PHPackages                             aglavas/shodan-php-rest-api - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [API Development](/categories/api)
4. /
5. aglavas/shodan-php-rest-api

ActiveLibrary[API Development](/categories/api)

aglavas/shodan-php-rest-api
===========================

PHP sdk (API wrapper) for Shodan

04PHP

Since May 5Pushed 2y agoCompare

[ Source](https://github.com/aglavas/Shodan-PHP-REST-API)[ Packagist](https://packagist.org/packages/aglavas/shodan-php-rest-api)[ RSS](/packages/aglavas-shodan-php-rest-api/feed)WikiDiscussions master Synced 1mo ago

READMEChangelog (5)DependenciesVersions (2)Used By (0)

Shodan-PHP-REST-API
===================

[](#shodan-php-rest-api)

[![Shodan](https://raw.githubusercontent.com/alexsalvetti/shodan-php-api.github.io/master/shodan.gif)](https://raw.githubusercontent.com/alexsalvetti/shodan-php-api.github.io/master/shodan.gif)

**Lean and easily extendible PHP API for Shodan.io, supporting both the free API and the paid one. Requests are auto-generated by structure that defines the API protocol.**

Authors and License
-------------------

[](#authors-and-license)

 [ ![](https://camo.githubusercontent.com/601da18d1aee75ad236b59e7e07188e5df3bb223/687474703a2f2f7777772e697367726f75702e69742f696d672f6c6f676f2d636f6c6f722e706e67) ](http://www.isgroup.biz)

Shodan-PHP-REST-API is licensed under the GNU GPL v3 and is a project sponsored by [ISGroup SRL](http://www.isgroup.biz) and authored by [Alex Salvetti](https://github.com/alexsalvetti) and [Francesco `ascii` Ongaro](https://github.com/isgroup-srl). This software is currently used by [ScadaExposure](http://www.scadaexposure.com/), a permanent observatory on the exposure of ICS and SCADA devices on the Internet, to generate it's datasets.

Features
--------

[](#features)

- Search Shodan.
- Streaming API support for real-time consumption of Shodan data.
- Exploit search API fully implemented.

Notes
-----

[](#notes)

- Shodan.php is the API class: costants, shodan methods and the generation of the HTTP requests are defined here.
- The script uses PHP magic methods ().
- shodan-api.php is the CLI interface, allowing to run differents commands; it also provides an how-to function.
- Our API implementation uses 3 different base URLs: Shodan API, Streaming API and Exploits API.
- Tests folder provides some examples on how to write your own search query, use the CLI `-r` flag for running them all or call one with the `-t` flag.
- If you're in search of better and more thorough documentation, please refer to Shodan's REST API documentation ().
- For Shodan EXPLOITS API refer to the documentation ().
- For Shodan STREAM API refer to the documentation ().

Usage
-----

[](#usage)

You can implement the class API directly in your code or experiment with the CLI. In both cases you'll need to change your API KEY in shodan-api.php or anywhere you istantiate the API object:

```
$key = 'Insert your API key here';
```

Following are the options:

Short formLong formVariables-r--run-tests-t--run-testSTRING-m--methodShodanHost --ip STRING \[--history BOOLEAN\] \[--minify BOOLEAN\]-m--methodShodanHostCount --query STRING \[--facets STRING\]-m--methodShodanHostSearch --query STRING \[--facets STRING\]-m--methodShodanHostSearchTokens --query STRING-m--methodShodanPorts-m--methodShodanProtocols-m--methodShodanScan --ips STRING-m--methodShodanScanInternet --port INTEGER --protocol STRING-m--methodShodanScan\_Id --id STRING-m--methodShodanServices-m--methodShodanQuery \[--page INTEGER\] \[--sort STRING\] \[--order STRING\]-m--methodShodanQuerySearch --query STRING \[--page INTEGER\]-m--methodShodanQueryTags \[--size INTEGER\]-m--methodLabsHoneyscore --ip STRING-m--methodSearch --query STRING \[--facets STRING\] \[--page INTEGER\]-m--methodCount --query STRING \[--facets STRING\]-m--methodShodanBanners-m--methodShodanAsn --asn STRING-m--methodShodanCountries --countries STRING-m--methodShodanPorts\_Stream --ports STRINGSome CLI Run Examples
---------------------

[](#some-cli-run-examples)

### Showing usage options:

[](#showing-usage-options)

[![Shodan-usage](https://raw.githubusercontent.com/alexsalvetti/shodan-php-api.github.io/master/shodan-usage.gif)](https://raw.githubusercontent.com/alexsalvetti/shodan-php-api.github.io/master/shodan-usage.gif)

### Shodan Host method on Facebook ip:

[](#shodan-host-method-on-facebook-ip)

