research shodan

CompSec Direct president, Jose Fernandez, presented an open-source intelligence gathering tool called Shodan-Runner at the Bsides PR security conference hosted on Oct 6,2016 in Puerto Rico. The tool allows users to use external CSV files in conjunction with the Shodan api in python to search for associations between different different fields. Using this tool reduces initial analysis time and lowers information gathering efforts. The tool was released under MIT license for the InfoSec community to grow and expand upon.


The most interesting aspect about the presentation was some of the immediate tool re-writes done by conference attendees in other languages. The event would not be possible without the tireless efforts of the event organizers and volunteers:

  • José L. Quiñones @josequinones
  • Johana Martínez @JohanaMRPhD
  • Carlos Perez @carlos_perez
  • Jose Arroyo @TalktoanIT
  • Daniel Mattei
  • Angel Colon
  • Juan Sanchez: @gozes

The conference is an excellent opportunity for local InfoSec practitioners to grow and develop the talent pool in Puerto Rico as well as learn about current trends and techniques.

Video of the presentation is available on youtube

Click here for download of Shodan-Ruuner on github