* I started this post in Feb 2014 but it took me a while to actually finish it 🙁
Aside from mentioning Maltego in my recommended OSINT Tools List, I have never gone into any detail about this awesome tool from Paterva. The main reason for this is that anything I do to demonstrate its awesomeness would be total suckage compared to the amazing videos Roelof puts together.
Anyway if you have no idea what Maltego is, here is the blurb from Paterva’s site:
Maltego is a unique platform developed to deliver a clear threat picture to the environment that an organization owns and operates. Maltego’s unique advantage is to demonstrate the complexity and severity of single points of failure as well as trust relationships that exist currently within the scope of your infrastructure.
The unique perspective that Maltego offers to both network and resource based entities is the aggregation of information posted all over the internet – whether it’s the current configuration of a router poised on the edge of your network or the current whereabouts of your Vice President on his international visits, Maltego can locate, aggregate and visualize this information.
Maltego offers the user with unprecedented information. Information is leverage. Information is power. Information is Maltego.
So I have been using Maltego for many years, and around August 2013 the latest version was Tungsten was released. Roelof, Andrew and the team always do a great job with updates and new releases, so I am always excited to check out the new release. Tungsten is now the Maltego product I always wanted, the reason for this is the new ability to collaborate over XMPP. This allows groups of people to team up and work on a Maltego graph together, allowing the group to leverage custom and paid for transforms so everyone is a winner. Both the community and commercial versions of Maltego Tungsten have this feature, and Paterva kindly provide a XMPP server you can use, but if you are using the commercial version can roll your own.
Creating your own XMPP Server (ejabberd) and Connecting with Maltego Carbon
For those who just want to be sure on what settings apply in Maltego for graph sharing, I have put some screenshots below with some notes.
When you open Maltego, you want to select the Share Graph icon to initiate your collaboration activities.
On the Session page we need to create a session name, this can be anything (its basically the XMPP room name), then we should select a secret key, this isnt mandatory but stops some randomer turning up to you collaborating session. Then finally your user alias, this isn’t your registered username so it can be anything.
Now if you are using the Paterva Public server its click and go (only option for community users), if you have a Paterva Private server, bang the IP or server name in and away you go. However if you are rolling your own XMPP server like in the video above, then we need to enter the DNS name of our XMPP server, then select the port. Typically its 5222 but if you have a specific config set the right values, or leave the auto detect to attempt its magic. The last important piece here is to put your REGISTERED username and password in for the server you are connecting to.
Finally you have your level of encryption. Depending on your Java configuration you will be set to 128bit or possibly allowed to increase to 256bit, either way make your selection and click connect.
Assuming all went well, your new graph is open and you are ready to do magical things. When your OSINT cohorts arrive, you will see them in the right hand status window.
Enjoy and happy collaborating 🙂
Hello, as a fellow Maltego fan quick question for your OSINT work do you write custom transforms or do you look for commercial/in-built transforms? I write a lot of Maltego transforms and was looking to start building some OSINT related ones.
Thanks,
Adam
Hi Adam,
writing custom transforms is something that is always on my list but doesn’t get done. Currently I use the commercial and inbuilt transforms, as well as others I stumble across. Not sure if you have seen my post on transforms, a few of my favs listed here.
Hi Dale,
Yeah I’ve just found that link, in fact a couple of transform packs of mine are already on there. If you ever find the time for writing transforms check out my blog as I’ve written a blog series on creating Maltego transforms. I’m always happy to code up transforms so give me a shout if need any help.
Adam