### Execute Asset Search with ZoomEye Python SDK Example Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/README.rst This example illustrates an interactive Python session demonstrating how to perform an asset search using the ZoomEye Python SDK. It shows the initialization with an API key and a basic search query for assets in 'country=cn', along with the typical tabular output. ```python $ python3 >>> import zoomeyeai.sdk as zoomeye >>> # Use API-KEY search >>> zm = zoomeye.ZoomEye(api_key="01234567-acbd-00000-1111-22222222222") >>> data = zm.search('country=cn') ip port domain update_time 192.53.120.134 7766 [unknown] 2024-12-06T15:20:08 ... ``` -------------------------------- ### Install ZoomEye-python Library Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/README.rst This snippet demonstrates how to install the ZoomEye-python library. Users can choose to install it directly from PyPI using pip3 or from the GitHub repository for the latest development version. ```Shell pip3 install zoomeyeai ``` ```Shell pip3 install git+https://github.com/zoomeye-ai/ZoomEye-python ``` -------------------------------- ### List Python Project Dependencies (requirements.txt) Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/requirements.txt This snippet lists the exact versions of Python packages required for the `/zoomeye-ai/zoomeye-python` project. These dependencies are managed via a `requirements.txt` file, which allows for consistent environment setup across different development and deployment environments. Users can install these packages using `pip install -r requirements.txt`. ```Python certifi==2021.10.8 charset-normalizer==2.0.8 colorama==0.4.4 graphviz==0.19 idna==3.3 requests==2.26.0 ``` -------------------------------- ### ZoomEye API: Search by Product Component Information Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Search for assets based on specific product component information. This filter supports searching for mainstream asset components. ```APIDOC product="Cisco" ``` -------------------------------- ### Get User Information with ZoomEye AI API Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md This API endpoint retrieves detailed information about the current user, including their username, email, phone number, creation date, and subscription details. It also provides current general and ZoomEye-specific points. This endpoint requires an API key for authentication and returns user data in JSON format. ```APIDOC POST /v2/userinfo Response Fields: - code (integer): Response code - message (string): Response message - data (object): User information and subscription details - username (string): Username - email (string): User email - phone (string): User phone number - created_at (string, date-time): user creation time - subscription (object): subscription information - plan (string): subscription plan - end_date (string, date-time): subscription end date - points (string): Available General Points, You can also see it from [here](https://www.zoomeye.ai/profile/record) - zoomeye_points (string): Available ZoomEye-Points, You can also see it from [here](https://www.zoomeye.ai/profile/record) ``` ```bash curl -X POST https://api.zoomeye.ai/v2/userinfo -H "API-KEY: $YOUR_API_KEY" ``` ```json { "code": 60000, "message": "success", "data": { "username": "abc", "email": "user@example.com", "phone": "+1234567890", "created_at": "2023-01-15T08:00:00Z", "subscription": { "plan": "Premium", "end_date": "2024-01-20T00:00:00Z", "points": "30000", "zoomeye_points": "10000000" } } } ``` -------------------------------- ### ZoomEye API: Search by Transmission Protocol Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Search for assets based on their transmission protocol. Common transmission protocols include TCP, UDP, TCP6, and SCTP. ```APIDOC protocol="TCP" ``` -------------------------------- ### ZoomEye Search: Find Assets by Hostname Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Searches for assets of related IP hostnames. This filter is useful for identifying devices based on their assigned hostnames. ```APIDOC hostname="google.com" ``` -------------------------------- ### ZoomEye Search: Find C-class IP Assets by CIDR Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Searches for C-class assets within a specified IP CIDR block. This filter allows for granular IP range searches. For example, 'cidr="52.2.254.36/16"' searches for B-class IPs, and 'cidr="52.2.254.36/8"' searches for A-class IPs. ```APIDOC cidr="52.2.254.36/24" ``` -------------------------------- ### ZoomEye Search: Query by Protocol Messages (Banner) Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Searches by protocol messages, often used for searching HTTP response header data. This allows for identifying services based on their initial banner responses. ```APIDOC banner="FTP" ``` -------------------------------- ### ZoomEye Search: Query by HTTP Header Version Number Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Searches by the version number found in the HTTP header. This allows for filtering assets based on the HTTP protocol version they support. ```APIDOC http.header.version="1.2" ``` -------------------------------- ### Initialize ZoomEye-python CLI Token with API Key Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/README.rst Before using the ZoomEye-python CLI, users must initialize their API token for authentication. This example demonstrates how to initialize the token using an API key, which can be obtained from the ZoomEye profile page. The command confirms successful initialization and displays basic role and quota information. ```Shell $ zoomeyeai init -apikey "01234567-acbd-00000-1111-22222222222" successfully initialized Role: developer Quota: 10000 ``` -------------------------------- ### ZoomEye Search: Find Assets by Internet Service Provider (ISP) Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Searches for assets related to specified network service providers. This filter can be combined with organization data for more refined and targeted searches. ```APIDOC isp="China Mobile" ``` -------------------------------- ### Perform Basic Search with ZoomEye-python CLI Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/README.rst This example demonstrates the core 'search' function of the ZoomEye-python CLI, used to query the ZoomEye database. It shows a simple search for 'telnet' and displays the default output fields: IP address, port, domain, and update time, along with the total number of results. ```Shell $ zoomeyeai search "telnet" ip port domain update_time 192.53.120.134 7766 [unknown] 2024-12-06T15:20:08 total: 1 ``` -------------------------------- ### ZoomEye Search: Find Assets by HTTP Header Hash Value Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Searches by the hash values calculated from the HTTP header. This provides a unique identifier for specific header configurations, useful for finding similar assets. ```APIDOC http.header_hash="27f9973fe57298c3b63919259877a84d" ``` -------------------------------- ### ZoomEye API: Search by Operating System Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Search for assets based on their operating system. Common systems include Linux, Windows, RouterOS, IOS, and JUNOS. Additional systems can be found in the domain name sidebar aggregation display of search results. ```APIDOC os="RouterOS" ``` -------------------------------- ### ZoomEye Search Filters for IP and Domain Data Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md This section provides ZoomEye search filters for identifying assets based on their IPv4 or IPv6 addresses. These filters are essential for targeting specific hosts or networks directly. ```APIDOC ip="8.8.8.8" ``` ```APIDOC ip="2600:3c00::f03c:91ff:fefc:574a" ``` -------------------------------- ### ZoomEye API: API-KEY Authentication Method Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md ZoomEye-API supports API-KEY authentication. Each account has a unique API-KEY string found at the bottom of its profile page. This key must be included in API requests for authentication. ```APIDOC API-KEY: [Your API Key Here] Location: User profile page (e.g., https://www.zoomeye.ai/profile) ``` -------------------------------- ### ZoomEye API: Search by DNS Dig Content Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Search for assets based on their DNS dig content, including domain and IP address. This allows for targeted searches related to DNS records. ```APIDOC dig="baidu.com 220.181.38.148" ``` -------------------------------- ### ZoomEye API Query Parameter Reference Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md This section details the available query parameters for the ZoomEye API, including their data types, descriptions, and the required user plan for access. These parameters are used to refine search queries for asset information. ```APIDOC Parameters: - name: honeypot type: integer description: Is it a honeypot (0 for no, 1 for yes) access: All users - name: ssl type: string description: SSL x509 certificate information access: All users - name: primary_industry type: string description: Primary industry information access: Business plan and above - name: sub_industry