I’ve been using Maltego Graph for a while, and it’s one of the best tools for visualizing investigations and pivoting!

One of the best feature is the use of Machines to automate pivoting and enrichment!

For example, you can create a Machine to automatically enrich an IP address with WHOIS info and then pivot through associated email addresses with a single click.

I have created a cheat sheet you can refer to when using Maltego

I’m curious — how many of you have already created Maltego automation with Machines?

@Maltego @maltegohq #threatintel #investigation #malware #IOCS #graphs #maltego

Maltego Telegram

Модуль Maltego для Telegram позволяет индексировать стикеры и эмодзи в канале, а также устанавливать создателей наборов стикеров/эмодзи с помощью их уникального идентификатора (UID).

Для этого нужно сделать API-запрос, извлечь "ID" и выполнить битовое смещение вправо, после чего UID конвертируется в логин через бота tgdb, что помогает раскрыть профиль пользователя.

Кроме того, модуль может деанонимизировать автора канала, который не оставил контакты, путём сканирования канала и поиска его наборов стикеров с применением аналогичной методики.

Для настройки модуля необходимо клонировать репозиторий, установить зависимости, указать соответствующие API-данные в конфигурационном файле и импортировать нужные файлы в Maltego для тестирования работоспособности.

src: https://github.com/vognik/maltego-telegram

Администраторов Telegram каналов теперь можно деанонимизировать по кастомным стикерам и эмоджи.

Уязвимость заключается в том, что UID стикер-пака позволяет извлечь ID его создателя, что помогает раскрыть профиль пользователя.

Авторы Telegram-каналов заказывают у дизайнеров фирменные наклейки и «регистрируют» их в мессенджере с помощью бота Stickers, не подозревая о том, что это раскрывает их аккаунт всем.

Для популярной OSINT-утилиты Maltego даже уже разработали модуль позволяющий автоматизировать данную задачу.

src: https://github.com/vognik/maltego-telegram

De cybersecurity trends van 2024: een diepgaande analyse https://www.trendingtech.news/trending-news/2024/08/28335/de-cybersecurity-trends-van-2024-een-diepgaande-analyse #cybersecurity trends 2024 #lek van gegevensrecords #foute content waarschuwingen #Maltego en Criminal IP #overgang IT naar cybersecurity #Trending #News #Nieuws

@krypt3ia It's been a while, but I believe #Maltego requires more stickers to run successfully.

How can you gather the most information for your #PersonOfInterest investigations? Use the convenient out-of-the-box access to a growing number of data sources included in #Maltego Data! Follow the steps in the updated cheat sheet to map out the digital footprint of your suspect NOW: https://www.maltego.com/blog/how-to-conduct-person-of-interest-investigations-using-osint-and-maltego/?utm_source=mastodon&utm_medium=social&utm_campaign=GOV&utm_content=maltego.com

Just like other major events, the #Olympics lead to a significant increase in social media engagement from both legitimate users and threat actors. This surge in online activity often includes the spread of genuine opinions but also #disinformation!

Discover how you can effectively monitor social media activities, understand public sentiment, and identify emerging threats early using real-time #OSINT data and AI-driven analysis with #Maltego Monitor: https://youtu.be/SUPbJGfhdTc?si=Vn1H_KLCCeNtOcbg

The Harvester: herramienta OSINT para analizar los riesgos de la información pública https://blog.elhacker.net/2024/07/the-harvester-herramienta-osint.html #herramienta #maltego #osint #tool

Events like Pride Month, the Olympics, and European football championships trigger strong interactions on social media, filled with supportive messages but also heated debates. Identifying genuine viewpoints versus those with harmful intentions can be challenging.

Join our deep dive on July 16th at 4 PM CET and learn how to capture the pulse of public sentiment and spot hostile patterns using #Maltego: https://www.maltego.com/event-registration/monitor-and-investigate-controversial-figures-with-maltego-pride-month-analysis/?utm_source=mastodon&utm_medium=social&utm_campaign=webinar_062024_pride&utm_content=maltego.com

The disintegration between security tools poses challenges for SOC teams, including tool fatigue, alert fatigue, and time expended on verifying false positives.

Find out how #Maltego helps combine disparate data into one interface: https://www.maltego.com/blog/how-to-integrate-data-sources-into-one-interface/?utm_source=mastodon&utm_medium=social&utm_campaign=CSO&utm_content=maltego.com

CTI investigations face complex challenges, making robust solutions for data integration and analysis vital for navigating vast data and countering sophisticated attacks. Our latest blog, "Incident Readiness with Maltego," explores the future of CTI, key challenges, essential capabilities, and how #Maltego ensures your team is always ready for threats.

Stay ahead with actionable intelligence: https://www.maltego.com/blog/incident-readiness-with-maltego/?utm_source=mastodon&utm_medium=social&utm_campaign=CSO&utm_content=maltego.com

In 2023, the average cost of data breaches surged to $4.45 million, making a 15% increase over three years. To mitigate this impact on your organization, use #Maltego to examine and analyze vulnerabilities, visualizing internal data and #IoCs within a single user interface. Our playbook demonstrates how to efficiently conduct a data breach investigation using Maltego, breaking down the process into five stages with mock-up graphs and detailed explanations. Learn more: https://www.maltego.com/blog/investigating-the-impact-of-potential-data-breaches-with-maltego/?utm_source=mastodon&utm_medium=social&utm_campaign=CSO&utm_content=maltego.com

make this shorter: Since 2008, #Maltego has been the trusted #OSINT platform for cyber threat intelligence. Now, we're launching new Professional and Organization plans to enhance your investigative capabilities.

Learn more about how our new plans can transform your investigations: https://www.maltego.com/blog/introducing-maltego-professional-and-organization-plans/

Dealing with a potential seller of stolen goods? Discover how you can find traces of your #PersonOfInterest online, map the extent of their illegal activities, and understand their patterns to catch them red-handed. All within a couple of clicks in #Maltego using the ready workflow!

Start investigating with Maltego NOW: https://get.maltego.com/maltego-organization?utm_source=mastodon&utm_medium=social&utm_campaign=GOV&utm_content=maltego.com

If you can only have one investigation tool, it's #Maltego: Data visualization, all data in one place, trusted by infosec and cybercrime experts worldwide.

Add Maltego to your essential toolkit like cybercrime experts worldwide already did:https://www.maltego.com/maltego-for-enterprises/?utm_source=mastodon&utm_medium=social&utm_campaign=ALL&utm_content=maltego.com

Experience firsthand how #Maltego's advanced tech empowers crime fighters while we maintain a strong focus on human-centric solutions. Dive deep into Maltego's #UX with our #CTO webinar featuring Ben April and Julie Wagner. Don't miss out: https://www.maltego.com/event-registration/behind-the-scenes-maltego-ux-research/?utm_source=mastodon&utm_medium=social&utm_campaign=ALL&utm_content=maltego.com

Are you spending hours trying to map the mutual connections of your #PersonsOfInterest? Waste no more precious time on manual searches! With #Maltego, you can track your suspects' common social media connections with just one click.

Don't have Maltego yet? Get started NOW: https://www.maltego.com/pricing-plans/?utm_source=mastodon&utm_medium=social&utm_campaign=GOV&utm_content=maltego.com