{"id":"bad76921-1e5a-4905-afe7-2334a903ad4b","shortId":"fj5MVm","kind":"skill","title":"shodan-reconnaissance","tagline":"Provide systematic methodologies for leveraging Shodan as a reconnaissance tool during penetration testing engagements.","description":"# Shodan Reconnaissance and Pentesting\n\n## Purpose\n\nProvide systematic methodologies for leveraging Shodan as a reconnaissance tool during penetration testing engagements. This skill covers the Shodan web interface, command-line interface (CLI), REST API, search filters, on-demand scanning, and network monitoring capabilities for discovering exposed services, vulnerable systems, and IoT devices.\n\n## Inputs / Prerequisites\n\n- **Shodan Account**: Free or paid account at shodan.io\n- **API Key**: Obtained from Shodan account dashboard\n- **Target Information**: IP addresses, domains, or network ranges to investigate\n- **Shodan CLI**: Python-based command-line tool installed\n- **Authorization**: Written permission for reconnaissance on target networks\n\n## Outputs / Deliverables\n\n- **Asset Inventory**: List of discovered hosts, ports, and services\n- **Vulnerability Report**: Identified CVEs and exposed vulnerable services\n- **Banner Data**: Service banners revealing software versions\n- **Network Mapping**: Geographic and organizational distribution of assets\n- **Screenshot Gallery**: Visual reconnaissance of exposed interfaces\n- **Exported Data**: JSON/CSV files for further analysis\n\n## Core Workflow\n\n### 1. Setup and Configuration\n\n#### Install Shodan CLI\n```bash\n# Using pip\npip install shodan\n\n# Or easy_install\neasy_install shodan\n\n# On BlackArch/Arch Linux\nsudo pacman -S python-shodan\n```\n\n#### Initialize API Key\n```bash\n# Set your API key\nshodan init YOUR_API_KEY\n\n# Verify setup\nshodan info\n# Output: Query credits available: 100\n#         Scan credits available: 100\n```\n\n#### Check Account Status\n```bash\n# View credits and plan info\nshodan info\n\n# Check your external IP\nshodan myip\n\n# Check CLI version\nshodan version\n```\n\n### 2. Basic Host Reconnaissance\n\n#### Query Single Host\n```bash\n# Get all information about an IP\nshodan host 1.1.1.1\n\n# Example output:\n# 1.1.1.1\n# Hostnames: one.one.one.one\n# Country: Australia\n# Organization: Mountain View Communications\n# Number of open ports: 3\n# Ports:\n#   53/udp\n#   80/tcp\n#   443/tcp\n```\n\n#### Check if Host is Honeypot\n```bash\n# Get honeypot probability score\nshodan honeyscore 192.168.1.100\n\n# Output: Not a honeypot\n#         Score: 0.3\n```\n\n### 3. Search Queries\n\n#### Basic Search (Free)\n```bash\n# Simple keyword search (no credits consumed)\nshodan search apache\n\n# Specify output fields\nshodan search --fields ip_str,port,os smb\n```\n\n#### Filtered Search (1 Credit)\n```bash\n# Product-specific search\nshodan search product:mongodb\n\n# Search with multiple filters\nshodan search product:nginx country:US city:\"New York\"\n```\n\n#### Count Results\n```bash\n# Get result count without consuming credits\nshodan count openssh\n# Output: 23128\n\nshodan count openssh 7\n# Output: 219\n```\n\n#### Download Results\n```bash\n# Download 1000 results (default)\nshodan download results.json.gz \"apache country:US\"\n\n# Download specific number of results\nshodan download --limit 5000 results.json.gz \"nginx\"\n\n# Download all available results\nshodan download --limit -1 all_results.json.gz \"query\"\n```\n\n#### Parse Downloaded Data\n```bash\n# Extract specific fields from downloaded data\nshodan parse --fields ip_str,port,hostnames results.json.gz\n\n# Filter by specific