steampipe plugin install shodan

Table: shodan_scan - Query Shodan Scan using SQL

Shodan is a search engine that lets the user find specific types of computers (webcams, routers, servers, etc.) connected to the internet using a variety of filters. Shodan Scan is a feature of the Shodan platform that allows users to scan an IP/ netblock. It provides detailed information about the services running on the devices and their vulnerabilities.

Table Usage Guide

The shodan_scan table provides insights into individual scans performed on the Shodan platform. As a security analyst, you can explore scan-specific details through this table, including IP addresses, hostnames, and associated metadata. Utilize it to uncover information about the services running on the devices, their vulnerabilities, and to monitor the security of your network infrastructure.

Examples

List the scans

Uncover the details of all the completed network scans to analyze potential vulnerabilities or security threats. This is useful in maintaining the security posture of your network and proactively addressing potential risks.

select
*
from
shodan_scan;
select
*
from
shodan_scan;

List scans that are not complete

Determine the areas in which scans are still in progress or have not been completed, allowing for improved tracking and management of scanning operations.

select
*
from
shodan_scan
where
status != 'DONE';
select
*
from
shodan_scan
where
status != 'DONE';

Schema for shodan_scan

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
createdtimestamp with time zoneTime when the scan was created.
credits_leftbigintCredits left after this scan.
idtextUnique identifier of the scan.
sizebigintSize of the scan.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
statustextStatus of the scan.
status_checktimestamp with time zoneStatus check for the scan.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- shodan

You can pass the configuration to the command with the --config argument:

steampipe_export_shodan --config '<your_config>' shodan_scan