Does this skill require a Shodan account?

Yes, you need a Shodan account (free or paid) and a valid API key to perform searches, scans, and data exports.

Can I use this for active scanning?

Yes, the skill provides detailed instructions for on-demand scanning using the 'shodan scan submit' command, though this consumes scan credits.

How do I find specific vulnerabilities like BlueKeep?

You can use specific vulnerability filters such as 'vuln:CVE-2019-0708' combined with port filters to locate potentially affected systems.

Is Shodan reconnaissance legal?

Passive reconnaissance using Shodan's indexed data is generally legal for security research, but you must have explicit authorization before performing active scans or attempting to access any systems.

What is the difference between a query credit and a scan credit?

Query credits are used to download data or perform filtered searches, while scan credits are used to trigger Shodan to scan a specific IP address in real-time.

Shodan Reconnaissance and Pentesting

Name: Shodan Reconnaissance and Pentesting
Author: claudiodearaujo

byclaudiodearaujo

0•

Security & Testing

Conducts advanced network reconnaissance and vulnerability discovery using the Shodan search engine and API.

This skill provides a comprehensive methodology for leveraging Shodan to identify exposed services, vulnerable systems, and IoT devices across the internet. It equips users with structured workflows for using the Shodan CLI, complex search filters, and the REST API to perform asset inventory, vulnerability reporting, and network mapping. Whether you are performing passive reconnaissance or active security audits, this skill helps streamline the process of finding exposed databases, insecure ports, and outdated software versions.

Key Features

01On-demand network scanning and real-time monitoring configuration

020 GitHub stars

03Structured data extraction and reporting in JSON and CSV formats

04Advanced search filter implementation for targeted device and service discovery

05Vulnerability detection through specific CVE-based queries and product versioning

06Automated reconnaissance workflows via Shodan CLI and Python API integration

Use Cases

01Identifying vulnerable IoT devices and industrial control systems across specific geographic regions

02Performing passive reconnaissance on organizational infrastructure to identify attack surfaces

03Auditing enterprise networks for exposed databases like MongoDB or Redis with no authentication

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add claudiodearaujo/sistema-de-narra-o-de-livro-front shodan-reconnaissance

For use in Claude.ai and ChatGPT

Download Skill

Key Features

01On-demand network scanning and real-time monitoring configuration

020 GitHub stars

03Structured data extraction and reporting in JSON and CSV formats

04Advanced search filter implementation for targeted device and service discovery

05Vulnerability detection through specific CVE-based queries and product versioning

06Automated reconnaissance workflows via Shodan CLI and Python API integration

Use Cases

01Identifying vulnerable IoT devices and industrial control systems across specific geographic regions

02Performing passive reconnaissance on organizational infrastructure to identify attack surfaces

03Auditing enterprise networks for exposed databases like MongoDB or Redis with no authentication

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add claudiodearaujo/sistema-de-narra-o-de-livro-front shodan-reconnaissance

For use in Claude.ai and ChatGPT

Download Skill