Skip to main content

ct-exposer

The ct-exposer tool is utilized within Canva workflows to retrieve domain information from Certificate Transparency logs. It plays a crucial role in the reconnaissance phase of security assessments, helping organizations identify and verify potential exposure of their domains.

Ideal Use Cases & Fit

This tool excels in scenarios where a comprehensive discovery of domain-related certificates is required. Specifically, it is beneficial for security teams engaging in:

  • Verifying domain ownership and SSL/TLS certificate validity.
  • Identifying unauthorized certificates issued for company domains.
  • Compiling data for threat intelligence regarding domain exposure.

ct-exposer is not recommended for real-time monitoring or incident response, as it focuses primarily on querying historical data.

Value in Workflows

By integrating ct-exposer into automated security workflows, organizations can streamline their reconnaissance efforts. It adds substantial value by:

  • Enhancing early-stage evaluations of domain security.
  • Providing actionable insights for post-processing and reporting.
  • Reducing manual effort in gathering certificate data, allowing teams to focus on analysis rather than collection.

Input Data

The ct-exposer requires input in the form of a file containing a list of domains. This input should adhere to the following specifications:

  • Format: Text file listing each domain on a new line.
  • Function: Serves as the target for the queries.
  • Required: Yes
  • Example: A file named domains.txt containing entries like: 
    example.com
    testexample.com

Configuration

  • target: Specifies the list of domains to be queried, which must be provided in file format.
  • timeout: Defines the maximum allowed time for the tool to execute, ensuring a complete query within the designated duration (3600 seconds).