Login
    Contents x
    Shodan
    • 09 Jul 2024
    • 2 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Shodan

    • Updated on 09 Jul 2024
    • 2 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article summary

    Shodan is a search engine for Internet-connected devices.

    Based on specified subnet or list of subnets, data fetched from Shodan include: hostname, ports open to the world, vulnerabilities, address information (country, region, city), ISP and more.

    Types of Assets Fetched

    This adapter fetches the following types of assets:

    • Devices
    • Vulnerabilities
    • SaaS Applications

    Parameters

    1. Shodan Domain (optional, default: api.shodan.io) - Should be kept as 'api.shodan.io'.
    2. CIDR (optional, default: empty) - Specify a subnet to be used for fetching data from Shodan. If you want Shodan to scan multiple subnets, use the CIDR CSV File option to upload a CSV file with a list of subnets.
    3. API Key (required) - Specify the API key you have defined. For details, see Generating Shodan API Key.
    4. Upload a CSV file or specify a query search:
    Note:

    You have to either enter a CIDR CSV File, a CIDR list, or a Query Search in order to configure this adapter

    Enter a CIDR CSV File

    1. CIDR CSV File Name (optional) - This field is mandatory if a CSV File is being uploaded. If you upload several CIDR CSV files (in different Shodan adapter servers), you can specify a logical name for that file. The name will be displayed in the Shodan adapter server list, enabling you to easily distinguish between different Shodan adapter servers.

    Enter a CIDR CSV List

    1. CIDR CSV File - Upload a CSV file with a list of subnets to be used for fetching data from Shodan. Click Upload File to upload the file.
      The structure of the CSV should be as follows:
      • "CIDR" column - Mandatory. Each row in the CSV should be populated with its subnet in the "X.Y.Z.N/P" format.
      • DNSNAME column - optional. Each row in the CSV should be populated with the server name, if known.
        * NOTE: While the DNSNAME column is optional, the CSV file must contain at least two columns (CIDR and one other).

    Specify a query search

    1. Query Search - Specify a search query using Shodan's search query syntax. This field will tell the adapter to execute the query you have specified to find devices information.
    2. HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.
    3. HTTPS Proxy User Name (optional) - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.
    4. HTTPS Proxy Password (optional) - The password to use when connecting to the server using the HTTPS Proxy.

    To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

    image.png

    Generating Shodan API Key

    To generate a Shodan API key, do as follows:
    * Register an account in Shodan
    * Visit your registered email id and activate the account
    * Login to your account and you will find the API keys under profile overview tab
    * Copy the API key and specify it in the API Key field.

    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout