Skip to content
Masscan integrated with Shodan API
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information. Updated Paren Fix Line 80 Dec 5, 2015

Masscan + Shodan Automation

Integrating Masscan port scanner with Shodan API using Python

Author: Trevor Davenport

Update (12/5/15)

We've Been Added to BlackArch Distro!


  Masscan Port Scanner:
  Masscan Man Page:
  Python Dependencies: Requests (
                       BeautifulSoup (
                       Shodan API (
  Other Dependencies: CURL (


 1  [*] Masscan initiates port scan
 2   [*] Results are generated in XML output
 3    [*] Output is pushed to
 4     [*] Data Analysis for Security/Vulnerability Management


Shodan API

Service to Port Shodan Mapping

Shodan Provides a dictionary of common Ports to known Services, we can use this data to further expand the knowledge of our open port list.

Data Analysis will render the Services and Service Count from the masscan results.

Parsing Masscan XML Results

Using BeautifulSoup, we parse the XML File into meaningful data.

Cleaned Up. A Mapping of Host to Port(s).

Output Results

Future Versions

 If I had more time to implement this I would have done some aspects differently.
    - Integrate ShodanAPI Exploit search for known/unknown ports
    - Parse Banners for each Host, look for any vulnerabilities/verbose information about servers.
    - Utilize Amazon instances for MapReduce-esque efficiency
    - Input Formatting (IP Address)
    - Testing API Key
    - Do Away with Python.os() -- Yeah.. I know. Quick, Dirty and Effective was the name of the game
    - Integrate ShodanMaps (see screenshot below)
TODO: Integrate Shodan Maps

You can’t perform that action at this time.