• Use shodan to search about the target
• Use filters to enumerate properly!
  • We can check any sites certificates, and use it in the shodan filters to find more targets belonging to the same.

Web archive CDX api

• Always go through robots.txt
• 404 Error may lead to subdomain takeover

Alternatives of shodan

https://hunter.how

https://search.censys.io/

https://www.zoomeye.hk/

HW :

1. Choose your target.
2. Search and find everything related to that target from shodan and hunter.how
3. Note and store all the findings!