Windows Tab


Under the main client ribbon the Windows tab is found on the far right. The Windows tab is used to open windows that are found in Maltego’s user interface. This section will describe what each button does under the Windows tab.

Figure 292: Windows tab

Window’s buttons

Each window that is open will have two buttons in the top right-hand corner:

Figure 293: Window taskbar buttons

The options available are to minimise the window (>>) or to close it completely (X). Once a windows has been minimised it remain available as a tab at the side of the Maltego client.

Figure 294: Minimized widows

Each of the minimized window has a single button to maximize the window again.

While the window is still minimized, if you hover over one of the window tabs, the window will open as seen below. The window will minimize again when you move the mouse away from the window.

Clicking on the window tab will open the window until it is de-selected again by clicking elsewhere in the Maltego client.

Figure 295: Hovering over minimized window

The solid dot button () in the top left-hand corner of the window will pin the window back into place so that it stays there permanently.

The windows can also be dragged around to snap into place in different configurations. It is all up to you to decide how you want to setup your working and of course the amount of screen real estate available.

Windows quick actions

The windows quick actions allow you to perform three useful tasks:

  1. Close All Graphs - This will close all the graphs that are currently open. Maltego will first ask if you want to save the each of the graphs before they are closed.

  2. Close Other Graphs - This option will close all the other graphs that are open except for the one that is currently being viewed. Maltego will first ask if you want to save any of the other graphs before they are closed.

  3. Reset Windows – The reset windows button will reset all the windows in Maltego client to default as they were when the tool was first installed. Resetting Windows will require a restart of the Maltego client.

Maltego windows

When starting a new graph, there are six default windows that will open that are used when creating and viewing Maltego graphs. The six windows are highlighted in the image below:

Figure 296: Window layout

Additionally, there are another five windows used for other specific tasks. Each of these widows will be explained in the upcoming sections.

Overview

The Overview window will be open by default when you start a new graph. If the Overview window is closed, it can be re-opened with the button in the image below:

Figure 297: Overview window button

By default, the Overview window is found in the top left-hand corner of the Maltego client. It shows the current viewport on the graph in relation to the entire graph. The Overview window can also be used to pan your graph as discussed previously.

Figure 298: Overview window

Detail View

The Detail View window will be open by default when you start a new graph. If the Detail View window is closed, it can be re-opened with the button in the image below:

Figure 299: Detail View window button

The Detail View contains information about the entity that cannot be displayed in the main graph window. These are things that the transform author wants you to see about the entity. As the mouse is moved over entities both the entity Property View and Detail View is updated. Some transforms will return additional fields in the Property View depending on what the entity type is. Once the transform has returned an entity it is not possible to manually edit the information in the Detail View.

Figure 300: Entity detail view

The Detail View when Multiple Entities are Selected

When more than one entity is selected the Detail View will change to a multi column item list. This gives you a lot more flexibility in terms of selection. As shown below:

Figure 301: Detail View with multiple entities selected

Searching the detail view

You can now search for entities in the text area and press Enter to see which nodes match. The selection on the graph will remain the same at this stage:

Figure 302: Searching your Detail View

After selecting entities from the entity list the Sync Selection to Graph button will be enabled. This button is found on the left-hand side of the search input field. You can now select nodes within the list (i.e. Ctrl + A for all, Shift selects ranges and Ctrl to select entities one by one) and when the sync button is pressed the selected entities on the graph will update according to the selection from the Detail View:

Figure 303: Sync entity selecting to the graph

Other buttons in the Detail View

Pressing the plus (+) button on the left-hand side column will show that specific entity’s Detail View shown below:

Figure 304: Detail view of specific entity from list.

Right-clicking in the Detail View or clicking the Back To List button will navigate back to the entity list that includes all entities in your graph selection.

Running transforms from Detail View

The context menu is also available from the Detail View when more than one entity is selected. This is useful as you can filter and sort entities and then run transforms or perform actions on them from the context menu:

Figure 305: Opening the context menu from the detail view

Entity list columns

The entity list in the Detail View can be sorted according to the different columns of the list. From left-to-right the columns of the list are:

  1. The entity type which is represented in each item on the list as the entity icon.

  2. The entity’s value.

  3. The bookmark color of the entity.

  4. Whether the entity is pinned to the graph (meaning it will never join a collection node).

  5. Number of nodes in the entity’s collection.

  6. Number of incoming links.

  7. Number of outgoing links.

  8. Entity’s weighting.

Property View window

By default, the Property View in Maltego can be found in the bottom right-hand corner of your Maltego client. The properties of an entity are used by transforms and are passed along with the entity’s value to the transform. Detail View information is not passed to the transform. Unlike the Detail View, information in the Property View can be edited by the user after the information has been returned from a transform.

