All integrations
NetworkOSINT

Shodan integration

The Shodan integration runs as a managed scanner: for every IP asset in the project, Centraleyezer queries the Shodan host API and imports what the internet can see — open ports, banners, exposed services and known issues. Results are ingested immediately (no separate polling step). A Shodan JSON file import is also available.

Scan types imported

  • External attack surface / internet exposure
  • Open ports, service banners, exposed services

File import

JSON

Upload raw Shodan host JSON (as returned by the host API) against the Shodan JSON source — parsing is handled by a dedicated built-in parser.

What Centraleyezer expects in the file

  • The unmodified JSON document returned by https://api.shodan.io/shodan/host/{ip}.

API connection

Add Shodan as a scanner, paste your API key, and assign it to the project. On every run Centraleyezer calls the Shodan host endpoint for each of the project’s IP assets and imports the results.

Configuration

API Key
Your Shodan API key — used as the key parameter on every request to api.shodan.io.
Asset type
Which project assets to look up (IP assets).

Where to get the credentials

Get the API key from your Shodan account page at account.shodan.io (shown on the account overview). Query credits are consumed per lookup according to your Shodan plan.

What gets imported on every run

  • Exposed services and open ports per IP, with service banners.
  • Internet-visible misconfigurations and version information Shodan reports for the host.

How imported findings are risk-scored

Every Shodan finding is normalised into Centraleyezer’s risk model on import: the scanner’s native severity scale maps to a configurable DREAD vector (Damage, Reproducibility, Exploitability, Affected users, Discoverability), which combines with asset criticality, network exposure, exploitability intelligence and the platform’s other risk factors to produce one comparable risk score across every scanner you run. CVE, CVSS and CWE metadata are preserved on the finding for reference and reporting, and duplicate findings from repeated imports are automatically correlated instead of creating noise.

See the Shodan integration live

Book a demo and we’ll connect your Shodan data and walk through risk-based prioritisation on your own findings.

Shodan Integration — Setup & Imported Scan Types