├── .gitignore
├── 1.PNG
├── README.md
└── subs_cert.py


/.gitignore:
--------------------------------------------------------------------------------
  1 | # Byte-compiled / optimized / DLL files
  2 | __pycache__/
  3 | *.py[cod]
  4 | *$py.class
  5 | 
  6 | # C extensions
  7 | *.so
  8 | 
  9 | # Distribution / packaging
 10 | .Python
 11 | build/
 12 | develop-eggs/
 13 | dist/
 14 | downloads/
 15 | eggs/
 16 | .eggs/
 17 | lib/
 18 | lib64/
 19 | parts/
 20 | sdist/
 21 | var/
 22 | wheels/
 23 | *.egg-info/
 24 | .installed.cfg
 25 | *.egg
 26 | MANIFEST
 27 | 
 28 | # PyInstaller
 29 | #  Usually these files are written by a python script from a template
 30 | #  before PyInstaller builds the exe, so as to inject date/other infos into it.
 31 | *.manifest
 32 | *.spec
 33 | 
 34 | # Installer logs
 35 | pip-log.txt
 36 | pip-delete-this-directory.txt
 37 | 
 38 | # Unit test / coverage reports
 39 | htmlcov/
 40 | .tox/
 41 | .coverage
 42 | .coverage.*
 43 | .cache
 44 | nosetests.xml
 45 | coverage.xml
 46 | *.cover
 47 | .hypothesis/
 48 | .pytest_cache/
 49 | 
 50 | # Translations
 51 | *.mo
 52 | *.pot
 53 | 
 54 | # Django stuff:
 55 | *.log
 56 | local_settings.py
 57 | db.sqlite3
 58 | 
 59 | # Flask stuff:
 60 | instance/
 61 | .webassets-cache
 62 | 
 63 | # Scrapy stuff:
 64 | .scrapy
 65 | 
 66 | # Sphinx documentation
 67 | docs/_build/
 68 | 
 69 | # PyBuilder
 70 | target/
 71 | 
 72 | # Jupyter Notebook
 73 | .ipynb_checkpoints
 74 | 
 75 | # pyenv
 76 | .python-version
 77 | 
 78 | # celery beat schedule file
 79 | celerybeat-schedule
 80 | 
 81 | # SageMath parsed files
 82 | *.sage.py
 83 | 
 84 | # Environments
 85 | .env
 86 | .venv
 87 | env/
 88 | venv/
 89 | ENV/
 90 | env.bak/
 91 | venv.bak/
 92 | 
 93 | # Spyder project settings
 94 | .spyderproject
 95 | .spyproject
 96 | 
 97 | # Rope project settings
 98 | .ropeproject
 99 | 
100 | # mkdocs documentation
101 | /site
102 | 
103 | # mypy
104 | .mypy_cache/
105 | 


--------------------------------------------------------------------------------
/1.PNG:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/arbazkiraak/certasset/7b9161f85e13b91de5ef9c5c649bf53ff9047208/1.PNG


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # certasset
 2 | Small Python rough Script which Takes ip range => check if port 443 is open on each ip => Scan all SSL Certs => Grab Cnames Domain...
 3 | 
 4 | default - 100 Threads 
 5 | 
 6 | https://medium.com/@arbazhussain/gathering-domains-subdomains-with-ipranges-of-organization-49362d8a1271
 7 | 
 8 | ### Usage : 
 9 | 
10 | python subs_cert.py <iprange>
11 |   
12 | ![alt text](https://raw.githubusercontent.com/arbazkiraak/certasset/master/1.PNG)
13 | 
14 | 
15 | Idea From : https://github.com/cheetz/sslScrape
16 | 


--------------------------------------------------------------------------------
/subs_cert.py:
--------------------------------------------------------------------------------
 1 | import sys,time
 2 | from socket import socket
 3 | import ssl,masscan
 4 | import M2Crypto
 5 | import OpenSSL,xml,threading
 6 | vers = sys.version[0]
 7 | if vers == "2":
 8 |     import Queue as queue
 9 | else:
10 |     import queue as queue
11 | 
12 | q = queue.Queue()
13 | final_res = []
14 | 
15 | try:
16 |     ip_range = sys.argv[1]
17 | except:
18 |     print('Usage: python subs_cert.py <IPRANGE>')
19 | subs_ssl = []
20 | 
21 | try:
22 |     mas = masscan.PortScanner()
23 |     mas.scan(ip_range,ports='443')
24 |     for host in mas.all_hosts:
25 |         subs_ssl.append(host)
26 | except (xml.etree.ElementTree.ParseError,masscan.masscan.NetworkConnectionError) as e:
27 |     print('Probably iprange\'s is not valid/down')
28 |     pass
29 | 
30 | def process_cert_subs(i):
31 |     try:
32 |         cert = ssl.get_server_certificate((str(i), 443))
33 |         x509 = M2Crypto.X509.load_cert_string(cert)
34 |         cert_val = x509.get_subject().as_text()
35 |         cnames = cert_val.split('CN=')[1]
36 |         if len(cnames) > 0:
37 |             print(cnames)
38 |     except SSLEOFError as e:
39 |         pass
40 | 
41 | def process_queue():
42 |     while not q.empty():
43 |         current_ip = q.get()
44 |         process_cert_subs(current_ip)
45 |         q.task_done()
46 | 
47 | if len(subs_ssl) > 0:
48 |     for i in subs_ssl:
49 |         i = str(i)
50 |         i = i.strip('\n')
51 |         i = i.strip('\r')
52 |         q.put(i)
53 | else:
54 |     print('Empty ips.. Exiting..')
55 |     sys.exit(1)
56 | 
57 | for i in range(100):
58 |     t = threading.Thread(target=process_queue)
59 |     t.start()
60 | 


--------------------------------------------------------------------------------