Shodan is a search engine that lets the user find Internet-connected devices using a variety of filters.
With this integration, users have the ability to enrich indicators via Shodan to make more informed decisions and send infrastructure indicators to Shodan to help determine if there is a security concern that needs to be addressed. The Playbook automates:
- The querying of Shodan for information and context about an indicator.
- The parsing of relevant information from the Shodan response.
- The saving of relevant enrichment information inside ThreatConnect.
- Displaying of the results to the user for real-time feedback.
The follow actions are available:
- DNS Lookup
- Reverse DNS Lookup
- Search Shodan
- Get Enrichment
- Parse Results
This listing can be found in the ThreatConnect App Catalog under the name Shodan.
Built By ThreatConnect