-
Notifications
You must be signed in to change notification settings - Fork 10
Discovery of Domains and Subdomains in SANs
Discover and explore the domains and subdomains present in the Subject Alternative Names (SANs) of SSL/TLS certificates.
SSL/TLS certificates commonly include SANs, which allow a single certificate to secure multiple domains and subdomains associated with a particular entity. By analyzing the SANs of certificates, you can uncover additional domains and subdomains that may be associated with a target organization or website.
This tool facilitates the discovery process by extracting and presenting the domains and subdomains found in the SANs of SSL/TLS certificates. It can be a valuable asset for reconnaissance, security assessments, and enumeration exercises, providing insights into the broader digital footprint of a target.
Uncover hidden domains, identify related subdomains, and gain a comprehensive view of the certificate's scope by leveraging the SAN information. Expand your knowledge about a target's online presence and enhance your security assessments using this tool.
Happy hunting as you explore and discover the domains and subdomains within the SANs of SSL/TLS certificates!
crtsh -u thewaltdisneycompany.com --silent | sans | tee thedisney-sans.subs
cat subs | sans -d 3| tee m-sans.subs
echo "target.tld" | sans -d 4 | tee target-sans.subs
All scripts is provided as-is without any warranties or guarantees. Use it responsibly and at your own risk.
Feel free to customize and enhance this document based on your specific needs and requirements.