[![Shodan-ip](https://raw.githubusercontent.com/alexsalvetti/shodan-php-api.github.io/master/shodan-ip.gif)](https://raw.githubusercontent.com/alexsalvetti/shodan-php-api.github.io/master/shodan-ip.gif)

### Shodan Scan request on some ips:

[](#shodan-scan-request-on-some-ips)

[![Shodan-scan](https://raw.githubusercontent.com/alexsalvetti/shodan-php-api.github.io/master/shodan-scan.gif)](https://raw.githubusercontent.com/alexsalvetti/shodan-php-api.github.io/master/shodan-scan.gif)

### Shodan Scan request status:

[](#shodan-scan-request-status)

[![Shodan-scan-id](https://raw.githubusercontent.com/alexsalvetti/shodan-php-api.github.io/master/shodan-scan-id.gif)](https://raw.githubusercontent.com/alexsalvetti/shodan-php-api.github.io/master/shodan-scan-id.gif)

Handle overlapping methods
--------------------------

[](#handle-overlapping-methods)

Using PHP magic methods we call the method by its name and use it for generate the URL for the request. For doing that we use `preg_replace` inserting a `/` when an uppercase character is found and appending that character in lowercase.

But we found that two methods in Shodan API were overlapping with other two methods, that are: **"ShodanScan"** and **"ShodanPorts"**. So we renamed **"ShodanScan"** given with "id" parameter in **"ShodanScan\_Id"**, and **"ShodanPorts"** for the stream API in **"ShodanPorts\_Stream"**.

But the URL must not have those renaming, so we eliminate the `_` and all it comes next of it for getting the job done.

You can find it at:

Tests class - REST API
----------------------

[](#tests-class---rest-api)

### Shodan Host (`/tests/ip.php`):

[](#shodan-host-testsipphp)

Return all services that have been found on the given host IP.

```
var_dump($client->ShodanHost(array(
	'ip' => '69.171.230.68', // https://www.facebook.com/
)));
```

### Shodan Host Count (`/tests/count.php`):

[](#shodan-host-count-testscountphp)

Returns the total number of results that matched the query and any facet information that was requested.

```
var_dump($client->ShodanHostCount(array(
  'query' => 'Niagara Web Server',
)));
```

### Shodan Host Search (`/tests/search.php`):

[](#shodan-host-search-testssearchphp)

Search Shodan using the same query syntax as the website and use facets to get summary information for different properties. - This method may use API query credits depending on usage.

```
var_dump($client->ShodanHostSearch(array(
	'query' => 'Niagara Web Server',
)));
```

### Shodan Host Search Tokens (`/tests/search.php`):

[](#shodan-host-search-tokens-testssearchphp)

This method lets you determine which filters are being used by the query string and what parameters were provided to the filters.

```
var_dump($client->ShodanHostSearchTokens(array(
	'query' => 'Niagara Web Server country:"IT"',
)));
```

### Shodan Ports (`/tests/ports.php`):

[](#shodan-ports-testsportsphp)

This method returns a list of port numbers that the crawlers are looking for.

```
var_dump($client->ShodanPorts());
```

### Shodan Protocols (`/tests/protocols.php`):

[](#shodan-protocols-testsprotocolsphp)

This method returns an object containing all the protocols that can be used when launching an Internet scan.

```
var_dump($client->ShodanProtocols());
```

### Shodan Scan (`/tests/crawl.php`):

[](#shodan-scan-testscrawlphp)

Use this method to request Shodan to crawl a network. - POST METHOD REQUIRE PAID API KEY.

```
var_dump($client->ShodanScan(array(
	'ips' => '69.171.230.0/24',
)));
```

### Shodan Scan Internet (`/tests/crawl.php`):

[](#shodan-scan-internet-testscrawlphp)

Use this method to request Shodan to crawl the Internet for a specific port. - POST METHOD REQUIRE PAID API KEY AND SHODAN PERMISSION.

```
var_dump($client->ShodanScanInternet(array(
	'port' => '80',
	'protocol' => 'dns-tcp',
)));
```

### Shodan Scan Id (`/tests/crawl.php`):

[](#shodan-scan-id-testscrawlphp)

Check the progress of a previously submitted scan request.

```
var_dump($client->ShodanScan_Id(array(
	'id' => 'R2XRT5HH6X67PFAB',
)));
```

### Shodan Services (`/tests/crawl.php`):

[](#shodan-services-testscrawlphp)

This method returns an object containing all the services that the Shodan crawlers look at. It can also be used as a quick and practical way to resolve a port number to the name of a service.

```
var_dump($client->ShodanServices());
```

