How To Use Maltego: OSINT Quick Start For Ethical Hacking

Introduction: Connecting the Dots in a Digital World

In our interconnected digital universe, information is everywhere. A single email address, a username, a company name – these are not just isolated data points. They are potential starting points for uncovering a vast web of relationships hidden in plain sight. This is the power of Open-Source Intelligence (OSINT), and one tool stands out for making this process visual, intuitive, and powerful is Maltego.

Maltego is a groundbreaking platform for link analysis and data mining. It transforms raw, disconnected data into a clear, interactive map (called a “graph”) that reveals the hidden connections between people, groups, websites, domains, IP addresses, and more. Used by cybersecurity professionals, law enforcement, investigators, and journalists, Maltego helps answer critical questions: “Who is behind this social media account?”, “What infrastructure does this company own?”, or “How are these entities related?”

This guide will walk you through everything you need to get started with the free Maltego Community Edition, from installation to your first transformative investigation. 

What exactly is Maltego?

At its core, Maltego is a tool for link analysis. It doesn’t just find information; it connects it.

Transforms

These are the core functions of Maltego. A Transform takes a piece of data (like a website domain) and queries various data sources to return related information (e.g., the IP address it points to, the email addresses found on the site, its network blocks). Think of them as super-powered search queries.

Entities

These are the nodes on your graph. They represent the data points themselves, such as a Person, Email, Phone Number, Website, Domain, IP Address, or Location. Each entity type has specific Transforms that can be run on it.

Graph

This is the visual workspace where all Entities and their connections are displayed. This map allows you to see complex relationships at a glance, which would be nearly impossible to decipher from a list of raw data.

Downloading and Installing Maltego CE (Community Edition)

The free version, Maltego CE, is incredibly capable and perfect for learning and small-scale investigations.

1. Go to https://www.maltego.com/pricing/. Always download software from the official source to ensure security.

2. Navigate to Basic

3. It will take you to https://www.maltego.com/use-for-free/

4. Create a Maltego ID. Fill in your details like name, email, password and verify your email address.

5. After verification and profile setup, it will take you to https://app.maltego.com/ 

6. Now click the “Maltego Graph Desktop”

7. Download the .deb package for linux 

8. Run below commands to install it in linux

9. Maltego requires UI so we need to perform below steps

   1. Run below commands to install it in linux

2. We need to edit the vnc startup file. Refer to below content

3. Now run the vnc server using below command and setup your password which will be required later

4. Successful run should give you below output

10. Now we need a vnc client to connect with our vnc server. You can use the VNC viewer for this purpose. You can find it on the given link https://www.realvnc.com/en/connect/download/viewer/ 

    1. Exit the current session with the server 

    2. Create a new session using below command

       

3. Now use vnc viewer to connect with this UI using below

   

11. After connecting with our server, let us now setup maltego there. You can run the “maltego” linux command in the terminal to start it

12. On startup, you will see something like below. As maltego is a paid program, we will use “maltego ID” to see some basic usage in free version

13. Use the maltego ID that we created in the 4th step to complete setup process steps

1. During online activation, you will be required to open the browser for login. Use linux package manager to install firefox e.g.

2. When you run firefox, you may get error related to display e.g.

3. Export below environment variables to resolve this

4. After a successful  login in the browser, you will see

14. The setup is now complete. We can now see the basic usage from the free version.

Maltego Graph Desktop

In today’s digital world, data is everywhere but insight is scarce. Maltego Graph Desktop empowers investigators, security professionals, and analysts by connecting scattered data—from social media, domains, company records, and metadata—into clear, actionable visual graphs for powerful OSINT and link analysis.

The “Graph Desktop” version is the free, community-oriented edition designed for individual users. Its core function is to automate the collection of data from public sources (transforms) and visualize the relationships between entities (nodes) in a directed graph. This visualization makes it easy to see hidden relationships, identify central figures, and understand complex networks that would be nearly impossible to decipher from spreadsheets or text reports.

Core Concepts: The Language of Maltego

Before you start, understanding these three fundamental concepts is crucial:

Entities

These are the nodes on your graph. They represent the individual pieces of data. Maltego has a vast library of entity types, including:

• Domain: example.com

• IP Address: 192.168.1.1

• Person: John Doe

• Email Address: john@example.com

• Phone Number: +1-555-0100

• Company: ABC Corp.

