So, Today in this blog i will going to talk about Shodan Eye. This tool collects all the information about all devices directly connected to the internet using the specified keywords that you enter.
so, first of all we know what is kali linux ? what is Shodan & Shodan Eye ? Requirements ? Installing and Run ?
What is Kali linux ?
Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is maintained and funded by Offensive Security Ltd.
Kali Linux has over 600[ preinstalled penetration-testing programs, including Armitage (a graphical cyber attack management tool), Nmap (a port scanner), Wireshark (a packet analyzer), John the Ripper password cracker, Aircrack-ng (a software suite for penetration-testing wireless LANs), Burp suite and OWASP ZAP web application security scanners. Shodan Eye
Shodan
Shodan is a search engine that lets the user find specific types of computers (webcams, routers, servers, etc.) connected to the internet using a variety of filters. Some have also described it as a search engine of service banners, which are metadata that the server sends back to the client. This can be information about the server software, what options the service supports, a welcome message or anything else that the client can find out before interacting with the server. Shodan Eye Gathering information about connecting devices on the Internet
Shodan collects data mostly on web servers (HTTP/HTTPS - port 80, 8080, 443, 8443), as well as FTP (port 21), SSH (port 22), Telnet (port 23), SNMP (port 161), IMAP (ports 143, or (encrypted) 993), SMTP (port 25), SIP (port 5060),and Real Time Streaming Protocol (RTSP, port 554). The latter can be used to access webcams and their video stream.
It was launched in 2009 by computer programmer John Matherly, who, in 2003,[4] conceived the idea of searching devices linked to the Internet.[5] The name Shodan is a reference to SHODAN, a character from the System Shock video game series.
Shodan Eye
This tool collects all information about all devices that are directly connected to the internet with the specified keywords that you enter. This way you get a complete overview.
The types of devices that are indexed can vary enormously: from small desktops, refrigerators to nuclear power plants and everything in between. You can find everything using "your own" specified keywords. Examples can be found in a file that is attached:
The information obtained with this tool can be applied in many areas, a small example:
* ) Network security, keep an eye on all devices in your company or at home that
are confronted with internet.
* ) Vulnerabilities. And so much more.
Is a search engine that lets the user find specific types of computers (webcams, routers, servers, etc.) connected to the internet using a variety of filters. Some have also described it as a search engine of service banners, which are metadata that the server sends back to the client.
What is the difference between Google or another search engine:
The most fundamental difference is that Shodan Eye crawls on the internet, Google on the World Wide Web. However, the devices that support the World Wide Web are only a small part of what is actually connected to the Internet.
For additional data gathering, you can enter a Shodan API key when prompted. A Shodan API key can be found here: https://account.shodan.io/register .
Installation & Run
Install Shodan Eye on Linux:
Step 1 :- git clone https://github.com/BullsEye0/shodan-eye.git
Step 2 :- cd shodan-eye
Step 3 :- pip install -r requirements.txt
Run
python shodan-eye
(You will be asked for a Shodan API key)
Disclaimer
This was written for educational purpose and pentest only.The author will not be responsible for any damage ..!
The author of this tool is not responsible for any misuse of the information.
You will not misuse the information to gain unauthorized access.
This information shall only be used to expand knowledge and not for causing malicious or damaging attacks. Performing any hacks without written permission is illegal ..!
All video’s and tutorials are for informational and educational purposes only. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. We believe that it is impossible to defend yourself from hackers without knowing how hacking is done. The tutorials and videos provided on www.hackingtruth.in is only for those who are interested to learn about Ethical Hacking, Security, Penetration Testing and malware analysis. Hacking tutorials is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used.
All tutorials and videos have been made using our own routers, servers, websites and other resources, they do not contain any illegal activity. We do not promote, encourage, support or excite any illegal activity or hacking without written permission in general. We want to raise security awareness and inform our readers on how to prevent themselves from being a victim of hackers. If you plan to use the information for illegal purposes, please leave this website now. We cannot be held responsible for any misuse of the given information.
- Hacking Truth by Kumar Atul Jaiswal
