salvacybersec/keyhunter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
keyhunter/.planning/phases/12-osint_iot_cloud_storage/12-01-SUMMARY.md
salvacybersec 8d97b263ec docs(12-01): complete Shodan/Censys/ZoomEye IoT scanner sources plan 
- SUMMARY.md with 2 task commits, 6 files, 12 passing tests
- STATE.md, ROADMAP.md, REQUIREMENTS.md updated
2026-04-06 12:25:18 +03:00

3.5 KiB
Raw Permalink Blame History

phase, plan, subsystem, tags, requires, provides, affects, tech-stack, key-files, key-decisions, patterns-established, requirements-completed, duration, completed
phase plan subsystem tags requires provides affects tech-stack key-files key-decisions patterns-established requirements-completed duration completed
12-osint_iot_cloud_storage 01 recon
shodan
censys
zoomeye
iot
device-search
osint
phase provides
10-osint-code-hosting ReconSource interface, shared Client, BuildQueries, LimiterRegistry
ShodanSource implementing recon.ReconSource
CensysSource implementing recon.ReconSource
ZoomEyeSource implementing recon.ReconSource
12-osint_iot_cloud_storage
recon-registration
added patterns
IoT device scanner source pattern with API key/header auth
created modified
pkg/recon/sources/shodan.go
pkg/recon/sources/censys.go
pkg/recon/sources/zoomeye.go
pkg/recon/sources/shodan_test.go
pkg/recon/sources/censys_test.go
pkg/recon/sources/zoomeye_test.go
Shodan, Censys, ZoomEye use bare keyword queries (default formatQuery case) -- no special syntax needed
Censys uses POST with JSON body + Basic Auth; Shodan/ZoomEye use GET with key param/header
IoT scanner source pattern: GET/POST to device search API, parse JSON matches, emit Finding per hit
RECON-IOT-01
RECON-IOT-02
RECON-IOT-03
3min 2026-04-06

Phase 12 Plan 01: Shodan, Censys, ZoomEye IoT Scanner Sources Summary

Three IoT device scanner recon sources searching Shodan host/search, Censys v2 hosts/search, and ZoomEye host/search for exposed LLM endpoints

Performance

  • Duration: 3 min
  • Started: 2026-04-06T09:21:40Z
  • Completed: 2026-04-06T09:24:28Z
  • Tasks: 2
  • Files modified: 6

Accomplishments

  • ShodanSource queries /shodan/host/search with API key param, emits findings per IP:port match
  • CensysSource POSTs to /v2/hosts/search with Basic Auth (APIId:APISecret), emits findings per host hit
  • ZoomEyeSource queries /host/search with API-KEY header, emits findings per IP:port match
  • All three sources disabled when credentials empty, use shared retry Client, respect LimiterRegistry

Task Commits

Each task was committed atomically:

  1. Task 1: Implement ShodanSource, CensysSource, ZoomEyeSource - f5d8470 (feat)
  2. Task 2: Unit tests for Shodan, Censys, ZoomEye sources - 6443e63 (test)

Files Created/Modified

  • pkg/recon/sources/shodan.go - ShodanSource with /shodan/host/search API integration
  • pkg/recon/sources/censys.go - CensysSource with POST /v2/hosts/search + Basic Auth
  • pkg/recon/sources/zoomeye.go - ZoomEyeSource with /host/search + API-KEY header
  • pkg/recon/sources/shodan_test.go - 4 tests: enabled, empty key, sweep findings, ctx cancel
  • pkg/recon/sources/censys_test.go - 4 tests: enabled, empty creds, sweep findings, ctx cancel
  • pkg/recon/sources/zoomeye_test.go - 4 tests: enabled, empty key, sweep findings, ctx cancel

Decisions Made

  • Shodan, Censys, ZoomEye use bare keyword queries (default formatQuery case) -- no queries.go changes needed
  • Censys uses POST with JSON body and Basic Auth; Shodan uses API key as query param; ZoomEye uses API-KEY header

Deviations from Plan

None - plan executed exactly as written.

Issues Encountered

None

User Setup Required

None - no external service configuration required.

Next Phase Readiness

  • Three IoT scanner sources ready for RegisterAll wiring in Plan 12-04
  • Same pattern applies to remaining Phase 12 sources (FOFA, Netlas, BinaryEdge)

Phase: 12-osint_iot_cloud_storage Completed: 2026-04-06