This is a structured approach to using Shodan for recon during pentests. It covers the web interface, CLI, and REST API with systematic methodologies for discovering exposed services, vulnerable systems, and IoT devices. You'll need a Shodan account and API key, plus written authorization for your target networks. The skill walks through search filters, on-demand scanning, and network monitoring capabilities. It's solid if you're doing legitimate security assessments and want a repeatable framework for Shodan queries rather than just winging it. Just remember that Shodan data can be stale, so confirm findings with your own scans before reporting anything critical.
npx skills add https://github.com/sickn33/antigravity-awesome-skills --skill shodan-reconnaissance-and-pentesting