### Shodan Query (`/tests/saved_query.php`):

[](#shodan-query-testssaved_queryphp)

Use this method to obtain a list of search queries that users have saved in Shodan.

```
var_dump($client->ShodanQuery(array(
	'page' => '1',
)));
```

### Shodan Query (`/tests/saved_query.php`):

[](#shodan-query-testssaved_queryphp-1)

Use this method to search the directory of search queries that users have saved in Shodan.

```
var_dump($client->ShodanQuery(array(
	'query' => 'fax',
)));
```

### Shodan Query Tags (`/tests/query_tags.php`):

[](#shodan-query-tags-testsquery_tagsphp)

Use this method to obtain a list of popular tags for the saved search queries in Shodan.

```
var_dump($client->ShodanQueryTags(array(
	'size' => '30',
)));
```

Tests class - Esperimental method
---------------------------------

[](#tests-class---esperimental-method)

### Labs Honeyscore (`/tests/honeypot.php`):

[](#labs-honeyscore-testshoneypotphp)

Calculates a honeypot probability score ranging from 0 (not a honeypot) to 1.0 (is a honeypot).

```
var_dump($client->LabsHoneyscore(array(
	'ip' => '54.231.184.227', // http://mushmush.org/
)));
```

Tests class - Exploits REST API
-------------------------------

[](#tests-class---exploits-rest-api)

### Search Exploits (`/tests/exploits.php`):

[](#search-exploits-testsexploitsphp)

Search across a variety of data sources for exploits and use facets to get summary information.

```
var_dump($client->Search(array(
	'query' => 'cve',
)));
```

### Count Exploits (`/tests/exploits.php`):

[](#count-exploits-testsexploitsphp)

This method behaves identical to the "/search" method with the difference that it doesn't return any results.

```
var_dump($client->Count(array(
	'query' => 'cve',
)));
```

### Account Informations

[](#account-informations)

This method allows you to get your Shodan's account information results.

```
var_dump($client->AccountProfile());

{
    "member": true,
    "credits": 0,
    "display_name": null,
    "created": "2020-06-15T10:44:43.148000"
}
```

### DNS Resolve

[](#dns-resolve)

Look up the IP address for the provided list of hostnames, takes a comma-separated list of hostnames.

```
var_dump($client->DnsResolve(array(
	'hostnames' => 'google.com,bing.com',
)));

{
    "google.com": "172.217.6.46",
    "facebook.com": "157.240.22.35"
}
```

### DNS Reverse

[](#dns-reverse)

Look up the hostnames that have been defined for the given list of comma-separated IP addresses.

```
var_dump($client->DnsReverse(array(
	'ips' => '8.8.8.8,1.1.1.1',
)));

{
    "8.8.8.8": [
        "dns.google"
    ],
    "1.1.1.1": [
        "one.one.one.one"
    ]
}
```

###  Health Score

13

—

LowBetter than 1% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity3

Limited adoption so far

Community9

Small or concentrated contributor base

Maturity20

Early-stage or recently created project

 Bus Factor1

Top contributor holds 64.3% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

### Community

Maintainers

![](https://www.gravatar.com/avatar/a972f847d564f547a8f95812aa9b43ae58f7fd6eb5601bc8cf3717a038a9aabe?d=identicon)[aglavas](/maintainers/aglavas)

---

Top Contributors

[![aglavas](https://avatars.githubusercontent.com/u/9666109?v=4)](https://github.com/aglavas "aglavas (9 commits)")[![isgroup](https://avatars.githubusercontent.com/u/8706498?v=4)](https://github.com/isgroup "isgroup (3 commits)")[![ushideshi](https://avatars.githubusercontent.com/u/150368873?v=4)](https://github.com/ushideshi "ushideshi (2 commits)")

### Embed Badge

![Health badge](/badges/aglavas-shodan-php-rest-api/health.svg)

```
[![Health](https://phpackages.com/badges/aglavas-shodan-php-rest-api/health.svg)](https://phpackages.com/packages/aglavas-shodan-php-rest-api)
```

###  Alternatives

[stripe/stripe-php

Stripe PHP Library

4.0k143.3M475](/packages/stripe-stripe-php)[twilio/sdk

A PHP wrapper for Twilio's API

1.6k92.9M270](/packages/twilio-sdk)[knplabs/github-api

GitHub API v3 client

2.2k15.8M187](/packages/knplabs-github-api)[facebook/php-business-sdk

PHP SDK for Facebook Business

90121.9M34](/packages/facebook-php-business-sdk)[meilisearch/meilisearch-php

PHP wrapper for the Meilisearch API

73813.7M114](/packages/meilisearch-meilisearch-php)[google/gax

Google API Core for PHP

263103.1M452](/packages/google-gax)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)