type: string description: Sub-industry information access: Business plan and above - name: rank type: integer description: Asset importance ranking, the higher the score, the more important. access: Business plan and above ``` -------------------------------- ### ZoomEye Search: Find Assets by HTML Body Content Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Searches by content within the HTML body of web pages. This allows for identifying assets based on specific keywords or phrases present in their web content. ```APIDOC http.body="document" ``` -------------------------------- ### ZoomEye API: Filter for Honeypot Assets Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Filter search results to specifically include or exclude honeypot assets. Setting this filter to 'True' will only show identified honeypots. ```APIDOC is_honeypot="True" ``` -------------------------------- ### ZoomEye Search: Search for Domain-Related Assets Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Used to search for domain and subdomain data, finding assets related to a specified domain. This helps in discovering infrastructure associated with a particular web presence. ```APIDOC domain="baidu.com" ``` -------------------------------- ### ZoomEye API: Search by File Hash Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Search for assets with related content based on the parsed file data's hash. This is useful for identifying assets associated with specific files, such as those parsed with 'Gitlab'. ```APIDOC filehash="0b5ce08db7fb8fffe4e14d05588d49d9" ``` -------------------------------- ### ZoomEye Search: Find Assets by Service Protocol Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Searches for assets related to a specified service protocol. Common service protocols include: http, ftp, ssh, telnet, etc. Other services can be found in the domain name sidebar aggregation display of search results. ```APIDOC service="ssh" ``` -------------------------------- ### Bash: Convert Query Condition to Base64 Encoding Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md This snippet demonstrates how to convert a query condition string into base64 encoding using the `base64` command-line tool in Bash. The resulting base64 string can then be passed as a `qbase64` parameter to the ZoomEye API for encoded queries. ```bash echo 'title="knownsec"' | base64 ``` -------------------------------- ### ZoomEye Query Interface Response Fields APIDOC Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Defines the structure and details of fields returned by the ZoomEye query interface. Each entry specifies the field name, data type, a brief description of its content, and the minimum permission level required to access it. This reference is essential for developers integrating with ZoomEye data. ```APIDOC [ { "field_name": "ip", "type": "string", "description": "IP address (used when the web asset is incomplete)", "permission": "All users" }, { "field_name": "domain", "type": "string", "description": "Domain", "permission": "All users" }, { "field_name": "url", "type": "string", "description": "Full URL of the asset (for web assets)", "permission": "All users" }, { "field_name": "ssl.jarm", "type": "string", "description": "SSL JARM fingerprint", "permission": "All users" }, { "field_name": "ssl.ja3s", "type": "string", "description": "SSL JA3S fingerprint", "permission": "All users" }, { "field_name": "iconhash_md5", "type": "string", "description": "MD5 value of the icon image", "permission": "Professional plan and above" }, { "field_name": "robots_md5", "type": "string", "description": "MD5 value of the robots.txt file", "permission": "Business plan and above" }, { "field_name": "security_md5", "type": "string", "description": "MD5 value of the security settings file", "permission": "Business plan and above" }, { "field_name": "hostname", "type": "string", "description": "Hostname information", "permission": "All users" }, { "field_name": "os", "type": "string", "description": "Operating system information", "permission": "All users" }, { "field_name": "port", "type": "integer", "description": "Port number", "permission": "All users" }, { "field_name": "service", "type": "string", "description": "Provided application protocol (e.g., HTTP, SSH)", "permission": "All users" }, { "field_name": "title", "type": "list", "description": "Webpage title", "permission": "All users" }, { "field_name": "version", "type": "string", "description": "Component version information", "permission": "All users" }, { "field_name": "device", "type": "string", "description": "Device name", "permission": "All