Shodan Fingerprints: Search by product or specific version

Up until now, if you’ve wanted to answer questions like “which version of Apache is most popular?” or “what FTP software is most common?” you had to run several Shodan queries and compile them into a list yourself. It wasn’t hugely prohibitive, but I thought Shodan could make it easier since that’s a common problem people are looking at. Introducing Shodan’s new fingerprinting for product and version! In addition to grabbing the banner for a service, Shodan now also tries to determine what type of product/ software is running the service and extract the version information when available. And to provide a top-level view of this new data, I’m exposing 2 new categories that are shown on the left side of the search results page: Top Products and Top Versions.

ImageAbove you can see how it looks like on the website at the moment. In the example, I’ve searched for “port:22” on Shodan and as you can tell there’s now a breakdown of the most popular SSH daemons. Note that not the entire Shodan dataset has been analyzed for fingerprints yet, so the total number is on the lower bound. Once you click on a product (which triggers the use of the new product search filter) then you will see a version breakdown as follows:

ImageThe fingerprints aren’t available yet for all services, but more are being added constantly. I’m very excited about having these sorts of breakdowns available at a glance and I’ll be looking into adding more features to make analyzing the data easier.



  1. joseskajoseska

    NO “top product” “top Organizations” or “Top Domains” can I view in my searches…. only “Top Countries”.
    it´s necessary aditional configuration???


    • achillean

      I’ve had to disable some of the “Top X” categories due to large amounts of traffic to the website. If you would like to see those categories, please visit, perform your search and then click on the “Statistics” button.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s