Skip to content
/ ctfr Public
forked from UnaPibaGeek/ctfr

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

License

Notifications You must be signed in to change notification settings

Hostn4me/ctfr

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

30 Commits
 
 
 
 
 
 
 
 

Repository files navigation

CTFR

Do you miss AXFR technique? This tool allows to get the subdomains from a HTTPS website in a few seconds.
How it works? CTFR does not use neither dictionary attack nor brute-force, it just abuses of Certificate Transparency logs.
For more information about CT logs, check www.certificate-transparency.org and crt.sh.

Getting Started

Please, follow the instructions below for installing and run CTFR.

Pre-requisites

Make sure you have installed the following tools:

Python 3.0 or later.
pip3 (sudo apt-get install python3-pip).

Installing

$ git clone https://github.com/UnaPibaGeek/ctfr.git
$ cd ctfr
$ pip3 install -r requirements.txt

Running

$ python3 ctfr.py --help

Usage

Parameters and examples of use.

Parameters

-d --domain [target_domain] (required)
-o --output [output_file] (optional)

Examples

$ python3 ctfr.py -d starbucks.com
$ python3 ctfr.py -d facebook.com -o /home/shei/subdomains_fb.txt

With Docker

I think it's a little bit crazy to use Docker for running such a little python script, but if you want to do it anyway, you can download this lightweight (97.8MB) Docker image made by John Paulada.

The instructions are there.

Screenshots

Author

About

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%