nrich v0.3.1 releases: quickly analyze all IPs
A command-line tool to quickly analyze all IPs in a file and see which ones have open ports/ vulnerabilities. Can also be fed data from stdin to be used in a data pipeline.
There are 2 types of vulnerabilities that can be attached to the banners in Shodan: verified and unverified. Unverified vulnerabilities are vulnerabilities that are implied based on the metadata we’ve collected. For example, if a server is running an old version of Apache then we will associate known issues with that version and set the associated verified property in the banner to False. Shodan has increasingly also started to verify vulnerabilities when possible. If a verified vulnerability is discovered then we set the verified property to True. Unverified vulnerabilities can have significant false positives depending on the device/ software so they typically require additional verification to make sure the service is vulnerable. They should be seen as a starting point for further investigation. Note that Shodan Monitor only sends out notifications for verified vulnerabilities.
On the website, we will tell you if some of the vulnerabilities are unverified with a small visual disclaimer:
And within the data itself there is a verified property that will tell you whether it’s been verified or not.
Copyright (C) 2022 John Matherly