Move Over Shodan, Meet Censys
This post is intended for those who might not be aware of the new search engine Censys. I thought I'd share some information about it the noobs might find interesting.
Shodan search engine is designed to locate any device on the Internet that hasn't been correctly configured to prevent unauthorized access. This includes, of course, web cams (yes a hacker CAN turn your web cam on without you knowing it). Released in 2009 at DEFCON 17, it quickly became a favorite among hackers, researchers, and perverts alike, and just as quickly dubbed, "the scariest search engine on the Internet".
Shodan works by banner grabbing and collecting all information being leaked by insecure devices. The info gets categorized and stored in a large database. The search engine allows users to search this database by type of device, brand name, operating system, location, plus many more.
Up until now, Shodan has been the tool of choice for the Internet of Things, but this might change with the more advanced search engine Censys.
Like Shodan, Censys scans the Internet for devices not properly configured to prevent unauthorized access and stores the information in a database that can be broken down categorically. What makes Censys more advanced is it's use of two tools, ZMAP and ZGRAB, that scan the entire IPv4 address space everyday to maintain a much more comprehensive database of information.
Censys was released in October of 2015 and can be accessed here: https://www.censys.io/