Open loveapis opened 1 month ago
The /notifier Shodan API endpoint discloses the email address attached to the API key thereby allowing the tester to verify if the Shodan API key belongs to a program or company under pentest.
/notifier
For instance is the response to the request is;
{ "matches": [ { "description": null, "args": { "to": "example@example.com" }, "provider": "email", "id": "default" }, ... ], "total": 2 }
The tester can make a report to example site with proof the API key belongs to one of their employees/staff.
The
/notifier
Shodan API endpoint discloses the email address attached to the API key thereby allowing the tester to verify if the Shodan API key belongs to a program or company under pentest.For instance is the response to the request is;
The tester can make a report to example site with proof the API key belongs to one of their employees/staff.