Analyzing the Amorphous Archive with Maltego

Theodosius

Administrator
Joined
Jun 1, 2020
Messages
496
Reaction score
301
Points
63
Maltego is OSINT (Open Source Intelligence) software created by Paterva. This thread will walk you through using the Amorphous Archive and Maltego software to 'do OSINT'.

https://www.maltego.com/downloads/ <- you probably want the EXE + Java download for windows. The software also works on Linux and MacOS.

Here's a handy Tutorial:



What is Maltego and why use it for OSINT?
Maltego is a data mining tool that mines a variety of open-source data resources and uses that data to create graphs for analyzing connections. The graphs allow you to easily make connections between information such as name, email organizational structure, domains, documents, etc. Maltego uses Java so it can run on Windows, Mac, and Linux and is available in many OSINT Linux distros like Buscador or Kali. Basically, it will parse a large amount of information and search various open-source websites for you and then toss out a pretty looking graph that will help you put the pieces together. Maltego can be used as a resource at any point during the investigation however if your target is a domain it makes sense to start mapping the network with Maltego from the start.

The most common use of Maltego is to, well, dox people. Starting from a website name, an email address or whatever, you add a few entities to 'graph' and then apply transforms to them.

There are lots of transforms -- some free, some premium:

Maltego.PNG

I'm in the process of converting the Amorphous Archive to a Maltego format file, which you can then use to BOOTSTRAP your QRESEARCH OSINT.

Here's an example:

NOTE: after the first first interaction, the rest is boring -- results in the next poast.

Maltego.gif
 
Last edited:

Theodosius

Administrator
Joined
Jun 1, 2020
Messages
496
Reaction score
301
Points
63
And... the results: ... hey. I just doxxed AUSTIN STEINBART.

source.PNG
 

Theodosius

Administrator
Joined
Jun 1, 2020
Messages
496
Reaction score
301
Points
63

Theodosius

Administrator
Joined
Jun 1, 2020
Messages
496
Reaction score
301
Points
63
A very good use for Maltego is to document the artifacts captured in your 'investigations'. If that's all you want to do, you don't need a sign in account and can install the free 'casefile' edition, rather than download the full (also free) Community Edition. You can later upgrade by providing a sign in account, if you want to be able to do 'transforms' (searches).

tl;dr

 
Last edited:

Theodosius

Administrator
Joined
Jun 1, 2020
Messages
496
Reaction score
301
Points
63
For people who don't have MALTEGO installed, you go to 'export', then 'generate' report (attached).

Obviously, this is mere skeleton of an investigation -- to b useful, you would want to add a lot more details to the nodes of the persons and organisations that are the target of your investigation!

(scroll past the itty-bitty dots on the first page!)
 

Attachments

Last edited: