Shodan Has a Free API — Discover Internet-Connected Devices Programmatically

A DevOps engineer told me they found their company's unpatched Jenkins server on Shodan — exposed to the entire internet. They patched it within an hour. Shodan is a search engine for internet-connected devices. It indexes servers, webcams, IoT devices, databases — anything with a public IP. And it has a free API. Getting Started Sign up at shodan.io for a free API key. Free tier: 100 query credits/month 100 scan credits/month No filters in search (paid feature) 1. Search for Exposed Services import requests API_KEY = ' your_shodan_api_key ' # Free from shodan.io def shodan_search ( query , page = 1 ): resp = requests . get ( ' https://api.shodan.io/shodan/host/search ' , params = { ' key ' : API_KEY , ' query ' : query , ' page ' : page } ). json () print ( f " Total results: { resp . get ( ' total ' , 0 ) } " ) for match in resp . get ( ' matches ' , [])[: 5 ]: print ( f " { match [ ' ip_str ' ] : < 16 } port: { match [ ' port ' ] : < 6 } { match . get ( ' org ' , '' )[ : 30 ] } " )