censys.search package
- censys.search.v1 package
- censys.search.v2 package
CensysCerts
CensysCerts.INDEX_NAME
CensysCerts.aggregate()
CensysCerts.bulk()
CensysCerts.bulk_get()
CensysCerts.bulk_post()
CensysCerts.bulk_view()
CensysCerts.get_hosts_by_cert()
CensysCerts.get_observations()
CensysCerts.list_certs_with_tag()
CensysCerts.raw_search()
CensysCerts.search()
CensysCerts.search_get()
CensysCerts.search_post()
CensysCerts.search_post_raw()
CensysCerts.view()
CensysHosts
- censys.search.v2.api module
CensysSearchAPIv2
CensysSearchAPIv2.DEFAULT_URL
CensysSearchAPIv2.INDEX_NAME
CensysSearchAPIv2.Query
CensysSearchAPIv2.account()
CensysSearchAPIv2.add_comment()
CensysSearchAPIv2.add_tag_to_document()
CensysSearchAPIv2.aggregate()
CensysSearchAPIv2.bulk_view()
CensysSearchAPIv2.create_tag()
CensysSearchAPIv2.delete_comment()
CensysSearchAPIv2.delete_tag()
CensysSearchAPIv2.get_comment()
CensysSearchAPIv2.get_comments()
CensysSearchAPIv2.get_tag()
CensysSearchAPIv2.list_all_tags()
CensysSearchAPIv2.list_tags_on_document()
CensysSearchAPIv2.quota()
CensysSearchAPIv2.raw_search()
CensysSearchAPIv2.remove_tag_from_document()
CensysSearchAPIv2.search()
CensysSearchAPIv2.search_get()
CensysSearchAPIv2.search_get_raw()
CensysSearchAPIv2.search_post()
CensysSearchAPIv2.search_post_raw()
CensysSearchAPIv2.update_comment()
CensysSearchAPIv2.update_tag()
CensysSearchAPIv2.view()
An easy-to-use and lightweight API wrapper for Censys Search API (search.censys.io).
- class censys.search.CensysCerts(api_id: str | None = None, api_secret: str | None = None, **kwargs)[source]
Bases:
CensysSearchAPIv2
Interacts with the Certs index.
Please note that this class represents only the v2 API endpoints.
Examples
Inits Censys Certs.
>>> from censys.search import CensysCerts >>> c = CensysCerts()
Search for hosts by sha256fp.
>>> c.get_hosts_by_cert("fb444eb8e68437bae06232b9f5091bccff62a768ca09e92eb5c9c2cf9d17c426") ( [ { "ip": "string", "name": "string", "observed_at": "2021-08-02T14:56:38.711Z", "first_observed_at": "2021-08-02T14:56:38.711Z", } ], { "next": "nextCursorToken", }, )
- INDEX_NAME: str = 'certificates'
Name of Censys Index.
- aggregate(query: str, field: str, num_buckets: int = 50, **kwargs) dict [source]
Aggregates certificate records matching a specified query into buckets based on the given field.
- bulk(fingerprints: List[str]) List[dict] [source]
Fetches the certificate records for the specified SHA-256 fingerprints.
By default, this function uses the POST method, which allows for a larger number of fingerprints to be queried at once. If you wish to use the GET method, please use CensysCerts.bulk_get instead.
- bulk_get(fingerprints: List[str]) List[dict] [source]
Fetches the certificate records for the specified SHA-256 fingerprints.
Using the GET method allows for a smaller number of fingerprints to be queried at once.
- bulk_post(fingerprints: List[str]) List[dict] [source]
Fetches the certificate records for the specified SHA-256 fingerprints.
Using the POST method allows for a larger number of fingerprints to be queried at once.
- bulk_view(fingerprints: List[str]) List[dict] [source]
Fetches the certificate records for the specified SHA-256 fingerprints.
By default, this function uses the POST method, which allows for a larger number of fingerprints to be queried at once. If you wish to use the GET method, please use CensysCerts.bulk_get instead.
- get_hosts_by_cert(fingerprint: str, cursor: str | None = None) dict [source]
Returns a list of hosts which contain services presenting this certificate, including when the certificate was first observed.
