Table of Contents 1 Introduction Server Requirements Installing the Maltego 3 Client Getting started with Maltego Using your mouse Running a transform
|Published (Last):||2 October 2009|
|PDF File Size:||18.24 Mb|
|ePub File Size:||3.95 Mb|
|Price:||Free* [*Free Regsitration Required]|
Jul 24, AM. Maltego allows security professionals to retrieve information on target s of interest — infrastructure, people, or companies — and explore simple and complex relationships using graph visualizations. It is pre-packaged in Kali Linux but if you want to download Maltego, it is distributed in three different versions: XL, Classic, and CE, each downloadable at the Paterva website.
We recommend prior to installing Maltego CE or using Kali Linux, you register an account located here , as it is a mandatory requirement by Paterva. For our research, we use the domain gap-facebook[. In the FireEye post, they attribute the domain as command and control C2 infrastructure associated with a Vietnam-based cyber espionage group called APT32 alias OceanLotus. To view the installed transforms for pivoting on the seed data, right click on the entity.
Some available options for querying on domains are:. This returns three IP addresses. Visual inspection of the URLs shows the threat actors created the websites with popular brand names - Adobe and Microsoft - in the URL path, a common tactic employed during phishing and malware campaigns.
The last step involves searching for malicious files that embed URL pattern strings with our seed. In this blog, we showed you how to use Maltego to investigate a single link from the domain gap-facebook[. Without further investigation, we rapidly discovered a fresh set of suspicious and malicious IOCs - not previously disclosed in the FireEye blog. This could be used by network defenders to proactively search through networks to detect and isolate possible traffic between their enterprise systems and malicious infrastructure that could have evaded existing defensive solutions.
Monitoring deep, dark and surface web to detect exposure of your sensitive data, secret projects and initiatives, privileged users, critical systems, IT infrastructure, and more. Assess the risk footprint and security posture of key business relationships to get a handle on external risk introduced through your extended attack surface. Sign Up for Updates. Digital risk monitoring of key personnel with telemetry and risk metrics. VIPRecon provides broad coverage of social media, deep and dark web, as well as physical threat assessments.
A GroupSense patented and in-house creation that empowers security analysts with filtered and focused threats from deep and dark web sources. Dark Web Monitoring. Gain visibility of your digital footprint by reaching into the most active areas of the cyber underground. Intel as a Service. Fully managed and tailored Threat Intelligence services that becomes an extension of your current security processes and provides real-time visibility on new threats.
Threat Investigations. Providing research and investigations into known threats, to save security teams time and stress during a cyber emergency. Social Media Monitoring. Monitoring for threats to elections, VIPs, and more on social media to proactively prevent or mitigate digital risk. Third Party Risk. Actively researching and monitoring threats from vendors or third-party companies that can affect organizational security.
Digital Risk Protection. Focusing on the threats and risks that matter to your security processes and providing intelligence and insights to prevent or mitigate digital risk. Proactive Solutions. Taking the next step in security services, by proactively taking down phishing sites or anonymously interacting with threat actors to provide better intelligence. Brand Protection. Active monitoring of your brand's digital assets to protect its reputation and stop further brand abuse from targeting unsuspecting victims.
Combining your cyber and fraud programs to effectively fight threats actors continually scamming or threatening assets within an organization. Executive Protection. Executives are prime targets for fraudulent activities, but with a proactive approach, any attacks or threats can be neutralized before causing any damage. How to Use Maltego to Investigate Threat Infrastructure To view the installed transforms for pivoting on the seed data, right click on the entity. Topics: Blog.
Written by Editorial Team. Next Post.
Maltego Version 3 User Guide