Simple play icon Course

Technical Information Gathering with Maltego CE 4

by Ricardo Reimao

One of the most important phases in a red team engagement is the information gathering prior to the attack. In this course, we explore the Maltego CE tool, which will help you to collect technical and people information from your target.

What you'll learn

Performing an extensive information gathering about your target is crucial in a red team engagement. You should have as most information as possible about the technology and people in your target organization. In this course, Technical Information Gathering with Maltego CE, you will explore one of the most well-known information gathering tools amongst red team professionals, the Maltego framework. First, you will learn the basics about the tool and how Maltego uses its Transforms to collect data about our targets. Next, you will explore how to collect technical information such as DNS subdomains, IP addresses, and even the location of your target servers. Finally, you will see how to collect information about the people that work in the company, including collecting email addresses from employees as well as researching if accounts from the company were leaked in previous data breaches. When you are finished with this course, you will have the skills and knowledge of the Maltego CE needed to gather technical and people information from your target organization, covering three important tactics from the MITRE PRE-ATT&CK framework: Determine domain and IP address space (T1250), Conduct passive scanning (T1253), and Identify People of Interest (T1269).

About the author

Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 14+ years of IT experience, 10 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.

Ready to upskill? Get started