Scribd
Upload
684 views7 pages

Shodan Dorking

The document provides information on Shodan Dorking, which is used to search for specific internet-connected devices using the Shodan search engine. It lists different search parameters that can be used for Shodan dorks, including HTTP headers, ports, and IP addresses. It also provides examples of commands that can be used with the Shodan CLI search tool to perform searches, create alerts, and filter results.

Uploaded by

Tsu Tsu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
684 views7 pages

Shodan Dorking

The document provides information on Shodan Dorking, which is used to search for specific internet-connected devices using the Shodan search engine. It lists different search parameters that can be used for Shodan dorks, including HTTP headers, ports, and IP addresses. It also provides examples of commands that can be used with the Shodan CLI search tool to perform searches, create alerts, and filter results.

Uploaded by

Tsu Tsu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 7

SHODAN

DORKING
THE THREE EYE
RAVEN

VIEH GROUP
Shodan Dorking
The Three Eye Raven

Shodan Dorking (Web)


org:”target.com”

p
http.status:”<status_code>”
ou
product:”<Product_Name>”
gr

port:<Port_Number> “Service_Message”

port:<Port_Number> “Service_Name”
eh

http.component:”<Component_Name>”

http.component_category:”<Component_
vi

Category>”
@

http.waf:”<firewall_name>”

http.html:”<Name>”

http.title:”<Title_Name>”
Social Media: viehgroup www.viehgroup.com support@viehgroup.com
ssl.alpn:”<Protocol>”

http.favicon.hash:”<Favicon_Hash>”

net:”<Net_Range>” (for e.g. 104.16.100.52/32)

ssl.cert.subject.cn:”<Domain.com>”

asn:”<ASnumber>”

p
hostname:”<hostname>”

ou
ip:”<IP_Address>”

all:”<Keyword>”
gr
“Set-Cookie: phpMyAdmin”
eh

“Set-Cookie: lang=”

“Set-Cookie: PHPSESSID”
vi

“Set-Cookie: webvpn”
@

“Set-Cookie:webvpnlogin=1”

“Set-Cookie: mongo-express=”

“Set-Cookie: user_id=”

“Set-Cookie: phpMyAdmin=”

Social Media: viehgroup www.viehgroup.com support@viehgroup.com


“Set-Cookie: _gitlab_session”

“X-elastic-product: Elasticsearch”

“x-drupal-cache”

“access-control-allow-origin”

p
“WWW-Authenticate”

ou
“ X-Magento-Cache-Debug”
gr
“kbn-name: kibana”

“X-App-Name: kibana”
eh

“x-jenkins”
vi

URLs for Shodan Dorks (Web)


@

1. http.html
https://gist.github.com/JerryShah3/8
e25ecfeb9fa88784aa274d97b3cf86f

2. http.title
https://gist.github.com/JerryShah3/c
cd9c8bd7eafa52b69f5a76917eec074

Social Media: viehgroup www.viehgroup.com support@viehgroup.com


1. http.html
https://gist.github.com/JerryShah3/8
e25ecfeb9fa88784aa274d97b3cf86f

2. http.title
https://gist.github.com/JerryShah3/c

p
cd9c8bd7eafa52b69f5a76917eec074

ou
3. http.status
https://gist.github.com/JerryShah3/e
4018ecce48eefcb8e02ebadf9468ae8
gr
4. port
eh

https://gist.github.com/JerryShah3/7
c5cb2f25ceb3e522bfdfd0f9a68f6bb

5. http.favicon.hash
vi

https://gist.github.com/JerryShah3/9
eb4189b9b450d32c229b9c0cfbe398
@

6. http.component
https://gist.github.com/JerryShah3/9
5d3a1baf2d29973286effb491684297

Social Media: viehgroup www.viehgroup.com support@viehgroup.com


7. http.component_category
https://gist.github.com/JerryShah3/71
bbbd368af846304e8588747984663b

8. http.waf
https://gist.github.com/JerryShah3/d
b7e47d1497d64e80c841961f3fb48b3

p
9. ssl.alpn

ou https://gist.github.com/JerryShah3/9
1c9fc5116bd58d3f92a454cb544b4f3
gr
10. product
https://gist.github.com/JerryShah3/82
eh

346509de0208cf0d932e92bf20f0db

Shodan Dorking (CLI)


vi

shodan host <IP>


@

shodan stats — facets port,org ssh

shodan domain <domain-name>

shodan alert create “HackerOne”


104.16.100.52 (It will create an alert for
the IP and will also provide an alert ID)
Social Media: viehgroup www.viehgroup.com support@viehgroup.com
shodan stats --facets org discourse

shodan download --limit -1 <filename>


‘title:”IBM”’

shodan parse --fields ip_str,port,org --


separator , filename.json.gz (to see the

p
downloaded file contents by filtering it)

ou
shodan domain hackerone.com

shodan honeyscore IP
gr
shodan alert create “HackerOne”
eh

104.16.100.52 (It will create an alert for


the IP and will also provide an alert ID)

shodan alert create “Hyatt Hotels”


vi

140.95.0.0/16
@

shodan alert enable <alert ID>

new_service,open_database,vulnerable,s
sl_expired,internet_scanner,uncommon

shodan alert hackerone.com

Social Media: viehgroup www.viehgroup.com support@viehgroup.com

You might also like