Episode Details

Back to Episodes
Course 12 - Maltego Advanced Course | Episode 4: Custom Entity Design and Implementation in Maltego

Course 12 - Maltego Advanced Course | Episode 4: Custom Entity Design and Implementation in Maltego

Published 5 months, 3 weeks ago
Description
In this lesson, you’ll learn about:
  • How to create custom entities in Maltego
  • How to name entities and assign unique type IDs
  • How entity properties, main properties, and data types work
  • How inheritance allows new entities to reuse transforms
  • How to use advanced features like calculated properties and visual overlays
  • How to build dynamic, visually adaptive entities for specialized investigations
Summary of the Episode: This episode walks through the full process of designing and implementing custom entities in Maltego, beginning with basic creation and advancing toward powerful features like inheritance, calculated properties, regex parsing, and dynamic icon overlays. It demonstrates how users can tailor Maltego to fit specialized investigation workflows by defining their own data structures and visual representations. 1. Naming and Identifying Custom Entities Creating a custom entity starts with two essential identifiers: Display Name
  • A human-readable name, such as Worker, that appears in the graph.
Type ID (Unique Identifier)
  • Must be globally unique to avoid conflicts
  • Typically structured with a namespace, e.g.:
    • investitech.worker (organization format)
    • my.worker (personal or training use)
2. Creating a Basic Custom Entity To create a minimal entity, define:
  • Display name: e.g., worker
  • Short description: Explains its purpose
  • Unique type ID: e.g., my.worker
  • Category: e.g., personal
Main Property Every entity requires at least one property.
Example:
  • Property name: worker name
  • Type: string
  • Sample value: John Doe
The main property appears in bold in the property list and typically identifies the entity on the graph. 3. Using Entity Inheritance Inheritance allows a new entity to reuse all transforms and properties of an existing one. Examples:
  • Website inherits from DNS name to gain transforms like “To IP address”.
  • A custom worker entity inherits from maltego.person to reuse:
    • First/last name properties
    • Person-related transforms
This makes the new entity more functional without additional configuration. 4. Additional Properties Custom entities can include any number of extra properties. Property types include:
  • Strings
  • Numbers
  • Dates
  • Booleans
  • Images
  • Locations
Default vs Sample Values
  • Sample value: Appears when dragging the entity from the palette
  • Default value: Used if the property is left empty
5. Calculated Properties Calculated properties automatically combine or transform other property values. Common annotations:
  • $property(name): Reference another property
  • $trim(): Remove surrounding whitespace
Example:
A full name property combining first and last names. Calculated properties can be:
  • Visible
  • Hidden
  • Read-only (evidence-safe)
6. Display Settings & Overlays Maltego entities can display visual cues based on their property values. Large Image (Icon)
  • Can be chosen dynamically using a calculated property
Overlays (5 Positions)
  • North
  • Northwest
  • West
  • Southwest
  • South
Overlays can show:
  • Images
  • Colors
  • Text (e.g., job titles, statuses, labels)
This gives investigators a quick visual read of key details without inspecting the property panel. 7. Regular Expressions
Listen Now

Love PodBriefly?

If you like Podbriefly.com, please consider donating to support the ongoing development.

Support Us