Metasploit VS Shodan

Metasploit mentions (0)

Shodan mentions (92)

• Introducing OSINT Template Engine: An open source OSINT Tool.

  Transform OSINT sources such as shodan, bgpview & urlscan into templates which you can use to query & store any and each of the API endpoints they provide. Source: 10 months ago

• Some outgoing ports (e.g, port 22) are blocked

  I'm a little surprised you're asking this but as you don't know - if you set the rulebase correctly, you won't get hammered by "public". A lot of people (of course not people here) don't do that which is why shodan.io is full of servers with SSH exposed to the world. Source: 10 months ago

• Does anyone want to vet this job opportunity?

  Eh, request a full demo before signing anything. If they make you buy before you can try, move on. Just be advised that data they collect from your site may be used in a database that puts a target on your back. Similar to how shodan.io works. I would probe them on how they handle customer data and if data is shared, partitioned, or isolated to ensure safety from a platform leak. They want to be a security... Source: 10 months ago

• Security issue or coincidence?

  My network is being hit by China and Russia many times per hour. Make sure your firewall is up-to-date and not have any services available on the Internet (WAN). Look at shodan.io which shows you _everything_ is searched on the Internet. Source: 10 months ago

• Onion sites crawling: Weird mass "HTTP/1.1 200 " HTTP status line returning?

  In the cases of nginx or apache, I suspect they may be acting as proxies to some backend that also chooses not to send a reason phrase back. Searching for "Reason Phrase" yields a number of bug reports/frameworks that may omit it, and shodan.io shows apache tomcat and a few other services/software that omit the code as well. Source: 11 months ago