Search
๐Ÿ“ก

Shodan, Censys, CriminalIP

1. Shodan

Shodan
Search engine of Internet-connected devices. Create a free account to get started.
https://www.shodan.io/
IP ์žฅ์น˜ ๊ฒ€์ƒ‰ ์—”์ง„, ์ž์ฒด DB๋ฅผ ๊ตฌ์ถ•ํ•˜์—ฌ ์šด์šฉํ•˜๋ฉฐ ์•…์˜์ ์ธ ์‚ฌ์šฉ์ž์—๊ฒŒ ์ทจ์•ฝ์ ์„ ์ œ๊ณตํ•  ์ˆ˜ ์žˆ๋‹ค.
๋‹ค์–‘ํ•œ ํ•„ํ„ฐ๋ฅผ ํ†ตํ•ด ๊ฒ€์ƒ‰์ด ๊ฐ€๋Šฅํ•˜๋ฉฐ City, Country, Geo, http.title ์ฃผ๋กœ ์‚ฌ์šฉํ•˜๊ฒŒ ๋œ๋‹ค.
๋ฌด๋ฃŒ ์‚ฌ์šฉ์ž๋Š” ์ผ์ผ 50๊ฐœ์˜ ๊ฒ€์ƒ‰ ๊ฒฐ๊ณผ๋งŒ ๊ฐ€๋Šฅํ•˜๊ธฐ์— ์—…๋ฌด์šฉ ๋ชฉ์ ์ด๋ผ๋ฉด ์ตœ์†Œ ํ”„๋ฆฌ๋žœ์„œ ๋ผ์ด์„ผ์Šค ๊ฐ€์ž…์ด ํ•„์š”ํ•˜๋‹ค.
Shodan
The Shodan plugin tells you where the website is hosted (country, city), who owns the IP and what other services/ ports are open.
https://chrome.google.com/webstore/detail/shodan/jjalcfnidlmpjhdfepjhjbhnhkbgleap
ํฌ๋กฌ ํ™•์žฅํ”„๋กœ๊ทธ๋žจ๋„ ์ œ๊ณตํ•˜๋Š”๋ฐ ์ด๋ฅผ ์‚ฌ์šฉํ•˜๋ฉด ๋‹ค์Œ๊ณผ๊ฐ™์ด ํŠน์ • ์‚ฌ์ดํŠธ์—์„œ ๋ฐ”๋กœ ํ•ด๋‹น ์‚ฌ์ดํŠธ์— ๋Œ€ํ•œ ์ •๋ณด๋ฅผ ์ œ๊ณตํ•œ๋‹ค.

ย ์‚ฌ์šฉ ์˜ˆ์‹œ

โ€ข
http.title:dprk
๋ถํ•œ DPRK ์ œ๋ชฉ์„ ๊ฐ€์ง€๋Š” ์‚ฌ์ดํŠธ ๊ฒ€์ƒ‰
โ€ข
has_screenshot:true encrypted attention
๋žœ์„ฌ์›จ์–ด ๊ฐ์—ผ PC ๊ฒ€์ƒ‰
โ€ข
asn:as131279
์„œ๋น„์Šค ๊ธฐ์—… ASN์„ ๊ธฐ๋ฐ˜์œผ๋กœ ๊ฒ€์ƒ‰ํ•œ๋‹ค.
โ€ข
has_screenshot:true Country:KR
์Šคํฌ๋ฆฐ์ƒท์ด ์กด์žฌํ•˜๋Š” ํ•œ๊ตญ IP, RDP ํฌํŠธ๊ฐ€ ์—ด๋ ค์žˆ๋Š” ๊ฒƒ์„ ๋ณด์—ฌ์ค€๋‹ค.

2. Censys

Exposure Management and Threat Hunting Solutions | Censys
Exposure Management, External Attack Surface Management, and Threat Hunting solutions powered by the most comprehensive dataset of internet intelligence.
https://censys.com/
Shodan๊ณผ ๊ฑฐ์˜ ๋™์ผํ•œ ๊ธฐ๋Šฅ์„ ์ œ๊ณตํ•˜๋ฉฐ 2023.10.31 ํ˜„์žฌ ๋ฌด๋ฃŒ๋กœ ์ œ๊ณต๋˜๊ณ  ์žˆ๋‹ค.
๋„๋ฉ”์ธ, ์•„์ดํ”ผ, ์ธ์ฆ์„œ, ํฌํŠธ, ASN, ๊ด€๋ฆฌ์ž(์ด๋ฉ”์ผ, ์ฃผ์†Œ, ์ „ํ™”๋ฒˆํ˜ธ) ๋“ฑ์„ ํš๋“ํ•  ์ˆ˜ ์žˆ๊ณ  reverse_dns ๋“ฑ ์„œ๋กœ ์‚ฌ์ดํŠธ ๊ฐ„์˜ ์—ฐ๊ด€์„ฑ์„ ํŒŒ์•…ํ•˜๋Š”๋ฐ ์œ ์šฉํ•˜๊ฒŒ ์‚ฌ์šฉ๊ฐ€๋Šฅํ•˜๋‹ค.
Hosts - Censys
Censys helps organizations, individuals, and researchers find and monitor every server on the Internet to reduce exposure and improve security.
https://search.censys.io/search/definitions?resource=hosts
์›ํ•˜๋Š” ํ‚ค์›Œ๋“œ๊ฐ€ ์žˆ๋‹ค๋ฉด ๊ฒ€์ƒ‰์–ด์— ์ž…๋ ฅํ•˜๋ฉด ๋‹ค์Œ๊ณผ ๊ฐ™์ด ์–ด๋–ค ํ‚ค์›Œ๋“œ๋ฅผ ์‚ฌ์šฉํ•˜๋ฉด ์ข‹์„์ง€ ์•Œ๋ ค์ฃผ๋ฉฐ ์œ„ ๋‹คํ๋ฉ˜ํ…Œ์ด์…˜์„ ํ†ตํ•ด ํ‚ค์›Œ๋“œ๋ฅผ ์‹๋ณ„ํ•˜๊ฑฐ๋‚˜, GPT์™€ ์—ฐ๋™ํ•œ CensysGPT๋ฅผ ํ†ตํ•ด ์งˆ์˜๋ฅผ ์ˆ˜ํ–‰ํ•ด ๋‹ต์„ ์–ป์„ ์ˆ˜ ์žˆ๋‹ค.

