Table: shodan_scan - Query Shodan Scan using SQL
Shodan is a search engine that lets the user find specific types of computers (webcams, routers, servers, etc.) connected to the internet using a variety of filters. Shodan Scan is a feature of the Shodan platform that allows users to scan an IP/ netblock. It provides detailed information about the services running on the devices and their vulnerabilities.
Table Usage Guide
The shodan_scan
table provides insights into individual scans performed on the Shodan platform. As a security analyst, you can explore scan-specific details through this table, including IP addresses, hostnames, and associated metadata. Utilize it to uncover information about the services running on the devices, their vulnerabilities, and to monitor the security of your network infrastructure.
Examples
List the scans
Uncover the details of all the completed network scans to analyze potential vulnerabilities or security threats. This is useful in maintaining the security posture of your network and proactively addressing potential risks.
select *from shodan_scan;
select *from shodan_scan;
List scans that are not complete
Determine the areas in which scans are still in progress or have not been completed, allowing for improved tracking and management of scanning operations.
select *from shodan_scanwhere status != 'DONE';
select *from shodan_scanwhere status != 'DONE';
Schema for shodan_scan
Name | Type | Operators | Description |
---|---|---|---|
_ctx | jsonb | Steampipe context in JSON form. | |
created | timestamp with time zone | Time when the scan was created. | |
credits_left | bigint | Credits left after this scan. | |
id | text | Unique identifier of the scan. | |
size | bigint | Size of the scan. | |
sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
sp_ctx | jsonb | Steampipe context in JSON form. | |
status | text | Status of the scan. | |
status_check | timestamp with time zone | Status check for the scan. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh
script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- shodan
You can pass the configuration to the command with the --config
argument:
steampipe_export_shodan --config '<your_config>' shodan_scan