You have been redirected from paterva.com. Maltego.com is the new home for all information regarding Maltego products. Read more about this in a message from the Paterva team and in this blog post and FAQ. close

Investigating Usernames Using the Maigret Transform for Maltego

In this article, we will delve into the world of Maltego and the Maigret Transforms.

For the benefit of our readers who have yet to learn about Maltego, it is an OSINT and graphical link analysis tool that is used for collecting and connecting information for the purpose of creating intelligence and automating digital Investigations. Maltego is used extensively by several law enforcement organisations in addition to security analysts, investigative journalists, and researchers. Among the wide range of capabilities that Maltego has, an important one is the capability to create and integrate Transforms—Small pieces of code that will automatically collect data from different sources and display the results within Maltego’s native link analysis chart.

Several popular and regularly used OSINT Transforms can be integrated with Maltego from within the platform itself via the Transform Hub. However, many other external Transforms—such as Maigret—can be found on Github or Gitlab.

The Maltego Maigret Transform 🔗︎

With that in mind, we will now introduce the Maigret Transform—A very capable and effective utility that can be used to investigate usernames across over 2000 online sources including social media.

Earlier in July 2021, we wrote about the Maigret utility that can be used within the Python command-line interface. However, the Maigret Transform brings a whole new and exciting range of benefits and capabilities. This includes the benefit of running the utility from a few simple clicks of a mouse button rather than invoking several commands within the command-line interface. Additionally, being a graphical link analysis tool, Maltego can neatly display and visualize the Maigret Transforms’ results within a timely and easy-to-read manner.

So, what is Maigret?

Querying Usernames Across Over 2000 Online Sources 🔗︎

Maigret is a highly effective Python-based utility that enables digital investigators to collect a dossier on a person by username only, and without the need of an API. The full list of sites that Maigret currently scans across can be accessed from this link. However, the primary websites that the utility will query include the following:

  •  Google Maps
  •  Google Plus (archived)
  • GooglePlayStore
  • YouTube (Social media)
  • Facebook (social media)
  • Wikipedia
  • Reddit (social media)
  • VKontakte (social media)
  • BongaCams (adult)
  • Instagram (social media)
  • Ebay (online marketplace)
  • Twitter (social media)
  • Odnoklassiniki (social media)  
  • ChaturBate (adult)
  • Livejasmin (adult)
  • Pornhub (adult)
  • TikTok (social media)
  • Xvideos (adult)
  •  xHamster (adult)
  • Telegram (instant messaging and social media)
  • Tinder (online dating)

Using the Maigret Transform in Maltego 🔗︎

The Maigret Transform for Maltego is undoubtedly a highly valuable utility for digital investigators.

Integrating the Transform within Maltego is very easy. For the benefit of novice users, the developer of Maigret and the team at Maltego have each developed a series of comprehensive instructions that will most certainly help digital investigators get started with the utility.

Once integrated and correctly configured, the Maigret Transform can be run within Maltego by using the drag-and-drop interface to place an Alias Entity onto the graph window.

The target username should then be indicated within the Entity, and then initiated by right-clicking on the Entity and selecting the Transform.

From here, investigators can visualise the results of the search in real-time, and within a very neat link analysis format. Going even further, investigators also have the capability of using additional Maltego Transforms to further scrutinize and investigate the results of their initial search.

run Maigret transform in Maltego_001

Like the command-line interface version of the Maigret utility, the Transform also scrapes and stores any metadata associated with search results. The Transform does not produce the Maigret custom report. That said, this feature is considered redundant when taking into account Maltego’s own reporting capability that allows Investigators to produce a PDF report complete with a snapshot of the graph.

run Maigret transform in Maltego_002

To bring this review to its natural conclusion, we at OS2INT must say that Maigret—when combined with Maltego—is a very powerful tool for digital investigators. The capabilities that lay behind the Maigret Transform are almost certainly driven by the automated data collection capabilities and neat graphical interface that Maltego provides.

Over the course of the festive season, we ran several tests using the Maigret Transform within Maltego, focusing on several usernames associated with organized criminality in Scandinavia. The results of our tests uncovered several instances where the same usernames had been registered on other web pages. The outputs generated from the Transform were investigated even further by using additional Transforms.

All-in-all, both the Maigret Transform and Maltego come with our highest recommendation—to the extent where our readers will see additional reviews of OSINT Transforms for Maltego throughout the course of the year. Stay tuned!

Don’t forget to follow Maltego on Twitter and LinkedIn and sign up for our email newsletter to stay updated on the latest news, tutorials, and events.

This article is originally written by Joseph Jones and published on the OSINT Toolbox Blog of OS2INT, a Strategy Nord-led training and development consultancy.

About the Author 🔗︎

Joseph Jones 🔗︎

Joseph Jones is a former British Military and Law Enforcement Intelligence officer with more than 15 years of intelligence-gathering and investigative experience. He holds a BSc (Hons) Intelligence and Cyber Security from Staffordshire University and is also an external expert for the European Union Agency for Law Enforcement Training (CEPOL), the European Border and Coast Guard Agency (FRONTEX), the European Union Agency for Cybersecurity (ENISA) and Expertise France.

Follow OSINT2INT on Twitter and LinkedIn for more useful OSINT tool and Maltego reviews!

Pick the right product and get started.