reddit hackernews mail facebook facebook linkedin
GSAN

GSAN

Extract subdomains from SSL certificates in HTTPS sites.
#certificates   #dns   #ssl   #subdomains  
https://franccesco.github.io/getaltname/
https://github.com/franccesco/getaltname

GSAN is a tool that can extract Subject Alternative Names found in SSL Certificates _directly_ from https web sites which can provide you with DNS names (subdomains) or virtual servers.

This tool extract subdomain names from https sites and return a list or CSV/JSON output of its findings. It is not a subdomain brute-force tool, and you can actually find those subdomains manually, this tools is about the automation of that process, it also offers the following features:

- Define multiple hosts:port on your terminal or using a text file.
- CSV or JSON output, useful if you want to export data into other tools.
- You can _optionally_ filter out domain names that doesn't match the domain name that you're analyzing.
- Integration with CRT.SH so you can extract more subdomains from certificates of the same entity.
- Also works with **Self-signed** certificates.