criteria\nshodan parse --fields location.country_code3,ip_str -f port:22 results.json.gz\n\n# Export to CSV format\nshodan parse --fields ip_str,port,org --separator , results.json.gz > results.csv\n```\n\n### 4. Search Filters Reference\n\n#### Network Filters\n```\nip:1.2.3.4                  # Specific IP address\nnet:192.168.0.0/24          # Network range (CIDR)\nhostname:example.com        # Hostname contains\nport:22                     # Specific port\nasn:AS15169                 # Autonomous System Number\n```\n\n#### Geographic Filters\n```\ncountry:US                  # Two-letter country code\ncountry:\"United States\"     # Full country name\ncity:\"San Francisco\"        # City name\nstate:CA                    # State/region\npostal:94102                # Postal/ZIP code\ngeo:37.7,-122.4             # Lat/long coordinates\n```\n\n#### Organization Filters\n```\norg:\"Google\"                # Organization name\nisp:\"Comcast\"               # ISP name\n```\n\n#### Service/Product Filters\n```\nproduct:nginx               # Software product\nversion:1.14.0              # Software version\nos:\"Windows Server 2019\"    # Operating system\nhttp.title:\"Dashboard\"      # HTTP page title\nhttp.html:\"login\"           # HTML content\nhttp.status:200             # HTTP status code\nssl.cert.subject.cn:*.example.com  # SSL certificate\nssl:true                    # Has SSL enabled\n```\n\n#### Vulnerability Filters\n```\nvuln:CVE-2019-0708          # Specific CVE\nhas_vuln:true               # Has any vulnerability\n```\n\n#### Screenshot Filters\n```\nhas_screenshot:true         # Has screenshot available\nscreenshot.label:webcam     # Screenshot type\n```\n\n### 5. On-Demand Scanning\n\n#### Submit Scan\n```bash\n# Scan single IP (1 credit per IP)\nshodan scan submit 192.168.1.100\n\n# Scan with verbose output (shows scan ID)\nshodan scan submit --verbose 192.168.1.100\n\n# Scan and save results\nshodan scan submit --filename scan_results.json.gz 192.168.1.100\n```\n\n#### Monitor Scan Status\n```bash\n# List recent scans\nshodan scan list\n\n# Check specific scan status\nshodan scan status SCAN_ID\n\n# Download scan results later\nshodan download --limit -1 results.json.gz scan:SCAN_ID\n```\n\n#### Available Scan Protocols\n```bash\n# List available protocols/modules\nshodan scan protocols\n```\n\n### 6. Statistics and Analysis\n\n#### Get Search Statistics\n```bash\n# Default statistics (top 10 countries, orgs)\nshodan stats nginx\n\n# Custom facets\nshodan stats --facets domain,port,asn --limit 5 nginx\n\n# Save to CSV\nshodan stats --facets country,org -O stats.csv apache\n```\n\n### 7. Network Monitoring\n\n#### Setup Alerts (Web Interface)\n```\n1. Navigate to Monitor Dashboard\n2. Add IP, range, or domain to monitor\n3. Configure notification service (email, Slack, webhook)\n4. Select trigger events (new service, vulnerability, etc.)\n5. View dashboard for exposed services\n```\n\n### 8. REST API Usage\n\n#### Direct API Calls\n```bash\n# Get API info\ncurl -s \"https://api.shodan.io/api-info?key=YOUR_KEY\" | jq\n\n# Host lookup\ncurl -s \"https://api.shodan.io/shodan/host/1.1.1.1?key=YOUR_KEY\" | jq\n\n# Search query\ncurl -s \"https://api.shodan.io/shodan/host/search?key=YOUR_KEY&query=apache\" | jq\n```\n\n#### Python Library\n```python\nimport shodan\n\napi = shodan.Shodan('YOUR_API_KEY')\n\n# Search\nresults = api.search('apache')\nprint(f'Results found: {results[\"total\"]}')\nfor result in results['matches']:\n    print(f'IP: {result[\"ip_str\"]}')\n\n# Host lookup\nhost = api.host('1.1.1.1')\nprint(f'IP: {host[\"ip_str\"]}')\nprint(f'Organization: {host.get(\"org\", \"n/a\")}')\nfor item in host['data']:\n    print(f'Port: {item[\"port\"]}')\n```\n\n## Quick Reference\n\n### Essential CLI Commands\n\n| Command | Description | Credits |\n|---------|-------------|---------|\n| `shodan init KEY` | Initialize API key | 0 |\n| `shodan info` | Show account info | 0 |\n| `shodan myip` | Show your IP | 0 |\n| `shodan host IP` | Host details | 0 |\n| `shodan count QUERY` | Result count | 0 |\n| `shodan search QUERY` | Basic search | 0* |\n| `shodan download FILE QUERY` | Save results | 1/100 results |\n| `shodan parse FILE` | Extract data | 0 |\n| `shodan stats QUERY` | Statistics | 1 |\n| `shodan scan submit IP` | On-demand scan | 1/IP |\n| `shodan honeyscore IP` | Honeypot check | 0 |\n\n*Filters consume 1 credit per query\n\n### Common Search Queries\n\n| Purpose | Query |\n|---------|-------|\n| Find webcams | `webcam has_screenshot:true` |\n| MongoDB databases | `product:mongodb` |\n| Redis servers | `product:redis` |\n| Elasticsearch | `product:elastic port:9200` |\n| Default passwords | `\"default password\"` |\n| Vulnerable RDP | `port:3389 vuln:CVE-2019-0708` |\n| Industrial systems | `port:502 modbus` |\n| Cisco devices | `product:cisco` |\n| Open VNC | `port:5900 authentication disabled` |\n| Exposed FTP | `port:21 anonymous` |\n| WordPress sites | `http.component:wordpress` |\n| Printers | `\"HP-ChaiSOE\" port:80` |\n| Cameras (RTSP) | `port:554 has_screenshot:true` |\n| Jenkins servers | `X-Jenkins port:8080` |\n| Docker APIs | `port:2375 product:docker` |\n\n### Useful Filter Combinations\n\n| Scenario | Query |\n|---------|-------|\n| Target org recon | `org:\"Company Name\"` |\n| Domain enumeration | `hostname:example.com` |\n| Network range scan | `net:192.168.0.0/24` |\n| SSL cert search | `ssl.cert.subject.cn:*.target.com` |\n| Vulnerable servers | `vuln:CVE-2021-44228 country:US` |\n| Exposed admin panels | `http.title:\"admin\" port:443` |\n| Database exposure | `port:3306,5432,27017,6379` |\n\n### Credit System\n\n| Action | Credit Type | Cost |\n|--------|-------------|------|\n| Basic search | Query | 0 (no filters) |\n| Filtered search | Query | 1 |\n| Download 100 results | Query | 1 |\n| Generate report | Query | 1 |\n| Scan 1 IP | Scan | 1 |\n| Network monitoring | Monitored IPs | Depends on plan |\n\n## Constraints and Limitations\n\n### Operational Boundaries\n- Rate limited to 1 request per second\n- Scan results not immediate (asynchronous)\n- Cannot re-scan same IP within 24 hours (non-Enterprise)\n- Free accounts have limited credits\n- Some data requires paid subscription\n\n### Data Freshness\n- Shodan crawls continuously but data may be days/weeks old\n- On-demand scans provide current data but cost credits\n- Historical data available with paid plans\n\n### Legal Requirements\n- Only perform reconnaissance on authorized targets\n- Passive reconnaissance generally legal but verify jurisdiction\n- Active scanning (scan submit) requires authorization\n- Document all reconnaissance activities\n\n## Examples\n\n### Example 1: Organization Reconnaissance\n```bash\n# Find all hosts belonging to target organization\nshodan search 'org:\"Target Company\"'\n\n# Get statistics on their infrastructure\nshodan stats --facets port,product,country 'org:\"Target Company\"'\n\n# Download detailed data\nshodan download target_data.json.gz 'org:\"Target Company\"'\n\n# Parse for specific info\nshodan parse --fields ip_str,port,product target_data.json.gz\n```\n\n### Example 2: Vulnerable Service Discovery\n```bash\n# Find hosts vulnerable to BlueKeep (RDP CVE)\nshodan search 'vuln:CVE-2019-0708 