Documentation
Start typing to search…

Seed Your Attack Surface

In Censys Attack Surface Management (ASM), a seed is a known, public-facing asset that serves as a starting point for discovering and mapping your organization's entire digital footprint across the Internet. By providing these initial seeds, you enable the tool to systematically identify and analyze all connected assets, helping you accurately define and secure your public-facing network.

This article walks through assets you can add as seeds, how to manually add seeds, how to add seeds via the API, and how to view your seed data. You can also use use Censys to find seeds.

Video overview

Assets you can add as seeds

The following assets make great seeds. Not all of the options listed below are necessary or even applicable to your organization, so they are listed from most to least common.

  • Domains: Domain names identify DNS administrative zones, are registered with a registrar, and often have name servers or mail servers associated with them.
    • Example: censys.io
  • Other names: Other DNS names identify services (for example, me.censys.io) and map to one or more IP addresses where the services are running. These can be added as a Domain type.
    • Example: app.censys.io
  • IP addresses: IP addresses are numerical labels assigned to devices or services connected to the Internet to identify and reach them.
    • Example: 8.8.8.8
  • CIDR Blocks: A Classless Inter-Domain Routing (CIDR) is a range of sequential IP addresses (in CIDR notation) assigned to an organization for their use.
    • Example: 8.8.8.0/24
  • ASNs: An autonomous system number is a numerical identifier of a connected group of 1 or more blocks of IP addresses that are assigned to an organization.

Example: 123

Manually add seeds

  1. Go to the ASM web console, click your username, and click Add Seeds.

  1. Enter your assets in the text box or upload a CSV or text file. The file must be under 5 megabytes in size.

    1. The structure of a CSV file that is to be uploaded looks like this:
    TypeValue
    IP_ADDRESS
    DOMAIN_NAME
    ASN
    CIDR

  2. Click Next Step.

  3. Resolve any issues and verify the accuracy of your assets in each section. Click Submit.

  4. You will receive an email when your attack surface is inventoried and ready for you to view.

Add seeds via API

You can add seeds with our REST API with this call:

POST ++[https://app.censys.io/api/v1/seeds](https://app.censys.io/api/v1/seeds)

Example request body

{  
  "seeds": [
    {
      "type": "ASN",
      "value": 0,
      "label": "emeahq"
    },
    {
      "type": "IP_ADDRESS",
      "value": "1.1.1.1",
      "label": "dns"
    },
    {
      "type": "DOMAIN_NAME",
      "value": "example.com",
      "label": "main"
    },
    {
      "type": "CIDR",
      "value": "127.0.0.0/16",
      "label": "internal"
    }
  ]
}

To see more seed management methods, visit our API documentation.

View seed data

  1. To view your organization’s seed data, click Inventory > Seed Data.

The two tabs at the top of the Seed Data page show the total number of assets:

  • Provided by You: Provided to Attack Surface Management through seeds on the left.
  • Found by Censys: Discovered by Attack Surface Management with links to those lists on the right.

The table at the bottom of the page displays a comprehensive list of all seed data that has been input into the platform. Each entry in the table provides detailed information, including:

  • Type: The category or classification of the seed data.
  • Value: The specific numerical or textual value associated with the seed data.
  • Source: The particular interface or method used to add the seed data to the platform.
  • Label: An optional descriptive label or tag assigned to the seed data for easier identification and categorization.

Updated 1 day ago

What’s Next