Home / Python / Security related resources

GCTExposer - Discover sub-domains by searching through Certificate Transparency logs

Certificate Transparency (CT) is an experimental IETF standard. The goal of it was to allow the public to audit which certificates were created by Certificate Authorities (CA). TLS has a weakness that comes from the large list of CAs that your browser implicitly trusts

Information

Category: Python / Security related resources
Watchers: 2
Star: 19
Fork: 1
Last update: Sep 13, 2020

Resource links

https://github.com/m4ll0k/GCTExposer

GCTExposer - Discover sub-domains by searching through Certificate Transparency logs using Google Transparencyreport

What is CT?

Certificate Transparency (CT) is an experimental IETF standard. The goal of it was to allow the public to audit which certificates were created by Certificate Authorities (CA). TLS has a weakness that comes from the large list of CAs that your browser implicitly trusts. If any of those CAs were to maliciously create a new certificate for a domain, your browser would trust it. CT adds benefits to TLS certificate trust: Companies can monitor who is creating certificates for the domains they own. It also allows browsers to verify that the certificate for a given domain is in the public log record.

These logs end up being a gold mine of information for penetration testers and red teams.

Description by ct-exposer

Requirements

pip3 install requests or python3 -m pip install requests

Usage

usage: gctexposer.py [-h] [-i] -d DOMAIN

optional arguments:
  -h, --help            show this help message and exit
  -i, --moreinfo        Show more info..
  -d DOMAIN, --domain DOMAIN
                        Target, e.g: uber.com

Example Output

An OSINT tool that discovers sub-domains by searching Certificate Transparency logs

Find interesting Amazon S3 Buckets by watching certificate transparency logs.

An automation tool that scans sub-domains, sub-domain takeover and then filters out xss, ssti, ssrf and more injection point parameters.

Simple script tool to extract all subdomains from crt.sh website. Output will be up to sub.sub.sub.subdomain.com

🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.

realtime logging for now - https://logs.now.sh

Send your AWS CloudWatch Logs to Apex Logs.

Phishing catcher using Certstream

CRTEnum - Discovery subdomains from logs in the transparency certificates on HTTPS websites.

ForgeCert uses the BouncyCastle C# API and a stolen Certificate Authority (CA) certificate + private key to forge certificates for arbitrary users capable of authentication to Active Directory.

zq is a command-line tool for searching and analyzing logs

Logsuck is a program that makes it easier for you to deal with your logs.

BugBountyResources

A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.

"Can I take over DNS?" — a list of DNS providers and how to claim (sub)domains via missing hosted zones

NexScanner is a tool which allows you to scan a website and find the admin login panel and sub-domains

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

uber's ssh certificate pam module

A collection of shell scripts that help handling X.509 certificate and TLS issues

christianalfoni

Command line tool to create self signed SSL certificate

An open source intelligence tool to crawl the graph of certificate Alternate Names

Certificate Expiry Monitor Controller monitors the expiration of TLS certificates used in Ingress.

Share this repo

Related Repos

Security related res

4

CVE-2021-32099 SQLi allow attacker bypass login. From HTB with love

CVE-2021-32099 SQLi Bypass login Useful when trying to read User Flag on Pandora.htb CVE-2021-32099 SQLi allow attacker bypass login. Target Exploit o

Security related res

291

HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2022-21907

CVE-2022-21907 Description POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability. create by antx at 2022-01-17. Detail HTTP

Security related res

40

Proof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel cra...

CVE-2022-21907 - Double Free in http.sys driver Summary An unauthenticated attacker can send an HTTP request with an "Accept-Encoding" HTTP request he

Security related res

8

Methods & Tools for Mobile Malware Spyware & Forensics

Mobile & IOT Malware, Spyware, & Forensic Analysis Author: Jonathan Scott Twitter: @jonathandata1 Version 1.0 This repository contains methods, and to

Security related res

4

Android Hacking Method 2022

Program Features - 📌 Hack all Android phones. - 📌 Failure to detect antivirus. - 📌 Superior encryption - 📌 Source provided - 📌 100 ٪ FUD - 📌 It

Security related res

4

Fast and easy way to rollout on multiple GitLab project file a particular content.

Volatile Fast and easy way to rollout on multiple GitLab project file a particular content. Why ? After looking for a tool to simply enforce a develop

Security related res

3

Ultimate phishing tool ,A beginners friendly, Automated phishing tool in python. Author is...

🅼🅰🅳🅴 🆆🅸🆃🅷 🅿 🆈🆃🅷🅾🅽 🆅 🅿 🅷🅸🆂🅷🅴🆁 [+] 𝕯𝖊𝖘𝖈𝖗𝖎𝖕𝖙𝖎𝖔𝖓 : Ultimate phishing tool ,A beginners friendly, Automated phishing tool

Security related res

47

A list of open source web security scanners

open-source-web-scanners A list of open source web security scanners on GitHub. General Purpose Web Scanners Main Site Last Commit Committers Stars Ar

Security related res

9

This is a Password database I made for myself, as I want to keep all my passwords in the s...

This is a Password database I made for myself, as I want to keep all my passwords in the same place. but still protected, shall anyone get access to the file. And so I made this simple password database, that can encrypt, decrypt files, and generate Passwords, pin codes, and encryption keys. It took me about 4 - 6 months to make (Total I spent like 2 - 3 making it, but there were a lot of times where I did not work on the program) It is not 100% fine-tuned, but it works very well as is.

Security related res

292

Cuckoo 3 is a Python 3 open source automated malware analysis system.

Cuckoo 3 Cuckoo 3 is a Python 3 open source automated malware analysis system. For setup instructions, please refer to our documentation. This is a de

Security related res

30

Useful resources about phishing email analysis

Phishing Email Analysis Useful tools MX Lookup Online URL/Attachment Analysis Tools AnyRun Browserling Hybrid Analysis urlscan Reputation Check Virust

Security related res

13

A small script I made that takes any standard Decklist of magic the gathering cards and pu...

README This small script takes any decklist from an MTGO list and pulls all card images as jpg or png files into your directory. If you like this pr

Security related res

6

Automated tool to find & created Exploit Poc for Clickjacking Vulnerability

ClickJackPoc This tool will help you automate finding Clickjacking Vulnerability by just passing a file containing list of Targets . Once the Target i

Security related res

4

A passive-recon tool that parses through found assets and interacts with the Hackerone API...

Hackerone Passive Recon Tool A passive-recon tool that parses through found assets and interacts with the Hackerone API. Setup Simply run setup.sh to

Security related res

7

Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more.

Log4jHorizon Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more. Crossing the Log4j Horizon - A Vulnerability With No Retu