A selection of Maltego add-ons. Part 1

18 July 2023 6 minutes Author: Cyber Witcher

Maltego Supplement: Unlocking the Potential of Your OSINT Toolkit

Maltego is a recognized OSINT (Open Source Intelligence) and visual analysis tool widely used by cybersecurity professionals, data analysts, and other professionals to collect and analyze information from open sources. However, to fully unlock the potential of this tool, you should be aware of its add-ons. Maltego add-ons are modules that add new features to the basic version of the program. They extend the functionality of Maltego, allowing you to perform more complex and specific tasks of gathering and analyzing information.

This can include everything from additional data collection methods to new types of visual representation of information. However, it is important to remember that not all add-ons are equally useful for all users. Choosing the right set of add-ons depends on your specific task, needs, and skill level. It’s important to do your research and experiment to find the best supplements for your needs. Maltego add-ons can take some time to master, but the effort you put in will be rewarded with improved performance, accuracy in data collection and data analysis. This will open up new opportunities for you as an OSINT or cyber security professional. The Maltego add-on is a powerful tool to enhance your OSINT work. They will allow you to take this powerful information gathering tool to a new level.

Let’s go to the list (Part 1)


Twint is a tool for collecting data from Twitter that does not require authentication or use of the Twitter API. Written in Python, this tool allows you to collect detailed data from Twitter about specific users, including their tweets, dates, times, interactions, geolocation and other information.



Toutatis is a tool for collecting information (OSINT) about user accounts on Twitter. This tool can collect various data about a user, including their basic information, profile details, activity statistics, friend and follower lists, and much more. You can learn a lot of information about a person.



Steam is a digital video game distribution platform developed and operated by Valve Corporation. Launched in 2003 as a means to provide automatic updates for Valve’s own games, Steam has since grown into the world’s largest digital video game distribution service.



Fofa.so is a Chinese search engine specialized in web asset discovery and analysis. This is a service similar to Shodan or Censys, which actively scans the Internet for data about various web resources.



Skype is a software that was first released in 2003 and offers Voice over IP (VoIP), video conferencing, text messaging and file sharing services over the Internet. Skype offers both free and paid services.


Recon NG

Recon-ng is a full-featured Open Source Intelligence (OSINT) tool written in Python. Its interface is similar to Metasploit, making it easy to use for people familiar with this penetration testing tool.



Nmap (or Network Mapper) is an open source and free network scanning and security auditing tool. It is widely used for detecting open ports, identifying services running on remote systems, detecting operating systems, and other network scanning tasks. It is a very useful scanning tool.



Censys is a search engine and dataset that provides information about all devices, websites and certificates available on the Internet. It was developed by researchers at the University of Michigan to help information security professionals understand the global digital security landscape.



VirusTotal is a web service that aggregates many antivirus products and detects viruses, trojans and other malicious software. It allows users to upload files or links for analysis, and the service performs a scan using various antivirus engines and malware detection tools.



GitHub is a web service that provides hosting for version control and software development collaboration. It is the world’s largest online repository for projects based on the Git version control system developed by Linus Torvalds, the creator of Linux. GitHub provides a Git version control interface that allows users to push and pull requests, create branches, and merge code.



Gravatar (short for Globally Recognized Avatar) is a service that allows users to create and manage their own globally recognized avatars, or “Gravatars”. These avatars are associated with the user’s email, and are used on various platforms, including blogs, forums, and social media, to represent the user in comments or profiles. You can hide your identity by using a different avatar.



Host.io is a domain data collection service that provides useful information about websites, including hosts, linked domains, DNS records, and other information. This service is used both by web developers and SEO specialists to increase the visibility of websites in search engines, and by OSINT (Open Source Intelligence) analysts and cyber security specialists to collect data about domains.



Clearbit is a company specializing in business data collection, specifically in B2B (Business-to-Business) areas. Their products provide customers with information about companies and their employees that can be used to improve sales, marketing, recruiting and many other applications.



Maigret is an online identity intelligence (OSINT) tool that looks for the presence of a user account in various online services and social networks. The tool can be useful for researchers and other professions who need to collect maximum information about a certain person in a short period of time.



Hunter.io (formerly known as Email Hunter) is a web service that helps users find email addresses associated with any domain. This tool is widely used to find contact data for marketing, sales, PR, and OSINT (Open Source Intelligence) purposes. With this tool, you can easily find what you need.



OpenCTI is an open platform solution for threat management and intelligence development. It is a tool that was created to provide analysts, researchers, and cybersecurity professionals with the means to collect, analyze, visualize, and share threat information in an efficient, structured, and easy-to-understand manner.



Hunchly is a web tracking tool that helps researchers save and catalog web pages during their online investigations. The tool automatically saves copies of viewed web pages, thus ensuring that important data is preserved even if the original page is later changed or deleted. Tracking with this tool will become  easier.



DNSTwist is a tool for detecting wrongly typed domain names (so-called “mistyped” or “mistyped domains”), as well as domains that contain letter permutations, substitutions, deletions or additions of characters. This tool can detect potential malicious or fraudulent websites trying to impersonate well-known brands.


Other related articles
Found an error?
If you find an error, take a screenshot and send it to the bot.