crt.sh is a web-based tool for searching Certificate Transparency (CT) logs. It allows users to discover SSL/TLS certificates that have been issued for a given domain, organization, or other identity.
Key Features:
- Certificate Search: Search for certificates by domain name, organization name, SHA-1 fingerprint, SHA-256 fingerprint, or crt.sh ID.
- CT Log Monitoring: Identify potentially rogue or mis-issued certificates.
- Subdomain Discovery: Uncover subdomains associated with a target domain.
- Historical Certificate Data: Access historical certificate issuance records.
Use Cases:
- Security Audits: Verify the validity and authenticity of SSL/TLS certificates.
- Domain Monitoring: Track certificate issuance for your domains to detect unauthorized certificates.
- Incident Response: Investigate certificate-related security incidents.
- Reconnaissance: Gather information about a target organization's infrastructure.
