Censys Search Engine – Public Host & Network Search


Censys Search Engine is a public host & network search tool that allows computer scientists to ask questions about the devices and networks that compose the Internet. Driven by Internet-wide scanning, it lets researchers find specific hosts with the networksearch and create aggregate reports on how devices, websites, and certificates are configured and deployed.

Censys Search Engine - Public Host & Network Search


Censys collects data on hosts and websites through daily ZMap and ZGrab scans of the IPv4 address space, in turn maintaining a database of how hosts and websites are configured. Researchers can interact with this data through a search interface, report builder, and SQL engine.

Features of Censys Search Engine

Censys maintains three datasets through daily ZMap scans of the Internet and by synchronizing with public certificate transparency logs:

  • Hosts on the Public IPv4 Address Space
  • Websites in the Alexa Top Million Domains
  • X.509 Certificates

You can search for records that meet certain criteria (e.g., IPv4 hosts in Germany manufactured by Siemens, or browser trusted certificates for github.com), generate reports on how websites are configured (e.g., what cipher suites are chosen by popular websites?), and track how networks have patched over time.

How to use Censys Networksearch


Simple Search

If you simply search for a word or phrase, Censys will return any records that contain the phrase. For example, searching for nginx will return any records that contain the word nginx. Searching for 23.0.0.0/8 will return all hosts in that network.

Advanced Search

Censys data is structured and supports more advanced queries including searching specific fields, specifying ranges of values, and boolean logic. For example, you can search for hosts with the HTTP Server Header “Apache” in Germany by running the query 80.http.get.headers.server: Apache and location.country_code: DE.

SQL Interface

To facilitate complex questions that can’t be expressed in a single search, we also allow researchers to run SQL queries against the raw datasets and historical snapshots.

You can access Censys here: https://www.censys.io/

Posted in: Networking Hacking Tools


Latest Posts:


Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.
Vulhub - Pre-Built Vulnerable Docker Environments For Learning To Hack Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack
Vulhub is an open-source collection of pre-built vulnerable docker environments for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands.
LibInjection - Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)
LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks.
Grype - Vulnerability Scanner For Container Images & Filesystems Grype – Vulnerability Scanner For Container Images & Filesystems
Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based OS.
APT-Hunter - Threat Hunting Tool via Windows Event Log APT-Hunter – Threat Hunting Tool via Windows Event Log
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs.
GitLab Watchman - Audit Gitlab For Sensitive Data & Credentials GitLab Watchman – Audit Gitlab For Sensitive Data & Credentials
GitLab Watchman is an app that uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally, this includes code, commits, wikis etc


Comments are closed.