Maltego is another OSINT tool that can gather a wide variety of information on public resources. Unlike theHarvester and Recon-ng, Maltego has a full GUI to help users visualize the gathered information and compare it to other sets of information. It features an extensive library of "transforms," which automate the querying of public sources of data.
Some types of OSINT that these transforms enumerate include:
- People's names.
- People's and company's phone numbers.
- People's and company's physical addresses.
- Network address blocks.
- Email addresses.
- External links.
- DNS records.
- Subdomains.
- Downloadable files.
- Social media profiles.
- And many more.
The results of querying are placed in node graphs where links are established between each node. This enables the user to analyze how two or more data points may be connected. For example, if you run a transform on a domain, Maltego can place that domain at the top of a tree hierarchy with several branching links to other resources under that domain, like subdomains enumerated through DNS. Under these subdomains might be IP addresses and address ranges. In a more people-oriented search, the resources that branch off the domain might include personnel phone numbers, email addresses, etc. Maltego provides more than just hierarchical layouts; you can also show objects in a circular layout, block layout, organic layout (minimal distance between entities), and more.
Note that Maltego is proprietary software and comes in several editions. Maltego CE is the free edition, but requires you to register with a Maltego Community account to take advantage of a limited set of available transforms.