Admin Guide
Synapse-Shodan Admin Guide
Configuration
Synapse-Shodan requires you to have a Shodan API key. For information on how to signup, please visit the Shodan API Requirements.
Setting API key for global use
To set-up a global API key:
> shodan.setup.apikey myapikey
Setting Shodan API key for all users.
Using per-user API keys
A user may set-up their own API key:
> shodan.setup.apikey --self myapikey
Setting Shodan API key for the current user.
Permissions
Package (synapse-shodan) defines the following permissions:
power-ups.shodan.user : Allows a user to issue queries to the Shodan API. ( default: false )
power-ups.shodan.spend : Used in addition to power-ups.shodan.user to allow users to spend query credits. ( default: false )
You may add rules to users/roles directly from storm:
> auth.user.addrule visi power-ups.shodan.user
Added rule power-ups.shodan.user to user visi.
or:
> auth.role.addrule ninjas power-ups.shodan.user
Added rule power-ups.shodan.user to role ninjas.
Additionally, if the synapse-fileparser
power-up is available, users will need the
power-ups.fileparser.user
permission in order to allow processing X509 certificates
and various image file formats.
Exported APIs
Synapse-Shodan does not currently export any APIs.
Node Actions
Synapse-Shodan provides the following node actions in Optic:
Name : enrich
Desc : Enrich the node using the shodan API.
Forms: inet:ipv4, inet:ipv6
Name : enrich FQDN
Desc : Enrich the FQDN using the shodan /dns/domain API.
Forms: inet:fqdn
Onload Events
Synapse-Shodan does not use any onload
events.