A powerful new tool is about to go into a new release. Maltego makes the collection of open source intelligence about a target organisation a simple matter. DNS queries, document collection, email addresses, whois, search engine interrogation and a wide range of other collection methods allows a Penetration Tester or vulnerability assessment to quickly gather the data and find relationships between the data.
Both Windows and Linux versions are available. It is java based and the jar can be downloaded directly from https://www.paterva.com/web4/index.php/client/community-edition - the community edition is more than capable, however for full access to the "transforms" and other features there is a commercial version.
To get started:
- Click on the plus button to create a new graph.
- Drag an option from the left panel onto the page (domain for example)
- Double click the name in the icon to change it to the domain you want to interrogate.
- Right click and select the transforms you want to run.
- You will quickly build up a lot of detail about that single domain.