Shodan is a search engine that lets users search for various types of servers connected to the internet using a variety of filters. Some have also described it as a search engine of service banners, which are metadata that the server sends back to the client. Wikipedia


Basic Search Filters

port: Search by specific port

net: Search based on an IP/CIDR

hostname: Locate devices by hostname

os: Search by Operating System

city: Locate devices by city

country: Locate devices by country

geo: Locate devices by coordinates

org: Search by organization

before/after: Timeframe delimiter

hash: Search based on banner hash

has_screenshot:true Filter search based on a screenshot being present

title: Search based on text within the title

CLI "Command Line Interface"


See information about the host such as where it's located, what ports are open and which organization owns the IP.


$ shodan host

$ shodan scan submit --force IP


Returns your Internet-facing IP address.


$ shodan myip


Use parse to analyze a file that was generated using the download command. It lets you filter out the fields that you're interested in, convert the JSON to a CSV and is friendly for pipe-ing to other scripts.


The following command outputs the IP address, port and organization in CSV format for the previously downloaded Microsoft-IIS data:

$ shodan parse --fields ip_str,port,org --separator , microsoft-data.json.gz


This command lets you search Shodan and view the results in a terminal-friendly way. By default it will display the IP, port, hostnames and data. You can use the --fields parameter to print whichever banner fields you're interested in.


To search Microsoft IIS 6.0 and print out their IP, port, organization and hostnames use the following command:

$ shodan search --fields ip_str,port,org,hostnames microsoft iis 6.0