Maltego Automations and Collaboration
This page is a resource to accompany the Maltego Automations and Collaboration course. Because this course requires some programming and each section of the course builds off of the previous sections, small mistakes can cause big errors. To prevent frustration, we have provided all of the necessary code so that learners can review and compare their work easily.
Which section would you like to see?
Automations
Collaboration
Maltego Automations
Sequential Machine Script
A Machine that runs Transforms in a linear path, or sequence. This often results in a Machine that looks like this:
- Run Transform 1, then
- Run Transform 2, then
- Run Transform 3, then
- Run Transform 4
List of Transforms
D4 – Leaked Records Search (email)
D4 – Extract ALL Personally Identifiable Information
D4 – Leaked Records Search (email)
D4 – Extract ALL Personally Identifiable Information
Empty space, drag to resize
Parallel Machine Script
A Machine that runs Transforms in parallel paths, allowing multiple Transforms to execute at the same time. This often results in a Machine that looks like this:
- Run Transform 1 and Transform 2, Transform 3 and Transform 4 all of them in parallel.
List of Transforms
Get all breaches of an e-mail address [v3 @haveibeenpwned]
Search in Breaches for Email [Constella]
D4 - Leaked Records Search (email)
Can add more
Empty space, drag to resize
Serial Machine Script
A Machine will first run Transforms in parallel, and then each result from the parallel paths will be processed in sequence, with each step depending on the previous result. This often results in a Machine that looks like this:
List of Transforms
D4 - Leaked Records Search (email)
- Run Transform 1 and Transform 2 in parallel, then
- Run Transform 3 for the results that came from Transform 1, and
- Run Transform 4 for the results that came from Transform 2.
List of Transforms
D4 - Leaked Records Search (email)
D4 - Extract ALL Personally Identifiable Information
Search in Breaches for Email [Constella]
Extract PII Data [Constella]
Empty space, drag to resize
User Filter Script
The User Filter function allows users to manually review and select entities before continuing the Transform process. This gives you control over the data flow, ensuring only the relevant information moves forward.
List of Transforms
D4 - Leaked Records Search (email)
List of Transforms
D4 - Leaked Records Search (email)
Pause for User Filter
D4 - Extract ALL Personally Identifiable Information
Search in Breaches for Email [Constella]
Pause for User Filter
Extract PII Data [Constella]
Empty space, drag to resize
Type Filter Script
The Type Filter function allows users to filter entities by their specific type before applying further Transforms. This helps narrow down the results to a particular entity type, ensuring the correct information is processed.
List of Transforms
D4 - Leaked Records Search (email)
List of Transforms
D4 - Leaked Records Search (email)
D4 - Extract ALL Personally Identifiable Information
Filter for Phone number Entity type
D4 - Leaked Records Search (phone)
Empty space, drag to resize
Value Filter Script
The Value Filter function allows users to filter entities based on their values before applying further Transforms. This helps refine the results to only entities matching specific criteria, ensuring that only relevant information is processed.
List of Transforms
D4 - Leaked Records Search (email)
List of Transforms
D4 - Leaked Records Search (email)
D4 - Extract ALL Personally Identifiable Information
Filter Name of the Twitter Account
Get Followers (Twitter) [Vetric]
Empty space, drag to resize
Bookmark Script
The Bookmark function allows you to mark specific entities on the graph for easy reference during or after a Machine’s execution. Bookmarks help highlight important data points, making the analysis process more efficient.
List of Transforms
D4 - Leaked Records Search (email)
List of Transforms
D4 - Leaked Records Search (email)
D4 - Extract ALL Personally Identifiable Information
Filter Name of the Twitter Account
Get Followers (Twitter) [Vetric]
Add Blue Colour Bookmark
Empty space, drag to resize
Graph Layout Script
The Graph Layout function in Maltego allows you to change how entities and links are visually displayed on the graph. Different layouts help make sense of the data, depending on the analysis you’re performing.
List of Transforms
D4 - Leaked Records Search (email)
List of Transforms
D4 - Leaked Records Search (email)
D4 - Extract ALL Personally Identifiable Information
Filter Name of the Twitter Account
Get Followers (Twitter) [Vetric]
Add Blue Colour Bookmark
Add Graph Layout
Empty space, drag to resize
Status & Log Messages Script
The Status functions allow you to track the progress and details of a Machine’s execution. These functions provide updates on the Machine’s current actions.
Status Message: The status() function is used to display the Machine’s progress to the user. This is particularly helpful to indicate which part of the Machine is running.
The Log functions allow you to track the progress and details of a Machine’s execution. These functions log important information for later review.
Log Message: The log() function is used to log messages to track what’s happening inside the Machine at different stages. You can choose to log with or without showing entity details.
The Log functions allow you to track the progress and details of a Machine’s execution. These functions log important information for later review.
Log Message: The log() function is used to log messages to track what’s happening inside the Machine at different stages. You can choose to log with or without showing entity details.
Maltego Collaboration
Pre-checks & Do's and Don'ts
Encryption Strength: Ensure both users have the same encryption strength (AES 128-bit or AES 256-bit). If AES 256-bit encryption is required, make sure the JCE Unlimited Strength Jurisdiction is installed on all machines running Maltego.
Session Name Uniqueness: Ensure the session name you choose is unique to avoid conflicts with existing sessions.
Session Security Key: Confirm that a security key is set and shared only with trusted participants to protect the session from unauthorized access.
Show Usernames: Enable the option to show usernames for better transparency on who’s editing what.
Connection to a Communication Server: Verify that your selected communication server (Paterva Public, Private, or Custom XMPP) is correctly configured and reachable.
Internet Connectivity: Ensure that you and other participants have a stable internet connection, as collaboration relies on real-time data transfer.
Permissions for Entities: Make sure that users understand the Entity attribution system, as all participants can add or modify Entities within the shared graph session.
Don’t Disconnect Without Saving: Avoid disconnecting without saving a local copy of the graph to prevent losing progress.
Copyright © 2025
What is Maltego?
Write your awesome label here.