• Website: https://example.com/index.html

• Social Media Profiles: Twitter, Facebook, etc.

Transforms

These are the engines of Maltego. A transform is a function that queries a data source (like a public API or database) to find information related to a selected entity. For example:

• Running a “To DNS Name” transform on a Domain entity returns IP Address entities.

• Running a “To Email Address” transform on a Domain entity might find email addresses associated with that domain’s WHOIS record.

Machines

These are automated scripts that chain multiple transforms together to execute a complex investigation workflow with a single click. For example, a “Company Stalker” machine might take a company name, find its website, discover associated domains, find employees on social media, and more.

Mapping a Website’s Infrastructure

Using Transforms

Let’s perform a simple investigation to map the digital footprint of a website.

1. Create a New Entity: In the Palette on the left, find the Domain entity. Click, drag, and drop it onto the center Graph View.

2. Set the Target: Change the target according to the requirement e.g. tesla.com

3. Run Transform: Click on the tesla.com entity. Navigate to the left menu Transform Hub. This is where you manage your data sources. For DNS info, we can use the built-in “Dev (Community)” transforms. Search for and install the “To DNS Name – NS (Domain)” transform. This will find the Name Servers for the domain.

4. Click on it to run it and you will see that the graph now has multiple results. Analyze the Results: Maltego will query public DNS records and add new entities to your graph—the name servers (NS records) for your domain. Lines (edges) will connect them, showing the relationship.

5. Expand Further: Now, right-click on one of the new NS (Name Server) entities. Run a transform like “To IP Address” to resolve the name server to its IP address. 

We can see in the result that we got IP addresses for that nameserver

You can continue this process, running transforms on any interesting new entity you discover.

 

Using Machines

Footprint L1

Don’t just run transforms one by one. Explore the Machine tab in the top menu. Try running the “Company Stalker” or “Footprint L1” machine on a target. This automates a whole series of transforms and can rapidly expand your graph with minimal effort.

1. Click on Machines on top menu and then Manage Machines

2. You can find the available machines here in the menu

3. We will only perform basic level 1 scanning to test the feature so uncheck all the machines except Footprint L1 and close the window. Then click Run Machine button on top menu

4. It will open another window. Select the machine, specify target and finish setup

5. Specify the domain name i.e. tesla.com 

6. When we click Finish, it starts the automated process and on the side panel we can see what is being performed at that time. The output shows multiple points but because of screen size issues, we cannot see the details all at once. You can zoom in for further insights. But it can be seen clearly that it extracted for us DNS information and IP addresses etc

Company Stalker

Now let us run the Company Stalker machine to extract email addresses for a domain

1. Again, select this machine from the manage machines section

2. Click Run Machine

3. Choose Company Stalker and click next for target

4. Click finish and it will start automated operation

5. You can see in the below zoomed output that it extracted the email addresses for us along with the URLs

6. Select any entity to go in the details

7. Double click the entity

8. For ease, we can also select the List View to view items clearly by selecting List View from side panel

Ethics and Legality

Terms of Service

Always comply with the Terms of Service of the data sources you are using through Maltego. The free transforms often have rate limits to prevent abuse.

Privacy

Maltego is designed for analyzing publicly available information. Do not use it to process data without a legal basis for your investigation.

Data Accuracy

Remember, OSINT data can be outdated or incorrect. Always use Maltego as a tool for discovery and correlation, not as a single source of truth. Verify critical findings through multiple sources.

Conclusion: From Data to Intelligence

Maltego Graph Desktop democratizes the power of link analysis. It lowers the barrier to entry for conducting sophisticated OSINT investigations, allowing you to move from a single piece of data (an email, a domain, a name) to a comprehensive map of connections in a matter of minutes.

While the free Community Edition is powerful, note that commercial versions (Maltego Pro, Enterprise) offer access to many more premium data sources, higher rate limits, and collaboration features. However, for students, hobbyists, and professionals starting in OSINT, Maltego Graph Desktop is an indispensable tool that will fundamentally change how you see and interpret the digital world. Start with a simple domain, run a transform, and see where the connections lead you.