Introduction to Maltego
Maltego is a powerful OSINT information gathering tool. For effective and successful penetration testing, information gathering is a prime aspect, and must be therefore given utmost importance. An attacker would attempt to gather as much information as he can about the target before executing an attack. Information gathering constitutes of about 80% part of the attack. Maltego enables the attack to be more refined and efficient than if it were carried out without much information about the target.
Maltego offers broadly two types of reconnaissance options :-
1. Infrastructural
2. Personal
Infrastructural reconnaissance deals with the domain, covering DNS information such as name servers, mail exchange, zone transfer tables, DNS to IP mapping and related information.
Personal reconnaissance on the other hand include personal information such as email addresses, phone numbers, social networking profiles, mutual friend connections, and so on.
Maltego framework and advantages:
Maltego uses seed servers by sending client data in the XML format over a secure HTTPS connection. Once processed at the server side, the requested results are returned to the Maltego client. Gathering publicly available information using search engines is a time consuming task. Maltego largely automates the information gathering process, thus saving a lot of time. The graphical display of the information minded by the software aids in analyzing the data and helps determining the links between various entities.
Maltego Clients:
1. Maltego XL: Maltego XL (eXtra Large) is the latest version that Paterva came out with. It has all the features present in Maltego Classic with the addition of working with larger graphs. Like Maltego Classic, Maltego XL, too allows us to map out the network and do a threat analysis which makes it easier for us to find the weak points.
2. Maltego Classic : It is the professional version that provides extended functionality when compares with the CE (Community Edition) tool. It requires a license key to be used.
3. Maltego CE (Community Edition) : This version is available for free. However, a simple signup is required to use it. It provides us with the same feature set as the commercial version, however, with a few limitations.
4. Case File : Maltego released this version as many users where using the tool to build graphs with offline data that they had gathered from various sources.
- It can be used to determine the relationships and real world like links between hundreds of different types of information .
- It can used to plot relationship between pieces of information.
Starting the Maltego : Go to Applications → Information Gathering → Maltego.
Now at the start Maltego ask for Product Selection. Here , I’m choosing the CE version. After running the instance you’ll be asked to register or login if you already have a account.
Here, in these examples I’m showing you how to use Maltego for infrastructural reconnaissance.
After entering all the credentials you’’ll see maltego home screen.
Just add a new graph. Now Navigate to Entry Palette and just drag the ‘Domain’ icon to the center of the screen. Change ‘paterva.com’ to ‘any_website_you_want_gather_info_about’ by double clicking on it.
Now,, right click the icon and press right arrow to run all transformations. at bottom of the screen a bar goes from 0 to 100% when all the transforms are done and our graph gets filled.
After running all the transforms you”ll notice that the graph is expanding. This expansions gives information about the related entities.
Further expanding the targeted domain you’’ll come to know on which server the site is hosted and various details like when the site was created and when the domain was purchased.
Conclusion: Maltego is a powerful tool and one of the best for information gathering. Although it’s numerous features can be overwhelming at times, but once you get a grip on the tool, it will prove it’s worth.
