1
00:00:00,720 --> 00:00:05,800
Mulgoa is an interactive data mining tool that renders directed graphs for link analysis.

2
00:00:06,390 --> 00:00:11,850
The tool is used in online investigations for finding relationships between pieces of information from

3
00:00:11,850 --> 00:00:14,100
various sources located on the Internet.

4
00:00:14,820 --> 00:00:21,270
The focus of multigrain is analyzing real world relationships between information that is publicly accessible

5
00:00:21,270 --> 00:00:21,930
on the Internet.

6
00:00:22,410 --> 00:00:28,080
This includes footprinting Internet infrastructure, as well as gathering information about the people

7
00:00:28,080 --> 00:00:29,540
and organizations who own it.

8
00:00:30,420 --> 00:00:36,780
Multicore can be used to determine the relationships between the following entities people names, email

9
00:00:36,780 --> 00:00:45,240
addresses and aliases, groups of people, social networks, companies, organizations, websites,

10
00:00:45,630 --> 00:00:53,400
internet infrastructure such as domains, DÄN names, net blocks and IP addresses, affiliations, documents

11
00:00:53,400 --> 00:00:54,090
and files.

12
00:00:54,570 --> 00:00:59,100
Connections between these pieces of information are found using open source intelligence assessment

13
00:00:59,220 --> 00:01:05,760
techniques by querying sources such as DNS records, who is records, search engines, social networks,

14
00:01:06,030 --> 00:01:09,900
various online APIs and extracting metadata.

15
00:01:10,560 --> 00:01:16,350
Manchego provides the results in a wide range of graphical layouts that allow for clustering of information,

16
00:01:16,710 --> 00:01:19,590
which makes seeing relationships instant and accurate.

17
00:01:20,070 --> 00:01:24,870
This makes it possible to see hidden connections, even if there are three or four degrees of separation

18
00:01:24,870 --> 00:01:25,300
apart.

19
00:01:25,920 --> 00:01:34,440
You can download the multi go see that's the community edition from WWW.YOUTUBE.COM and it's embedded

20
00:01:34,440 --> 00:01:35,490
in Calli Linnik.

21
00:01:36,000 --> 00:01:37,710
Let's see Montego in action.

22
00:01:38,130 --> 00:01:42,990
Go to callisthenics and open a terminal screen and type multiclass.

23
00:01:43,140 --> 00:01:48,720
That's MLT Goche to run Montego Community Edition embedded.

24
00:01:58,300 --> 00:02:00,280
First, we choose a machine to run.

25
00:02:00,820 --> 00:02:04,280
There are different machine options specified for different purposes.

26
00:02:04,720 --> 00:02:09,570
For example, there's a Twitter Dega machine to work on a Twitter account and analyze the tweets.

27
00:02:10,180 --> 00:02:16,030
Let's choose footprint one machine this time, which is a fast and basic footprint for the target domain.

28
00:02:16,930 --> 00:02:21,850
The second step is to specify the target domain when we click the finish button.

29
00:02:22,030 --> 00:02:27,300
It's going to start to collect data now in the community edition of Manchego.

30
00:02:27,550 --> 00:02:29,770
The results are limited to 12 entries.

31
00:02:35,090 --> 00:02:37,220
It shows the results in graph mode.

32
00:02:43,200 --> 00:02:47,720
We can zoom out to see the entire picture or zoom in to focus on specific results.

33
00:03:08,990 --> 00:03:14,510
Now, if you select a node and right click on it, you can see all the transforms you able to run for

34
00:03:14,510 --> 00:03:18,490
that node transforms are grouped according to their purposes.

35
00:03:21,300 --> 00:03:27,420
You can expand a group and select a single transform to run, or you can run a group of transforms at

36
00:03:27,420 --> 00:03:33,060
once, you can configure or transform before the run or save a transform in your favorites list.

37
00:03:35,280 --> 00:03:40,020
Let's run the miracle in email addresses found transform at this time.

38
00:03:40,620 --> 00:03:42,650
The results start to come in about a minute.

39
00:03:43,200 --> 00:03:46,450
Let's see some more about multicore while we're waiting.

40
00:03:46,800 --> 00:03:48,450
There are different graph types.

41
00:03:48,450 --> 00:03:50,190
You can choose to see the results.

42
00:03:50,550 --> 00:03:56,820
If you zoom out the graph under 30 percent, the entities are shown as the dots instead of meaningful

43
00:03:56,820 --> 00:03:57,390
symbols.

44
00:03:58,020 --> 00:04:05,330
All the colors of the dot point to a specific type email addresses, website's domain names and more.

45
00:04:05,970 --> 00:04:09,120
You can see the color legend in the lower right corner.

46
00:04:14,860 --> 00:04:18,130
The results of the transform we ran a minute ago are here now.

47
00:04:22,550 --> 00:04:28,580
You can use the toggle full screen button or simply press AWALT, plus enter buttons to topple the graph

48
00:04:28,580 --> 00:04:29,310
to full screen.

49
00:04:29,720 --> 00:04:35,750
You can select the email addresses node and see the collected email addresses listed in the detailed

50
00:04:35,750 --> 00:04:36,500
view window.