Search Query Examples

Run search
Websites that require HTTPS connections
HTTP Strict-Transport-Security
Run search
Services that have the word "Apache" in their headers
Apache
Run search
Apache web servers
product:Apache
Run search
Websites that have the word "Apache" in their HTML
http.html:Apache
Run search
Websites that are using the Bootstrap CSS framework
http.component:bootstrap
Run search
Websites that support TLS 1.3
ssl.version:tlsv1.3 HTTP
Run search
Services that support SSLv2 and dont support TLS
ssl.version:sslv2 -ssl.version:tlsv1,tlsv1.2,tlsv1.3
Run search
Websites that support HTTP/2
ssl.alpn:h2
Run search
SSH on port 22 OR 3333
ssh port:22,3333
Run search
SSH on non-standard ports
ssh -port:22
Run search
Public VNC services hiding behind common web ports
has_screenshot:true rfb disabled port:80,443
Run search
Remote desktops compromised by ransomware
has_screenshot:true encrypted attention
Run search
SSL services (HTTPS, SMTPS, POP3S etc.) that were issued a certificate for *.google.com
ssl.cert.subject.cn:google.com
Run search
Non-HTTPS SSL services that were issued a certificate for *.google.com
ssl.cert.subject.cn:google.com -HTTP
Run search
Services with a hostname containing either "google.com" OR "facebook.com"
hostname:google.com,facebook.com
Run search
Industrial control systems running an industrial protocol (i.e. no web servers)
tag:ics
Run search
Services that are vulnerable to Heartbleed
vuln:CVE-2014-0160
Run search
Citrix devices in Germany, Switzerland or France that are vulnerable to CVE-2019-19781
vuln:CVE-2019-19781 country:DE,CH,FR



Shodan® All rights reserved