Some useful shodan queries

kibana content-length:217 net:”cidr”

org:”Amazon” ssl:”target”

ssl:”target”

html:”Dashboard Jenkins” http.component:”jenkins”

http.title:”302 Found”

http.component%3A”java”

https://www.shodan.io/host/ip#9200

https://www.shodan.io/host/ip

X-Redirect-By: WordPress ssl:”name”

query: html:”eBay Inc. All Right Reserved”

X-Amz-Bucket-Region

x-jenkins 200

X-Generator: Drupal 7

ssl:Google

org:’Name’ port:’80’

all:”mongodb server information” all:”metrics”

port:27017 -all:”partially” all:”fs.files”

port:”9200" all:”elastic indices”

product:elastic port:9200

product: CouchDB

title:”system dashboard” html:jira

product: “apache tomcat”

ssl%3A”development”+org%3A”Amazon.com”+port%3A”number”

http.component:ruby port:3000

html:”secret_key_base”

http.title:”BIG-IP®- Redirect”

html:”rack.version”

http.html:QUERY ssl:”domain.com”

http.favicon.hash:81586312 200

“DICOM Server Response” port:104

title:”Citrix Gateway” org:*programorg*

http.title:”Tesla PowerPack System” http.component:”d3" -ga3ca4f2

Unprotected VNC: “authentication disabled” “RFB 003.008”

html:/dana-na/ Pulse Secure VPN exploit

http.favicon.hash:-1776962843 Solarwinds supply chain attack

title:”Weave Scope” http.favicon.hash:567176827

“Docker Containers:” port:2375

“root@” port:23 -login -password -name -Session

“Citrix Applications:” port:1604

org:facebook org:”Facebook-Corp”

“Cisco IOS” “ADVIPSERVICESK9_LI-M”

”Server: NessusWWW”

http.favicon.hash%3A1485257654 SonarQube installations

“230 login successful” port:”21"

Docker exposed APIs — Shodan query: Product:”Docker”

$ docker -H IP:port info →we can access docker API with docker CLI !

$ docker -H IP:port ps →we can see running containers

$ docker -H IP:port ps -a →stopped containers

#infosec enthusiast, pentester