Skip to main content

Posts

Showing posts from 2011

Racing against time the developers...CaseFile (OSX)

Racing against time the developers knew that the entire IC was watching, constantly refreshing the Paterva blog and Twitter feed for news of the CaseFile (beta) OSX release. With blood running from their raw fingertips they put the final touches on the DMG package and SCP-ed it across the intertubes to the Paterva website. It took a while to get there but when the upload finally finished there was a sense of achievement  and accomplishment around the office. The devs looked at each other, their eyes still wide from the adrenaline rush of putting out yet another release.

Tomorrow they will back at their desks again, changing the world of intelligence gathering one line of code at a time.

You can play/look at/use their work by simply clicking on the link below:
[Maltego CaseFile (beta) build 1950 DMG]


More details about Maltego CaseFile and Maltego 3.1

So far we've had very positive feedback on [Maltego CaseFile]. We've had the same questions from various people and I've decided to put the answers here on the blog:

Q: Will CaseFile be available for OSX and Linux?
A: Yes. We will have an OSX version very soon - hopefully within this week. Like the Win version, it's still beta. If there is enough interest in a Linux version (beta) we'll put one together.

Q: When is the official release of CaseFile?
A: Hopefully early in 2012.

Q: Will Maltego 3.1 have the same features as CaseFile?
A: Yes, and if you have a license you get a free upgrade from 3.0.4 to 3.1. Out of the box Maltego 3.1 will not come with all the CaseFile entities, but you will be able to export them from CF to 3.1 as you need them. You will be able to open CF graphs in 3.1 and use transforms on CF entities as always.

Q: What do you mean CaseFile will be"almost free"?
A: We will sell CaseFile for around $200 per copy - perhaps in batches of 5. If you …

Maltego CaseFile Beta released

We are proudly releasing Maltego CaseFile Beta today. Yup - after some time we feel CaseFile is ready to see the light. And best of all - it's free - no registration, no silly forms or CAPTCHAs - just download and go.

CaseFile is aimed at analysts that do not necessarily use open sources of intelligence (or even the Internet for that matter). Think of it as Maltego without transforms but with tons of new features. Adding/attaching photos, documents and annotations to nodes, graph merging, better integration with browsers, passwords on graphs, and tons of new useful entities - and this is just a few of the goodies we've added into CaseFile.

To get a better idea of what CaseFile is and where it fits in with Maltego (as well as our future plans with it) we've made a 10 minute demo video on it - here you can see features explained and demonstrated in real time:



The download links for CaseFile beta:
[ 32 bit (with JRE)]
[ 64 bit (with JRE) ]

Let us know what you think of Case…

New Maltego video (SQL DB integration), new web front page

We've made another video - yes I know we said we'll stop at five, but we've realized that we never ever showed anyone our [SQLTAS] (blame it on the lack of salesman genes). So - just before our year end function Andrew and I whipped up another video. We shot it here in the office and it deals with hooking Maltego onto SQL databases. It's added to the [Youtube playlist] as video 6.

We've also changed the front page of [our website] - it now shows some stills from the videos and I think it looks rather nice. We are thinking of putting all of the videos (in yummy 720p) on a DVD that we'll give away for free (minus cost). We noticed that many of our clients don't have Internet access at work....;) If you are interested in this [let us know].


We're doing 91% fine thanks - Sectools & Blackhat

We don't get out much. In our line of business we rarely get to speak to people face to face (expect when we train). To determine if your business is doing OK you look at comments from people - on Twitter, forums, in mailing lists or direct email. You look at number of downloads, number of licenses sold. You look at the number of pageviews on your website and this blog. Every now and then a number comes along that's just a little bit more important.

Sectools

The [SecTools Top 125 tools] is like the Oscars for security tools. Right - everyone knows that it's impossible and unfair to compare the [traceroute command] (21) to [Google] (26) or [VMware] (43) to [Python] (23), but this list is a start. It's an indication. The the survey ran in 2000, 2003, 2006 and now in 2011 (unless I missed one?).

