Name Current Value Required Description
-------- ------------- -------- -----------
FILENAME /root/.recon-ng/workspaces/default/results.json yes path and filename
for
report output
TABLES hosts, contacts, credentials yes comma delineated
list of tables
[
recon-ng
][
default
][
json
]
> run
[
*
]
27
records added to
'/root/.recon-ng/workspaces/default/results.json'
.
While Recon-NG doesn’t support workspaces, you can export your data if you are
working with multiple clients and then clean out the database to make sure you don’t
have any cross-contamination. In the preceding example with 27 records in the con‐
tacts database, I cleared it by running
delete contacts 1-27
, which deleted rows 1–27.
This required that I run a query against the database to see all the rows and know
what the row numbers are. Running the query was as simple as just using
show con‐
tacts
. Using Recon-NG, you have a lot of capabilities, which will continue to change
over time. As more resources become available and developers find ways of mining
data from them, you might expect new modules to become available.
Maltego
Because I go back so many years to the days when GUIs weren’t a thing, I’m a
command-line guy. Certainly, a lot of command-line tools can be used in Kali. Some
people are GUI kinds of people, though. We’ve taken a look at a lot of tools so far that
are capable of getting a lot of data from open sources. One thing we don’t get from
the tools we have used so far is easy insight into how the different pieces of informa‐
tion relate to one another. We also don’t get a quick and easy way to pivot to get addi‐
tional information from a piece of data we have. We can take the output of our list of
contacts from theHarvester or Recon-NG and then feed that output into either
another module or another tool, but it may be easier to just select a piece of informa‐
tion and then run that other module against that data.
This is where we come to Maltego.
Maltego
is a GUI-based program that does some
of the same things we have done already. The difference with Maltego is we can look
at it in a graph-based format, so all of the relationships between the entities are shown
clearly. Once we have a selection of entities, we can acquire additional details from
those entities. This can then lead us to more details, which we can use to get more
details, and so on.
Before we get too far into looking at Maltego, we need to get the terminology down so
you know what you are looking at. Maltego uses transforms to perform work. A
transform
is a piece of code, written in the Maltego Scripting Language (MSL), that
uses a data source to create one entity from another. Let’s say, for instance, that you
have a hostname entity. You might apply a transform to create a new entity that con‐
