OSINT Tool: Certina

by | Apr 26, 2024 | Tools

Post Views: 3,050

Join our Patreon Channel and Gain access to 70+ Exclusive Walkthrough Videos.

Patreon

Reading Time: 2 Minutes

Certina

Certina by n0mi1k is an OSINT tool designed for red teamers, bug bounty hunters, and pentesters, used to enumerate subdomains and endpoints using solely certificate data.

It additionally features utilizing the SAN extension and an active enumeration function. It is meant to be quick and convenient for enumeration; once you run it, you can identify which endpoints you want to further pursue with the HTTP request feature.

This certificate method has been one of the OSINT methods that successfully identified many domains and continues to be super effective for red teamers.

Options

See Also: A Practical Guide to Hacking Techniques for finding Top Bugs.
The Bug Bounty Hunting Course

Running Certina

  • Full enumeration with SAN extension, cert transparency logs (crt.sh) and check if web-alive (Recommended)

python3 certina.py -d example.com -r

  • Quiet enumeration with SAN extension, cert transparency logs [Sends ONLY 1 request to grab the cert]

python3 certina.py -d example.com

  • Only grab certificate info and SAN extension domains

python3 certina.py -d example.com -c

  • Running on multiple domains at once

python3 certina.py -d "example.com, example2.com" or python3 certina.py -i input.txt

  • Running with raw socket mode without SSL library

python3 certina.py -d example.com -s

  • Output results to file

python3 certina.py -d example.com -o output.txt

See Also: Offensive Security Tool: Headerpwn

See Also: How do QR Codes work and how criminal hackers use them to generate phishing attacks – Demo

Demonstration

Dependencies

To install Python dependencies, run pip install -r requirements.txt

 

Disclaimer

This tool is for educational and testing purposes only. Do not use it to exploit the vulnerability on any system that you do not own or have permission to test. The authors of this script are not responsible for any misuse or damage caused by its use.

Clone the repo from here: GitHub Link

See Also: How to Exploit “improper error handling” in Web Applications

Merch

Recent Tools

Offensive Security & Ethical Hacking Course

Begin the learning curve of hacking now!

Information Security Solutions

Find out how Pentesting Services can help you.

Join our Community

Share This