So how did we do?

In a nutshell - pretty OK. Overall [Maltego] made number 34 (of 125). If this was an exam we'd have 72.8%. We were voted nr. 1 in the [Forensics] category - …

Extending Maltego - video tutorial nr 5.

After being almost hit by Highveld lightning we've decided to call it quits on making more Maltego videos for now. But we did produce a final one for 2011 - it's all about extending Maltego with your own custom entities and transforms. Having the patience of a saint Andrew will explain to you exactly how it's done - in 15 minutes.

The link to the video is [here] or you can click below:

Maltego Casefile - icons finally here!

Our icons arrived this week. This is gooood news - it means we can release the beta of CaseFile very soon - probably this coming week.

Here is a screenshot of what's to expect - we haven't properly named the entities yet but you'll get the idea. There are 61 new icons - most of them related to Law Enforcement.

Watch this space!
RT

Maltego and social networks [video tutorial nr.4]

We've made another tutorial video - this time showing how Maltego can be used to link infrastructure and people. For social network resolving we're using [SocialNet from PacketNinjas].

Personally I am way pleased with the way the intro and extro (is that even a word?) came out. It was taken in a pretty large open room, so there's a bit of echo, but if you use headphones it should be fine.

Video is [here], or click below:



We've made these videos to show you how we use Maltego - hopefully it would be useful to you. Let us know!

Enjoy,
RT

Using Socialnet + Maltego to visualize social sphere of influence.

Used Socialnet to visual my Facebook friends (plus second order) in Maltego. Interesting that you can group people purely on their location in the graph - in organic view. Click on the picture above to enlarge, and you'll see what I mean!

'later,
RT

Maltego Video Tutorials

Hi guys,

We have seen a great number of Maltego videos coming out in the last few months and we have been really impressed with some of things you guys are doing. As such we have decided to create some of our own to help people better use and understand the tool!

We originally thought we could do this via the userguide section on our website - www.paterva.com/web5/documentation/userguide.php. However, we have still seen a number of users struggling with the basics (in videos, writeups as well as email) and we really want to get everyone past these stumbling blocks and onto the true power of Maltego.

We have had a whole week of making videos (which is a pain since one of us has to be in a video and the other one has to edit them all!). Thus we present to you under a shower of rainbows and unicorns our 3 latest Maltego videos. Each one of the videos deals with teaching some aspects of the tool and also gives an interesting sample case.

Sit back and enjoy the videos



Mapping Google websites to…

Importing data into Maltego

@Viss - you make us sad bears with your question on importing. So I decided to make a quick blog post on how to get data into Maltego.

The right way (import)
The commercial version of Maltego has support for visualizing spreadsheets. You can also use this to simple import a single column of data. Let's say you want to import only names. Then it goes a little like so:





Click on the picture above to see what's actually going on. Importing data this way seems like a lot of effort, but it's really useful. Why? Because it allows you to import multiple columns and make a real graph. Imagine you had phone numbers as well - then you could easily end up with this (skipping the boring bits):



You can "chain" any number of nodes together - in this case we've only used two.
The quick wayYou can import entities into Maltego (also in the community edition) by copy and pasting it from text. Usually Maltego does a great job of figuring out what it is that you are pasting - but you…

Maltego CaseFile - real soon now...

By now you should know that when we show splash screens here on the blog we are way close to a release. This is true for CaseFile too. We are basically waiting on the icon guys and the fixing of small (mostly cosmetic) bugs - and then we'll release. Watch this space, because the next post will be all about CaseFile.

Crisp out,
RT

A picture is worth a thousand words.

Think bookmarks, annotations, attachments. Merging graphs. Soon.

Maltego Update Pack!

