#ssl

certs.io

certs.io

Search the entire internet by data in TLS certificates.

certmitm

certmitm

A tool for testing for certificate validation vulnerabilities of TLS connections.

sslstrip

sslstrip

A tool for exploiting Moxie Marlinspike's SSL "stripping" attack.

CertStealer

CertStealer

A .NET tool for exporting and importing certificates without touching disk.

Legion

Legion

Aids in discovery, reconnaissance and exploitation of information systems.

Certificate Search

Certificate Search

Get informations about SSL certificates.

CertCrunchy

CertCrunchy

Uses data from SSL Certificates to find potential host names.

GSAN

GSAN

Extract subdomains from SSL certificates in HTTPS sites.

Raccoon

Raccoon

A high performance offensive security tool for reconnaissance and vulnerability scanning.

Keyfinder

Keyfinder

Find and analyze private/public key files and Android APK files.

IDontSpeakSSL

IDontSpeakSSL

Simple tool to scan large scope and provide SSL/TLS vulnerabilities.

GyoiThon

GyoiThon

Growing penetration test tool using Machine Learning.

CTFR

CTFR

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

mitmproxy

mitmproxy

An interactive TLS-capable intercepting HTTP proxy.

Certificate Ripper

Certificate Ripper

A CLI tool to extract server certificates.

Sub3 Suite

Sub3 Suite

A free, open source, cross platform Intelligence gathering tool.

Substr3am

Substr3am

Passive reconnaissance/enumeration of interesting targets by watching for SSL certificates.

SSLyze

SSLyze

Fast and powerful SSL/TLS scanning library.

sslscan

sslscan

Tests SSL/TLS enabled services to discover supported cipher suites.

cero

cero

Scrape domain names from SSL certificates of arbitrary hosts.