical insights in your investigations.
What are the main features of Maltego?
Are Features Main Maltego Of The What
Maltego is one of the most widely used open-source intelligence (OSINT) and data visualisation tools available today. Known for its powerful ability to gather, analyse, and display relationships between various digital entities, Maltego is a key asset for professionals working in cybersecurity, digital forensics, threat intelligence, and investigative research. By leveraging Maltego’s various features, users can map out intricate networks of data, uncover hidden connections, and gather actionable intelligence.
What is the difference between Maltego CE and Maltego XL?
And Between CE Difference Is Maltego The What XL
Maltego is an open-source intelligence (OSINT) and data visualisation tool widely used by cybersecurity professionals, digital forensics experts, threat analysts, and investigators. With its powerful ability to collect, analyse, and map relationships between digital entities, Maltego has become an indispensable tool for anyone working in the fields of OSINT, penetration testing, threat hunting, and investigative research. However, Maltego comes in different editions, each designed for different levels of use, features, and capabilities.
How do you create a new graph in Maltego?
A Create Do Graph How In Maltego New You
Maltego is a powerful open-source intelligence (OSINT) and data visualisation tool used by cybersecurity professionals, investigators, and threat analysts. One of the key features of Maltego is its ability to map out relationships between various entities, such as domains, IP addresses, email addresses, social media profiles, and more. These relationships are visualised in the form of graphs, which allow users to uncover hidden connections and gain insights from complex data.
How do you add entities to a Maltego graph?
A Add Do Entities Graph How Maltego To You
Maltego is a powerful tool used for open-source intelligence (OSINT) and data visualisation, allowing professionals in cybersecurity, digital forensics, and investigative research to map out relationships and uncover hidden connections between various entities. One of the fundamental features of Maltego is its ability to create and manipulate graphs, which visually represent the relationships between digital entities such as domains, IP addresses, people, organisations, and much more.
What types of entities can be created in Maltego?
Be Can Created Entities In Maltego Of Types What
Maltego is an advanced tool used by cybersecurity professionals, investigators, and analysts for gathering open-source intelligence (OSINT), mapping relationships between digital entities, and conducting digital forensics investigations. One of the core features of Maltego is its ability to create and manipulate entities, which are the building blocks of Maltego graphs. Entities represent individual pieces of information—such as domains, IP addresses, email addresses, people, or organisations—that can be linked together to uncover hidden relationships and provide insights into complex networks.
How do you use Maltego to map relationships between entities?
Between Do Entities How Maltego Map Relationships To Use You
Maltego is a leading tool used for open-source intelligence (OSINT), cybersecurity investigations, and digital forensics. One of its most powerful features is its ability to map complex relationships between various digital entities. Whether you’re investigating domain names, IP addresses, individuals, organisations, or other digital artefacts, Maltego allows you to visualise how these entities are connected, uncovering hidden relationships and revealing actionable insights.
What is the purpose of a transform in Maltego?
A In Is Maltego Of Purpose The Transform What
Maltego is a powerful tool primarily used for conducting open-source intelligence (OSINT) investigations, cybersecurity research, and digital forensics. One of its most distinctive and valuable features is the transform, a unique process that allows users to automatically gather and link data from various sources, enriching their investigations and helping them uncover hidden relationships and critical insights.
How do you run a transform in Maltego?
A Do How In Maltego Run Transform You
Maltego is one of the most powerful tools in the world of open-source intelligence (OSINT), cybersecurity investigations, and digital forensics. One of the core features of Maltego is the ability to run transforms — automated processes that gather additional information about an entity and uncover hidden relationships in your data. Running transforms allows you to expand your investigation, enrich your graph, and reveal deeper insights into the entities you are researching.
What is a “Data Source” in Maltego?
A Data In Is Maltego Source What
Maltego is a powerful tool widely used in the fields of open-source intelligence (OSINT), cybersecurity investigations, and digital forensics. One of its core strengths lies in its ability to connect and visualise data, helping analysts and investigators uncover hidden relationships and insights. A crucial component of this functionality is the concept of data sources. In Maltego, data sources serve as the foundation for many of its powerful transforms, which are automated processes that query external databases or APIs to gather information about entities.
How do you use Maltego to gather information from domain names?
