Maltego is an information gathering tool that has many uses besides gathering network information. You can also gather information on people and companies from various sources. For now, we will use it to gather network information about a public network.
The first time you start Maltego, you will need to do some setting up and also register at their website in order to log in to the Transform servers. It's easy, free, and spam-free, so giving them your e-mail address won't be a problem. Once you have registered, you will be asked to pick the level of search you want. In this example, we have picked a Level 1 search. Maltego then asks for the domain, as shown in the following screenshot. Add the domain name, and click on the Finish button. The Transform will run and retrieve the information:
Retrieving the information
Choose the Maltego Public Servers checkbox instead of Local Transform Application Server (TAS):
Choose your target domain. Here we have chosen the www.boweaver.com domain. You will want to choose a domain that you own or control for this step:
Choosing the domain
The Level 1 scan in the following screenshot shows the target domain name with related websites, machines serving the site, and DNS servers resolving the domain:
View of the target domain name
This is a nice start, but we really want some more information on this, so we right-click on the website www.boweaver.com and go to the Transforms list. We are going to run the Resolve to IP Built With Technology transforms to find the types of service running and the IP address of the site:
Types of service running and the IP address
We can see that the IP address is 164.243.238.98 and the site is running Debian as the OS, Apache 2.2 as the web server, and PHP as the site framework:
When we click on the Entity List tab we get a list of the information nodes:
By double-clicking on an icon you get a Details window. Here, you can keep notes on the node, attach related files, and do several searches, such as Google and Wikipedia:
Using the Pro version you can generate reports and graphs of the maps. The community version is also limited to 12 nodes for each search of a node.
Maltego can be used to compile all your notes and gather data from your penetration testing. You will also find an application called Casefile installed on Kali. Casefile is an offline version of Maltego used to store and compile data from security work.
You can find Windows versions of these applications online at http://www.paterva.com. See their website for more in depth usage of their applications. Check out how this tool can also be used in social engineering.