Fingerprinting and Getting Information from DNS, IP’s and Websites with Maltego

 

1 :: Download the corresponding file for your distribution on the Maltego website

Debian Distros: # dpkg -i MaltegoChlorineCE.3.6.0.6640.deb Fedora, CentOS/RHEL: # rpm -i MaltegoChlorineCE.3.6.0.6640.rpm Slackware Distros - Baixe o RPM # rpm2tgz MaltegoChlorineCE.3.6.0.6640.rpm # installpkg MaltegoChlorineCE.3.6.0.6640.tgz
2 :: Register on the maltego website. You will always need to enter your email and password. If you do not feel comfortable click here .

Performing a Survey of Information: Domain and DNS Zone

1 :: Open Maltego and click + to add a new Graphic.
The idea of ​​Maltego is as simple as possible. Let’s select the objects and drag them. Then we will click on them individually and have our machines do the corresponding analysis.
We will drag the DNS Name and Domain icon, and in them we will write the address of our target.
2 :: Click on the icon and see that the options of the Run View change. Here we will have some levels and information about test cases. Always receiving risk alerts and so on. These levels can range from the simplest where we will perform a standard DNS query to more ninjas levels where we will use machines to test zone transfers, brute force in Domains, get IP’s network ranges and etc. Try using the Footprint L3 for testing. 🙂
3 :: At first, depending on the type of test, it will seem like a lot of messy information. In the end, it is. Little will we take advantage of these tests, but it is a hand in the wheel when we know how to clean and take only the information really needed for Pentest. We may even point to zone transfer failures.
In this test used in the test site, we can raise several subdomains, including FTP’s, E-mail servers, intranet and related websites in some way. Very cool to increase your range of attack.
The idea is not to show such a thorough review of the tool, since there are millions of test combinations, but rather you explore them. In it, it is possible to monitor Twitter tags and even fingerprints on individuals and legal entities from names, documents, emails and etc, but be careful and make conscious use of the tool. Neither I nor Maltego are responsible for the misuse of the tool.
🙂
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s