Maltego

From aldeid
Jump to navigation Jump to search

Maltego

Description

Maltego is an open source intelligence and forensics application, enabling to easily gather information about DNS, domains, IP addresses, websites, persons, etc. The information is rendered on a graph, showing the relationships between objects. This is the perfect tool for social engineering.

At the time of this writing, Maltego Community Edition (CE) 3.0 offers following components:

  • Infrastructure
    • Internet Autonomous System (AS)
    • DNS Name
    • Domain Name
    • IPv4 Address
    • Location
    • MX Record
    • NS Record
    • Netblock
    • Website
  • Personal
    • Email Address
    • Person
    • Phone Number
    • Phrase

Installation

$ cd /data/src/
$ wget http://www.paterva.com/malv3/MaltegoCESetup.v3.0.936.deb
$ sudo dpkg -i MaltegoCESetup.v3.0.936.deb
Note
Go to http://www.paterva.com/web5/client/download.php to download Maltego under other formats. It is available as Windows installer, rpm, deb, zip and will soon be available for MacOS.

It installs a shortcut in the menu. Depending on your distribution, you will commonly find it under the Internet section (e.g. for Kubuntu: K > Applications > Internet > Paterva Maltego CE).

When you first launch the tool, you will be presented with a wizard to help you finish the installation.

Note
Notice that you will need to register to be able to use Maltego: https://www.paterva.com/web5/community/index.php#Register

Optionally create a symbolic link in your /pentest/ directory: 

$ mkdir -p /pentest/enumeration/maltego/
$ ln -s /usr/bin/maltego-ce /pentest/enumeration/maltego/maltego-ce

Usage

Global usage

Maltego offers a very intuitive GUI which is commonly split on 3 panels:

  • left: list of objects (domains, persons, ...)
  • center: working space where you drag and drop objects from the left panel
  • right: specific options displayed on click on the objects from the center panel

Right click on an object to display/select the list of all available transforms.

Looking for a person

Domain information

Maltego is able to retrieve relevant information about domains, as you can see on the following picture.

Looking for documents

Considering a domain as entry point, it is possible to look for documents and try to gather meta description. As you can see on the picture, it is possible to gather information about the author, the company, and even a login.

Note
A previous search on email address has enabled to discover a mail address.

Comments

Talk:Maltego

Retrieved from "https://www.aldeid.com/w/index.php?title=Maltego&oldid=22241"