Skip to content
/ crtsh-recon Public

A script that accepts wildcard domains via STD-IN or command-line arguments, scrapes crt.sh for unique subdomains, and outputs the scraped subs to STD-OUT.

License

GPL-3.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

yekisec/crtsh-recon

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
crtsh-recon.sh
crtsh-recon.sh
 
 

Repository files navigation

crtsh-recon

A script that accepts wildcard domains via STD-IN or command-line arguments, scrapes crt.sh for unique subdomains, and outputs the scraped subs to STD-OUT.

Script functionality

  1. verify dependencies
  2. Collect and store list of wildcard domains passed to the script via STD-IN or command-line arguments.
  3. enter while loop
    1. Query crt.sh, parse the json, and remove duplicate results
    2. Add unique domains to array
    3. repeat until all wildcard domains have been utilized and then exit the loop.
  4. print array of scraped subdomains to STD-OUT

Usage:

cat ./wildcards | ./crtsh-recon.sh | tee crtsh-output.txt OR ./crtsh-recon.sh tesla.com tesla.cn teslamotors.com | tee crtsh-output.txt

Disclaimer:

This script was written for the purpose of performing recon on bug bounty programs. Do not use this script for illegal/unauthorized security testing.

About

A script that accepts wildcard domains via STD-IN or command-line arguments, scrapes crt.sh for unique subdomains, and outputs the scraped subs to STD-OUT.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages