Software Alternatives, Accelerators & Startups
Table of contents
  1. Videos
  2. Social Mentions
  3. Comments

Shodan

Shodan is the world's first search engine for Internet-connected devices.

Shodan Reviews and details

Screenshots and images

  • Shodan Landing page
    Landing page //
    2023-03-16

Badges

Promote Shodan. You can add any of these badges on your website.
SaaSHub badge
Show embed code

Videos

Searching the Internet with Shodan (Seen in Mr. Robot)

Bestech Shodan Unboxing & First Impressions

Bestech Shodan FULL Review

Social recommendations and mentions

We have tracked the following product recommendations or mentions on various public social media platforms and blogs. They can help you see what people think about Shodan and what they use it for.
  • Introducing OSINT Template Engine: An open source OSINT Tool.
    Transform OSINT sources such as shodan, bgpview & urlscan into templates which you can use to query & store any and each of the API endpoints they provide. Source: 11 months ago
  • Some outgoing ports (e.g, port 22) are blocked
    I'm a little surprised you're asking this but as you don't know - if you set the rulebase correctly, you won't get hammered by "public". A lot of people (of course not people here) don't do that which is why shodan.io is full of servers with SSH exposed to the world. Source: 11 months ago
  • Does anyone want to vet this job opportunity?
    Eh, request a full demo before signing anything. If they make you buy before you can try, move on. Just be advised that data they collect from your site may be used in a database that puts a target on your back. Similar to how shodan.io works. I would probe them on how they handle customer data and if data is shared, partitioned, or isolated to ensure safety from a platform leak. They want to be a security... Source: 11 months ago
  • Security issue or coincidence?
    My network is being hit by China and Russia many times per hour. Make sure your firewall is up-to-date and not have any services available on the Internet (WAN). Look at shodan.io which shows you _everything_ is searched on the Internet. Source: 11 months ago
  • Onion sites crawling: Weird mass "HTTP/1.1 200 " HTTP status line returning?
    In the cases of nginx or apache, I suspect they may be acting as proxies to some backend that also chooses not to send a reason phrase back. Searching for "Reason Phrase" yields a number of bug reports/frameworks that may omit it, and shodan.io shows apache tomcat and a few other services/software that omit the code as well. Source: 12 months ago
  • How to secure heimdall dashboard?
    If you really want to shake your nerves, seach for accidental wide open heimdall installs on shodan.io. Source: about 1 year ago
  • External Network / Firewall Monitoring
    Shodan.io is part of our toolkit, works well. Source: about 1 year ago
  • They can't hurt you
    This is not security. There are other Internet-wide scanners out there (Shodan is a great example). Source: about 1 year ago
  • Q: How many have actually secured thier server?
    Snake oil security like changing ports for ssh do absolutely nothing in practice, as services like shodan.io exist. Using SSH-Key only increases your security if you use weak passwords and make it easier to avoid miss configuration of your server. But if you're using a strong password it's basically the same. Source: about 1 year ago
  • Did you have serious attacks on your exposed services before?
    I get scanned all the time by bots like everyone else. 99.9% of it is just noise. You could also just search for your public IP on shodan.io to see if it shows up. Mine doesn't, I check every once in a while. Source: about 1 year ago
  • Is it "common" to have random IPs trying to connect to your server(s)?
    When it comes to random connections on a public facing server? Its not to bad; I think the worst I had was about a year ago; almost 80-90k requets in a day but I was on shodan.io with a honeypot at that point. Source: about 1 year ago
  • Can a Google Home Mini open programs on my PC?
    The Axis of Evil including China has taken over Google Home as black hat hackers have implemented APTS in devices they detect online when using shodan.io. Rampant vulnerabilities are beginning to be show the tips of their icebergs. When performing a Wireshark, you can see the action live on the wire. Source: about 1 year ago
  • How to Bypass Cloudflare in 2023: The 8 Best Methods
    There are several sites that can give you useful information for this. For example, databases like Shodan and Censys, or tools like CloudFlair and CloudPeler, might show some of their internals. Not all targets will appear there, and many won't have any useful entries, but some might have their data exposed. - Source: dev.to / about 1 year ago
  • Is it safe to have Nginx Proxy Manager point to my Octoprint docker instance - so I can reach it via https://octo.jdsmn21personaldomain.com (fake address) from outside my network?
    Your second method is not secure. Your domain might be obscure, but the IP address of the server is not, so it doesn't matter. Websites such as https://shodan.io exist, if you fancy finding some OctoPrint instances exposed to the internet. If people don't add extra security their webcams are exposed to the world without even OctoPrint's login, so just don't do it. Source: about 1 year ago
  • Am I safe?
    I back this recommendation. If for any reason you need to keep 443 open, I advise that you install an intrusion detection system such as Crowdsec in addition. Also, give a look at shodan.io for your ip and check for the detected vulnerabilities. Source: about 1 year ago
  • Chaotic good hacker
    I've heard of people going to shodan.io and sending warnings just like this. Source: over 1 year ago
  • Is my Synology getting port-scanned?
    The easiest way of determining what you are exposing, short of an online portscan, is probably entering your IP address into shodan.io. Source: over 1 year ago
  • someone on my server spammed the refresh button so fast i thought i was getting DDOSed before my eyes lmao
    Not sure how many ppl that would ddos would use the minecraft ping system for that XD but yeah honestly this is kinda normal I get this all the time; it only gets worse the more players you have. Or if your put into a list like ones on shodan.io. Source: over 1 year ago
  • Port Sniffer made in Rust
    You can! Also detect if it's a public IP and use Shodan.io to display "offline" port-scans which is a cool idea. I played around with this for RustScan, something like "hey user, shodan.io scanned this server 2 days ago. Do you want to see what ports they reported were open without scanning?". Source: over 1 year ago
  • Network mapping softwares
    Nmap, zenmap (gui), and angryIP are my GoTos for internal networks. If you want external networks - shodan.io is good. Source: over 1 year ago
  • Anywhere I can advertise a bounty for my site?
    Everything the others have said + also use https://securityheaders.com/ & shodan.io if you haven't already to see if there is anything obvious. Source: over 1 year ago

Do you know an article comparing Shodan to other products?
Suggest a link to a post with product alternatives.

Suggest an article

Shodan discussion

Log in or Post with

This is an informative page about Shodan. You can review and discuss the product here. The primary details have not been verified within the last quarter, and they might be outdated. If you think we are missing something, please use the means on this page to comment or suggest changes. All reviews and comments are highly encouranged and appreciated as they help everyone in the community to make an informed choice. Please always be kind and objective when evaluating a product and sharing your opinion.