users" }, { "field_name": "rdns", "type": "string", "description": "Reverse DNS information", "permission": "All users" }, { "field_name": "product", "type": "string", "description": "Product component information", "permission": "All users" }, { "field_name": "header", "type": "string", "description": "HTTP response header information", "permission": "All users" }, { "field_name": "header_hash", "type": "string", "description": "Hash calculated from HTTP response header", "permission": "Professional plan and above" }, { "field_name": "banner", "type": "string", "description": "Service banner information", "permission": "All users" }, { "field_name": "body", "type": "string", "description": "HTML Body content", "permission": "Business plan and above" }, { "field_name": "body_hash", "type": "string", "description": "Hash calculated from the HTML body", "permission": "Professional plan and above" }, { "field_name": "update_time", "type": "string", "description": "Asset update time", "permission": "All users" }, { "field_name": "header.server.name", "type": "string", "description": "Server name in the HTTP response header", "permission": "All users" }, { "field_name": "continent.name", "type": "string", "description": "Name of the continent", "permission": "All users" }, { "field_name": "country.name", "type": "string", "description": "Name of the country", "permission": "All users" }, { "field_name": "province.name", "type": "string", "description": "Name of the province", "permission": "All users" }, { "field_name": "city.name", "type": "string", "description": "Name of the city", "permission": "All users" }, { "field_name": "isp.name", "type": "string", "description": "ISP name", "permission": "All users" }, { "field_name": "organization.name", "type": "string", "description": "Organization name", "permission": "All users" }, { "field_name": "zipcode", "type": "integer", "description": "Postal code", "permission": "All users" }, { "field_name": "idc", "type": "string", "description": "Is it an IDC (0 for no, 1 for yes)", "permission": "All users" }, { "field_name": "lon", "type": "string", "description": "Geolocation longitude", "permission": "All users" }, { "field_name": "lat", "type": "string", "description": "Geolocation latitude", "permission": "All users" }, { "field_name": "asn", "type": "string", "description": "Autonomous System Number", "permission": "All users" }, { "field_name": "protocol", "type": "string", "description": "Transport layer protocol (e.g., TCP, UDP)", "permission": "All users" } ] ``` -------------------------------- ### ZoomEye API: Search by Device Type Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Search for assets based on their device type. Common types include router, switch, and storage-misc. Other types can be found in the domain name sidebar aggregation display of search results. ```APIDOC device="router" ``` -------------------------------- ### ZoomEye Search: Filter by HTTP Header Server Field Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Searches by the server field within the HTTP header. This is used for identifying web servers based on their reported server software, such as 'Nginx'. ```APIDOC http.header.server="Nginx" ``` -------------------------------- ### ZoomEye API: Search by HTML Title Content Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Search for assets where the HTML content's title contains a specific string. This filter targets the tag within web page responses. ```APIDOC title="Cisco" ``` -------------------------------- ### Perform Asset Search with ZoomEye AI API Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md This API endpoint allows users to search for network asset information based on specified query conditions. It supports various filters like fields to return, data type (IPv4, IPv6, web), pagination, and facets for statistical analysis. An API key is required for authentication, and queries must be Base64 encoded. ```APIDOC POST /v2/search Parameters: - qbase64 (string, required): Base64 encoded query string. For more, refer to **Related references**. - fields (string, optional): The fields to return, separated by commas. Default: ip, port, domain, update_time. For more, refer to **Response field description** - sub_type (string, optional): Data type, supports v4, v6, and web. Default is v4. - page (integer, optional): View asset page number - pagesize (integer, optional): Number of records per page, default is 10, maximum is 10,000. - facets (string, optional): Statistical items, separated by commas if there are multiple. Supports