I have a new course available on Pluralsight. It’s a new type of course for me. My previous courses have been long-form courses. This one is shorter, tool-focused course on Shodan. It is part of the Pluralsight Red Team Tools learning path.

While my other courses are a couple hours of content, the Reconnaissance with Shodan course is 27 minutes. It is designed to be a quick introduction and heavily focused on demonstrating how to use Shodan for recon in red team engagements. (Course overview video)

Reconnaissance is the first step when starting a red team project. Information must be gathered for the the target organization, including specific details about its connected devices, network block assignments, domain names and subdomains, and even physical locations for some engagements.

Shodan is a search engine for internet-connected devices, not for human-oriented web pages. Shodan crawls the internet and indexes information about servers, desktops, printers, SCADA devices, mobiles devices, surveillance cameras, and many other systems with an IP address. It is an easy tool to use, with both web and command line interfaces available.

My course describes how to use Shodan for the reconnaissance phase of a red team operation. There are five separate demos included to show how to use Shodan.

Table of Contents

• Reconnaissance with Shodan
• Access the Shodan Web Site
• Utilize the Shodan Command Line Tool
• Use Plain Text Banner Searches
• Use Search Filters to Refine Results
• Explore Red Team Scenarios
• Resources

Please take a look and let me know your thoughts on this new course.