Expand your transforms and expand your search capability.

In previous articles, we looked at some of the benefits of applying open-source investigative tools to your workflow and covered why in some instances paid resources can sometimes be the best way to get started with minimal stress.

In today’s article, we’ll continue on with this approach by installing and configuring our Maltego transforms so they are ready to go for search when we need them.

Maltego CE

If you aren’t one for using paid resources then that’s fair enough. However, even the free, community edition (CE) of Maltego can be a useful tool for data-matching purposes.

While it isn’t as powerful as some of the paid versions, for most basic investigations you should still find it to have some utility. For the purposes of this article, we’ll assume that you already have a version of Maltego that is pre-installed.

If you don’t have one set up yet, the community version of Maltego comes installed in the downloadable version of Kali Linux. So, if you have a Kali box, you won’t need to worry about installation.

Despite this though, you’ll need to set up your transforms with API or account information where needed. This is so that your installation is ready to run, right from the get-go, simply needing a search string before being able to get to work scraping data.

Selecting Transforms

While we touched on transforms in the earlier article, there are a few things that are worth considering while you’re in the early configuration stages.

Firstly, it’s a good idea to review all your transforms, select what you need and then configure them. If your search material is broad, this may take some time but doing it once means it’s done properly rather than having to update this information as you need.

Secondly, the actual success of any transform will be directly relevant to the amount of effort that you’ve applied in the first place. Rather than using all your transforms in one shot and ending up with a broad range of data that needs sorting, you’ll get better results by using narrower search terms paired with specific transforms to get the best outcomes.

When carrying out an investigation, broader is not always better and sometimes, there is such a thing as “too much” data. By understanding how you can search effectively for links and information that you might need, you reduce the processing time of this excess data significantly, increasing your overall productivity.

The Transform Hub is your key tool here. Look through it to find out what types of resources you can use to search for actionable information. You’ll also see each category of search broken down so you can search within that specific field. People, data, electronic assets. It’s all useful.

Providing Credentials

An important distinction should be made between the available transforms though. Mostly, you’ll find that access is simply granted using API keys that are uploaded to Maltego during configuration. This is usually pretty easy as it simply requires generating an API key within your application that can then be shared with your Maltego account.


To get the full picture though, some transforms require a paid membership or a subscription to the full versions to get full access. This can restrict the flow of information that you might find, but you’ll also find other ways of accessing the data off-platform should you need it.

For instance, a lot of the transform providers will also provide their own standalone systems that people can access. PeopleDataLabs has a paid product that can be used as a standalone tool while also working well as a Maltego transform.

So, while Maltego is usually a good place to start, if you come up against a paywall issue, be open to looking for the same information somewhere else. Chances are, you won’t be disappointed.

Your First Search

Once everything is configured, we’ll need to run a transform to ensure everything is working correctly. We can do this by opening Maltego CE and hitting the “Investigate” tab when it’s open. We’ll then hit “New” and a fresh graph box should open up ready for us to configure.


The next step is configuring a searchable entity. We’ll do this by adding a new entity and configuring it with our search phrase.


Once this is complete our entity is ready to be searched using the transform of our choice. So, try it out and see how you go. Names or Email addresses are typically going to be a great place to start when you’re trying to get a feel for how the platform might work.

Other Considerations

While it’s a great resource, there are a few considerations we should look at while conducting our search. Validation of data via alternate sources is always a good policy to start with as it helps ensure the integrity of any data used. So cross-referencing as part of your investigation is a wise step.

It’s also worth spending some time at the academy and carrying out some practice investigations before you get started as well. Maltego is extremely powerful and investing some time into understanding how to get the best out of it will help improve your productivity. Like a lot of investigative skills, the best way to hone it is by using it.

Lastly, remember that laws and regulations will vary according to the location of your inquiry.

So before you start, be clear on exactly what laws are applicable to your region and understand if they may impact your investigation prior to it occurring. It’s also good practice to ensure you have secure storage for any investigative data that you’ve recovered, to be sure you aren’t in breach of any data storage laws as well.

Coming Soon

Did you enjoy this article? There’s more in the works that focus on using free open-source tools for analysis purposes. Maltego is just one tool for open-source intelligence, but there are plenty of more open-source toolkits that have plenty to offer investigators.

Some of these platforms also offer free or significantly discounted student tiers where both educators and students are able to access products for educational purposes. So, while things tools like Maltego and Shodan have paid tiers that can be expensive, it’s worth exploring some of the benefits you might receive should you sign up with an educational email address.

Happy Searching!

If you found this article insightful, informative, or entertaining, we kindly encourage you to show your support. Clapping for this article not only lets the author know that their work is appreciated but also helps boost its visibility to others who might benefit from it.

🌟 Enjoyed this article? Join the community! 🌟
📢 Join our OSINT Telegram channel for exclusive updates or
📢 Follow our crypto Telegram for the latest giveaways
🐦 Follow us on Twitter and
🟦 We’re now on Bluesky!
🔗 Articles we think you’ll like:

1. What The Tech?! Rocket Engines
2. OSINT Investigators Guide to Self Care & Resilience

✉️ Want more content like this? Sign up for email updates