[injector] feat(shodan): added feat auto-create-assets (#156)

Author: Megafredo

shodan/.env.sample

@@ -7,7 +7,7 @@ OPENAEV_URL=ChangeMe
 OPENAEV_TOKEN=ChangeMe
 
 # INJECTOR Environment Variables
-INJECTOR_ID=shodan--ChangeMe
+INJECTOR_ID=ChangeMe
 INJECTOR_NAME=Shodan
 INJECTOR_LOG_LEVEL=error
 

shodan/README.md

@@ -328,7 +328,11 @@ then returns several sections in the report if successful:
 - **Section JSON** – JSON return of the response directly (In the case of a "custom query", we return the JSON directly rather than the table section.)
 
 ### Auto-Create Assets
-- Feature currently under development
+This feature automatically creates structured Asset objects (when auto_create_assets is enabled in the UI) from
+Shodan API responses by extracting hostnames, IP addresses, and platform information.
+It supports multiple Shodan response formats depending on the contract type and normalizes the data into a unified
+structure. Assets are then grouped (hostname, platform, and architecture) to prevent duplicates while merging associated
+IP addresses.
 
 ### Rate Limiting and Retry
 

shodan/config.yml.sample

@@ -2,8 +2,8 @@ openaev:
   url: 'ChangeMe'
   token: 'ChangeMe'
 
-#injector:
-#  id: 'shodan--a87488ad-2c72-4592-b429-69259d7bcef1'
+injector:
+  id: 'ChangeMe'
 #  name: 'Shodan'
 #  log_level: 'error'
 

shodan/shodan/contracts/cloud_provider_asset_discovery/contract.py

@@ -74,34 +74,28 @@ def output_trace_config():
                             {
                                 "title": "Hostnames",
                                 "path": "matches.hostnames",
-                                "mode": "align_to_single",
                             },
                             {
                                 "title": "IP",
                                 "path": "matches.ip_str",
-                                "mode": "single",
                             },
                             {
                                 "title": "Port",
                                 "path": "matches.port",
-                                "mode": "align_to_single",
                             },
                             {
                                 "title": "Cloud Provider",
                                 "path": "matches.cloud.provider",
-                                "mode": "align_to_single",
                             },
                             {
                                 "title": "OS",
                                 "path": "matches.os",
-                                "mode": "align_to_single",
                             },
                             {
                                 "title": "Vulnerabilities (score)",
                                 "path": "matches.vulns.*",
                                 "use_key": True,
                                 "extra": "matches.vulns.*.cvss",
-                                "mode": "align_to_single",
                             },
                         ],
                     },

shodan/shodan/contracts/critical_ports_and_exposed_admin_interface/contract.py

@@ -74,24 +74,20 @@ def output_trace_config():
                             {
                                 "title": "Port",
                                 "path": "matches.port",
-                                "mode": "single",
                             },
                             {
                                 "title": "Hostnames",
                                 "path": "matches.hostnames",
-                                "mode": "align_to_single",
                             },
                             {
                                 "title": "IP",
                                 "path": "matches.ip_str",
-                                "mode": "align_to_single",
                             },
                             {
                                 "title": "Vulnerabilities (score)",
                                 "path": "matches.vulns.*",
                                 "use_key": True,
                                 "extra": "matches.vulns.*.cvss",
-                                "mode": "align_to_single",
                             },
                         ],
                     },

shodan/shodan/contracts/cve_enumeration/contract.py

@@ -73,24 +73,20 @@ def output_trace_config():
                             {
                                 "title": "Hostnames",
                                 "path": "matches.hostnames",
-                                "mode": "single",
                             },
                             {
                                 "title": "IP",
                                 "path": "matches.ip_str",
-                                "mode": "align_to_single",
                             },
                             {
                                 "title": "Port",
                                 "path": "matches.port",
-                                "mode": "align_to_single",
                             },
                             {
                                 "title": "Vulnerabilities (score)",
                                 "path": "matches.vulns.*",
                                 "use_key": True,
                                 "extra": "matches.vulns.*.cvss",
-                                "mode": "align_to_single",
                             },
                         ],
                     },

shodan/shodan/contracts/cve_specific_watchlist/contract.py

@@ -73,24 +73,20 @@ def output_trace_config():
                             {
                                 "title": "Port",
                                 "path": "data.port",
-                                "mode": "single",
                             },
                             {
                                 "title": "Hostnames",
                                 "path": "data.hostnames",
-                                "mode": "align_to_single",
                             },
                             {
                                 "title": "IP",
                                 "path": "data.ip_str",
-                                "mode": "align_to_single",
                             },
                             {
                                 "title": "Vulnerabilities (score)",
                                 "path": "data.vulns.*",
                                 "use_key": True,
                                 "extra": "data.vulns.*.cvss",
-                                "mode": "align_to_single",
                             },
                         ],
                     },

shodan/shodan/contracts/domain_discovery/contract.py

@@ -73,24 +73,20 @@ def output_trace_config():
                             {
                                 "title": "Hostnames",
                                 "path": "matches.hostnames",
-                                "mode": "single",
                             },
                             {
                                 "title": "IP",
                                 "path": "matches.ip_str",
-                                "mode": "align_to_single",
                             },
                             {
                                 "title": "Port",
                                 "path": "matches.port",
-                                "mode": "align_to_single",
                             },
                             {
                                 "title": "Vulnerabilities (score)",
                                 "path": "matches.vulns.*",
                                 "use_key": True,
                                 "extra": "matches.vulns.*.cvss",
-                                "mode": "align_to_single",
                             },
                         ],
                     },

shodan/shodan/contracts/ip_enumeration/contract.py

@@ -28,7 +28,7 @@ def output_trace_config():
                     "icon": "CONFIG",
                     "title": "[CONFIG] Summary of all configurations used for the contract.",
                 },
-                "keys_list_to_string": ["ips", "seen_ips"],
+                "keys_list_to_string": ["ip", "ips", "seen_ips"],
                 "keys_to_exclude": [
                     "expectations",
                     "asset_ids",
@@ -72,19 +72,16 @@ def output_trace_config():
                             {
                                 "title": "Port",
                                 "path": "matches.port",
-                                "mode": "single",
                             },
                             {
                                 "title": "Hostnames",
                                 "path": "matches.hostnames",
-                                "mode": "align_to_single",
                             },
                             {
                                 "title": "Vulnerabilities (score)",
                                 "path": "matches.vulns.*",
                                 "use_key": True,
                                 "extra": "matches.vulns.*.cvss",
-                                "mode": "align_to_single",
                             },
                         ],
                     },

shodan/shodan/contracts/shodan_contracts.py

@@ -10,6 +10,8 @@
     ContractConfig,
     ContractElement,
     ContractExpectations,
+    ContractOutputElement,
+    ContractOutputType,
     ContractSelect,
     Expectation,
     ExpectationType,
@@ -245,7 +247,14 @@ def _base_fields(self, selector_default_value: str) -> list[ContractElement]:
     # -- OUTPUTS --
     @staticmethod
     def _base_outputs():
-        return []
+        output_assets = ContractOutputElement(
+            type=ContractOutputType.Asset,
+            field="found_assets",
+            isMultiple=True,
+            isFindingCompatible=False,
+            labels=["shodan"],
+        )
+        return [output_assets]
 
     def _build_contract(
         self,