Thiago Teixeira

EN | PT

MAL

Maltego

Maltego Technologies

Visual link-analysis tool for OSINT and infrastructure mapping.

Threat Intelligence Freemium GUI Learning Cross-platform

Homepage Docs

Cyber Kill Chain & Defender Lifecycle

Attacker — Kill Chain

1 Reconnaissance

2 Weaponization

3 Delivery

4 Exploitation

5 Installation

6 Command & Control

7 Actions on Objectives

Defender — IR Lifecycle

8 Detection / Monitoring

9 Containment & Eradication

10 Post-incident Forensics

Description

Maltego is the leading visual link-analysis tool for OSINT and infrastructure investigations. Analysts drag "entities" (a domain, an email, a person) onto a canvas and run transforms — queries against integrations (WHOIS, Shodan, HaveIBeenPwned, VirusTotal, social media) that pivot to new entities.

The graph reveals relationships that would be tedious to discover manually: shared hosting infrastructure, related domains under one registrant, email accounts breached together, etc.

Use cases

Mapping an attacker's external infrastructure
Executive protection / brand monitoring OSINT
Investigating phishing kits and look-alike domains