Maltego

Provided by

About the course

Getting acquainted with the various sources of OSINT available to a security analyst can be quite a daunting task even with the use of Maltego. During this course we will help you unlock the true potential and raw power of Maltego – from helping you to understand the underlying technologies to exploring the full potential of Maltego's analytic capabilities.

Maltego can be used to determine the relationships between the following entities: People, Names, Email addresses, Aliases, Groups of people (social networks), Companies, Organizations and Web sites.

From finding people and those who influence them to uncovering internal IP addresses and technology used at major companies. See how much data is 'out there' and what people can do with it as well as how you can reach this data for both defending and attacking.

This is a 2-day hands-on course packed with practical exercises using real world data, giving participants real world experience with the tool.

Prerequisites

Participants are expected to have a good level of OSINT knowledge, we recommend QAOSCII.

This course is intended for anyone who wishes to be able to use Maltego utilise for gathering information and intelligence. It will be of particular interest to those in the private and public-sector investigations, compliance industry, financial institutions, insurance

Delegates will learn how to

Day 1 Objectives

1. To be familar with Maltego and Open Source Intelligence (OSINT) tooling
2. How to get the most out of the tool - the tips and tricks that we regularly use in investigations
3. How to import and export data to/from Maltego
4. How to map organisations on infrastructure level
5. How to classifying an organisations infrastructure

Day 2 Objectives

1. Determining technologies used by a company and identifying possible weak spots
2. Techniques to find, profile and influence individuals or groups of people
3. Working with social networks, geotagged pictures, devices and aliases
4. Understand the spheres of influence around individuals
5. How to export the results

Outline

Where applicable our QA OSINT instructors have a law enforcement, internet investigations and digital forensics practitioner experience aligned to the best practice standards, including ISO17025.

Module 1 Introduction to Maltego

This module covers the following subjects:

    Introduction to Maltego
    Maltego System Requirements, Installation and Set Up
    Running a Transform
    Graph Options
    Layouts/views

Module 2 Entities
This module covers the following subjects:

Entities in Maltego representing different types of information and are represented as nodes on your graph, which categorized into groups with the main categories being Internet Infrastructure and Personal.


    Adding an Entity to your Graph
    Editing an Entity Value
    Selecting an Entity
    Selecting Multiple Entities
    Selecting Multiple Entities one at a time
    Entity Details

Module 3 Transforms
This module covers the following subjects:

    Transforms Hub
    Manage Transforms
    Local Transforms
    Managed Services
    Run View
    Managed services
    Third party API’s

Module 4 Machines
This module covers the following subjects:

    Run Machine
    Stop all Machines
    New Machine
    Manage Machines
    Machines Window

Module 5 Collaboration
This module covers the following subjects:

    Share Current Graph
    Encryption - Tab
    Starting a Shared Graph Session
    Collaboration Session Window
    Chat – Window

Module 6 Import & Export
This module covers the following subjects:

    Import Graph from Table
    Tabular Mappings
    Export Graph to Table
    Export Graph as Image
    Generate Report
    Export Configuration
    Import Configuration

Module 7 Application Menus
This module covers the following subjects:

    Printing
    Tools
    Graph
    Metadata
    Updating

Module 8 Practical Applications
This module covers the following subjects:

    Network Foot printing
    Social Network Monitoring
    Cyber Crime

Related article

The Cyber Pulse is QA's new portal to free Cyber content, including on-demand webinars, articles written by leading experts,