In this section we will outline the various APIs that are available and when to use them. For up to date information, please check out the API docs on their websites and the Postman workspace.
Shodan REST API
The main Shodan API is a REST interface to access all the information that Shodan collects (DNS, banners), manage monitored assets, launch scans and more. It's the main API that all Shodan websites are built on. The Shodan REST API is documented on the developer website as well as the Postman collection. The API can help with:
- IP lookups
- Domain lookups
- Downloading search results
- Managing monitored assets
- Submitting scan requests
- Downloading bulk data files (enterprise-only)
Shodan Streaming API
The Streaming API lets you subscribe to banners that Shodan collects in real-time. I.e. as the crawlers collect banners they get published to a data feed which you can subscribe to via the Streaming API. For example, if you want to see the services that Shodan Monitor discovers for your assets in real-time then you could subscribe to the private firehose.
Specialized APIs
The Shodan platform also includes other, specialized APIs that were designed for a specific purpose:
- CVEDB: fast vulnerability lookups
- InternetDB: super fast IP enrichment
- Geonet: resolve hostnames from different client locations around the world