country:US'\n\n# Find exposed Elasticsearch with no auth\nshodan search 'product:elastic port:9200 -authentication'\n\n# Find Log4j vulnerable systems\nshodan search 'vuln:CVE-2021-44228'\n```\n\n### Example 3: IoT Device Discovery\n```bash\n# Find exposed webcams\nshodan search 'webcam has_screenshot:true country:US'\n\n# Find industrial control systems\nshodan search 'port:502 product:modbus'\n\n# Find exposed printers\nshodan search '\"HP-ChaiSOE\" port:80'\n\n# Find smart home devices\nshodan search 'product:nest'\n```\n\n### Example 4: SSL/TLS Certificate Analysis\n```bash\n# Find hosts with specific SSL cert\nshodan search 'ssl.cert.subject.cn:*.example.com'\n\n# Find expired certificates\nshodan search 'ssl.cert.expired:true org:\"Company\"'\n\n# Find self-signed certificates\nshodan search 'ssl.cert.issuer.cn:self-signed'\n```\n\n### Example 5: Python Automation Script\n```python\n#!/usr/bin/env python3\nimport shodan\nimport json\n\nAPI_KEY = 'YOUR_API_KEY'\napi = shodan.Shodan(API_KEY)\n\ndef recon_organization(org_name):\n    \"\"\"Perform reconnaissance on an organization\"\"\"\n    try:\n        # Search for organization\n        query = f'org:\"{org_name}\"'\n        results = api.search(query)\n        \n        print(f\"[*] Found {results['total']} hosts for {org_name}\")\n        \n        # Collect unique IPs and ports\n        hosts = {}\n        for result in results['matches']:\n            ip = result['ip_str']\n            port = result['port']\n            product = result.get('product', 'unknown')\n            \n            if ip not in hosts:\n                hosts[ip] = []\n            hosts[ip].append({'port': port, 'product': product})\n        \n        # Output findings\n        for ip, services in hosts.items():\n            print(f\"\\n[+] {ip}\")\n            for svc in services:\n                print(f\"    - {svc['port']}/tcp ({svc['product']})\")\n        \n        return hosts\n        \n    except shodan.APIError as e:\n        print(f\"Error: {e}\")\n        return None\n\nif __name__ == '__main__':\n    recon_organization(\"Target Company\")\n```\n\n### Example 6: Network Range Assessment\n```bash\n# Scan a /24 network range\nshodan search 'net:192.168.1.0/24'\n\n# Get port distribution\nshodan stats --facets port 'net:192.168.1.0/24'\n\n# Find specific vulnerabilities in range\nshodan search 'net:192.168.1.0/24 vuln:CVE-2021-44228'\n\n# Export all data for range\nshodan download network_scan.json.gz 'net:192.168.1.0/24'\n```\n\n## Troubleshooting\n\n| Issue | Cause | Solution |\n|-------|-------|----------|\n| No API Key Configured | Key not initialized | Run `shodan init YOUR_API_KEY` then verify with `shodan info` |\n| Query Credits Exhausted | Monthly credits consumed | Use credit-free queries (no filters), wait for reset, or upgrade |\n| Host Recently Crawled | Cannot re-scan IP within 24h | Use `shodan host IP` for existing data, or wait 24 hours |\n| Rate Limit Exceeded | >1 request/second | Add `time.sleep(1)` between API requests |\n| Empty Search Results | Too specific or syntax error | Use quotes for phrases: `'org:\"Company Name\"'`; broaden criteria |\n| Downloaded File Won't Parse | Corrupted or wrong format | Verify with `gunzip -t file.gz`, re-download with `--limit` |\n\n## When to Use\nThis skill is applicable to execute the workflow or actions described in the overview.","tags":["shodan","reconnaissance","antigravity","awesome","skills","sickn33","agent-skills","agentic-skills","ai-agent-skills","ai-agents","ai-coding","ai-workflows"],"capabilities":["skill","source-sickn33","skill-shodan-reconnaissance","topic-agent-skills","topic-agentic-skills","topic-ai-agent-skills","topic-ai-agents","topic-ai-coding","topic-ai-workflows","topic-antigravity","topic-antigravity-skills","topic-claude-code","topic-claude-code-skills","topic-codex-cli","topic-codex-skills"],"categories":["antigravity-awesome-skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/sickn33/antigravity-awesome-skills/shodan-reconnaissance","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add sickn33/antigravity-awesome-skills","source_repo":"https://github.com/sickn33/antigravity-awesome-skills","install_from":"skills.sh"}},"qualityScore":"0.700","qualityRationale":"deterministic score 0.70 from registry signals: · indexed on github topic:agent-skills · 34515 github stars · SKILL.md body (13,451 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-04-22T12:51:45.734Z","embedding":null,"createdAt":"2026-04-18T21:44:49.886Z","updatedAt":"2026-04-22T12:51:45.734Z","lastSeenAt":"2026-04-22T12:51:45.734Z","tsv":"'-0708':566,960,1258 '-1':401,654 '-122.4':510 '-2019':565,959,1257 '-2021':1041,1282,1532 '-44228':1042,1283,1533 '/24':464,1031,1502,1509,1519,1529,1544 '/api-info?key=your_key':764 '/shodan/host/1.1.1.1?key=your_key':772 '/shodan/host/search?key=your_key&query=apache':780 '/tcp':1472 '/usr/bin/env':1371 '0':854,860,866,872,878,884,898,918,1068 '0.3':296 '1':165,326,598,715,903,921,1074,1079,1083,1085,1088,1104,1189,1609,1613 '1.1.1.1':257,260,817 '1.14.0':530 '1.2.3.4':458 '1/100':891 '1/ip':912 '10':680 '100':214,218,1076 '1000':374 '192.168.0.0':463,1030 '192.168.1.0':1508,1518,1528,1543 '192.168.1.100':290,605,617,627 '2':241,720,1241 '2019':536 '21':979 '219':369 '22':435,473 '23128':363 '2375':1008 '24':1120,1604 '24h':1594 '27017':1057 '3':273,297,728,1285 '3306':1055 '3389':956 '37.7':509 '4':451,735,1330 '443':1051 '443/tcp':277 '5':587,695,743,1366 '5000':391 '502':964,1308 '53/udp':275 '5432':1056 '554':994 '5900':973 '6':669,1495 '6379':1058 '7':367,708 '8':749 '80':990,1320 '80/tcp':276 '8080':1004 '9200':948,1272 '94102':505 'account':73,77,85,220,858,1126 'action':1061,1665 'activ':1177,1186 'add':721,1611 'address':90,461 'admin':1046,1049 'alert':712 'all_results.json.gz':402 'analysi':162,672,1333 'anonym':980 'apach':312,380,707,795 'api':50,80,194,199,204,751,754,758,787,790,852,1006,1377,1380,1382,1384,1550,1560,1615 'api.host':816 'api.search':794,1406 'api.shodan.io':763,771,779 'api.shodan.io/api-info?key=your_key':762 'api.shodan.io/shodan/host/1.1.1.1?key=your_key':770 'api.shodan.io/shodan/host/search?key=your_key&query=apache':778 'append':1448 'applic':1659 'as15169':477 'asn':476,693 'assess':1498 'asset':117,148 'asynchron':1112 'australia':264 'auth':1266 'authent':974,1273 'author':107,1168,1182 'autom':1368 'autonom':478 'avail':213,217,396,582,659,664,1158 'banner':134,137 'base':101 'bash':172,196,222,248,283,303,328,352,372,407,594,631,662,676,756,1192,1245,1289,1334,1499 'basic':242,300,882,1065 'belong':1196 'blackarch/arch':185 'bluekeep':1250 'boundari':1100 'broaden':1632 'ca':502 'call':755 'camera':991 'cannot':1113,1588 'capabl':60 'caus':1547 'cert':1033,1340 'certif':555,1332,1347,1358 'chaiso':988,1318 'check':219,230,236,278,638,917 'cidr':467 'cisco':966,969 'citi':347,496,499 'cli':48,98,171,237,843 'code':489,507,551 'code3':430 'collect':1417 'combin':1013 'comcast':520 'command':45,103,844,845 'command-lin':44,102 'common':925 'communic':268 'compani':1020,1204,1218,1227,1353,1493,1630 'configur':168,729,1552 'constraint':1096 'consum':309,357,920,1572 'contain':471 'content':547 'continu':1139 'control':1303 'coordin':512 