Introduction

I know it really has been a while since we last updated anything or made a new blogpost (almost a month!) but things really have been crazy around here! Roelof has been away at 44con and should be making his way to the airport as you read this. It seems to have gone phenomenally well with one of the attendee's referring to him as 44con's "blue eyed boy". Additionally the guys over at Pinkmatter are frantically working on the new releases (3.1, CaseFile and the 4.0 branch!). Those of you lucky enough to attend 44con got to see the sneak peak of 4.0 and our ideas for it. Those of you not lucky enough will have to wait until Roelof decides its time for another video :)

But on with the updates! We have been slowly pushing transforms to the commercial and community users, however today we are unleashing all 50 (yes, 50) transforms! And as we speak I am uploading a document that covers the majority of them. All of them were developed using the TDS ( https://www.…

And we're back...

After a bit of a struggle to regain control of this blog (think Google account issues..:|) we're back on track.

We came back some days ago from Las Vegas where we've trained on Maltego. It was great fun - expect for the very first day when our Internet connection went down. Attached is a photo of our training poster. We desperately wanted to take the poster back to South Africa, but we forgot. Hmm..I wonder why. You can also see a short video I made of the prep, training and parties [here].

But Vegas is done and dusted. Next up is [44Con] and then [SANS]. Both in London. We're really looking forward to it. Speaking of forward - here are some tentative schedules for new Maltego releases.

Maltego 3.1 - Releasing soon after 44Con. Think Octoberish. TONS of new features. I'll make a separate post for it when we're closer to the time. Note that this is a major release - it's not 3.0.5. The 3.1 release will be the first step to take us to version 4.0.

Also - in our…

Maltego 304 CE is out!

Hey ladies,

First off, happy Easter and all that, hope you have a great holiday :)

Onwards to 88mph! Maltego CE has finally been updated to be almost in sync with the commercial version, which means you get most of the tasty treats we put into the paid-for version for free! Think manual linking, link labels, copying to new graphs and all the updates you may have read on the blog.

But wait, if you phone within the next 15 minutes there is more! We also _FINALLY_ have an OSX version for Maltego Community Edition - now all your shiny Mac's can have shiny free Maltego's! (Not for commercial use, restrictions apply, one copy per customer, discount coupons do not apply, subject to in-store activation, cannot be used with free minutes, Void if modified, copied, reproduced, transferred, purchased.)

We have also created a Facebook page where we can have some fun, maybe sneak out beta releases (like we did for this one) and interact a bit more with the community. Please like our page and be…

Maltego CE (3.0.4) soon - for BT5 and OSX too!

How many people have downloaded, installed and registered the community edition of Maltego? Let's take a peek:

+----------+
| count(*) |
+----------+
| 29197 |
+----------+

And that's from July 2010 - which is ... more than 100 activations PER DAY.

We saw this number a couple of days ago for the first time and we were blown away. Based on it we decided to update the Maltego Community Edition and we're in the final stage of testing it. It will update the CE version to the latest commercial edition - that's 3.0.4. It means you get to play with almost all of the commercial features and bug fixes that we've made (that's 4 releases worth of goodness). Expect *massive* speed increase, support for large graphs, manual linking, link labels, tons of bug fixes etc. As as always you can load and save graphs, create and share your own entities and use our [TDS] to code and share your own transforms.

Also just some minutes ago we chained the Social Media and Infrastructure seed…

Maltego 3.0.4 Update 1

Hey guys,

We noticed there are a few bugs in the last update and our superstar dev team managed to quickly resolve so feel free to pull the latest release.

Changes (since rev1409):
Correctly assign category of new entity spec to entity spec instance. (Fixes exporting of new entities)Fixed import of exported 3.0.3 entities (entities without exported categories) in 3.0.4. Fixed auto discovery finding updated transforms after those transforms were run (V2 matching rule was only set once transform was run).Fixed transforms being removed when only a few transforms were updated during auto discovery. The biggest fix was just the importing of entities - it looks fantastic now and we are loving the ability to export your entire Maltego config and set it up on another instance.

Get it as always over at http://www.paterva.com/web5/client/download.php#Commercial

Cheers,
Andrew

Maltego 3.0.4 has just gone live...

Hi there,

We've have just uploaded Maltego 3.0.4! New splashscreen, [CSV, XLS direct import], export entire Maltego configuration, some minor bug fixes and all the usual goodness you come to expect from a new Maltego release. Go [grab] it now!

