faraday

Maltego CE - An Interactive Data Mining Tool That Renders Directed Graphs For Link Analysis


Maltego CE is the community version of Maltego that is available for free after a quick online registration. Maltego CE includes most of the same functionality as the commercial version however it has some limitations. The main limitation with the community version is that the application cannot be used for commercial purposes and there is also a limitation on the maximum number of entities that can be returned from a single transform. In the community version of Maltego there is no graph export functionality that is available in the commercial versions.

What does Maltego do?


The focus of Maltego is analyzing real-world relationships between information that is publically accessible on the Internet. This includes footprinting Internet infrastructure as well as gathering information about the people and organisation who own it. 

Maltego can be used to determine the relationships between the following entities:

  • People.
    • Names.
    • Email addresses.
    • Aliases.
  • Groups of people (social networks).
  • Companies.
  • Organizations.
  • Web sites.
  • Internet infrastructure such as:
    • Domains.
    • DNS names.
    • Netblocks.
    • IP addresses.
  • Affiliations.
  • Documents and files.

Connections between these pieces of information are found using open source intelligence (OSINT) techniques by querying sources such as DNS records, whois records, search engines, social networks, various online APIs and extracting meta data. 

Maltego provides results in a wide range of graphical layouts that allow for clustering of information which makes seeing relationships instant and accurate – this makes it possible to see hidden connections even if they are three or four degrees of separation apart.

Maltego CE Features:

  • The ability to perform link analysis on up to 10 000 entities on a single graph.
  • The capability to return up to 12 entities per transform that is run.
  • Includes collection nodes which automatically group entities together with common features allowing you to see passed the noise and find the key relationships you are looking for.
  • Includes the ability to share graphs in real-time with multiple analysts in a single session.
  • Graph export options include:
    • GraphML.
    • Entity lists.
  • Graph import options include:
    • Tablular formats - csv, xlx and xlsx.
    • Copy and paste.

Technical Details:

  • Maltego CE is easy and quick to install - it uses Java, so it runs on Windows, Mac and Linux.
  • Hardware Requirements:
    • A Maltego CE client requires at least 2GB of RAM, but the more the merrier as Maltego loves memory.
    • Any modern multi-core processor will have more than enough processing power.
    • 4GB of disk space should be more than enough.
    • Using a mouse makes navigating Maltego graphs much easier and is definitely recommended.

  • Network Requirements:
    • A Maltego CE client requires Internet Access to operate fully.
    • The client will need to make outgoing connections on the following ports: 80, 443, 8081. Additionally port 5222 is needed to join shared graphs on Paterva's public Comms server.
    • Please note that a Maltego client may need to make connections on additional ports if the client is using transform from 3rd party transform vendors from the Transform Hub.


Maltego CE - An Interactive Data Mining Tool That Renders Directed Graphs For Link Analysis Maltego CE - An Interactive Data Mining Tool That Renders Directed Graphs For Link Analysis Reviewed by Zion3R on 5:49 PM Rating: 5