ctfr
Abusing Certificate Transparency logs for getting HTTPS websites subdomains.
Table of Contents
Loading contents...
README.md
CTFR
Do you miss AXFR technique? This tool allows to get the subdomains from a HTTPS website in a few seconds.
How it works? CTFR does not use neither dictionary attack nor brute-force, it just abuses of Certificate Transparency logs.
For more information about CT logs, check www.certificate-transparency.org and crt.sh.
Getting Started
Please, follow the instructions below for installing and run CTFR.
Pre-requisites
Make sure you have installed the following tools:
Python 3.0 or later.
pip3 (sudo apt-get install python3-pip).
Installing
$ git clone https://github.com/UnaPibaGeek/ctfr.git
$ cd ctfr
$ pip3 install -r requirements.txt
Running
$ python3 ctfr.py --help
Usage
Parameters and examples of use.
Parameters
-d --domain [target_domain] (required)
-o --output [output_file] (optional)
Examples
$ python3 ctfr.py -d starbucks.com
$ python3 ctfr.py -d facebook.com -o /home/shei/subdomains_fb.txt
With Docker
I think it’s a little bit crazy to use Docker for running such a little python script, but if you want to do it anyway, you can use this Docker image.
The instructions are there.
Screenshots
Author
- Sheila A. Berta - (@UnaPibaGeek).
Tool Information
Author
UnaPibaGeek
Project Added On
May 26, 2025
License
Open Source
Tags
Related Tools
ZoomeyeSearch
A powerful CLI tool that uses ZoomEye to search exposed services, gather intelligence, and automate reconnaissance.
Stable
NucleiPrompt
Nuclei Prompt Scanner adalah tools berbasis Python yang memanfaatkan Nuclei dan AI Prompting untuk melakukan pemindaian kerentanan pada web target berdasarkan kategori OWASP dan lainnya, dengan antarmuka interaktif berbasis CLI (command-line).
Stable
altdns
Generates permutations, alterations and mutations of subdomains and then resolves them
Stable