No description, website, or topics provided.
Switch branches/tags
Nothing to show
Clone or download

SD-WAN Harvester

SD-WAN Harvester tool was created to automatically enumerate and fingerprint SD-WAN nodes on the Internet. It uses Shodan search engine for discovering, NMAP NSE scripts for fingerprinting, and masscan to implement some specific checks.


SD-WAN Harvester requires Python 3.6 or later and Nmap.

You also need an Shodan API key.


  1. Clone the repository:
git clone
  1. Install pip requirements:
python3.6 -m pip install -r requirements.txt
  1. Run the script:
python3.6 -h
  1. Set your Shodan key via a command line argument

or via an environment variable

./ (without -sk key)


Command Line Arguments

  1. -h, --help - show the help message and exit.

  2. -sk SHODAN_KEY, --shodan-key SHODAN_KEY - set a Shodan API key.

  3. -n, --new - initiate a new discovery using Shodan.

  4. -q QUERIES, --queries QUERIES - specify the file containing SD-WAN queries and filters for Shodan. Default value is shodan_queries.json.

  5. -d DESTINATION, --destination DESTINATION - the directory where results will be stored. Default value is results.

  6. -C CONFIDENCE, --confidence CONFIDENCE - set the confidence level (certain, firm, or tentative).
    Default value is certain.

  7. -v [VULNERS [VULNERS ...]], --vulners [VULNERS [VULNERS ...]] - the list of venodrs checked by Shodan vulnerability scanner. For example, --- vulners silver peak, arista, talari command starts finding of known vulnerabilities for silver peak, arista and talari products. Use --vulners all to run scanning for all vendors. By default, Shodan vulnerability scanning is turned off.

  8. -mv MAX_VENDORS, --max-vendors MAX_VENDORS - the Maximum Number of Vendors shown in reports.
    Default value is 10.

  9. -mc MAX_COUNTRIES, --max-countries MAX_COUNTRIES - the Maximum Number of Countries shown in reports. Default value is 10.

  10. -maxv MAX_VULNERS, --max-vulners MAX_VULNERS - the Maximum Number of Vulnerabilities shown in reports.
    Default value is 10.

  11. -u, --update-markers - Update map markers.


Show help

python3.6 -h

Run an enumeration

python3.6 -sk YOUR_API_KEY -n

Run an enumeration with firm level of confidence

python3.6 -sk YOUR_API_KEY -n -c firm

Run a vulnerability scan against talari vendor

python3.6 -sk YOUR_API_KEY -n -v talari

Run a new vulnerability scan for all vendors. The Maximum Number of Vendors is 8, the Maximum Number of Countries is 8, and the Maximum Number of CVEs is 8

python3.6 -sk YOUR_API_KEY -n -v all -mv 8 -mc 8 -maxv 8

Run a new scan with all features enabled -sk YOUR_API_KEY -n -v all -c all

Process data from previous scan results (for example, if you want to build new charts and graphics containing fewer vendors, countries, or vulners.)

 python3.6 -v -mv <num> -mc <num> -maxv <num>