Skip to main content


Showing posts from November, 2011

Racing against time the developers...CaseFile (OSX)

Racing against time the developers knew that the entire IC was watching, constantly refreshing the Paterva blog and Twitter feed for news of the CaseFile (beta) OSX release. With blood running from their raw fingertips they put the final touches on the DMG package and SCP-ed it across the intertubes to the Paterva website. It took a while to get there but when the upload finally finished there was a sense of achievement  and accomplishment around the office. The devs looked at each other, their eyes still wide from the adrenaline rush of putting out yet another release.

Tomorrow they will back at their desks again, changing the world of intelligence gathering one line of code at a time.

You can play/look at/use their work by simply clicking on the link below:
[Maltego CaseFile (beta) build 1950 DMG]

More details about Maltego CaseFile and Maltego 3.1

So far we've had very positive feedback on [Maltego CaseFile]. We've had the same questions from various people and I've decided to put the answers here on the blog:

Q: Will CaseFile be available for OSX and Linux?
A: Yes. We will have an OSX version very soon - hopefully within this week. Like the Win version, it's still beta. If there is enough interest in a Linux version (beta) we'll put one together.

Q: When is the official release of CaseFile?
A: Hopefully early in 2012.

Q: Will Maltego 3.1 have the same features as CaseFile?
A: Yes, and if you have a license you get a free upgrade from 3.0.4 to 3.1. Out of the box Maltego 3.1 will not come with all the CaseFile entities, but you will be able to export them from CF to 3.1 as you need them. You will be able to open CF graphs in 3.1 and use transforms on CF entities as always.

Q: What do you mean CaseFile will be"almost free"?
A: We will sell CaseFile for around $200 per copy - perhaps in batches of 5. If you …

Maltego CaseFile Beta released

We are proudly releasing Maltego CaseFile Beta today. Yup - after some time we feel CaseFile is ready to see the light. And best of all - it's free - no registration, no silly forms or CAPTCHAs - just download and go.

CaseFile is aimed at analysts that do not necessarily use open sources of intelligence (or even the Internet for that matter). Think of it as Maltego without transforms but with tons of new features. Adding/attaching photos, documents and annotations to nodes, graph merging, better integration with browsers, passwords on graphs, and tons of new useful entities - and this is just a few of the goodies we've added into CaseFile.

To get a better idea of what CaseFile is and where it fits in with Maltego (as well as our future plans with it) we've made a 10 minute demo video on it - here you can see features explained and demonstrated in real time:

The download links for CaseFile beta:
[ 32 bit (with JRE)]
[ 64 bit (with JRE) ]

Let us know what you think of Case…

New Maltego video (SQL DB integration), new web front page

We've made another video - yes I know we said we'll stop at five, but we've realized that we never ever showed anyone our [SQLTAS] (blame it on the lack of salesman genes). So - just before our year end function Andrew and I whipped up another video. We shot it here in the office and it deals with hooking Maltego onto SQL databases. It's added to the [Youtube playlist] as video 6.

We've also changed the front page of [our website] - it now shows some stills from the videos and I think it looks rather nice. We are thinking of putting all of the videos (in yummy 720p) on a DVD that we'll give away for free (minus cost). We noticed that many of our clients don't have Internet access at work....;) If you are interested in this [let us know].

We're doing 91% fine thanks - Sectools & Blackhat

We don't get out much. In our line of business we rarely get to speak to people face to face (expect when we train). To determine if your business is doing OK you look at comments from people - on Twitter, forums, in mailing lists or direct email. You look at number of downloads, number of licenses sold. You look at the number of pageviews on your website and this blog. Every now and then a number comes along that's just a little bit more important.


The [SecTools Top 125 tools] is like the Oscars for security tools. Right - everyone knows that it's impossible and unfair to compare the [traceroute command] (21) to [Google] (26) or [VMware] (43) to [Python] (23), but this list is a start. It's an indication. The the survey ran in 2000, 2003, 2006 and now in 2011 (unless I missed one?).

So how did we do?

In a nutshell - pretty OK. Overall [Maltego] made number 34 (of 125). If this was an exam we'd have 72.8%. We were voted nr. 1 in the [Forensics] category - …

Extending Maltego - video tutorial nr 5.

After being almost hit by Highveld lightning we've decided to call it quits on making more Maltego videos for now. But we did produce a final one for 2011 - it's all about extending Maltego with your own custom entities and transforms. Having the patience of a saint Andrew will explain to you exactly how it's done - in 15 minutes.

The link to the video is [here] or you can click below: