What is Maltego?
With the continued growth of your organization, the people and hardware deployed to ensure that it remains in working order is essential, yet the threat picture of your "environment" is not always clear or complete. In fact, most often it's not what we know that is harmful - it's what we don't know that causes the most damage. This being stated, how do you develop a clear profile of what the current deployment of your infrastructure resembles? What are the cutting edge tool platforms designed to offer the granularity essential to understand the complexity of your network, both physical and resource based?
Maltego is a unique platform developed to deliver a clear threat picture to the environment that an organization owns and operates. Maltego's unique advantage is to demonstrate the complexity and severity of single points of failure as well as trust relationships that exist currently within the scope of your infrastructure.
The unique perspective that Maltego offers to both network and resource based entities is the aggregation of information posted all over the internet - whether it's the current configuration of a router poised on the edge of your network or the current whereabouts of your Vice President on his international visits, Maltego can locate, aggregate and visualize this information.
Maltego offers the user with unprecedented information. Information is leverage. Information is power. Information is Maltego.
What does Maltego do?
Maltego is a program that can be used to determine the relationships and real world links between:
- Groups of people (social networks)
- Web sites
Internet infrastructure such as:
- DNS names
- IP addresses
- Documents and files
- These entities are linked using open source intelligence.
- Maltego is easy and quick to install - it uses Java, so it runs on Windows, Mac and Linux.
- Maltego provides you with a graphical interface that makes seeing these relationships instant and accurate - making it possible to see hidden connections.
- Using the graphical user interface (GUI) you can see relationships easily - even if they are three or four degrees of separation away.
- Maltego is unique because it uses a powerful, flexible framework that makes customizing possible. As such, Maltego can be adapted to your own, unique requirements.
What can Maltego do for me?
- Maltego can be used for the information gathering phase of all security related work. It will save you time and will allow you to work more accurately and smarter.
- Maltego aids you in your thinking process by visually demonstrating interconnected links between searched items.
- Maltego provide you with a much more powerful search, giving you smarter results.
- If access to "hidden" information determines your success, Maltego can help you discover it.
- NB: This runs on Kali Linux
- Make directory /opt/Teeth/
- Copy tgz to /opt/Teeth/
Load the config file called /opt/Teeth/etc/Maltego_config.mtz file into Maltego.
This is painless:
- Open Maltego Tungsten (or Radium)
- Click top left globe/sphere (Application button)
- Import -> Import configuration, choose /opt/Teeth/etc/Maltego_config.mtz
Config file is in /opt/Teeth/etc/TeethConfig.txt
Everything can be set in the config file.
Log file is /var/log/Teeth.log, tail -f it while you running transforms for real time logs of what's happening.
You can set DEBUG/INFO. DEBUG is useful for seeing progress - set in /opt/Teeth/units/TeethLib.py line 26
Look in cache/ directory. Here you find caches of:
- Nmap results
- SQLMAP results
You need to remove cache files by hand if you no longer want them.
You can run housekeep/clear_cache.sh but it removes EVERYTHING.
The WP brute transform uses Metasploit.Start Metasploit server so:
msfconsole -r /opt/Teeth/static/Teeth-MSF.rc
It takes a while to start, so be patient.
In /housekeep is killswitch.sh - it's the same as killall python..:)
Oh BTW - you might need to install some Python packages:
sudo apt-get install python-mechanize python-levenshtein python-adns msgpack-python python-metaconfig python-bs4 python-easygui
Maltego Usage Example
How to install Maltego
The program is pre-installed on Kali Linux.
- sqlmap (45.1%)
- Router Scan (37%)
- OSRFramework (28.2%)
- WPScan (22.8%)
- identYwaf (22.8%)
- Crunch (RANDOM - 6.9%)
Comments are Closed