'core':163 'corrupt':1639 'cost':1064,1154 'count':350,355,360,365,874,877 'countri':263,345,381,483,488,490,494,681,703,1043,1215,1259,1299 'cover':39 'crawl':1138,1587 'credit':212,216,224,308,327,358,599,847,922,1059,1062,1129,1155,1568,1571,1575 'credit-fre':1574 'criteria':425,1633 'csv':439,699 'curl':760,768,776 'current':1151 'custom':686 'cve':564,568,958,1040,1252,1256,1281,1531 'cves':129 'dashboard':86,540,719,745 'data':135,157,406,413,834,897,1131,1135,1141,1152,1157,1221,1536,1601 'databas':937,1052 'days/weeks':1144 'def':1386 'default':376,677,949,951 'deliver':116 'demand':55,590,910,1148 'depend':1093 'describ':1666 'descript':846 'detail':871,1220 'devic':69,967,1287,1324 'direct':753 'disabl':975 'discov':62,121 'discoveri':1244,1288 'distribut':146,1512 'docker':1005,1010 'document':1183 'domain':91,691,725,1022 'download':370,373,378,383,389,394,399,405,412,647,652,886,1075,1219,1223,1540,1634,1650 'e':1480,1484 'easi':179,181 'elast':946,1270 'elasticsearch':944,1263 'email':732 'empti':1617 'enabl':560 'engag':17,36 'enterpris':1124 'enumer':1023 'error':1483,1624 'essenti':842 'etc':742 'event':738 'exampl':258,1187,1188,1240,1284,1329,1365,1494 'example.com':469,553,1025,1344 'exceed':1608 'except':1477 'execut':1661 'exhaust':1569 'exist':1600 'expir':1346 'export':156,437,1534 'expos':63,131,154,747,976,1045,1262,1291,1312 'exposur':1053 'extern':232 'extract':408,896 'f':433,797,808,819,825,836,1401,1409,1461,1469,1482 'facet':687,690,702,1212,1515 'field':315,318,410,416,428,443,1234 'file':159,887,895,1635 'file.gz':1647 'filenam':625 'filter':52,324,340,422,453,456,482,514,524,562,576,919,1012,1070,1071,1579 'find':930,1193,1246,1261,1274,1290,1301,1311,1321,1335,1345,1354,1454,1520 'format':440,1642 'found':799,1410 'francisco':498 'free':74,302,1125,1576 'fresh':1136 'ftp':977 'full':493 'galleri':150 'general':1172 'generat':1080 'geo':508 'geograph':143,481 'get':249,284,353,673,757,1205,1510 'googl':516 'gunzip':1645 'histor':1156 'home':1323 'honeypot':282,285,294,916 'honeyscor':289,914 'host':122,243,247,256,280,766,813,815,821,833,868,870,1195,1247,1336,1413,1422,1443,1444,1446,1476,1585,1597 'host.get':827 'hostnam':261,420,468,470,1024 'hosts.items':1459 'hour':1121,1605 'hp':987,1317 'hp-chaiso':986,1316 'html':546 'http':541,549 'http.component':983 'http.html':544 'http.status:200':548 'http.title':539,1048 'id':612,646,658 'identifi':128 'immedi':1111 'import':785,1373,1375 'industri':961,1302 'info':209,227,229,759,856,859,1231,1566 'inform':88,251 'infrastructur':1209 'init':202,849,1558 'initi':193,851,1555 'input':70 'instal':106,169,176,180,182 'interfac':43,47,155,714 'inventori':118 'investig':96 'iot':68,1286 'ip':89,233,254,319,417,431,444,457,460,597,601,722,809,811,820,822,865,869,907,915,1086,1092,1118,1235,1419,1428,1430,1440,1445,1447,1456,1463,1592,1598 'isp':519,521 'issu':1546 'item':831,838 'jenkin':998,1002 'jq':765,773,781 'json':1376 'json/csv':158 'jurisdict':1176 'key':81,195,200,205,791,850,853,1378,1381,1385,1551,1553,1561 'keyword':305 'lat/long':511 'later':650 'legal':1162,1173 'letter':487 'leverag':8,27 'librari':783 'limit':390,400,653,694,1098,1102,1128,1607,1652 'line':46,104 'linux':186 'list':119,632,637,663 'location.country':429 'log4j':1275 'login':545 'lookup':767,814 'main':1489 'map':142 'match':806,1427 'may':1142 'methodolog':6,25 'modbus':965,1310 'mongodb':336,936,939 'monitor':59,628,710,718,727,1090,1091 'month':1570 'mountain':266 'multipl':339 'myip':235,862 'n':1462 'n/a':829 'name':495,500,518,522,1021,1390,1404,1416,1488,1631 'navig':716 'nest':1328 