- Parameters:
- Returns:
A list of hosts which contain services presenting this certificate.
- Return type:
- get_observations(fingerprint: str, per_page: int = 50, start_time: str | date | datetime | None = None, end_time: str | date | datetime | None = None, cursor: str | None = None) dict [source]
Returns a list of observations for the specified certificate.
- Parameters:
fingerprint (str) – The SHA-256 fingerprint of the requested certificate.
per_page (int) – The number of results to return per page. Defaults to 50.
start_time (str) – The start time of the observations to return.
end_time (str) – The end time of the observations to return.
cursor (str) – Cursor token from the API response, which fetches the next page of observations when added to the endpoint URL.
- Returns:
A list of observations for the specified certificate.
- Return type:
- list_certs_with_tag(tag_id: str) List[dict] [source]
Returns a list of certs which are tagged with the specified tag.
- raw_search(query: str, per_page: int = 50, cursor: str | None = None, fields: List[str] | None = None, sort: str | List[str] | None = None, **kwargs) dict [source]
Searches the Certs index.
Searches the Certs index for all records that match the given query. This method does no automatic pagination or post processing.
- Parameters:
query (str) – The query string to search for.
per_page (int) – The number of results to return per page. Defaults to 50.
cursor (str, optional) – Cursor token from the API response, which fetches the next page of results when added to the endpoint URL.
fields (List[str], optional) – Additional fields to return in the matched certificates outside of the default returned fields.
sort (List[str], optional) – A list of fields to sort on. By default, fields will be sorted in ascending order.
**kwargs – Additional keyword arguments to pass to the underlying HTTP request.
- Returns:
Search results.
- Return type:
- search(query: str, per_page: int = 50, cursor: str | None = None, pages: int = 1, fields: List[str] | None = None, sort: str | List[str] | None = None, **kwargs) Query [source]
Searches the Certs index.
By default, this function uses the POST method, which allows for a larger number of fingerprints to be queried at once. If you wish to use the GET method, please use CensysCerts.search_get instead.
- Parameters:
query (str) – The query string to search for.
per_page (int) – The number of results to return per page. Defaults to 50.
cursor (str, optional) – Cursor token from the API response, which fetches the next page of results when added to the endpoint URL.
pages (int) – The number of pages to return. Defaults to 1.
fields (List[str], optional) – Additional fields to return in the matched certificates outside of the default returned fields.
sort (List[str], optional) – A list of fields to sort on. By default, fields will be sorted in ascending order.
**kwargs – Additional keyword arguments to pass to the underlying HTTP request.
- Returns:
A query object that can be used to iterate over the search results.
- Return type:
- search_get(query: str, per_page: int = 50, cursor: str | None = None, fields: List[str] | None = None, sort: str | List[str] | None = None, **kwargs) dict [source]
Searches the Certs index using the GET method.
- Parameters:
query (str) – The query string to search for.
per_page (int) – The number of results to return per page. Defaults to 50.
cursor (str, optional) – Cursor token from the API response, which fetches the next page of results when added to the endpoint URL.
fields (List[str], optional) – Additional fields to return in the matched certificates outside of the default returned fields.
sort (List[str], optional) – A list of fields to sort on. By default, fields will be sorted in ascending order.
**kwargs – Arbitrary keyword arguments.
- Returns:
Search results.
- Return type:
- search_post(query: str, per_page: int = 50, cursor: str | None = None, fields: List[str] | None = None, sort: str | List[str] | None = None, **kwargs) dict [source]
Searches the Certs index using the POST method.
This method returns the result field of the raw response. If you wish to access the raw response, please use CensysCerts.search_post_raw instead.
- Parameters:
query (str) – The query string to search for.
per_page (int) – The number of results to return per page. Defaults to 50.
cursor (str, optional) – Cursor token from the API response, which fetches the next page of results when added to the endpoint URL.
fields (List[str], optional) – Additional fields to return in the matched certificates outside of the default returned fields.
sort (List[str], optional) – A list of fields to sort on. By default, fields will be sorted in ascending order.
**kwargs – Arbitrary keyword arguments.
- Returns:
Search results.
