We are first going to use Shodan to help us discover technologies running on the target servers. Remember that Shodan is a search engine for IoT devices that provides in-depth information about devices connected to the internet.
To get started, observe the following steps:
- Using your web browser, go to https://www.shodan.io.
- You may be required to register and create an account with Shodan to get better results.
- In the search bar, enter an organization to search for a device. The following screenshot shows the search bar on Shodan:
- Once the search is complete, click on a target from the search results to access the information found with Shodan.
- On the target's page, you'll be presented with a list of open network ports, running services, and their versions, as well as any technologies being used:
- Scrolling down a bit, if there are any known vulnerabilities found on the target, Shodan will provide a list with descriptions:
In the next section, we will take a look at using Netcraft to gather more detailed information about the underlying technologies of a target web server.