'net':462,1029,1507,1517,1527,1542 'network':58,93,114,141,455,465,709,1026,1089,1496,1503 'network_scan.json.gz':1541 'new':348,739 'nginx':344,393,526,685,696 'non':1123 'non-enterpris':1122 'none':1486 'notif':730 'number':269,385,480 'o':705 'obtain':82 'old':1145 'on-demand':53,588,908,1146 'one.one.one.one':262 'open':271,970 'openssh':361,366 'oper':537,1099 'org':447,515,682,704,828,1017,1019,1202,1216,1225,1352,1389,1402,1403,1415,1629 'organ':265,513,517,826,1190,1199,1388,1395,1399,1491 'organiz':145 'os':322,533 'output':115,210,259,291,314,362,368,609,1453 'overview':1669 'pacman':188 'page':542 'paid':76,1133,1160 'panel':1047 'pars':404,415,427,442,894,1228,1233,1638 'passiv':1170 'password':950,952 'penetr':15,34 'pentest':21 'per':600,923,1106 'perform':1165,1391 'permiss':109 'phrase':1628 'pip':174,175 'plan':226,1095,1161 'port':123,272,274,321,419,434,446,472,475,692,837,839,947,955,963,972,978,989,993,1003,1007,1050,1054,1213,1237,1271,1307,1319,1421,1432,1434,1449,1450,1471,1511,1516 'postal':504 'postal/zip':506 'prerequisit':71 'print':796,807,818,824,835,1408,1460,1468,1481 'printer':985,1313 'probabl':286 'product':330,335,343,525,528,938,942,945,968,1009,1214,1238,1269,1309,1327,1435,1437,1451,1452,1474 'product-specif':329 'protocol':661,668 'protocols/modules':665 'provid':4,23,1150 'purpos':22,928 'python':100,191,782,784,1367,1370 'python-bas':99 'python-shodan':190 'python3':1372 'queri':211,245,299,403,775,875,881,888,901,924,927,929,1015,1067,1073,1078,1082,1400,1407,1567,1577 'quick':840 'quot':1626 'rang':94,466,723,1027,1497,1504,1524,1538 'rate':1101,1606 'rdp':954,1251 're':1115,1590,1649 're-download':1648 're-scan':1114,1589 'recent':633,1586 'recon':1018,1387,1490 'reconnaiss':3,12,19,31,111,152,244,1166,1171,1185,1191,1392 'redi':940,943 'refer':454,841 'report':127,1081 'request':1105,1616 'request/second':1610 'requir':1132,1163,1181 'reset':1582 'rest':49,750 'result':351,354,371,375,387,397,621,649,793,798,800,803,805,810,876,890,892,1077,1109,1405,1411,1424,1426,1429,1433,1619 'result.get':1436 'results.csv':450 'results.json.gz':379,392,421,436,449,655 'return':1475,1485 'reveal':138 'rtsp':992 'run':1556 'san':497 'save':620,697,889 'scan':56,215,591,593,595,603,606,611,614,618,623,629,634,636,640,643,645,648,656,657,660,667,905,911,1028,1084,1087,1108,1116,1149,1178,1179,1500,1591 'scan_results.json.gz':626 'scenario':1014 'score':287,295 'screenshot':149,575,578,581,585,934,996,1297 'screenshot.label':583 'script':1369 'search':51,298,301,306,311,317,325,332,334,337,342,452,674,774,792,880,883,926,1034,1066,1072,1201,1254,1268,1279,1294,1306,1315,1326,1342,1349,1360,1397,1506,1526,1618 'second':1107 'select':736 'self':1356,1363 'self-sign':1355,1362 'separ':448 'server':535,941,999,1038 'servic':64,125,133,136,731,740,748,1243,1457,1467 'service/product':523 'set':197 'setup':166,207,711 'shodan':2,9,18,28,41,72,84,97,170,177,183,192,201,208,228,234,239,255,288,310,316,333,341,359,364,377,388,398,414,426,441,602,613,622,635,642,651,666,683,688,700,786,848,855,861,867,873,879,885,893,899,904,913,1137,1200,1210,1222,1232,1253,1267,1278,1293,1305,1314,1325,1341,1348,1359,1374,1505,1513,1525,1539,1557,1565,1596 'shodan-reconnaiss':1 'shodan.apierror':1478 'shodan.io':79 'shodan.shodan':788,1383 'show':610,857,863 'sign':1357,1364 'simpl':304 'singl':246,596 'site':982 'skill':38,1657 'skill-shodan-reconnaissance' 'slack':733 'smart':1322 'smb':323 'softwar':139,527,531 'solut':1548 'source-sickn33' 'specif':331,384,409,424,459,474,567,639,1230,1338,1521,1621 'specifi':313 'ssl':554,556,559,1032,1339 'ssl.cert.expired':1350 