crtsher

A tool used to grab domains from certificate transparency logs (crt.sh). Supports both direct database access and HTTP API with automatic fallback.

Why another crt.sh tool?

Unlike other tools that often make a single request to crt.sh, this tool is designed to handle the inherent slowness and unreliability of crt.sh. It uses direct PostgreSQL database access for faster queries with automatic fallback to HTTP API when needed.

Installation

Requires Go 1.20 or later.

go install github.com/root4loot/cmd/crtsher@latest

Docker

git clone https://github.com/root4loot/crtsher
cd crtsher
docker run --rm -it $(docker build -q .) example.com

Usage

Usage: crtsher [options] <domain | orgname> 
  -f, --file <file>           Specify input file containing targets, one per line.
  -t, --timeout <seconds>     Set the timeout for each request (default: 90).
  -c, --concurrency <number>  Set the number of concurrent requests (default: 3).
      --debug                 Enable debug mode.
      --version               Display the version information.
      --help                  Display this help message.

Search Query Identity:
  - Domain Name
  - Organization Name

Examples:
  crtsher example.com
  crtsher "Hackerone Inc"
  crtsher --file domains.txt

Example Running

$ crtsher example.com
[crtsher] (INF) Querying example.com
[crtsher] (RES) www.example.org
[crtsher] (RES) hosted.jivesoftware.com
[crtsher] (RES) uat3.hosted.jivesoftware.com
[crtsher] (RES) www.example.com
[crtsher] (RES) example.com

As a Library

See the examples folder for usage examples.

Contributing

See CONTRIBUTING.md