To integrate Shodan.io:

  • Retrieve a API Key from Shodan.io.
  • Add a Shodan.io connection in Query with the API key.
  • Ensure the API key is valid by Testing the connection in Query.
  • Use Query Search to search for OSINT information for an IP address from Shodan.io.


Shodan.io is a search engine that scans and indexes devices connected to the internet, providing valuable data on networked hardware ranging from routers to security cameras. It's a powerful tool for security professionals to monitor and assess the security posture of devices in the global Internet of Things (IoT) landscape.

By integrating with Query, you can

  • Search OSINT for IP Addresses from Shodan.io.


Make sure you have registered an account with Shodan.io and have the API Key for your account to use in Query

  • API Key

Adding Shodan.io as a Connection Source in Query

  1. Go to the Connections page and click Add Connections. Select Shodan.io from the Threat Intelligence and Enrichment Category.
  2. In the General tab, add the following details.
    • Name - Give a custom name to your Shodan.io connection.
    • Shodan.io API Key - Enter your API key.

Querying from Shodan.io

Support for the following entity(ies) from Shodan's API is available today.

  • IP Address - Returns all information for an IP address scanned by Shodan.io.


  • For more information on Shodan.io, please go to [here]