Do Domain From Gather How Information Maltego Names To Use You
Maltego is one of the most powerful open-source intelligence (OSINT) tools available today, and its capability to gather and visualise data from various sources makes it invaluable for cybersecurity analysts, investigators, and digital forensics experts. One of the key tasks for these professionals is to gather information from domain names. Maltego excels in this area, offering a range of transforms and features to gather detailed information from domain names, uncover relationships, and visualise connections in an easy-to-understand graph.
How do you use Maltego to perform an OSINT investigation?
An Do How Investigation Maltego OSINT Perform To Use You
Open-Source Intelligence (OSINT) refers to the process of collecting, analysing, and leveraging publicly available data from various sources to gather actionable intelligence. It plays a crucial role in cybersecurity, threat analysis, digital forensics, and investigative research. With the vast amount of data accessible on the internet, conducting an OSINT investigation has never been more critical. Maltego, an advanced and powerful tool, provides a comprehensive platform to perform OSINT investigations efficiently, allowing analysts to collect data from various public and private data sources, visualise relationships, and identify potential threats or opportunities.
How do you use Maltego to identify IP addresses associated with a domain?
A Addresses Associated Do Domain How Identify IP Maltego To Use With You
In the world of cybersecurity and digital forensics, uncovering the relationships between domains and their associated IP addresses is a fundamental task. This process is particularly useful for OSINT (Open Source Intelligence) investigations, threat analysis, and identifying potential vulnerabilities in a network. Maltego, a leading tool for data mining and link analysis, allows investigators to efficiently identify IP addresses linked to a particular domain. This functionality is vital for network mapping, tracking malicious activities, and understanding the infrastructure behind a website or organisation.
How do you use Maltego to find subdomains of a domain?
A Do Domain Find How Maltego Of Subdomains To Use You
When conducting cybersecurity assessments, open-source intelligence (OSINT) investigations, or threat analysis, uncovering subdomains of a domain is an essential task. Subdomains can provide valuable insights into an organisation’s network structure, infrastructure, and potentially vulnerable points. They may host various services, applications, and even provide a way to uncover hidden or unpublicised parts of a network. Maltego, a powerful open-source intelligence (OSINT) and data mining tool, offers a highly efficient way to identify and visualise subdomains associated with a domain.
How do you use Maltego to gather information from social media accounts?
Accounts Do From Gather How Information Maltego Media Social To Use You
In the age of digital communication, social media platforms have become one of the most crucial sources of information for investigations in cybersecurity, OSINT (Open Source Intelligence), and digital forensics. By analysing social media profiles, investigators can uncover valuable insights about individuals, organisations, and connections that may not be available through traditional sources. Maltego, a leading OSINT tool, enables users to efficiently gather and visualise data from social media accounts. Its transforms and data-mining capabilities make it an invaluable tool for mapping relationships, tracking activities, and uncovering hidden details from public social media profiles.
How do you use Maltego to search for email addresses?
Addresses Do Email For How Maltego Search To Use You
In the realm of Open Source Intelligence (OSINT) and cybersecurity investigations, email addresses are crucial pieces of information that can help investigators uncover hidden networks, trace suspicious activities, or identify key individuals involved in a particular organisation or attack. With email addresses being used extensively for communication, user registration, and online activities, they often serve as gateways to uncover other associated entities, such as social media profiles, websites, or IP addresses. Maltego, an advanced OSINT and data mining tool, is designed to streamline the process of collecting and visualising such information, enabling users to gather email addresses and analyse their associated networks effectively.
How do you use Maltego to perform a DNS lookup?
A DNS Do How Lookup Maltego Perform To Use You
In the world of cybersecurity, digital forensics, and Open Source Intelligence (OSINT) investigations, domain name system (DNS) lookups are crucial for uncovering vital information about websites, domains, and IP addresses. A DNS lookup allows investigators to retrieve information associated with a domain, such as its IP address, domain registration details, mail servers, and nameservers. Maltego, a powerful OSINT tool, makes performing DNS lookups easier and more efficient by automating the process and presenting the results in a user-friendly, graphical interface.
Содержание статьи
- Что такое Maltego
- Установка Maltego
- Использование Maltego
- Поиск по IP-адресу
- Поиск человека
- Поиск по номеру телефона
- Альтернатива и аналоги Maltego
Maltego — это отличный инструмент для анализа связей между различными объектами и субъектами. Мальтего часто используется в разведке на основе открытых источников для сбора информации о сайтах, аккаунтах, IP-адресах, доменах и пользователях. В статье покажу, как установить и использовать Maltego на различных операционных системах.
Еще по теме: Модули OSINT для Maltego
Что такое Maltego
Инструмент создан компанией Paterva. Он отлично справляется со сбором данных из различных открытых источников и их представлением в виде диаграмм.
Умеет взаимодейстовать с такими источниками, как Shodan, WHOIS, The Wayback Machine, ATT&CK, Pipl, VirusTotal и другие.
Maltego также предлагает специальные инструменты, называемые Transforms (Трансформации) — скрипты, которые ищут данные о выбранном объекте в различных источниках и выводят ее на граф в виде объектов.
Возможности Maltego
- Maltego может использоваться для сбора информации о сайтах, аккаунтах, IP-адресах, доменах и многом другом. Информация может быть собрана из различных источников, включая социальные сети, публичные реестры, записи DNS и Dark Web2.
- Позволяет анализировать связи между объектами и субъектами. Это может быть полезно для выявления связей между киберпреступниками, поиска уязвимостей в системах и т.д.
- Отображает информацию в виде диаграмы, где наглядно видны связи между разными объектами. Это может помочь в визуализации сложных связей и сделать анализ более наглядным.
- Для удобства может группировать однотипные элементы. Это упрощает понимание при работе с большими массивами элементов.
Для скачивания предлагаются различные версии. В этой статье будем использовать бесплатную версию Maltego.
Установка Maltego
Можете скачать Maltego для различных операционных систем с официальный сайта
Установка Maltego на Windows
Перейдите на официальный сайт Maltego и скачайте файл установки для Windows.
Из выпадающего меню выберите версию (установка только .exe-файла или .exe-файл с Java x64). Если у вас еще не установлена Java 8, Java 11 или Java 17, рекомендуется выбрать пакет установки .exe + Java. После выбора типа файла нажмите Download (Загрузить).
После выполнения файла запустится Мастер установки Maltego. Следуйте инструкциям.
После установки запустите Maltego и введите свои учетные данные, чтобы начать работу.
Тихая установка Maltego на Windows
Тихая установка поддерживается для обоих установщиков Windows, то есть включая установщик с включенной Java JRE. Но вам потребуются права администратора.
|
MaltegoSetup.JRE64.v4.2.10.XXXXX.exe /S |
Установка Maltego на Linux
- Перейдите на официальный сайт Maltego и скачайте файл установки для Linux.
- Распакуйте скачанный архив в нужную директорию.
- Откройте терминал и перейдите в директорию, куда был распакован архив.
- Запустите скрипт командой
sudo ./MaltegoCE. - Следуйте инструкциям.
- После установки запустите Maltego и введите свои учетные данные.
Установка Maltego на Kali Linux
Maltego уже установлен в Kali Linux по умолчанию. Для запуска Maltego на Kali Linux выполните следующие шаги:
- Откройте терминал и введите команду
maltego. - Введите свои учетные данные.
Установка Maltego на macOS
- Перейдите на официальный сайт Maltego и скачайте установочный файл для macOS.
- Запустите установочный файл и следуйте инструкциям.
- После установки запустите Maltego и пройдите авториацию используя свои учетные данные.
Установка Maltego на Windows, Linux, Kali Linux и macOS не составляет большого труда и занимает всего несколько минут. После установки вы можете начать использовать Maltego для сбора информации и анализа связей.
Использование Maltego
Основные элементы Maltego включают в себя панель навигации в верхней части, основную рабочую область и набор инструментов и элементов справа.
Maltego можно использовать для решения различных задач по сбору информации, и в этой статье мы рассмотрим несколько распространенных вариантов использования.
Чтобы обеспечить правильную организацию и управление данными, рекомендуется создавать новый кейс на панели навигации. Это облегчает разделение данных, упрощает доступ к данным предыдущих расследований и корреляцию старых событий для получения более достоверной и надежной информации.
Поиск по IP-адресу
- Чтобы собрать информацию об определенном IP-адресе, выберите IPv4-adress и переместите ее в окно графика.
- Введите адрес хоста и выберите нужные трансформации, кликнув правой кнопкой мыши на палитре. Вы можете запустить все трансформации или выбрать определенные в зависимости от потребностей конкретного проекта.
