certdrip is a real-time certificate transparency log streamer that delivers newly issued SSL/TLS certificates over WebSocket for domain reconnaissance and threat intelligence.
Real-time Domain Reconnaissance Engine | Real-time Certificate Transparency (CT) log streamer built with Go. Streams newly issued SSL/TLS certs over WebSocket for recon, threat intel, and OSINT.
This tool is primarily used by security researchers, threat hunters, and OSINT analysts to monitor newly issued SSL/TLS certificates in real time, enabling rapid detection of domain registrations and potential malicious activity. It supports proactive threat intelligence gathering and network monitoring by streaming certificate data as soon as it appears in CT logs.
Running certdrip requires a stable internet connection to continuously receive CT log updates. Users should ensure WebSocket clients are compatible to consume the streamed data effectively. This tool is best used as part of a broader threat intelligence or OSINT pipeline.
Ensure Go is installed on your system
Clone the repository: git clone https://github.com/idhin/certdrip.git
Navigate to the project directory: cd certdrip
Build the binary using Go: go build
Run the compiled binary to start streaming certificates./certdrip
Starts the certdrip service to stream real-time SSL/TLS certificate data over WebSocket.