...with Dr Sheldon Cooper, Dr Amy Farrah Fowler and the new Maltego 4.2 Entity Overlays!
Tuvalu’s flag contains the Union Flag in the upper left, with a sky-blue background and nine stars representing the nine islands that form part of Tuvalu. The nine stars are geographically correct, if you point the top of the flag towards the east.
The flag of Lesotho has three horizontal bands of blue (representing rain), white (representing peace) and green (representing prosperity). In the centre there is a black Mokorotlo, a traditional Basotho hat. The current flag replaced the previous more militaristic flag in 2006, reflecting a nation in peace with itself and its only neighbour.
The flags of both Tuvalu and Lesotho are now part of Maltego, along with almost all other countries and independent territories. From version 4.2.0 onwards, you can now add flag icons to entities, and the standard Location entity has been updated to include this feature.
Now, if you set the “Country Code” property of a Location entity to the correct value, a flag icon will be added as an overlay of the entity on the graph, just like in the examples above.
But flags are not the only new overlays that we can add to graphs… Actually, there is a whole new mechanism at work that you can exploit for your own entities (more on this later).
Website IconsFavicons (pronounced ‘fav-ih-con’ in both British and American English) are those tiny little icons that a web-browser can show in the tab next to the title of a website or in the bookmarks (as in favourite icon). One of the ways a browser can find the icon, is by looking for a “favicon.ico” file in the root folder of a website, e.g. http://www.google.com/favicon.ico.
The new standard Website entity in Maltego 4.2.0 has been updated to use a calculated property that will automatically map to this icon if it exists. The calculated property is derived from the main-property of the entity, namely the FQDN, with a “/favicon.ico” extension attached. This icon is then mapped to the south-west overlay position as an image. Have a look at the new Entity specification of the default Website entity in Maltego:
The result is that you can now visually identify websites from the entity on the graph itself:
This feature is limited, of course, as it does not read any of the meta-tags nor perform more advanced interpretations of the URL, but it should work in most cases where the entity-value refers to a root location.
But wait, there’s more…
Advanced overlays for your own entitiesAs you may have noticed by now, Maltego has received an overhaul of the overlays system, and apart from the built-in flags and the new image-overlay positions, you now also have the option to add text and a splash of colour next to the entity icons.
To illustrate all the new features, let’s create a new custom entity: Employee. Properties of our employee entity will be:
- Favourite Colour
Features of our new entity will be:
- The Gender and Job properties will be combined into a new Calculated property, and represented with an icon instead of the default icon;
- The employee’s age will be printed along the top of the entity icon;
- The flag of the person’s nationality will be added to the side; and
- The employee’s favourite colour will be added as a colour swatch above his name.
Finally, we set up the overlays on the new Display Settings tab, like this:
Note that you can set, for each overlay, whether it should be interpreted as text, an image, or a colour.
At last, our new entity is ready. But before we can try it out, we need to also add a few custom icons to Maltego, and this can be done using the Icon Manager (under the Entities tab):
The icons are available from Google’s Noto Emoji, which can be found here: https://github.com/googlei18n/noto-emoji.
Finally, we can try out our new entity.
And here are a few more examples:
With great power comes great responsibility and maybe too many overlays are too much of a good thing, but I am sure you get the picture. 😉
You can download a Maltego MTZ file that contains the icons and Employee entity for you to reference here.
Happy flag-hunting, colour-splashing, and icon-bashing!