In this article, we will analyze the maximum of unusual things that you may encounter in the process of working from inexperience.
279 
Maltego knows everything! It is a powerful open source intelligence gathering (OSINT) software. The program allows you to search for information in social network profiles, email addresses, phone numbers, and more. Such information will be available to any person or company to resolve professional issues. With the help of Maltego, you can determine the geolocation of cybercriminals, learn about personal data. In judicial investigations, forensics, this software will be a great helper. Fraudsters can use various schemes of deception – attack with spam, register phishing domains, hack accounts, etc. The Maltego program is able to detect criminals. Often, software helps journalists find the information they need, such as in investigations. The program is useful for law enforcement agencies, private detectives. This Java application analyzes links graphically, works on all operating systems (Windows, Mac, Linux).
Analysis is carried out by querying DNS records, whois, search engines, various APIs, obtaining metadata. Results are provided in a variety of graphical layouts. Thus, it is possible to group data for visual display of relationships. As you already understood, Maltego searches for information in open sources, combines everything found into schemes and builds logical relationships. The work uses three elements for this: Entities (object), Transforms (process) and Links (connections). The object, as a rule, is people, organization, information, computer, website, etc. All elements are placed on the work area. You can change the visual representation of the graph in the graph layout control panel.
So, ladies and gentlemen, let’s get started. If it’s in Russian (well, how would I translate it correctly), then Maltego is a program for searching for information that forms a graph based on the analysis of connections. This software is used in online investigations to automate the process of finding connections between pieces of information that are placed in various sources on the Internet. In other words, Maltego can search for various information on the Internet based on the given parameters from open and not very good sources. Everything he finds is collected in a scheme, and after that he builds logical connections between the data. For this, there are 3 elements in the program itself: Entities, Transforms and Links.
Object. Something or someone. Information that has been given some logical meaning. For example, a specific person, company, computer, website.
Retrieves and interprets the information found. For example, downloads data from a social network from a person’s page to the resulting graph.
These are connections. They are built between Entities and reflect the logical connection of elements among themselves.
Now let’s go directly to the form in which we can use it and, finally, calculate on social networks how Natashka’s life from 11B turned out there. The creators of Maltego, the company PATERVA, offer the following releases to choose from.
This version is without the ability to apply Transforms. This release is used by people who conduct manual OSINT. They just need an ecosystem where they can keep their Sherlock Holmes notes. In this context, Maltego replaces a physical board with threads and photos. The release does not limit the size of the graph you can build, commercial use is assumed. But it has only one download function – to the paid version of Maltego. Apparently, everything is free, but it does not even download a basic report.
It is part of Kali Linux and provides access to the so-called Free Transformation Hub. This is a list of companies that provide samples of their Transforms for Maltego. There is a sense of this release, but only from foreign social networks. In the RU segment, everything is silent. Also, this release does not allow commercial use.
The maximum output size from one Transforms is limited to 12 Entities. In other words, you will get only the first 12 options when searching or unloading information. The maximum size of the graph is 10,000 Entities. There is no technical support as a class, but export can be done in any available form, including in the form of an OSINT report in PDF with a graph attachment. And this whole set with registration (you need to create an account to work), but without SMS.
Maltego base release. Here we already receive technical support (it is not clear what issues it solves, but so be it). The same basic Transforms package as in the CE release and access to the Commercial Transform Hub. There are almost all the same companies. For a decent fee, you are ready to provide additional sets of Transforms and Entities to conduct OSINT for any taste.
Do you want to search on social networks? Here are the Social Links. Want Shodan port and website vulnerability downloads – please! If you want domain data and IP address change history from the DomainTools service, take it. The main thing is money in advance. The maximum size of the graph remained at the mark of 10,000 Entities, but the maximum size of the download per request jumped to 10,000 Entities of conclusions instead of 12.
Seriously, in this release we get the same functions as in Maltego Classic, only the graph size has grown from 10,000 Entities to 1,000,000! The size of the download from one Transform is now not 10,000, but 64,000 results. I don’t know who might need such a large array of information, but if such a version exists, then, following the laws of the market, there is also a demand.
Next, I will provide a summary table comparing all versions so that it is clear how they differ.
Finally, a few words about the Transformation Hub. This is where the main cover lies. By itself, Maltego is a pretty good tool. But what is called “Standard OSINT Transforms” in the nameplate is only a small set of basic mechanisms: downloading information from Bing, searching for a phone in the database of US telecommunications operators, etc. Not a lot. And this is where the Commercial Transform Hub saves the city like Batman.
It consists of companies that, for money, offer additional Entities and Transforms, as well as access to their features to extend the capabilities of Maltego. The inscription Free under some only means that the package will be given to you to download for free, or there is a trial period. To use Transforms from any company, you will need an account on their website, or an API key, or a license key. Regarding the price policy: if you are an Arab sheikh, you can buy everything and not understand what will be useful from it. For the rest, the mechanism is as follows: we look at what each member of the hub can offer, and select a tariff based on our budget. I guess this will end the first part of the analysis. Second, let’s see what Maltego can do and what it looks like. I will review the interface and basic functions of the software. Stay tuned for new posts.
279 
302 
298 
251 
255 
249