Introducing Shodan Monitor: a new website to help you setup network alerts and keep track of what's connected to the Internet - and it's available at no additional cost to members:
10 years ago
@achillean
launched the Shodan website! To celebrate a decade of discovery and growth we're going to offer the membership for $1 (marked down from $49) for the next 24 hours (0:00 UTC to 24:00 UTC):
The offer has officially expired. Thank you again to everybody that has supported us over the years and we're excited about the next 10 years of Shodan :)
We're not running a black friday/ cyber monday special this year. We had a $4 special earlier this year to celebrate reaching 4 million users. If you'd like to get notified of special deals in the future please follow us on social media.
We've added detection for the recent F5 BIG-IP RCE (CVE-2020-5902). If you've configured Shodan Monitor () then you'll automatically get notified if any of your assets are vulnerable
We've added detection for the Citrix vulnerability (CVE-2019-19781). If you've configured Shodan Monitor () then you will automatically get notified if any of your devices are impacted.
Sign-up to Shodan with an academic email address (ex: .edu, .ac.uk) to receive an automatic, free upgrade! Don't have an academic TLD? Email academic
@shodan
.io for a manual upgrade
We added detection for the recent Microsoft Exchange vulnerabilities. If you've configured Shodan Monitor () then you will automatically get a notification.
Shodan Monitor now lets you keep track of services based on a domain name! Simply enter the domain and we discover all subdomains, their IPs and then setup monitoring for them:
The frontpage of our new website is now less than 500 KB. The new website also supports themes (including a dark mode), has an up-to-date list of filters, lets you explore facets and makes it easier to navigate the raw data:
Shodan checks whether a website has a security.txt file and shows it if available. Here's a quick glance at support for the proposed security.txt standard:
Shodan has specialized crawlers that pretend to be infected desktops in order to find command & control servers. Want to help out? Learn more about our Malware Hunter initiative:
The new InternetDB API lets you do fast IP lookups for free without an API key. And you can quickly check if your current IP has open ports exposed to the Internet by running the command:
curl
Did you know that Shodan keeps a full history for every IP it's ever seen on the Internet? You can browse the information using the new website. And we've improved the Raw Data tab so you can minimize sections of data and skip to specific ports:
Shodan keeps a full history for every IP it's ever seen. If you're a member you can see the historical data on the beta website (or API). For example, identify when a service was hit with ransomware:
How many servers are vulnerable to BlueKeep in your country? We've added tracking of BlueKeep, EternalBlue and Heartbleed to the Internet Exposure dashboards:
Want to monitor your public network range and get notified if something unexpected shows up? Check out our private firehose feature available through the API and command-line:
If you purchased the Black Friday sale then you also got a complementary gift code that gives somebody else a free Shodan Membership. Check your account page for the code:
We've added JARM fingerprinting and with it introduce a new "ssl.jarm" property/ filter/ facet. Here's a breakdown of the current values for JARM fingerprints in Shodan: (h/t
@4A4133
and
@SalesforceEng
)
We've updated the Shodan CLI with a new command to help you download all available data for your monitored IPs/ networks. Update the CLI (pip install -U shodan) to get access to this new command:
shodan alert download <filename>
New release of nrich (0.3.0) now supports the output formats ndjson for streaming workflows (ex. pipe to jq) and regular json when you want to create a single JSON object: