The Complete Guide to Shodan: Collect. Analyze. Visualize. Make Internet Intelligence Work For You.
John Matherly
Language: English
Pages: 46
ISBN: B01CDIU880
Format: PDF / Kindle (mobi) / ePub
The Complete Guide to Shodan is the official book written by the founder that explains the ins and outs of the search engine. Readers will be introduced to the variety of websites that are available to access the data, how to automate common tasks using the command-line and create custom solutions using the developer API.
Web Application Security: A Beginner's Guide
Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks
Against Security: How We Go Wrong at Airports, Subways, and Other Sites of Ambiguous Danger
The Black Banners: The Inside Story of 9/11 and the War Against al-Qaeda
Computer Security, Privacy and Politics: Current Issues, Challenges and Solutions
Information Security The Complete Reference (2nd Edition)
Api.host('xxx.xxx.xxx.xxx') # Check the number of open ports if len(host['ports']) > 10: print('{} looks suspicious'.format(host['ip_str'])) else: print('{} has few ports open'.format(host['ip_str'])) Location, Location, Location It isn’t just the software that needs to be properly configured, a honeypot also has to be hosted on a network that could reasonably have a control system. Putting a honeypot that simulates a Siemens PLC in the Amazon cloud doesn’t make any sense. Here are a few.
Player classic web interface 14147 Filezilla FTP 16010 Apache Hbase 18245 General Electric SRTP 20000 DNP3 20547 ProconOS 21025 Starbound 21379 Matrikon OPC 23023 Telnet 23424 Serviio 25105 Insteon Hub 25565 Minecraft 27015 Steam A2S server query, Steam RCon 27017 MongoDB 28017 MongoDB (HTTP) 30718 Lantronix Setup 32400 Plex 37777 Dahuva DVR 44818 EtherNet/IP 47808 Bacnet 49152 Supermicro (HTTP) 49153 WeMo Link 50070 HDFS Namenode 51106 Deluge (HTTP) 54138 Toshiba PoS.
GMT\r\nPragma: no-cache\r\nP3P:\ CP=\"NON COR CURa ADMa OUR NOR UNI COM NAV STA\"\r\nContent-type: text/html\r\n\ Transfer-Encoding: chunked\r\nDate: Thu, 25 Feb 2016 11:56:36 GMT\r\nServer: sw-\ cp-server\r\n\r\n", "asn": "AS32613", "port": 8443, "ssl": { "chain": ["-----BEGIN CERTIFICATE-----\nMIIDszCCApsCBFBTb4swDQYJKoZIhvcN\ AQEFBQAwgZ0xCzAJBgNVBAYTAlVTMREw\nDwYDVQQIEwhWaXJnaW5pYTEQMA4GA1UEBxMHSGVybmRvbj\ ESMBAGA1UEChMJUGFy\nYWxsZWxzMRgwFgYDVQQLEw9QYXJhbGxlbHMgUGFuZWwxGDAWBgNVBAMTD1Bh\.
Ssl.versions field: { "ssl": { "versions": ["TLSv1", "SSLv3", "-SSLv2", "-TLSv1.1", "-TLSv1.2"] } } If the version has a - (dash) in front of the version, then the device does not support that SSL version. If the version doesn’t begin with a -, then the service supports the given SSL version. For example, the above server supports: TLSv1 SSLv3 And it denies versions: SSLv2 TLSv1.1 TLSv1.2 The version information can also be searched over the website/ API. For example, the following.
73 9e |.._....aV