of bob218
Maltego is a data mining tool that mines a variety of open-source data resources and uses this data to create graphs for analysis. The graphs make it easy to make connections between information such as names, e-mail organisational structure, domains, documents, etc. Maltego uses Java so that it can run on Windows, Mac, and Linux and is available in many OSINT Linux distributions. It will analyze a large amount of information and search various open-source websites for you and then pull out a nice-looking chart to help you put the pieces together.
There are several versions of Maltego available:
> Maltego XL > Premium version for large data.
> Maltego Classic > Pay version which includes all APIs (transforms).
> Maltego CE > Free Version with limited APIs (transforms). [VERSION USED FOR THIS PROJECT!]
> Casefile > For examining links in offline data.
Installation: Maltego comes pre-installed on KaliLinux. Simply go to the Maltego website and create an account. Once you have created your account, you will receive a key that will allow you to use the Community Edition(CE).
If you are doing a new installation on Win, Mac or Linux, here is a guide… >Installing Maltego : Maltego Support .
What is all this API/Transform nonsense?
An API is an application programming interface and in very simple terms is what connects other software such as Shodan and Dorking transforms with Maltego. Maltego calls these connections ‘Transforms’ and if you are running Maltego CE you will find that some transformations are free while others are paid for. The disadvantage of running the free version of Maltego is that not all transformations are pre-installed, so to use them you will have to register on each website to obtain the API code to activate the corresponding transformation.
How to perform a simple network reconnaissance? Click on the New Graph button in the top left-hand corner and a new empty graph pane will open.
Choose your target, copy and paste it. My target is babbel.com.
Right-click on the domain icon and the Perform transformations box opens. Here you could be very specific about what you want to search for by scrolling, but in this example we choose Execute all transformations.
As you have just seen above, all kinds of information are displayed, including DNS servers, related sites, related e-mails, e-mail servers, etc…
You can use these connections to make even more detailed connections such as names associated with e-mails and telephone numbers.
Let’s take a closer look at one of the emails that showed up linked to babbel.com “gcontaldi@babbel.com”. Right-click on the icon and run All Transformations.
When the transformations are complete, we will have an added graph of all the information associated with this email.
As you can see, I have only used a tip of the tool’s potential and there are still a million fun things you can do with a simple domain and email search within Maltego! Try Maltego yourself by searching for your email or web address and see what connections you can make! :)
💻 Follow me
👏 Give the article 50 claps
📚 Read more articles on Medium
🔗 Connect on social media Github | Kaggle
