About this course

Course type Performance Plus
Course code QAMALTEGO
Duration 2 Days

Getting acquainted with the various sources of OSINT available to a security analyst can be quite a daunting task even with the use of Maltego. During this course we will help you unlock the true potential and raw power of Maltego – from helping you to understand the underlying technologies to exploring the full potential of Maltego's analytic capabilities.

Maltego can be used to determine the relationships between the following entities: People, Names, Email addresses, Aliases, Groups of people (social networks), Companies, Organizations and Web sites.

From finding people and those who influence them to uncovering internal IP addresses and technology used at major companies. See how much data is 'out there' and what people can do with it as well as how you can reach this data for both defending and attacking.

This is a 2-day hands-on course packed with practical exercises using real world data, giving participants real world experience with the tool.

Prerequisites

Participants are expected to have a good level of OSINT knowledge, we recommend QAOSCII.

This course is intended for anyone who wishes to be able to use Maltego utilise for gathering information and intelligence. It will be of particular interest to those in the private and public-sector investigations, compliance industry, financial institutions, insurance

Delegates will learn how to

Day 1 Objectives

1. To be familar with Maltego and Open Source Intelligence (OSINT) tooling
2. How to get the most out of the tool - the tips and tricks that we regularly use in investigations
3. How to import and export data to/from Maltego
4. How to map organisations on infrastructure level
5. How to classifying an organisations infrastructure

Day 2 Objectives

1. Determining technologies used by a company and identifying possible weak spots
2. Techniques to find, profile and influence individuals or groups of people
3. Working with social networks, geotagged pictures, devices and aliases
4. Understand the spheres of influence around individuals
5. How to export the results

Outline

Where applicable our QA OSINT instructors have a law enforcement, internet investigations and digital forensics practitioner experience aligned to the best practice standards, including ISO17025.

Module 1 Introduction to Maltego
This module covers the following subjects:

  • Introduction to Maltego
  • Maltego System Requirements, Installation and Set Up
  • Running a Transform
  • Graph Options
  • Layouts/views

Module 2 Entities
This module covers the following subjects:

  • Entities in Maltego representing different types of information and are represented as nodes on your graph, which categorized into groups with the main categories being Internet Infrastructure and Personal.
  • Adding an Entity to your Graph
  • Editing an Entity Value
  • Selecting an Entity
  • Selecting Multiple Entities
  • Selecting Multiple Entities one at a time
  • Entity Details

Module 3 Transforms
This module covers the following subjects:

  • Transforms Hub
  • Manage Transforms
  • Local Transforms
  • Managed Services
  • Run View
  • Managed services
  • Third party API’s

Module 4 Machines
This module covers the following subjects:

  • Run Machine
  • Stop all Machines
  • New Machine
  • Manage Machines
  • Machines Window

Module 5 Collaboration
This module covers the following subjects:

  • Share Current Graph
  • Encryption - Tab
  • Starting a Shared Graph Session
  • Collaboration Session Window
  • Chat – Window

Module 6 Import & Export
This module covers the following subjects:

  • Import Graph from Table
  • Tabular Mappings
  • Export Graph to Table
  • Export Graph as Image
  • Generate Report
  • Export Configuration
  • Import Configuration

Module 7 Application Menus
This module covers the following subjects:

  • Printing
  • Tools
  • Graph
  • Metadata
  • Updating

Module 8 Practical Applications
This module covers the following subjects:

  • Network Foot printing
  • Social Network Monitoring
  • Cyber Crime

Performance Plus

2 Days

Duration

This course is authored by QA

Delivery Method

Delivery method

Classroom / Attend from Anywhere

Receive classroom training at one of our nationwide training centres, or attend remotely via web access from anywhere.

Trusted, awarded and accredited

Fully accredited to ensure we provide the highest possible standards in learning

All third party trademark rights acknowledged.