Queries Shodan InternetDB across all resolved IPs, runs a live nmap via HackerTarget, and fetches geolocation from ipinfo.io — aggregated and deduplicated into one view.
| Port | Risk | Service | Category | Sources |
|---|
Three live data sources. Zero packets sent. Real indexed intelligence.
No TCP connections are made to the target. All data is sourced from public internet-scan databases that have already crawled billions of IPs.
Queries Shodan's free InternetDB API for open ports, CPEs (software fingerprints), known CVEs, hostnames, and classification tags for any public IP.
Fetches IP geolocation, organization, ASN, city, region, and timezone from ipinfo.io — useful for attribution and threat context.
Resolves hostnames to IPs via Cloudflare's DNS-over-HTTPS API before querying OSINT sources — no DNS leaks, fully browser-native.
Surfaces actual CVEs associated with the target IP from Shodan's database, linked directly to NVD for full vulnerability details.
Downloads a structured JSON report of all fetched data — ports, CVEs, hostnames, tags, and geolocation — for pipeline integration.
# Install dependencies pip install -r requirements.txt # Basic scan — top 1024 ports python scanner.py --target 192.168.1.1 # Full scan with subdomain enum + HTML report python scanner.py --target example.com --ports 1-65535 --threads 200 --subdomains --output both # Quick localhost demo (no target needed) python scanner.py --demo