Official website

https://censys.io/

Rule

analyzer: censys
query: ...
id: ...
secret: ...
Name Type Required? Default Desc.
query String Yes Search query
id String No ENV[”CENSYS_ID”] Censys ID
secret String No ENV[”CENSYS_SECRET”] Censys secret

How it works

The analyzer uses Censys Search 2.0 REST API and /api/v2/hosts/search API endpoint to search.

IP addresses matched with a query are treated as artifacts.

Output

This rule outputs the following type of artifacts.

Configuration

Mihari loads your Censys API ID and secret via environment variables CENSYS_ID and CENSYS_SECRET by default.