Skip to content

Instantly share code, notes, and snippets.

View achillean's full-sized avatar

John Matherly achillean

556 followers · 4 following
View GitHub Profile
@achillean
achillean / gist:5128200
Created March 10, 2013 11:14
Shodan macro for Google Spreadsheets. To use this go to Tools -> Script Editor, then copy/ paste the code. In the spreadsheet you can then do =SHODAN("cisco-ios")
/**
* Search the Shodan database using the given query. Returns the number of matches.
*/
function SHODAN(query) {
var API_KEY = 'YOUR API KEY';
var url = 'http://www.shodanhq.com/api/count?key=' + API_KEY + '&q=' + query;
var response = UrlFetchApp.fetch(url);
var data = Utilities.jsonParse(response.getContentText());
@achillean
achillean / export-hosts.py
Created December 9, 2015 02:26
Read a Shodan JSON file and print out the full host information.
#!/usr/bin/env python
#
# export_hosts.py <export.json.gz>
#
import gzip
import shodan
import simplejson
import sys
@achillean
achillean / subs.cr
Created August 18, 2020 19:19
Subdomain Discovery in Crystal
require "shodan"
module Subs
VERSION = "0.1.0"
# Basic input validation
if ARGV.size != 2
puts "Usage: subs <api key> <domain>"
exit
end
@achillean
achillean / dlink-products.csv
Created June 30, 2016 20:35
Ranking of D-Link Products Sold (source: https://www.shodan.io)
@achillean
achillean / hacking-team-c2.json
Created March 1, 2016 02:10
Hacking Team C2 History: 212.71.254.212
{
"region_code": null,
"ip": 3561488084,
"area_code": null,
"latitude": 51.5,
"hostnames": ["li635-212.members.linode.com"],
"postal_code": null,
"dma_code": null,
"country_code": "GB",
"org": "Linode",
@achillean
achillean / roku-apps.csv
Last active April 26, 2021 21:00
Ranking of Most Popular Roku Apps based on Shodan (https://www.shodan.io)
Netflix 863
Roku Home News 767
Amazon Video 733
Movie Store and TV Store 717
Hulu 694
HBO Now 683
Showtime 678
VUDU 633
Pandora 569
YouTube 550
@achillean
achillean / roku-apps-versions.csv
Created July 27, 2015 02:51
List of Installed Roku channels
Al Jazeera English 0.0.0 4
Always Summer 1.0.1 2
planeta iptv 1.1.2 8
Skitter TV 2.5.0 4
Andrew Wommack Ministries 1.0.1 1
Syfy 1.0.24 187
Oikos Church 1.0.1 1
ctn 45 tv 1.0.2 1
Target Ticket 1.0.3708 422
Target Ticket 1.0.3707 4
@achillean
achillean / ssl-duplicate-serials.py
Created February 17, 2015 23:38
Get a list of duplicate SSL serial numbers.
#!/usr/bin/env python
import shodan
API_KEY = 'YOUR API KEY'
api = shodan.Shodan(API_KEY)
results = api.count('port:443,8443', facets=[('ssl.cert.serial', 100)])
for facet in results['facets']['ssl.cert.serial']:
@achillean
achillean / threatnet-stream.py
Created January 7, 2015 19:22
How to read events from the Threatnet stream. Note: make sure you have the latest version of the Shodan Python library installed (>=1.2.3).
import shodan.threatnet
# Configuration
API_KEY = "Please enter your API key here"
# Create the object that interfaces with the Threatnet API
tnet = shodan.threatnet.Threatnet(API_KEY)
# Get a stream of events and print them to stdout
for event in tnet.stream.events():
@achillean
achillean / shodan-stream.py
Created June 12, 2014 23:43
Basic code template for accessing the Shodan Streaming API using Python
#!/usr/bin/env python
#
# shodan-stream.py
# Read a firehose/ stream of 1% of the data that Shodan collects in real-time.
#
# WARNING: This script only works with people that have a subscription API plan!
# And by default the Streaming API only returns 1% of the data that Shodan gathers.
# If you wish to have more access please contact us at support@shodan.io for pricing
# information.
#