This week we learnt about how to use a tool called ‘Maltego’ to map out networks and people and how we can automate some of the processes.
We started out by taking a look at 2 people on Twitter (for example Jeremy Corbyn and Theresa May) and we used Maltego to see tweets and hashtags that were in common. Unfortunately, I’m struggling a bit to get this working at my Maltego at home so no screenshots
We then went on to find out information about different websites like the one that you’re probably reading this from now.
We can start off by creating a new ‘graph’.
Then we can drag in a domain ‘entity’ and type in the domain of the website we want to look at, in this case cadscheme.co.uk.
Then we can right-click to open the transformation menu and click the double arrow icon by ‘All Transformations’ to collect all the information about this domain automatically.
After waiting for Maltego to collect all of this information, we get a nice graph of all of the different DNS servers and domain registration information.
- The green screen with
WWWin shows subdomains, in this case we’ve foundwww.cadscheme.co.ukand nothing else. - The red server icon with
NSand the orange server icon withDNSshows DNS Servers that this domain uses. - The green server icon with
MXshows mail servers that the domain uses. We can see that the mail servers for this domain are owned by the domain registrar. - The yellow tower icons show the domain registrar and/or the company who manage this domain. For this domain we get the company
Nominetwho are in charge of UK domains like.co.uk,.uk, etc.. - The green person icon shows the person who owns this domain. We aren’t getting the person who actually owns the domain because this domain uses ‘WHOIS Guard’ which ‘proxies’ information through another company, to protect the owner’s identity.
Finally, we finished off with creating a map of the school’s network in Maltego using the information we found last week.