Skip to content
This repository has been archived by the owner on Jun 16, 2022. It is now read-only.

Latest commit

 

History

History
52 lines (33 loc) · 2.08 KB

README.md

File metadata and controls

52 lines (33 loc) · 2.08 KB

Gcert

This tool retrieves SSL/TLS certificate reports information from the Google Transparency Report for a given domain.

Then it does a DNS resolution and HTTP/S GET requests for filtering and information purposes if the -r argument is provided.

It also performs a recursive domain discovery with a configurable depth level.

The final report is sent to stdout and the progression to stderr.

The HTML report provides a force-directed tree graph to analyze the results (thanks NorthBlue333 🎉) :

docker run --rm hessman/gcert -t root-me.org -r -l 1 -d cloudflare.com cloudflaressl.com -o html > sample.html

The sample.html HTML is available here.

The tree graph is collapsed by default only if there are more than 500 subdomains found.

By domain : force directed tree

By IP : force directed tree

By word : force directed tree

It can be filtered by DNS resolution and last certificate issuance date.

Quick start

docker pull hessman/gcert:latest

docker run --rm hessman/gcert -h

Usage: gcert -t domain.tld -r -d google.com google.fr -o html > report.html

Retrieves SSL/TLS certificate reports information from the Google Transparency Report for a given domain.

Options:
  -v, --version                       output the current version
  -t, --target [domain]               set the target domain
  -l, --depth-level <level>           set the depth level for the recursive domain discovery (default: "0")
  -o, --output-format [format]        set the format for the report sent to stdout (choices: "csv", "html", "json", "none", default: "none")
  -R, --only-resolved                 only output resolved domains
  -r, --resolve                       perform DNS and HTTP/S checks on domains
  -d, --domain-deny-list [domain...]  set the deny list for domains
  -wd, --word-deny-list [word...]     set the deny list for words
  -h, --help                          output usage information