Maltego OSINT Reconnaissance

I’ve written about various tools for reconnaissance like Recon-NG, Theharvester, Spiderfoot, etc. I’ve been reluctant to write about Maltego because unlike the other tools, it has a GUI which is quite self-explanatory. So there’ll be no need to get long or complicated about it.

Maltego is a commercial product from Paterva. There is a community edition available which requires a registration in their site, and has some limitations compared to the full version.

If you are using a security distro, just run Maltego. If not, download and install. You’ll be greeted by the Product Selection Menu. To use the CE version go and create a free account.

After setting the account, update Maltego to ensure that you have the latest transforms. What are transforms? Transforms are the pieces of code used by Maltego to execute according to an input and return an output. The Maltego documentation explains how to develop transforms and expand funcionality.

Lets add a search of medium.com. First add a new graph. Navigate the Entity Palette and drag the ‘Domain’ icon to the center of the screen. Change ‘Paterva.com’ to ‘medium.com’

Finally, right-click the icon and press the right arrow in the line All transforms. At the bottom of the screen a bar goes from 0 to 100% when all transforms are done and our graph gets filled (if all went well):

Using the button on the left (layout) we can visually rearrange all the information gathered. Once finished a first transform, we can now navigate to another point and execute a new transform. Our graph will be update and new relations will emerge.

Some transforms require a login, much like some other tools require an API key.

Conclusion

Maltego is a outstanding tool in our toolbelt. Its purpose is reconnaissance and properly used can complement other tools.