Shodan is a search engine that lets users search for various types of servers connected to the internet using a variety of filters. Some have also described it as a search engine of service banners, which are metadata that the server sends back to the client. Wikipedia
Embedded Files
Basic Search Filters
Basic Search Filters
port: Search by specific port
net: Search based on an IP/CIDR
hostname: Locate devices by hostname
os: Search by Operating System
city: Locate devices by city
country: Locate devices by country
geo: Locate devices by coordinates
org: Search by organization
before/after: Timeframe delimiter
hash: Search based on banner hash
has_screenshot:true Filter search based on a screenshot being present
title: Search based on text within the title
CLI "Command Line Interface"
CLI "Command Line Interface"
host
host
See information about the host such as where it's located, what ports are open and which organization owns the IP.
Example
$ shodan host 189.201.128.250
$ shodan scan submit --force IP
myip
Returns your Internet-facing IP address.
Example
$ shodan myip 199.30.49.210
parse
Use parse to analyze a file that was generated using the download command. It lets you filter out the fields that you're interested in, convert the JSON to a CSV and is friendly for pipe-ing to other scripts.
Example
The following command outputs the IP address, port and organization in CSV format for the previously downloaded Microsoft-IIS data:
$ shodan parse --fields ip_str,port,org --separator , microsoft-data.json.gz
search
search
This command lets you search Shodan and view the results in a terminal-friendly way. By default it will display the IP, port, hostnames and data. You can use the --fields parameter to print whichever banner fields you're interested in.
Example
To search Microsoft IIS 6.0 and print out their IP, port, organization and hostnames use the following command:
$ shodan search --fields ip_str,port,org,hostnames microsoft iis 6.0
Page updated
Google Sites
Report abuse