Skip to content
This repository has been archived by the owner. It is now read-only.
Switch branches/tags

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

Gov-TLS-Audit (

Site is available here

Project was created to scan all domains (and sub-domains) to check TLS Implementation, TLS Redirection (from http to https), Certificate Status (Valid, Expired, hostname mismatch..etc), and other general details about the site.

Version 2.0 includes Shodan search results (when available), the HTML title of the site, and the names of any form fields available on the root directory of the hostname. scans hostnames from this repo. Consider making a pull request if you know of a domain that isn't being scanned. Latest version of only works with Python3.6 and above.


The /crawlers folder has a list of miscellaneous scripts that query OSINT databases for hostnames, subdomains, etc.


Daily scans results are available in csv, json, jsonl formats here


API documentation is available here


API is made available via Amazon API Gateway. Script for deploying this is in the lambda/ folder. This includes a serverless.yml file that deploys 'most' of the infra, including DynamoDB, Lambda and API Gateway. It doesn't deploy the Cloud Front domain or request the certificate -- yet!


Contact me at keith [at] keithrozario [dot] com for more info.

Help Needed

If you know of any hostnames I missed, consider making a pull request to this REPO adding the hostname to the hostnames.txt file.