Scribd
Upload
96 views12 pages

Maltego - Passive Reconnaissance

The document is a lab manual focused on using Maltego for Cyber Threat Intelligence (CTI) and Open-Source Intelligence (OSINT). It outlines the tool's features, installation process, and various reconnaissance techniques such as domain investigation, email enumeration, and threat actor profiling. The lab aims to help users visualize relationships and gather actionable intelligence from public data sources.

Uploaded by

nimmiannaaji
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
96 views12 pages

Maltego - Passive Reconnaissance

The document is a lab manual focused on using Maltego for Cyber Threat Intelligence (CTI) and Open-Source Intelligence (OSINT). It outlines the tool's features, installation process, and various reconnaissance techniques such as domain investigation, email enumeration, and threat actor profiling. The lab aims to help users visualize relationships and gather actionable intelligence from public data sources.

Uploaded by

nimmiannaaji
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 12

Maltego

The OSINT Tool

Cyber Threat
Intelligence

A Practical Lab Manual- III


Performer:

CTI Analyst
Name Sheraz Hussain

Domain Cyber Threat Intelligence

Mail ID [email protected]

LinkedIn URL https://www.linkedin.com/in/sherazbaloch

Supervisor:

Instructor and Course


Prof. Naveed Naeem Abbas
Instructor

Cyber Threat Intelligence


Domain

https://www.linkedin.com/in/naveednaeemabbas
Instructor LinkedIn
https://www.linkedin.com/in/sherazbaloch

Cyber Threat Intelligence


Passive Reconnaissance

Table of Contents

❖​ Maltego Overview

❖​ Lab Objectives

❖​ Lab Environment

❖​ Reconnaissance Techniques​
-> Domain Investigation​
-> Email & Social Enumeration​
-> Threat Actor Profiling​
-> Real-World Scenario

❖​ Conclusion

2
https://www.linkedin.com/in/sherazbaloch

🛡️ Maltego Overview

Maltego is a widely used tool in Cyber Threat Intelligence (CTI)
and Open-Source Intelligence (OSINT) for performing visual
reconnaissance and mapping relationships between public data. It
is particularly effective in discovering domain links, emails, IP
addresses, and infrastructure with minimal effort.

📌 Key Features of Maltego


●​ Visual link analysis for mapping relationships​

●​ 200+ built-in transforms for OSINT (DNS, WHOIS, social media,


etc.)​

●​ Integration with platforms like Shodan, VirusTotal, and


HaveIBeenPwned​

●​ Custom entity creation and flexible export options​

●​ Cross-platform support (Windows, Linux, macOS)​

3
https://www.linkedin.com/in/sherazbaloch

🎯 Lab Objectives
●​ Explore and use Maltego for passive OSINT
reconnaissance.​

●​ Visualize links between domains, emails, and infrastructure.​

●​ Gather actionable intelligence from public sources.​

●​ Apply transforms and generate investigation reports.​

🖥️ Lab Environment
●​ Host Machine: Kali Linux / Windows​

●​ Tool Used: Maltego Community Edition (CE)​

●​ Target: Public domains and threat infrastructure (ethical


scope)​

4
https://www.linkedin.com/in/sherazbaloch

⚙️ Maltego Installation & Configuratio n

Installation Process

Step 1: Install Maltego on Kali Linux

sudo dpkg -i Maltego.v4.9.2.deb

Step 2: Activate Maltego ID

●​ Register with institutional email (e.g.,


@student23317.au.edu.pk)

●​ Select Community Edition (CE)

Step 3: Configure Data Sources

●​ Enable integrations: VirusTotal, Shodan, WHOIS

5
https://www.linkedin.com/in/sherazbaloch

🔍 Reconnaissance Techniques
1.​Domain Investigation

📌 Target: www.certifiedhacker.com

📌 Performed transforms from Domain → IP → DNS →


Website​

📌 Identified subdomains: ftp.certifiedhacker.com,


mail.certifiedhacker.com​

6
https://www.linkedin.com/in/sherazbaloch

📌 Geolocated IP address to Provo, United States

📌 Cross-referenced results with WHOIS

7
https://www.linkedin.com/in/sherazbaloch

2.​ Email & Social Enumeration

📌 Extracted email addresses from domain search

📌 Mapped discovered emails to with relevant ip

8
https://www.linkedin.com/in/sherazbaloch

📌 Example emails: [email protected],


[email protected]

3.​ Threat Actor Profiling

📌 Mapped phishing infrastructure including domain, SSL,


and IP​

9
https://www.linkedin.com/in/sherazbaloch

📌 Labeled attack patterns using Mail Server​

📌 Visual graph exported for reporting (.graphml)

10
https://www.linkedin.com/in/sherazbaloch

🚀 Real-World Scenario
●​ Investigated ransomware domain: evilcorp.xyz​

●​ Found malicious hashes, IPs, and C2 references​

●​ Blocked malicious IPs and flagged employee


emails for awareness​

🏁 Conclusion

This lab demonstrated Maltego’s ability to:

●​ Map digital footprints and threat infrastructure​

●​ Gather passive intelligence from public sources​

●​ Aid cybersecurity operations through visual CTI


techniques

11

You might also like