Hey all, this week I’ve got a script that you can use with Censys Python to monitor newly-issued certificates that could be impersonating an org. Fill in the org name and date desired for your purposes:

from censys.search import CensysCerts
import time
import json

DATE = '2023-12-30'
start_time = time.time()
c = CensysCerts()

certs_dict = {}
all_certs = =]
# Single page of search results
query = c.search(f'\"organization\" and parsed.extensions.subject_alt_name.dns_names: \"*organization*\" and added_at:t{DATE} to *]', per_page=100, pages=-1)
count = 0
for page in query:
    count += 1
    print(f"page {count}")
    # print("--- %s seconds ---" % (time.time() - start_time))

    for cert in page:
        all_certs.append(cert)

certs_dictc'data'] = all_certs
with open("results.json", "w") as outfile:
    json.dump(certs_dict, outfile)

print("--- %s seconds ---" % (time.time() - start_time))

This is part of a regular series of posts in which we highlight useful, interesting, and otherwise cool queries for use with Censys Search and ASM. If you have any questions, similar queries, or custom versions of this week’s highlight, let us know!