Maltego makes the collection of open source intelligence about a target organisation a simple matter. DNS queries, document collection, email addresses, whois, search engine interrogation, and a wide range of other collection methods allows a Penetration Tester, or vulnerability assessment, to quickly gather and find relationships between the data.
Maltego is an open source intelligence and forensics application. It will offer you timous mining and gathering of information as well as the representation of this information in a easy to understand format. Coupled with its graphing libraries, Maltego allows you to identify key relationships between information and identify previously unknown relationships between them.
Both Windows and Linux versions are available. It is java based and the jar can be downloaded directly from here - community edition. The community edition is more than capable, however, for full access to the "transforms" and other features there is a commercial version.
Using Maltego
A quick step by step
- Click on the plus button to create a new graph.
- Drag an option from the left panel onto the page (domain for example)
- Double click the name in the icon to change it to the domain you want to interrogate.
- Right click and select the transforms you want to run.
- You will quickly build up a lot of detail about that single domain.