country, subdivisions, city, product, service, device, OS, and port. - ignore_cache (boolean, optional): Whether to ignore the cache. false, supported by Business plan and above. ``` ```bash curl -X POST 'https://api.zoomeye.ai/v2/search' -H "API-KEY: $YOUR_API_KEY" \ -H 'content-type: application/json' \ -d '{ "qbase64": "dGl0bGU9ImNpc2NvIHZwbiIK", "page": 1 }' ``` -------------------------------- ### ZoomEye API: Search Assets Updated Before Date Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Search for assets with an update time before a specified date, combined with other filters like port. Time filters must always be used in conjunction with other search criteria. ```APIDOC before="2020-01-01" && port="50050" ``` -------------------------------- ### ZoomEye Search: Discover Devices by Application Fingerprint Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Searches for devices identified by a specific application fingerprint, such as 'Cisco ASA SSL VPN' devices. For more application rules, refer to the ZoomEye documentation. Entering keywords like 'Cisco' in the search box will display related app prompts. ```APIDOC app="Cisco ASA SSL VPN" ``` -------------------------------- ### ZoomEye API: Search Assets Updated After Date Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Search for assets with an update time after a specified date, combined with other filters like port. Time filters must always be used in conjunction with other search criteria. ```APIDOC after="2020-01-01" && port="50050" ``` -------------------------------- ### ZoomEye API: Search by Icon MD5 Hash Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Analyze target data by MD5 hash and search for assets with related content based on the icon. This is useful for finding assets with specific visual branding, such as the 'google' icon. ```APIDOC iconhash="f3418a443e7d841097c714d69ec4bcb8" ``` -------------------------------- ### ZoomEye API: Search by Industry Type Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Search for assets related to a specified industry type. Common industry types include technology, energy, finance, and manufacturing. Other types can be supplemented with organization data. ```APIDOC industry="government" ``` -------------------------------- ### ZoomEye Search: Identify Assets by Port Number Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Searches for related port assets, allowing users to find devices with specific open ports. Currently, this filter does not support simultaneous open multi-port target searches. ```APIDOC port=80 ``` -------------------------------- ### ZoomEye Search: Query by HTML Body Hash Value Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Searches by the hash value calculated from the HTML body. This provides a unique identifier for specific web page content, useful for finding identical or very similar pages. ```APIDOC http.body_hash="84a18166fde3ee7e7c974b8d1e7e21b4" ``` -------------------------------- ### ZoomEye Search: Filter by HTTP Response Header Content Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Searches by HTTP response header content. This is used for searching general HTTP response header data, allowing for broad content matching within headers. ```APIDOC http.header="http" ``` -------------------------------- ### ZoomEye API: Search by Icon MMH3 Hash Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Analyze target data by MMH3 hash and search for assets with related content based on the icon. This allows for finding assets with specific visual branding, such as the 'amazon' icon. ```APIDOC iconhash="1941681276" ``` -------------------------------- ### ZoomEye Search: Discover IP Assets by Autonomous System Number (ASN) Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Searches for IP assets related to a corresponding Autonomous System Number (ASN). This allows for identifying assets within specific network routing domains. ```APIDOC asn=42893 ``` -------------------------------- ### ZoomEye Geographical Location Search Filters Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md This section describes how to filter ZoomEye search results based on geographical location. You can specify countries, administrative subdivisions, or cities using their respective filters. ```ZoomEye Query Language country="CN" ``` ```ZoomEye Query Language subdivisions="beijing" ``` ```ZoomEye Query Language city="changsha" ``` -------------------------------- ### ZoomEye Search Filters for SSL Certificate Data Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md This section details various ZoomEye search filters for querying