Powered byAlgolia
BlogBookmarksSubmit

censys

Security

How to Use Public API Docs from Censys.io

Censys.io is a website that provides a platform for Internet-wide scanning. It has a public API that allows users to access their services programmatically. In this blog, we will discuss how to use the API docs from Censys.io, including some example code in JavaScript.

Getting Started

Before we can use the Censys.io API, we need to sign up for a free account and get an API key. Once we have our API key, we can use it to make requests to the API.

API Documentation

Censys.io provides comprehensive documentation for their API on their website. The documentation is organized into sections that cover different aspects of the API, such as authentication, data retrieval, and search. Each section provides detailed information about the endpoints, parameters, and response formats of the API.

Example Code in JavaScript

To help you get started with using the Censys.io API, here is some example code in JavaScript.

Authentication

To authenticate with the Censys.io API, we need to include our API key in the requests we make. Here is an example of how to add the API key to a request using the axios library.

const axios = require('axios');

const apiKey = 'your-api-key';

axios.get('https://censys.io/api/v1/data', {
  headers: {
    'Content-Type': 'application/json',
    'Authorization': `Basic ${Buffer.from(apiKey).toString('base64')}`
  }
})
.then((response) => {
  console.log(response.data);
})
.catch((error) => {
  console.error(error);
});

Data Retrieval

To retrieve data from the Censys.io API, we can use the /data endpoint. Here is an example of how to make a request to retrieve information about a specific IP address.

const axios = require('axios');

const apiKey = 'your-api-key';
const ipAddress = '192.0.2.1';

axios.post('https://censys.io/api/v1/data', {
  query: `ip:${ipAddress}`,
  fields: ['ip', 'protocols', 'ports']
}, {
  headers: {
    'Content-Type': 'application/json',
    'Authorization': `Basic ${Buffer.from(apiKey).toString('base64')}`
  }
})
.then((response) => {
  const data = response.data.results[0];
  console.log(`IP address: ${data.ip}`);
  console.log(`Protocols: ${data.protocols.join(', ')}`);
  console.log(`Ports: ${data.ports.join(', ')}`);
})
.catch((error) => {
  console.error(error);
});

Search

To search for data with the Censys.io API, we can use the /search endpoint. Here is an example of how to make a request to search for SSL certificates with a specific common name.

const axios = require('axios');

const apiKey = 'your-api-key';
const commonName = 'example.com';

axios.post('https://censys.io/api/v1/search/certificates', {
  query: `parsed.subject.common_name:"${commonName}"`,
  fields: ['parsed.subject.common_name', 'parsed.validity.start', 'parsed.validity.end']
}, {
  headers: {
    'Content-Type': 'application/json',
    'Authorization': `Basic ${Buffer.from(apiKey).toString('base64')}`
  }
})
.then((response) => {
  const results = response.data.results;
  console.log(`Found ${results.length} SSL certificates with common name "${commonName}":`);
  results.forEach((result) => {
    console.log(`- Common Name: ${result.parsed.subject.common_name}`);
    console.log(`  Validity: ${result.parsed.validity.start} to ${result.parsed.validity.end}`);
  });
})
.catch((error) => {
  console.error(error);
});

Conclusion

In this blog, we have discussed how to use the public API docs from Censys.io, including some example code in JavaScript. With this knowledge, you should be able to start using the Censys.io API to access their Internet-wide scanning services.

Related APIs

Zaproxy

Security

Zaproxy is an open-source API testing and penetration testing tool that helps developers and security professionals identify and fix vulnerabilities in web applications. It offers a range of features, including automated scanning, a flexible plug-in architecture, and advanced reporting capabilities. Zaproxy is highly customizable and can be integrated into existing development and testing workflows.

FilterLists

Security

FilterLists is a community-driven website that offers a curated list of ad-blocking and privacy-enhancing browser extensions. The website provides an extensive collection of filter lists that users can add to their ad-blocker to improve their online privacy and security. FilterLists has a user-friendly interface that enables users to easily browse through the different filter lists and select the ones that suit their needs. In addition, the website also provides a submission process for filter lists, allowing users to suggest new lists or report issues with existing ones. Overall, FilterLists is a valuable resource for users looking to enhance their online privacy and security.

UK Police

Security

UK Police data. The API provides a rich data source for information, including: Neighbourhood team members. Upcoming events. Street-level crime and outcome data. Nearest police stations The API is implemented as a standard JSON web service using HTTP GET and POST requests. Full request and response examples are provided in the documentation.

HaveIBeenPwned

Security

Passwords which have previously been exposed in data breaches. The API allows the list of pwned accounts (email addresses and usernames) to be quickly searched via a RESTful service.

SecurityTrails

Security

Domain and IP related information such as current and historical WHOIS and DNS records. SecurityTrails currently offers three different products that can help you enrich your data, search for information, and find relevant security information for organizations in no time: Security Trails API, Accessing the Security Trails REST API and data format.

National Vulnerability Database

Security

U.S. National Vulnerability Database. A weakness in the computational logic (e.g., code) found in software and hardware components that, when exploited, results in a negative impact to confidentiality, integrity, or availability. Mitigation of the vulnerabilities in this context typically involves coding changes, but could also include specification changes or even specification deprecations (e.g., removal of affected protocols or functionality in their entirety).

Shodan

Security

Search engine for Internet connected devices. Use the API to automatically generate reports, notify you if something popped up on Shodan or keep track of results over time. The Streaming API gives you the ability to subscribe to events in real-time so you can immediately respond to new discoveries.

FilterLists

Security

Lists of filters for adblockers and firewalls. Make a simple call to the api and it will list all blockers and firewalls in a JSON file. Easy, simple and fast way to integrate ads / lucrative content to your website.

Virus Scan APIs

Security

Virus API lets you scan files and content for viruses and identify security issues with content. The most powerful and cost effective cloud APIs, continuously improved. Optical Character Recognition API, Document and Data Conversion API, Validate API to check if an Email is real, image and face recognition and processing API, Barcode APIs, voice recognition and speech apis.

AWS Serverless Kit

Developer Tool

Deploy your app in minutes with AWS best practices

Search API

Data Access

Real-time Google, YouTube & Amazon SERP API for easy SERP scraping.

ipstack

Geocoding

Locate and identify website visitors by IP address.

Exchangerate API

Currency Exchange

JSON API for foreign exchange rates and currency conversion

Weatherstack

Weather

Retrieve instant, accurate weather information for any location in the world in lightweight JSON format