Scribd
Upload
857 views

Maltego Tutorial (OSINT)

Maltego is a software used for open-source intelligence and forensics. It focuses on discovering data from open sources and visualizing it in a graph format for analysis. The tutorial walks through using Maltego to gather information about a target company, Sony, including finding the location and phone numbers associated with Sony as well as the MX record and mail service used. It also discusses installing Shodan and using transforms to find additional information.

Uploaded by

STANLEY HARRISON
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
857 views

Maltego Tutorial (OSINT)

Maltego is a software used for open-source intelligence and forensics. It focuses on discovering data from open sources and visualizing it in a graph format for analysis. The tutorial walks through using Maltego to gather information about a target company, Sony, including finding the location and phone numbers associated with Sony as well as the MX record and mail service used. It also discusses installing Shodan and using transforms to find additional information.

Uploaded by

STANLEY HARRISON
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

Maltego tutorial (OSINT)

What is Maltego?
Maltego is a software[1] used for open-source intelligence and forensics, developed by Paterva[2]
from Pretoria, South Africa. Maltego focuses on providing a library of transforms for discovery of
data from open sources, and visualizing that information in a graph format, suitable for link analysis
and data mining. As of 2019, the team of Maltego Technologies headquartered in Munich, Germany
has taken responsibility for all global customer-facing operations

Company Stalking

1) Download Maltego https://www.maltego.com/downloads/ and install it on your


machine

2) During the installation process you will be required to create an account on Maltego
Community Server.
3) Create a new graph simply by clicking on new icon (Ctrl+T)
4) Choose your target, in this tutorial we choose Sony as a target for intelligence
gathering purpose. In order to do that, go to Entity palette and drag Domain entity to
the graph.

5) Double click on the domain icon and rename it into your target domain (sony.com).
6) Here we are searching for top level domain for our target domain. First right click on
domain then DNS from domain > To Domain (Find common DNS names)
7) Now we are to gain more information about these domains. First of all select all
domains by dragging left mouse button or you can select one by one press Shift + left
click
8) After selecting all domains, right click one of them and then All Transforms. What
other information you can get?

9) Here we are going to find the IP address of our target website(www.sony.com). Right
click on target website then
10) Let’s find some email addresses associated with sony.com. Right click on sony.com
the Email Addresses from Domain
Your task
1) Can you find the location of Sony web server? (City & Country)
2) Can you find phone numbers associated with Sony?
3) Can you find MX record associated with Sony domain? What service they use? (A
mail exchanger record (MX record) is a type of resource record in the Domain
Name System that specifies a mail server responsible for accepting email messages
on behalf of a recipient's domain, and a preference value used to prioritize mail
delivery if multiple mail servers are available)
…try to dig more! ;)
4) Find another target and play around with different Transforms
Shodan installation

Go back to Home area and take a look at Maltego Transform Hub. There are many transforms that
you can use for gathering OSINT.
Please install Shodan! You need an API key for that. In order to obtain an API key, you need to create
an account on Shodan then get the API Key to install it
Create a new graph and select a target just like previous exercise and see what information you get

More Cool Stuff with Maltego


1. Making Buzzfeed's TrumpWorld tables into a Maltego graph :
http://maltego.blogspot.co.uk/2017/01/making-buzzfeeds-trumpworld-tables-into.html

2. Panama Papers in Maltego: http://maltego.blogspot.co.uk/2016/05/panama-papers-in-


maltego.html
3. Building your own LovelyHorse monitoring system with Maltego (even the free
version) - it's easy! http://maltego.blogspot.co.uk/2015/02/building-your-own-
lovelyhorse.html

4. Maltego official documentation : https://docs.paterva.com/en/

You might also like