Show Menu
Cheatography

Shodan is a search engine that specializes in returning results for public facing devices on the Internet. The CLI tool allows you to make requests using an API to obtain results without using the Web UI.

Common General Search Filters

ip:
Filter results by specific IP address.
asn:
Filter results by specific ASN ID.
hostname:
Filter results by specific hostname.
port:
Filter results by specific port number of service.
net:
Filter results from specified CIDR block.
isp:
Filter results by devices assigned a particular address (space) from a specified ISP.
city:
Filter results by specific city.
country:
Filter results by specific two-digit country code.
os:
Filter results by particular OS.
product:
Filter results by particular software.
version:
Filter results by specified version of software.

Common Premium API Search Filters

vuln:
Filter results by particular vulner­ability ID (commonly CVE).
tag:
Filter results by tags on device.

HTTP Filters

http.c­omp­onent:
Filter results by a particular web techno­logy.
http.s­tatus:
Filter results by specific status code.
http.html:
Filter results by strings found in HTML of files served.
http.t­itle:
Filter results by string found in title of web pages served.
 

Common CLI Commands

count
Returns the number of results for a search.
domain
View all available inform­ation for a domain.
download
Download search results and save them in a compressed JSON file.
honeyscore
Check whether the IP is a honeypot or not.
host
View all available inform­ation for an IP address.
parse
Extract inform­ation out of compressed JSON files.
scan
Scan an IP/ netblock using Shodan.
search
Search the Shodan database.

Common CLI Search Fields

ip_str
port
org
hostnames
os
country
city
These will display their values upon a search, but won't provide statis­tics.

Common CLI Stats Facets

asn
city
country
cloud.p­ro­vider
cloud.s­ervice
device
domain
ip
org
os
version
These will return statis­tical inform­ation about a given series of devices found on the public facing Internet. For example, it could be used to return the most common version found among devices running MariaDB in a particular ASN.
  

Use Case Examples

host: 8.8.8.8
shodan host 8.8.8.8
Display inform­ation about a Google's public DNS.
asn:15169 produc­t:mysql
shodan stats asn:15169 produc­t:mysql
Show inform­ation about devices within Google's ASN that run MySQL.
microsoft iis 6.0
shodan search --fields ip_str­,po­rt,­org­,ho­stnames microsoft iis 6.0
Detect IIS servers running on 6.0.
Navigate to https:­//h­one­ysc­ore.sh­oda­n.io/ and enter target IP.
shodan honeyscore [TARGET]
Detect if given target is a honeypot or not.
Column one is the search you would perform in the Web UI. Column two is the search you would perform using the CLI utility, and the third column is an explan­ation of the search.
       
 

Metadata

  • Languages:
  • Published: 2nd May, 2022

Comments

No comments yet. Add yours below!

Add a Comment

Your Comment

Please enter your name.

    Please enter your email address

      Please enter your Comment.

          Related Cheat Sheets

          Passive Recon Cheat Sheet
          PhoneInfoga/Infoga Cheat Sheet
          Sherlock (Python) Cheat Sheet

          More Cheat Sheets by sir_slammington

          PhoneInfoga/Infoga Cheat Sheet
          Sherlock (Python) Cheat Sheet