certinfo scrapes and extracts domain names from SSL certificates of arbitrary hosts to aid in vulnerability management and network monitoring.
Scrape domain names from SSL certificates of arbitrary hosts
This tool is primarily used by security professionals and network administrators to gather domain information from SSL certificates of target hosts, enabling better vulnerability assessment and security automation. It helps in identifying certificate details such as domain names, expiration dates, and SAN entries, which can be critical for monitoring certificate validity and detecting potential security issues.
The tool requires Go environment for installation from source and network connectivity to target hosts for SSL certificate retrieval. Using the silent mode is recommended for scripting and automation. Adjust concurrency and timeout settings based on network conditions to optimize performance.
Run `go install github.com/rix4uni/certinfo@latest` to install via Go
Download prebuilt binaries from the GitHub releases page
Extract the downloaded tarball and move the binary to your Go bin directory
Clone the repository with `git clone --depth 1 github.com/rix4uni/certinfo.git`
Navigate to the cloned directory and run `go install` to compile from sourceecho "xapi.stg.xfinity.com" | certinfo -silent
Scrapes domain names from the SSL certificate of a single host in silent mode.
cat targets.txt | certinfo -silent
Processes multiple targets listed in a file and outputs domain names silently.
echo "207.207.12.80" | certinfo -silent -san
Displays SAN certificate details for an IP address in a simple format.
gungnir -r inscope_wildcards.txt | unew | certinfo -silent -issued -today
Filters and shows certificates issued today from a stream of targets.
certinfo -c 100 -timeout 10s -json
Runs the tool with 100 concurrent workers, a 10-second timeout, and outputs results in JSON format.