What is Maltego? | How to use it for Information Gathering.

In this article we are going to learn about a software name Maltego which is used for Information gathering and OSINT research

Maltego is a software[1] used for open-source intelligence and forensics, developed by Paterva[2] from Pretoria, South Africa. Maltego focuses on providing a library of transforms for discovery of data from open sources, and visualizing that information in a graph format” -Wikipedia.

For effective and successful penetration testing information gathering is the key. A good penetration tester or hacker always gathers as much information about the target as possible before actually performing the attack.

Maltego is one of the best information gathering and data mining tools. In Maltego alone, users can query all types of data thanks to data integrations with Shodan, WHOIS, TinEye, The Wayback Machine, VirusTotal, ATT&CK, and MISP, Pipl, Orbis, and more.

Basically, maltego is used for OSINT, and we have already discussed what OSINT is in Previous articles.

How to use Maltego?

Maltego is pre-installed in Kali linux.

You can always download maltego for Windows, Linux or Mac.

You can install maltego as any general software after installing it you have to create an account on maltego to login into application.

Maltego has 3 different packs-

  1. community
  2. Professionals
  3. Enterprises

Community version is free to use and others are paid with more features.

When you open the maltego after setting it up there are some buttons at top left corner. let’s talk about them.

The Application button will open a application menu.

Maltego uses graphs to show data and information it collects. Now, let’s see how to how to create a new graph.

Graphs in Maltego

To create new graph.

To create a new graph you can go to application tab and click on new graph or you can also select new graph option from top left corner.

Maltego Graph

This is how a Graph in Maltego looks like. Once you have created a new graph you will get a fresh page within a new tab, surrounded by a range of control windows.

Now just select the entity you want to perform OSINT on like some domain name or DNS system.

  • People
  • Groups of people (social networks)
  • Companies
  • Organizations
  • Web sites
  • Internet infrastructure such as:
  • Domains
  • DNS names
  • Netblocks
  • IP addresses
  • Phrases
  • Affiliations
  • Documents and files and a lot more…

Basically, you can gather information about all the things mentioned above. Just select an entity.

Maltego Entity Palette

Here we have selected domain name. Now, just put any domain you want and click on the entity.

This will expand all the available information on the domain and show it as a tree like below-.

Here you can see all the possible DNS records of the domain.

Transform Hub

Now if you right-click after selecting an entity it will open up a context menu or transform hub where you can search all sorts of things about the domain and fetch the available information.

Maltego transform hub
src-> maltego.com

Now you can search for all sorts of things from here. Maltego will add all the information in a form of a tree which is really easy to read and understand. Let me give you an example of what are transforms.

This how a transform hub looks like and this is just a short part, It has a lot more options.

So this is how you perform basic OSINT research on maltego. It is a really strong and good platform to perform information gathering because it will give you every information available on open-source. you can add your manual links too in the tree graph and create an execution plan.

src -> nullbytes.wonderhowto

This is what you can find with just a domain with this amazing tool.

You can always refer to official documentation of maltego from it’s official site.

Click here to view documentation.

What we have learned

  1. It is one of the best tools for information gathering and OSINT research.
  2. Can find any sorts of information available in open-source.
  3. Easily editable graphs.
  4. It can easily find all sorts of information of Domain, Names, Ip address and many more things.

For more articles like this see our blogs

About Cybervie

Cybervie provides best cyber security training program in hyderabad, India.This cyber security course enables you to detect vulnerablities of a system, wardoff attacks and manage emergency situations. Taking a proactive approach to security that can help organisations to protect their data, Cybervie has designed its training module based on the cyber security industry requirements with three levels of training in both offensive and defensive manner, and use real time scenarios which can help our students to understand the market up-to its standard certification which is an add on advantage for our students to stand out of competition in an cyber security interview.

More Info – Click Here

Share on facebook
Share on twitter
Share on linkedin
Share on whatsapp

Recent Posts

Follow Us on Youtube

Cyber Security Training Program 2020

Cyber security Course offered by Cybervie prepares students for a path of success in a highly demanding and rapidly growing field of cyber security. The course is completely designed with an adaptable mindset, where the program allows the student to complete the course work at their own pace while being able to complete weekly assignments. Hence, also making it convenient for busy working professionals to pursue the training to help them advance their career in cyber security.

Cybervie has designed the training module based on the cyber security industry requirements in both offensive and defensive manner, using real time scenarios which help our students to understand the market standards.

Sign up for our Newsletter

Interested in Cyber Security Training Program 2020 – Click Here