/ShodanTools

Collection of scripts & fingerprinting tricks for Shodan.io

Primary LanguagePython

ShodanTools

Collection of scripts & fingerprinting tricks for Shodan.io

This will become more organized over time. Promise.

F5 Networks Management Interfaces

🔎 →

http.title:"BIG-IP®- Redirect"

🔎 →

http.favicon.hash:-335242539

F5 Networks VPNs:

🔎 →

http.html:"BIG-IP logout"

F5 Devices:

🔎 →

Server: BigIP

🔎 →

BIGipServerPool

🔎 →

Set-Cookie: F5_ST

🔎 →

LastMRH_Session

🔎 →

MRHSession

Palo Alto GlobalProtect

🔎 →

http.html:"Global Protect"

Gradle Server:

🔎 →

http.html:"Gradle Enterprise Server"

🔎 →

http.html:"Gradle Enterprise"

🔎 →

http.html:Gradle

RDP Gateway:

🔎 →

http.html:tdDomainUserNameLabel

🔎 →

RDWeb

🔎 →

TSWAFeatureCheckCookie

🔎 →

path=/RDWeb/

HP Printers:

🔎 →

Server: HP_Compact_Server

🔎 →

ssl.cert.subject.CN:Jetdirect

🔎 →

HP Photosmart

Pulse Secure:

🔎 →

product:"Pulse Secure"

🔎 →

http.title:Pulse

Citrix:

🔎 →

http.title:"Citrix Login"

🔎 →

http.title:netscaler

🔎 →

http.title:citrix

🔎 →

http.title:"Endpoint Management - Console - Logon"

🔎 →

Citrix-TransactionId

🔎 →

http.waf:"Citrix NetScaler"

Oracle E-Business Suite:

🔎 →

http.title:"E-Business Suite Home Page Redirect"

🔎 →

path=/OA_HTML -http.title:"E-Business Suite"

Polycom Phones:

🔎 →

ssl.cert.subject.CN:polycom

Webmin:

🔎 →

http.title:Webmin

Team City:

🔎 →

http.title:Log in to TeamCity -- TeamCity

🔎 →

TeamCity-Node-Id

Barix Streamers (radio encoding systems)

🔎 →

http.favicon.hash:-1964089279

🔎 →

http.favicon.hash:611241354

🔎 →

Barix

Sonos CONNECT:

🔎 →

product:"Sonos CONNECT:AMP"

TP Link Gigagbit:

🔎 →

TP-LINK Gigabit

🔎 →

Server: Router Webserver

TP-Link:

🔎 →

http.title:"TL-WR841N"

🔎 →

Basic realm=TP-LINK

Keenetic Smart Home:

🔎 →

http.title:"Keenetic Web"

Home Assistant Smart Home:

🔎 →

http.title:"Home Assistant"

Fritz!BOX SOHO Router:

🔎 →

http.title:"FRITZ!Box"

CoSHIP SOHO:

🔎 →

http.title:"EMTA"

Broadband Routers:

🔎 →

Basic realm="Broadband Router"

MoviStar FIOS Router:

🔎 →

http.title:"movistar"

Juniper Router:

🔎 →

http.title:"Log In - Juniper Web Device Manager"

Cyberoam SSL VPN:

🔎 →

ssl.cert.issuer.CN:Cyberoam

Blue Iris Video surveillance

🔎 →

http.title:"Blue Iris Login"

Cambrium Networks:

🔎 →

http.title:"ePMP"

Random device setup pages:

🔎 →

http.title:"Setup"

VMWare ESXI:

🔎 →

http.title:"\" + ID_EESX_Welcome + \""

Server Backup Manager:

🔎 →

http.title:"Server Backup Manager"

DrayTek Vigor router:

🔎 →

http.title:"Vigor Login Page"

APC Power (UPS?)

🔎 →

http.title:"APC | Log On"

Kubernetes:

🔎 →

ssl.cert.issuer.CN:kubernetes

Kubernetes API Server:

🔎 →

ssl.cert.subject.cn:kube-apiserver

🔎 →

ssl.cert.subject.cn:kube-apiserver "200 OK"

EA Server:

🔎 →

Server: EA-HTTP/1.0 has_screenshot:true

Metasploit:

🔎 →

http.title:Metasploit

🔎 →

http.title:"Metasploit is initializing"

🔎 →

http.title:"Metasploit - Setup and Configuration"

OpenSMTPD:

🔎 →

product:"OpenSMTPD"

HP iLO3:

🔎 →

ssl.cert.issuer.CN:"iLO3 Default Issuer (Do not trust)"

ZyXEL:

🔎 →

ssl.cert.issuer.CN:ZyXEL

ZTE:

🔎 →

http.title:"F660"

🔎 →

ZTE corp

SonicWall:

🔎 →

http.title:"Policy Jump"

🔎 →

http.title:"SonicWALL - Authentication"

Tilgin SOHO Router:

🔎 →

http.title:myhome

ActionTec:

🔎 →

http.title:"Advanced Setup - Security - Admin User Name & Password"

GPON:

🔎 →

http.title:"GPON ONT"

🔎 →

http.title:"GPON Home Gateway"

MikroTIK:

🔎 →

http.title:"RouterOS router configuration page"

🔎 →

http.title:"Router"

Xiongmai NetSurveillance:

🔎 →

http.title:"NETSurveillance WEB"

WatchGuard:

🔎 →

ssl.cert.issuer.CN:"Fireware web CA"

FosCAM IP Cameras:

🔎 →

http.title:"IPCam Client"

3CX VOIP:

🔎 →

http.title:"3CX Phone System Management Console"