CT exposer is a python based tool used to find hidden and subdomains of any website. The main purpose could be anything to use this tool It can give you some information about a domain which later can be used for further attacks, but before you install the tool you should know about ct (Certificate Transparency) you can read it on its Github page, I just give you a small explanation about certificate transparency.
What is Certificate Transparency?
certificate transparency is an open framework for monitoring and auditing the digital certificate. It allow the browser to check the certificate authority, Certificate transparency creates a log to maintain the information about SSL certificate like who issued the SSL certificate, Which authority create the certificate and when it will be expired, etc.
How CT Exposer work?
CT Exposer will ask a query to Ct logs and check for DNS lookup to check the available domain in DNS. According to CT Exposer, it can find the domain which is not available on google even after Google dork/Google hacking.
How to Install ct-exposer?
The installation process is simple as other tools, open your terminal and clone the ct-exposer to your system
git clone https://github.com/chris408/et-exposer.git
pip3 install -r requirements.txt
python3 ct-exposer.py -h
-h will display all the commands to use the ct-exposer like –
usage: ct-exposer.py [-h] -d DOMAIN [-u] [-m]
-h, --help show this help message and exit
-d DOMAIN, --domain DOMAIN
domain to query for CT logs, ex: domain.com
-u, --urls ouput results with https:// urls for domains that
resolve, one per line.
-m, --masscan output resolved IP address, one per line. Useful for
masscan IP list import "-iL" format.
to scan a domain use -d
python3 ct-exposer.py -d allabouthack.com
It will scan all the domain with SSL certificate and will display the result with its IP address but if you want domain only and don’t want to see IP address then use -u
python3 ct-exposer.py -u -d allabouthack.com
Now it will show domains only in the result. You can find so many useful information with this tool to find a vulnerability in any domain.