• 90 | Chapter 3: Reconnaissance
  • Open Source Intelligence | 91
    		•

    Open Source Intelligence | 89




    Download 22,59 Mb.
    Pdf ko'rish
    bet90/225
    Sana14.05.2024
    Hajmi22,59 Mb.
    #232856
    1   ...   86   87   88   89   90   91   92   93   ...   225
    Bog'liq
    learningkalilinux

    Open Source Intelligence | 89

    Figure 3-3. Running a machine from Maltego
    During this process, the machine will ask for guidance about what entities to include
    and what entities to exclude; when the machine is done, you will have a graph. This
    isn’t a graph that you may be used to. It is a directed graph showing relationships
    between entities. In the center of the graph resulting from the machine we ran, we
    can see the domain name we started with. Radiating out from there are a variety of
    entities. The icon for each entity indicates its type. For example, an icon that looks
    like a network interface card is an IP address entity. Other entities that may look like
    stacks of systems belong to DNS and MX records, depending on their color. You can
    see an example of a Maltego graph in 
    Figure 3-4
    .
    90 | Chapter 3: Reconnaissance

    Figure 3-4. A directed graph in Maltego
    From each entity, you can get a context menu by right-clicking. You will be able to
    view transforms that you can then apply to the entity. If you have a hostname but you
    don’t have the IP address for it, you can look up the IP by using a transform. You
    could also, as you can see in 
    Figure 3-5
    , get information from a regional internet reg‐
    istry associated with the entity. This would be the whois transform provided by
    ThreatMiner.
    Figure 3-5. Transforms to apply to entities
    Open Source Intelligence | 91

    Anytime you apply a transform, you make the graph larger. The more transforms you
    have, the more data you can acquire. If you start with a single entity, it doesn’t take
    long before you can have a lot of information. It will be presented in a directed graph
    so you can see the relationships, and you can easily click any entity to get additional
    details, including the associated entities, both incoming and outgoing. This can make
    it easy to clearly see how the entities are related to one another and where the data
    came from.
    If you are the kind of person who prefers to visualize relationships in order to get the
    bigger picture, you may enjoy using Maltego. Of course, you have other ways to get
    the same information that Maltego provides. It’s just a little more laborious and cer‐
    tainly a lot more typing.

    Download 22,59 Mb.
    1   ...   86   87   88   89   90   91   92   93   ...   225




    Download 22,59 Mb.
    Pdf ko'rish