“Maltego is a software[1] used for open-source intelligence and forensics, developed by Paterva[2] from Pretoria, South Africa. Maltego focuses on providing a library of transforms for discovery of data from open sources, and visualizing that information in a graph format” -Wikipedia.
For effective and successful penetration testing information gathering is the key. A good penetration tester or hacker always gathers as much information about the target as possible before actually performing the attack.
Maltego is one of the best information gathering and data mining tools. In Maltego alone, users can query all types of data thanks to data integrations with Shodan, WHOIS, TinEye, The Wayback Machine, VirusTotal, ATT&CK, and MISP, Pipl, Orbis, and more.
Basically, maltego is used for OSINT, and we have already discussed what OSINT is in Previous articles.
How to use Maltego?
Maltego is pre-installed in Kali linux.
You can always download maltego for Windows, Linux or Mac.
You can install maltego as any general software after installing it you have to create an account on maltego to login into application.
Maltego has 3 different packs-
- community
- Professionals
- Enterprises
Community version is free to use and others are paid with more features.
When you open the maltego after setting it up there are some buttons at top left corner. let’s talk about them.
The Application button will open a application menu.
Maltego uses graphs to show data and information it collects. Now, let’s see how to how to create a new graph.
Graphs in Maltego
To create new graph.
To create a new graph you can go to application tab and click on new graph or you can also select new graph option from top left corner.
This is how a Graph in Maltego looks like. Once you have created a new graph you will get a fresh page within a new tab, surrounded by a range of control windows.
Now just select the entity you want to perform OSINT on like some domain name or DNS system.
- People
- Groups of people (social networks)
- Companies
- Organizations
- Web sites
- Internet infrastructure such as:
- Domains
- DNS names
- Netblocks
- IP addresses
- Phrases
- Affiliations
- Documents and files and a lot more…
Basically, you can gather information about all the things mentioned above. Just select an entity.
Here we have selected domain name. Now, just put any domain you want and click on the entity.
This will expand all the available information on the domain and show it as a tree like below-.
Here you can see all the possible DNS records of the domain.
Transform Hub
Now if you right-click after selecting an entity it will open up a context menu or transform hub where you can search all sorts of things about the domain and fetch the available information.
Now you can search for all sorts of things from here. Maltego will add all the information in a form of a tree which is really easy to read and understand. Let me give you an example of what are transforms.
This how a transform hub looks like and this is just a short part, It has a lot more options.
So this is how you perform basic OSINT research on maltego. It is a really strong and good platform to perform information gathering because it will give you every information available on open-source. you can add your manual links too in the tree graph and create an execution plan.
This is what you can find with just a domain with this amazing tool.
You can always refer to official documentation of maltego from it’s official site.
Click here to view documentation.
What we have learned
- It is one of the best tools for information gathering and OSINT research.
- Can find any sorts of information available in open-source.
- Easily editable graphs.
- It can easily find all sorts of information of Domain, Names, Ip address and many more things.
For more articles like this see our blogs