Skip to main content

Posts

Showing posts from 2012

Manually linking one node to multiple others

Someone asked support@paterva.com: "It is very tedious to put five thousand arrows of emails to a single identity. Is there any way to make this easier?" There is indeed an easier way and I thought I'd put the recipe out here on the blog:

Follow these easy steps to link many nodes to a single node:
Select the many nodes.Move the mouse pointer so that it hovers over the single node, but don't select it.Left click on the single node AND hold the left click button in.Drag a line to any of the many nodes. The single node will now be linked to the many nodes with multiple links, but the link direction must be inverted.

We now need to select all these links and invert their direction. To do this:
Select the single node.On the ribbon go to Investigate -> Select links -> Outgoing. You can also do this by holding control and dragging a box around the links.On the ribbon - Investigate -> Reverse Links.Voila! For those that need pictures - here they are:








Coolness coming in the next Maltego Radium update

Hi there,

We're planning to release another update to Radium before the end of the year. Also we're very much hoping to release a community edition of Radium at the same time. Send Redbull, cupcakes and vitamins and we might just make it!

One of the new features in the update is 'Find in Files'. It's pretty cool because it means if you have a group of analysts working together (and you are saving your files on a share somewhere (hey, we should try it with DropBox)) you can now easily search through all of the graphs and create a merged graph of everyone's work that matched your search terms. It will even try to open encrypted graphs with provided passwords!

Attached some boring looking screen shots. The feature works pretty well already:




In the last screenshot you'll see that we now provide you with the ability to add metadata to your graph which is useful when browsing FiF (Find in Files) search results.

And now for something completely different

Another f…

Victor Viktor / Next new feature for Maltego

This week we created a new video - mostly just because we like making videos and having fun. It shows how to verify email addresses by hand and with Maltego. Sure, it only works on some mail servers, but it's a fun and useful trick when it works. 
The video has an extended intro that features Agent Smith and Agent Fox - two pretty incompetent law enforcement officers trying to compromise a target using a sexy waitress and two dodgy USB memory sticks. And hey - it's *supposed* to be goofy/cheesy and over the top. Click below to watch:


In other news we've also decided that proper graph sharing / collaboration will be the next feature we'll implement in Maltego. It means you'll have the ability to work on a single 'investigation'/graph with all of your friends across the Internet or LAN. The emphasis in the design was 1) strong crypto on the P2P traffic 2) ability to share graphs anonymously 3) ease of use. We think we got something that will satisfy all of th…

Hailstone sequences visualized in Maltego with machines

Some days ago Glenn (from SensePost) talked to me about an interesting concept he has seen regarding convergence in Wikipedia. He wanted a way to visualize it and I gladly helped him with Maltego and some machines. It's his story to tell - so I wont.

Then - literally a day later I was reading XKCD and saw this:


I had the concept already in Maltego with machines (for Glenn's experiment) - I just needed the transform. I spoke to Glenn - he was up for hacking it together (I am lazy that way) and sure enough - 15 minutes later graphs were forming. The machine I used looked like this:

machine("axeaxe.Collatz",
        displayName:"Collatz",
        author:"RT",
        description: "Just playing") {

        onTimer(1) {
            type("maltego.Phrase",scope:"global")
            outgoing(0)  
            value("1",invert:true)

            log(">",showEntities:true)
            run("paterva.v2.Collatz…

Some transform news

Hi there,

We've fixed the PGP transforms - it seems that stinkfoot's PGP section decided to die - so we've moved it over to MIT's PGP key server.

This has been fixed in the 3.1.1 community and commercial editions - to see the changes simply rediscover the transforms. To manually fix (if you're still using 3.1.0 or older) you can go to the Manage tab, Manage transforms, type in 'PGP' in the search bar at the top right, select all transforms (control A), and at the PGP server URL replace http://stinkfoot.org:11371 with http://pgp.mit.edu:11371 and press Enter.

We've also added a transform on the TDS that will look at a Twitter affiliation and give the last couple of locations (if the user has enabled that) as well as the technology used to update Twitter (eg TweetDeck, UberSocial or just 'web' when it's via the Twitter web interface). This transform is called ToTwitterUserGEO. To see it in action use a phrase like 'ParisHilton', conver…

Maltego X in Iceland

Those of you that knows me would know that I rarely get excited about something. I am that 'the bottle is half empty' person - cynical and dry. And I rarely make personal posts on this blog. But somehow I am totally amped about the conference in Iceland.

It's at the end of August - it gives us plenty time to prepare something really special for a really special conference. It gives us time to build Maltego version X (be that 3.2 or 4.0, time will tell). And we're all commited to have it release ready for NSC.IS

We know what will be in the release - it's *really* special, new, innovative. In fact, I haven't felt so excited about something since we've build the first 5 transforms in 0.1 and saw the concept works. Guarenteed it will change the way you think about and work with Maltego.

I am taking the entire team to Iceland. And (hopefully) we'll all be training students on the brand new version. It's going to be something really special.

RT

Recx Maltego 3.1 Image Forensic Transforms

Hey guys,
I just got word from the team over at Recx that they are offering a discount to all Maltego users for the launch of Maltego 3.1.
The product they are offering is the Recx GPS Image forensics package which allows Maltego users to work with local image data to identify key relationships between images such as: Images taken in the same location.Images taken in the same location but with different devices.Images taken in the same location but altered via software.Search for images taken in a certain location across your acquired set Take a look at it in action below or view their blog post for a complete breakdown!

They are offering a discount of £40 (from £95.99 to £59.99!) if you use the coupon code 'maltego31launch'.
Check it out now at http://www.recx.co.uk/recxexifgpsimageforensicsformaltego.php
Do the twist -AM