Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks
Uploaded by tu an

Shodan Filters

advertisement 
tag
The following filters are only available to users of higher API plans.
vuln
Restricted
bitcoin.ip
bitcoin.ip_count
Bitcoin
bitcoin.port
bitcoin.version
http.html_hash
http.robots_hash
http.html
http.securitytxt
http.headers_hash
http.status
http.favicon.hash
snmp.contact
snmp.location
SNMP
http.title
http.component_category
http.waf
http.component
snmp.name
HTTP
ssl.cert.serial
ssl.cert.pubkey.type
cloud.provider
ssl.cert.subject.cn
ssl.cert.pubkey.bits
cloud.region
ssl.chain_count
ssl.cert.issuer.cn
ssl.cipher.bits
ssl.cert.fingerprint
Cloud
cloud.service
screenshot.hash
ssl.cipher.name
ssl.cert.extension
ssl.cipher.version
ssl.cert.expired
ssl.ja3s
ssl.cert.alg
ssl.jarm
ssl.alpn
ssl.version
Screenshots
ip
isp
hostname
link
hash
net
has_vuln
org
has_ssl
os
has_screenshot
ssl
SSL
ntp.ip
ntp.ip_count
ntp.more
screenshot.label
port
has_ipv6
NTP
postal
geo
product
device
region
cpe
ntp.port
@hackinarticles
telnet.do
telnet.dont
scan
https://github.com/Ignitetechnologies
country
telnet.option
sudo pip install shodan
Telnet
telnet.will
Took the API key from my shodan web account
shodan.module
city
state
asn
version
all
https://in.linkedin.com/company/hackingarticles
telnet.wont
shodan init <API-KEY>
ssh.hassh
Installation
ssh.type
SSH
General
Shows general information about your account
Common Filters
info
Initialize the Shodan command-line
View all available information for an IP...
init
host
To find MongoDB database servers
Print your external IP address
To find Mongo Express Web GUI
Check whether the IP is a honeypot or not.
myip
To find MySQL-powered databases
honeyscore
Manage your organization's access to Shodan
mysql port:"3306"
Databases
To lookup popular ElasticSearch-powered instances
Download search results and save them in a...
To look up PostgreSQL databases
org
"Set-Cookie: mongo-express=" "200 OK"
port:"9200" all:"elastic indices"
port:5432 PostgreSQL
download
For FTP, querying for proftpd, a popular FTP server
Extract information out of compressed JSON...
proftpd port:21
View all available information for a domain
To look for FTP servers that allow anonymous logins
parse
"220" "230 Login successful." port:21
domain
To query for OpenSSH, a popular SSH server
Real-Time Map of some results as Shodan finds...
Bulk data access to Shodan
radar
For Telnet, querying for port 23
To look up EXIM-powered mail servers on port 25
Scan an IP/ netblock using Shodan.
Returns the number of results for a search
Jenkins is a starting point of any software being built for release
Search the Shodan database
Specific version of the popular web server Apache
Manage the network alerts for yout account
Web servers
Help
stream
Webcams
product:"nginx"
To lookup Nginx-powered web servers on port 8080
"port: 8080" product:"nginx"
Web Based
shodan myip
"Server: yawcam" "Mime-Type: text/html"
To find XZERES Wind Turbines
Industrial control systems
Myip
Show information about a specific alert
Server: SQ-WEBCAM
For specific software vendors for e.g.- Yawcam
Basic
product:"Microsoft IIS httpd"
To look up Nginx-powered websites and web servers
For outdated and insecure webcam software
-h
Print your extrernal IP address
port:8291 os:"MikroTik RouterOS 6.45.9"
product:"Apache httpd" port:"80"
To look up Microsoft IIS-powered websites and web servers
alert
Stream data in real-time.
"X-Jenkins" "Set-Cookie: JSESSIONID" http.title:"Dashboard"
Network Infrastructure
convert
stats
port:"11211" product:"Memcached"
To find devices running a specific version of a RouterOS
Convert the given input data file into a...
Provide summary information about a search...
port:"25" product:"exim"
To find Memchad commonly on port 11211 for UDP amplification
count
search
port:"23"
Exposed Ports
data
scan
openssh port:22
Remote Desktop
title:"xzeres wind"
Find electric vehicle chargers on Shodan
"Server: gSOAP/2.8" "Content-Length: 583"
To look up open Windows Remote Desktop ports
remote desktop "port:3389"
Devices with VNC available without authentication
"authentication disabled" "RFB 003.008"
Enable a trigger for the alert
info
Find devices running on the Samba protocol on port 445 with
authentication disabled
enable
"Authentication: disabled" port:445
List all the active alerts
Plex devices can be found using
Disable a trigger for the alert
"X-Plex-Protocol" "200 OK" port:32400
NAS Accesses
list
Some NAS devices have FTP-based services running on them
disable
Remove the specified alert
To find HP-powered printers
Create a network alert to monitor an external...
remove
To find EPSON powered printers
create
"220" "230 Login successful." port:21
"Serial Number:" "Built:" "Server: HP HTTP"
"SERVER: EPSON_Linux UPnP" "200 OK"
Printers and Copiers
List the available notification triggers
Xerox printers and copiers using SSL certificates
ssl:"Xerox Generic Root"
Remove all alerts
"\x03\x00\x00\x0b\x06\xd0\x00\x00\x124\x00"
triggers
Windows RDP Password
clear
"X-Recruiting:"
Manage the network alerts for your account
Hiring
"Android Debug Bridge" "Device" port:5555
Shodan alert
Android Root Bridge
screenshot.label
"ETH - Total speed"
Screenshots
Etherium Miners
CLI Based
Shodan Filters
http.title:"Tesla PowerPack System" http.component:"d3" -ga3ca4f2
Tesla Powerpack charging Status
Related documents
Grade 8 SSL Project Design Sheet
Grade 8 SSL Project Design Sheet
SELF EVALUATION QUESTIONNAIRE
SELF EVALUATION QUESTIONNAIRE
Download
advertisement