Search 2.0 Quick Start Guide
Censys Search makes Internet-facing hosts and certificates searchable, just like Google makes websites searchable.
The best way to get started with Censys Search is to prepare a list of questions you want to answer. Each question you’re asking will be expressed as one or more search queries written in the Censys Search Language.
When you write a query, Censys evaluates every host or cert in the dataset you’re searching for matches and returns that list to you.
Host Queries: Questions About Hosts
Hosts are computers or devices that are connected to the Internet, located at and identified by an IP address.
Here’s an example query of hosts.
This query (expressed as a field, value pair):
services.tls.certificates.leaf_data.common_name: censys.io
asks the question:
"Which hosts (and virtual hosts) are presenting a certificate during a TLS handshake that has a common name containing censys.io
?"
Here’s what that question and answer looks like on the the Search web UI.

Host Search Result Settings
Censys Search offers several settings for search results.

Sort Order Options
Choose from several options for the order of results from your search query:
-
Relevance — Orders results from most closely matching your search query to least closely matching.
-
Ascending — Orders results from lowest numerical IP address to highest.
-
Descending — Orders results from highest numerical IP address to lowest.
-
Random — Randomizes results matching your search query.
Per Page
Choose how many search results to display on each page:
-
25
-
50
-
100
Virtual Hosts
Choose whether to include or restrict results to virtual hosts, which model hosts identified by both an IP address and name.
Certificate Queries: Questions About Certificates
Certificates are digital documents produced to the X.509 standard for a variety of purposes, the most common of which is verifying a party's identity during a TLS handshake.
Here’s an example for certs. This query:
parsed.validity.end: [2022-01-24 TO *} and parsed.signature.self_signed: true and not parsed.subject.common_name: * and metadata.source: scan and parsed.extensions.basic_constraints.is_ca: false
asks the question:
"Which unexpired, self-signed, nameless certificates that are not used for signing other certificates were found while Censys was scanning hosts?"
Here’s what that looks like in the web UI:

Note about searching certificates: There are some small differences in the Search Language used to write queries against certificates vs. hosts.
Comments
0 comments
Article is closed for comments.