Skip to content

Instantly share code, notes, and snippets.

@JerryShah3
Last active November 15, 2022 20:08
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save JerryShah3/e4018ecce48eefcb8e02ebadf9468ae8 to your computer and use it in GitHub Desktop.
Save JerryShah3/e4018ecce48eefcb8e02ebadf9468ae8 to your computer and use it in GitHub Desktop.
Shodan_HTTP-Response-Status-Codes
http.status:"101" -------------------------------------------------------------- Switching Protocols (For finding web socket hijacking)
http.status:"102" -------------------------------------------------------------- WebDAV (For checking enabled webdav)
http.status:"200" -------------------------------------------------------------- OK
http.status:"301" -------------------------------------------------------------- Moved Permanently
http.status:"302" -------------------------------------------------------------- Moved Temporarily
http.status:"307" -------------------------------------------------------------- Temporary Redirect
http.status:"308" -------------------------------------------------------------- Permanent Redirect
http.status:"401" -------------------------------------------------------------- Unauthorized (For checking authorization bypass)
http.status:"403" -------------------------------------------------------------- Forbidden (For checking forbidden bypass)
http.status:"404" -------------------------------------------------------------- Not Found (For checking subdomain takeover)
http.status:"407" -------------------------------------------------------------- Proxy Authentication Required (For checking authenthication bypass)
http.status:"426" -------------------------------------------------------------- Upgrade Required (For checking desync/smuggling attaks)
http.status:"501" -------------------------------------------------------------- Not Implemented (For checking desync/smuggling attaks)
NOTE 1 : You need to enumerate and look for the vulnerabilities. This dorks will not give you the direct hit to vulnerabilities.
NOTE 2 : All the mentioned shodan dorks are from the perspective of bug bounty.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment