feat(08-03): add 20 Shodan dorks for exposed LLM infrastructure
- frontier.yaml: 6 dorks (OpenAI/Anthropic proxies, Azure OpenAI certs, AWS Bedrock, LiteLLM) - infrastructure.yaml: 14 dorks (Ollama, vLLM, LocalAI, LM Studio, text-generation-webui, Open WebUI, Triton, TGI, LangServe, FastChat, OpenRouter/Portkey/Helicone gateways) - Real Shodan query syntax: http.title, http.html, ssl.cert.subject.cn, product, port, http.component - Dual-located: pkg/dorks/definitions/shodan/ + dorks/shodan/
This commit is contained in:
salvacybersec
42
pkg/dorks/definitions/shodan/frontier.yaml
Normal file
42
pkg/dorks/definitions/shodan/frontier.yaml
Normal file
@@ -0,0 +1,42 @@
|
||||
- id: shodan-openai-proxy
|
||||
name: "OpenAI proxy servers"
|
||||
source: shodan
|
||||
category: frontier
|
||||
query: 'http.title:"openai" http.html:"/v1/chat/completions"'
|
||||
description: "Exposed OpenAI-compatible proxy servers serving chat completions"
|
||||
tags: [openai, proxy, tier1]
|
||||
- id: shodan-litellm-proxy
|
||||
name: "LiteLLM proxies on default port"
|
||||
source: shodan
|
||||
category: frontier
|
||||
query: 'http.title:"LiteLLM" port:4000'
|
||||
description: "LiteLLM gateway dashboards exposed on default port 4000"
|
||||
tags: [litellm, gateway, tier5]
|
||||
- id: shodan-openai-nginx
|
||||
name: "Nginx front-ends leaking OPENAI_API_KEY"
|
||||
source: shodan
|
||||
category: frontier
|
||||
query: 'http.html:"OPENAI_API_KEY" http.component:nginx'
|
||||
description: "Nginx-fronted services exposing OPENAI_API_KEY in HTML"
|
||||
tags: [openai, nginx, tier1]
|
||||
- id: shodan-azure-openai
|
||||
name: "Azure OpenAI certificate matches"
|
||||
source: shodan
|
||||
category: frontier
|
||||
query: 'ssl.cert.subject.cn:"openai.azure.com"'
|
||||
description: "TLS certificates referencing Azure OpenAI endpoints"
|
||||
tags: [azure, openai, tier1]
|
||||
- id: shodan-bedrock-runtime
|
||||
name: "AWS Bedrock runtime certificates"
|
||||
source: shodan
|
||||
category: frontier
|
||||
query: 'ssl.cert.subject.cn:"bedrock-runtime"'
|
||||
description: "TLS certificates referencing AWS Bedrock runtime hosts"
|
||||
tags: [aws, bedrock, tier1]
|
||||
- id: shodan-anthropic-proxy
|
||||
name: "Anthropic-compatible proxy servers"
|
||||
source: shodan
|
||||
category: frontier
|
||||
query: 'http.html:"anthropic" http.html:"messages"'
|
||||
description: "Proxy servers routing to Anthropic messages API"
|
||||
tags: [anthropic, proxy, tier1]
|
||||
Reference in New Issue
Block a user