Shodan is a search engine to provides the information about domains and IP addresses.
This document provides information about the Shodan connector, which facilitates automated interactions, with a Shodan server using FortiSOAR™ playbooks. Add the Shodan connector as a step in FortiSOAR™ playbooks and perform automated operations, such as searching for information about a domain or an IP address.
Connector Version: 1.0.0
Compatibility with FortiSOAR™ Versions: 4.9.0.0-708 and later
Compatibility with Shodan Versions: 1.7 and later
For the procedure to install a connector, click here.
For the procedure to configure a connector, click here.
In FortiSOAR™, on the Connectors page, select the Shodan connector and click Configure to configure the following parameters:
Parameter | Description |
---|---|
Server URL | URL of the Shodan server to which you will connect and perform automated operations. |
API Key | API key that is configured for your account for using the Shodan server. |
Verify SSL | Specifies whether the SSL certificate for the server is to be verified or not. By default, this option is set as True . |
The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:
Function | Description | Annotation and Category |
---|---|---|
Search Domain | Searches and returns information about a domain that you have specified by its domain name. | domain_details Investigation |
Search IP | Searches and returns information about an IP that you have specified by its IP address. | ip_details Investigation |
Parameter | Description |
---|---|
Domain | Name of the domain for which you want to retrieve information. |
The JSON output contains the details of the specified domain.
Following image displays a sample output:
Parameter | Description |
---|---|
IP Address | IP address for which you want to retrieve information. |
The JSON output contains the details of the specified IP address.
Following image displays a sample output:
The Sample - Shodan - 1.0.0
playbook collection comes bundled with the Shodan connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Shodan connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection, since the sample playbook collection gets deleted during connector upgrade and delete.
Shodan is a search engine to provides the information about domains and IP addresses.
This document provides information about the Shodan connector, which facilitates automated interactions, with a Shodan server using FortiSOAR™ playbooks. Add the Shodan connector as a step in FortiSOAR™ playbooks and perform automated operations, such as searching for information about a domain or an IP address.
Connector Version: 1.0.0
Compatibility with FortiSOAR™ Versions: 4.9.0.0-708 and later
Compatibility with Shodan Versions: 1.7 and later
For the procedure to install a connector, click here.
For the procedure to configure a connector, click here.
In FortiSOAR™, on the Connectors page, select the Shodan connector and click Configure to configure the following parameters:
Parameter | Description |
---|---|
Server URL | URL of the Shodan server to which you will connect and perform automated operations. |
API Key | API key that is configured for your account for using the Shodan server. |
Verify SSL | Specifies whether the SSL certificate for the server is to be verified or not. By default, this option is set as True . |
The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 onwards:
Function | Description | Annotation and Category |
---|---|---|
Search Domain | Searches and returns information about a domain that you have specified by its domain name. | domain_details Investigation |
Search IP | Searches and returns information about an IP that you have specified by its IP address. | ip_details Investigation |
Parameter | Description |
---|---|
Domain | Name of the domain for which you want to retrieve information. |
The JSON output contains the details of the specified domain.
Following image displays a sample output:
Parameter | Description |
---|---|
IP Address | IP address for which you want to retrieve information. |
The JSON output contains the details of the specified IP address.
Following image displays a sample output:
The Sample - Shodan - 1.0.0
playbook collection comes bundled with the Shodan connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Shodan connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection, since the sample playbook collection gets deleted during connector upgrade and delete.