The Property View of an entity is in three sections, namely the Properties, the Dynamic Properties and the Graph Info.

Properties

Under the Properties heading you will find the default properties for an entity. These properties are inherent to the entity type and will be included when a new entity is manually added to your graph from the Entity Palette.

Dynamic Properties

Dynamic Properties of an entity are properties that are added to the entity by the transform that returns the entity. These properties are specific to the transform that created the entity and will not appear in a new entity that is added from the Entity Palette.

Graph info

The Graph Info includes meta information about the entity that you currently have selected.

Hereby the entity property of a netblock:

Figure 306: Netblock properties

Editing properties

Clicking on an entity properties value will allow you to edit the text. Some properties contain long values and it is easier to edit them by opening a text editing window. This can be done by clicking the ellipsis button next to the property value. This will open the window shown in the image below where the property value can be edited:

Figure 307: Editing entity property

Entity palette

The Entity Palette lists entities that are available to be used in the Maltego client. The entity categories can be expanded and collapse using the (+) and (-) buttons next to the category name.

 

Recently used entities will automatically appear at the top of the entity palette for quick access.

Figure 308: Entity palette

As more transform hub items are installed to the Maltego client from the transform hub more entities will be added to the Maltego client. By pressing Ctrl + F while the focus is on the Entity Palette, a search field will open that allows entity types to be searched:

Figure 309: Search through entity types

When you right-click on the palette, options to customize the display will be provided as shown below:

Figure 310: Options to customize palette

Right-clicking on an entity category will provide a different set of options that will apply to all the entities in the category:

Figure 311: Options for a category in the entity palette

Transform output

The Transform Output window displays information that is returned from a transform server when a transform is run. It displays messages about which transform has run, the number of results returned from a transform, transform warnings as well as error information if something goes wrong. The image below labels the elements of the Transform Output window:

Figure 312: Transform output

In the Transform Output window, the button in the top-left-hand corner allows you to filter the different types of messages that are included in the Transform Output. Clicking on the filter button opens the window, shown below, that allow you to select the types of messages you wish to see in the Transform Output.

Figure 313: Filter transform output messages

The button under the filter button can be used to clear all messages from the Transform Output to start with a fresh output window.

Each message that is returned in the Transform Output also includes a link to the entity that caused the message to display. Clicking the link in the Transform Output will zoom to and select this entity on your graph.

Right-clicking in the transform output provides additional actions that can be performed on the text in the Transform Output.

Figure 314: Right-clicking in the transform output

The following can be performed from the Transform Output window context menu:

  • Filter transform messages – This allows you to filter transform messages according to their type.

  • Clear transform messages – This allows you to clear all transform output messages.

  • Find – This will open a search windows to search existing transform messages. Text that matches the search will be highlighted:

Figure 315: Searching the transform output window

  • Filter – This will add a text based filter to the transform message output where only messages that match the filter will be shown in the output:

Figure 316: Filter transform messages

  • Wrap text – this will wrap long messages onto new lines

  • Larger font – increased the font size

  • Smaller Font – decreases the font size

  • Save As – this option allows you to save your output to a text file.

Machine Window

The Machine window provides status information about a machine that is currently running. The features of this window are described in the machines section.

Run view

Beneath the Entity Palette is the Run View which allows you to run transforms and machines. Running a transform from the Run View is the same process as running one from the context menu and it will not be repeated here.

Expanding the Machines heading (+) shows all the machines that are available to run on the current entity selection on the graph.

Figure 317: Machines in the Run view

Each of the line items display the machine’s name and the start of their description. Hovering over the machine name will display the full description for the machine. On the right-hand side of each item there are three icons. The star icon will add the machine to the favorites category making it easier to find this machine in the future. Clicking the configure icon will open a window with the script that makes up the machine. Finally, clicking the single arrow icon (>) will start running the machine.

Chat Window

The Chat window is used in shared graph sessions to communicate with other users on the same graph. The chat window is described in the Collaboration section.

Collaboration Window

The Collaboration window is used in shared graph sessions and shows who is currently on the graph as well as other meta info about the shared graph. The window is described in the Collaboration section of this document.

Hub Transform Inputs

Hub Transform Inputs are transform settings that can be applied to different transforms from a transform hub item but only need to be set once. The Hub Transform Inputs window is used to manage these transform settings:

Figure 318: Hub Transform Inputs Window


© Copyright 2017, Paterva PTY Limited