GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → UnaPibaGeek → Ctfr

UnaPibaGeek / Ctfr

Licence: gpl-3.0
Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

Programming Languages

python
139335 projects - #7 most used programming language

Labels

hackingpentestinginformation-gatheringcertificate-transparencycertificate-transparency-logs

Projects that are alternatives of or similar to Ctfr

Raccoon
A high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+50.62%)
Mutual labels:  hacking, pentesting, information-gathering
Pentesting Bible
Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Stars: ✭ 8,981 (+485.08%)
Mutual labels:  hacking, pentesting, information-gathering
Vault
swiss army knife for hackers
Stars: ✭ 346 (-77.46%)
Mutual labels:  hacking, pentesting, information-gathering
Scilla
🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (-92.44%)
Mutual labels:  hacking, pentesting, information-gathering
Crips
IP Tools To quickly get information about IP Address's, Web Pages and DNS records.
Stars: ✭ 272 (-82.28%)
Mutual labels:  hacking, pentesting, information-gathering
Vajra
Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Stars: ✭ 269 (-82.48%)
Mutual labels:  hacking, pentesting, information-gathering
Sublert
Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
Stars: ✭ 699 (-54.46%)
Mutual labels:  hacking, information-gathering, certificate-transparency
Kill Router
Ferramenta para quebrar senhas administrativas de roteadores Wireless, routers, switches e outras plataformas de gestão de serviços de rede autenticados.
Stars: ✭ 57 (-96.29%)
Mutual labels:  hacking, pentesting
Resources
A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-95.96%)
Mutual labels:  hacking, pentesting
Cloakify
CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (-25.99%)
Mutual labels:  hacking, pentesting
Deadtrap
An OSINT tool to gather information about the real owner of a phone number
Stars: ✭ 73 (-95.24%)
Mutual labels:  hacking, information-gathering
Oscp Prep
my oscp prep collection
Stars: ✭ 105 (-93.16%)
Mutual labels:  hacking, pentesting
Spellbook
Micro-framework for rapid development of reusable security tools
Stars: ✭ 53 (-96.55%)
Mutual labels:  hacking, pentesting
Hacker Container
Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (-93.16%)
Mutual labels:  hacking, pentesting
Vulnx
vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}
Stars: ✭ 1,009 (-34.27%)
Mutual labels:  hacking, information-gathering
Netmap.js
Fast browser-based network discovery module
Stars: ✭ 70 (-95.44%)
Mutual labels:  hacking, pentesting
Githacktools
The best Hacking and PenTesting tools installer on the world
Stars: ✭ 78 (-94.92%)
Mutual labels:  hacking, pentesting
Sandmap
Nmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.
Stars: ✭ 1,180 (-23.13%)
Mutual labels:  hacking, information-gathering
Pentesting toolkit
🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️
Stars: ✭ 1,268 (-17.39%)
Mutual labels:  hacking, pentesting
Zynix Fusion
zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.
Stars: ✭ 84 (-94.53%)
Mutual labels:  hacking, pentesting
View All Similar Projects ➔

CTFR

Do you miss AXFR technique? This tool allows to get the subdomains from a HTTPS website in a few seconds.
How it works? CTFR does not use neither dictionary attack nor brute-force, it just abuses of Certificate Transparency logs.
For more information about CT logs, check www.certificate-transparency.org and crt.sh.

Getting Started

Please, follow the instructions below for installing and run CTFR.

Pre-requisites

Make sure you have installed the following tools:

Python 3.0 or later.
pip3 (sudo apt-get install python3-pip).

Installing

$ git clone https://github.com/UnaPibaGeek/ctfr.git
$ cd ctfr
$ pip3 install -r requirements.txt

Running

$ python3 ctfr.py --help

Usage

Parameters and examples of use.

Parameters

-d --domain [target_domain] (required)
-o --output [output_file] (optional)

Examples

$ python3 ctfr.py -d starbucks.com
$ python3 ctfr.py -d facebook.com -o /home/shei/subdomains_fb.txt

With Docker

I think it's a little bit crazy to use Docker for running such a little python script, but if you want to do it anyway, you can use this Docker image.

The instructions are there.

Screenshots

Author

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].