Maltego
Provided by QA
About the course
Getting acquainted with the various sources of OSINT available to a security analyst can be quite a daunting task even with the use of Maltego. During this course we will help you unlock the true potential and raw power of Maltego – from helping you to understand the underlying technologies to exploring the full potential of Maltego's analytic capabilities.
Maltego can be used to determine the relationships between the following entities: People, Names, Email addresses, Aliases, Groups of people (social networks), Companies, Organizations and Web sites.
From finding people and those who influence them to uncovering internal IP addresses and technology used at major companies. See how much data is 'out there' and what people can do with it as well as how you can reach this data for both defending and attacking.
This is a 2-day hands-on course packed with practical exercises using real world data, giving participants real world experience with the tool.
Prerequisites
Participants are expected to have a good level of OSINT knowledge, we recommend QAOSCII.
This course is intended for anyone who wishes to be able to use Maltego utilise for gathering information and intelligence. It will be of particular interest to those in the private and public-sector investigations, compliance industry, financial institutions, insurance
Delegates will learn how to
Day 1 Objectives
1. To be familar with Maltego and Open Source Intelligence (OSINT) tooling
2. How to get the most out of the tool - the tips and tricks that we regularly use in investigations
3. How to import and export data to/from Maltego
4. How to map organisations on infrastructure level
5. How to classifying an organisations infrastructure
Day 2 Objectives
1. Determining technologies used by a company and identifying possible weak spots
2. Techniques to find, profile and influence individuals or groups of people
3. Working with social networks, geotagged pictures, devices and aliases
4. Understand the spheres of influence around individuals
5. How to export the results
Outline
Where applicable our QA OSINT instructors have a law enforcement, internet investigations and digital forensics practitioner experience aligned to the best practice standards, including ISO17025.
Module 1 Introduction to Maltego
This module covers the following subjects:
Introduction to Maltego
Maltego System Requirements, Installation and Set Up
Running a Transform
Graph Options
Layouts/views
Module 2 Entities
This module covers the following subjects:
Entities in Maltego representing different types of information and are represented as nodes on your graph, which categorized into groups with the main categories being Internet Infrastructure and Personal.
Adding an Entity to your Graph
Editing an Entity Value
Selecting an Entity
Selecting Multiple Entities
Selecting Multiple Entities one at a time
Entity Details
Module 3 Transforms
This module covers the following subjects:
Transforms Hub
Manage Transforms
Local Transforms
Managed Services
Run View
Managed services
Third party API’s
Module 4 Machines
This module covers the following subjects:
Run Machine
Stop all Machines
New Machine
Manage Machines
Machines Window
Module 5 Collaboration
This module covers the following subjects:
Share Current Graph
Encryption - Tab
Starting a Shared Graph Session
Collaboration Session Window
Chat – Window
Module 6 Import & Export
This module covers the following subjects:
Import Graph from Table
Tabular Mappings
Export Graph to Table
Export Graph as Image
Generate Report
Export Configuration
Import Configuration
Module 7 Application Menus
This module covers the following subjects:
Printing
Tools
Graph
Metadata
Updating
Module 8 Practical Applications
This module covers the following subjects:
Network Foot printing
Social Network Monitoring
Cyber Crime