Investigator Toolkit August 2022: Cheat Sheets for Faster and Spot-on Workflows

News

Investigator Toolkit August 2022: Cheat Sheets for Faster and Spot-on Workflows

Since June 2022, Maltego has launched a new social media campaign that provides Maltego users and investigators with cheat sheets showing how to best use our Hub items for certain workflows. Check out the Investigator Toolkit August roundup in this article!

Presented to you by Maltego, the Investigator Toolkit series showcases each Maltego Transform Hub item with a sample workflow applicable to certain types of investigations. This series aims to help you quickly learn how to include a particular Hub item in your existing workflows.

Where to Find the Investigator Toolkit? ๐Ÿ”—๏ธŽ

You can find the Investigator Toolkit series on our Twitter and LinkedIn channels, with the hashtags #MaltegoMonday and #InvestigatorToolkit. Every Monday, each Investigator Toolkit post comes with a workflow cheat sheet as well as a blog article or webinar as an additional demonstration.

All Previous Investigator Toolkit Roundups ๐Ÿ”—๏ธŽ

In August, we featured the following five Hub items and their use cases in the Investigator Toolkit series:

Letโ€™s dive straight into how to use these Hub items for threat intelligence, social media investigations, or website mapping and backtracking!

Intel 471: Threat Actor Identification ๐Ÿ”—๏ธŽ

Intel 471: Threat Actor Identification cheat sheet

To identify certain threat actors and their affiliates, you can run Intel 471 Transforms on a Phrase Entity to extract related reports, dark web forum threads, and aliases of post authors. See how we map out affiliates of DarkSide ransomeware using Intel 471.

ShadowDragon SocialNet: SOCMINT Targeting Investigation ๐Ÿ”—๏ธŽ

ShadowDragon SocialNet: SOCMINT Targeting Investigation cheat sheet

You can easily pull data from various social media platforms, visualize the connections, and acquire actionable intelligence using ShadowDragon SocialNet Transforms in Maltego. Watch our joint webinar with ShadowDragon about how to investigate illicit communities.

Scamadviser: Scam Websites Mapping ๐Ÿ”—๏ธŽ

Scamadviser: Scam Websites Mapping cheat sheet

With Scamadviser, you can easily identify risky or fake crypto- and shopping websites, map out scam networks, and combat currently rising online scams. Watch our joint webinar with Scamadviser to see how we identify fake shopping websites and its scam networks.

Farsight DNSDB: Archived Website Backtracking ๐Ÿ”—๏ธŽ

Farsight DNSDB: Archived Website Backtracking cheat sheet

To backtrack historical activities of a removed website, you can retrieve snapshots and content previously located on the website with the power of Farsight DNSDB and Wayback Machine Transforms. See how we explore archived content from domains and gather relevant information of amaqagency.

Flashpoint: Threat Community Profiling cheat sheet

To identify and understand the network of criminal posts, forums, communities, and users, simply plug in and run Flashpoint Transforms. Read how we use Flashpoint to scrape the GozNym botnet operations across Russian-language cybercrime forums.

In the following months, we will continue digging into different Hub items available through Maltego and providing best practice tips to investigators.

Follow us on Twitter and LinkedIn now, so that you wonโ€™t miss upcoming Monday tips!

Happy Investigating!

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on whatsapp
WhatsApp

Leave a Reply

Your email address will not be published. Required fields are marked *

Post comment