Enjoy!

CSV,XLS(X) import in Maltego 3.0.4

We will be releasing Maltego 3.0.4 next week! It looks, feels and smells the same as 3.0.3. In fact, you might ask why we even bothered with a new release. The answer - CSV/XLS/XLSX import. Lots of people asked for it, and here it is!

Our spreadsheet importer is not perfect but I think it's a good start. As per usual we've had lots and lots of features that we could have implemented but didn't due to time constraints. We want to rather release something that is useful -but perhaps not perfect - than not releasing anything at all. If you like it let us know and we'll add features as we go along.

So - enough blah blah - let's see how it works. You start by clicking on the application button and go to the Import section.


You'll see there is a new option called 'Import graph from table'. This will take you to the file selection menu where you can choose the file to import (CSV, XLS, XLSX supported):

Once you've chosen the file to render you need to select …

New Maltego product and 3.0.4 release dates

Hi there,

It's been a while. Sorry for that - we're slacking. Actually - we've been busy doing a couple of conferences. In February Chris and Andrew spoke at [IT Defense] in Frankfurt and a week later I spoke at [Hackcon] in Oslo. And we're getting ready to do Maltego [training] and a 3 hour [workshop] at BlackHat Barcelona. So there's that as an excuse. But this post is not only about excuses. No - after an awesome breakfast meeting at [Barn52] we've come to an agreement on the roadmap for Maltego in 2011 and I would like to share some of it with you, the reader..;)

Maltego 3.0.4 should be ready for release at the end of March 2011. The major feature in 3.0.4 is the direct import of spreadsheet files. Yup..eventually we get to do that - input is a spreadsheet and output is beautiful graph. Also think import and export of the entire Maltego configuration and license expiry notification (but those don't really count compared to XLSX and CSV import).

Once that…

Maltego 3.0.3 - It's Alive!

Finally the slog is over, the performance release is here! This has to have been one of the easiest release schedules we have managed, besides for some small scale [flooding of the roads near us] this still counts as office hours.

This release offers a fantastic amount of stability and most importantly speed to Maltego - the devs have done an absolutely marvelous job! +++ to the Pienkies!!

Also - Roelof has edited our mangled together user guide and built a massive document describing all of the transforms. He even managed to slay some pretty hefty Word style dragons to get it here, so don't forget to [check it out] too. The updated Maltego user guide (looking very grown up) can be found there as well.

Finally - [get 3.0.3 now] - faster than you can scream "Lerooooy Jenkins!!"

-AM

Maltego 3.0.3 release date

Hiya,

We're happy to announce that, if all goes according to plan, we'll be releasing Maltego 3.0.3 this coming Monday. What's new in 3.0.3 you may ask? A lot of bug fixes, and a loads of speed and performance improvements. But if we just say it you won't believe us. So for the first time - here is the raw, unedited changelog (in a small font, because it takes a lot of space)

Fixed speed issues in the Detail View caused by the quick filter. Let the Detail View update asynchronously to keep the GUI more responsive. Improved the speed of invert selection. Small painting speed improvement Improved the “get property from name” speed of Properties. Added a warning message and a “Show” button to the Properties View when more than 1000 nodes are selected. Greatly improved the speed & memory usage of the family selection actions. Performance improved when relayouting graph when transform results return (Mining view) Do not r…

Maltego Splash Screen Competition

Hey guys,

Due to some inter-office disagreement (ED C'mon let's be realistic - mine WAS really better if you think about it now) regarding the splash screens we have decided to open it up to the public in the form of a competition.

Basically, send us your awesomely crisp 380x320 px splash screen that you think will suit our fantastic new performance release (3.0.3). In return, if we decide to pick your splash screen you'll get a free one year license for the commercial product and your art work will be the first thing anyone sees when opening Maltego!

Dust off your Corel, Gimp and Photoshop and send your splash screen(s) to splashcompetition@paterva.com

-AM