shodan

n8n node for Shodan API integration

Package Information

Released: 11/21/2025
Downloads: 6 weekly / 173 monthly
Latest Version: 0.1.1
Author: Duong Dinh

Available Nodes

Shodan icon
Shodan
No description available

Documentation

n8n-nodes-shodan

This is an n8n community node. It lets you use Shodan in your n8n workflows.

Shodan is a search engine for Internet-connected devices that allows you to discover and monitor devices, services, and vulnerabilities across the Internet.

n8n is a fair-code licensed workflow automation platform.

Installation
Operations
Credentials
Compatibility
Usage
Resources

Installation

Follow the installation guide in the n8n community nodes documentation.

Community Nodes (Recommended)

  1. Go to Settings > Community Nodes
  2. Select Install
  3. Enter n8n-nodes-shodan in the Enter npm package name field
  4. Agree to the risks of using community nodes
  5. Select Install

After installing the node, you can use it like any other node. n8n displays the node in search results in the Nodes panel.

Manual Installation

To get started install the package in your n8n root directory:

npm install n8n-nodes-shodan

For Docker-based deployments, add the following line before the font installation command in your n8n Dockerfile:

RUN cd /usr/local/lib/node_modules/n8n && npm install n8n-nodes-shodan

Operations

Host

  • Get: Returns all services that have been found on the given host IP address

Search

  • Query: Search Shodan using the same query syntax as the website
  • Count: Get the total number of results that matched the query

DNS

  • Resolve: Look up the IP address for the provided list of hostnames
  • Reverse: Look up the hostnames that have been defined for the given list of IP addresses

Domain

  • Get Info: Get all the subdomains and other DNS entries for the given domain

Credentials

To use this node, you need a Shodan API key. Here's how to set it up:

Prerequisites

  1. Sign up for a Shodan account at https://account.shodan.io/register
  2. Choose a plan:
    • Free: Limited queries per month
    • Membership: More queries and additional features
    • Enterprise: Unlimited queries and full access

Getting Your API Key

  1. Log in to your Shodan account at https://account.shodan.io/
  2. Your API key will be displayed on the account page
  3. Copy the API key

Setting Up Credentials in n8n

  1. In n8n, go to Credentials in the left sidebar
  2. Click Add Credential
  3. Search for "Shodan API" and select it
  4. Enter your API key in the API Key field
  5. Click Save

Compatibility

  • Minimum n8n version: 0.180.0
  • Tested against: n8n 1.0.0+

Usage

Basic Examples

Search for Apache servers in the United States

  1. Add the Shodan node to your workflow
  2. Select Resource: Search
  3. Select Operation: Query
  4. Enter Query: apache country:US
  5. Execute the node

Look up IP address information

  1. Add the Shodan node to your workflow
  2. Select Resource: Host
  3. Select Operation: Get
  4. Enter IP Address: 8.8.8.8
  5. Execute the node

Resolve domain to IP

  1. Add the Shodan node to your workflow
  2. Select Resource: DNS
  3. Select Operation: Resolve
  4. Enter Hostnames: google.com,facebook.com
  5. Execute the node

Get domain information and subdomains

  1. Add the Shodan node to your workflow
  2. Select Resource: Domain
  3. Select Operation: Get Info
  4. Enter Domain: example.com
  5. Optionally enable History for historical DNS data
  6. Optionally select a specific DNS Type (A, AAAA, CNAME, etc.)
  7. Execute the node

Search Query Syntax

Shodan uses filters to narrow down search results. Here are some common filters:

  • country:US - Filter by country code
  • port:22 - Filter by port number
  • org:Google - Filter by organization
  • product:nginx - Filter by product name
  • os:Windows - Filter by operating system
  • city:"Los Angeles" - Filter by city
  • net:8.8.8.0/24 - Filter by network range

You can combine multiple filters:

apache country:US port:443 city:"New York"

Common Use Cases

  1. Security Monitoring: Monitor your IP ranges for exposed services
  2. Vulnerability Research: Find devices running specific software versions
  3. Asset Discovery: Discover all internet-facing assets for an organization
  4. Threat Intelligence: Track malicious IPs and services
  5. Compliance Checks: Verify that sensitive services aren't publicly exposed

Tips

  • Use the Count operation first to check how many results you'll get before running a full search
  • For large result sets, use pagination with the Page parameter
  • Enable Minify to reduce response size for searches
  • Combine with other n8n nodes for automated security workflows

Resources

License

MIT

Discussion