tains the IP address linked to the hostname entity. As noted earlier, Maltego presents
its information in a graph form. Each entity would be a node in the graph.
We are going to be using the community edition of Maltego because it’s included in
Kali, though Paterva does supply a commercial version of Maltego. As we are using
the community edition, we are limited by the transforms that we can install into Mal‐
tego. The commercial version has many more transforms from different sources.
Having said that, there are still several transforms that we can install with the com‐
munity edition. You can see the list of transform bundles in
Figure 3-2
.
Figure 3-2. Transforms available in Maltego community edition
The engine of Maltego is the transforms that are installed. However, you don’t have to
do all the work yourself by applying one transform after another. This is done using
something called a
machine
. A machine can be created to apply transforms from a
starting point. As one example, we can get the footprint of a company. The machine
that will do the work for us includes transforms doing DNS lookups and finding con‐
nections between systems. The Footprint L3 machine performs transforms getting
the mail exchanger and name server records based on a provided domain. From
there, it gets IP addresses from hostnames and does additional branching out from
there, looking for related and associated hostnames and IP addresses. To start a
machine, you would just click the Run Machine button, select the machine you want
to run, and then provide the information required by the machine. In
Figure 3-3
, you
can see the dialog box starting up a machine, and above that the Machines tab with
the Run Machine button.
