Maltego is an interactive data mining tool that renders directed graphs for link analysis. The tool is used in online investigations for finding relationships between pieces of information from various sources located on the Internet.

Maltego Classic is the professional version of Maltego and provides extended functionality and compabilities when compared with community version of the tool. Maltego Classic is a commercial application and requires a valid license key to use. The tool can be used in a commercial environment while the community version of Maltego cannot. Maltego Classic has the capability of creating graphs that are far larger than the ones created in the community version of Maltego as there is no limitation on number of entities that can be returned from a single transform. Additionally Maltego Classic includes a range of different formats that your graphs can be exported to.

The focus of Maltego is analyzing real-world relationships between information that is publically accessible on the Internet. This can includes footprinting Internet infrastructure as well as finding information about the people and organisation who own it.

Maltego can be used to determine the relationships between the following entities:

• People.
  • Names.
  • Email addresses.
  • Aliases.
• Groups of people (social networks).
• Companies.
• Organizations.
• Web sites.
• Internet infrastructure such as:
  • Domains.
  • DNS names.
  • Netblocks.
  • IP addresses.
• Affiliations.
• Documents and files.

Connections between these pieces of information are found using open source intelligence (OSINT) techniques by querying sources such as DNS records, whois records, search engines, social networks, various online APIs and extracting meta data.

Maltego provides results in a wide range of graphical layouts that allow for clustering of information which makes seeing relationships instant and accurate – this makes it possible to see hidden connections even if they are three or four degrees of separation apart.

Maltego Classic Features

• The ability to perform link analysis on up to 10 000 entities on a single graph.
• The capability to return up to 10 000 entities per transform that is run.
• Includes collection nodes which automatically group entities together with common features allowing you to see passed the noise and find the key relationships you are looking for.
• Includes the ability to share graphs in real-time with multiple analysts in a single session.
• Graph export options include:
  • Images – jpg, bmp, png and gif.
  • Generate PDF reports.
  • Tabular formats – csv, xlx and xlsx.
  • GraphML.
  • Entity lists.
• Graph import options include:
  • Tabular formats – csv, xlx and xlsx.
  • Copy and paste.

Technical Details

• Maltego Classic is easy and quick to install – it uses Java, so it runs on Windows, Mac and Linux.
• Hardware Requirements:
  • A Maltego Classic client requires at least 2GB of RAM, but the more the merrier as Maltego loves memory.
  • Any modern multi-core processor will have more than enough processing power.
  • 4GB of disk space should be more than enough.
  • Using a mouse makes navigating Maltego graphs much easier and is definitely recommended.
• Network Requirements:
  • A Maltego Classic client requires Internet Access to operate fully.
  • The client will need to make outgoing connections on the following ports: 80, 443, 8081. Additionally port 5222 is needed to join shared graphs on Paterva’s public Comms server.
  • Please note that a Maltego client may need to make connections on additional ports if the client is using transform from 3rd party transform vendors from the Transform Hub.