Shodan

Shodan is a specialized search engine created by John Matherly in 2009 that indexes internet-connected devices and services rather than web pages, continuously scanning the entire IPv4 address space across thousands of ports to discover and catalog servers, IoT devices, industrial control systems, databases, webcams, routers, and network infrastructure, providing security researchers, penetration testers, and organizations with unprecedented visibility into the exposed attack surface of internet-connected systems worldwide. The scanning infrastructure probes every public IP address on common and uncommon ports including HTTP, HTTPS, SSH, FTP, Telnet, RTSP, Modbus, BACnet, MongoDB, Redis, Elasticsearch, and hundreds of other protocols, capturing service banners, version information, default credentials, certificate details, and configuration data that reveals what software and devices are running on each discovered system. The search query syntax enables precise filtering through over two hundred facets including country, city, organization, autonomous system number, port, operating system, hostname, SSL certificate properties, HTTP response headers, and custom keyword searches, allowing researchers to find specific device types, vulnerable configurations, or exposed services across the global internet. The vulnerability detection cross-references discovered services against known vulnerability databases, highlighting systems running outdated or exploitable software versions. The monitoring and alerting system tracks changes to specific IP ranges, alerting when new services appear or configurations change. The API enables programmatic access for security automation. The enterprise and academic pricing tiers support large-scale research. Designed for security researchers, penetration testers, CISOs, and network administrators.