Last active
November 19, 2024 13:54
-
-
Save 1N3/dec432d14fec84e09733f39669ebca0f to your computer and use it in GitHub Desktop.
A small bash script to gather all certificate sub-domains from crt.sh and save them to a file
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # crt.sh sub-domain check by 1N3@CrowdShield | |
| # https://crowdshield.com | |
| # | |
| OKBLUE='\033[94m' | |
| OKRED='\033[91m' | |
| OKGREEN='\033[92m' | |
| OKORANGE='\033[93m' | |
| RESET='\e[0m' | |
| TARGET="$1" | |
| if [ -z $TARGET ]; then | |
| echo -e "$OKRED _ _ $RESET" | |
| echo -e "$OKRED ___ _ __| |_ ___| |__ $RESET" | |
| echo -e "$OKRED / __| '__| __| / __| '_ \ $RESET" | |
| echo -e "$OKRED | (__| | | |_ _\__ \ | | |$RESET" | |
| echo -e "$OKRED \___|_| \__(_)___/_| |_|$RESET" | |
| echo "" | |
| echo -e "$OKRED [+] by 1N3@CrowdShield$RESET" | |
| echo -e "$OKRED [+] https://crowdshield.com$RESET" | |
| echo -e "$OKRED [-] Usage: crt.sh <target>$RESET" | |
| exit | |
| fi | |
| if [[ $TARGET = "--help" ]]; then | |
| echo -e "$OKRED _ _ $RESET" | |
| echo -e "$OKRED ___ _ __| |_ ___| |__ $RESET" | |
| echo -e "$OKRED / __| '__| __| / __| '_ \ $RESET" | |
| echo -e "$OKRED | (__| | | |_ _\__ \ | | |$RESET" | |
| echo -e "$OKRED \___|_| \__(_)___/_| |_|$RESET" | |
| echo "" | |
| echo -e "$OKRED [+] by 1N3@CrowdShield$RESET" | |
| echo -e "$OKRED [+] https://crowdshield.com$RESET" | |
| echo -e "$OKRED [-] Usage: crt.sh <target>$RESET" | |
| exit | |
| fi | |
| echo -e "$OKRED _ _ $RESET" | |
| echo -e "$OKRED ___ _ __| |_ ___| |__ $RESET" | |
| echo -e "$OKRED / __| '__| __| / __| '_ \ $RESET" | |
| echo -e "$OKRED | (__| | | |_ _\__ \ | | |$RESET" | |
| echo -e "$OKRED \___|_| \__(_)___/_| |_|$RESET" | |
| echo "" | |
| echo -e "$OKRED [+] by 1N3@CrowdShield$RESET" | |
| echo -e "$OKRED [+] https://crowdshield.com$RESET" | |
| echo -e "$OKRED + -- ----------------------------=[Gathering Certificate Subdomains]=-------- -- +$RESET" | |
| curl -s https://crt.sh/?q=%25.$TARGET > /tmp/curl.out | |
| cat /tmp/curl.out | grep $TARGET | grep TD | sed -e 's/<//g' | sed -e 's/>//g' | sed -e 's/TD//g' | sed -e 's/\///g' | sed -e 's/ //g' | sed -n '1!p' | sort -u > $TARGET-crt.txt | |
| cat $TARGET-crt.txt | |
| echo -e "$OKRED [+] Domains saved to: $TARGET-crt.txt" | |
| echo -e "$OKRED + -- ----------------------------=[Done!]=----------------------------------- -- +$RESET" |
curl -fsSL "https://crt.sh/?q=%25.howtohack.tech&exclude=expired" | pup 'td :contains(".howtohack.tech") text{}' | sort -n | uniq -c | sort -rn | column -t | awk '{ print $2 }'
echo "Enter the domain name"
read TARGET
curl -fsSL "https://crt.sh/?q=%25.$TARGET&exclude=expired" | pup "td :contains(".$TARGET")" text{} | sort -n | uniq -c | sort -rn | column -t > $TARGET-crt.txt
this bash script will get you the subdomains result from the crt.sh website
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What about third level subdomains?How can I get more level subdomains?