Kali Tool Series - Maltego

Maltego is a reconnaissance tool built into Kali developed by Paterva, which is a powerful information gathering tool that deals with Internet infrastructures to personal information and social networks.

Palette

Palette, here, refers to the object types supported by Maltego for drawing the network graph of the target. For each object type, it means an item in real world, and obtains relavant attributes. By running tranform actions, we can expand one object to the whole network of interest.
In Maltego, we got following types in Palette:

• Device
• Infrastructure
  • AS
  • DNS Name
  • Domain
  • IPv4 Address
  • MX Record
  • NS Record
  • Netblock
  • URL
  • UniqueIdentifier
  • Website
• Locations
  • Circular Area
  • GPS Coordinate
  • Location
• Personal
  • Alias
  • Document
  • Email Address
  • Image
  • Person
  • Phone Number
  • Phrase
• Social Network
  • Facebook
  • Twitter

Steps

Step 1 - Open Maltego
Open Maltego at Application menu → Information Gathering → Maltego (or, just type maltego in Terminal), then register an account, select transform seeds to install.
Step 2 - Pick a Start Node
You can start from a website URL, a person, or anything that mentioned above in the Palette.
Step 3 - Expand
Right click on the object, then perform “transform” action, which will expand the graph by providing more connection to other objects.

Example Output

Gather information starts from my domain, heron.me.

Gather information starts from me, "Heron Yang".

Transform Seeds

Seeds are small pieces of XML that tell the Maltego client where it should look (at which servers) for transforms. Seeds can be thought of as something like the index of a book where you can use that to see where the relevant content is located.

Reference

• Web Penetration Testing with Kali Linux
• Maltego tutorial of Information gathering tools in Kali Linux
• Seeds