Maltego

From Embedded Lab Vienna for IoT & Security
Revision as of 11:09, 10 July 2021 by MDag (talk | contribs) (→‎References)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Summary

Maltego is a powerful data mining tool, with the mastermind function to automate the information gathering from target systems. According to the gathered information, a directed graph is created to analyze the relationship between these data elements.

Maltego is not an open source tool. It is already pre-installed in Kali. However, you need to sign in to select the edition you want to use. If you want personal use, the Community Edition will do (you just need to register for an account). However, if you want to use them for commercial purposes, you need the subscription to the classic or XL version.

Requirements

Maltego runs on Windows, Mac and Linux. As part of this guide, I used Kali (Kali GNU/Linux Rolling 5.10.0-kali3-amd64) as the OS, so it was already preinstalled. I installed Kali on a Virtual machine (VMware® Workstation 15 Pro 15.5.5 build-16285975).

Example

For example, we only have just the domain information of the target system. And we would like to know more about this system, like name server, etc.

Let's use fh-campuswien.ac.at as our example domain:


Domain: fh-campuswien.ac.at

Start: Drag and Drop a Domain Icon

Drag and drop the domain icon into the graph and enter fh-campuswien.ac.at.





name server (NS)

Get name server (NS)

To get the NS of DNS-Records right-click to domain icon and select "To DNS Name - NS (name server)".





mail server (MX)

Get mail server (MX)

Let's get information about the mail server. Again right-click to the domain icon and then select "To DNS Name - MX (mail server)".




result

Result

The result is a graph were all above mentioned information and their relationships are shown:








Courses

  • WFP-1

References