assets based on SSL certificate attributes, including common names, fingerprints, public key details, cipher suites, and SSL/TLS versions. These filters enable precise targeting of systems with specific SSL configurations. ```APIDOC ssl="google" ``` ```APIDOC ssl.cert.fingerprint="F3C98F223D82CC41CF83D94671CCC6C69873FABF" ``` ```APIDOC ssl.chain_count=3 ``` ```APIDOC ssl.cert.alg="SHA256-RSA" ``` ```APIDOC ssl.cert.issuer.cn="pbx.wildix.com" ``` ```APIDOC ssl.cert.pubkey.rsa.bits=2048 ``` ```APIDOC ssl.cert.pubkey.ecdsa.bits=256 ``` ```APIDOC ssl.cert.pubkey.type="RSA" ``` ```APIDOC ssl.cert.serial="18460192207935675900910674501" ``` ```APIDOC ssl.cipher.bits="128" ``` ```APIDOC ssl.cipher.name="TLS_AES_128_GCM_SHA256" ``` ```APIDOC ssl.cipher.version="TLSv1.3" ``` ```APIDOC ssl.version="TLSv1.3" ``` ```APIDOC ssl.cert.subject.cn="example.com" ``` ```APIDOC ssl.jarm="29d29d15d29d29d00029d29d29d29dea0f89a2e5fb09e4d8e099befed92cfa" ``` ```APIDOC ssl.ja3s=45094d08156d110d8ee97b204143db14 ``` -------------------------------- ### ZoomEye Search: Filter by HTTP Response Status Code Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Searches for assets with a specific HTTP response status code. This can be used to find assets returning codes like 200 (OK), 302 (Found), 404 (Not Found), etc. ```APIDOC http.header.status_code="200" ``` -------------------------------- ### ZoomEye Search: Locate Assets by Organization Name Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md Used to locate IP assets corresponding to specific organizations, such as universities, corporate structures, or large Internet companies. This filter helps in identifying assets associated with a particular entity. ```APIDOC org="Stanford University" ``` -------------------------------- ### ZoomEye API Host Search Result JSON Structure Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md This JSON snippet demonstrates a successful response from the ZoomEye API's host search endpoint. It includes metadata about the query and a 'data' array containing detailed information for each matched host, such as IP address, port, service, geographical location, and various security-related hashes. This structure is crucial for parsing and utilizing host intelligence data. ```JSON { "code": 60000, "message": "success", "total": 163139107, "query": "title=\"cisco vpn\"", "data": [ { "url": "https://1.1.1.1:443", "ssl.jarm": "29d29d15d29d29d00029d29d29d29dea0f89a2e5fb09e4d8e099befed92cfa", "ssl.ja3s": "45094d08156d110d8ee97b204143db14", "iconhash_md5": "f3418a443e7d841097c714d69ec4bcb8", "robots_md5": "0b5ce08db7fb8fffe4e14d05588d49d9", "security_md5": "0b5ce08db7fb8fffe4e14d05588d49d9", "ip": "1.1.1.1", "domain": "www.google.com", "hostname": "SPACEX", "os": "windows", "port": 443, "service": "https", "title": ["GoogleGoogle appsGoogle Search"], "version": "1.1.0", "device": "webcam", "rdns": "c01031-001.cust.wallcloud.ch", "product": "OpenSSD", "header": "HTTP/1.1 302 Found Location: https://www.google.com/?gws_rd=ssl Cache-Control: private...", "header_hash": "27f9973fe57298c3b63919259877a84d", "body": "HTTP/1.1 302 Found Location: https://www.google.com/?gws_rd=ssl Cache-Control: private...", "body_hash": "84a18166fde3ee7e7c974b8d1e7e21b4", "banner": "SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3", "update_time": "2024-07-03T14:34:10", "header.server.name": "nginx", "header.server.version": "1.8.1", "continent.name": "Europe", "country.name": "Germany", "province.name": "Hesse", "city.name": "Frankfurt", "lon": "118.753262", "lat": "32.064838", "isp.name": "aviel.ru", "organization.name": "SERVISFIRST BANK", "zipcode": "210003", "idc": 0, "honeypot": 0, "asn": 4837, "protocol": "tcp", "ssl": "SSL Certificate Version: TLS 1.2 CipherSuit: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256...", "primary_industry": "Finance", "sub_industry": "bank", "rank": 60 } ] } ``` -------------------------------- ### ZoomEye Search Logic Operations Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/api.md This section details the logical operators used in ZoomEye search queries to combine, restrict, or modify search terms. These operators allow for precise control over search results, enabling complex queries based on various criteria. ```ZoomEye Query Language title="knownsec" ``` ```ZoomEye Query Language title=="knownsec" ``` ```ZoomEye Query Language service="ssh" || service="http" ``` ```ZoomEye Query Language device="router" && after="2020-01-01" ``` ```ZoomEye Query Language country="US" && subdivisions!="new york" ``` ```ZoomEye Query Language (country="US" && port!=80) || (country="US" && title!