A new search engine, similar to Shodan.io but more hacker-friendly
Censys is a search engine that was released in October by researchers from the University of Michigan as part of an open source project that aims at maintaining a “complete database of everything on the Internet” helping researchers and companies unearth Online security mishaps and vulnerabilities in products and services.
Censys allows to search both in text mode or with SQL syntax, allowing researchers to run queries against the raw datasets and historical snapshots.
How do it work?
You can search for records that meet certain criteria (e.g., IPv4 hosts in Germany manufactured by Siemens, or browser trusted certificates for github.com), generate reports on how websites are configured (e.g., what cipher suites are chosen by popular websites?), and track how networks have patched over time.
The research paper on Censys — A Search Engine Backed by Internet-Wide Scanning — appeared at the 22nd ACM Conference on Computer and Communications Security (CCS) in October 2015.
The paper contains a full description of Censys’s architecture and several use cases.
If you would like to give Censys a try, you can follow the step-by-step tutorial!