Maltego Lab

In this lab, Subject Matter Expert Dean Pompilio demonstrates Maltego for Kali Linux. (Maltego also can be installed on Windows systems). This tool allows you to visualize the relationships between and among various bits of information, which Maltego calls entities, that you discover about the target of a Social Engineering Audit. SME Pompilio gives an example that demonstrates the various ways you can run “transforms” of the known entities about your target. The entities are connected and displayed on a graph. There is a discussion of the various available layouts, the various modes, how things are color-coded, changing size from the default, and other options for viewing your data that are useful for organizing your data. SME Pompilio demonstrates how to transform email address from the specific domains discovered for the Social Engineering Audit target. Then he does a search for various categories of information to filter his data. He then runs a transform of the various email addresses to uncover other emails and other profiles on other social networking sites. He then can run other transforms to correlate all the data in various ways. Various free and paid plug-ins are available for Maltego that enhance its basic features.