Shodan


Overview

  • Most data for Shodan comes from:
    • Banners- information held about software that is on a device
      • The services that are ran on devices are what Shodan collects data on
  • Shodan’s objective: give a full perspective of the Internet
  • Information gained from Shodan:
    • Network Security- watches all devices that have access to the internet in your company
    • Market Research- products that are trending for consumer usage
    • Cyber Risk- gives entail on online weaknesses to your company
    • IoT- analyzes the increasing trends of smart device usage
    • Tracking Ransomware- tracks how many devices have been affected by ransomware

Collection Strategy:

  • Shodan data was collected using a customized API and Python Script.
  • The application Postman was used to generate a client API call and dump the response into a JSON format:
    Shodan collection through Postman
  • This approach was taken to test the API call and determine if the data received was relevant before creating an automated method of data collection.
  • A customized Python script was created to automate the API call and convert the JSON response into a CSV file for analysis:
    Shodan Python Script
  • The script was created so that the API could be called programmatically each day to collect the data set and store into an AWS S3 bucket.

Summary Statistics:

  • Records Collected: Over 1,500 records collected per data set
  • Coverage Dates: January 2012 to April 2022

Sample Data:

  • Link