Shodan (www.shodan.io) is a search engine that indexes various devices that are connected to the internet. What does this mean? To elaborate, let's take a real-life example of discovering devices of a certain vulnerability level. In January 2019, Hacker News (https://thehackernews.com) published an article indicating that over 9,000 Cisco SMB RV320 and RV325 routers were globally affected by a new exploit. The exploits were CVE-2019-1652 and CVE-2019-1653, and they allow a malicious person to obtain configuration files and gain control of devices.

Imagine that you're interested in discovering all the devices of this nature on the internet. Using Shodan as a regular search engine, we can quickly discover multiple devices that fit our search criteria of cisco rv325, as shown in the following screenshot. Look closely: we can see a list of online Cisco RV325 routers, their IP addresses, their hostnames, and their locations:

The results provide geolocation information for the devices and IP addresses, and banner information such as firmware versions. On the left, we can see a global map indicating the number of internet-connected devices per country and organization. Simply clicking on a country, an organization, or even an IP address will filter that information for us.

Clicking on an IP address will provide greater insight into the selected device, such as the hostname, open ports, running services, organization, Internet Service Provider (ISP) details, and the vulnerabilities the device is susceptible to, as shown in the following screenshot:

Information that's gathered from Shodan can help you build a better profile of your target organization during a penetration test as it can provide you with possible operating system versions and other technical details that you can use to successfully exploit your target. Put simply, Shodan can help you identify the target's technologies and control systems in their organization and IT infrastructure.

In the next section, we'll learn about OSRFramework.