The object of this script is to gather public vulnerabilities from IPs or domains, based on Shodan. The collected data includes IP, domain, CVE-ID, CVSS and risk (v3 and v2), provider and product affected.
Although you can find some screenshots with examples, the available options are:
- Save this bash script in '$HOME/Desktop/Shodan2CVE'.
- Run Shodan with a subscription API_KEY.
- Make sure you have "shodan" and "jq" packages installed in your system.
In order to have all the functionalities, the first task is to init Shodan with a subscription plan API_KEY.
To do so, run "$ shodan init API_KEY" as shown below.
./Shodan2CVE.sh [OPTION] [ARGUMENT]
Options:
-h, --help Show this message and exit.
-i, --ip [ip,ip] Gather information from one or more given comma-separated IPs.
-d, --domain [domain,domain] Gather information from one or more given comma-separated domains.
-f, --file [file] Gather information from the IPs or domains listed in a specified '.txt' file. Note: One IP or domain per line.
-m, --merge [file] Merge all results in a single CSV file, whose name can be set as default, if not passed as argument, or custom.
-s, --stats [ip,domain] Show stats from one or more given comma-separated IPs or domains, or read from '.txt' file (same as '-sf' option).
-sf, --stats-file [file] Show stats from the IPs or domains contained in the '.txt' file passed as argument.
-c, --cve [CVE-YYYY-XXXXX] Print information from one or more given comma-separated CVE ID.
-r, --release Show release notes and exit.
Analyse the registries contained in "list.txt"
If the IP has not been analysed, it will before printing stats.
Print statistics for all IPs.