Собранные данные будут визуализированы, как показано на скрине нуже.
Поиск человека
- Чтобы собрать информацию о конкретном человеке, выберите Person (Человек) и переместите ее в окно диаграммы.
- Введите имя человека и выберите нужные трансформации, кликнув правой кнопкой мыши на палитре. Вы можете запустить все трансформации или выбрать определенные.
Собранные данные будут визуализированы, как показано ниже.
Поиск по номеру телефона
- Чтобы собрать информацию о номере телефона, выберите Phone Number (Номер телефона) и переместите ее в окно диаграммы.
- Введите номер телефона и выберите соответствующие трансформации. Вы можете запустить все преобразования или выбрать определенные.
Собранные данные будут визуализированы, как показано ниже.
Гибкость и интеграция Maltego делают его полезным инструментом для следователей и аналитиков, позволяющим быстро и эффективно собирать оперативную информацию из различных источников.
Альтернатива и аналоги Maltego
Аналогов у Maltego в принципе нет, но есть инструменты, которые помогут в вашем OSINT.
- Recon-ng — инструмент для автоматизированного сбора информации. Позволяет быстро собрать информацию об инфраструктуре и активах целевой организации. Включает модули для работы с различными сервисами и источниками данных (WHOIS, Shodan, certificate transparency и т.д.). Интегрируется с Metasploit для использования собранных данных в дальнейших этапах тестирования на проникновение.
- Maryam — это инструмент в который засунули большое количество всевозможных поисковых, и не только, инструментов под различные задачи. Maryam будет полезен, не только в OSINT, но и для подготовительных этапов пентеста.
- Sherlock — предназначен для поиска имен пользователей в социальных сетях и сервисах. Sherlock позволяет быстро и автоматизированно находить учетные записи пользователя в интернете, что полезно в OSINT и в анализе цифрового следа.
ПОЛЕЗНЫЕ ССЫЛКИ:
- Бесплатные инструменты OSINT
- Сайты для пробива и поиска человека
- Инструменты и техники пассивного сбора информации
Provide feedback
Saved searches
Use saved searches to filter your results more quickly
Sign up
Appearance settings
You can use Maltego to gather, analyze, and visualize publicly available information, uncovering relationships and patterns between entities like domains, IP addresses, social media profiles, and more.
In this article, we’ll show you how to use Maltego, a vital tool for cyber security professionals, particularly penetration testers. We’ll begin by explaining what Maltego is and guiding you through the process of starting it up. Next, we’ll explore the main interface, breaking down key sections to make them easy to understand.
After that, we’ll provide an overview of utilizing Maltego’s Transforms, a central feature that enables you to uncover hidden relationships within data sets. Finally, we’ll discuss the best practices when using Maltego, ensuring you can utilize this powerful tool effectively and responsibly.
If you’re ready to dive into the world of Maltego, let’s begin.
What Is Maltego?
Maltego is a tool that leverages open-source intelligence (OSINT) developed by Paterva. Maltego comes in different versions, including a community edition that can be used for free with some limitations, as well as commercial versions that offer more features and capabilities.
Maltego is a vital tool in the arsenal of a penetration tester. As a graphical link analysis tool, it lets you visualize connections within complex data sets, displaying interconnected links. By analyzing information from various sources such as public websites, email addresses, social media, and cryptocurrency transactions, Maltego aids in uncovering hidden relationships and patterns.
This is particularly useful in penetration testing, where understanding the target’s digital footprint and connections can be crucial. Working up to 80% faster with Maltego than traditional methods allows for efficient reconnaissance.
Starting Up
We will now show you how to get Maltego up and running. For our demo moving forward, we will be using Kali. Maltego can also be installed on Windows, macOS, and other Linux distributions.
Before you can run Maltego, you need to run the installer, which can be found in the Applications menu under “Information Gathering.”
You will be taken to a terminal window if you want to install Maltego. Select “Y” to continue.
You can also install Maltego from the terminal with the following command:
sudo apt install -y maltego
Now, you can start Maltego by entering maltego in the terminal or running it from the application menu.
Once Maltego opens, you will be shown a window asking you to select a product. We are using the “Maltego CE (Free)” version for our demo. Select “Run” to continue.
Next, you’ll need to configure Maltego. The first step is to accept the license agreement and click “Next.”
