Does using Shodan filters cost credits?

Yes, while basic keyword searches are often free, using advanced filters or downloading results typically consumes Shodan query or scan credits depending on your account plan.

Can I find specific vulnerabilities like BlueKeep?

Absolutely. The skill includes specific query patterns for finding systems vulnerable to known CVEs using Shodan's 'vuln' filter.

What is the Shodan Reconnaissance skill?

It is a specialized capability for Claude Code that provides methodologies and commands for using Shodan to find exposed internet-connected assets and vulnerabilities.

Is this skill for active or passive reconnaissance?

It supports both; it provides commands for passive search (querying Shodan's database) and active scanning (submitting on-demand scan requests).

Do I need a Shodan API key to use this?

Yes, you need a Shodan account (free or paid) and an API key to perform searches and scans using this skill.

Shodan Reconnaissance & Pentesting

Name: Shodan Reconnaissance & Pentesting
Author: claudiodearaujo

byclaudiodearaujo

•

セキュリティとテスト

Automates network reconnaissance and vulnerability discovery using the Shodan search engine to identify exposed internet-connected devices and services.

This skill provides a comprehensive framework for leveraging Shodan's API and CLI during security audits and penetration testing engagements. It enables users to systematically discover exposed services, identify vulnerable IoT devices, map organizational network assets, and analyze SSL certificates. By integrating Shodan's powerful search filters and on-demand scanning capabilities directly into the workflow, it helps security professionals and developers maintain a robust security posture through proactive asset discovery and threat surface analysis.

主な機能

01Advanced search filtering for specific ports, products, and geographic locations

02Vulnerability detection through CVE-specific queries and service banner analysis

03Comprehensive Shodan CLI and API integration for automated reconnaissance

04Asset inventory generation with support for JSON and CSV data exports

05On-demand IP scanning and honeypot detection to verify target status

061 GitHub stars

ユースケース

01Auditing IoT device security and discovering outdated firmware versions across a network

02Mapping an organization's external attack surface via ASN and domain name filters

03Identifying exposed database instances like MongoDB or Elasticsearch for security hardening

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add claudiodearaujo/sistema-de-narra-o-de-livro shodan-reconnaissance

For use in Claude.ai and ChatGPT

Download Skill