<https://censys.io/>

Censys


  Censys Continuously monitor all accessible servers and devices on the Internet, So you can search and analyze them in real time, Understand your cyber attack, Identify new threats and assess their global impact. Leading scanners from the InternetZMap For the creator of, Our mission is to drive security through data.

  Censys OverseasShodan <https://www.shodan.io/> And domesticZoomEye
<https://www.zoomeye.org/> Similar, Search for connected devices worldwide.Shodan andZoomEye It's more for personal use, Of course, there are still idiots in China
<https://www.oshadan.com/> andfofa <https://fofa.so/>, There are other similar search engines abroad, Here's not a list.


  Censys AndShodan Compared to a free search engine, Of course, there are certain restrictions( Speed and search results), And the new versionZoomEye Processing of domestic search results, Little value, It can be applied to non Chinese search, If you are interested in these two search engines, you can try them out, There are also descriptions of these two search engines in the blog, Self Searching.

   Let's worship it and publish it at the information security summitCCS'15 : A Search Engine Backed by Internet-Wide Scanning
<https://censys.io/static/censys.pdf> .

  Censys provide6 speciesAPI How to use, as follows:

 



   But here we only introduce the first use, That is to get theip address, This is the one we use the most.

Instructions

   Of course, you need to register an account before using it, Because in useAPI Need to provideAPI Credentials That is yours.ID andSecret, Can be seen in personal information.



 

    At the bottom is the speed limit used, We can set a delay in the program, For example, three seconds sleep per query, On the whole, The speed is still considerable.

Official example



   At first glance, it seems that search syntax is a little tedious, No,Shodan andZoomEye So concise, And there's not enough documentation, How to put it? Make it simple. If you don't believe me, please open it
<https://censys.io/ipv4/help>

Query syntax

  Search <https://censys.io/api/v1/docs/search> OfData Parameters There are mainly four, Namely

* query: Query statement
* page: Query page
* fields: Result field of query( Optional)
* flatten: Flat results( Optional) Example: { "query":"80.http.get.headers.server: Apache", "
page":1, "fields":["ip", "location.country", "autonomous_system.asn"], "flatten"
:true }
   Okay, The explanation part is almost here, Here is a complete example.

Example

   Generally speaking, when we query, There will be certain restrictions, For example, some of the equipment in China, as:"query": "weblogic and
location.country_code: CN".
#!/usr/bin/env python # -*- coding:utf-8 -*- import sys import json import
requestsimport time API_URL = "https://www.censys.io/api/v1" UID = "
aa7c1f3a-b6ab-497d-9788-5e9e4898a655" SECRET = "pay3u4ytGjbdZGftJ8ow50E8hBQVLk7j
" page = 1 PAGES = 50 # the pages you want to fetch def getIp(query, page): '''
Return ips and total amount when doing query''' iplist = [] data = { "query":
query,"page": page, "fields": ["ip", "protocols", "location.country"] } try: res
= requests.post(API_URL +"/search/ipv4", data=json.dumps(data), auth=(UID,
SECRET))except: pass try: results = res.json() except: pass if res.status_code
!= 200: print("error occurred: %s" % results["error"]) sys.exit(1) # total
query result iplist.append("Total_count:%s" % (results["metadata"]["count"])) #
add result in some specific form for result in results["results"]: for i in
result["protocols"]: # iplist.append(result["ip"] + ':' + i + ' in ' +
result["location.country"][0]) iplist.append(result["ip"] + ':' + i) # return
ips and total count return iplist, results["metadata"]["count"] if __name__ == '
__main__': query = input('please input query string : ') print('---', query, '
---') ips, num = getIp(query=query, page=page) print("Total_count:%s" % num) dst
= input('please input file name to save data (censys.txt default) : ') # Save data to file
if dst: dst = dst + '.txt' else: dst = 'censys.txt' # get result and save to
file page by page with open(dst, 'a') as f: while page <= PAGES: print('page :'
+ str(page)) iplist, num = (getIp(query=query, page=page)) page += 1 for i in
iplist:print i[:i.find('/')] for i in iplist: f.write(i[:i.find('/')] + '\n')
time.sleep(3) print('Finished. data saved to file', dst)
Sample:
starnight:censys starnight$ python script.py please input query string : "
weblogic" ('---', 'weblogic', '---') Total_count:11836 please input file name
to save data (censys.txt default) :"weblogic" page :1 Total_count:1183
46.244.104.198:80 46.244.104.198:8080 31.134.202.10:2323 31.134.202.10:80
31.134.202.10:8080 31.134.203.85:2323 31.134.203.85:80 31.134.203.85:8080
31.134.205.92:2323 31.134.205.92:80 31.134.205.92:8080 31.134.206.202:2323
31.134.206.202:80 31.134.206.202:8080 31.134.201.249:80 31.134.201.249:8080
31.134.202.233:80 31.134.202.233:8080 31.134.200.94:80 31.134.200.94:8080
31.134.201.248:80 31.134.201.248:8080 31.134.200.6:80 31.134.200.6:8080
46.244.105.216:80 46.244.105.216:8080 31.134.206.131:80 31.134.206.131:2323
31.134.206.131:8080 31.134.204.127:80 31.134.204.127:8080 46.244.10.173:80
46.244.10.173:23 46.244.10.173:8080 31.134.202.82:80 31.134.202.82:8080
46.244.105.252:80 46.244.105.252:2323 46.244.105.252:8080 31.134.205.186:2323
31.134.205.186:80 31.134.205.186:8080 31.134.204.223:80 31.134.204.223:8080
31.134.207.182:2323 31.134.207.182:80 31.134.207.182:8080
   It seems that the result is not very accurate ~ Ha-ha ~ in addition, Individuals can return toiplist Make corresponding changes to facilitate your own use ~ 

   Received an email this morning, sayCensys The commercial version of is coming out ~ Coming soon (2017.11.14)

  

   Last,Github address: censys
<https://github.com/starnightcyber/scripts/tree/master/censys>

References

   Information collectioncensys <http://www.cnblogs.com/Dleo/p/5725479.html>

  Censys Search syntax
<https://censys.io/ipv4/_help?q=jbos+and+location.country_code%3A+CN%22#syntax1>