SHODAN is a search engine that lets you find specific computers (routers, servers, etc.) using a variety of filters. Some have also described it as a public port scan directory or a search engine of banners.

Web search engines, such as Google and Bing, are great for finding websites. But what if you’re interested in finding computers running a certain piece of software (such as Apache)? Or if you want to know which version of Microsoft IIS is the most popular? Or you want to see how many anonymous FTP servers there are? Maybe a new vulnerability came out and you want to see how many hosts it could infect? Traditional web search engines don’t let you answer those questions.

 

SIP Survey

The Session Initiation Protocol (SIP) is used for Voice over IP communications and is now being indexed by Shodan. Search the data to see what VoIP products are out there.

 

Shodan API for Developers

Learn how to access Shodan, Exploit DB and Metasploit information using a web-based API. Libraries are available in Python, Perl and Ruby, head on over to the Shodan API documentation for tutorials on how to get started.

 

HTTPS Survey

Find servers based on supported ciphers and various SSL criteria (version, protocol, issuer etc.). SHODAN doesn’t just grab the banner and certificate for HTTPS, it also performs an in-depth SSL scan to identify which ciphers the server accepts and rejects. * Requires the HTTPS add-on

SNMP Survey

SHODAN grabs the system description from SNMP services and makes it available for searching.

Telnet Survey

Most devices have switched to SSH for secure remote access, there remain a surprising amount of Telnet services running. This is an on-going survey to locate the last of them on the internet and find out more about where they’re located and what infrastructure they’re powering. * Requires the Telnet add-on

Firehose

Still in the experimental stages, see the latest data as it comes in to SHODAN. It provides a real-time feed of port 80 data alongside other relevant information from external security sources. » View now

Search History

This optional feature automatically stores and lets you bookmark your search queries alongside the summary information (total # results, country breakdown). Great for keeping track of search results or saving interesting queries for later.

Download the Shodan for Pentesting Keynote

Download Post in PDF Save Post as PDF