A vast collection of security tools for bug bounty, pentest and red teaming

#certificates

CertCrunchy on offsec.tools
Featured
CertCrunchy

Uses data from SSL Certificates to find potential host names.

CarbonCopy on offsec.tools
CarbonCopy

Creates a spoofed certificate of any online website and signs an executable for AV evasion.

CertStealer on offsec.tools
CertStealer

A .NET tool for exporting and importing certificates without touching disk.

certSniff on offsec.tools
certSniff

A certificate transparency log keyword sniffer written in Python.

Bucket Stream on offsec.tools
Bucket Stream

Find interesting Amazon S3 Buckets by watching certificate transparency logs.

Certificate Search on offsec.tools
Certificate Search

Get informations about SSL certificates.

GSAN on offsec.tools
GSAN

Extract subdomains from SSL certificates in HTTPS sites.

Keyfinder on offsec.tools
Keyfinder

Find and analyze private/public key files and Android APK files.

dirhunt on offsec.tools
dirhunt

Find web directories without bruteforce.

IDontSpeakSSL on offsec.tools
IDontSpeakSSL

Simple tool to scan large scope and provide SSL/TLS vulnerabilities.

CTFR on offsec.tools
CTFR

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

Certificate Ripper on offsec.tools
Certificate Ripper

A CLI tool to extract server certificates.

Substr3am on offsec.tools
Substr3am

Passive reconnaissance/enumeration of interesting targets by watching for SSL certificates.

Censys Enumeration on offsec.tools
Censys Enumeration

Extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys.

Censys subdomain finder on offsec.tools
Censys subdomain finder

Perform subdomain enumeration using the certificate transparency logs from Censys.