Skip to main content
All CollectionsTemplatesBasic
Shodan - Domain Enrichment with Cache - Workflow Template
Shodan - Domain Enrichment with Cache - Workflow Template

Receives a Domain from a parent workflow and query Shodan for enrichment.

Updated over 7 months ago

This workflow template, titled "Shodan - Domain Enrichment with Cache," is designed for threat intelligence enrichment tasks, where it accepts a domain name as input and employs Shodan for data enrichment. The process is optimized by checking against a local cache containing previous responses for up to 24 hours to avoid repeated lookups. If cached data is unavailable, the workflow conducts a fresh Shodan query and then stores a summary along with the original API data in the cache for future queries, streamlining intelligence gathering.

Optional Triggers

"This workflows is intended to be used as a function."

Use Cases

Function, Threat Intelligence Enrichment

Workflow Breakdown

  1. Receives a Domain as input.

  2. Lookup global variables for cached responses in the past 24 hours.

  3. If reputation is found on local cache, the saved data is returned to the parent workflow.

  4. When no reputation is found in cache, a summary of the analysis data is created and saved with the original api data.

Vendors

Utils, Shodan, Torq

Workflow Output

Returns full analysis data and a summary of the information.

Tips

Set \"Provide Raw Data Analysis\" to true or false to add or remove original vendor information to the output

Did this answer your question?