Shodan
TL;DR
To integrate Shodan.io:
- Retrieve a API Key from Shodan.io.
- Add a Shodan.io connection in Query with the API key.
- Ensure the API key is valid by Testing the connection in Query.
- Use Query Search to search for OSINT information for an IP address from Shodan.io.
Overview
Shodan.io is a search engine that scans and indexes devices connected to the internet, providing valuable data on networked hardware ranging from routers to security cameras. It's a powerful tool for security professionals to monitor and assess the security posture of devices in the global Internet of Things (IoT) landscape.
By integrating with Query, you can
- Search OSINT for IP Addresses from Shodan.io.
Prerequisites
Make sure you have registered an account with Shodan.io and have the API Key for your account to use in Query
- API Key
Adding Shodan.io as a Connection Source in Query
- Go to the Connections page and click Add Connections. Select Shodan.io from the Threat Intelligence and Enrichment Category.
- In the General tab, add the following details.
- Name - Give a custom name to your Shodan.io connection.
- Shodan.io API Key - Enter your API key.
Querying from Shodan.io
Support for the following entity(ies) from Shodan's API is available today.
- IP Address - Returns all information for an IP address scanned by Shodan.io.
Resources
- For more information on Shodan.io, please go to [here]
Updated about 1 year ago