Shodan Workshop Resource List

Welcome! This is a list of resources to supplement my “Basic Hacking in 2019 with Shodan” workshop.

First it’s very important to take care of yourself out there when you start poking around. I recommend a VPN to hide who you are a bit and some kind of browser tools to prevent someone from running malicious code in your browser.

My favorite VPN is Nord, and I use the uMatrix browser extension in all my browsers to control what code my browsers are running.

Online Tools

• Shodan - search engine for anything connected to the internet!
• PublicWWW - search engine for websites' source code!
• Wigle - search engine for wifi networks!

Command Line Tools

• host - gives you the IP address of any domain name by querring your DNS of choice

• whois - queries the WhoIs database to get a variety of information about a domain or IP address

• nslookup - similar to host

• ping - sends packets to an address to see if you get a response, good for checking if a host is up

• nc - known as “netcat”, swiss army knife of creating network connections

• telnet - can create a tcp connection between you and someone else, very insecure and now almost entirely replaced by nc

• traceroute - prints every server between you and a desired address

• nmap - a powerful and dangerous port scanner read more here

• ssh - create a secure shell connection, a way of logging into a remote computer over the command line

• ftp - file transfer protocol, method of transfering files

GUI Software

• Wireshark - packet sniffing tool
• Herbivore - simpler but buggy packet sniffer
• VNC Viewer - way of connecting to VNC servers