一键导入
shodan
Shodan lookups: internet-connected devices, ports, services
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Shodan lookups: internet-connected devices, ports, services
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
Search and download arXiv papers (no API key needed)
Delegate coding and file edits to Anthropic Claude Code CLI
Read/write Windows clipboard text, HTML, images, history (PowerShell)
Running scripts and code on Windows
Delegate coding tasks to OpenAI Codex CLI
Windows Defender: scans, threat history, signatures (PowerShell)
基于 SOC 职业分类
| name | shodan |
| description | Shodan lookups: internet-connected devices, ports, services |
| category | security |
| version | 1.0.0 |
| license | Apache-2.0 |
| origin | aiden |
| tags | security, shodan, osint, recon, ports, services, iot, asset-discovery, cve, infosec |
| env_required | ["SHODAN_API_KEY"] |
Shodan indexes internet-connected devices and exposes metadata: open ports, running services, banners, TLS certificates, and known CVEs. Use it for security audits, reconnaissance, and asset discovery.
Requires: SHODAN_API_KEY — free tier at https://account.shodan.io (1 req/sec, 100 queries/month).
$ip = "8.8.8.8"
$key = $env:SHODAN_API_KEY
$url = "https://api.shodan.io/shodan/host/${ip}?key=${key}"
$host = Invoke-RestMethod -Uri $url
Write-Host "IP: $($host.ip_str)"
Write-Host "Organization: $($host.org)"
Write-Host "OS: $($host.os)"
Write-Host "Country: $($host.country_name)"
Write-Host "Open ports: $($host.ports -join ', ')"
Write-Host ""
Write-Host "Services:"
$host.data | ForEach-Object {
Write-Host " Port $($_.port)/$($_.transport) — $($_.product) $($_.version)"
}
$query = [Uri]::EscapeDataString("port:27017 product:MongoDB")
$key = $env:SHODAN_API_KEY
$url = "https://api.shodan.io/shodan/host/search?query=${query}&key=${key}"
$results = Invoke-RestMethod -Uri $url
Write-Host "Total results: $($results.total)"
$results.matches | Select-Object -First 10 | ForEach-Object {
Write-Host " $($_.ip_str):$($_.port) — $($_.org) ($($_.location.country_name))"
}
$ip = "TARGET_IP"
$key = $env:SHODAN_API_KEY
$host = Invoke-RestMethod -Uri "https://api.shodan.io/shodan/host/${ip}?key=${key}"
if ($host.vulns) {
Write-Host "CVEs found on ${ip}:"
$host.vulns.PSObject.Properties | ForEach-Object { Write-Host " $($_.Name)" }
} else {
Write-Host "No known CVEs found for ${ip}"
}
port:22 country:IN SSH servers in India
product:nginx version:1.14 Specific nginx version
org:"Amazon" Amazon-owned IPs
ssl.cert.subject.cn:*.example.com Certs for a domain
http.title:"Dashboard" port:80 Web dashboards on port 80
vuln:CVE-2021-44228 Log4Shell vulnerable hosts
"What is exposed on IP 1.2.3.4?" → Use the host lookup. Shows open ports, services, OS.
"Find all MongoDB servers with no auth"
→ Query: port:27017 product:MongoDB -authentication
"Search for Apache servers in India"
→ Query: product:Apache country:IN
"Does this IP have any known CVEs?" → Use the CVE snippet above on the target IP.
Start-Sleep -Milliseconds 1100 between bulk callsvulns field only appears when Shodan has matched CVE data to the service bannerSHODAN_API_KEY — free account at https://account.shodan.io