Last active
April 23, 2024 20:32
-
-
Save 1N3/dec432d14fec84e09733f39669ebca0f to your computer and use it in GitHub Desktop.
A small bash script to gather all certificate sub-domains from crt.sh and save them to a file
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# | |
# crt.sh sub-domain check by 1N3@CrowdShield | |
# https://crowdshield.com | |
# | |
OKBLUE='\033[94m' | |
OKRED='\033[91m' | |
OKGREEN='\033[92m' | |
OKORANGE='\033[93m' | |
RESET='\e[0m' | |
TARGET="$1" | |
if [ -z $TARGET ]; then | |
echo -e "$OKRED _ _ $RESET" | |
echo -e "$OKRED ___ _ __| |_ ___| |__ $RESET" | |
echo -e "$OKRED / __| '__| __| / __| '_ \ $RESET" | |
echo -e "$OKRED | (__| | | |_ _\__ \ | | |$RESET" | |
echo -e "$OKRED \___|_| \__(_)___/_| |_|$RESET" | |
echo "" | |
echo -e "$OKRED [+] by 1N3@CrowdShield$RESET" | |
echo -e "$OKRED [+] https://crowdshield.com$RESET" | |
echo -e "$OKRED [-] Usage: crt.sh <target>$RESET" | |
exit | |
fi | |
if [[ $TARGET = "--help" ]]; then | |
echo -e "$OKRED _ _ $RESET" | |
echo -e "$OKRED ___ _ __| |_ ___| |__ $RESET" | |
echo -e "$OKRED / __| '__| __| / __| '_ \ $RESET" | |
echo -e "$OKRED | (__| | | |_ _\__ \ | | |$RESET" | |
echo -e "$OKRED \___|_| \__(_)___/_| |_|$RESET" | |
echo "" | |
echo -e "$OKRED [+] by 1N3@CrowdShield$RESET" | |
echo -e "$OKRED [+] https://crowdshield.com$RESET" | |
echo -e "$OKRED [-] Usage: crt.sh <target>$RESET" | |
exit | |
fi | |
echo -e "$OKRED _ _ $RESET" | |
echo -e "$OKRED ___ _ __| |_ ___| |__ $RESET" | |
echo -e "$OKRED / __| '__| __| / __| '_ \ $RESET" | |
echo -e "$OKRED | (__| | | |_ _\__ \ | | |$RESET" | |
echo -e "$OKRED \___|_| \__(_)___/_| |_|$RESET" | |
echo "" | |
echo -e "$OKRED [+] by 1N3@CrowdShield$RESET" | |
echo -e "$OKRED [+] https://crowdshield.com$RESET" | |
echo -e "$OKRED + -- ----------------------------=[Gathering Certificate Subdomains]=-------- -- +$RESET" | |
curl -s https://crt.sh/?q=%25.$TARGET > /tmp/curl.out | |
cat /tmp/curl.out | grep $TARGET | grep TD | sed -e 's/<//g' | sed -e 's/>//g' | sed -e 's/TD//g' | sed -e 's/\///g' | sed -e 's/ //g' | sed -n '1!p' | sort -u > $TARGET-crt.txt | |
cat $TARGET-crt.txt | |
echo -e "$OKRED [+] Domains saved to: $TARGET-crt.txt" | |
echo -e "$OKRED + -- ----------------------------=[Done!]=----------------------------------- -- +$RESET" |
echo "Enter the domain name"
read TARGET
curl -fsSL "https://crt.sh/?q=%25.$TARGET&exclude=expired" | pup "td :contains(".$TARGET")" text{} | sort -n | uniq -c | sort -rn | column -t > $TARGET-crt.txt
this bash script will get you the subdomains result from the crt.sh website
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
curl -fsSL "https://crt.sh/?q=%25.howtohack.tech&exclude=expired" | pup 'td :contains(".howtohack.tech") text{}' | sort -n | uniq -c | sort -rn | column -t | awk '{ print $2 }'