shodan-scanner: scanner of the “World’s Scariest” scanner
shodan-scanner is intended to be a tool to more easily continuously monitor Shodan for relevant hosts using a local database for easier inventory.
- requirements.txt: Contains Python dependencies essential for scripts to run correctly.
- shodan_scanner: Python program that interacts with Shodan’s API to search for keywords or specific hosts. Stores specific hosts in the database for scanning later. See below for usage information.
git clone https://github.com/heywoodlh/shodan-scanner.git
pip3 install -r requirements.txt
Set the Shodan API key with this command: ./shodan_scanner init –api_key xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
shodan_scanner Database Manipulation:
The shodan program is intended to search shodan for hosts specifically.
There are two options for searching shodan:
- Perform a shodan search for a host using the search command.
- Perform a direct host lookup using the query command.
In simplistic terms, the difference between query and search is that query will get specs and hard information whereas search is a little more flexible with the information it parses.
- shodan_scanner usage example:
./shodan search –host 184.108.40.206 — this performs a keyword search for the host 220.127.116.11
./shodan query –host 18.104.22.168-– this performs a host lookup on Shodan for the IP address 22.214.171.124
The shodan program has been built with SQLite to store hostnames if continuous scanning is desired for specific hosts. These are the basic commands for this functionality:
./shodan database –add 126.96.36.199 –– adds a host to be stored in SQLite database
./shodan database –remove 188.8.131.52 — deletes the host from the SQLite database
./shodan database –list — lists all hosts stored in the database
Copyright (C) 2017 heywoodlh