Shodan · Arazzo Workflow

Shodan Reverse DNS to Host Info

Version 1.0.0

Reverse-resolve an IP to its hostnames, then pull the full host record.

1 workflow 1 source API 1 provider
View Spec View on GitHub SecuritySearchInternetDevicesIoTVulnerabilitiesCVEAttack SurfaceThreat IntelligenceReconnaissanceNetworkDNSScanningPublic APIsArazzoWorkflows

Provider

shodan

Workflows

reverse-dns-to-host-info
Reverse-resolve an IP and inspect the host in Shodan.
Performs a reverse DNS lookup for the supplied IP to discover its hostnames, then retrieves the full host record for the same IP.
2 steps inputs: apiKey, history, ip outputs: hostnames, ports, reverseMap
1
reverseLookup
reverseDnsLookup
Look up the hostnames associated with the supplied IP. The response is a map of IP to an array of hostnames.
2
hostInfo
getHost
Retrieve the full Shodan host record for the IP, returning all services that have been found on the host.

Source API Descriptions

openapi
shodanRest https://raw.githubusercontent.com/api-evangelist/shodan/refs/heads/main/openapi/shodan-rest-openapi.yml

Arazzo Workflow Specification

shodan-reverse-dns-to-host-info-workflow.yml Raw ↑ 
arazzo: 1.0.1
info:
  title: Shodan Reverse DNS to Host Info
  summary: Reverse-resolve an IP to its hostnames, then pull the full host record.
  description: >-
    An IP-first reconnaissance pattern. The workflow performs a reverse DNS
    lookup to discover the hostnames associated with an IP, then retrieves the
    full Shodan host record for that IP including every indexed service. Every
    step spells out its request inline so the flow can be read and executed
    without opening the underlying OpenAPI description.
  version: 1.0.0
sourceDescriptions:
- name: shodanRest
  url: ../openapi/shodan-rest-openapi.yml
  type: openapi
workflows:
- workflowId: reverse-dns-to-host-info
  summary: Reverse-resolve an IP and inspect the host in Shodan.
  description: >-
    Performs a reverse DNS lookup for the supplied IP to discover its
    hostnames, then retrieves the full host record for the same IP.
  inputs:
    type: object
    required:
    - apiKey
    - ip
    properties:
      apiKey:
        type: string
        description: Shodan API key passed as the `key` query parameter.
      ip:
        type: string
        description: The IP address to reverse-resolve and inspect.
      history:
        type: boolean
        description: Whether to include historical banners in the host record.
        default: false
  steps:
  - stepId: reverseLookup
    description: >-
      Look up the hostnames associated with the supplied IP. The response is a
      map of IP to an array of hostnames.
    operationId: reverseDnsLookup
    parameters:
    - name: key
      in: query
      value: $inputs.apiKey
    - name: ips
      in: query
      value: $inputs.ip
    successCriteria:
    - condition: $statusCode == 200
    outputs:
      reverseMap: $response.body
  - stepId: hostInfo
    description: >-
      Retrieve the full Shodan host record for the IP, returning all services
      that have been found on the host.
    operationId: getHost
    parameters:
    - name: key
      in: query
      value: $inputs.apiKey
    - name: ip
      in: path
      value: $inputs.ip
    - name: history
      in: query
      value: $inputs.history
    successCriteria:
    - condition: $statusCode == 200
    outputs:
      hostnames: $response.body#/hostnames
      ports: $response.body#/ports
      vulns: $response.body#/vulns
  outputs:
    reverseMap: $steps.reverseLookup.outputs.reverseMap
    hostnames: $steps.hostInfo.outputs.hostnames
    ports: $steps.hostInfo.outputs.ports