03. How does Censys.io work ? - tandihansvin/EthicalHacking GitHub Wiki

censys.io Some people might ask how censys.io work, which protocol and port are used, how frequent censys.io do the scanning. So, on this page, I will try to explain what I have found so far.

How does censys.io work?

It actually performs all IPv4 scans at lThe Censys Team uses several tools from the ZMap Project to perform scans including ZMap, ZGrab, ZTag, and ZDNS.east once a week and scan domains daily. If it found any changes, it will update its database.

What does censys.io scan?

  1. HTTP. It scans TCP ports 80, 8080, and 8000 for HTTP hosts. But, when it meets a responsive host, it collects the root page and headers by issuing an HTTP 1.1 GET / request and follow HTTP redirects.
  2. HTTPS. It scans TCP/443 and TCP/4443.
  3. POP3, IMAP, SMTP, SMTPS. (eg. SMTP on TCP/25).
  4. SSH. on TCP/22, it collects host key and banner data.
  5. DNS. It scans for open recursive resolvers on UDP/53 and check whether DNS servers provide the correct records.
  6. FTP. It collects FTP banners on TCP/21.

How does censys.io scan the internet ?

The Censys Team uses several tools from the ZMap Project to perform scans including ZMap, ZGrab, ZTag, and ZDNS.