censys
diff --git a/‎README.md
+5-4 b/‎README.md
+5-4
diff --git a/‎censys_companies.py
+39-47 b/‎censys_companies.py
+39-47
diff --git a/‎censys_company_netname.py
-65 b/‎censys_company_netname.py
-65
diff --git a/‎censys_domain.py
+64-56 b/‎censys_domain.py
+64-56
@@ -1,4 +1,4 @@
-# Censys recon-ng Modules
+# Censys `recon-ng` Modules
 
 [![License](https://img.shields.io/github/license/censys/censys-recon-ng)](LICENSE)
 [![Code Style](https://img.shields.io/badge/code%20style-black-000000)](https://github.com/psf/black)
@@ -12,7 +12,7 @@ We have written several modules for [`recon-ng`](https://github.com/lanmaster53/
 We have provided two pieces you need to install these modules and begin using them.
 
 - `requirements.txt` - Use this via `pip install -r requirements.txt` to install Python dependencies.
-- `install.sh`- Run this script and it will both install the modules in your home directory (recon-ng supports modules added for the local user in `~/.recon-ng`) and configures the database to add support for your Censys API ID and secret. See your Censys [account](https://censys.io/account/api) for your credentials, and add them to the database as you would any other credential - `keys add ...`.
+- `install.sh`- Run this script and it will both install the modules in your home directory (recon-ng supports modules added for the local user in `~/.recon-ng`) and configures the database to add support for your Censys API ID and secret. See your Censys [account](https://search.censys.io/account/api) for your credentials, and add them to the database as you would any other credential - `keys add ...`.
 
 One you have completed these you can fire up `recon-ng`.
 
@@ -30,8 +30,9 @@ These are normal recon-ng modules, use them like any other. Pivot away! This rep
   -----
     recon/companies-contacts/censys_email_address
     recon/companies-domains/censys_subdomains
-    recon/companies-hosts/censys_org
-    recon/companies-hosts/censys_tls_subjects
+    recon/companies-multi/censys_org
+    recon/companies-multi/censys_tls_subjects
+    recon/contacts-domains/censys_email_to_domains
     recon/domains-companies/censys_companies
     recon/domains-hosts/censys_domain
     recon/hosts-hosts/censys_query
 
@@ -1,62 +1,54 @@
 from recon.core.module import BaseModule
 
-from censys.ipv4 import CensysIPv4
-from censys.base import CensysException
+from censys.search import CensysHosts
+from censys.common.exceptions import CensysException
 
 
 class Module(BaseModule):
     meta = {
-        'name': 'Censys companies by domain',
-        'author': 'J Nazario',
-        'version': '1.1',
-        'description': 'Retrieves the TLS certificates for a domain. Updates the \'companies\' table with the values from the subject organization information.',
-        'query': 'SELECT DISTINCT domain FROM domains WHERE domain IS NOT NULL',
-        'dependencies': ['censys'],
-        'required_keys': ['censysio_id', 'censysio_secret'],
+        "name": "Censys - Companies by Domain",
+        "author": "Censys, Inc. <[email protected]>",
+        "version": 2.1,
+        "description": (
+            "Retrieves the TLS certificates for a domain. This module queries"
+            " the  'services.tls.certificates.leaf_data.names' field and"
+            " updates the 'companies' table with the results."
+        ),
+        "query": (
+            "SELECT DISTINCT domain FROM domains WHERE domain IS NOT NULL"
+        ),
+        "options": [
+            (
+                "num_buckets",
+                "100",
+                False,
+                "maximum number of buckets to retrieve",
+            )
+        ],
+        "required_keys": ["censysio_id", "censysio_secret"],
+        "dependencies": ["censys>=2.1.2"],
     }
 
     def module_run(self, domains):
-        api_id = self.get_key('censysio_id')
-        api_secret = self.get_key('censysio_secret')
-        c = CensysIPv4(api_id, api_secret, timeout=self._global_options['timeout'])
-        IPV4_FIELDS = [
-            '443.https.tls.certificate.parsed.subject.organization',
-            '25.smtp.starttls.tls.certificate.parsed.subject.organization',
-            '110.pop3.starttls.tls.certificate.parsed.subject.organization',
-            '465.smtp.tls.tls.certificate.parsed.subject.organization',
-            '587.smtp.starttls.tls.certificate.parsed.subject.organization',
-            '1521.oracle.banner.tls.certificate.parsed.subject.organization',
-            '3306.mysql.banner.tls.certificate.parsed.subject.organization',
-            '3389.rdp.banner.tls.certificate.parsed.subject.organization',
-            '5432.postgres.banner.tls.certificate.parsed.subject.organization',
-            '8883.mqtt.banner.tls.certificate.parsed.subject.organization',
-        ]
-        SEARCH_FIELDS = [
-            '443.https.tls.certificate.parsed.names',
-            '25.smtp.starttls.tls.certificate.parsed.names',
-            '110.pop3.starttls.tls.certificate.parsed.names',
-            '465.smtp.tls.tls.certificate.parsed.names',
-            '587.smtp.starttls.tls.certificate.parsed.names',
-            '1521.oracle.banner.tls.certificate.parsed.names',
-            '3306.mysql.banner.tls.certificate.parsed.names',
-            '3389.rdp.banner.tls.certificate.parsed.names',
-            '5432.postgres.banner.tls.certificate.parsed.names',
-            '8883.mqtt.banner.tls.certificate.parsed.names',
-        ]
+        api_id = self.get_key("censysio_id")
+        api_secret = self.get_key("censysio_secret")
+        c = CensysHosts(api_id, api_secret)
         for domain in domains:
+            domain = domain.strip('"')
             self.heading(domain, level=0)
             try:
-                query = 'mx:"{0}" OR '.format(domain) + ' OR '.join(
-                    ['{0}:"{1}"'.format(x, domain) for x in SEARCH_FIELDS]
+                report = c.aggregate(
+                    "same_service(services.tls.certificates.leaf_data.names:"
+                    f" {domain} and"
+                    " services.tls.certificates.leaf_data.subject.organization: *)",
+                    field="services.tls.certificates.leaf_data.subject.organization",
+                    num_buckets=int(self.options.get("NUM_BUCKETS", "100")),
                 )
-                payload = c.search(query, IPV4_FIELDS)
             except CensysException:
+                self.print_exception()
                 continue
-            for result in payload:
-                orgs = set()
-                for k, v in result.items():
-                    if k.endswith('.parsed.subject.organization'):
-                        for org in v:
-                            orgs.add(org)
-                for org in orgs:
-                    self.insert_companies(company=org)
+            for bucket in report.get("buckets", []):
+                company = bucket.get("key")
+                self.insert_companies(
+                    company=company, description=f"Domain: {domain}"
+                )
@@ -1,73 +1,81 @@
 from recon.core.module import BaseModule
 