="404 Not Found") ``` ```ZoomEye Query Language title="google*" ``` -------------------------------- ### View ZoomEye-python CLI Help Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/README.rst This snippet shows how to access the help documentation for the ZoomEye-python command-line interface. It lists the main subcommands available: 'init' for token initialization, 'info' for account details, and 'search' for data queries. ```Shell $ zoomeyeai -h usage: zoomeyeai [-h] [-v] {init,info,search} ... positional arguments: {init,info,search} init Initialize the token for ZoomEye-python info Show ZoomEye account info search Search the ZoomEye database optional arguments: -h, --help show this help message and exit -v, --version show program's version number and exit ``` -------------------------------- ### Configure ZoomEye Python SDK with API Key Authentication Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/README.rst This snippet demonstrates the standard method for initializing the ZoomEye Python SDK using an API key. Providing the API key during object instantiation ensures secure and authenticated access to ZoomEye's services, which is the recommended approach. ```python from zoomeyeai.sdk import ZoomEye zm = ZoomEye(api_key="01234567-acbd-00000-1111-22222222222") ``` -------------------------------- ### ZoomEye Python SDK Core API Methods Reference Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/README.rst This section outlines the primary interfaces provided by the ZoomEye Python SDK. It includes `userinfo()` for retrieving current user details and `search()` for querying network asset information based on various criteria such as dork, page, and facets. ```APIDOC 1.userinfo() get current user information 2.search(dork, qbase64='', page=1, pagesize=20, sub_type='all', fields='', facets='') get network asset information based on query conditions. ``` -------------------------------- ### Query ZoomEye-python CLI Account Info and Quota Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/README.rst This snippet illustrates how to query personal account information and data quota using the 'info' command. It provides details such as email, username, phone, creation date, and a breakdown of the service plan, end date, and remaining search points. ```Shell $ zoomeyeai info "email": "", "username:": "", "phone", "", "created_at:": "" "quota": { "plan": "" , "end_date": "", "points": "", "zoomeye_points": "" } ``` -------------------------------- ### ZoomEye-python CLI Search Command Parameters Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/README.rst This section details the available parameters for the `zoomeyeai search` command, allowing users to refine their search queries and control output. Parameters include options for filtering results, specifying output fields, and visualizing data. ```APIDOC Command: zoomeyeai search Parameters: -h, --help: Type: Flag Description: Show this help message and exit. -facets <facets>: Type: String Description: If this parameter is specified, the corresponding data will be displayed at the end of the returned result. Supported values: 'product', 'device', 'service', 'os', 'port', 'country', 'subdivisions', 'city'. -fields <field=regexp>: Type: String Description: Display data based on input fields. Refer to: https://www.zoomeye.ai/doc/ for more details. -sub_type {v4,v6,web,all}: Type: Enum Description: Specify the type of data to search. Values: v4, v6, web, all. -page <page>: Type: Integer Description: View a specific page of the query result. -pagesize <pagesize>: Type: Integer Description: Specify the number of results per page to search. -figure {pie,hist}: Type: Enum Description: Display data as a pie chart or bar chart. Can only be used under facet and stat. When specified, only graphics will be displayed. Values: pie, hist. ``` -------------------------------- ### Correctly Handle Quotes in ZoomEye CLI Dork Queries Source: https://github.com/zoomeye-ai/zoomeye-python/blob/master/README.rst This section addresses a common issue when entering dork queries containing quotes in the ZoomEye CLI. To ensure correct command-line parameter parsing, the entire dork string, including any internal quotes, must be enclosed within an outermost set of quotes. This prevents misinterpretation of the query by the shell. ```text Problematic dork: "<body style=\"margin:0;padding:0\"> <p align=\"center\"> <iframe src=\"index.xhtml\"" Corrected dork for CLI: '"<body style=\"margin:0;padding:0\"> <p align=\"center\"> <iframe src=\"index.xhtml\" "' ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.