Digital Forensics & OSINT Tool: Maltego
[rt_reading_time label="Reading Time:" postfix="minutes" postfix_singular="minute"]Maltego by Paterva is an interactive data mining tool that renders directed graphs for link analysis. The tool is used in online investigations for finding relationships between pieces of information from various sources located on the Internet.Maltego uses the idea of transforms to automate the process of querying different data sources. This information is then displayed on a node based graph suited for performing link analysis.The focus of Maltego is analyzing real-world relationships between information that is publicly accessible on the Internet. This includes footprinting Internet infrastructure as well as gathering information about the people and organization who own it.
Maltego can be used to determine the relationships between the following entities:
‣ People.
‣ Names.
‣ Email addresses.
‣ Aliases.
‣ Groups of people (social networks).
‣ Companies.
‣ Organizations.
‣ Web sites.
‣ Internet infrastructure such as:
‣ Domains.
‣ DNS names.
‣ Netblocks.
‣ IP addresses.
‣ Affiliations.
‣ Documents and files.
Connections between these pieces of information are found using open source intelligence (OSINT) techniques by querying sources such as DNS records, whois records, search engines, social networks, various online APIs and extracting meta data.Maltego provides results in a wide range of graphical layouts that allow for clustering of information which makes seeing relationships instant and accurate – this makes it possible to see hidden connections even if they are three or four degrees of separation apart.
