OSINT, Technology, Tutorials

Information Gathering: Using Maltego In Kali Linux

October 30, 2017

Maltego is a tool developed by Paterva that is marvelously utilized by experienced penetration testers and OSINT investigators. Maltego holds the capability of being able to discover and accumulate data of a potential target in a single instance for a domain. It can visualize the accumulated data in a graph format for future analysis.

Maltego can collect data from OSINT and scrutinize real-life correlations among individuals, groups, domains, corporations, internet infrastructure, affiliations, and websites.

IT security professionals, hackers, state intelligence agencies, and government organizations use Maltego to assist with their unique objectives.

Using Maltego In Kali Linux To Get Information Of A Target

Maltego may collect data pertaining internet infrastructure, notably domains. It can also gather information about individuals such as their potential email addresses.

Let’s go collect some information.

Open Maltego In Kali

Start Kali and then open Maltego by going to Applications > Information Gathering > Maltego

Select Maltego Community Edition In Product Selection Window

After opening Maltego, you will have to wait a little bit while the GUI loads.

When Maltego GUI finishes loading, you’ll be presented with a product selection window that has four versions of Maltego listed:

  • XL
  • Classic
  • CE (Community Edition)
  • CaseFile

Choose Community Edition.

Register For A Maltego Account

After selecting a version of Maltego, you’ll be asked to log in or register for an account.

Remember your new password since you need it when you log in to use the software.

Install Transforms

Click “Next.

Finish Configuring Maltego

Click “Finish.

You’ll see Maltego’s GUI. On our right, you will see supplemental features which you may install for more comprehensive OSINT. Remember that they need APIs.

Choose Type Of Footprinting For The Target

Click on the red circle logo (With spikes), and you’ll see a menu where you can decide which type of footprinting you’ll like to initiate against our target. We will go ahead and choose “Footprint L3” which takes the longest time but generates the most data as possible.

Select A Target

Now we have to select a domain name which is also the target.

Click “Ok.

Maltego Starts Collecting Information On The Target

Maltego will proceed to collect information on the target domain and present it in a graphical map for us to view.

Wait for a little bit while data is being obtained.

Maltego Target Domain Results

When all information has been gathered, the “machine” will be marked as “completed.”

We’ll see a graph with various circles of distinctive colors. More importantly, we’ll see what those colors represent on our right:

Therefore, we’ll see that Maltego has gathered information of the domain such as IPv4 addresses, netblocks, MX records, NS records, and email addresses. The data is essential for reconnaissance.

NOTE: The above screenshot shows the graph set in the default layout which is Organic.

We can zoom in while using Organic mode and see the various relationships of the target, especially internet infrastructure.

Let’s change the layout mode to Block.

We’ll be shown a more structured graph where Maltego displays the relationships among our target such as its numerous NS records and associations with linked sites.

We can even toggle fullscreen and zoom in.

Performing Reconnaissance On An Individual

Maltego allows us to also perform reconnaissance on a particular individual of interest. The data could potentially be deployed to assist in locating or pursuing an individual, the organizations they are correlated with, phone numbers, and their email addresses.

Click on the red circle logo (With spikes) as we did earlier, and we’ll see a familiar menu where we will go ahead and choose “Person – Email Address.

Select A Target

Now we have to select an individual who is also the target.

Click “Ok.

Select The Relevant Email Addresses

Maltego proceeds to find information on the internet relating to any email addresses related to the target. It typically collects various email addresses correlated with the specific name entered earlier. Obviously, not all emails addresses will be connected to the target, but they will all be associated with the name.

We have to decide which of the above email addresses to select. For this tutorial, I selected all of them.

Click “Next.

Maltego proceeds to construct a graph with all of the email addresses selected.

We should pay close attention to our left window which is labeled “Entity Palette.” Significantly, we can use Maltego to search for related information pertaining the target of interest. Scroll down or enlarge the window and let’s choose “Phone Number” to see if we can discover a phone number for the target.

We can toggle fullscreen and zoom in to see all the data Maltego has collected for us regarding the target.

 

You Might Also Like

Back to top
%d bloggers like this: