DELATOR (lat. informer) is a tool to perform subdomain enumeration and initial reconnaissance through the abusing of certificate transparency (CT) logs. It expands on the original work done by Sheila A. Berta with her CTFR tool and leverages the speed and power of Go.
Using DELATOR is as simple as running:
./delator -d facebook.com -s crt
To run DELATOR a domain (-d) and search source (-s) must always be specified.
DELATOR can also be instructed to resolve any subdomains found, giving a first indication of any live sites:
./delator -d facebook.com -s crt -a
DELATOR can also mine subdomains directly from CT logs for storage in a local database:
Once subdomains have been pulled from CT logs, queries can be made directly to the local database just by changing the search source from "crt" to "db":
./delator.exe -d starbucks.com -s db
There are two ways to install DELATOR on your system:
Downloading the pre-compiled binaries for your platform from the latest release page and extracting in a directory of your choosing.
Downloading and compiling the source code yourself by running the following commands:
go get github.com/netevert/delator
Distributed under the terms of the MIT license, DELATOR is free and open source software written and maintained with ❤ by NetEvert.
This project adheres to Semantic Versioning.
DELATOR is under active development so make sure you check back frequently for new releases. If you like the tool please consider contributing.