'ssl.cert.issuer.cn':1361 'ssl.cert.subject.cn':552,1035,1343 'ssl/tls':1331 'stat':684,689,701,900,1211,1514 'state':492,501 'state/region':503 'statist':670,675,678,902,1206 'stats.csv':706 'status':221,550,630,641,644 'str':320,418,432,445,812,823,1236,1431 'submit':592,604,615,624,906,1180 'subscript':1134 'sudo':187 'svc':1465,1470,1473 'syntax':1623 'system':66,479,538,962,1060,1277,1304 'systemat':5,24 'target':87,113,1016,1169,1198,1203,1217,1226,1492 'target.com':1036 'target_data.json.gz':1224,1239 'test':16,35 'time.sleep':1612 'titl':543 'tool':13,32,105 'top':679 'topic-agent-skills' 'topic-agentic-skills' 'topic-ai-agent-skills' 'topic-ai-agents' 'topic-ai-coding' 'topic-ai-workflows' 'topic-antigravity' 'topic-antigravity-skills' 'topic-claude-code' 'topic-claude-code-skills' 'topic-codex-cli' 'topic-codex-skills' 'total':801,1412 'tri':1396 'trigger':737 'troubleshoot':1545 'true':557,571,579,935,997,1298,1351 'two':486 'two-lett':485 'type':586,1063 'uniqu':1418 'unit':491 'unknown':1438 'upgrad':1584 'us':346,382,484,1044,1260,1300 'usag':752 'use':173,1011,1573,1595,1625,1655 'verbos':608,616 'verifi':206,1175,1563,1643 'version':140,238,240,529,532 'view':223,267,744 'visual':151 'vnc':971 'vuln':563,570,957,1039,1255,1280,1530 'vulner':65,126,132,561,574,741,953,1037,1242,1248,1276,1522 'wait':1580,1603 'web':42,713 'webcam':584,931,932,1292,1295 'webhook':734 'window':534 'within':1119,1593 'without':356 'won':1636 'wordpress':981,984 'workflow':164,1663 'written':108 'wrong':1641 'x':1001 'x-jenkin':1000 'york':349","prices":[{"id":"3700fdfe-b36d-4386-957f-c09a449914af","listingId":"bad76921-1e5a-4905-afe7-2334a903ad4b","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"sickn33","category":"antigravity-awesome-skills","install_from":"skills.sh"},"createdAt":"2026-04-18T21:44:49.886Z"}],"sources":[{"listingId":"bad76921-1e5a-4905-afe7-2334a903ad4b","source":"github","sourceId":"sickn33/antigravity-awesome-skills/shodan-reconnaissance","sourceUrl":"https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/shodan-reconnaissance","isPrimary":false,"firstSeenAt":"2026-04-18T21:44:49.886Z","lastSeenAt":"2026-04-22T12:51:45.734Z"}],"details":{"listingId":"bad76921-1e5a-4905-afe7-2334a903ad4b","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"sickn33","slug":"shodan-reconnaissance","github":{"repo":"sickn33/antigravity-awesome-skills","stars":34515,"topics":["agent-skills","agentic-skills","ai-agent-skills","ai-agents","ai-coding","ai-workflows","antigravity","antigravity-skills","claude-code","claude-code-skills","codex-cli","codex-skills","cursor","cursor-skills","developer-tools","gemini-cli","gemini-skills","kiro","mcp","skill-library"],"license":"mit","html_url":"https://github.com/sickn33/antigravity-awesome-skills","pushed_at":"2026-04-22T06:40:00Z","description":"Installable GitHub library of 1,400+ agentic skills for Claude Code, Cursor, Codex CLI, Gemini CLI, Antigravity, and more. Includes installer CLI, bundles, workflows, and official/community skill collections.","skill_md_sha":"348dee0175d60a982916fb9592c5dab6c0ddda90","skill_md_path":"skills/shodan-reconnaissance/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/shodan-reconnaissance"},"layout":"multi","source":"github","category":"antigravity-awesome-skills","frontmatter":{"name":"shodan-reconnaissance","description":"Provide systematic methodologies for leveraging Shodan as a reconnaissance tool during penetration testing engagements."},"skills_sh_url":"https://skills.sh/sickn33/antigravity-awesome-skills/shodan-reconnaissance"},"updatedAt":"2026-04-22T12:51:45.734Z"}}