Skip to content
/ caScan Public

A tool to scan domains for the use of a specific CA certificate.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

jakdept/caScan

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

34 Commits
cmd/dumpChain
cmd/dumpChain
 
 
lib/dumpCerts
lib/dumpCerts
 
 
testdata
testdata
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
scan.go
scan.go
 
 
scan_test.go
scan_test.go
 
 

Repository files navigation

caScan

Scan domains for a certificate in the verified chain.

Feed this tool a list of domains on stdin (or see --help) and all matching domains are printed out.

Example:

cat domains.list | caScan -csv | tee caFingerprints.csv
  • With invalid DNS, it'll prit out a line with that.
  • With a wildcard domain, it'll print wildcard, and run again with the wildcard removed.
  • If a domain has already been processed, it's skipped.
  • With remaining domains, a TLS connection is made to tcp:443
    • Fingerprints & serials for certs in the verified chain are printed (joined by |)
    • any CN domains on the cert are also processed.

About

A tool to scan domains for the use of a specific CA certificate.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages