4 months ago

How to Use Maltego to Research & Mine Data Like an Analyst « Null Byte :: WonderHowTo

So much information exists online in which the item’s easy to get lost in data while researching. Understanding the bigger picture can take a lot of time as well as energy, yet narrowing the question to one in which’s easy to answer will be the first step of any investigation. in which’s why analysts use open-source intelligence (OSINT) tools like Maltego — to help refine raw data into a complete understanding of a situation.

In This specific tutorial, we’ll explore how to conduct an investigation using Maltego, which allows a researcher, pentester, or white hat hacker to mine huge amounts of data to visually discover patterns as well as answer critical questions.

Null Byte has been holding a series of workshops for computer science college students in Pasadena, California, called “Cyber Weapons Lab.” This specific lab focuses on exploring cyberweapons as well as the tools used in cyber conflicts around the globe. One recent session focused on how OSINT professionals use tools like Maltego for reconnaissance as well as how these skills can be used for hacking or in industries like business intelligence.

Don’t Miss: How to Use Maltego to Do Network Reconnaissance

While recon will be the first stage of any attack, the item’s important to note in which these same skills are used by analysts within the public as well as private sector, like business intelligence, to help investors as well as businesses make important decisions. Many businesses pay a lot of money for the same kind of research skills hackers employ while assessing a target, so learning to be a not bad researcher can be a powerful fallback skill in life.

Why Search Like an OSINT Analyst

Our talk within the video below focuses on ways the average person can use tools like Maltego to conduct an investigation to get an advantage in job interviews, secure investors for a business project, or assess a competitor or potential partner before generating a decision. Of course, these skills are also the same core research skills you will need to identify as well as profile a target in a pentesting engagement.

These are powerful skills in which will apply to many situations, so learning to turn data into understanding will expand your ability to learn anything with speed in which will surprise everyone around you. You can check out our talk within the video below, as well as subscribe to the Null Byte YouTube channel for more.

not bad research revolves around the ability to ask an answerable question, refine your search to find the right data to answer the item, as well as process the raw information into actionable intelligence.

Intelligence will be data in which has been processed with context as well as understanding to produce meaning as well as will be the difference between the refined product (like a report) of an OSINT investigation as well as the raw data points in which support in which understanding.

Without context, data will be not useful, so simply finding a lot of data does not make you a not bad researcher.

Through using the intelligence collection cycle, we can plan ahead as well as avoid getting lost within the powerful tools in which can return tons of data. If we don’t have a firm idea of what we’re searching for, we’re likely to get swept away through the original point of our search.

The point of intelligence will be to plan your collection, find the right information, process as well as clean the information to begin building a picture, analyze the results, as well as turn in which understanding into a report others can learn through.

To demonstrate This specific process, let’s conduct an investigation using Maltego CE, the free edition of Maltego.

Step 1: Download Maltego CE

Maltego will be a program for mining data through all over the internet as well as displaying the relationships in an easy-to-understand graph in which makes patterns very obvious. the item features the ability to expand on 1 piece of known information to a huge network of related data in a few simple clicks.

Maltego will be great at taking something like a screen name or email address as well as discovering everything there will be to learn about related accounts or appearances on the internet in seconds. To get started out, you can download the item through Paterva, the company responsible for Maltego.

Because of how much data people share about themselves as well as others, Maltego as well as tools like the item can be used to track people, groups, companies, or various other organizations rather invasively. These tools pull huge amounts of data through APIs, apply “transform” algorithms to analyze as well as mine the data, as well as present the findings in a simple as well as easy-to-understand graphical view.

Don’t Miss: Reconnaissance with Recon-Ng, Part 1 (Getting started out)

This specific kind of power as well as flexibility allows us to make some very specific questions answerable in a matter of clicks. After downloading Maltego, go through the guided installation as well as registration process to get a CE license key, as well as you’ll be ready to begin your first investigation.

Start Maltego as well as input your license key, as well as then, through the main screen press Ctrl + T (or Command + T on macOS) to open a brand new, empty tab. On the left side, you’ll see the “entities” panel using a list of all the different kinds of data you can add to start with.

Step 2: Conduct an Investigation

For our test example, we decided to see if we could identify employees of The Guardian, a news outlet, who had their accounts compromised in data breaches. While This specific will be a tricky question for Google to answer, we can stop relying on secondary source data like brand new media as well as get our own data with Maltego.

First, we’ll need a sample of email addresses of Guardian employees. Since they’re journalists, they’ll probably be using PGP so sources can email them anonymously, yet we’ll try to find more employee emails to add too.

Starting by dropping a web domain of “theguardian.com” into Maltego, right-mouse clicking as well as selecting the PGP transform gets us started out using a list of employee emails found within the PGP keyserver.

at This specific point, we can select these emails all at the same time, as well as apply another transform to all of them. We’ll run “HaveIBeenPwned” to find out if they were involved in any data breaches or any Pastebin dumps.

Don’t Miss: Scrape Target Email Addresses with TheHarvester

We’re in luck, as not only do we already have one breach, yet several Pastebin dumps. Since we can see in which several employee emails are included within the Pastebin dump, we can go to the link to discover if there might be more.

Also See: Abusing DNS for Reconnaissance

In This specific case, we are in luck again, since we found additional 90+ employee emails to add. We can simply paste them into Maltego, as well as Maltego will interpret the type of data as well as add them automatically.

With these email addresses added, we can at This specific point run a transform against the entire sample to see if any have been involved in breaches, as well as see any patterns within the employees who were.

the item’s also useful to expand the information on the data breaches we find, to learn what exactly the user lost within the breach. Doing so, we can even create lists of employees who were involved in breaches in which their passwords were leaked.

Just like in which, we can select only users who have lost passwords within the breach, meaning we can probably locate the data dumps in question on the internet to see the kinds of password the particular person likes to use. If we’re truly lucky, they may use the same password for many accounts.

Don’t Miss: Using the Nmap Scripting Engine (NSE) for Reconnaissance

How Can You Use Maltego?

By knowing how to ask relevant as well as answerable questions, you can learn a tremendous amount of important as well as specific information about pretty much anything. The insight derived through open source investigations powers many of the business decisions made today, as well as you can benefit through the same kind of information by using these tools to better understand situations you need to make a decision about.

We explored how you can start with 1 web domain, as well as in a few clicks mine for more information as well as relationships inside the data you find to produce a better understanding of a situation. This specific core skill of recon can help us target as well as configure cyber weapons as hackers, or understand the institutions as well as people we want to work with to make negotiations go more smoothly. As with all powerful tools, Maltego will be a double-edged sword.

The power will be in your hands, so use the item wisely! Thanks for reading, you can leave any questions within the comments or on our Twitter, as well as subscribe to our YouTube channel for more videos!

Cover image as well as screenshots by Kody/Null Byte

Leave a Comment

Your email address will not be published. Required fields are marked *

5 × two =