Shodan CLI Search Engine Guide

Shodan is a tool that lets you explore the internet for devices rather than content of web sites, Shodan is extremely powerful if used correctly.

you can access shodan via the website or through the command line interface using API’s, we will cover using shodan via the cli.

Installation And Usage

the shodan cli is packed within the usual python librarians so chances are its already installed to check use the following command

shodan version

To use shodan via the comand line interface we need our API key attached to our shodan account, if you dont have an account with shodan yet go ahead and create one here.

shodan init <API KEY GOES HERE>

The COUNT option will return the number of results found using that query for example

shodan count microsoft
17519624

The DOWNLOAD option will download all results to a .json file, by default only the first 1000 results will be saved, you can save all results by adding the –limit option with a value of -1.

shodan download --limit -1 data-microsoft microsoft
Search query:			microsoft
Total number of results:	17519624
Query credits left:		167261
Output file:			microsoft.json.gz
  [###################################-]   99%  00:00:00
Saved 1000 results into file data-microsoft.json.gz

The SEARCH option

The PARSE option is used to filter fields from a previously downloaded json file, usinh our previously downloaded jason file we will extract the ip and port fields and save to a new file.

shodan parse --fields ip_str,port --separator : data-microsoft.json.gz > data-microsoft-parsed-ip-port

The HOST option will display version information, open ports and organisations details

shodan host <HOST OR IP>

The MYIP option will display your internet facing ip address

shodan myip