Assess Internet Exposure with Shodan and cnspec
Use cnspec with Shodan to discover internet-facing services and open ports
Rely on cnspec to query Shodan search results for your hosts, revealing internet-facing services, open ports, and potential vulnerabilities across your infrastructure.
Prerequisites
To scan with Shodan using cnspec, you must have:
- cnspec installed on your workstation
- A Shodan account with an API key
Give cnspec access to Shodan
Set your Shodan API key as an environment variable:
export SHODAN_API_TOKEN="your-api-key"To retrieve your API key, go to your Shodan Account Overview.
Scan a host with Shodan
To scan a host:
cnspec scan shodan --targets HOSTFor HOST, substitute the domain name or IP address. For example:
cnspec scan shodan --targets example.comQuery Shodan interactively
To open an interactive shell for exploring Shodan data:
cnspec shell shodan --targets example.comExample queries
This query lists open ports on the host:
cnspec> shodan.host.ports
shodan.host.ports: [80, 443, 8080]This query retrieves the organization associated with the host:
cnspec> shodan.host.org
shodan.host.org: "Example Corp"Exit the cnspec shell
To exit the cnspec shell, either press Ctrl + D or type exit.
Learn more
-
To learn more about how the MQL query language works, read Write Effective MQL.
-
For a list of all the Shodan resources and fields you can query, read the Shodan Resource Pack Reference.
-
To continuously monitor hosts with Shodan through Mondoo Platform, read Secure a Host with Shodan.