How to use Maltego like a pro

Maltego is able to collect information about one or one person. Here we will focus on the first and leave the individual collection of information once again.

We will look at the collection of information for all subdomains, the range of IP addresses, the WHOIS information, all email addresses, and the relationship between the target domain and others.

Let's start by running Kali and then opening Maltego.

Maltego can be found in several places in Kali, but the easiest way to get to it is to go to Applications -> Kali Linux -> Top 10 Security Tools. Then, among the Top 10, you will find Maltego at number 5, as shown in the screenshot below s.

When you open Maltego, you have to wait a while for it to start. Once the upload is complete, you will be greeted by a screen asking you to sign up for Maltego.

Go ahead, register and save it your login, as you will need it again the next time you log into Maltego.

Select and parameters

Once you have successfully registered and logged in to Maltego, you will need to decide what kind of "engine" you want to run against your target. In Maltego you have to choose what kind of footprinting you want to do against your target. Here, we focus on network footprinting, so our choices are:

  • Company Stalker (collects email information)
  • Footprint L1(basic information collection)
  • Footprint L2(moderate amount of information collection)
  • Footprint L3(intensive and complete collection of information)

Let's choose her L3 that will gather as much information as possible. Although it is the most time-consuming option.

Choose a goal

Now that we have chosen a type of machine for our footprinting, we need to choose a target. Let's choose our friends at GLUTEN , one of the leading security training and consulting companies in the world.

Now, click "Finish" and let Maltego do its job.

Results

Maltego will start collecting information about our target sans.org and display it on the screen. In the snapshot below , μπορούμε να δούμε ότι το Maltego έχει ήδη συλλέξει τις διευθύνσεις email από τον ιστότοπο, ενώ συλλέγει τους servers and mail servers.

Finally, we can click on "Bubble View" when Maltego is completed and see all the relationships between our target and its subdomains, as well as the linked sites.

Maltego is a great tool to do network to our potential target, allowing us to do many types of identification in one scan with a single tool.

Finally Maltego is also capable of recognizing people, but we'll leave that for our next iguru article.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).