The next step is to log in so you can use Maltego. If you do not already have an account, register one here.
After logging in, you’ll be able to see your details, like your name and email address, as well as the duration of your API key. Click “Next” to continue with the download of the Transforms.
The Transforms will be downloaded, and you must click “Next” to install them in Maltego.
The next screen will ask if you want to send error reports to Paterva, and then click “Next” to continue.
The final window will ask what external browser you want to open links to. Make your choice and then click “Finish” to complete the configuration. Maltego will now be ready to be used.
Interface
This section will show you the main Maltego graphical user interface, and we will highlight three areas within the interface.
- Application Menu
In the Application menu, you’ll find the application button. This grants access to the following functions:
- New Graph
- Open Graph
- Save
- Save All
- Save As
Maltego can open and save graphs using the .mtgl extension. While these are some of the core features, there are also other advanced functions.
- Start Page
The start page showcases the latest updates for products, Transform, and the Transform Hub. Any alerts affecting Maltego’s functionality and security can also be found here.
- Transform Hub
The Transform Hub catalogs all the Transforms offered by Maltego, third-party providers, or available through an API/dataset. You can either purchase these items or install them for free.
Transforms in Maltego are specialized pieces of code that process information in a very particular way. They take an Entity (a defined piece of data like an email address, IP address, or name) as input and then search for related information, returning more Entities as output.
Let’s walk through installing Transforms in Maltego’s Community Edition. First, navigate to the Transform Hub within the software.
Since we’re using the Community Edition, you’ll want to filter the available Transforms by selecting “Maltego Community” from the “Plans” menu. This will show you only the Transforms compatible with our version, making choosing and installing the ones you need easier.
You’ll also want to display Transforms that are “NOT INSTALLED.”
Now that we have the Transforms that will work for us let’s choose one to install. At the time of writing, there are 50 Transforms available to you in the Community Edition—everything from infrastructure and network information to searching social media sites.
Let’s install the Censys Transform, designed to map IP addresses to the target domain and vice versa, quickly identify server misconfigurations, and efficiently scan attack surfaces for vulnerabilities
This Transform is limited to twenty-five Transform runs per month on the Community Edition of Maltego.
Several Transforms will require you to have an API key from the provider, and Censys is one of them.
To work with the Censys Transform, you will need an account and an API key. You can sign up for an account at the Censys registration page.
To install, hover over the Censys Transform and click “INSTALL.” It will ask you if you are sure you want to install it. Click “Yes” to continue.
Complete the three steps that follow to finish installing Censys inside Maltego.
Select “INSTALLED” from the Transform Hub to see the Censys Transform listed.
Starting an Investigation
The easiest way to start a new investigation is by using Machines in Maltego. These Machines are automated sequences of Transforms in Maltego that allow users to run multiple queries or operations with a single click.
We will demonstrate how to use a Machine in Maltego, specifically focusing on the “Company Stalker” Machine. This Machine aims to locate email addresses associated with a domain, map these to corresponding social media profiles, and finally, attempt to retrieve or analyze any related metadata.
To begin, click on the “Machines” tab at the top of the Maltego window.
Next, select “Run Machine” to select the Machine you want to run.
Choose “Company Stalker” and click “Next.”
Now enter a domain you want to use as the target. In our demo, we are using example.net and click “Finish.”
Click through any popups you receive and wait for the machine to finish running. Once finished, you will be presented with any information that was returned.
For a more detailed investigation, you can also run one manually. If you want to start a new project in Maltego, the first step is to select “New” in the Application menu.
You will then be presented with different screens, such as the “Entity Palette,” “Graph,” “Output,” and “Run View.”
To begin your investigation, you will now want to add an “Entity” to the new graph. The easiest way to do this is using the “Entity Pallete” on the main interface’s left side. You can either scroll through the list of entities or use the search function.
In Maltego, an Entity represents a single piece of data you want to investigate or analyze. It can be something as simple as an email address, a phone number, a domain name, or an IP address.
Let’s add an Entity to the graph. In the “Personal” section, you can select the “Email Address” Entity or simply use the search bar to find “Email.” Once you locate the Entity, drag it onto the graph to add it.
Working With Transforms
Now, we will show you how to work with different Transforms. For this demo, we will be using a domain name to perform various analyzes.
Search for “Domain” in the Entity Palette and drag it to the Graph. We will use nmap.scanme.org for the demo, so change the domain name from maltego.com to nmap.scanme.org.
