GitHub - UnaPibaGeek/ctfr: Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

CTFR

Do you miss AXFR technique? This tool allows to get the subdomains from a HTTPS website in a few seconds.
How it works? CTFR does not use neither dictionary attack nor brute-force, it just abuses of Certificate Transparency logs.
For more information about CT logs, check www.certificate-transparency.org and crt.sh.

Getting Started

Please, follow the instructions below for installing and run CTFR.

Pre-requisites

Make sure you have installed the following tools:

Python 3.0 or later.
pip3 (sudo apt-get install python3-pip).

Installing

$ git clone https://github.com/UnaPibaGeek/ctfr.git
$ cd ctfr
$ pip3 install -r requirements.txt

Running

$ python3 ctfr.py --help

Usage

Parameters and examples of use.

Parameters

-d --domain [target_domain] (required)
-o --output [output_file] (optional)

Examples

$ python3 ctfr.py -d starbucks.com

$ python3 ctfr.py -d facebook.com -o /home/shei/subdomains_fb.txt

With Docker

I think it's a little bit crazy to use Docker for running such a little python script, but if you want to do it anyway, you can use this Docker image.

The instructions are there.

Screenshots

Author

Sheila A. Berta - (@UnaPibaGeek).

README.md

CTFR

Getting Started

Pre-requisites

Installing

Running

Usage

Parameters

Examples

With Docker

Screenshots

Author

About

Releases

Packages

Contributors 4

Languages

License

UnaPibaGeek/ctfr

Sign In Required

Launching GitHub Desktop

Launching GitHub Desktop

Launching Xcode

Launching Visual Studio Code

Latest commit

Git stats

Files

README.md

CTFR

Getting Started

Pre-requisites

Installing

Running

Usage

Parameters

Examples

With Docker

Screenshots

Author

About

Topics

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Contributors 4

Languages

Packages