Maltego is an open source intelligence and forensics application. Some consider Maltego an open source intelligence (OSINT) tool. It offers an interface for mining and gathering of information in a easy to understand format. Coupled with its graphing libraries, Maltego allows you to identify key relationships between information and identify previously unknown relationships between them.

What This Means for the Social Engineer

Think of Maltego as your own relational database of information. It locates links between bits of information (referred to as entities within the Application). For instance, imagine you have a list of websites and email addresses. And, you and trying to find out which websites two or more of the email addresses are found on. To be sure, doing this by hand is practically impossible.

For example, below we can see the 3rd order of links away from the original target:


Maltego also takes a lot of the hard work out of mining information such as email addresses, websites, IP addresses and domain information. For example you can search for any email addresses within a target domain or domains automatically with a few clicks!

Why You’d Want To Use It

Maltego does a lot of the automated and large data correlation for you, you can save hours of googling looking for information and determining where all that information correlates. This is where the real power of it comes into play, data relationships — not as many people claim with its mining tools. Whilst the mining is useful, its the relationships between the information that will help the social engineer, for example noticing that a targets email address is found on numerous car websites, you could assume he was interested in cars and gain context on your target.

External Links