• Subscribe to the low volume list for updates.

Maltego – Open Source Intelligence Gathering

A powerful new tool is about to go into a new release. Maltego makes the collection of open source intelligence about a target organisation a simple matter. DNS queries, document collection, email addresses, whois, search engine interrogation and a wide range of other collection methods allows a Penetration Tester or vulnerability assessment to quickly gather the data and find relationships between the data.

Maltego is an open source intelligence and forensics application. It will offer you timous mining and gathering of information as well as the representation of this information in a easy to understand format. Coupled with its graphing libraries, Maltego allows you to identify key relationships between information and identify previously unknown relationships between them.

Maltego is easy to understand and doesn't require a lot of technical education.

Both Windows and Linux versions are available. It is java based and the jar can be downloaded directly from https://www.paterva.com/web7/community/community.php - the community edition is more than capable, however for full access to the "transforms" and other features there is a commercial version.

To get started:

  1. Click on the plus button to create a new graph.
  2. Drag an option from the left panel onto the page (domain for example)
  3. Double click the name in the icon to change it to the domain you want to interrogate.
  4. Right click and select the transforms you want to run.
  5. You will quickly build up a lot of detail about that single domain.