Open source intelligence tools for pen testing

Private Eye

Integrating Shodan with Maltego

Automating the Reconnaissance stage is even easier in Maltego if you integrate Shodan into your searches. To do this, get a copy of your Shodan key, then go to the Home page in Maltego. Make sure that the Transform Hub page is open, and then click on the Shodan transform. Make sure it is installed. Then, click on Details | Settings , and then enter your key, as shown in Figure 11. You will then be able to use the Shodan API from within Maltego to conduct more specific searches. You can integrate Shodan with many other pen testing tools, including Metasploit.

Figure 11: Entering a Shodan key.


Automating each element of the pen test lifecycle is possible, of course. In many cases, the Discovery phase is the most time-consuming part of the pen test, but it is very important to get it right. Once you have created the right foundation for the rest of the penetration test, you will be able to move on with confidence.

Of course, you are not limited to OSINT tools such as Nmap, the Shodan API, and Maltego, but they are very useful tools in many cases, and they do a nice job of showing how the pen test tools of the trade are automating many of the steps involved in the Discovery stage. Your responsibility is to use various techniques to gain a clear picture of the organization you are testing. No single tool – or even collection of tools – can take the place of an experienced pen tester, but if you use the right tools the right way, you can speed up the process and make your work more efficient.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs

Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”>


		<div class=