JayHill
8 min readJun 30, 2017

--

Maltego & Recon-ng

“A Side by Side Comparison & How-To Guide”

note this is outdated working on a new story

Finding a Website

About a month ago I was at a friends house playing video games while he was carelessly browsing the Internet. A random person messaged him on Twitter asking him to visit a sketchy website! My friend a (computer hacker) laughed as he visited the site, he knew instantly that this spammer/catfisher was using this website to try and capture people’s credit card information and potentially use it later to steal their identity or personal information. My friend exclaimed wouldn’t it be funny to find out who this person is and make a fool out of them? Well I did think it’d be funny & also a good learning experience. So I did research and ran across three great tools that would help me solve this mystery and find out who this person was behind these sites. Maltego, Recon-ng and Whois.com a lookup service are the three great tools I ran across when researching social engineering and reconnaissance. I wrote down the sketchy website and got back to my friend a few days later with not only the alias of the person who made the site but also their email address, phone number, physical location, and multiple other websites attached to this persons email and alias. I downloaded Maltego & Recon-ng and ended up finding out tons of information about this spammer whom me and my friend still plan to prank call…! Here’s how I did it and how you can do it too!

What You’ll Need

  • A System Running Kali Linux
  • Maltego Kali Linux Edition 4.0.11( to install open terminal and type: “apt-get install maltego”)
  • Recon-ng (to install open terminal and type: “apt-get recon-ng”)
  • A Website address of interest.

Maltego

  • User interface
  • Visual Graph of data
  • Ability to create a PDF report of findings

Recon-ng

  • Command Line Tool
  • Ran smooth and quickly
  • Ability to generate report of findings

--

--