documentation/modules/auxiliary/gather/shodan_honeyscore.md
## Introduction
The `shodan_honeyscore` module utilizes the [Shodan](https://www.shodan.io/) API to determine whether or not a server is a honeypot.
When setting the module options, we aren't directly requesting `TARGET`, we are requesting the Shodan API to analyze `TARGET` and return a honeyscore from 0.0 to 1.0. 0.0 being `not a honeypot` and 1.0 being a `honeypot`. The original website for the honeypot system can be found here: https://honeyscore.shodan.io/.
#### NOTE:
In order for this module to function properly, a Shodan API key is needed. You can register for a free account here: https://account.shodan.io/register
## Verification Steps
1. Start `msfconsole`
2. Do: `use auxiliary/gather/shodan_honeyscore`
3. Do: `set TARGET <targetip>`
4. Do: `set SHODAN_APIKEY <your apikey>`
5. Do: `run`
6. If the API is up, you should receive a score from 0.0 to 1.0. (1.0 being a honeypot)
## Options
**TARGET**
The remote host to request the API to scan.
**SHODAN_APIKEY**
This is the API key you receive when signing up for a Shodan account. It should be a 32 character string of random letters and numbers.
## Scenarios
Running the module against a real system (in this case, the Google DNS server):
```
msf > use auxiliary/gather/shodan_honeyscore
msf auxiliary(shodan_honeyscore) > options
Module options (auxiliary/gather/shodan_honeyscore):
Name Current Setting Required Description
---- --------------- -------- -----------
SHODAN_APIKEY yes The SHODAN API key
TARGET yes The target to get the score of
msf auxiliary(shodan_honeyscore) > set TARGET 8.8.8.8
TARGET => 8.8.8.8
msf auxiliary(shodan_honeyscore) > set SHODAN_APIKEY [redacted]
SHODAN_APIKEY => [redacted]
msf auxiliary(shodan_honeyscore) > run
[*] Scanning 8.8.8.8
[-] 8.8.8.8 is not a honeypot
[*] 8.8.8.8 honeyscore: 0.0/1.0
[*] Auxiliary module execution completed
```