Tuesday, June 24, 2008

Maltego2: A VERY Useful Tool For Private Investigators

I try to share as much as I can with others on the net. I am of the belief that knowledge should be shared. I am not fearful of those that might have the same tools that I have, because I know what my investigative abilities are and I know that my abilities allow me to do some things that the average layman just can't do.

A while back I found a tool that is nothing short of impressive considering what can be done with it. It is a tool that Law Enforcement and some of our top Intelligence Agencies use to analyze data with. I would like to share that tool with you here today.

Maltego2 is a very nice all around tool for performing almost any kind of an investigation with; from cyber investigations, to background checks to criminal defense investigations, it is amazing. First of all it is a graphical tool. Second of all, it has the ability to show data relationships, and third of all, I have seen it pull data that one would have to search multiple sites for.

Below are some pictures of what Maltego2 does.

As you can see from the top screenshot I have started compiling data on an IP Number. You can see that as I move along I am compiling more data to include server information, phone numbers, information related to the phone numbers, and I can keep going and going. I can search by IP Number, DNS Name, Domain, Phone Number, Person's Name, and EVEN a phrase.

I can show various relationships between the data that I accumulate as I do my research. I can delete data that is not pertinent to my investigation and strip the final results down to only pertinent data. I can research each piece of data by making one click to take me to the place on the Internet that Maltego2 found my data.

Maltego2 comes in a Commercial Edition and a Community Edition. The Community Edition is free and the Commercial Edition costs $430.00 for the first year and $320.00 for each year after. The Community Edition has limitations, but some of them can be gotten around, for example you can not save the maps in the Community Edition, but you can take a screen shot as I did above. You can also save the data from your browser as you click on the details view and open up your browser to view the information that you found. You can then print that data and mark it to coordinate with the information on your actual screen shot of the map. Not as pretty, but you still have all of the data there and you still have a good representation of that data.

Here is the link for Maltego2: Maltego2 Link

Here is a wiki instruction manual for Maltego2: Maltego2 Instruction Manual

Here are some News Articles on Maltego2: Maltego2 News Articles

As always, I hope this helps some P.I. somewhere.


Ricky B. Gurley Best Cyber Investigator