Computer Based Social Engineering Tools: Maltego
From Learn to be a true Social Engineer
Maltego is an open source intelligence and forensics application. It will offer you an interface for mining and gathering of information as well as the representation of this information in a easy to understand format. Coupled with its graphing libraries, Maltego allows you to identify key relationships between information and identify previously unknown relationships between them.[1]
Contents |
What This Means for the Social Engineer
Think of Maltego as your own relational database of information, finding links between bits of information (referred to as entities within the Application). Imagine having a list of websites and email addresses and trying to find out which websites 2 or more of the email addresses are found on, by hand this is practically impossible.
For example, below we can see the 3rd order of links away from the original target:
Maltego also takes a lot of the hard work out of mining information such as email addresses, websites, IP addresses and domain information. For example you can search for any email addresses within a target domain or domains automatically with a few clicks!
Why You'd Want To Use It
Maltego does a lot of the automated and large data correlation for you, you can save hours of googling looking for information and determining where all that information correlates. This is where the real power of Maltego comes into play, data relationships -- not as many people claim with its mining tools. Whilst the mining is useful, its the relationships between the information that will help the social engineer, for example noticing that a targets email address is found on numerous car websites, you could assume he was interested in cars and gain context on your target.
External Links
References
- ↑ http://www.paterva.com/web4/index.php/maltego
- ↑ http://www.paterva.com/web4/index.php/media/videos
- ↑ http://www.paterva.com/web4/index.php/media/screenshots