Note

shef is a simple tool for extracting data from Shodan searches without requiring an API key. It provides exactly what you need for efficient data retrieval.

• _{Extract IP addresses, domain names, and known vulnerabilities with ease}
• _{Supports multiple facets including IP, domain, port, vulnerability, and HTTP components}
• _{Utilizes random User-Agent rotation to mimic diverse browsing behavior}
• _{Produces clean, pipe-friendly output suitable for further processing}
• _{Requires minimal dependencies (only bash and curl)}

Installation

oneliner

git clone https://github.com/1hehaq/shef.git && cd shef && chmod +x shef.sh && sudo mv shef.sh /bin/shef && cd .. && rm -rf shef

Arguments

  -q    : Search query (required)
  -f    : Facet type (default: ip)
  -l    : Limit results (default: 100)
  -h    : Show help message

Example Commands

# Retrieve IP addresses associated with Apache servers
shef -q "apache" > apache_ips.txt

# Discover subdomains related to a specific organization
shef -q 'org:"Google LLC"' -f domain

# Identify open ports for a particular product
shef -q "product:nginx" -f port

# Extract web technologies in use
shef -q "wordpress" -f http.component

# Find known vulnerabilities for a product
shef -q "product:jboss" -f vuln

• If you see no results or errors
  • _{Verify the syntax of your query (use -h for guidance)}
  • _{Ensure that curl is installed on your system}
  • _{Check your internet connection for stability}
  • _{Note: Wildcard searches are not supported}

Caution

shef is designed for responsible use in extracting data from Shodan searches without an API key. Please use it ethically.

Follow me on - 𝕏