Head to Censys Search to try out some of the searches below.
We provide 10 free queries a day to unregistered users. Register for a free account and get 250 queries per month, along with API access.
Services in a specific location:
services.service_name: MODBUS and location.country:Germany
Use the same_service operator to find services running on a specific port:
same_service(services.service_name:HTTP and services.port:1337)
Exclude pseudoservices (e.g., honeypots) from results by appending services.truncated:false to your search query:
services.service_name:HTTP and services.truncated:false
Non-standard services running on common ports:
same_service(services.port:{80,22,21} and not services.service_name:{HTTP,SSH,FTP,UNKNOWN}) and services.truncated:false
Hacked MikroTik routers:
services.service_name:MIKROTIK_BW and "hacked"
Internet-exposed printers:
"@PJL INFO STATUS CODE=10001" and "ONLINE=TRUE"
Some additional sample queries:
set one
set two
- Finding Hacked Webservers With Censys Search Data π
- Tracking Deadbolt Ransomware Across the Globe
- Where the Weird Things Are πΈ Investigating Unusual Internet Artifacts with Censys Search Data
The Censys Research team has published several dashboards to track vulnerabilities (or software that's seen several recent vulnerabilities) over time.