-from censys.ipv4 import CensysIPv4
-from censys.base import CensysException
+from censys.search import CensysHosts
+from censys.common.exceptions import CensysException
 
 
 class Module(BaseModule):
     meta = {
-        'name': 'Censys hosts and subdomains by domain',
-        'author': 'J Nazario',
-        'version': '1.1',
-        'description': 'Retrieves the MX, SMTPS, POP3S, and HTTPS records for a domain. Updates the \'hosts\' and the \'ports\' tables with the results.',
-        'query': 'SELECT DISTINCT domain FROM domains WHERE domain IS NOT NULL',
-        'dependencies': ['censys'],
-        'required_keys': ['censysio_id', 'censysio_secret'],
+        "name": "Censys - Hosts by domain",
+        "author": "Censys, Inc. <[email protected]>",
+        "version": 2.1,
+        "description": (
+            "Retrieves hosts for a domain. This module queries queries domain"
+            " names and updates the 'hosts' and the 'ports' tables with the"
+            " results."
+        ),
+        "query": (
+            "SELECT DISTINCT domain FROM domains WHERE domain IS NOT NULL"
+        ),
+        "required_keys": ["censysio_id", "censysio_secret"],
+        "options": [
+            (
+                "virtual_hosts",
+                "ONLY",
+                False,
+                "Whether to include virtual hosts in the results",
+            ),
+            (
+                "per_page",
+                "100",
+                False,
+                "The number of results to return per page",
+            ),
+            (
+                "pages",
+                "1",
+                False,
+                "The number of pages to retrieve",
+            ),
+        ],
+        "dependencies": ["censys>=2.1.2"],
     }
 
     def module_run(self, domains):
-        api_id = self.get_key('censysio_id')
-        api_secret = self.get_key('censysio_secret')
-        c = CensysIPv4(api_id, api_secret, timeout=self._global_options['timeout'])
-        IPV4_FIELDS = [
-            'ip',
-            'protocols',
-            'location.country',
-            'location.latitude',
-            'location.longitude',
-            'location.province',
-        ]
-        SEARCH_FIELDS = [
-            '443.https.tls.certificate.parsed.names',
-            '25.smtp.starttls.tls.certificate.parsed.names',
-            '110.pop3.starttls.tls.certificate.parsed.names',
-        ]
+        api_id = self.get_key("censysio_id")
+        api_secret = self.get_key("censysio_secret")
+        c = CensysHosts(api_id, api_secret)
         for domain in domains:
+            domain = domain.strip('"')
             self.heading(domain, level=0)
             try:
-                query = 'mx:"{0}" OR '.format(domain) + ' OR '.join(
-                    ['{0}:"{1}"'.format(x, domain) for x in SEARCH_FIELDS]
+                query = c.search(
+                    f"{domain}",
+                    per_page=int(self.options.get("PER_PAGE", "100")),
+                    pages=int(self.options.get("PAGES", "1")),
+                    virtual_hosts=self.options.get("VIRTUAL_HOSTS", "ONLY"),
                 )
-                payload = c.search(query, IPV4_FIELDS + SEARCH_FIELDS)
             except CensysException:
+                self.print_exception()
                 continue
-            for result in payload:
-                names = set()
-                for k, v in result.items():
-                    if k.endswith('.parsed.names'):
-                        for name in v:
-                            names.add(name)
-                if len(names) < 1:
-                    # make sure we have at least a blank name
-                    names.add('')
-                for name in names:
-                    if name.startswith('*.'):
-                        self.insert_domains(name.replace('*.', ''))
-                        continue
-                    self.insert_hosts(
-                        host=name,
-                        ip_address=result['ip'],
-                        country=result.get('location.country', ''),
-                        region=result.get('location.province', ''),
-                        latitude=result.get('location.latitude', ''),
-                        longitude=result.get('location.longitude', ''),
-                    )
-
-                for protocol in result['protocols']:
-                    port, service = protocol.split('/')
+            for hit in query():
+                common_kwargs = {
+                    "ip_address": hit["ip"],
+                    "host": hit.get("name"),
+                }
+                location = hit.get("location", {})
+                coords = location.get("coordinates", {})
+                self.insert_hosts(
+                    region=location.get("continent"),
+                    country=location.get("country"),
+                    latitude=coords.get("latitude"),
+                    longitude=coords.get("longitude"),
+                    **common_kwargs,
+                )
+                for service in hit.get("services", []):
                     self.insert_ports(
-                        ip_address=result['ip'],
-                        host=name,
-                        port=port,
-                        protocol=service,
+                        port=service["port"],
+                        protocol=service["transport_protocol"],
+                        notes=service["service_name"],
+                        **common_kwargs,
                     )