Friday, April 26, 2013

Perl and Shodan



The search engine Shodan (http://www.shodanhq.com/) has recently drawn a lot of attention as the “scariest search engine on the internet” since it lets you search for computers and other devices by IP, OS, location, etc, and in doing so often reveals information that the computer owner’s might not have ever intended to be public.  For security professionals it makes for an interesting tool for pen-testing and forensics.  For any Perl developers that are interested in such work the good news is that they have an API and they have a nice Perl tutorial already in place documenting how to use it (http://docs.shodanhq.com/perl/tutorial.html#).  They also provide one sample Perl script that lets you generate a list of IP addresses that match your query terms (http://docs.shodanhq.com/perl/examples.html).  The API does make use of an API key that requires registration to use. 

No comments: