Shodan CLI Search Engine Guide

Shodan is a tool that lets us explore the internet for devices rather than content of web sites, Shodan is extremely powerful if used correctly.

you can access shodan via the website or through the command line interface using API’s, we will cover using shodan via the cli.

Installation And Usage

The Shodan command line interface is packed within the usual python library’s so chances are its already installed. You can check by issuing the command below.

shodan version

To initialise Shodan CLI we need to get an API key from our Shodan account, if you don’t have an account with Shodan you can create a free account here.

shodan init <API KEY GOES HERE>

The COUNT option will return the number of results found using that query for example

shodan count microsoft
17519624

The DOWNLOAD option will download all results to a .json file, by default only the first 1000 results will be saved, you can save all results by adding the –limit option with a value of -1.

shodan download --limit -1 data-microsoft microsoft
Search query:			microsoft
Total number of results:	17519624
Query credits left:		167261
Output file:			microsoft.json.gz
  [###################################-]   99%  00:00:00
Saved 1000 results into file data-microsoft.json.gz

The SEARCH option

The PARSE option is used to filter fields from a previously downloaded json file, usinh our previously downloaded jason file we will extract the ip and port fields and save to a new file.

shodan parse --fields ip_str,port --separator : data-microsoft.json.gz > data-microsoft-parsed-ip-port

The HOST option will display version information, open ports and organisations details

shodan host <HOST OR IP>

The MYIP option will display your internet facing ip address

shodan myip