I’ve been playing with Maltego now for just a few weeks on some very complex business intelligence projects I have going on, and I have to tell you, I am STUNNED by how much information I develop every time I have the opportunity to run new data through it! In fact, I understand that several national intelligence agencies and various law enforcement units are using Maltego to great success as well.
For those of you who have never heard of Maltego before, let me give you an idea what this tool can do. From the publisher’s website at http://Paterva.com:
“The unique perspective that Maltego offers to both network and resource based entities is the aggregation of information posted all over the internet – whether it’s the current configuration of a router poised on the edge of your network or the current whereabouts of your Vice President on his international visits, Maltego can locate, aggregate and visualize this information.
What does Maltego do?
Maltego is a program that can be used to determine the relationships and real world links between:
- Groups of people (social networks)
- Web sites
- Internet infrastructure such as: Domains, DNS Names, Netblocks, IP Addresses, etc.
- Documents and files
These entities are all linked using open source intelligence and provides you with a graphical interface that makes seeing these relationships instant and accurate – making it possible to see hidden connections, even if they are three or four degrees of separation away.
What can Maltego do for me?
Maltego can be used for the information gathering phase of all security related work. It will save you time and will allow you to work more accurately and smarter.
Maltego aids you in your thinking process by visually demonstrating interconnected links between searched items.
Maltego provide you with a much more powerful search, giving you smarter results.
If access to “hidden” information determines your success, Maltego can help you discover it.“
For me, the beauty is in being able to run large lists of people, websites and companies through the visualizer and find hidden connections between them all! The real power is that I can input all kids of data into it: People, Email Addresses, Websites, Company Names, Dates and Times of Events, Addresses, Telephone Numbers, Business Networks, etc. etc. and it magically finds ways to correlate all of this disparate data in VERY interesting and eye-opening ways.
I’m seriously not kidding! I would go as far to say that Maltego is changing the way I conduct Corporate and Economic Intelligence assignments altogether.
“Maltego lets just about anybody do the kind of data mining that in the past only fraud investors, government specialists and hackers typically could do.”
Perhaps The Ethical Hacker Network said it best “”Maltego, is an open source intelligence and forensics application. It allows for the mining and gathering of information as well as the representation of this information in a meaningful way. Coupled with its graphing libraries, Maltego, allows you to identify key relationships between information and identify previously unknown relationships between them. It is a must-have tool in the forensics, security and intelligence fields!“
TEHN also has a great set of instructions (though a bit dated now that v.3 was released) and actual case studies on Maltego’s practical applications at http://www.ethicalhacker.net/content/view/202/24/
Essentially, this is data-mining and data-correlation (finding the connection) which is the basis for the Intelligence Development Cycle!
Rick Gurley of Risk Management Research & Investments, Inc., a private investigation agency in Columbia, MO, has always been the guy I call when I not only want to add a new technology or forensics tool to my repertoire, but to understand its application as well. Adopting Maltego has been no different and he was kind enough to create this extremely useful video for me and then allow me to pass it along to all of you. It covers all of the basics of setting up and understanding the Maltego interface and how to work with some hidden features. This 15 minute video will save you weeks of banging your head against the wall trying to get the software working and moving in the right direction, should you decide to start using this powerful intelligence and networking analysis tool, too.
The video is actually best viewed in high definition on YouTube and at a larger screen size than I can include on this page, so click on the video and you will be taken to YouTube.
Thanks for the tutorial, Rick!