Maltego gives you power and dominance in data mining...

Neighbourhood watch schemes reduce crime by 25–75%. Combining social monitoring with the Net might similarly lower crime risks and
terrorism using information on the Net. "Techint"- intelligence
gathered using technical means is the new buzzword in circles where
reconnaissance is a crucial requirement.

Post 9/11,Pittsburgh University public health expert; Ronald E.
LaPorte described his ideology; "An ever alert, flexible
electronic-matrix of civil defense" which could help government, NGOs,
business and the public collaborate more effectively. Further on his
wish list was "…we can have 20 million educated, committed, and
interconnected volunteers worldwide on the outlook for the prodrome of

Unfortunately, this never materialised. His 20 million, educated,
committed and interconnected volunteers worldwide had other paying
careers to tend to, households to keep and wives who needed ski
holidays. But what would happen if you could find a few educated,
committed and interconnected intelligence or security analysts world
wide who could monitor, search, and investigate the Net using
automated software?

Roelof Temmingh from Paterva ( conceptualised and
developed exactly this during 2007.

Voted "Best Tool" in the information gathering section during Dec 2007
by (, Maltego is now
mentioned in the same circles as tools such as Nessus and Metasploit.

Maltego is capable of intelligently mining information on the
Internet. It uses numerous methods to search for public information
about a variety of entities such as individuals, phrases, email
addresses, telephone numbers and domain names. These methods are
’plugins’ for the Maltego framework and are referred to as transforms.

Maltego transforms will expand a standard query into numerous others -
each with a "confidence index". This means a search for a person such
as ’Andrew Brood’ will results in searches for ’A Brood’ and ’Andrew
B’, but with lower confidence indexes than the original query. Finally
results are sorted by the sum of their confidence indexes, their
frequency and how close they match to the original query. The same can
be applied to email addresses, telephone numbers etc. This expansion
of queries saves the analyst time and helps to unearth information
that is normally lost with casual data mining.

Maltego uses a client/server architecture. The collection and
processing of information is done at the server - called a Transform
Application Server and returned to the client for display.

This design allows others to write transforms, set up their own
Transform Application Servers, or even add their own entity types to
conduct searches for virtually any type of information. Users can
modify or add transforms without needing to update the client
software. This customization is invaluable to organizations which have
huge amounts of internal data with no way to make sense of it.

Maltego is an "all-in-one-tool" responsible for information mining,
visualization and analysis. This is a huge advantage over other
analysis tools that depends on the user to manually do the information
collection process and feed it for analysis. It also makes the
investigative process a lot more interactive - an analyst can now
simply click on a result to investigate it further.

Currently more than 2000 security auditors, pen testers and forensic
investigators world wide are using Maltego - it is fast becoming the
data mining tool of choice... bringing the spies in from the cold, at
last... and putting them in front of Maltego.

source :

Susan Attfield for Roelof

I Consulting


Related Articles

Data Mining
Information Gathering