Shodan 1.3.2
- 03 Feb 2023
- 1 Minute to read
- DarkLight
- PDF
Shodan 1.3.2
- Updated on 03 Feb 2023
- 1 Minute to read
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
tags: python | cli | ip | enrichment | adaptive card
Description
Integration with Shodan is created to support CDC users, by providing the enrichments for a specific IP address to get all information about the IP,
This includes information such as which ports the IP has open, what SSL/ TLS versions it supports, which country it's located in, what web technologies the website uses, DNS, domain, vulnerabilities and more. This all enables CDC users to make informed decisions regarding incident response.
Shodan provides a comprehensive IP enrichment across the internet by crawling the entire internet every week to give you a truly global perspective. We use custom adaptive cards to display data such as open ports, vulnerabilities, web technologies, and more in a meaningful intuitive GUI, to facilitate easy understanding of complex enriched data about the IP.
| Integration Type: | Threat Intelligence Enrichment |
| Information enriched: | Vulnerabilities, Open ports, web technologies and other details related to the IP Address |
| API Supported: | API V1.0.0 |
| Input: | IP Address to be enriched |
| Output: | Detailed enrichment consisting of IP details, vulnerabilities, web technologies, and more. |
Customer Configuration
No customer configuration
CDC Command Lines
* **get_ip_details_cli**
CLI of the CDC, of get-ip-details in the CDC message thread.
| Option | Type | Description | Required |
|---|---|---|---|
| ip | string | IP to search. | True |
| minify | boolean | True to only return the list of ports and the general host information. The default is False. | False |
Workflows
* **post_get_ip_details**
Post get-ip-details in the CDC, by the ID of the incident/message/channel.
Rules
No rules
Sensors
No sensors
Triggers
No triggers
Known Issues
No known issues
Was this article helpful?