Introduction

We covered an introduction to Maltego for reconnaissance, information gathering and threat intelligence. We covered how to work with entities and transforms in addition to installing and configuring transforms.

We ran a few transforms to retrieve DNS, email address and IP address information. This was part of TryHackMe red team pathway.. This video was part of TryHackMe Red Team Recon which is under the Red Team Track.

Get OSCP Certificate Notes

OSINT Study Notes

Maltego OSINT Framework | Open Source Intelligence Tools and Techniques

Maltego is an application that blends mind-mapping with OSINT. In general, you would start with a domain name, company name, person’s name, email address, etc. Then you can let this piece of information go through various transforms.

The information collected in Maltego can be used for later stages. For instance, company information, contact names, and email addresses collected can be used to create very legitimate-looking phishing emails.

Think of each block on a Maltego graph as an entity. An entity can have values to describe it. In Maltego’s terminology, a transform is a piece of code that would query an API to retrieve information related to a specific entity.

It is crucial to mention that some of the transforms available in Maltego might actively connect to the target system. Therefore, it is better to know how the transform works before using it if you want to limit yourself to passive reconnaissance.

Challenge Answers

What is the name of the transform that queries NIST’s National Vulnerability Database?

What is the name of the project that offers a transform based on ATT&CK?

Video Walkthrough

, , , ,
Show Comments

MasterMind Study Notes

About the Author

Mastermind Study Notes is a group of talented authors and writers who are experienced and well-versed across different fields. The group is led by, Motasem Hamdan, who is a Cybersecurity content creator and YouTuber.

View Articles