.png?sv=2022-11-02&ss=b&srt=o&spr=https&st=2024-04-16T14%3A02%3A19Z&se=2024-04-16T14%3A12%3A19Z&sp=r&sig=duONjmLdTa1vddTU2N4DOjFbxMe2b6YplsfDHvgohWg%3D){kind=logo}
Shodan
- 14 Nov 2022
- 2 Minutes to read
- Print
- DarkLight
- PDF
Shodan
- Updated on 14 Nov 2022
- 2 Minutes to read
- Print
- DarkLight
- PDF
Article Summary
Share feedback
Thanks for sharing your feedback!
Shodan is a search engine for Internet-connected devices.
Based on specified subnet or list of subnets, data fetched from Shodan include: hostname, ports open to the world, vulnerabilities, address information (country, region, city), ISP and more.
Types of Assets Fetched
This adapter fetches the following types of assets:
- Devices
Parameters
- Shodan Domain (optional, default: api.shodan.io) - Should be kept as 'api.shodan.io'.
- CIDR (optional, default: empty) - Specify a subnet to be used for fetching data from Shodan. If you want Shodan to scan multiple subnets, use the CIDR CSV File option to upload a CSV file with a list of subnets.
- API Key (required) - Specify the API key you have defined. For details, see Generating Shodan API Key.
- Upload a CSV file or specify a query search:
Note:
You have to either enter a CIDR CSV File, a CIDR list, or a Query Search in order to configure this adapter
* Upload a CSV file
* CIDR CSV File Name (optional) - This field is mandatory if a CSV File is being uploaded. If you upload several CIDR CSV files (in different Shodan adapter servers), you can specify a logical name for that file. The name will be displayed in the Shodan adapter server list, enabling you to easily distinguish between different Shodan adapter servers.
* CIDR CSV File - Upload a CSV file with a list of subnets to be used for fetching data from Shodan.
* "CIDR" column - Mandatory. Each row in the CSV should be populated with its subnet in the "X.Y.Z.N/P" format.
* DNSNAME column - optional. Each row in the CSV should be populated with the server name, if known.
* NOTE: While the DNSNAME column is optional, the CSV file must contain at least two columns (CIDR and one other).
* Specify a query search
* Query Search - Specify a search query using Shodan's search query syntax. This field will tell the adapter to execute the query you have specified to find devices information.
6. HTTPS Proxy (optional, default: empty) - A proxy to use when connecting to the value supplied in Shodan Domain.
* If supplied, Axonius will utilize the proxy when connecting to the value supplied in Shodan Domain.
* If not supplied, Axonius will connect directly to the value supplied in Shodan Domain.
7. HTTPS Proxy User Name (optional, default: empty) - The user name to use when connecting to the value supplied in Shodan Domain via the value supplied in HTTPS Proxy.
* If supplied, Axonius will authenticate with this value when connecting to the value supplied in HTTPS Proxy.
* If not supplied, Axonius will not perform authentication when connecting to the value supplied in HTTPS Proxy.
8. HTTPS Proxy Password (optional, default: empty) - The password to use when connecting to the value supplied in Shodan Domain via the value supplied in HTTPS Proxy.
* If supplied, Axonius will authenticate with this value when connecting to the value supplied in HTTPS Proxy.
* If not supplied, Axonius will not perform authentication when connecting to the value supplied in HTTPS Proxy.
9. For details on the common adapter connection parameters and buttons, see Adding a New Adapter Connection.
Generating Shodan API Key
To generate a Shodan API key, do as follows:
* Register an account in Shodan
* Visit your registered email id and activate the account
* Login to your account and you will find the API keys under profile overview tab
* Copy the API key and specify it in the API Key field.
Was this article helpful?