Skip to content

Instantly share code, notes, and snippets.

View elbasha751's full-sized avatar

elbasha751

24 followers · 177 following
View GitHub Profile
@jh00nbr
jh00nbr / Routeh
Created March 1, 2015 16:59
#!/usr/bin/env python
# -*- coding: utf-8 -*-
# _ _
# ___ ___ _ _| |_ ___| |_
# | _| . | | | _| -_| |
# |_| |___|___|_| |___|_|_|
#
# Page: www.facebook.com/InurlBrasil
# Blog: blog.inurl.com.br
@achillean
achillean / ssl-duplicate-serials.py
Created February 17, 2015 23:38
Get a list of duplicate SSL serial numbers.
#!/usr/bin/env python
import shodan
API_KEY = 'YOUR API KEY'
api = shodan.Shodan(API_KEY)
results = api.count('port:443,8443', facets=[('ssl.cert.serial', 100)])
for facet in results['facets']['ssl.cert.serial']:
@achillean
achillean / ssh-fingerprints.csv
Created February 17, 2015 20:11
Top 1,000 Duplicate SSH Fingerprints on the Internet
dc:14:de:8e:d7:c1:15:43:23:82:25:81:d2:59:e8:c0 245272
32:f9:38:a2:39:d0:c5:f5:ba:bd:b7:75:2b:00:f6:ab 197846
d0:db:8a:cb:74:c8:37:e4:9e:71:fc:7a:eb:d6:40:81 152046
34:47:0f:e9:1a:c2:eb:56:eb:cc:58:59:3a:02:80:b6 140777
df:17:d6:57:7a:37:00:7a:87:5e:4e:ed:2f:a3:d5:dd 91904
81:96:a6:8c:3a:75:f3:be:84:5e:cc:99:a7:ab:3e:d9 80499
7c:a8:25:21:13:a2:eb:00:a6:c1:76:ca:6b:48:6e:bf 78172
1c:1e:29:43:d2:0c:c1:75:40:05:30:03:d4:02:d7:9b 71851
8b:75:88:08:41:78:11:5b:49:68:11:42:64:12:6d:49 70786
c2:77:c8:c5:72:17:e2:5b:4f:a2:4e:e3:04:0c:35:c9 68654
@achillean
achillean / threatnet-stream.py
Created January 7, 2015 19:22
How to read events from the Threatnet stream. Note: make sure you have the latest version of the Shodan Python library installed (>=1.2.3).
import shodan.threatnet
# Configuration
API_KEY = "Please enter your API key here"
# Create the object that interfaces with the Threatnet API
tnet = shodan.threatnet.Threatnet(API_KEY)
# Get a stream of events and print them to stdout
for event in tnet.stream.events():
@ddouhine
ddouhine / SHODAN Filters
Created December 16, 2014 15:53
» city
» country
nginx city:"San Diego" country:US
» geo
Devices within a 50km radius of San Diego (32.8,-117): geo:32.8,-117,50
» hostname
"Server: gws" hostname:google
» net
net:216.219.0.0/16
» os
@abbashosseini
abbashosseini / Reade-mail.py
Created September 29, 2014 23:23
# Az imaplib Baraye Connect Shodan B Server Gmail Estefade Mikonim
import imaplib
# dar inja Ba Estefade Az Method IMAP4_SSL Baraye Moshakhas Kardan Server Morede Nazar Va Sakhtan Proxy Estefade Mikonim
#Ba Port 993 Vasl Mishim ahmiat Chandani Ham Dar In Bakhsh Ndare albate Az Rahaye Dge MOnzorame
mailserver = imaplib.IMAP4_SSL('imap.gmail.com', 993)
# Dar In Ghesmat Name Email Morede Bazar
username = 'USERNAME'
@achillean
achillean / camscan.py
Created July 25, 2014 14:26
An updated version of the camscan.py script to search Shodan for webcams. This script uses the new Shodan API documented at https://developer.shodan.io as well as the new search_cursor() method to easily iterate over results.
import shodan
import socket
# Configuration options
API_KEY = 'YOUR API KEY'
SEARCH_QUERY = 'netcam'
CONNECTION_TIMEOUT = 1.5
def is_camera(ip_str):
"""Check whether the given IP operates a valid webcam by checking for the existence of a URL."""
@achillean
achillean / shodan-stream.py
Created June 12, 2014 23:43
Basic code template for accessing the Shodan Streaming API using Python
#!/usr/bin/env python
#
# shodan-stream.py
# Read a firehose/ stream of 1% of the data that Shodan collects in real-time.
#
# WARNING: This script only works with people that have a subscription API plan!
# And by default the Streaming API only returns 1% of the data that Shodan gathers.
# If you wish to have more access please contact us at [email protected] for pricing
# information.
#
@achillean
achillean / Shodan bitcoin sample banner
Created February 21, 2014 07:07
Here is a sample banner collected from a Bitcoin server. Note that it includes a list of up to 1000 peers' IP addresses and ports.
{
"os": null,
"timestamp": "2014-02-21T06:49:56.251378",
"isp": "Comcast Cable",
"asn": "AS7922",
"hostnames": ["c-69-180-254-194.hsd1.tn.comcast.net"],
"location": {
"city": "Goodlettsville",
"region_name": null,
"area_code": 615,
@achillean
achillean / simple-export.py
Last active April 16, 2022 16:29
A simple script to search Shodan and output the results as JSON-encoded banners; each line corresponds to a single banner.
#!/usr/bin/env python
"""
A simple script to search Shodan and output the results as JSON-encoded banners;
each line corresponds to a single banner.
Warning: This will use up query credits because it pages through the results!
Usage: python simple-export.py <search query>
"""
# Install via "easy_install shodan"