ShonyDanza: researching, pen testing, and defending with the power of Shodan


A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

With ShonyDanza, you can:

  • Obtain IPs based on search criteria
  • Automatically exclude honeypots from the results
  • Pre-configure all IP searches to filter on your specified net range(s)
  • Pre-configure search limits
  • Use build-a-search to craft searches with easy building blocks
  • Use stock searches and pre-configure your own stock searches
  • Check if IPs are known malware C2s
  • Get host and domain profiles
  • Scan on-demand
  • Find exploits
  • Get total counts for searches and exploits
  • Automatically save exploit code, IP lists, host profiles, domain profiles, and scan results to directories within ShonyDanza


git clone
cd ShonyDanza
pip3 install -r requirements.txt


Edit to include your API key and desired configurations

cd configs
sudo nano

#config file for shonydanza searches

#shodan account API key

API_KEY = ''

#maximum number of results that will be returned per search
#default is 100


#IPs exceeding the honeyscore limit will not show up in IP results
#adjust to desired probability to adjust results, or change to 1.0 to include all results


#REQUIRED - at least one key: value pair
#stock searches that can be selected from a menu
#add search to the dictionary to automatically add it to your shonydanza menu

'ANONYMOUS_FTP':'ftp anonymous ok',
'RDP':'port:3389 has_screenshot:true'

#IP or cidr range constraint for searches that return list of IP addresses
#use comma-separated list to designate multiple (e.g.,,,




Copyright (c) 2020 fierceoj