Shodan Transforms – Maltego

Shodan Transforms – Maltego

Shodan is a search engine that gathers data from internet-connected devices. These connected devices are queried for various types of publicly available information. The types of devices that are indexed vary tremendously and range from small desktop computers to nuclear power plants, and everything in between. Shodan queries go far beyond what the traditional web search engines can provide as Shodan crawls the internet – whereas traditional search engines crawl the World Wide Web. The devices powering the World Wide Web only make up a tiny fraction of internet connections and Shodan aims to provide a complete picture.

How to run a basic scan

Step 1:

Search for Shodan under the Home tab, in the Transform Hub.

Click Install

Step 2:

Input API Key, if you don’t have one you can sign up at for one.

Step 3:

Create a New Graph (CTRL + T)

Select IPv4 Address under Entity Palette, drag to the graph and input the address you want to scan.

For this scan we will use IP Address

Step 4:

Right click the Entity and beside Shodan click the Double Arrow to run All Transforms.

Input API Keys/Credentials if prompted.

Step 5:

Analyze the graph, and run more scans if needed

We can see lots of information here including a domain Lets see if we can get more information about this website.

Step 6:

We can run The Transform Shodan >> IP Details to get the IP of

Then use Shodan >> All Details on the IP Address

Here we can see open ports 22, 80 and 443 on IP Address and information about the tags, banner info, hashes..

If we want more information we can run All Transforms under Shodan on the selected IP address

The scan returned some information about where the IP is located.