Back

Maltego

OSINT
Read Docs
Read Datasheet
OVERVIEW
SpyCloud’s integration with Maltego brings identity exposure intelligence into a powerful graph‑based investigation environment. By offering access to SpyCloud’s extensive recaptured darknet data – including breached credentials, exposed PII, malware-exfiltrated authentication data, and more – Maltego users can visualize and explore relationships between people, accounts, devices, domains, and related exposures. With 80+ SpyCloud Maltego transforms (and expanding), analysts can pivot quickly on selectors like email, username, password, domain, or IP to uncover hidden connections, correlate exposures, and support threat investigations with rich contextual data.
BENEFITS
  • Visualize Identity Relationships
    Map connections between exposed identities, associated accounts, malware‑linked infrastructure, and other digital artifacts to reveal how threats and exposures interrelate.
  • Speed Up Investigations
    Automate data correlation and reduce manual analysis by graphing links between entities programmatically using built‑in Maltego transforms.
  • Expose Hidden Risk
    Identify shared credentials, reused passwords, linked accounts, and associated artifacts that might otherwise go undetected, providing richer context for cybercrime research and threat attribution.
HOW IT WORKS
Within Maltego, analysts install and configure the SpyCloud transforms in the Transform Hub and provide their API key. These transforms use SpyCloud’s Investigations API to pull darknet‑sourced breach and malware data into graph entities. Investigators can then pivot on email addresses, domains, usernames, IPs, and other selectors to expand the graph, enrich entities with exposure data, and reveal linkages between people, accounts, and malicious infrastructure – enabling deeper context for threat analysis and OSINT research.