Shodan and censys.io

In an ocean of vulnerable hosts, where to find it? Often, attackers utilize existing vulnerabilities to gain access to the system without much effort, so one of the easiest ways to do so is to search in Shodan. Shodan is one of the craziest search engines that lets anyone on the internet find devices connected to the internet using a variety of filters. It can be accessed by visiting https://www.shodan.io/. This is one of the selected websites consulted for information around the globe. If the name of a company is searched for, it will provide any relevant information that it has in its database, such as IP address, port numbers, and the service that was running.

The following is a sample screenshot from https://www.shodan.io/ for hosts that are running IIS 5.0:

Similar to Shodan attackers, now, we can also utilize the scans.io API for relevant information gathering or Censys.io, which can provide more information about IPv4 hosts, websites, certifications, and other stored information. The following screenshot provides information about Microsoft.com: