This tool has two modes, currently. It can search given a public-key you provide it, or, it can fingerprint a host and search shodan for similar hosts.
It currently is incomplete (see the todo list), but works for those uses.
It now has support for doing the keygrab over tor, and works on hidden services. This is useful for finding, uh, shittily configured ones.
+ Private-Key support so I can also use privkeys as well as pubkeys.
+ Directory of keyfile support.
+ List of hosts support.
+ idk, make a git issue with your idea
The tool has 4 args, outlined below.
“-i”, for target host. You must set either this, or -f.
“-f”, for SSH Public Key file. You must set either this, or -i.
“-p”, for target port. This defaults to 22.
“-t”, uses Tor for the SSH key grabbing. Good for Hidden Services 😉
git clone https://github.com/0x27/ssh_keyscanner && cd ssh_keyscanner
pip install -r requirements.txt
python keyscanner.py -h
NOTE: you must have shodan api
Source : https://github.com/0x27