Maltego: Automated Information Gathering

Information gathering has always been a crucial part in any penetration project, vulnerability analysis, forensics etc. there are many different tools out there for different type of information gathering, no doubt they all have many salient features, but security researchers have always tried to improve tools and make new tools which can be more time efficient with more capabilities. Maltego is an example of one of such complementary work, overpowered with multiple features in one interface makes it the first preference of every enterprise.

What is Maltego?

Maltego is proprietary software used for open-source intelligence and forensics, developed by Paterva. Maltego focuses on providing a library of transforms for the discovery of data from open sources and visualizing that information in a graph format, suitable for link analysis and data mining.

Basically, it uses different algorithms to fetch all the information available on the internet about the target, but its capabilities are not limited to that, it can also explore insides of a network by using some aggressive techniques, which means it can do both active and passive information gathering.


How to use it?

Maltego comes pre-installed in Kali Linux, windows and MacOS version are also there on the official website. It provides a very interactive graphical interface, first you have to create your account, creating an account is free, after that, you can use all of its free features available, of course, you will have limited access with community edition of Maltego, but it’s great for learning purpose.

To start gathering information about a target, for example,, just drop the domain name in the white tab, with right click on the target node you will see available transforms, these transforms can be used to extract information like sub-domains, mail-server, a range of IP addresses, nameserver and a lot more.

Each and every information will be presented in a graphical way, you can even customize how you want to see the information.

Salient features:

  • Provides a wide variety of transforms
  • Representation of information with graphs and color codes
  • Both active and passive information gathering
  • In-depth representation of all links and networks.

Being a powerful automated tool, it should be used with caution, as while doing active information gathering, the target can notice your activities, hence a written permission will always keep you safe.

enterprise use this tool to ensure their system and network securities, forensics use this tool to investigate a cyber crime to analysis the weakness in the network which the hacker exploited.


To get a better understanding of how to use its graphical user interface, watch the video above and keep learning to keep hacking.

Liked it? Take a second to support Alexis on Patreon!
Share this post

Leave a Reply

Your email address will not be published. Required fields are marked *


SSH Brute-force Protection With Fail2Ban

Fail2Ban is an intrusion prevention framework written in Python that protects Linux systems and servers from brute-force attacks. We can setup Fail2Ban to provide brute-force protection for SSH on our server, this will ensure that the server is secure from brute-force attacks and it also allows us to monitor the strength of the brute-force attacks […]

Share this post

Cracking WPA/WPA2 Passwords

Cracking WPA/WPA2 Passwords This test was carried out using the Alpha Long Range USB Adapter (AWUS036NHA) In this article, I will explain how to crack WPA/WPA2 passwords by capturing handshakes, then using a word list, to crack the password protected the access point. This is known as a dictionary attack. In this example, I will […]

Share this post