Discover Hidden Domains with ct-exposer – Hacker

CT exposer is a python based tool used to find hidden and subdomains of any website. The main purpose could be anything to use this tool It can give you some information about a domain which later can be used for further attacks, but before you install the tool you should know about ct (Certificate Transparency) you can read it on its Github page, I just give you a small explanation about certificate transparency.

What is Certificate Transparency?

certificate transparency is an open framework for monitoring and auditing the digital certificate. It allow the browser to check the certificate authority, Certificate transparency creates a log to maintain the information about SSL certificate like who issued the SSL certificate, Which authority create the certificate and when it will be expired, etc.

How CT Exposer work?

CT Exposer will ask a query to Ct logs and check for DNS lookup to check the available domain in DNS. According to CT Exposer, it can find the domain which is not available on google even after Google dork/Google hacking.

How to Install ct-exposer?

 The installation process is simple as other tools, open your terminal and clone the ct-exposer to your system 

git clone

cd ct-exposer

pip3 install -r requirements.txt

python3 -h

-h will display all the commands to use the ct-exposer like –

usage: [-h] -d DOMAIN [-u] [-m]

optional arguments:
  -h, --help            show this help message and exit
  -d DOMAIN, --domain DOMAIN
                        domain to query for CT logs, ex:
  -u, --urls            ouput results with https:// urls for domains that
                        resolve, one per line.
  -m, --masscan         output resolved IP address, one per line. Useful for
                        masscan IP list import "-iL" format.
 to scan a domain use -d 

 python3 -d

It will scan all the domain with SSL certificate and will display the result with its IP address but if you want domain only and don’t want to see IP address then use -u

 python3 -u -d

Now it will show domains only in the result. You can find so many useful information with this tool to find a vulnerability in any domain.

Subscribe to the blog with your email or click on the bell icon for the daily update, You can join our telegram channel for the latest updates. and share it if you like the post.


Leave a Reply

Your email address will not be published. Required fields are marked *