SHODAN (Sentient Hyper Optimised Data Access Network)
Shodan is the search engine for everything on the internet. While Google and other search engine index only the web, Shodan indexes pretty much everything else-web cams, water treatment facilities, medical devices, traffic lights, smart TV’s, refrigerators, anything and everything you could possibly imagine that’s plugged into the internet. Shodan is a search engine that lets the user find specific types of computers (webcams, routers, servers etc.) connected to the internet using a variety of filters. It collects data mostly on web servers (HTTP/HTTPS) as well as FTP, SSH, SNMP, IMAP, SMTP, SIP and RTSP.
Shodan was created by John Matherly in 2009. It was originally conceived as a way for companies to find competitor’s products connected to the internet. Instead, it’s become crucial tool for security researchers, academics, law enforcement and hackers looking for devices that shouldn’t be on the internet or devices that are vulnerable to being hacked.
Anyone can use Shodan by signing up for free account, which gets you 10 results per search. Shodan works by cataloging automatic responses issued by any connected computer known as banners. Banners contain a variety of data about the computer or service. Sometimes, it even includes the default password for a device or server, which means Shodan users can simply search “default password” and quickly have the keys to vulnerable devices.
Shodan can be use to improve enterprise security as Vulnerability Detection, Cybersecurity Awareness, Shodan API use, Result Mapping, Exploit Tracking etc.