For Pentesters, Maltego is all about discovering relationships between objects

Maltego is a nifty application that help penetration testers and other security professionals determine relationships between objects, all presented in a graphical fashion. Why would a pentester want to do that? Because the majority of pentesting work is reconnaissance, not vulnerability detection and exploitation, and Maltego helps automate the recon work. Potenially valuable items the recon work may turn up include the email address/network account name of the CFO, default passwords, etc.

Maltego comes in a few different flavors: A web based interface, Windows GUI, and Mac/Linux/*nix GUI – you can see screenshots of the GUI here.

You’ll want to read the documentation in order to get up and running quickly with the GUI versions, but in a nutshell you need to register to get an API key which will allow you to activate the transforms.

I suggest initially starting with the domain object , but you can effectively start with a more defined object, such as an email address or phone number. Maltego will find relationships to other objects, such as:

  • People
  • Groups of people (social networks)
  • Companies
  • Organizations
  • Web sites
  • Internet infrastructure such as:
    • Domains
    • DNS names
    • Netblocks
    • IP addresses
  • Phrases
  • Affiliations
  • Documents and files

Try querying your domain in Maltego to see what you can find. Just note the web based version uses older transforms than the GUI version, which gets new transforms developed for it. You may find some interesting things, like I did on a domain I administer for a work client.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: