Shodan is a search engine that gathers data from internet-connected devices. These connected devices are queried for various types of publicly available information. The types of devices that are indexed vary tremendously and range from small desktop computers to nuclear power plants, and everything in between. Shodan queries go far beyond what the traditional web search engines can provide as Shodan crawls the internet – whereas traditional search engines crawl the World Wide Web. The devices powering the World Wide Web only make up a tiny fraction of internet connections and Shodan aims to provide a complete picture.
How to run a basic scan
Search for Shodan under the Home tab, in the Transform Hub.
Input API Key, if you don’t have one you can sign up at https://account.shodan.io/register for one.
Create a New Graph (CTRL + T)
Select IPv4 Address under Entity Palette, drag to the graph and input the address you want to scan.
For this scan we will use IP Address 126.96.36.199
Right click the Entity and beside Shodan click the Double Arrow to run All Transforms.
Input API Keys/Credentials if prompted.
Analyze the graph, and run more scans if needed
We can see lots of information here including a domain linode.com. Lets see if we can get more information about this website.
We can run The Transform Shodan >> IP Details to get the IP of linode.com
Then use Shodan >> All Details on the IP Address 188.8.131.52
Here we can see open ports 22, 80 and 443 on IP Address 184.108.40.206 and information about the tags, banner info, hashes..
If we want more information we can run All Transforms under Shodan on the selected IP address 220.127.116.11.
The scan returned some information about where the IP is located.