ย ์‚ฌ์šฉ ์˜ˆ์‹œ

โ€ข
ip:175.45.176.15
โ€ข
autonomous_system.asn:131279

3. Criminal IP

Cybersecurity Search Engine | Criminal IP
Criminal IP is a Cyber Search Engine and Attack Surface Management(ASM) platform to find everything in Cybersecurity with impressive amount data capacities, API speed, and price.
https://www.criminalip.io/
์‡ผ๋‹จ๊ณผ ์œ ์‚ฌํ•œ ๊ธฐ๋Šฅ์„ ์ˆ˜ํ–‰ํ•˜๋Š” ์‚ฌ์ดํŠธ๋กœ ip ๋“ฑ์„ ๊ธฐ๋ฐ˜์œผ๋กœ ํ•œ Asset Serach ๋ถ€ํ„ฐ ์ผ๋ฐ˜์ ์ธ domain search ๋“ฑ ๋‹ค์–‘ํ•œ ๊ฒ€์ƒ‰๊ธฐ๋Šฅ์„ ์ œ๊ณตํ•œ๋‹ค.

ย ์‚ฌ์šฉ ์˜ˆ์‹œ

โ€ข
ip:x.x.x.x (Asset Search)
ํŠน์ • IP์— ๋Œ€ํ•ด ๊ฒ€์ƒ‰ํ•˜๋ฉด ๊ด€๋ จ ์ •๋ณด๋Š” ๋ฌผ๋ก  ๋ฐœ์ƒ๊ฐ€๋Šฅํ•œ CVE ๋ฆฌ์ŠคํŠธ๋ฅผ ๋‚˜์—ดํ•ด์ค€๋‹ค.

4. URLScan

URL and website scanner - urlscan.io
urlscan.io - Website scanner for suspicious and malicious URLs
https://urlscan.io/
URL ๊ธฐ๋ฐ˜์œผ๋กœ ๊ด€๋ จ ์ •๋ณด๋ฅผ ์ œ๊ณตํ•ด์ฃผ๋ฉฐ, ํ˜„์žฌ ์‚ฌ์ดํŠธ ์ƒํƒœ๋ฅผ ๊ธฐ๋ฐ˜์œผ๋กœ ๋‹ต๋ณ€์„ ์ œ๊ณตํ•œ๋‹ค.

โœ“ ๋‹ค๋ฅธ [์ •๋ฆฌ] ํฌ์ŠคํŠธ

๋ฒ ํŠธ๋‚จ ํ™˜์ „ ์™œ ํ•œ๊ตญ์—์„œ ํ•˜๋ฉด ์•ˆ๋ ๊นŒ? (ํ•œ๊ตญ vs ๊ณตํ•ญ vs ๊ธˆ์€๋ฐฉ)
Travel
๋ฒ ํŠธ๋‚จ ํ™˜์ „ ์™œ ํ•œ๊ตญ์—์„œ ํ•˜๋ฉด ์•ˆ๋ ๊นŒ? (ํ•œ๊ตญ vs ๊ณตํ•ญ vs ๊ธˆ์€๋ฐฉ)
Travel
Ollama ์œˆ๋„์šฐ LLM ์‚ฌ์šฉ (๊ตฌ๊ธ€ Gemma)
AI
Ollama ์œˆ๋„์šฐ LLM ์‚ฌ์šฉ (๊ตฌ๊ธ€ Gemma)
AI
๋‚ด๋ถ€๋ง ๋ฉ”์‹ ์ € ๊ตฌ์ถ• - Rocket.Chat
Setting
๋‚ด๋ถ€๋ง ๋ฉ”์‹ ์ € ๊ตฌ์ถ• - Rocket.Chat
Setting
Zeek for Hunting Splunk app
Security
Zeek for Hunting Splunk app
Security
CALDERA - EMU for Offline Setting
Security
CALDERA - EMU for Offline Setting
Security
Python Jail Escape (Hack.lu CTF 2023 Safest Eval)
Security
Python Jail Escape (Hack.lu CTF 2023 Safest Eval)
Security
OSINT Tools List
Security
OSINT Tools List
Security
MALTEGO (One License)
Security
MALTEGO (One License)
Security
Shodan, Censys, CriminalIP
Security
Shodan, Censys, CriminalIP
Security
Google Hacking / Dork
Security
Google Hacking / Dork
Security
Load more
๏ธŽ ๋” ๋งŽ์€ ๊ฒŒ์‹œ๋ฌผ์„ ๋ณด๋ ค๋ฉด
Blog - AbsolRoot
๏ธŽ ์ž‘์„ฑ์ž๊ฐ€ ๊ถ๊ธˆํ•˜๋ฉด?
๋ฐ•ํ•„๊ทผ | AbsolRoot
ย 2023.ย Absolroot all rights reserved.