<https://censys.io/>

Censys


  Censys Continuously monitor all accessible servers and devices on the Internet , So you can search and analyze them in real time , Understand your cyber attack , Identify new threats and assess their global impact . Leading scanners from the Internet ZMap For the creator of , Our mission is to drive security through data .

  Censys With foreign countries Shodan <https://www.shodan.io/> And domestic ZoomEye
<https://www.zoomeye.org/> similar , Search for connected devices worldwide .Shodan and ZoomEye It's more for personal use , Of course, there are still idiots in China
<https://www.oshadan.com/> and fofa <https://fofa.so/>, There are other similar search engines abroad , Here's not a list .


  Censys And Shodan Compared to a free search engine , Of course, there are certain restrictions ( Speed and search results ), And the new version ZoomEye The domestic search results are processed , Little value , It can be applied to non Chinese search , If you are interested in these two search engines, you can try them out , There are also descriptions of these two search engines in the blog , Self Searching .

   Let's worship it and publish it at the information security summit CCS'15 : A Search Engine Backed by Internet-Wide Scanning
<https://censys.io/static/censys.pdf> .

  Censys provide 6 species API How to use , as follows :

 



   But here we only introduce the first use , That is to get the ip address , This is the one we use the most .

instructions

   Of course, you need to register an account before using it , Because in use API Need to provide API Credentials Your ID and Secret, Can be seen in personal information .



 

    At the bottom is the speed limit used , We can set a delay in the program , For example, three seconds sleep per query , on the whole , The speed is still considerable .

Official example



   At first glance, it seems that search syntax is a little tedious , No, Shodan and ZoomEye So concise , And there's not enough documentation , How to put it? , Make it simple . If you don't believe me, please open it
<https://censys.io/ipv4/help>

Query syntax

  Search <https://censys.io/api/v1/docs/search> Of Data Parameters There are mainly four , namely

* query: Query statement
* page: Query page
* fields: Result field of query ( Optional )
* flatten: Flat results ( Optional ) Example: { "query":"80.http.get.headers.server: Apache", "
page":1, "fields":["ip", "location.country", "autonomous_system.asn"], "flatten"
:true }
   okay , The explanation part is almost here , Here is a complete example .

Example

   Generally speaking, when we query , There will be certain restrictions , For example, some of the equipment in China , as :"query": "weblogic and
location.country_code: CN".
#!/usr/bin/env python # -*- coding:utf-8 -*- import sys import json import
requestsimport time API_URL = "https://www.censys.io/api/v1" UID = "
aa7c1f3a-b6ab-497d-9788-5e9e4898a655" SECRET = "pay3u4ytGjbdZGftJ8ow50E8hBQVLk7j
" page = 1 PAGES = 50 # the pages you want to fetch def getIp(query, page): '''
Return ips and total amount when doing query''' iplist = [] data = { "query":
query,"page": page, "fields": ["ip", "protocols", "location.country"] } try: res
= requests.post(API_URL +"/search/ipv4", data=json.dumps(data), auth=(UID,
SECRET))except: pass try: results = res.json() except: pass if res.status_code
!= 200: print("error occurred: %s" % results["error"]) sys.exit(1) # total
query result iplist.append("Total_count:%s" % (results["metadata"]["count"])) #
add result in some specific form for result in results["results"]: for i in
result["protocols"]: # iplist.append(result["ip"] + ':' + i + ' in ' +
result["location.country"][0]) iplist.append(result["ip"] + ':' + i) # return
ips and total count return iplist, results["metadata"]["count"] if __name__ == '
__main__': query = input('please input query string : ') print('---', query, '
---') ips, num = getIp(query=query, page=page) print("Total_count:%s" % num) dst
= input('please input file name to save data (censys.txt default) : ') # Save data to file
if dst: dst = dst + '.txt' else: dst = 'censys.txt' # get result and save to
file page by page with open(dst, 'a') as f: while page <= PAGES: print('page :'
+ str(page)) iplist, num = (getIp(query=query, page=page)) page += 1 for i in
iplist:print i[:i.find('/')] for i in iplist: f.write(i[:i.find('/')] + '\n')
time.sleep(3) print('Finished. data saved to file', dst)
Sample:
starnight:censys starnight$ python script.py please input query string : "
weblogic" ('---', 'weblogic', '---') Total_count:11836 please input file name
to save data (censys.txt default) :"weblogic" page :1 Total_count:1183
46.244.104.198:80 46.244.104.198:8080 31.134.202.10:2323 31.134.202.10:80
31.134.202.10:8080 31.134.203.85:2323 31.134.203.85:80 31.134.203.85:8080
31.134.205.92:2323 31.134.205.92:80 31.134.205.92:8080 31.134.206.202:2323
31.134.206.202:80 31.134.206.202:8080 31.134.201.249:80 31.134.201.249:8080
31.134.202.233:80 31.134.202.233:8080 31.134.200.94:80 31.134.200.94:8080
31.134.201.248:80 31.134.201.248:8080 31.134.200.6:80 31.134.200.6:8080
46.244.105.216:80 46.244.105.216:8080 31.134.206.131:80 31.134.206.131:2323
31.134.206.131:8080 31.134.204.127:80 31.134.204.127:8080 46.244.10.173:80
46.244.10.173:23 46.244.10.173:8080 31.134.202.82:80 31.134.202.82:8080
46.244.105.252:80 46.244.105.252:2323 46.244.105.252:8080 31.134.205.186:2323
31.134.205.186:80 31.134.205.186:8080 31.134.204.223:80 31.134.204.223:8080
31.134.207.182:2323 31.134.207.182:80 31.134.207.182:8080
   It seems that the result is not very accurate ~ ha-ha ~ in addition , Individuals can return to iplist Make corresponding changes to facilitate your own use ~ 

   Received an email this morning , say Censys The commercial version of is coming out ~ Coming soon (2017.11.14)

  

   last ,Github address : censys
<https://github.com/starnightcyber/scripts/tree/master/censys>

References

   Information collection censys <http://www.cnblogs.com/Dleo/p/5725479.html>

  Censys Search syntax
<https://censys.io/ipv4/_help?q=jbos+and+location.country_code%3A+CN%22#syntax1>