Firstly, we would like to wish our readers a very happy New Year and to welcome you to our first OSINT Tool Review article for 2022!

In this article, we will delve into the world of Maltego. For the benefit of our readers who have yet to learn about Maltego, it is an OSINT and graphical link analysis tool that is used for collecting and connecting information for the purpose of creating intelligence and automating digital Investigations. Maltego is used extensively by several law enforcement organisations in addition to security analysts, investigative journalists, and researchers. Among the wide range of capabilities that Maltego has, an important one is the capability to create and integrate Transforms – small pieces of code that will automatically collect data from different sources and display the results within Maltego’s native link analysis chart. Several popular and regularly used OSINT Transforms can be integrated with Maltego from within the platform itself via the Transform Hub. However, many other external Transforms – such as Maigret – can be found on Github or Gitlab. With that in mind, we will now introduce the Maigret Transform – a very capable and effective utility that can be used to investigate usernames across over 2000 online sources including social media. Earlier in July 2021, we wrote about the Maigret utility that can be used within the Python command-line interface. However, the Maigret Transform brings a whole new and exciting range of benefits and capabilities to the Digital Investigator including the benefit of running the utility from a few simple clicks of a mouse button rather than invoking several commands within the command-line interface. Additionally, being a graphical link analysis tool, Maltego will neatly display the Maigret Transform’s results within a real-time and readable format.

So, what is Maigret? It is a highly effective Python-based utility that enables digital investigators to collect a dossier on a person by username only, and without the need of an API. The full list of sites that Maigret currently scans across can be accessed from this link. However, the primary websites that the utility will query include the following:

•  Google Maps
•  Google Plus (archived)
•  GooglePlayStore
•  YouTube (social media)
•  Facebook (social media)
•  Wikipedia
•  Reddit (social media)
•  VKontakte (social media)
•  BongaCams (adult)
•  Instagram (social media)
• Ebay (online marketplace)
•  Twitter (social media)
•  Odnoklassiniki (social media)
•  ChaturBate (adult)
•  Livejasmin (adult)
•  Pornhub (adult)
•  TikTok (social media)
•  Xvideos (adult)
•  xHamster (adult)
•  Telegram (instant messaging and social media)
•  Tinder (online dating)

The Maigret Transform for Maltego is undoubtedly a highly valuable utility for digital investigators. Integrating the Transform within Maltego is very easy. However, for the benefit of novice users, the developer of Maigret and the team at Maltego have each developed a series of comprehensive instructions that will most certainly help digital investigators get started with the utility. Once integrated and correctly configured, the Maigret Transform can be run within Maltego by using the drag-and-drop interface to place an ‘Alias’ Entity onto the graph window. The target username should then be indicated within the Entity, and then initiated by right-clicking on the Entity and selecting the Transform. From here, the digital investigator can visualise the results of the search in real-time, and within a very neat link analysis format. Going even further, the digital investigator now has the capability of using additional Maltego Transforms to further scrutinize and investigate the results of their initial search.

Like the command-line interface version of the Maigret utility, the Transform also scrapes and stores any metadata associated with search results. However, the Transform does not produce the Maigret custom report. That said, this feature is considered redundant when taking into account Maltego’s own reporting capability that allows Investigators to produce a PDF report complete with a snapshot of the link graph.

To bring this review to its natural conclusion, we at OS2INT must say that Maigret – when combined with Maltego – is a very powerful tool for digital investigators. However, the capabilities that lay behind the Maigret Transform are almost certainly driven by the automated data collection capabilities and neat graphical interface that Maltego provides. Over the course of the festive season, we ran several tests using the Maigret Transform within Maltego, focusing on several usernames associated with organized criminality in Scandinavia, the results of our tests uncovered several instances where the same usernames had been registered on other web pages. The outputs generated from the Transform were investigated even further by using additional Transforms. All-in-all, both the Maigret Transform and Maltego come with our highest recommendation – to the extent where our readers will see additional reviews of OSINT Transforms for Maltego throughout the course of the year. Stay tuned!