- Return type:
- search_post_raw(query: str, per_page: int = 50, cursor: str | None = None, fields: List[str] | None = None, sort: str | List[str] | None = None, **kwargs) dict [source]
Searches the Certs index using the POST method. Returns the raw response.
- Parameters:
query (str) – The query string to search for.
per_page (int) – The number of results to return per page. Defaults to 50.
cursor (str, optional) – Cursor token from the API response, which fetches the next page of results when added to the endpoint URL.
fields (List[str], optional) – Additional fields to return in the matched certificates outside of the default returned fields.
sort (List[str], optional) – A list of fields to sort on. By default, fields will be sorted in ascending order.
**kwargs – Arbitrary keyword arguments.
- Returns:
Search results.
- Return type:
- class censys.search.CensysData(api_id: str | None = None, api_secret: str | None = None, **kwargs)[source]
Bases:
CensysSearchAPIv1
Interacts with the Data index.
For more details, see our documentation: https://search.censys.io/api
- get_series() dict [source]
Get data on the types of scans we regularly perform (series).
- Returns:
The result set returned.
- Return type:
- class censys.search.CensysHosts(api_id: str | None = None, api_secret: str | None = None, **kwargs)[source]
Bases:
CensysSearchAPIv2
Interacts with the Hosts index.
Examples
Inits Censys Hosts.
>>> from censys.search import CensysHosts >>> h = CensysHosts()
Simple host search.
>>> for page in h.search("services.service_name: HTTP"): >>> print(page) [ { 'services': [ {'service_name': 'HTTP', 'port': 80}, {'service_name': 'HTTP', 'port': 443} ], 'ip': '1.0.0.0' }, ... ]
Fetch a specific host and its services
>>> h.view("1.0.0.0") { 'ip': '8.8.8.8', 'services': [{}], ... }
Simple host aggregate.
>>> h.aggregate("services.service_name: HTTP", "services.port", num_buckets=5) { 'total_omitted': 591527370, 'buckets': [ {'count': 56104072, 'key': '80'}, {'count': 43527894, 'key': '443'}, {'count': 23070429, 'key': '7547'}, {'count': 12970769, 'key': '30005'}, {'count': 12825150, 'key': '22'} ], 'potential_deviation': 3985101, 'field': 'services.port', 'query': 'services.service_name: HTTP', 'total': 172588754 }
Fetch a list of host names for the specified IP address.
>>> h.view_host_names("1.1.1.1") ['one.one.one.one']
Fetch a list of events for the specified IP address.
>>> h.view_host_events("1.1.1.1") [{'timestamp': '2019-01-01T00:00:00.000Z'}]
- INDEX_NAME: str = 'hosts'
Name of Censys Index.
- aggregate(query: str, field: str, num_buckets: int = 50, virtual_hosts: str | None = None, **kwargs: Any) dict [source]
Aggregate host index.
Creates a report on the breakdown of the values of a field in a result set. For more details, see our documentation: https://search.censys.io/api
- Parameters:
query (str) – The query to be executed.
field (str) – The field you are running a breakdown on.
num_buckets (int) – Optional; The maximum number of values. Defaults to 50.
virtual_hosts (str) – Optional; Whether to include virtual hosts in the results. Valid values are “EXCLUDE”, “INCLUDE”, and “ONLY”.
**kwargs (Any) – Optional; Additional arguments to be passed to the query.
- Returns:
The result set returned.
- Return type:
- bulk_view(document_ids: List[str], max_workers: int = 20, at_time: str | date | datetime | None = None, **kwargs: Any) Dict[str, dict] [source]
Bulk view documents from current index.
View the current structured data we have on a list of documents.
- Parameters:
document_ids (List[str]) – The IDs of the documents you are requesting.
max_workers (int) – Optional; The number of workers to use. Defaults to 20.
at_time ([str, datetime.date, datetime.datetime]) – Optional; Fetches a document at a given point in time.
**kwargs (Any) – Optional; Additional arguments to be passed to the query.
- Returns:
The result set returned.
- Return type:
- list_hosts_with_tag(tag_id: str) List[str] [source]
Returns a list of hosts which are tagged with the specified tag.
- metadata() dict [source]
Get metadata for the host index.
