Forensic Tools

What is Maltego?
Maltego is developed by Paterva and is a tool used for open-source forensics and intelligence. Its focus is to provide a library of transforms for the discovery of data from different open sources and visualize that data into a graph format which is suitable for data mining and link analysis.

Maltego allows building custom entities, allowing it to produce any type of information in addition to the types of basic entity which are part of the tool. The primary focus of this tool is to analyze real world relationships between people, websites, groups, internet infrastructure, networks, domains and affiliations with social media services such as Facebook and Twitter.

This hacking tool has two types of reconnaissance options, personal and infrastructural. Personal reconnaissance includes personal information such as phone numbers, email addresses, mutual friends, social networking profiles, etc. while Infrastructural reconnaissance deals with the domains, covering DNS information such as mail exchangers, name servers, DNS to IP mapping and zone transfer tables.

Maltego sends clients’ information in the XML format over a secure HTTPS connection by using seed servers. Once the information is processed at the server side, the results are brought back to the Maltego client. Getting all publicly available data using manual techniques and search engines is time consuming but with Maltego, it automates the data gathering process to a great extent, thus saving a lot of time for the user / attacker.

Is Maltego Free?
Maltego CE and Casefile are free to download wherein Maltego XL and Maltego Classic are paid tools. Maltego XL is the premier edition of this tool. Features and capabilites of Maltego Classic are included here but this is the enchanced version which can work on large graphs. This will also allow you to map out a clear threat picture of the entire network making it easy in identifying abnormalities or weak points. Maltego Classic on the other hand is the professional version of Maltego that gives extended compatibilities and functionalities with the community version of the tool. This can also be used in a commercial environment in which free versions cannot. This paid tool can create far larger graphs compared to the community version since this have no limitation on the entities that can be returned from a single transform. You can also export the results from a range of different formats.

Does Maltego Work on all Operating Systems?
Maltego currently works on Windows, Linux and Mac operating systems.

What are the Typical Uses for Maltego?
The primary focus of this tool is to analyze real world relationships between data that is accessible through the internet which includes footprinting internet infrastrcuture and gathering data about people and organizations owning it. Connection between these pieces of data are found by using OSINT techniques by quering searches such as whois records, social networks, DNS records, different online APIs, extracting meta data and search engines. Wide range graphical layout results will be provided by this tool that allow for clustering of data which make relationships accurate and instant.