Hello Everyone Greeting All ! Today in This blog we are going to Look How Shodan CLI Work Which make our OSINT Phase More easy to lookup All Internet Connected Devices Which is basically Search engine For Tester, Hacker , Organizations etc. There is more then 10 billion Internet active device Connected such as Your Router , IOT, System, server , Android devices etc and it excepted to reach 64 billion by 2025 so Everything is based On IP as digital environment.
What Is shodan web Search engine :
Shodan has both facility As GUI we Can utilize our searching capacity Eg: If we ask google : it’s a search engine that finds websites. As Shodan is also Search engine Which based On Internet Connected IOT System Which globally available along with Server , System, open ports , Router etc.
It the invisible parts of the Internet most people won’t ever see. Shodan is the most powerful search engine for internet-connected devices.
How To Access shodan and search all internet connected Devices Online -> Visit : https://www.shodan.io/
As we see above this How shodan looks like Now How to utilize Your searching for all connected device. We are going to find out Door / Lock Access Controllers Which based On IOT
Here We can simply ask shodan search bar to lookup our result : “HID VertX” port:4070
As above Pic we see we are able to see Door / Lock Access Controllers Connected To the Internet .
We have different keywords to find out Devices: See Article How to use shodan filter Keyword
Shodan For CLI:
We can implement shodan using our terminal to work better we can manipulate all output using shodan cli. The command-line interface (CLI) for Shodan is provided alongside the Python library. This we need to installed python in order to use the Shodan CLI.
How to install:
pip install -U --user shodan
To confirm installation process use command:
And now configure with Your user API For Accessing You need to create Account on www.shodan.io
shodan init YOUR_API_KEY
Now to find out all available IIS 7 Version On Shodan search engine we need to Use command:
shodan count microsoft iis 7.0
we can also scan specific IP using shodan cli :
shodan scan submit --force IP
The HOST option will display version information, open ports and organisations details
shodan host target
As we see We can also Utilize Our testing phase using shodan cli or GUI web interface if your doing penetration testing against Organization’s or other asset. Today we discussed How shodan work in different flow We see how to install shodan cli on your system .
Thanks For Reading……. See You In Another Blog!
Stick With Our Blog : https://securiumsolutions.com/blog/
Author : Pallab Jyoti Borah | VAPT Analyst