Many different devices are connected to the Internet, e.g. monitoring devices, televisions, refrigerators, various devices found in factories, and there are more and more of them. It is often the case that people are not even aware that their device is connected to the network. In this article I will introduce you to the Shodan tool, which allows us to find such devices, but also allows us to find, for example, database servers.
What is Shodan?
Shodan is a search engine that allows users to find different types of servers connected to the Internet. Some people consider it to be a great tool for hackers to find secured servers. We are able with this search engine to find things like servers, webcams, routers and all devices that are connected to the Internet in some way. The main users of Shodan are cybersecurity specialists, researchers and law enforcement agencies. Shodan has many filters to help us narrow down the returned results. We can filter results by the name of a specific city, country, specific coordinates, hostname, operating system and more. Using some of the filters will require us to create an account. Shodan also provides its API, which supports programming languages such as Python, Ruby, PHP, C++, C#, Crystal, Go, Haskell, Java, Node.js, Perl, Rust. Shodan was created by John Matherly in 2009.
Is Shodan free to use?
Shodan currently returns 10 results to a user without an account, and 50 if we create an account. If we need more queries we need to use a paid subscription.