Information gathering has always been a crucial part in any penetration project, vulnerability analysis, forensics etc. there are many different tools out there for different type of information gathering, no doubt they all have many salient features, but security researchers have always tried to improve tools and make new tools which can be more time efficient with more capabilities. Maltego is an example of one of such complementary work, overpowered with multiple features in one interface makes it the first preference of every enterprise.
What is Maltego?
Maltego is proprietary software used for open-source intelligence and forensics, developed by Paterva. Maltego focuses on providing a library of transforms for the discovery of data from open sources and visualizing that information in a graph format, suitable for link analysis and data mining.
Basically, it uses different algorithms to fetch all the information available on the internet about the target, but its capabilities are not limited to that, it can also explore insides of a network by using some aggressive techniques, which means it can do both active and passive information gathering.
How to use it?
Maltego comes pre-installed in Kali Linux, windows and MacOS version are also there on the official website. It provides a very interactive graphical interface, first you have to create your account, creating an account is free, after that, you can use all of its free features available, of course, you will have limited access with community edition of Maltego, but it’s great for learning purpose.
To start gathering information about a target, for example, www.mywebsite.com, just drop the domain name in the white tab, with right click on the target node you will see available transforms, these transforms can be used to extract information like sub-domains, mail-server, a range of IP addresses, nameserver and a lot more.
Each and every information will be presented in a graphical way, you can even customize how you want to see the information.
- Provides a wide variety of transforms
- Representation of information with graphs and color codes
- Both active and passive information gathering
- In-depth representation of all links and networks.
Being a powerful automated tool, it should be used with caution, as while doing active information gathering, the target can notice your activities, hence a written permission will always keep you safe.
enterprise use this tool to ensure their system and network securities, forensics use this tool to investigate a cyber crime to analysis the weakness in the network which the hacker exploited.
To get a better understanding of how to use its graphical user interface, watch the video above and keep learning to keep hacking.