https://appsec.fyi/tools.html#shodan Curated Shodan resources from appsec.fyi en-us Sun, 07 Jun 2026 04:05:35 +0000 carl@chs.us (Carl Sampson) https://securityboulevard.com/2026/05/30-cybersecurity-search-engines-every-researcher-should-bookmark/ https://securityboulevard.com/2026/05/30-cybersecurity-search-engines-every-researcher-should-bookmark/ This article highlights 30 essential cybersecurity search engines for researchers. These specialized tools offer unique functionalities beyond general search engines, aiding in tasks like threat intelligence gathering, vulnerability discovery, and network reconnaissance. By leveraging these resources, cybersecurity professionals can more effectively identify and analyze potential risks, improving their overall defensive strategies and understanding of the digital threat landscape. Shodan beginner Tue, 26 May 2026 05:19:19 +0000 https://www.intigriti.com/researchers/blog/hacking-tools/complete-guide-to-finding-more-vulnerabilities-with-shodan-and-censys https://www.intigriti.com/researchers/blog/hacking-tools/complete-guide-to-finding-more-vulnerabilities-with-shodan-and-censys Guide for beginners on utilizing Shodan and Censys for vulnerability discovery, focusing on reconnaissance techniques. It details how to use specific search operators like `org`, `asn`, `http.status`, `ssl.cert.subject.CN`, `http.favicon.hash`, and `http.html` to identify exposed hosts, forgotten assets via expired certificates, and authentication panels. The guide also explains filtering by technologies such as PHP and finding directory listings. Shodan beginner Wed, 22 Apr 2026 12:52:03 +0000 https://medium.com/@himadrisingh061/beyond-google-navigating-the-hidden-internet-with-shodan-and-censys-2cf5015f1b57 https://medium.com/@himadrisingh061/beyond-google-navigating-the-hidden-internet-with-shodan-and-censys-2cf5015f1b57 Beyond Google: Navigating the Hidden Internet with Shodan and Censys Shodan beginner Fri, 17 Apr 2026 14:35:49 +0000 https://github.com/KTZgraph/sarenka https://github.com/KTZgraph/sarenka Tool for OSINT and attack surface discovery, SARENKA gathers information from Shodan, Censys, and Criminal IP, mapping CVEs to CWEs. It also retrieves local machine data, including installed software and network information, alongside utilities for hash calculation, Shannon entropy, and port scanning. Future plans include more cryptography tools and reconnaissance scripts. Shodan intermediate Fri, 17 Apr 2026 14:35:46 +0000 https://x.com/NullSecurityX/status/1969813993922715942 https://x.com/NullSecurityX/status/1969813993922715942 A zero-day vulnerability in Flask 3.1.1 related to SSRF was exposed through a Shodan dork, revealing 500+ potential targets. A proof of concept (PoC) for this vulnerability (CWE-918) was shared. The full article and a video demonstrating the issue were provided. The disclosure was done responsibly, and a defensive demo was included. The content emphasizes information security, vulnerability, SSRF, and Bug Bounty programs. The details can be found at nullsecurityx.codes/ssrf-vulnerabi and the video is available on YouTube. Shodan news Sun, 21 Sep 2025 17:48:32 +0000 https://x.com/NullSecurityX/status/1969808626190626826 https://x.com/NullSecurityX/status/1969808626190626826 A new video exposes a Flask 3.1.1 SSRF Zero-Day vulnerability using a Shodan dork that revealed 500+ targets with a 0day Proof of Concept (CWE-918). The content emphasizes responsible disclosure and includes a defensive demo. The video can be watched on YouTube. The focus is on information security, vulnerability, SSRF, and Bug Bounty programs. Shodan news Sun, 21 Sep 2025 17:48:32 +0000 https://x.com/NullSecurityX/status/1969708397873258604 https://x.com/NullSecurityX/status/1969708397873258604 A video premiering tonight at 8:00 PM showcases a Flask 3.1.1 SSRF Zero-Day vulnerability (CWE-918). The content includes a demonstration of discovering 500 potential targets using Shodan dork. Viewers are encouraged to turn on notifications to not miss the premiere. The video link is provided for watching. The focus is on Bug Bounty, Cybersecurity, and SSRF. Shodan news Sun, 21 Sep 2025 10:48:30 +0000 https://osintteam.blog/10-rare-and-worthy-websites-and-services-for-security-professionals-de9eefbd94e5 https://osintteam.blog/10-rare-and-worthy-websites-and-services-for-security-professionals-de9eefbd94e5 While platforms like Shodan, OWASP, and VirusTotal are staples for security professionals, there are many lesser-known websites and services that offer equally valuable tools and resources. These… Shodan beginner Fri, 04 Apr 2025 04:16:47 +0000 https://shubhamrooter.medium.com/introducing-shodanspider-v2-your-ultimate-free-tool-for-cve-searching-and-shodan-data-analysis-ba7c7b3097b0 https://shubhamrooter.medium.com/introducing-shodanspider-v2-your-ultimate-free-tool-for-cve-searching-and-shodan-data-analysis-ba7c7b3097b0 In today’s fast-paced cybersecurity world, staying ahead of vulnerabilities is critical. ShodanSpider v2 takes your security research to… Shodan news Sat, 14 Dec 2024 02:10:16 +0000