安全协议>> certstream-sniffer>> 返回
项目作者: anroots

项目描述 :
Use Certificate Transparency Logs to discover new domains
高级语言: Python
项目地址: git://github.com/anroots/certstream-sniffer.git
创建时间: 2019-04-22T18:06:36Z
项目社区:https://github.com/anroots/certstream-sniffer
开源协议:
下载


certstream-sniffer

Use Certificate Transparency Logs to discover new domains.

Architecture

certstream_listener.py connects to a live stream of CT log events. Operator defines interesting top level domains
(.com, .eu etc) and when a new cert for a domain under these TLD-s is found, it gets pushed to the attached Redis
database with a short TTL (5 minutes by default).

webserver.py serves a simple JSON API that queries Redis and displays existing domain names out.

You are meant to periodically (once a minute) scrape the web API to get a list of potentially new domains.
Domains in the list are automatically garbage collected by Redis once TTL is over.

Usage

  1. $ docker-compose build
  2. $ docker-compose up
  3. $ curl --silent --user cert:sniffer http://localhost:8080/get-domains | jq

API Doc

/get-domains

Returns a list of domain names that were discovered from CT logs. The list changes as Redis gets updated with
new domains by certstream_listener; or when existing keys expire.

Request

  • Args: none
  • Auth: Basic auth

Response

  1. [
  2.   {
  3.     "domain": "google.com"
  4.   },
  5.   {
  6.     "domain": "sqroot.eu"
  7.   }
  8. ]

License

MIT license