Censys has a new SaaS platform! Learn More about our attack surface management platform.


Ready to Get

Request a Demo or


How to Find Servers Using MQTT and AMQP Protocols

by Sally Feller · March 19th, 2019

We recently added MQ Telemetry Transport (MQTT) and the Advanced Message Queuing Protocol (AMQP) protocols to our data set. Here’s a quick rundown of what these protocols are used for, what security risks they carry with them, how to search for servers and devices that use MQTT and AMQP, and how to secure those servers.

Finding and Securing FTP Sites with Censys

by Sally Feller · March 11th, 2019

FTP sites can act as easy gateways for attackers to get into business systems, due to common misuse and misconfiguration issues. In this article, we show you how to use FTP banner grabs to find unknown and/or unsecured business FTP sites. Once located, we’ll walk you through steps for securing them or, better yet, moving to SaaS file-sharing offerings with security tools built-in.

Finding Hacked Web Servers

by Sally Feller · March 5th, 2019

In this article, we’ll show you one way to find hacked web servers. There are endless methods of hunting for affected web servers and this is just one example to get you started in thinking about your efforts in this area.

17K Building Control (BACnet) Servers Connected to the Internet

by Sally Feller · February 26th, 2019

Building Automation and Control network (BACnet) is one of the most popular SCADA protocols that building automation and control systems use to operate. Censys searches for five of the most popular SCADA protocol (including Modbus, S7, BACnet, DNP3, Tridium Fox) and a quick search shows that there are 16,899 BACnet servers accessible across the Internet.

Hunting Mirai Control Servers Using Known Shell Scripts

by Sally Feller · February 19th, 2019

The Mirai Botnet made much of the Internet inaccessible for the US East Coast back in late 2016, taking advantage of insecure IoT devices. Malware similar to Mirai in both behavior and structure is still very much in use across the Internet today. We set out find the servers that host it using Censys.

A Dream of the 90s - Bulletin Board Systems

by Paul A. Parkanzky · February 13th, 2019

There was a time before widespread adoption of the Internet when communities of local Bulletin Board Systems (BBSes) ruled the day in all their ANSI-colored text-based glory. Some BBSes are still active in 2019 and you can find them in Censys. To the nostalgia machine…

Playing Defense By Locating Pre-Attacks

by Sally Feller · February 5th, 2019

Defend your organization before phishing campaigns are even launched by finding adversary pre-attack infrastructure. In this post, we provide a few tips for finding fraudulent domains in Censys.

The Most Common Protocol You’ve Never Heard Of

by Sally Feller · January 29th, 2019

As CWMP is one of most common protocol across the Internet, we explored the security of the protocol and what kind of risks it poses. Moreover, are there any real risks for the corporate world or is this just a consumer technology problem?

Track & Monitor IPMI Devices

by Sally Feller · January 23rd, 2019

We recently started scanning for IPMI devices in Censys so that administrators can search for them and prioritize migrating them to a private network.

Magecart - Threat Hunting Edition

by Sally Feller · January 15th, 2019

Magecart was the malware behind the British Airways and Ticketmaster data breaches a few years back and, unfortunately, it’s still alive and well. Here's how to hunt for Magecart using Censys.

Finding and Monitoring RDP and VNC with Censys

by Sally Feller · January 7th, 2019

We added data for remote desktop protocol (RDP) and virtual network computing (VNC) to Censys. Now you can search for any RDP or VNC servers that are online and tied to your organization and ensure that they’re locked down appropriately.

Finding Apache Tomcat Servers in Your Network

by Sally Feller · December 4th, 2018

Today, we’re going to show you how you might look for suspicious-looking Apache Tomcat servers and either secure them or take them offline to prevent exploitation.

Who's Down with IPP?: Finding Internet-Connected Printers with Censys

by Sally Feller · September 24th, 2018

Censys results now include Internet Printing Protocol (IPP), which allows anyone to get a quick read of how many printers are connected to the Internet and locate any printers their organization may have inadvertently exposed to the public

Find Oracle Database Servers with CVE-2018-3110 Vulnerability

by Sally Feller · September 21st, 2018

Oracle recently released a critical patch for their Database Server product. This post explains how to find servers on the Internet that are affected by this vulnerability.

Introducing Relational Database Scanning

by Sally Feller · June 18th, 2018

To help organizations investigate and monitor whether they’ve mistakenly exposed databases, we're adding scanning for four popular relational database servers: MySQL, PostgreSQL, Microsoft SQL Server, and Oracle Database.

Ready to Get Started?

Get a real-time view of all your organization's assets so you can proactively prevent threats.