Today, we are working about Maltego Cyber Intelligence software.
The basic use of the Maltego application is analyzing real time data (social networks and computer network nodes) between people, groups, Webpages, domains, networks, internet infrastructure, and affiliations with online services such as Twitter and Facebook.
Among its data sources are DNS records, whois records, search engines, online social networks, various APIs and various meta data. It is used by Cyber security investigators.
What is Maltego?
Maltego is a software used for open-source Cyber intelligence and forensics, developed by Paterva. Maltego focuses on providing a library of transforms for discovery of data from open sources, and visualizing that information in a graph format, suitable for link analysis and data mining.
What does Maltego do?
Maltego is an Information gathering software, inbuilt in Kali Linux by default and it can be used to determine the relationships and real world links between:
- People
- Groups of people (social networks)
- Companies
- Organizations
- Web sites
- Internet infrastructure such as:
- Domains
- DNS names
- Netblocks
- IP addresses
- Phrases
- Affiliations
- Documents and files
- These entities are linked using open source intelligence.
- Maltego is available for Window, Mac and Linux. You can download and install it on any platform.
- Maltego is comes with Graphical interface that makes easy to use and see these relationships instant and accurate.
- Using the graphical user interface (GUI) you can see relationships easily – even if they are three or four degrees of separation away.
- Maltego is unique because it uses a powerful, flexible framework that makes customizing possible. As such, Maltego can be adapted to your own, unique requirements.
Use of Maltego:
- Maltego can be used for the information gathering phase of all security related work. It will save you time and will allow you to work more accurately and smarter.
- Maltego aids you in your thinking process by visually demonstrating interconnected links between searched items.
- Maltego provide you with a much more powerful search, giving you smarter results.
- If access to “hidden” information determines Cyber Intelligence your success, Maltego can help you discover it.
So let’s start..
FIRST Step to Run Maltego in Kali Linux
As you know Maltego is available in kali linux by defalt.
Go to Application > Information Gathering > Maltego
Or simple type maltego in terminal
Registration/login on Maltego Server:
When you open Maltego, you will need to follow the steps to configure Maltego. After it finishes loading, you will be greeted by a screen asking you to register/login Maltego.
If you are new register on maltego’s website https://www.paterva.com/community/community.php then login with right credential (Username and password).
After that, if you enter right credential then you can login result as follow screenshots.
When you successfully login to the Maltego server, you select and install the transition seeds. After a complete transformation installation you are ready to run the new machine to gather information.
Step 2: Choose a Machine & Parameters
In this step we need to decide what kind of “Machines” we want to run against our goal. In Maltego, a machine means what kind of footprint we want to set to scan results.
Start a Machine window which can assist in running your first machine.
Select the start a machine is to select the machine you would like to run from the list of machines that are available in your Maltego client. So let’s choose an L3 footprint that will gather as much information as we can.
Footprint L3 (intense and the most complete information gathering)
Now will have to specify target (domain name) in new window, Provide domain (target) and click Finish.
After run stalker successfully you will get result like as follow screenshot.
When Maltego scanning is done, you can see all of the relationships between the target and its sub-domains, linked sites and get detail of name servers, mail servers, IP addresses and much more info.
Maltego is an excellent software for network reconnaissance to find potential target information gathering, enabling multiple types of reconnaissance in one scan with the same software.
In the next session of Maltego we are going to do individual reconnaissance.