Hey guys back again with another Blog,
Today, we are going to take a small tour on Maltego, a Open source Intelligent tool which is currently having lot of aspects in Information gathering purposes.
Maltego gives lot of information on targets of different fields like Forensics, Personal, and entertainment also like Movies Analysing.
Maltego works on Libraries of Transforms to provide Gathered information in the form of attractive graphs and charts with the relation and interconnection between those.
Maltego is having a free Edition called Community Edition(CE) and also professional edition, CE is enough to work on Penetration testing purposes, if you really need to work on enterprise levels then it’s better to go with Professional Edition.
- Computer with at least 2GB of RAM and higher level processors will give better results.
- 4GB of Disk space is more than enough to Install and Run.
- Internet connectivity is Mandatory for Maltego as it is analyzing the data from external resources.
- It needs port 80,443 to Run sometimes it needs other ports to work with third party Transforms.
- Using of External Mouse is preferred to Make it Easier
Ok then, let’s see what we got here,
Step 1:- First of all Download and install Maltego from the official Site Paterva or you can click here
Step 2:- During the installation it will prompt you to sign up, do the signup its free of cost. Next it will show you the transforms Hub in which you can choose the transforms you need to work with, some transforms are Paid one & some are free one, you can use some Transforms with API key, like shodan transform will ask you for that, you can Signup in Shodan website to use the API key to install it.
Transform Hub will look like this only, you can select this transforms hub panel in Transforms tab too. You can install as many transforms you want from the list.
Step 3:- Click the Maltego symbol on the left corner, then click new to open a New Blank Graph.
We can find lot of information on the left pan of Entity palette to start our investigation.
We can Use Devices like Mobile, Computer, cameras. We can Choose an organization, Group of entitity, enterprise, Educational institution too. We can Investigate with the Networking things to starts from IP, DNS Name, banner, NetBlock, URL, website and Tracking code of website too.
We can Analyze Locations and crime scenes to with various locations like Airport, Harbor, office, Home, Country.
We can Use maltego to check out with Personal Information of a person like Email address, Mobile Number, Images, Document and Aliases too.
It also has wide range of things like Transportation, Social links, Tracking, Weapons and Events.
Ok, that’s enough with the Theoretical things in Maltego lets check some in Practical View.
We can choose the Starting point of Information Gathering From the left Pan Drag Domain name into the Empty Graph sheet.
By default it will be having Paterva.com name we can change it by double clicking or in the properties box in lower right corner of the window.
Here I will be checking it with our Secondary website called as redsecurium.org. It is Not advisable to attack or Check up on other Websites or Domains. You have to make clear of yourself what you do it in here.
Next, Right Click on domain to enumerate things from it, here am choosing To Website[Quick Lookup] to get the website name and details.
From the website LOGO right click to enumerate the IP address of the site by clicking To IP Address and Domain, some Servers can be using Web Application Firewall to Deceive you.
We can Get Email Address also by Right clicking the IP address and Choosing the To E-mail Address option. It is having 3 email addresses in this IP address
We can get Location Details also by Right clicking and choosing To Location [city,country] option.
To enumerate DNS details we can right click on Domain we have started and choose To DNS Name-NS
Here it is clearly showed that Our site is hosted in some server.
We can also enumerate NetBlock Details of an IP by choosing To Netblock[Using routing info]
It is Displayed in the below screenshot with some IP Range we can get the IP address associated in it.
We can get the IP addresses by right clicking To IP addresses[Found in NetBlock] to display the list of IP addresses.
Look at it, how beautifully it is displayed the list of IP addresses
We can zoom out and overview our Graph Flow and analysis of our investigation.
We can Use maltego tool to enumerate and gather lot of information in many case entities.
Do not use all the Transforms at once, it is a bigger mistake done by all the researchers, so choose a systematic approach before you start and choose a single transform.
Our(Pen-testers) main target will be IP, Servers, Domain etc.
I am advising you not to use it for any malicious purposes, even i revealed some sensitive info in the screenshot, you should know how to be confined in Limits of LAW.
That’s it for today guys, I hope you learned something today, Comment down your Suggestions, queries below so that we can learn together.
Thank you guys, see ya.