- Returns:
The result set returned.
- Return type:
- search(query: str, per_page: int = 100, cursor: str | None = None, pages: int = 1, fields: List[str] | None = None, sort: str | List[str] | None = None, virtual_hosts: str | None = None, **kwargs: Any) Query [source]
Search host index.
Searches the given index for all records that match the given query. For more details, see our documentation: https://search.censys.io/api
- Parameters:
query (str) – The query to be executed.
per_page (int) – Optional; The number of results to be returned for each page. Defaults to 100.
cursor (int) – Optional; The cursor of the desired result set.
pages (int) – Optional; The number of pages returned. Defaults to 1.
fields (List[str]) – Optional; The fields to return. Defaults to all fields.
sort (str) – Optional; The method used to sort results. Valid values are “RELEVANCE”, “DESCENDING”, and “ASCENDING”.
virtual_hosts (str) – Optional; Whether to include virtual hosts in the results. Valid values are “EXCLUDE”, “INCLUDE”, and “ONLY”.
**kwargs (Any) – Optional; Additional arguments to be passed to the query.
- Returns:
Query object that can be a callable or an iterable.
- Return type:
- view(document_id: str, at_time: str | date | datetime | None = None, **kwargs: Any) dict [source]
View document from current index.
View the current structured data we have on a specific document. For more details, see our documentation: https://search.censys.io/api
- Parameters:
document_id (str) – The ID of the document you are requesting.
at_time ([str, datetime.date, datetime.datetime]) – Optional; Fetches a document at a given point in time.
**kwargs (Any) – Optional; Additional arguments to be passed to the query.
- Returns:
The result set returned.
- Return type:
- view_host_certificates(ip: str, per_page: int = 100, start_time: str | date | datetime | None = None, cursor: str | None = None) dict [source]
Returns a list of certificates for the specified host.
- Parameters:
ip (str) – The IP address of the requested host.
per_page (int) – Optional; The number of results to be returned for each page. Defaults to 100.
start_time (Datetime) – Optional; An RFC3339 timestamp which represents the beginning chronological point-in-time (inclusive) from which events are returned.
cursor (str) – Optional; Cursor token from the API response.
- Returns:
A list of certificates.
- Return type:
- view_host_diff(ip: str, ip_b: str | None = None, at_time: str | date | datetime | None = None, at_time_b: str | date | datetime | None = None)[source]
Fetches a diff of the specified IP address.
- Parameters:
ip (str) – The IP address of the requested host.
ip_b (str) – Optional; The IP address of the second host.
at_time (Datetime) – Optional; An RFC3339 timestamp which represents the point-in-time used as the basis for Host A.
at_time_b (Datetime) – Optional; An RFC3339 timestamp which represents the point-in-time used as the basis for Host B.
- Returns:
A diff of the hosts.
- Return type:
- view_host_events(ip: str, start_time: str | date | datetime | None = None, end_time: str | date | datetime | None = None, per_page: int | None = None, cursor: str | None = None, reversed: bool | None = None) dict [source]
Fetches a list of events for the specified IP address.
- Parameters:
ip (str) – The IP address of the requested host.
start_time (Datetime) – Optional; An RFC3339 timestamp which represents the beginning chronological point-in-time (inclusive) from which events are returned.
end_time (Datetime) – Optional; An RFC3339 timestamp which represents the ending chronological point-in-time (exclusive) from which events are returned.
per_page (int) – Optional; The maximum number of hits to return in each response (minimum of 1, maximum of 50).
cursor (str) – Optional; Cursor token from the API response.
reversed (bool) – Optional; Reverse the order of the return events, that is, return events in reversed chronological order.
- Returns:
A list of events.
- Return type:
- class censys.search.SearchClient(*args, **kwargs)[source]
Bases:
object
Client for interacting with all Search APIs.
All indexes are passed the args and kwargs that are provided.
Examples
Inits SearchClient.
>>> from censys.search import SearchClient >>> c = SearchClient()
Access both v1 and v2 indexes.
>>> data = c.v1.data # CensysData() >>> hosts = c.v2.hosts # CensysHosts() >>> certs = c.v2.certs # CensysCerts()