rbshodan

A shodan library written in ruby

Installation

$ gem install rbshodan

Usage

require "rbshodan"

client = rbshodan.client.new(key: "YOUR_API_KEY")

shodan search methods
host search

client.host_search("mongodb")
client.host_search("nginx")
client.host_search("apache", after: "1/12/16")
client.host_search("ssh", port: 22, page: 1)
client.host_search("ssh", port: 22, page: 2)
client.host_search("ftp", port: 21, facets: { link: "Ethernet or modem" })

Host Information

Returns all services that have been found on the given host IP.

client.host("0.0.0.0")                
client.host("0.0.0.0", history: true) 
client.host("0.0.0.0", minify: true)

Host Search

Search Shodan using the same query syntax as the website and use facets to get summary information for different properties.

client.host_search("mongodb")
client.host_search("nginx")
client.host_search("apache", after: "1/12/16")
client.host_search("ssh", port: 22, page: 1)
client.host_search("ssh", port: 22, page: 2)
client.host_search("ftp", port: 21, facets: { link: "Ethernet or modem" })

Scan Targets

Use this method to request Shodan to crawl an IP or netblock.

client.scan("0.0.0.0")

Crawl Internet for Port

Use this method to request Shodan to crawl the Internet for a specific port.

This method is restricted to security researchers and companies with a Shodan Data license. To apply for access to this method as a researcher, please email [email protected] with information about your project. Access is restricted to prevent abuse.

client.crawl_for(port: 80, protocol: "http")

List Community Queries

Use this method to obtain a list of search queries that users have saved in Shodan.

client.community_queries
client.community_queries(page: 2)
client.community_queries(sort: "votes")
client.community_queries(sort: "votes", page: 2)
client.community_queries(order: "asc")
client.community_queries(order: "desc")

DNS Lookup

Look up the IP address for the provided list of hostnames.

client.resolve("google.com")
client.resolve("google.com", "bing.com")

Reverse DNS Lookup

Look up the hostnames that have been defined for the given list of IP addresses.

client.reverse_lookup("74.125.227.230")
client.reverse_lookup("74.125.227.230", "204.79.197.200")

HTTP Headers

Shows the HTTP headers that your client sends when connecting to a webserver.

client.http_headers

Your IP Address

Get your current IP address as seen from the Internet.

client.my_ip

Honeypot Score

Calculates a honeypot probability score ranging from 0 (not a honeypot) to 1.0 (is a honeypot).

client.honeypot_score('0.0.0.0')

Banners Filtered by ASN

This stream provides a filtered, bandwidth-saving view of the Banners stream in case you are only interested in devices located in certain ASNs.

client.banners_within_asns(3303, 32475) do |data|
  # do something with banner data
  puts data
end

Banners Filtered by Country

This stream provides a filtered, bandwidth-saving view of the Banners stream in case you are only interested in devices located in certain countries.

client.banners_within_countries("DE", "US", "JP") do |data|
  # do something with banner data
  puts data
end

Banners Filtered by Ports

Only returns banner data for the list of specified ports. This stream provides a filtered, bandwidth-saving view of the Banners stream in case you are only interested in a specific list of ports.

client.banners_on_ports(21, 22, 80) do |data|
  # do something with banner data
  puts data
end

Banners by Network Alerts

Subscribe to banners discovered on all IP ranges described in the network alerts.

client.alerts do |data|
  # do something with banner data
  puts data
end

Banner Filtered by Alert ID

Subscribe to banners discovered on the IP range defined in a specific network alert.

client.alert("HKVGAIRWD79Z7W2T") do |data|
  # do something with banner data
  puts data
end

Exploits

Search

Search across a variety of data sources for exploits and use facets to get summary information.

client.exploits_api.search("python")             # Search for python vulns.
client.exploits_api.search(port: 22)             # Port number for the affected service if the exploit is remote.
client.exploits_api.search(type: "shellcode")    # A category of exploit to search for.
client.exploits_api.search(osvdb: "100007")      # Open Source Vulnerability Database ID for the exploit.

Count

This method behaves identical to the Exploits API search method with the difference that it doesn't return any results.

client.exploits_api.count("python")             # Count python vulns.
client.exploits_api.count(port: 22)             # Port number for the affected service if the exploit is remote.
client.exploits_api.count(type: "shellcode")    # A category of exploit to search for.
client.exploits_api.count(osvdb: "100007")      # Open Source Vulnerability Database ID for the exploit.

krishpranav / rbshodan Goto Github PK

rbshodan's Introduction