Familiar with Maltego Kali Linux
Welcome you, I am glad you are here continue reading my notes on Penetration Testing Tutorial and this post is part of Information Gathering This article will cover How to use Maltego Kali Linux tutorial is an open source intelligence and forensics application. It will offer you timous mining and gathering of information as well as the representation of this information in an easy-to-understand format.
What does Maltego do?
- Maltego is an Information gathering tool inbuilt in Kali Linux by default and can be used for determining the relationships and real-world links between:
-
- People
- Groups of people (social networks)
- Companies
- Organizations
- Web sites
- Internet infrastructure such as:
- Domains
- DNS names
- Netblocks
- IP addresses
- Phrases
- Affiliations
- Documents and files
- These entities are linked using open-source intelligence.
- Maltego is available for Windows, Mac, and Linux. You can download and install it on any platform.
- Maltego comes with a Graphical interface that makes it easy to use and see these relationships instantly and accurately.
- Using the graphical user interface (GUI) you can see relationships easily – even if they are three or four degrees of separation away.
- Maltego is unique because it uses a powerful, flexible framework that makes customizing possible. As such, Maltego can be adapted to your own, unique requirements.
Use of Maltego as Information gathering tool:
- Maltego can be used for the information-gathering phase of all security-related work. It will save you time and will allow you to work more accurately and smarter.
- Maltego aids you in your thinking process by visually demonstrating interconnected links between searched items.
- Maltego provides you with a much more powerful search, giving you smarter results.
- If access to “hidden” information determines your success, Maltego can help you discover it.
Run Maltego in Kali Linux
As you know Maltego is available in Kali Linux by default. So you can run by going Application > Information Gathering > Maltegoce
Or simply run a command in the terminal as a normal or super user
$maltego &
The welcome screen will be appear
Registration/login on Maltego Server:
When you run the Maltego in kali Linux the Welcome screen will appear and start the setup wizard click on next to jump on next step,
Step 2: This screen is for login users on the Maltego server. If you are new register on Maltego’s website https://www.paterva.com/web6/community/maltego/ then log in with right credentials (Username and password)
If you enter right credentials your login result appear something like the image
Step 3: When you log in successfully on Maltego Server, you will Select transform Seeds and install. After completing the transform installation you are ready to run a new Machine for gathering information.
Step 4: Select Run new Machine and click finish.
Step 5: New wizard will be popup you can run the machine by a current wizard or cancel this wizard and run by the Maltego program. If you want to run Machine with this wizard then select Machine type and click Next.
Step 6: If you select company stalker then you will have to specify the target (domain name) in the new window, Provide the domain (target) and click Finish.
After running Stalker successfully you will get result like following
Step 7: Create a New Graph:
Step 8: Start a new graph by clicking on the left corner. Drag and drop the domain and enter the domain name, right-click on the domain, and run the desired transform
Give the domain name I am going to give cyberpedia.in
My next target is to gather information about email addresses. So I need to transform “run email addresses from the domain”. If you want to do the same write click on domain and select Email addresses from Domain.
New transforms will appear try each and every one continuously you will get some interesting results.
Result Here
Run another transform and get detail of name servers, mail servers, IP addresses, and much more.
.
Infrastructure Reconnaissance
Maltego helps to gather a lot of information about the infrastructure. In order to start gathering information, select the desired entity from the palette. In this example, we are going to scan a domain. Select the domain option from the palette and drag the option to the workspace. Enter the target domain. Now right-click on the entity and you should be getting a window that says “Run Transform” with additional relevant options.
Run the required transform and find out information like the MX, NS, and IP address. We can then use transforms like ‘IPAddressToNetblock’ to break a large netblock into smaller networks for better understanding.
Also, we can find the shared domains. We can determine information like IP addresses for domains and other internal networks, the netblocks which are used by the target, etc.
Personal Reconnaissance
Maltego helps you find information about a person, like their email address, social profiles, mutual friends, various files shared on various URLs, etc. Select the desired option from the palette. Here I am going to select the option ‘Person’ and will enter the name of the person I will be trying to gather information about.
Right-click on the ‘Person’ option and select the desired transforms. First, let’s find the email address related to the person and try to gather more information. With Maltego, we can find their SNS information from Facebook, Flickr, etc.
Various entities in Facebook were detected by using the transform “toFacebookaffiliation.” This method generally looks for a Facebook affiliation that matches closely to a person’s name based on the first and last name and weighs each result accordingly. With Maltego we can also find mutual friends of two targeted persons in order to gather more information.
Similarly, we can find if the user has uploaded any files in Pastebin or any other public URLs. Having all this information can be useful for performing a social engineering-based attack.
MODULE 4:- Information Gathering
2 thoughts on “Exploring Information Gathering with Maltego: A Comprehensive Guide”
great read. thanks. When opening MaltegoCE in Kali Linux 2019.4 in Virtual Box, MaltegoCE is indicating [pop-up in lower right corner] that it has 217 updates available. Is it okay to update MaltegoCE? Or is there a way to update Maltego from the command line and installing those 217 available updates? Or, is it necessary? The transforms I used seemed to work just fine…
You can update through popup no problem at all