Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add shodan query pack #154

Merged
merged 1 commit into from
Jul 19, 2024
Merged

add shodan query pack #154

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
66 changes: 66 additions & 0 deletions core/mondoo-shodan-inventory.mql.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,66 @@
# Copyright (c) Mondoo, Inc.
# SPDX-License-Identifier: BUSL-1.1

packs:
- uid: mondoo-shodan-inventory
name: Shodan Inventory Pack
version: 1.0.0
license: BUSL-1.1
authors:
- name: Mondoo, Inc
email: [email protected]
tags:
mondoo.com/platform: shodan
mondoo.com/category: best-practices
docs:
desc: |
The Shodan Inventory Pack by Mondoo retrieves data about shodan.io assets.

## Local scan
To run this pack locally:

```bash
export SHODAN_TOKEN="XXX"
cnquery scan shodan --networks "1.1.1.1/28" --discover hosts -f mondoo-shodan-inventory.mql.yaml
```

## Join the community!
Our goal is to build query packs that are simple to deploy and provide accurate and useful data.

If you have any suggestions for improving this query pack, or if you need support, [join the Mondoo community](https://github.com/orgs/mondoohq/discussions) in GitHub Discussions.
filters:
- mql: asset.platform == "shodan-host"
queries:
- uid: mondoo-shodan-inventory-hostnames
title: Shodan info about Hostnames / DNS
mql: |
shodan.host.hostnames
- uid: mondoo-shodan-inventory-asn
title: Shodan info about ASN
mql: |
shodan.host.asn
- uid: mondoo-shodan-inventory-tags
title: Shodan info about Tags
mql: |
shodan.host.tags
- uid: mondoo-shodan-inventory-isp
title: Shodan info about ISP
mql: |
shodan.host.isp
- uid: mondoo-shodan-inventory-org
title: Shodan info about Org
mql: |
shodan.host.org
- uid: mondoo-shodan-inventory-ip
title: Shodan info about IP
mql: |
shodan.host.ip
- uid: mondoo-shodan-inventory-os
title: Shodan info about OS
mql: |
shodan.host.os
- uid: mondoo-shodan-inventory-ports
title: Shodan info about Ports
mql: |
shodan.host.ports

Loading