Let’s run our first Transform. Let’s run Censys to map an IP to the domain name. Right-click on the domain in the graph and select Censys. Then click the “Run All” button to run all the Censys Transforms simultaneously.
As a penetration tester, this information gathering technique during the information gathering phase can give insight into the organization’s network structure and may reveal the relationships between different servers, such as mail servers and websites.
The Transform will run and present you with the IP information in the graph.
Now let’s run another Transform. This time let’s run the “To Snapshots between Dates [Wayback Machine].” This can be extremely helpful when performing a penetration test as it could reveal important information such as past vulnerabilities, changes in security configurations, deprecated or hidden pages, and subdomains.
Right-click on the domain, and in the search bar, search for “wayback” then select “To Snapshots between Dates [Wayback Machine],” and finally click run.
On the next screen, choose the begin and end dates for the search and click Run!
Once the Transform completes, you will be shown the Wayback Machine data found. With this information, you could click on a specific date and open the URL for further information gathering and investigations.
Maltego is an extremely powerful tool and can do so much more than what we’ve shown you here. Using Maltego, you could map out the digital footprint of a target organization, including identifying key employees, emails, social media profiles, or devices.
This information can be used with tools like the Social Engineer Toolkit for information gathering. It can be used to create:
Phishing Campaigns: Information gathered about email addresses and social connections could aid in crafting targeted phishing emails.
Spear Phishing and Social Engineering Attacks: Insights into the relationships between entities might inform more advanced spear-phishing or social engineering attacks.
Best Practices
Let’s talk about some Maltego usage best practices. Maltego is a very versatile tool that can do many things, and there are some things you can do to work more effectively and intelligently before and while using it. Our list of recommendations for working with Maltego is provided below.
- Create a Strong Workflow: Understand your goal before you start. Map out what you want to uncover and tailor your search accordingly.
- Use Transforms Wisely: Transforms are queries that fetch you different data types. Learn them well, and use only what’s necessary. Too many unnecessary Transforms may clutter your results.
- Secure Your Data: Maltego can pull sensitive information. Make sure you handle it with care.
- Stay Up to Date: The digital world and tools like Maltego change rapidly. Regularly update to the latest version to keep up with new features and security enhancements.
- Use Entities Properly: Entities are the building blocks in Maltego. Use them correctly to represent the data you’re working with.
- Use Notes and Bookmarks: You can attach notes to entities, connections and bookmark essential elements. This helps track why something is important or how you discovered it.
- Export and Share with Care: You can export your findings to share with others. But remember, this might include sensitive data, so only share it with those who need it.
Conclusion
As you can see, Maltego is a powerful tool used in penetration testing and other investigations. It provides a graphical representation of your data and enables clear visualization of complex relationships and connections, and aids in the thinking process.
In this article, we began by explaining Maltego and guiding you through its installation process. Next, we demonstrated how to get Maltego up and running, and we introduced you to the main interface. Following that, we dove into initiating an investigation and working with Transforms. Finally, we outlined some best practices to follow when using Maltego.
We’ve just scratched the surface of what Maltego can do, but you should now understand how to use this tool effectively.
Frequently Asked Questions
Is Maltego free?
Maltego can be used for free with its Community Edition and includes some of the same functions as the Pro and Enterprise versions but has limitations such as only having up to 12 results per Transform and 10,000 Entities per graph and not having access to the commercial Transform Hub.
Is it legal to use Maltego?
It is legal to use Maltego, as the tool gathers its information from public and open sources. However, the legality depends on what you are using it for. If you are using Maltego for information gathering and research, then it would generally be considered legal. On the other hand, it may be considered illegal if it’s being used for illegal activities.
Why do hackers use Maltego?
Some hackers may want to use Maltego because it can gather information about individuals and businesses, which could be used to conduct social engineering attacks by exploiting human vulnerabilities to gain unauthorized access.
-
Richard is a cyber security enthusiast, eJPT, and ICCA who loves discovering new topics and never stops learning. In his home lab, he’s always working on sharpening his offensive cyber security skills. He shares helpful advice through easy-to-understand blog posts that offer practical support for everyone. Additionally, Richard is dedicated to raising awareness for mental health. You can find Richard on LinkedIn, or to see his other projects, visit his Linktree.