Shodan is the best search engine for Internet devices. This tool is capable of identifying almost all devices that have internet connections. Devices may range from IP cameras to smart Refrigerators. Shodan is available in both - web and command-line interfaces. For the web interface, you just need a web browser while to access the command-line interface, you need to install python on the system.

How Shodan Works?

Shodan scans all IPs and open ports to identify devices on the internet. This tool indexes the devices just like a web search engine (e.g. Google, Yahoo) indexes web content. On searching a particular device, it will show all relevant details available. Basically, it will scan all devices available on the internet and parsing the found banners.

Basic Usage

Just open a web browser and enter url https://shodan.io.

Now just type which device you want to search. Suppose, I am looking for an ipcamera. Just type ipcamera in the search box.

Now Just click on any IP, it will show details related to general information (e.g. hostname, ISP, cloud details, etc.), open ports, and responses against open ports.

The tool also shows known vulnerabilities with CVE details.

Advanced Usage

You can use advanced search operators and a combination of those search operators to filter desired information related to the target. Here is the list of search operators that may be used in combination to get desired results.

(1) country:

You can search specific results based on a particular country.

country:"US" ipcamera

(2) city:

You can search devices based in a specific city.

city:"NewYork" ipcamera

(3) hostname:

You can search specific results based on a particular hostname.

hostname:"google"

(4) net:

You can search results based on IP addresses

net:212.312.0.0/16 ipcamera

(5) port:

Search devices with specific open ports

port:8081 ipcamera

(6) before/after:

This search operator identify results based on a mentioned date

ipcamera after:09/02/2014 before:12/12/2013

(7) os:

Find devices based on a particular operating system

scada os:"Windows XP"

(8) geo:

geo:"29.913205,23.232133"

Summary

Shodan is very helpful in identifying public-facing internet information of devices by grabbing banners. This tool is mostly used in searching misconfigured IoT devices.

I have just covered the tip of the iceberg. If you are more interested in learning this tool, I will recommend to search more material on Google and keep updated with #shodan on Twitter.