Archiv für März 2026

You have a long list of IPs and you quickly want to get a basic idea of what they’re running for the purpose of:

Make sure they’re not exposing any unexpected services
Filter out VPN IPs from a list of IOCs
Prioritize IPs that have possible vulnerabilities

Introducing nrich, a

Shodan is turning 13 years old later this year and throughout that time we’ve kept an archive of all information we’ve ever seen. The regular search engine only shows recent information but we provide various methods for accessing Shodan’s historical data:

IP information page
Command-line interface
API
Shodan Trends

The

We’ve recently decided to stop accepting cryptocurrency payments (again) and I wanted to share some of the issues we encountered.

Background

Shodan is a website aimed at technical users and organizations. We have nearly 5 million registered users which makes Shodan one of the larger security-related websites. Around 8 years

As a quick recap, Shodan Trends is a website that lets you see how the Internet has changed over time. For example, you can use it to see how exposed industrial control systems have been over the years:

Up until now, the only option to download the information was to

A few notable usability improvements to the IP information page:

Web Technologies

Web technologies are now grouped by categories and we show version information (if available). The information was always grouped in the underlying JSON and we now also show it that way on the website. Learn more about the

Favicons are the small icons that you see in the browser tab next to the website title or in your bookmarks. For example, the Shodan logo on the left side of the browser tab is the favicon:

They typically contain the logo of the company which gives them 2 functions:

There are many ways to track command & control servers from bad guys but they often rely on looking for indicators in the service metadata (ex. certificate information). Around a decade ago we developed a novel technique to proactively find the infrastructure: Malware Hunter. Malware Hunter finds command & control

Here are some of the free services that Shodan provides that don’t require any payment, don’t require a Shodan account and don’t require an API key:

1. Vulnerability Information

https://cvedb.shodan.io

The CVEDB website lets you explore known vulnerabilities and provides a free API to quickly get vulnerability

A prolific data ransom gang that calls itself Scattered Lapsus ShinyHunters (SLSH) has a distinctive playbook when it seeks to extort payment from victim firms: Harassing, threatening and even swatting executives and their families, all while notifying journalists and regulators… Read More »

Microsoft today released updates to fix more than 50 security holes in its Windows operating systems and other software, including patches for a whopping six „zero-day“ vulnerabilities that attackers are already exploiting in the wild.