Sweshi's Tutorials

Censys Tutorial

NOTICE: All the tutorials on this website are meant to help you find security vulnerabilties on your own network and devices to understand your security posture before black hats do. Penetration testing without a written consent is illegal and you can be prosecuted. Use these tutorials to secure your own networks or those whose permission you have been granted. Keep it ethical and keep it professional.
Table of Contents
Introduction

Censys is an internet-wide scanning project that allows users to explore data collected from the entire IPv4 address space. It can help identify devices, services, and vulnerabilities.

Censys Tutorial: landing page.

You can open the landing page on censys search You can search for a domain name, an IP address or a protocol. There are 100s of millions of machines whose information can be found with a simple search

I searched "unilus.ac.zm", a local domain name from Zambia. The results show the IP addresses of other hosts within the domain, the port numbers that are open on each host, the autonomous system it resides from, specific technology used such as file sharing, bootstrap, wordpress and more. It shows the location of the server or at least the country its from, and service names on the hosts.

Censys Tutorial:results.

We also see the software vendor, the software running and other labels. It is genuinely an interesing tool to use amongst many OSINT tools.

Censys Tutorial: filter.