a Contactless Active Reconnaissance Tool.

Scout is a python tool which utilizes Internet-wide scanning data provided by Censys to identify known vulnerabilites. Scout relies on the user having access to a MongoDB instance containing National Vulnerability Database's data feeds as well as having a API access to Censys.

Scout is a product of a honours project from Edinburgh Napier University. The associated dissertation can be read on ResearchGate. This dissertation coins the term contactless active reconnissance to differtentiate the methodology used from classic contactless recon.

Recommended Python Version

Python 3 is the only Python version currently supported by Scout.


Scout is dependent on

  • censys

  • editdistance

  • pymongo


Scout requires a MongoDB instance containing the NVD's datafeeds. "cve-search" is highly recommended, as Scout was developed and tested with this tool only.

Installing MongoDB

Install & run MongoDB

brew install mongodb

mkdir -p /data/db


Then install cve-search, following their installation steps.

Installing Scout

Clone Scout into your local directory

git clone

cd Scout

pip install -r requirements.txt

Place your Censys API keys in a new file called secrets.txt

Note: Editing of the source code may be required to correctly configure the database connection. Specifically the pymongo assignments.


To use Scout, provide a valid Censys query as a command line argument.


Note: Scout is currently limited to services operating on port 80, this is due to information and API access provided by Censys.