Changelog
Synapse-Shodan Changelog
v4.2.0 - 2024-04-01
Features and Enhancements
Update
$lib.bytesusage with$lib.axonAPIs.Update
risk:vulnnode generation to deconflict on the:reporter:nameproperty.
v4.1.1 - 2024-02-20
Features and Enhancements
Update deprecated
$lib.dict()usage to JSON style syntax.
v4.1.0 - 2023-11-16
Features and Enhancements
Add an Optic node action to enrich FQDNs using the
shodan.dns.domaincommand.
v4.0.0 - 2023-06-21
Features and Enhancements
Extract
subdomainsfield asinet:fqdnnodes.Extract
domainsfield asinet:dns:aorinet:dns:aaaanodes.Extract
hostnamesfield asinet:dns:revorinet:dns:rev6nodes.Extract
file:bytesnodes from certificates in thessl.chainsfield.Extract
cpe23fields intoinet:flow:dst:cpesExtract
vulnsfield torisk:vulnnodes.Link
risk:vulnnodes toinet:serverandinet:flownodes using-(has)>edges.Tag
inet:serverandinet:flownodes withrep.shodan.cve_YYYY_XXXXXtags.Extract HTTP favicon data as an
inet:urlfilenode.Optimize retrieval for very short cursor lifespan.
Integrate
synapse-fileparserfor parsing extracted files.
Bugfixes
Only cache responses which include HTTP code 200.
Remove caching of paginated API results due to cursor incompatibility.
Remove cached data from paginated API results to stay tidy.
Updating from 3.x.x
The
shodan.searchcommand no longer has an--asofoption.The
shodan.dns.domaincommand no longer has an--asofoption.The
shodan.search()API arguments have been updated.The
shodan.getDnsDomain()API arguments have been updated.
v3.6.0 - 2023-03-22
Features and Enhancements
Update Power-Up to build with code signing.
v3.5.0 - 2023-01-05
Features and Enhancements
Added support for ingesting
inet:ssl:jarmsamplenodes for shodan flows.Retry API requests on HTTP response codes > 500.
v3.4.0 - 2022-09-02
Features and Enhancements
Update the
crypto:x509:certificate:serialbehavior to reflect the modeling change in Synapsev2.104.0.Update
shodan.searchto useit:exec:querynodes.Update warning message to include the name of the missing permission (
power-ups.shodan.spend) for users attempting to spend credits.Populate the
:serverproperty oninet:http:requestnodes created byshodan.searchandshodan.enrich.
v3.3.0 - 2022-05-17
Features and Enhancements
Cached API responses are now stored in the JsonStor instead of in nodedata.
Bugfixes
Fix a possible
BadTypeValuexception when makingcrypto:x509nodes with theshodan.enrichcommand.Add the
:timesecondary property when makinginet:search:querynodes to track Shodan searches.
v3.2.1 - 2022-01-10
Bugfixes
Fix an issue with getting host history.
v3.2.0 - 2021-12-30
Features and Enhancements
Add
--no-historyoption toshodan.enrichto request only recent data. This option must be used if you are using a free API key.Add
--removeoption toshodan.setup.apikeyto allow API keys to be unset.Add
--show-scopeoption toshodan.setup.apikeyto display the current API key scope.Add
--show-apikeyoption toshodan.setup.apikeyto display the current API key if permissions allow.
Bugfixes
Properly handle Shodan backend timeouts with the
shodan.enrichcommand. This now retries a request without pulling down the IP address history.
v3.1.2 - 2021-12-16
Bugfixes
Add
.seenproperty toinet:bannernodes and add aseenlight edge connecting them to the Synapse-Shodanmeta:sourcenode.Fix double word usage in the userguide doc.
v3.1.1 - 2021-11-10
Bugfixes
Fix a possible
BadTypeValuexception when makingcrypto:x509nodes with theshodan.enrichcommand.
v3.1.0 - 2021-11-03
Features and Enhancements
Always specify history=True to hosts API endpoint.
Capture server handshake as
inet:flow:dst:handshakeParse and ingest
inet:http:requestandinet:http:headernodes for each HTTP flow.
v3.0.1 - 2021-10-27
Bugfixes
Fix an issue with the
shodan.dns.domainStorm command.
v3.0.0 - 2021-08-13
Features and Enhancements
Initial release of
Synapse-Shodanv3.0.0
Updating from 2.x.x
The previous 2.x.x version of synapse-shodan was distributed as
a storm-service using a Docker container. This service must be removed from
the Cortex prior to updating.
See the Admin Guide for details on setting up the API key and user permissions.